China’s Cybersecurity Regime: Securing the Smart State
38 Pages Posted: 8 Apr 2022
Date Written: March 30, 2022
In step with the increasing prominence of digital technologies in all aspects of political, economic and social life in China, cybersecurity has become a central concern for regulatory authorities. Security-related measures were part and parcel of online governance from the first days of Internet connectivity in the late 1990s, but remained fragmented and hampered by a relative lack of technical capabilities.The establishment of the "cyber power strategy" in 2014 heralded greater centralization, culminating in 2016 with the promulgation of the Cybersecurity Law and the publication of a national cybersecurity strategy. This strategy, and the CSL, define cybersecurity as a comprehensive, full-spectrum challenge, requiring responses in fields as diverse as content control and data protection, critical infrastructure protection and cybersecurity certification for products, vulnerability reporting and incident response. The years since then have seen considerable complexities in implementation, due to bureaucratic tussles and political difficulties, but also the sheer challenges of retrofitting a comprehensive security concept in ongoing digital processes. Furthermore, implementation has had to take into account rapidly changing technological capabilities, as well as shifts in the domestic and international political contexts. As a result, while considerable advances have been made in CSL implementation, a degree of unevenness remains. This paper traces the historical process of how cybersecurity law, regulation and policy evolved throughout this period, drawing on a comprehensive mapping of government documents, and contextualising these trends in the light of China's ambitious agenda to build a smart State. It contributes to our knowledge of how China seeks to navigate the complex challenges it currently faces, as well as how the conceptualisation of cybersecurity matters for deepening comparative understanding.
Keywords: China, cybersecurity, data protection, critical infrastructure, content control
Suggested Citation: Suggested Citation