On November 7, China’s top legislature adopted a cybersecurity law to safeguard the sovereignty on cyberspace, national security, and the rights of citizens. The law has seven chapters that define specific regulations in various areas, such as network operational security (including key IT infrastructure), network information security, monitoring, alerting, and emergency situation handling as well as related legal responsibilities.
Some critics, especially those in Europe and the United States, continue to read too much into the negative impact of this legislation. I believe that it’s the reasonable move for the Chinese government to make in order to balance national security, citizen privacy, and economic openness. Foreign players in the Chinese market must revisit their local strategy and accelerate their digital transformation if they don’t want to miss the increasing needs and new opportunities regarding security and privacy:
- The cybersecurity law has substantial advantages that benefit cybercitizens. For example, for the first time, the Chinese government requires that vendors providing cyberproducts and cyberservices must make clarifications to users and attain their approvals before they collect personal information. The new law also regulates that if companies leak or illegally sell personal information to third parties, they must bear legal responsibilities accordingly. These regulations mark a critical milestone in China’s journey toward personal privacy protection, and they are also important for consumers in the world’s largest market to protect themselves against internet fraud and spam messages.