China cybersecurity law likely to harm foreign firms operating on mainland, says Asia finance body chief

The chief of one of Asia’s most prominent financial trade bodies said on Tuesday new cybersecurity legislation in China could make it harder for foreign companies operating in the country to manage risk as threats increasingly span across borders.

Mark Austen, chief executive of the Asia Securities Industry and Financial Markets Association, told a forum in Hong Kong that the rules marked a “worrying” development because regulators globally have to work together to address cyber risks rather than attempt to isolate their jurisdictions.

China adopted a cybersecurity law on Monday to counter what the government said were growing threats such as hacking and terrorism. Foreign business and rights groups expressed concern that the law could, for instance, bar foreign companies from certain sectors.

The legislation, set to take effect in June 2017, includes requirements for security reviews and for data to be stored on servers in China.

“No matter how well you cut yourself off from the rest of the world, we’re all interconnected,” said Austen. “Favouring the development of domestic IT and forcing firms to use domestic software and not allowing firms to offshore, you can’t manage risk on a global basis.