New Cybersecurity Rules Give Regime Control of Data Outside China

The U.S. government is “very concerned” about China’s new cybersecurity measures that put American companies at risk of losing sensitive data.

Beijing enacted in October 2019 a cryptography law that came into effect on Jan. 1. The new legislation, combined with comprehensive cybersecurity measures China has been passing in the past several years, creates a suite of challenges for foreign companies operating in the country.

“We’re very concerned about laws like we’re seeing—like that one in China,” Robert Strayer, the deputy assistant secretary of state for cyber and international communications and information policy, said Jan 10 at a press briefing.

The companies will be required to turn over encryption keys, which are crucial to protect the confidentiality of information transmitted and stored on networks, making networks transparent to the Chinese communist regime.

The new rules should alarm telecom operators around the world, Strayer said, as the measures would allow Beijing to have “access to the data that’s residing on the networks that would be then in a third country, say in Europe or somewhere else.”