China’s Great Firewall Remains Shut to Noncompliant U.S. Tech Firms

By Trevor Schmitt

Picture: Great Wall of China License: Creative Commons 

China’s Great Firewall will remain closed to companies which choose not to conform to China’s online censorship and oversight laws. Chinese regulators announced last month at a conference in Geneva that Google and Facebook must adhere to local law if they want access to all 751 million of mainland China’s internet users. Google, Facebook, and Twitter are among the companies currently blocked from providing services in mainland China.

According to Qi Xiaoxia, Director of the Bureau of International Cooperation at the Cyberspace Administration of China, if the companies choose to comply with Chinese law, they will be allowed access to the county’s massive online market. Speaking before the Internet Governance forum at the U.N.’s European headquarters, Qi Xiaoxia went on to note that “[t]he condition is that they have to abide by Chinese law and regulations. That is the bottom line. And also, that they would not do any harm to Chinese national security and national consumers’ interests.”

Considered one of the most comprehensive legislative acts in Chinese history, mainland China’s cybersecurity law went into effect just six months ago. The law’s primary purpose is to allow Chinese officials unfettered access into the digital lives of their population. Among the law’s many provisions, tech companies must store Chinese data locally, submit to data surveillance, and provide censorship tools to prevent users from subverting the government’s sovereignty over expression.

The law also provides Chinese officials with the power to conduct “national security reviews” of technology that companies want to use or sell in the Chinese market. These security reviews may allow China to identify weaknesses in foreign technology security to exploit in their own intelligence gathering, according to a report by the Insikt Group.

Violators of the law face fines of up to 1 million Yuan (~$150,000) or even potential criminal charges.

Reactions among U.S. technology executives haven been overtly negative according to a new survey conducted by the U.S.-China Business Council. Of the respondents surveyed, 82% noted that they “are concerned about the impact of China’s cyber and data regulations.”

Driving this concern is the fear that Chinese oversight may put their intellectual property at risk. Early in December, at China’s state-sponsored World Internet Conference in Wuzhen, representatives from 60 foreign technology companies and trade groups expressed concerns over China’s “national security reviews.” According to the representatives, extensive review of their network equipment could reveal proprietary source code putting their trade secrets at risk.

In 2016, internet watchdog firm Freedom House placed China as the world’s “worst abuser of internet freedom” for the second consecutive year.

Despite these concerns, some companies are moving forward with compliance. Shortly after the law went into effect, Apple Inc. announced plans to build a new data center in mainland China in order to conform with the law’s data localization requirements. Since that announcement, Apple has taken down hundreds of apps at the request of Chinese officials, including Microsoft’s Skype, from its online store. Many of the removed apps enabled users in mainland China to access virtual private networks (VPNs), a means of evading censorship.

Apple’s close relationship with Chinese regulators has not gone unnoticed. In an open letter following Apple’s removal of the VPN apps, U.S. Senators Patrick Leahy (D-Vermont) and Ted Cruz (R-Texas) asked the iPhone giant to “push back” on China’s control over free expression. According to the letter, companies like apple “have both an opportunity and a moral obligation to promote freedom of expression and other basic human rights.”

In any event, the position of Chinese regulators remains clear. According to Qi Xiaoxia, “[w]e are of the idea that cyberspace is not a space that is ungoverned. We need to administer, or supervise, or manage, the internet according to law.” And if foreign tech companies want access to mainland China’s digital market, they will have to comply with China’s laws.