China’s widely watched Cybersecurity Law, which takes effect on June 1, is not meant to limit the cross-border flow of information or hamper international trade, despite the concerns of some foreign institutes, the country’s cybersecurity watchdog said on May 31.
The law aims to safeguard national sovereignty in cyberspace and protect national security, “not to ban the flow of information or restrict overseas companies”, the Cyberspace Administration of China said in a written statement.
The law has received a lot of attention at home and abroad since its adoption by the top legislature in November.
Some of its stipulations－for example, requiring that personal information and important data collected by key information infrastructure operators on the Chinese mainland should be stored on the mainland; and internet products or services that might harm China’s national security must undergo a security check before they enter the market－have aroused concerns of possible information restriction and trade barriers.
The administration made it clear that the storage requirement applies only to infrastructure operators, which experts said mainly refers to telecom giants such as China Mobile and China Unicom, not all internet operators. Restricted data is that which is considered important to the country, instead of to companies or individuals.
If there is truly a need, data could be exported if it passes a security assessment, the statement said.
“Cross-border data flow has become a premise of economic globalization and a necessity to push forward the Belt and Road Initiative,” the statement said, adding that China is willing to cooperate and have discussions with the international community to promote the free and orderly flow of data.
In addition, the security check on products or services entering the market targets domestic and foreign producers, the administration said.
Wang Sixin, a law professor specializing in cybersecurity at Communication University of China, said that national security is the top priority of this legislation.
“There’s the possibility that some stipulations in the law may slow down certain procedures, but it’s worthwhile if it helps prevent harm to our national security,” he said.
Zuo Xiaodong, Vice-president of the China Information Security Research Institute, said that several related regulations to facilitate the law’s implementation are being discussed and will be unveiled within the year.
For instance, a guideline on how to define “important data” and how to send it overseas is being studied, while a draft rule to evaluate what kind of personal information can be released out of the country is currently undergoing public comment, he said.
“I believe the law will be more effective after such detailed regulations are made,” he added.