China, which has some of the world’s tightest Internet restrictions, has released a draft of a new cybersecurity law that authorizes broad powers to control the flow of online information. The bill, which has been translated into English on the website China Law Translate, comes after the recent passage of a law on national security and with the expected approval of bills on nongovernmental organizations and counterterrorism.
Here is a look at some of the main provisions of the cybersecurity bill, and what the measure tells us about the structure of China’s Internet control apparatus:
The Cyberspace Administration of China has a crucial role. Perhaps the most interesting aspect of the bill is not the powers that it spells out, but who holds them. Analysts say the draft shows clear signs that the Cyberspace Administration and its director, Lu Wei, drive Internet policy and that it gives the body great powers to guide research and education.
Near the beginning, the draft says that the “state Internet information department” is “responsible for comprehensively planning and coordinating network security efforts and related supervision and management efforts.”
Rogier Creemers, a research scholar at Oxford University, said this is a clear reference to the Cyberspace Administration of China and puts it in the driver’s seat for policy-making going forward. “They are clearly in charge,” Mr. Creemers said.
“They are are a coordination and decision-making body at the highest political level,” he said, adding that with this law the Cyberspace Administration has set a broad agenda, and that it will be up to other ministries to then work out more specific laws, such as rules governing e-commerce or what hardware banks can use.
Most of the provisions are not new. China has long taken steps to restrict many types of online content, from pornography to political discussions. Many foreign sites are blocked, and domestic sites use automated censorship mechanisms as well as staff members to remove posts on restricted topics.
Even the most aggressive measures discussed in the draft, restricting Internet access in a particular region to “safeguard the national security, social stability or handle a sudden major incident of concern for social safety,” have been used. In 2009, China shut off nearly all Internet access and international calls in the far western region of Xinjiang for months, after deadly riots in the city of Urumqi.
But often such powers were defined in lower-level regulations or even Internet companies’ contracts. By elevating them to a national law, Chinese authorities are signaling that they are placing a high priority on compliance and that they want to “make it harder for Internet companies to avoid or drag feet on implementation,” said Maya Wang, a researcher with Human Rights Watch based in Hong Kong.
“The law is meant to say the party is serious about controlling the Internet,” she said.
A warning to global companies. China has long been a difficult place for foreign technology companies to thrive. Many sites, including Facebook, Google, Twitter and YouTube, are partly or completely blocked.
Some clauses, such as a requirement for the development of safeguards on “critical information infrastructure,” could further curtail the activities of foreign companies, but the details are still unclear.
“The foreign business community will be reading the law closely, trying to determine how the cybersecurity standards and procurement provisions will be implemented,” Adam Segal, an expert on China and digital policy at the Council on Foreign Relations, wrote. “The past few months will not give them great comfort, as Beijing has adopted a national security law and other provisions to make technology used in China ‘secure and controllable’.”
Paul Mozur contributed reporting.
Follow Austin Ramzy on Twitter at @austinramzy, and Paul Mozur at @paulmozur.