China's cybersecurity law actually makes companies more — not less — vulnerable to hackers, the U.S.-China Business Council said Sunday in a report recommending a host of changes to the country's specialized rules for foreign firms operating in China. "International companies use global technology platforms to maximize the efficiency, security, and interoperability of their systems and operations around the world," Council President John Frisbie said. "Implementing unique technology for a single country in a global network will increase the risks that a company's systems could be infiltrated or compromised."
The report, in one example of how it says China's law makes companies more vulnerable, cites requirements for using local encryption algorithms, which might be incompatible with international standards. It recommends China use a narrow definition of "national security" as it applies to storage and transfer of information in order to keep companies from accidentally violating the law. It also recommends that both foreign and local companies be allowed to offer cloud services.