New restrictive Data Security Law this week in China

Data Security

Cyber Security Law (CSL) might make foreign companies to do business in China. This has come into the notice after the argument of foreign companies who are seeing an opportunity to expand its business in Chinese market recently.

On June, Thursday, the Chinese government is about to bring one of the controversial but beneficiary laws into the implementation. This law order the companies to hold the data in the China itself. They have to go through the on-site security reviews to ensure proper channeling of the data.

Cyber Security Law (CSL) is seeing this opportunity after other countries tried to take the similar steps in the benefit of their nation. It is going to be regulated with respect to online and digital security as well as data protection. The multinational companies have argued and raised their concerns that it will make them doing business in China even more difficult than before.

Carly Ramsey and Ben Wootliff from London-based strategic consultancy Control Risks in an advisory said that understanding who is being caught and who is being covered under the umbrella of this law has left the companies unsure about their future business with China. They say that it is potentially onerous law. They have highlighted and raised their concerns as well that it will be the most probably the foreign companies that will feel the heat of the new law being enacted.

This law was passed in November. Companies have to divide data into two types: One into important data and other into personal data of Chinese citizens. It is not properly defined which has caused further concern to the business companies. They cannot bifurcate between national security, social public interests, and economic development.

Also Check:  Data Loss Prevention

It forbids the network providers from accumulating the data. It strictly bans the selling of the personal data to the companies. It also strengthens the citizen of China to delete the information related to them, especially at the time of any severe abuse.

“Those who violate the provisions and infringe on personal information will face hefty fines.” This was reported to Xinhua news agency, which is also the official news agency of China. Companies who are affected by this new law will have to obtain an approval in order to transfer controlled data abroad.

In the same advisory, Ramsey and Whootliff wrote that the new law is totally vague and even if any company wants to be compliant, it cannot remain compliant because of the vagueness of the new law.

Now, the companies have to focus on the working of this new law which has been regulated lately by the enforcers. Companies are alert that this could be the tool by the domestic players to play against the multinational companies in China.

Companies have to be aware of the tool that can be utilized for cyber security. The government can take the benefit to get the intellectual property. They can get the insight in the organization’s gaps in a web security forum and its other vulnerabilities.


The cost for the multinational companies is going to be significant when this law is enacted. Control risk indicated that the loss of ability to conduct the global data analytics will be a major hit.

This law can be used to take down the foreign technologies just for the sake of benefit of the domestic technology. The firm has published their advisory to the companies to review their data so that they can be prepared for the data localization and security reviews. They can also take part with the government and regulators for they can lower the impact of the law.

Related Blogs:

7 Data Protection Tips for Small Businesses

Five Important Things about Data Security


Leave a Comment


Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password