China tightens cybersecurity controls to limit foreign spying

China has included a "sovereignty" clause in a new wave of policies designed to tighten IT management.
Written by Charlie Osborne, Contributing Writer

China has proposed a fresh wave of cybersecurity legislation to tighten its grip on the county's information technology structure and further localise the use of tech products.

China has included cybersecurity as an important element of a draft national security law, as reported by Reuters. The document, posted online this week, proposes tighter controls on the country's information technology structure in response to US intelligence agency surveillance.

Last year, former US National Security Agency (NSA) contractor Edward Snowden revealed the extent of the NSA's spying activities, which included bulk metadata collection on domestic and foreign targets, wiretapping and the creation of backdoors within US tech products used to spy on foreign targets.

As part of a fresh wave of changes in response to these revelations, China's National People's Congress (NPC) have begun to review the draft legislation, which includes a "sovereignty" clause to make cybersecurity an official national interest -- one to be controlled and protected. The document says:

"The state establishes national internet and information security safeguard systems [..] and protects national internet space sovereignty, security and development interests."

The country must also "achieve security and control in internet and information core technology, key infrastructure, and important data and information systems," as well as punish Internet assaults and strengthen Internet management -- potentially going beyond China's Great Firewall and Great Cannon censorship tools.

See also: China's 'Great Cannon': Taking censorship across country borders

In recent times, China has begun localising technology use, encouraging -- and occasionally enforcing -- the use of domestic rather than foreign tech products by its population, especially within the banking, technology and financial sectors. Popular services including Microsoft Outlook and Gmail have been banned, as well as the use of Microsoft's Windows 8 operating system on government PCs.

While domestic companies could profit as foreign competition is disadvantaged or forced to stop operating in the country, Huawei's rotating CEO Eric Xu does not believe this is the best path for the country to take. The executive believes if the best tech products -- whether foreign or domestic -- are kept out, this will eventually bring down the quality of China's information technology.

In an interview Xu said, "If we're not open, if we don't bring in the world's best technology, we'll never have true information security." Comparing the situation to school students competing against foreign university students, the CEO continued:

"Even if you localise, make your own CPUs, make your own operating systems, make your own database software, it would still be at a grade school level, [which will be] transparent to the college students. The only way you can answer the security problem is to keep improving your technology."

In related news, a federal appeals court has ruled the NSA's bulk metadata program, which was used to collect millions of phone records belonging to US citizens, is not authorized under the Patriot Act.

Read on: In the world of security

Editorial standards