China has approved a controversial new cybersecurity law, drawing swift criticism from international business and human rights groups.
The Chinese government says the new law, which was approved by legislators on Monday, will strengthen the protection of personal information and combat online fraud. But critics say it tightens China’s grip on the Internet by requiring service providers to collect personal information and preventing data collected in China from leaving the country.
“We believe this is a step backwards for innovation in China that won’t do much to improve security,” said James Zimmerman, chairman of the American Chamber of Commerce in China.
Broad requirements to store data inside China’s borders will hinder trade and innovation for both Chinese and foreign companies, Zimmerman said in a statement. And “some of the requirements for national security reviews and data sharing will unnecessarily weaken security and potentially expose personal information,” he warned.
More than 40 business groups from the U.S., Europe and Asia petitioned Chinese Premier Li Keqiang in August, arguing the cybersecurity law would put data security at risk and cut China off from the wider digital economy. They wanted the government to make major changes to the law, but contentious provisions remained in the final draft China’s legislature passed Monday.
Amnesty International blasted the new law, describing it as a “draconian” measure that violates people’s rights to freedom of expression and privacy.
It forces companies “to be complicit in censorship and share personal information of users with the authorities with virtually no safeguards,” the human rights group said.
The criticism follows a string of complaints from foreign companies about a worsening business environment in China that favors domestic firms, despite official promises to make the economy more open. China already bans platforms such as Google (, )Facebook (Tech30) and , Twitter (Tech30). ,
Global business groups are worried the new cybersecurity law, which mandates “a clear principle of sovereignty in cyberspace,” will make matters even worse.
— Nanlin Fang contributed to this report.