As China steps up cybersecurity enforcement, smaller businesses are feeling the heat

Authorities have begun warning small business owners to improve data security compliance or face penalties

Stepped up enforcement follows recent sweeping security laws to tighten government control over cyberspace in the interest of national security

3-MIN READ3-MIN

Police in China have been shifting their data security enforcement efforts from large corporate firms to smaller businesses. Photo: Shutterstock

Published: 6:00am, 10 Sep 2023

As China moves to tighten security around its domestic data, law enforcement agencies are expanding efforts to monitor compliance across the country – from big tech firms to smaller street-level businesses. Now, businesses ranging from restaurants to foot massage parlours are being warned about punishments they face for failing to follow the country’s evolving cybersecurity regulations.

Last month, police in the city of Zhenjiang, in the eastern province of Jiangsu, carried out security sweeps at local businesses, issuing warnings to those that offered Wi-fi without requiring real-name registration, local media reported on Monday.

Citing the country’s Cybersecurity Law, the warnings ordered the businesses to “rectify” their services, which failed “to implement technical safety protection measures”, as required by the law, according to the report.

As those police checks started making waves, police in Huaian, another Jiangsu city, began handing out similar warnings to a local foot massage boutique, citing the country’s Data Security Law.

The business was warned after police said it had stored customer information, such as names and identity numbers, which are deemed as sensitive data, without setting up sufficient security measures to protect the data.