China's steps to control its data and information
Send a link to a friend
[May 09, 2023]
By Josh Ye
HONG KONG (Reuters) - A Chinese investigation of consulting firm
Capvision Partners over national security concerns is the latest step in
a years-long campaign by Beijing to tighten control of data generated
within its borders.
State media accused overseas institutions of using domestic consulting
firms to steal state secrets and intelligence in key areas key, state
broadcaster CCTV said in a programme on the Capvision investigation.
Below is a timeline of main events in China’s effort to tighten its grip
on data and information and especially over their export.
July 2015: China passes a national security law that broadened the scope
to protect its cyberspace and also emphasised a need to develop key
technologies. It replaced a 1993 law.
November 2016: China passes a cybersecurity law that contained
requirements for security reviews and for data to be stored on servers
in China.
June 2021: China passes a data security law on the protection of
“important data” and “core data”, including information involving
national and economic security, people’s welfare and on issues of
important public interest.
July 2021: Authorities launch a cybersecurity investigation into
ride-hailing giant Didi Global two days after it went public in the U.S.
Sources said the firm had disregarded a demand from authorities that it
undertook a cybersecurity review before its listing.
August 2021: China introduces regulations around so-called critical
information infrastructure and also passed a personal information
protection law that laid out conditions under which firms can collect
personal data and transfer it abroad.
November 2021: Some Chinese providers of shipping information stop
giving data to foreign companies citing a need to comply with new data
laws, sources said at the time.
[to top of second column]
|
A security surveillance camera
overlooking a street is pictured next to a nearby fluttering flag of
China in Beijing, China November 25, 2021. Picture taken November
25, 2021. REUTERS/Carlos Garcia Rawlins/File Photo
January 2022: China releases cybersecurity review measures that
require platform companies with data on more than 1 million users to
undergo a security review before listing shares overseas.
July 2022: China unveils cross-border data review measures that
require a security review for “important” offshore data transfers.
September 2022: Regulators ask China's biggest financial data
provider Wind Information Co to stop providing offshore users with
certain data, sources told Reuters.
March 2023: U.S. due diligence firm Mintz said authorities had
raided its China office and detained five Chinese members of staff.
The foreign ministry said Mintz was suspected of engaging in
unlawful business.
March 2023: Chinese academic data platform CNKI suspends foreign
access to up to four of its databases to comply with data laws.
April 2023: Legislators pass a wide-ranging update to anti-espionage
legislation, banning the transfer of information related to national
security and broadening the definition of spying.
April 2023: U.S. consultancy firm Bain & Co said police visited its
office in Shanghai and questioned some staff.
May 2023: State media disclose that authorities have investigated
consulting firm Capvision Partners.
(Reporting by Josh Ye; Editing by Brenda Goh and Robert Birsel)
[© 2023 Thomson Reuters. All rights
reserved.]This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |