China’s Cybersecurity Law Challenges Foreign Companies To Accelerate Their Digital Transformation

Charlie Dai
Principal Analyst
November 8, 2016

On November 7, China’s top legislature adopted a cybersecurity law to safeguard the sovereignty on cyberspace, national security, and the rights of citizens. The law has seven chapters that define specific regulations in various areas, such as network operational security (including key IT infrastructure), network information security, monitoring, alerting, and emergency situation handling as well as related legal responsibilities.

Some critics, especially those in Europe and the United States, continue to read too much into the negative impact of this legislation. I believe that it’s the reasonable move for the Chinese government to make in order to balance national security, citizen privacy, and economic openness. Foreign players in the Chinese market must revisit their local strategy and accelerate their digital transformation if they don’t want to miss the increasing needs and new opportunities regarding security and privacy:

  • The cybersecurity law has substantial advantages that benefit cybercitizens. For example, for the first time, the Chinese government requires that vendors providing cyberproducts and cyberservices must make clarifications to users and attain their approvals before they collect personal information. The new law also regulates that if companies leak or illegally sell personal information to third parties, they must bear legal responsibilities accordingly. These regulations mark a critical milestone in China’s journey toward personal privacy protection, and they are also important for consumers in the world’s largest market to protect themselves against internet fraud and spam messages.
  • The legislation introduces more business opportunities for foreign tech vendors. The cybersecurity law emphasizes the importance of protecting key information infrastructure, including public communication and information services, utilities, transportation, finance, and government. It also encourages the development of technologies for network data security protection and utilization. The leading-edge technologies of global vendors in various areas, such as cloud computing, big data infrastructure, deep learning, and data security, will be very helpful to achieve these goals if seamless partnerships are in place.
  • Foreign tech vendors must accelerate transformation in their local strategy. In January 2015, Forrester provided strategic recommendations for building a localization strategy — as the Chinese government has changed how it evaluates technology suppliers in light of national security considerations as a result of the NSA leaks, enterprises must take a holistic view in setting up a localization strategy. This new legislation is a clear signal to foreign tech vendors that they must accelerate their transformation of a go-to-market strategy in China. Understanding local trends and the vendor landscape is a good start.

National security will always be critical for any country, and mutually beneficial relationships will always be important for the whole world. With the election of a new president in the United States, a new chapter will begin, and I hope people in every country will understand and trust each other more —for a better world tomorrow.


Related Posts