China Plans Security Checks for Tech Firms After U.S. Indictments
HONG KONG — A Chinese state agency that threatened retaliation after the United States obtained indictments of five People’s Liberation Army officerson charges of cyberespionage announced plans on Thursday for tighter checks on Internet technology companies that do business in China.
The agency, the State Internet Information Office, said the Chinese government would establish new procedures to assess potential security problems with Internet technology and services used by sectors “related to national security and the public interest,” reported Xinhua, the state-run news agency.
The announcement came three days after United States prosecutors laid out charges against the five Chinese military officers, accusing them of stealing sensitive commercial information over the Internet to benefit Chinese state companies. The indictment drew harsh denunciations from the Chinese government.
The proposed vetting rules appear to have been under preparation for some time, but the timing of their unveiling is unlikely to be mere chance, said Duncan Clark, chairman of BDA China, which advises investors on the Chinese high-tech and Internet sectors.
“I don’t think any of these things are coincidence in terms of this particular topic, because they’re looking for retaliatory measures,” Mr. Clark said in a telephone interview from Beijing. “But already, especially since Edward Snowden’s accusations, they’ve been increasingly concerned about Internet security.”
The procedures will “stipulate Internet security assessments for important Internet information technology products and their suppliers entering the Chinese marketplace,” Xinhua reported, citing Jiang Jun, a spokesman for the State Internet Information Office. The move is intended to “prevent product suppliers illegally controlling, interfering in or interrupting user systems, or illegally collecting, storing, handling or exploiting information about users,” Xinhua said.
“Products and services that do not meet security requirements will be excluded from use in China,” Xinhua said.
Disclosures by Mr. Snowden, the former National Security Agency consultant, about the scale of United States intelligence gathering over the Internet showed that “without cybersecurity, there can be no national security,” said Mr. Jiang.
“The vetting will focus on I.T. products and services used in communications, finance, energy and other key industries that concern national security and public interests,” Li Jingchun, an engineer with China’s National Research Center for Information Technology Security, told Xinhua.
The companies affected could include Cisco Systems, IBM and Microsoft, suggested a commentary about the new policy on the website of China Daily, a state-run newspaper. The new procedures may oblige such companies to share sensitive data and technology, like encryption processes, a demand that has been a source of trade and commercial friction with China in the past, said Mr. Clark.
“It could be quite broad,” he said. “We have the equipment layer, we have the software lawyer, but we also have lots of applications and encryption.”
The move is potentially a major headache for companies that sell Internet hardware and services in China, especially to arms of the government. The reports suggested that such foreign companies were colluding with espionage and illegal data collection agencies.
“The foreign companies are already being hit really hard,” said James McGregor, chairman of the greater China region for APCO Worldwide, who advises companies on investment and dealing with government in China. “It was getting tough already, but since Snowden it’s gotten tougher.”
On Monday, the Justice Department unsealed an indictment that named five members of the People’s Liberation Army and charged them with breaking into the networks of Westinghouse Electric, the United States Steel Corporation and other companies to obtain information about technology, commercial negotiations and trade disputes.
The latest reported comments from the State Internet Information Office did not describe the security checks as retaliation for the indictments. But on Tuesday, an official from the same office, who did not give his name, raised that threat.
“The United States’ indictment of five Chinese military officers over so-called cybertheft is pure nonsense, an entirely false accusation, and it is a case of a thief yelling ‘stop thief,’ ” said the spokesman, according to a report from Xinhua. “If the United States continues to willfully pursue its own course, China will take measures to resolutely counterattack.”
The Internet in China, and companies who do business with it, are already under the regulation of a plethora of state and Communist Party agencies. The State Internet Information Office was established in 2011 to “supervise online content management and handle administrative approval of businesses related to online news reporting,” a report at the time said.
No comments:
Post a Comment
Comments always welcome!