China Surprises No One By Passing Cybersecurity Law That Gives It More Control Of The Internet
from the also-religion,-culture,-space,-the-ocean,-etc. dept
It appears the Chinese government is concerned it doesn't censor the internet enough already.
China has adopted a new national security law that aims to make internet, IT infrastructure and systems, and data in certain sectors "secure and controllable", state-owned news agency Xinhua said in a notice on the National People's Congress (NPC) website.More control of the world's greatest communication tool is what's being sought, despite its best efforts to deflect this inevitable conclusion with the deployment of impenetrable jargon.
Zheng Shuna of the NPC's Legislative Affairs Commission told reporters that cyberspace sovereignty is "the embodiment and extension of national sovereignty" and an important part of national infrastructure, Xinhua said in a separate report.This is more of the same for China, which has sought increased control of the internet for years. It has also shifted towards hardware homogeneity -- partially due to the state's protectionist tendencies, as well as strong hints that foreign hardware is arriving on its shores pre-compromised by intelligence services.
It's not just the hardware. It's also the information flowing to and from it. China can certainly restrict imports of IT hardware and regulate internal infrastructure and systems, but the internet is much more ethereal and, for the most part, can't be stopped at the borders and searched for violations of Chinese sovereignty.
But that's not all the Chinese government is seeking to control.
As well as cyber security, the law covers defence, finance, science and technology, culture, religion, space, ocean depths and polar regions.And, in only the way one can when defending a very powerful state that takes a dim view of dissension (read: sends out the tanks), the Commission's spokesperson has provided a completely incredulous statement attempting to downplay the power grab.
Zheng rejected suggestions that the definition was "too broad", Xinhua said.One shudders to think what China's NPC Commission would consider to be "too broad." But as worrying as China's martial-law-but-with-computers push is, the law seems resistant to interpretation. (Presumably intentionally…)
Hong-Kong based Jolene Reimerson of Pinsent Masons, the law firm behind Out-Law.com, said: "It is not yet clear how China intends to 'ensure cyberspace security' or to make the internet and data 'secure and controllable' under the new national security law."It is probably not clear to the Chinese government, either, as much of the control sought will remain mostly out of its grasp. The new law doesn't specify what domestic IT providers will have to do to comply with the government's unstated demands, but considering its recent attempts to codify hardware/software backdoors, it will problably be something along these lines.
"Secure and controllable data" seems almost noble when placed into certain contexts, but tying it to national security and expanding the coverage to include the internet certainly isn't. "Security" and "control" aren't strange bedfellows. The first is often used to justify the latter. China isn't the only country to expand government powers and domestic surveillance in the name of "security." (In fact, you could replace the word "China" in this article's headline with the name of almost any large Western country and it would be equally unsurprising.) It just doesn't bother with the nicety of pretending to care about its citizens' rights.
There's some lip service being paid to "cooperation" with other countries for better cybersecurity, but the official talking points discuss things like "establishing a multilateral, democratic and transparent international Internet management system." It only sounds promising if you ignore China's multiple attempts to censor the internet. Or its own statements on the new law:
"Internet space within the People's Republic of China is subject to the country's sovereignty," [Zheng] said."Cooperation" in this context presumably means other countries and their internet-based platforms being asked to comply with filtering and blocking orders or risk losing access to a very large market. When the Chinese government says "multilateral," it's just saying it wants one internet for its people and one internet for the rest of the world and an impenetrable wall between them.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: china, control, cybersecurity, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
pre-compromised
E
[ link to this | view in chronology ]
Re: pre-compromised
[ link to this | view in chronology ]
Punchline
[ link to this | view in chronology ]
Re: Punchline
[ link to this | view in chronology ]
My take is that that's not lip service, nor them seeking for china's firewall/policy to exist outside of china- that's them saying they'd rather all the governments use (and know how to subvert) the same backdoors.
Much easier/cheaper to use US backdoors then having to reverse engineer everything and come up with their own ecosystem of copycat systems. This is hints of desire for a sort of longshot, unspoken, cyber disarmament agreement- though just like nuclear disarmament it wouldn't mean no nationstate cyber wmd's.
@#1 pre-compromised may be semantically incorrect (not really sure) but the meaning seams clear and useful- hardware that is ready for easy active compromise by nation state. In contrast to full compromise, such (pre)compromise may be passive, and never come to fruition absent a specific trigger; which authoritarians will of course use to argue that it's not compromised in the first place.
[ link to this | view in chronology ]
Re:
This isn't about backdoors. China is playing a longer game than that. China is one of the states most firmly pushing for the Internet to come under the control of governments (and only governments). They are pushing for the UN and/or the ITU (both of which are run by governments) to control the Internet. If they achieve that, they can then use the paranoia of most states to spread their vision of strict controls, by governments, on use of the Internet.
At the moment, the statists are not winning - non-governmental organisations (NGOs), civil society groups, corporations and expert groups are all involved (as well as governments) in what is often known as a multi-stakeholder process. The US government currently supports that model (which is why it is trying to make sure ICANN does not end up controlled by a governmental group).
However, the debate is ongoing, and China and other countries often make statements about "bringing the Internet under democratic control" which is code for control by governments, without the need to involve the other stakeholders.
If you are interested in this, I suggest joining the Internet Society (it is free and open to everyone) and joining the Internet Policy mailing list. You might also enjoy the iversity course on "Public Privacy: Cyber Security and Human Rights".
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
That way, the "rulers" of that "nation" would have control over all access to/from that "nation".
Would be a great way to completely centralize control of the internet..
[ link to this | view in chronology ]
Come on, Silicon Valley!
If China can do it, why can't Silicon Valley?!?
Love,
Dir. Comey
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
control your reputation on internet
[ link to this | view in chronology ]
i'm waiting to see what sort of comment that idiot Cameron in the UK comes out with! he was supposedly trying to get China to introduce more Freedom and privacy when he went there for talks. then does worse than China does! not exactly a very fitting example, is it!!
[ link to this | view in chronology ]
Invasions in Cyberspace
Does that mean that when Chinese hackers, possibily associated with the Chinese government, infiltrated and stole files from the US Office of Personnel Management (OPM) they were transgressing the "national sovereignty" of the United States?
If so that action could be construed as an invasion, and therefore as such an act of war.
(Not that the US is in any position to complain, mind you, given the antics of the NSA. In particular, re Stuxnet and Iran.)
[ link to this | view in chronology ]
[ link to this | view in chronology ]