How will China’s GDPR-like Cybersecurity Law impact business?

How will China’s GDPR-like Cybersecurity Law impact business?

China’s new Cybersecurity Law (CSL) might have been a long-time coming, but it’s all set to have a major impact on the way foreign firms do business in the Middle Kingdom. This being China, however, nothing is quite as it first appears. A law ostensibly created to bring China into line with global best practices on cybersecurity could end up having the opposite effect if the government decides to ask for IP, source code and other details as part of ‘national security’ spot-checks.

It could even run the risk of many such firms being shunned in the West and raise concerns that Chinese agents are stockpiling exploits in their products and systems.


Improving security standards

The Cyberspace Security Law of the People's Republic of China, to give it its full title, finally came into force in June this year. On paper, it contains some important best practice provisions for “network operators” to prevent data leaks and breaches and any damage or unauthorised access. These are neatly summarised by the China Law Blog as:

  • Appoint dedicated network security personnel and develop internal security management systems/policies
  • Adopt measures to prevent computer viruses, cyber-attacks, network intrusions etc.
  • Set-up network logs and ensure you retain them for at least six months
  • Classify, back up and encrypt important data

There are also some important new stipulations designed to protect consumer data, some of which overlap with the new EU GDPR:

To continue reading...

Please login or register to view your article. If you do not have or do not remember your password, please click on the “Forgotten your password?” link at the bottom.
If you do not yet have a password but are an existing user, please use the “Forgotten your password?


«Edge computing 101: A CIO demystification guide


How business drones can be deployed way beyond delivery»
Phil Muncaster

Phil Muncaster has been writing about technology since joining IT Week as a reporter in 2005. After leaving his post as news editor of online site V3 in 2012, Phil spent over two years covering the Asian tech scene from his base in Hong Kong. Now back in London, he always has one eye on what's happening out East.

  • twt

Add Your Comment

Recommended for You


US ‘hacking back’ law could create a cyber wild west of vigilantism

Dan Swinhoe casts a critical eye on the future


A c-suite guide to blockchain 2018

Kathryn Cave looks at the big trends in global tech

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



If it were legal, would your organization hack back?