China’s new cybersecurity law lacks detail, says Tencent VP

Separate report also claims new law only adds to a web of complex data protection laws and regulations, aimed at defending against threats to Chinese sovereignty

PUBLISHED : Tuesday, 15 August, 2017, 6:44pm
UPDATED : Tuesday, 15 August, 2017, 6:44pm

Despite the introduction of China’s first cybersecurity law, there’s still a lack of clarity surrounding the finer details, according to Tencent, one of China’s biggest tech firms.

The new law, which came into effect June 1, has been touted by China as a milestone in personal data regulation.

Unlike some other countries, China does not have an abundance of data protection law. It regulates privacy and cybersecurity issues through a number of industry-specific laws, according to a report by US-based law firm, Proskauer.

It also lacks a single central data protection authority tasked with enforcing privacy laws.

The Proskauer report said the new law only adds to a web of complex data protection laws and regulations, aimed at defending against threats to China’s sovereignty.

But there’s already been significant impact felt in the domestic technology industry, following its launch.

Tencent’s massively popular WeChat, for example, is among a group of social media platforms now being investigated on suspicion of violating the country’s new cybersecurity law.

But speaking at a cybersecurity conference in Beijing, Tencent’s vice president Ding Ke said that while there’s now more responsibility for corporations when it comes to consumer data protection, he hopes the guidelines should be clearer and forward-looking rather than provided in hindsight because developments in the sector always move so fast.

What’s more, with the ongoing creation of an information-led economy and the wide adoption of mobile internet services, what the law needs, said Ding, is to protect not just the safety of hardware devices but the soft assets contained in hardware.

Overall, though, he sees the new law as positive progress despite not clearly defining the responsibilities of stakeholders in certain territories or offering any specific details.

In recent months, various Chinese firms have stepped up their protection efforts after increased instances of hacking and cybersecurity, globally.

Shenzhen-based DJI, the world’s biggest drone maker, said it had developed a new domestic data mode that stops internet traffic to and from its flight control apps, offering enhanced privacy assurances for sensitive government and enterprise customers.

“The ‘local data mode’ will allow customers to get the most out of their DJI flight control apps while providing added assurance that critical data is not inadvertently transmitted over the internet,” said Brendan Schulman, DJI’s vice president of policy and legal affairs.

The company, however, founded by Frank Wang, a graduate of Hong Kong University of Science and Technology, was earlier dropped by the US Army as a drone provider, citing security concerns.