US business groups alarmed over China's new ‘intrusive’ cybersecurity regulations

Reuters/Edgar Su
US business groups have sounded the alarm over China’s new cybersecurity rules, adopted amid Snowden leaks. They say the rules are intrusive, require tech companies to disclose sensitive intellectual property, and create backdoors for Chinese authorities.

The American Chamber of Commerce in China and 17 other US business lobbies addressed a letter to the Central Leading Small Group for Cyberspace Affairs, led by Chinese President Xi Jinping, on Wednesday. In the letter, the business groups called on the Chinese government to take part in “urgent discussion and dialogue” over the new cybersecurity regulations.

The new Chinese rules impose tight security checks that would force tech companies to disclose sensitive intellectual property, the US lobby groups said.

"An overly broad, opaque, discriminatory approach to cyber security policy that restricts global internet and ICT products and services would ultimately isolate Chinese ICT firms from the global marketplace and weaken cyber security, thereby harming China's economic growth and development and restricting customer choice," the letter said.

Beijing adopted the new regulations requiring tech companies – including giants such as Cisco and Microsoft, which sell technologies to Chinese banks to unveil secret source code – to submit to invasive audits and build backdoors into hardware and software, The New York Times reported on Wednesday.

Reuters/Robert Galbraith

Thus, tech companies that cooperate with Chinese banks will have to set up research and development centers in the country, get permits for workers who service technology equipment, and build "ports" which let Beijing manage and monitor hardware data, Reuters reported. Under the regulations, software providers will also have to adopt Chinese encryption algorithms so that Beijing can monitor financial activities.

READ MORE: China summons US envoy over cyber-spying charges, vows retaliation

The 22-page document was approved at the end of 2014 and comes within the framework of a broader cybersecurity policy, the details of which are yet to be unveiled.

Cybersecurity has become a sensitive issue between the two states, following leaks from National Security Agency (NSA) contractor Edward Snowden on US international spy programs that targeted a number of Chinese institutions.

In May 2014, China called on banks to stop using IBM servers and replace them with locally made machines, amid fears that the nation’s financial security might be compromised.

Reuters/Pichi Chuang

READ MORE: US charges 5 Chinese officials in cyberspying case

At the same time, Chinese companies said they would cease working with US consulting firms such as McKinsey, BCG, Bain & Company, and Strategy& (formerly Booz & Co.), over fears that they are spying on behalf of the US government.

Microsoft also became entangled in a Chinese government probe in May 2014, over corruption and alleged breaches in anti-monopoly laws.