China vs. Tech companies: what the battle over data looks like and who will be the next targets

chaos that swept Billions of dollars in Chinese stocks In recent days is part of the expected organizational attack It extends beyond technology to include all areas of the private sector in the country.

What started in November with a comment Initial public offering From 37,000 Million US Dollars from company financial technology Billionair Jack MaAnd group of ants, this month to conduct an investigation into data security From the transfer app Didi Chuxing and devastating restrictions on Education sector.

Experts and companies warn of this The disturbance shows no signs of calming down, Ago Chinese government shoot a New legal framework NS Data collection and use by companies.

China and the reckless campaign against companies that could cost you dearly

“We tell our customers that they are facing From the three to those with great uncertaintysaid Kendra Schaefer, technology analyst at Beijing-based consulting firm Trivium.

What are the new laws?

the Chinese companies – and possibly anyone doing business in it China Or trade with the world’s second largest economy – they face a number of Data Laws.

The most famous Cyber ​​Security Law, which came into effect in 2017 and covers network and computer security. It has a review process to identify the companies that handle the call’critical information infrastructure‘, or data that is potentially harmful to Chinese security or poses a risk to Chinese citizens.

in September, China file input Data Security Act. This will help regulators determine which data can be transferred from China without consent condition Which one is prohibited.

Early next year, the Chinese government is also expected to publish a file Personal Data Protection Law, similar to Al General Data Protection Regulation From Europe. The law is expected to have far-reaching implications for China’s massive digital economy, including creating data audits for apps like Didi.

Ernan Cui, China consumer analyst at Gavekal Dragonomics, said that behind the wave of regulatory actions from Beijing There was basicallyData control battlebetween the government and the private sector.

What are the main gray areas?

Schaefer of Trivium said it was not clear if Beijing It is planned to announce the companies that are classified as Critical information infrastructure operators Therefore, it will be subject to stricter supervision.

“That’s the big problem,” he said. “The companies don’t know that yet.” “The really cool thing ACC [Administracin del Ciberespacio de China, el regulador de Internet] out for Didi We found out that theycritical infrastructure“”.

With regard to cross-border data transfers, the . file ACC It said any data requested by foreign authorities would need Chinese approval.

Trading apps that reduce the markets to a game, and that’s dangerous

“It’s not just about technology companies. These are all companies that ship something abroad ChinaDiego Schafer.

Although few foreign companies offer critical information infrastructures such as communication networks, Many foreign groups will be cornered because they sell services and products to Chinese customersAndrew Gilholm, chief analyst at China at the consulting firm Control Risks.

For companies [chinas] They ask: “Who are your foreign suppliers?” , or “Where in your supply chain do you rely on foreign entities?

Who will the organizers go to next?

Analysts expect that Beijing Moving little by little from one sector to another and from one region to another, identifying sensitive data, and therefore needing permission to leave the country.

A pharmaceutical company based in China’s Jiangsu Province said it had already undergone unexpected reviews of ACC About transferring your data to your R&D lab in United State.

“Officials suggested it’s best to return our lab to ChinaWhere regulations are likely to be stricterA representative asked not to be identified for security reasons.

Sam Radwan, director of Enhance International, a consulting firm that advises Chinese companies, said sectors such as Insurance and health They should expect to intensify monitoring while participating in big data collection programmes.

the Car insurance companiesFor example, extensive testing of China which digitally track drivers’ behavior and location. the telemedicineMeanwhile, flourish China. These sectors have collected “richer” and “more sensitive” data than those in DidiRadwan concluded.

the Chinese branches of foreign companies They should also be prepared to “fight” with regulators over sending basic company information abroad ChinaAnalysts warned.

“Suppose you are a Japanese company hired by a big Chinese company to build a new metro in Chongqing, and you have some data related to the project you are transferring to. likeGilholm, risk analyst at China.

To further complicate the picture, you have to ask yourself Regulatory bodies that will control the new data management system.

“Land wars are a corollary of the new normative processes,” Schaefer added.