China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet
from the also-religion,-culture,-space,-the-ocean,-etc. dept
It appears the Chinese government is concerned it doesn’t censor the internet enough already.
China has adopted a new national security law that aims to make internet, IT infrastructure and systems, and data in certain sectors “secure and controllable”, state-owned news agency Xinhua said in a notice on the National People’s Congress (NPC) website.
More control of the world’s greatest communication tool is what’s being sought, despite its best efforts to deflect this inevitable conclusion with the deployment of impenetrable jargon.
Zheng Shuna of the NPC’s Legislative Affairs Commission told reporters that cyberspace sovereignty is “the embodiment and extension of national sovereignty” and an important part of national infrastructure, Xinhua said in a separate report.
This is more of the same for China, which has sought increased control of the internet for years. It has also shifted towards hardware homogeneity — partially due to the state’s protectionist tendencies, as well as strong hints that foreign hardware is arriving on its shores pre-compromised by intelligence services.
It’s not just the hardware. It’s also the information flowing to and from it. China can certainly restrict imports of IT hardware and regulate internal infrastructure and systems, but the internet is much more ethereal and, for the most part, can’t be stopped at the borders and searched for violations of Chinese sovereignty.
But that’s not all the Chinese government is seeking to control.
As well as cyber security, the law covers defence, finance, science and technology, culture, religion, space, ocean depths and polar regions.
And, in only the way one can when defending a very powerful state that takes a dim view of dissension (read: sends out the tanks), the Commission’s spokesperson has provided a completely incredulous statement attempting to downplay the power grab.
Zheng rejected suggestions that the definition was “too broad”, Xinhua said.
One shudders to think what China’s NPC Commission would consider to be “too broad.” But as worrying as China’s martial-law-but-with-computers push is, the law seems resistant to interpretation. (Presumably intentionally…)
Hong-Kong based Jolene Reimerson of Pinsent Masons, the law firm behind Out-Law.com, said: “It is not yet clear how China intends to ‘ensure cyberspace security’ or to make the internet and data ‘secure and controllable’ under the new national security law.”
It is probably not clear to the Chinese government, either, as much of the control sought will remain mostly out of its grasp. The new law doesn’t specify what domestic IT providers will have to do to comply with the government’s unstated demands, but considering its recent attempts to codify hardware/software backdoors, it will problably be something along these lines.
“Secure and controllable data” seems almost noble when placed into certain contexts, but tying it to national security and expanding the coverage to include the internet certainly isn’t. “Security” and “control” aren’t strange bedfellows. The first is often used to justify the latter. China isn’t the only country to expand government powers and domestic surveillance in the name of “security.” (In fact, you could replace the word “China” in this article’s headline with the name of almost any large Western country and it would be equally unsurprising.) It just doesn’t bother with the nicety of pretending to care about its citizens’ rights.
There’s some lip service being paid to “cooperation” with other countries for better cybersecurity, but the official talking points discuss things like “establishing a multilateral, democratic and transparent international Internet management system.” It only sounds promising if you ignore China’s multiple attempts to censor the internet. Or its own statements on the new law:
“Internet space within the People’s Republic of China is subject to the country’s sovereignty,” [Zheng] said.
“Cooperation” in this context presumably means other countries and their internet-based platforms being asked to comply with filtering and blocking orders or risk losing access to a very large market. When the Chinese government says “multilateral,” it’s just saying it wants one internet for its people and one internet for the rest of the world and an impenetrable wall between them.
Filed Under: china, control, cybersecurity, surveillance
Comments on “China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet”
pre-compromised
Hardware doesn’t arrive pre-compromised (compromised before being compromised). It’s either compromised (yes, it is) or it’s not.
E
Re: pre-compromised
Just like “your loan is pre-approved”, the prefix means “already”.
Punchline
And the ‘best’ part of course is that none of the other major countries can object without exposing their hypocrisy, meaning every last one of them is likely to stay silent as China cracks down even more on their citizens and their communications and access to data.
Re: Punchline
I figure the other major nations will be watching this development closely if only to take notes.
Great article, Tim!
My take is that that’s not lip service, nor them seeking for china’s firewall/policy to exist outside of china- that’s them saying they’d rather all the governments use (and know how to subvert) the same backdoors.
Much easier/cheaper to use US backdoors then having to reverse engineer everything and come up with their own ecosystem of copycat systems. This is hints of desire for a sort of longshot, unspoken, cyber disarmament agreement- though just like nuclear disarmament it wouldn’t mean no nationstate cyber wmd’s.
@#1 pre-compromised may be semantically incorrect (not really sure) but the meaning seams clear and useful- hardware that is ready for easy active compromise by nation state. In contrast to full compromise, such (pre)compromise may be passive, and never come to fruition absent a specific trigger; which authoritarians will of course use to argue that it’s not compromised in the first place.
Re: Re:
This isn’t about backdoors. China is playing a longer game than that. China is one of the states most firmly pushing for the Internet to come under the control of governments (and only governments). They are pushing for the UN and/or the ITU (both of which are run by governments) to control the Internet. If they achieve that, they can then use the paranoia of most states to spread their vision of strict controls, by governments, on use of the Internet.
At the moment, the statists are not winning – non-governmental organisations (NGOs), civil society groups, corporations and expert groups are all involved (as well as governments) in what is often known as a multi-stakeholder process. The US government currently supports that model (which is why it is trying to make sure ICANN does not end up controlled by a governmental group).
However, the debate is ongoing, and China and other countries often make statements about “bringing the Internet under democratic control” which is code for control by governments, without the need to involve the other stakeholders.
If you are interested in this, I suggest joining the Internet Society (it is free and open to everyone) and joining the Internet Policy mailing list. You might also enjoy the iversity course on “Public Privacy: Cyber Security and Human Rights”.
Chinese government: “Your Internet are belong to us.”
I still think the Internet should be its own sovereign nation.
Re: Re:
Internets are people my friend.
Re: Re:
That’s right.
That way, the “rulers” of that “nation” would have control over all access to/from that “nation”.
Would be a great way to completely centralize control of the internet..
Come on, Silicon Valley!
Dear America,
If China can do it, why can’t Silicon Valley?!?
Love,
Dir. Comey
At least their oppression legalizing laws are made public…
Just another govrnment on a long list
control your reputation on internet
control your reputation on internet.
and China hasn’t had any encouragement from the likes of the USA, UK and almost everywhere else that STILL say they support freedom and privacy! why not just tell the truth and say you cant bear anyone talking to anyone else, viewing and/or listening to something else etc etc without you knowing about it.
i’m waiting to see what sort of comment that idiot Cameron in the UK comes out with! he was supposedly trying to get China to introduce more Freedom and privacy when he went there for talks. then does worse than China does! not exactly a very fitting example, is it!!
Invasions in Cyberspace
Interesting argument.
Does that mean that when Chinese hackers, possibily associated with the Chinese government, infiltrated and stole files from the US Office of Personnel Management (OPM) they were transgressing the “national sovereignty” of the United States?
If so that action could be construed as an invasion, and therefore as such an act of war.
(Not that the US is in any position to complain, mind you, given the antics of the NSA. In particular, re Stuxnet and Iran.)
The comment section of this article counts as evidence that Putin’s Shill Army is real. Note the lack of comments defending China’s actions on the basis that other governments do similar things. Remember this.