The Chinese government is signaling a softer position on formerly stringent data regulations, as part of recent efforts to alleviate regulation for businesses, particularly foreign ones. China has strengthened its data collection and export laws over the past few years. Due to the ambiguity of terms such as “important data,” foreign businesses have found it difficult to conform, if not to operate. In a proposed update, the Cyberspace Administration of China (CAC) has stated that no government supervision is required for data exports if regulators have not deemed the data “important.” According to proposed regulations released late on September 28, a day before the nation’s eight-day holiday, this is the case. The comment period ends on October 15.
The European Union Chamber of Commerce in China said in a statement to CNBC: “The release of the draft is viewed as a positive signal from the Chinese government that it is listening to business concerns and is willing to take action to address them.”
EU Chamber: “The draft regulation alleviates some of the difficulties associated with cross-border data transfer and personal information protection by specifying a list of exemptions to relevant obligations and by providing more clarity on how data handlers can verify what authorities consider to be ‘important data’.”
The EU Chamber and other business organizations have advocated for improved operating conditions with the Chinese government. The cybersecurity regulator’s proposed rules also state that data generated during international trade, academic cooperation, manufacturing, and marketing may be exported without government supervision so long as they do not contain personal information or “important data.”
“This is a small but significant step for Beijing to demonstrate its commitment to facilitating cross-border data flows to improve the investment climate,” Reva Goujon, director of China Corporate Advisory at Rhodium Group, wrote in an email on Friday.
The proposed adjustments reflect “Beijing’s realization that its data sovereignty ideals come with steep economic costs,” as stated by Goujon.
“Multinational corporations cannot operate in extreme ambiguity regarding what will be deemed ‘important data’ today versus tomorrow and whether their operations will halt due to a political whim by CAC regulators, particularly in data-intensive industries that Beijing is counting on to fuel new growth.”
Read Also: Identifying Killer Diabetes Years Before Diagnosis – Unveiling 5 Distinct Early Signs
Greater regulatory transparency for business?
Since April, China’s economic recovery from Covid-19 has slowed. The news of a few searches on foreign consultancies earlier this year, prior to the implementation of an updated anti-espionage law, increased multinationals’ uncertainty.
“When economic times were good, Beijing felt confident in asserting a stringent data security regime in the footsteps of the EU and with the US lagging behind in this regulatory realm (for example, heavy state oversight of cross-border data flows and strict data localization requirements),” said the Rhodium Group’s Goujon.
The State Council, the country’s highest executive body, unveiled a 24-point plan to support foreign business operations in China in August.
The text included a request to reduce the frequency of random inspections for businesses with a low credit risk and to promote data transfers with “green channels” for specific foreign businesses.
During Teneo’s recent trip to China, managing director Gabriel Wildau discovered that “foreign business sources were largely unenthusiastic about the plan, noting that it largely consists of vague commitments or repackaging of existing policies, but some will be marginally useful.”
He added, “The 24-point plan included a commitment to clarify the definition of ‘produced in China’ so that foreign companies’ domestically-made products can qualify.”
When U.S. Commerce Secretary Gina Raimondo visited China in August, she advocated for additional measures to increase predictability for U.S. enterprises in China. She stated, in reference to the State Council’s 24 points, that any one of them could be addressed to demonstrate action.
According to the U.S.-China Business Council’s most recent annual survey, data, personal information, and cybersecurity regulations represent the second-greatest challenge for members in 2018. International and domestic politics were cited as the first difficulty.
The council was unavailable for comment due to the Chinese holiday. In a Tuesday blog post, Martin Chorzempa, senior fellow at the Peterson Institute for International Economics, and Samm Sacks, senior fellow at Yale Law School Paul Tsai China Center and New America, said that while the proposed data rules reduce regulatory risk, they do not eliminate it because “important data” remains undefined and subject to Beijing’s determination at any time.
Nevertheless, “not only did the leadership commit to a more ‘transparent and predictable’ approach to technology regulation in the aftermath of the tech crackdown, but the new regulations directly follow the State Council’s 24 measures introduced in August, which explicitly call for free data flows. These measures could also result in additional concrete actions to enhance the business climate, Chorzempa and Sacks said.
The proposed modifications to data export controls follow a relaxation of other regulations in recent months.
Baidu and other Chinese companies were ultimately allowed to launch generative AI chatbots to the public in late August, following the implementation of Beijing’s “interim regulation” for the management of such services on August 15. The new iteration of the AI regulations stated that they would not apply to companies developing the technology so long as the product was not commercially available. In an April draft, it was stated that upcoming regulations would apply even during the research phase.
The most recent iteration of the AI rules did not include a universal license requirement, instead stating that a license was required only when required by law or regulation. It made no mention of which ones.
Earlier in August, Baidu CEO Robin Li characterized the new regulations as “more pro-innovation than regulation.”
Source: CNBC
