Attributable to: James Zimmerman, Chairman of the American Chamber of Commerce in China

We believe this is a step backwards for innovation in China that won’t do much to improve security. The Chinese government is right in wanting to ensure the security of digital systems and information here, but this law doesn’t achieve that. What it does do is create barriers to trade and innovation.

Broad restrictions on cross-border data flows, for example, provide no security benefits but will create barriers to Chinese as well as foreign companies operating in industries where data needs to be shared internationally. Moreover, some of the requirements for national security reviews and data sharing will unnecessarily weaken security and potentially expose personal information.

In terms of improving security, this law is at best a missed opportunity, and some of the measures seem to emphasize protectionism rather than security. But one thing is for sure: the more difficult it is for data to travel across the Chinese border, the more difficult it will be for companies inside those borders to innovate, and China risks becoming isolated technologically from the rest of the world.

The only silver lining here is that the government opened the law’s drafting process to public comment, although unfortunately most of the suggestions supplied by AmCham China and other chambers of commerce were ignored.

Cybersecurity is too complex and dynamic for any government to tackle single-handedly. It requires cooperation between the public and private sectors across national boundaries. AmCham China hopes that, if the government is serious about both promoting innovation and ensuring data security, it will review the effectiveness of these measures sooner rather than later.

November 7, 2016