The latest security law illustrates the Chinese government’s love-hate relationship with the Internet

[Commentary] The People’s Republic of China Cybersecurity Law, which was published during the week of July 7, directs a number of decrees at entities providing “critical information infrastructure.” The term is never defined, as is often the case in Chinese law. But it likely refers to any tech company of a certain scale and with lots of user data -- think big tech companies like Apple, Huawei, Baidu, and Uber. Many of the provisions in the draft law, which has yet to formally pass, order tech companies to provide basic protections for users, like not selling data to other companies without their knowledge and not knowingly distributing malware.

Other sections show how the government will continue to exert a tight grip on China’s Internet companies. These include measures that give the state the power to cut off the Internet to “protect national security,” as well as provisions that require users to register for services with their real names and compel companies to store user data inside China. None of the provisions will come as a surprise to anyone who is familiar with China’s Internet industry. But what makes this draft law significant is its rhetoric. The phrase “national security” is carefully chosen. By co-opting this phrase the Chinese government is sending a signal that hacking, privacy, and censorship are matters of the highest political priority. This ensures that restrictions will remain in place for a long time. It also brings the web into a broader push to introduce stronger controls on a wide variety of industries in the name of national security.