The law is largely aimed at protecting China’s networks and private user information. However, companies had campaigned to the government to delay the legislation’s implementation as they are concerned about lack of clarity and how the law would affect personal information and cloud computing. Two weeks ago some 200 representatives from foreign and domestic companies and industry associations were invited to a discussion at the new headquarters of the Cybersecurity Administration of China (CAC) in Beijing to disucss a a draft of the rules for transferring personal data overseas.

Tight controls

China already has some of the world’s tightest controls over web content,, protected by what is called 'The Great Firewall,' but even some of its universities and petrol stations were hit by the global ransomware attack in May. The legislation also bans internet users from publishing a wide variety of information, including anything that damages ‘national honour’, ‘disturbs economic or social order’ or is aimed at ‘overthrowing the socialist system’.

Concerns

Companies are worried that the new law could lock them out of the market. Paul Triolo, a cybersecurity expert at the Eurasia Group, wrote in a research note that regulators will likely introduce 'new hurdles for foreign company compliance and operations' in industries, such as cloud computing, where China is actively seeking a competitive advantage. As a result, ‘companies with politically well-connected competitors could see their profile raised for things such as cybersecurity reviews’.