Hacking into China's Cybersecurity Law

49 Pages Posted: 8 May 2018 Last revised: 23 Sep 2019

See all articles by Jyh-An Lee

Jyh-An Lee

The Chinese University of Hong Kong (CUHK) - Faculty of Law

Date Written: May 7, 2018


China’s Cybersecurity Law, which is thus far the most important internet legislation to be passed in the country, came into effect on June 1, 2017. The law has attracted significant attention and criticism from foreign companies. Although the Chinese government claims that the Cybersecurity Law will help reduce the risk of cyberattacks and safeguard national security, some critics believe that the law will further erode internet freedom in China. In particular, concerns have been raised that the law may not effectively enhance China’s current level of cybersecurity but instead may be used to facilitate government censorship and surveillance, to increase unnecessary business operating costs, to steal intellectual property from foreign companies, and to protect domestic industries from global competition.

This Article provides a thorough analysis of important provisions of the Cybersecurity Law as well as their policy implications. It views the Cybersecurity Law as part of a broader set of policy steps that have been taken to streamline laws concerning the internet and national security. The law fulfills China’s persistent aim to assert its internet sovereignty by imposing heavy obligations on network operators and critical information infrastructure operators. This Article contends that the law should be understood from the perspective of China’s unique conception of cybersecurity and human rights. As cybersecurity is defined much more broadly in China than it is in the Western world, any digital information threatening social or political stability will be viewed as a cybersecurity, or even a national security, concern. This explains why the scope of the Cybersecurity Law is unprecedented. Moreover, the treatment of personal information in the Cybersecurity Law reflects China’s human rights philosophy. While individuals enjoy a certain degree of human rights protection, those rights do not effectively protect them from government action.

Keywords: China, cybersecurity, data localization, critical infrastructure, trade secret, internet sovereignty, personal data

Suggested Citation

Lee, Jyh-An, Hacking into China's Cybersecurity Law (May 7, 2018). Wake Forest Law Review, Vol. 53, No. 1, 2018, The Chinese University of Hong Kong Faculty of Law Research Paper No. 2018-08, Available at SSRN: https://ssrn.com/abstract=3174626

Jyh-An Lee (Contact Author)

The Chinese University of Hong Kong (CUHK) - Faculty of Law ( email )

6/F, Lee Shau Kee Building
Shatin, New Territories
Hong Kong

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics