China Passes New Security Law to Tighten Control of Cyber Security

The National Security Law has just been passed by China amid increasing concerns over the national security situation in the country, officials said. The law among several other regulatory moves and mandates has left pro-privacy advocates and foreign businesses operating in the country worried, according to a report from the Washington Times.

The ruling Communist party headed by President Xi Jinping have taken a hardline stance on cybersecurity since coming to power in 2013.

The new National Security Law

The National People’s Congress (NPC) passed the National Security Law with a total majority of 154 votes to none. The law confirms a stronger presence of the Chinese Government over the internet, with tougher measures to be taken against hacking attacks, data-breaches and spread of illegal and/or harmful information.

“China’s national security situation has become increasingly severe,” said Zheng Shuna, a senior official at the National People’s Congress.

China says it is long-standing target for cyberattacks and hackers. These claims served as fodder for the new law, giving the Communist Party more control over cyberspace. This gives the state an expanded authority to block any online content that’s to be deemed subversive or illegal.

Zheng added that China was under vast pressure locally within the country to uphold and maintain its national sovereignty and handle “political security and social security, while dealing with internal society”.

State run news agency Xinhua said in no unclear terms that the law vows to “protect people’s fundamental interests, (including) sovereignty, unification, territorial integrity (and) sustainable development”.

Specifically referring to internet governance and cybersecurity, the law states that:

  • Internet needs to be “secure and controllable”, which can be seen as a red flag for technology giants such as Google, Apple and other foreign companies operating in China.
  • Critical infrastructure, important systems and data must also be controlled in order to protect the country’s sovereignty over its cyberspace.

Zheng expanded on this, saying that the internet in China, which is already regulated and under censorship represents a “significant infrastructure facility of the country”. Furthermore, the new law gives the ruling Communist Party a solid footing to expand on “the management of internet activities on China’s territory and the resisting of activities that undermine China’s cyberspace security”.

Cybersecurity and China

Although recent strides have been made to improve the bilateral relationship on cybersecurity between the U.S. and China, the latter has consistently been accused of harboring and funding state-run hacking attacks directed at governments and organizations around the world. A recent, significant breach that resulted in the data theft of millions of federal employees in the U.S also had fingers being pointed at Beijing, although Chinese officials have steadfastly and repeatedly denied such accusations.

Significantly, a new anti-terrorism proposal that’s being brandied in China may require internet companies, service providers and network operators vying for apiece of the $465 billion technology market in China to help the Chinese authorities with encryption keys, forcing data to be stored within China, leading rise to new concerns over privacy and data security.