A senior White House official cited by Reuters said that China has decided to shelve a new anti-terrorism law that would have required technology companies to hand over sensitive information.
As my colleague Ankit reported earlier, China’s draft anti-terrorism law would have required Western firms – most notably technological companies, but also financial institutions and even manufacturers – to give Beijing unprecedented access to sensitive data. For tech firms, that would mean allowing China access to encryption keys and installing “backdoors” that would provide Chinese regulators with access to software.
The Obama administration reacted swiftly to make their displeasure known. President Barack Obama himself spoke with his Chinese counterpart, Xi Jinping, to directly express his concerns. “We have made it very clear to them that this is something they are going to have to change if they are to do business with the United States,” Obama told Reuters. Other administration officials, including Secretary of State John Kerry and U.S. Trade Representative Michael Froman made their concerns clear as well.
Publicly, China has simply dismissed those criticisms. Fu Ying, the spokesperson for the National People’s Congress, said the law had already been tweaked after “hot discussions among legislators.” Fu said the law had been “improved” by the addition of “strict condition and limits” on what data regulators can demand from tech firms and when they can demand it.
Foreign Ministry spokesperson Hua Chunying highlighted these changes in her remarks at a March 5 press conference, saying that the “relevant measures… are in line with the principles of the administrative law and common practices of the world, and will by no means undermine the legitimate interests of Internet operators.” Hua added pointedly that China’s anti-terrorism law is a domestic affair: “We are under no obligation to consult with other countries, and other countries have no right to ask China to do so.”
But Reuters reports that China has decided behind the scenes to table the controversial law, at least for now. “They have decided to suspend the third reading of that particular law, which has sort of put that on hiatus for the moment,” White House Cybersecurity Coordinator Michael Daniel said during a discussion at the Information Technology and Innovation Foundation on March 12.
China downplayed the comments. Foreign Ministry spokesperson Hong Lei told reporters that the third round of discussion on the draft law “is yet to come, after which the draft law will be presented to the Standing Committee of the National People’s Congress for deliberation at a proper time.” That would seem to contradict the statement that the third review session has been “suspended.”
Likewise, industry analysts interviews by Reuters weren’t sure whether to celebrate or not. One source told Reuters that shelving the bill gives tech firms “some breathing room, but not complete relief” as the draft could be reviewed and enacted at any time. The NPC Standing Committee meets bimonthly, providing ample opportunities for the new law to be adopted should the third round of review move forward.
Another source said that China is “not ready to kick out all foreign companies… [so] they backed off.” However, that source fully expects China to continue making life difficult for foreign firms: “You can bet that the next steps will be something that tightens up somewhere but doesn’t cause this level of pain.”
It may be that China has simply decided to table the law temporarily. With Beijing and Washington both trying to make progress on a bilateral investment treaty, especially before Xi’s state visit to Washington this September, China’s leaders may have decided now is not a good time to push forward with the law. Or Beijing may be waiting for an opportune moment – for example, enacting the law as retribution should the U.S. make moves seen as discriminatory against Chinese companies. In any case, the shelving of this law by no means signals a shift from China’s ultimate goal of replacing foreign technology with domestic equivalents by 2020.