This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Written by Dr Martina Gerst, Market Access Advisor, EU SME centre
Starting from 1 June 2017, China will be implementing its new Cybersecurity Law (“CSL”), a sign the Chinese government attempts to reinforce its regulations in this aspect which will impact all businesses operating in the country.
This Law is China’s first comprehensive regime on cyber security. According to the European Chamber of Commerce in China (EUCCC), it will have far-reaching implications on data storage, cross-border transfer of personal and customer data as well as business information.
The CSL defines several so-called “Key Infrastructures” or key industries that are related to “national security, national economy, citizen’s wellbeing, and public interests”, including reference to “public communication, information service, energy, transportation, finance, public service, electronic government affairs”.
Data possessed by organisations in those industries must be stored within China, as they are considered to be crucial to the national security according to the new law.
Furthermore, these key industries have to use products and services that have passed a security examination. In addition, the international transfer of information for commercial purposes will be scrutinised at the discretion of competent authorities. However, precise measures and criteria on how this will be conducted are yet not clear.
More questions remain to be answered under this new law. And before the CSL becomes effective, further implementation guidelines are expected to be published.
Before the CSL becomes effective, European companies which might fall under the category of “key industries” can start to prepare themselves and consider internal implementation measures related to data storage and protection, transmission and network security in China.
The EU SME Centre in Beijing will continue to follow on further legal developments on this issue and provide more updates for SMEs.
To contact us, please send your enquiry via our Ask-the-Expert channel and select Standards & Conformity.
Further reading