China’s National People’s Congress Standing Committee has given approval to a controversial new cybersecurity law.
The law restricts online commentary, requires user identification, and obliges foreign companies to participate in protection of national security. It comes into effect in June next year.
Companies that operate in China may be required to cooperate with authorities in security probes by providing “technical support.” They will have to pass regular security reviews.
Companies in key sectors – including information services, transport, and finance – may also be required to store data locally in China and to only use approved equipment. Failure to do so could mean that they lose their operating license or are shut down completely.
Some companies fear that will help their Chinese competitors, while also opening them to corporate or state-backed espionage.
Approval of the law was immediately criticized by business groups including the U.S.-China Business Council, the American Chamber of Commerce, and the European Chamber of Commerce.
The law also restricts freedom of expression. Online postings that damage “national honor,” “disturb economic or social order,” or promote “overthrowing the socialist system” will be criminal offences.
Approval of the law was also criticized by groups including Amnesty International, Human Rights Watch, and the European Union.
“Despite widespread international concern from corporations and rights advocates for more than a year, Chinese authorities pressed ahead with this restrictive law without making meaningful changes,” Sophie Richardson, China director at Human Rights Watch, said in a report on Reuters.