U.S. Senators Raise Alarms About China’s New Encryption Law
WASHINGTON—U.S. lawmakers are increasingly concerned about China’s new cybersecurity rules that put American companies at risk of losing their sensitive data.
In October, China passed a law that would regulate cryptography in the country when it takes effect on Jan. 1. The new legislation is the latest in a series of cybersecurity measures that Beijing has been rolling out in the last several years to control data and communication within the country.
The new rules are potentially alarming as foreign companies operating in China won’t be able to keep their data secret from the Chinese communist regime.
Sen. Rick Scott (R-Fla.) who is closely watching recent moves by Beijing urged U.S. companies to stop working with the regime.
The new law is the latest instrument the Chinese regime is using “to steal U.S. technology, intellectual property, and personal data,” the senator’s office told The Epoch Times in an email.
“Senator Scott has been clear that American businesses, hospitals, and universities must be vigilant and proactive when it comes to the threat of Communist China, and should stop doing business with the regime.”
Companies use encryption technology to protect the confidentiality of information transmitted and stored on networks. No foreign company, however, will be able to encrypt their data or communication if China enforces these new rules.
Scott, who’s a China hawk, earlier warned that Communist China’s goal is “to control the entire world.”
“I think all of us have to understand if we give data to China they can use it against us,” he told CNBC on Nov. 18.
“We have to be absolutely clear we are not going to do business with China and let them have our information,” he said, calling for a wider decoupling— loosening of trade and economic ties—of the United States and China.
According to author and China expert Gordon Chang, Beijing’s goal is to control all communications, data, and other information stored in electronic form that belong to foreign companies.
No information would be kept secret if China enforces these new rules, he said, as the companies would have to turn over encryption keys and they might be prohibited from using virtual private networks (VPNs) to get around the rules.
In addition, the Chinese regime may freely share the trade secrets of their foreign companies with China’s state-controlled enterprises, he warned.
Chang believes that a bill introduced by Sen. Josh Hawley (R-Mo.) will help counter the new threat.
If Hawley’s bill comes into law, he said, then it would mean that American companies would effectively have to leave China.
In November, the Missouri Republican introduced the bill, the National Security and Data Protection Act of 2019 that prevents U.S. firms from transferring user data or encryption keys to China. The proposed bill also prohibits American companies from storing data in China.
Others who signed on to the bill are Sens. Marco Rubio (R-Fla.) and Tom Cotton (R-Ark.).
“Current law makes it far too easy for hostile foreign governments like China to access Americans’ sensitive data,” Hawley said in a statement. “Chinese companies with vast amounts of personal data on Americans are required by Chinese law to provide that data to Chinese intelligence services.”
Hawley raised concerns about Beijing’s potential influence over a popular short-video app TikTok and Apple’s decision to store iCloud encryption keys in China, calling them a national security threat.
To comply with new Chinese laws, Apple announced last year that it would transfer management of its Chinese iCloud data to a local state-owned firm in China. The tech company also said it would store iCloud encryption keys for Chinese users within China, raising concerns about government access.
“Chinese law allows the Communist Party to seize data from American companies operating in China whenever it wants, for whatever reason it wants,” Hawley stated. “This legislation takes crucial steps to stop Americans’ sensitive data from falling into the hands of hostile foreign governments.”
Beijing has been implementing policies to govern data, including data localization, which forces both foreign and Chinese entities to store their data locally. The latest encryption law would now govern how the data could be accessed by the regime.
U.S. firms don’t know exactly how these laws will be implemented and enforced. If these rules are enforced to the maximum extent, it will have significant repercussions for companies operating in China, warned experts.
Gloss