Since China’s Cybersecurity Law came into effect in June of 2017, the government has implemented a series of cybersecurity regulations with wide-ranging consequences for foreign and domestic companies operating in China.
Eighty-two percent of US-China Business Council (USCBC) members are concerned about China’s approach to information flows and technology security, as reported in USCBC’s 2017 member survey. This is largely due to the impact these new cybersecurity policies have on companies’ ability to conduct day-to-day business. Chinese policies concerning investment, data export, product security reviews and critical information infrastructure affect the operations of both foreign and domestic companies in ways unseen in other markets. These policies constrain companies’ use of global best practices, and limit their ability to employ technology solutions that combine operational efficiency with globally-proven technological safeguards. These policies also make it difficult for companies to exchange information used to combat security threats, creating conditions that make both consumers and businesses less safe.
USCBC has developed recommendations aimed at addressing the specific obstacles companies face when using information technology in China. These recommendations are based on extensive interviews with company technology officers and provide potential solutions that balance operational and security needs. They are meant to constructively address the concerns of the Chinese government and enterprises in a practical manner. USCBC appreciates the chance to put forward these recommendations and would welcome the opportunity to discuss them further with Chinese regulators.
Read the full report here.