China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet

from the also-religion,-culture,-space,-the-ocean,-etc. dept

It appears the Chinese government is concerned it doesn’t censor the internet enough already.

China has adopted a new national security law that aims to make internet, IT infrastructure and systems, and data in certain sectors “secure and controllable”, state-owned news agency Xinhua said in a notice on the National People’s Congress (NPC) website.

More control of the world’s greatest communication tool is what’s being sought, despite its best efforts to deflect this inevitable conclusion with the deployment of impenetrable jargon.

Zheng Shuna of the NPC’s Legislative Affairs Commission told reporters that cyberspace sovereignty is “the embodiment and extension of national sovereignty” and an important part of national infrastructure, Xinhua said in a separate report.

This is more of the same for China, which has sought increased control of the internet for years. It has also shifted towards hardware homogeneity — partially due to the state’s protectionist tendencies, as well as strong hints that foreign hardware is arriving on its shores pre-compromised by intelligence services.

It’s not just the hardware. It’s also the information flowing to and from it. China can certainly restrict imports of IT hardware and regulate internal infrastructure and systems, but the internet is much more ethereal and, for the most part, can’t be stopped at the borders and searched for violations of Chinese sovereignty.

But that’s not all the Chinese government is seeking to control.

As well as cyber security, the law covers defence, finance, science and technology, culture, religion, space, ocean depths and polar regions.

And, in only the way one can when defending a very powerful state that takes a dim view of dissension (read: sends out the tanks), the Commission’s spokesperson has provided a completely incredulous statement attempting to downplay the power grab.

Zheng rejected suggestions that the definition was “too broad”, Xinhua said.

One shudders to think what China’s NPC Commission would consider to be “too broad.” But as worrying as China’s martial-law-but-with-computers push is, the law seems resistant to interpretation. (Presumably intentionally…)

Hong-Kong based Jolene Reimerson of Pinsent Masons, the law firm behind, said: “It is not yet clear how China intends to ‘ensure cyberspace security’ or to make the internet and data ‘secure and controllable’ under the new national security law.”

It is probably not clear to the Chinese government, either, as much of the control sought will remain mostly out of its grasp. The new law doesn’t specify what domestic IT providers will have to do to comply with the government’s unstated demands, but considering its recent attempts to codify hardware/software backdoors, it will problably be something along these lines.

“Secure and controllable data” seems almost noble when placed into certain contexts, but tying it to national security and expanding the coverage to include the internet certainly isn’t. “Security” and “control” aren’t strange bedfellows. The first is often used to justify the latter. China isn’t the only country to expand government powers and domestic surveillance in the name of “security.” (In fact, you could replace the word “China” in this article’s headline with the name of almost any large Western country and it would be equally unsurprising.) It just doesn’t bother with the nicety of pretending to care about its citizens’ rights.

There’s some lip service being paid to “cooperation” with other countries for better cybersecurity, but the official talking points discuss things like “establishing a multilateral, democratic and transparent international Internet management system.” It only sounds promising if you ignore China’s multiple attempts to censor the internet. Or its own statements on the new law:

“Internet space within the People’s Republic of China is subject to the country’s sovereignty,” [Zheng] said.

“Cooperation” in this context presumably means other countries and their internet-based platforms being asked to comply with filtering and blocking orders or risk losing access to a very large market. When the Chinese government says “multilateral,” it’s just saying it wants one internet for its people and one internet for the rest of the world and an impenetrable wall between them.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Great article, Tim!

“establishing a multilateral, democratic and transparent international Internet management system.”

My take is that that’s not lip service, nor them seeking for china’s firewall/policy to exist outside of china- that’s them saying they’d rather all the governments use (and know how to subvert) the same backdoors.

Much easier/cheaper to use US backdoors then having to reverse engineer everything and come up with their own ecosystem of copycat systems. This is hints of desire for a sort of longshot, unspoken, cyber disarmament agreement- though just like nuclear disarmament it wouldn’t mean no nationstate cyber wmd’s.

@#1 pre-compromised may be semantically incorrect (not really sure) but the meaning seams clear and useful- hardware that is ready for easy active compromise by nation state. In contrast to full compromise, such (pre)compromise may be passive, and never come to fruition absent a specific trigger; which authoritarians will of course use to argue that it’s not compromised in the first place.

Graham says:

Re: Re:

“establishing a multilateral, democratic and transparent international Internet management system.”

This isn’t about backdoors. China is playing a longer game than that. China is one of the states most firmly pushing for the Internet to come under the control of governments (and only governments). They are pushing for the UN and/or the ITU (both of which are run by governments) to control the Internet. If they achieve that, they can then use the paranoia of most states to spread their vision of strict controls, by governments, on use of the Internet.

At the moment, the statists are not winning – non-governmental organisations (NGOs), civil society groups, corporations and expert groups are all involved (as well as governments) in what is often known as a multi-stakeholder process. The US government currently supports that model (which is why it is trying to make sure ICANN does not end up controlled by a governmental group).

However, the debate is ongoing, and China and other countries often make statements about “bringing the Internet under democratic control” which is code for control by governments, without the need to involve the other stakeholders.

If you are interested in this, I suggest joining the Internet Society (it is free and open to everyone) and joining the Internet Policy mailing list. You might also enjoy the iversity course on “Public Privacy: Cyber Security and Human Rights”.

Anonymous Coward says:

and China hasn’t had any encouragement from the likes of the USA, UK and almost everywhere else that STILL say they support freedom and privacy! why not just tell the truth and say you cant bear anyone talking to anyone else, viewing and/or listening to something else etc etc without you knowing about it.
i’m waiting to see what sort of comment that idiot Cameron in the UK comes out with! he was supposedly trying to get China to introduce more Freedom and privacy when he went there for talks. then does worse than China does! not exactly a very fitting example, is it!!

Stephen says:

Invasions in Cyberspace

“…cyberspace sovereignty is “the embodiment and extension of national sovereignty” and an important part of national infrastructure…”

Interesting argument.

Does that mean that when Chinese hackers, possibily associated with the Chinese government, infiltrated and stole files from the US Office of Personnel Management (OPM) they were transgressing the “national sovereignty” of the United States?

If so that action could be construed as an invasion, and therefore as such an act of war.

(Not that the US is in any position to complain, mind you, given the antics of the NSA. In particular, re Stuxnet and Iran.)

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...