National security laws

China’s new cybersecurity law is bad news for business

The Chinese government has passed new cybersecurity regulations Nov. 7 that will put stringent new requirements on technology companies operating in the country. The proposed Cybersecurity Law comes with data localization, surveillance, and real-name requirements.

The regulation would require instant messaging services and other internet companies to require users to register with their real names and personal information, and to censor content that is “prohibited.” Real name policies restrict anonymity and can encourage self-censorship for online communication.

The law also includes a requirement for data localization, which would force “critical information infrastructure operators” to store data within China’s borders. According to Human Rights Watch, an advocacy organization that is opposing the legislation, the law does not include a clear definition of infrastructure operators, and many businesses could be lumped into the definition.