China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet

from the also-religion,-culture,-space,-the-ocean,-etc. dept

It appears the Chinese government is concerned it doesn't censor the internet enough already.

China has adopted a new national security law that aims to make internet, IT infrastructure and systems, and data in certain sectors "secure and controllable", state-owned news agency Xinhua said in a notice on the National People's Congress (NPC) website.
More control of the world's greatest communication tool is what's being sought, despite its best efforts to deflect this inevitable conclusion with the deployment of impenetrable jargon.
Zheng Shuna of the NPC's Legislative Affairs Commission told reporters that cyberspace sovereignty is "the embodiment and extension of national sovereignty" and an important part of national infrastructure, Xinhua said in a separate report.
This is more of the same for China, which has sought increased control of the internet for years. It has also shifted towards hardware homogeneity -- partially due to the state's protectionist tendencies, as well as strong hints that foreign hardware is arriving on its shores pre-compromised by intelligence services.

It's not just the hardware. It's also the information flowing to and from it. China can certainly restrict imports of IT hardware and regulate internal infrastructure and systems, but the internet is much more ethereal and, for the most part, can't be stopped at the borders and searched for violations of Chinese sovereignty.

But that's not all the Chinese government is seeking to control.
As well as cyber security, the law covers defence, finance, science and technology, culture, religion, space, ocean depths and polar regions.
And, in only the way one can when defending a very powerful state that takes a dim view of dissension (read: sends out the tanks), the Commission's spokesperson has provided a completely incredulous statement attempting to downplay the power grab.
Zheng rejected suggestions that the definition was "too broad", Xinhua said.
One shudders to think what China's NPC Commission would consider to be "too broad." But as worrying as China's martial-law-but-with-computers push is, the law seems resistant to interpretation. (Presumably intentionally…)
Hong-Kong based Jolene Reimerson of Pinsent Masons, the law firm behind Out-Law.com, said: "It is not yet clear how China intends to 'ensure cyberspace security' or to make the internet and data 'secure and controllable' under the new national security law."
It is probably not clear to the Chinese government, either, as much of the control sought will remain mostly out of its grasp. The new law doesn't specify what domestic IT providers will have to do to comply with the government's unstated demands, but considering its recent attempts to codify hardware/software backdoors, it will problably be something along these lines.

"Secure and controllable data" seems almost noble when placed into certain contexts, but tying it to national security and expanding the coverage to include the internet certainly isn't. "Security" and "control" aren't strange bedfellows. The first is often used to justify the latter. China isn't the only country to expand government powers and domestic surveillance in the name of "security." (In fact, you could replace the word "China" in this article's headline with the name of almost any large Western country and it would be equally unsurprising.) It just doesn't bother with the nicety of pretending to care about its citizens' rights.

There's some lip service being paid to "cooperation" with other countries for better cybersecurity, but the official talking points discuss things like "establishing a multilateral, democratic and transparent international Internet management system." It only sounds promising if you ignore China's multiple attempts to censor the internet. Or its own statements on the new law:
"Internet space within the People's Republic of China is subject to the country's sovereignty," [Zheng] said.
"Cooperation" in this context presumably means other countries and their internet-based platforms being asked to comply with filtering and blocking orders or risk losing access to a very large market. When the Chinese government says "multilateral," it's just saying it wants one internet for its people and one internet for the rest of the world and an impenetrable wall between them.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Ehud Gavron (profile), 8 Jul 2015 @ 2:52pm

    pre-compromised

    Hardware doesn't arrive pre-compromised (compromised before being compromised). It's either compromised (yes, it is) or it's not.

    E

    reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 8 Jul 2015 @ 2:54pm

    Punchline

    And the 'best' part of course is that none of the other major countries can object without exposing their hypocrisy, meaning every last one of them is likely to stay silent as China cracks down even more on their citizens and their communications and access to data.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jul 2015 @ 4:05pm

    Great article, Tim!

    "establishing a multilateral, democratic and transparent international Internet management system."


    My take is that that's not lip service, nor them seeking for china's firewall/policy to exist outside of china- that's them saying they'd rather all the governments use (and know how to subvert) the same backdoors.

    Much easier/cheaper to use US backdoors then having to reverse engineer everything and come up with their own ecosystem of copycat systems. This is hints of desire for a sort of longshot, unspoken, cyber disarmament agreement- though just like nuclear disarmament it wouldn't mean no nationstate cyber wmd's.

    @#1 pre-compromised may be semantically incorrect (not really sure) but the meaning seams clear and useful- hardware that is ready for easy active compromise by nation state. In contrast to full compromise, such (pre)compromise may be passive, and never come to fruition absent a specific trigger; which authoritarians will of course use to argue that it's not compromised in the first place.

    reply to this | link to this | view in chronology ]

    • identicon
      Graham, 9 Jul 2015 @ 9:49am

      Re:

      "establishing a multilateral, democratic and transparent international Internet management system."


      This isn't about backdoors. China is playing a longer game than that. China is one of the states most firmly pushing for the Internet to come under the control of governments (and only governments). They are pushing for the UN and/or the ITU (both of which are run by governments) to control the Internet. If they achieve that, they can then use the paranoia of most states to spread their vision of strict controls, by governments, on use of the Internet.

      At the moment, the statists are not winning - non-governmental organisations (NGOs), civil society groups, corporations and expert groups are all involved (as well as governments) in what is often known as a multi-stakeholder process. The US government currently supports that model (which is why it is trying to make sure ICANN does not end up controlled by a governmental group).

      However, the debate is ongoing, and China and other countries often make statements about "bringing the Internet under democratic control" which is code for control by governments, without the need to involve the other stakeholders.

      If you are interested in this, I suggest joining the Internet Society (it is free and open to everyone) and joining the Internet Policy mailing list. You might also enjoy the iversity course on "Public Privacy: Cyber Security and Human Rights".

      reply to this | link to this | view in chronology ]

  • icon
    Sheogorath (profile), 8 Jul 2015 @ 4:29pm

    Chinese government: "Your Internet are belong to us."

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Jul 2015 @ 5:07pm

    I still think the Internet should be its own sovereign nation.

    reply to this | link to this | view in chronology ]

  • icon
    ahow628 (profile), 8 Jul 2015 @ 6:30pm

    Come on, Silicon Valley!

    Dear America,

    If China can do it, why can't Silicon Valley?!?

    Love,
    Dir. Comey

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jul 2015 @ 12:13am

    At least their oppression legalizing laws are made public...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jul 2015 @ 4:06am

    Just another govrnment on a long list

    reply to this | link to this | view in chronology ]

  • identicon
    thomas, 9 Jul 2015 @ 4:31am

    control your reputation on internet

    control your reputation on internet.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jul 2015 @ 6:28am

    and China hasn't had any encouragement from the likes of the USA, UK and almost everywhere else that STILL say they support freedom and privacy! why not just tell the truth and say you cant bear anyone talking to anyone else, viewing and/or listening to something else etc etc without you knowing about it.
    i'm waiting to see what sort of comment that idiot Cameron in the UK comes out with! he was supposedly trying to get China to introduce more Freedom and privacy when he went there for talks. then does worse than China does! not exactly a very fitting example, is it!!

    reply to this | link to this | view in chronology ]

  • identicon
    Stephen, 9 Jul 2015 @ 8:34am

    Invasions in Cyberspace

    "...cyberspace sovereignty is "the embodiment and extension of national sovereignty" and an important part of national infrastructure..."
    Interesting argument.

    Does that mean that when Chinese hackers, possibily associated with the Chinese government, infiltrated and stole files from the US Office of Personnel Management (OPM) they were transgressing the "national sovereignty" of the United States?

    If so that action could be construed as an invasion, and therefore as such an act of war.

    (Not that the US is in any position to complain, mind you, given the antics of the NSA. In particular, re Stuxnet and Iran.)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Jul 2015 @ 1:36pm

    The comment section of this article counts as evidence that Putin's Shill Army is real. Note the lack of comments defending China's actions on the basis that other governments do similar things. Remember this.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.