New America
Cybersecurity Initiative

DigiChina Digest – July 2019

Blog Post
By 

Katharin Tai

 and 

Graham Webster

July 31, 2019

The DigiChina Digest includes exclusive new content and news tracking from Chinese-language sources on digital policy in China, as well as the latest from our collaborative translation and analysis work. The Digest is produced in partnership with our colleagues at the Leiden Asia Centre. This edition was compiled by Katharin Tai and Graham Webster.

Please encourage anyone interested to subscribe at DigiChina's main page.

OPPORTUNITY

DigiChina Seeks Contributions to Special Report on AI Policy in China, Pitches Due August 9

A collaborative report is slated for release at an October event celebrating the recently announced Stanford-New America collaboration for DigiChina's future, and we're seeking diverse writing on the intersection of artificial intelligence, policy, and China. Honoraria are available thanks to support from the Harvard-MIT Ethics and Governance of AI Initiative. [Read the call for pitches, and submit.]

RECENTLY FROM DIGICHINA

Translation: New Reviews for Cloud Service Providers Target 'Security and Controllability,' Supply Chains

New "Cloud Computing Service Security Assessment Measures" released by a quartet of technology and economic regulators give the Cyberspace Administration of China responsibility to conduct reviews of cloud services providers. Suppliers to Party, government, or critical information infrastructure customers will need to pass the new assessment, but it may become a de facto condition for other Chinese customers looking for trusted services. The reviews assess some typical cybersecurity objectives, but they also invoke the concept of "secure and controllable" systems supply chain security, raising potential for scrutiny of foreign vendors. A focus on data portability could also shape market incentives. [Read the full translation.]

Chinese Interagency Group Calls Out Apps for Illegal User Data Collection as Part of Year-Long Effort

Authorities have announced multiple enforcement efforts targeting personal information practices by mobile apps this year, and a recent release by an interagency working group for "app governance" named 30 violators. They included the financial pillar Bank of China for reportedly failed to publish a privacy policy, and the dating app TanTan for seeking data collection permissions beyond what's necessary for the service to function. [Read DigiChina's report.]

DIGICHINA DIGEST EXCLUSIVES

Lu Chuanying: ‘Competition over 5G reflects China-US Great Power Competition’

China Information Security published an analysis by Shanghai Institutes for International Studies scholar Lu Chuanying on the links between great power competition and recent controversies over 5G. In conclusion, Lu suggests the conflict between China and the United States poses a challenge to the globalized world economy, including technology production and innovation. Should the conflict actually cause the market to fracture into two separate, competing supply chains, Lu writes, “it would push China-U.S. relations and the international system into a new era of uncertainty.” As for the consequences for the two powers, “it is unclear whether the United States would be able to reinvigorate its capacity to innovate, [and if not], this would accelerate U.S. decline. As for China, it needs to adapt to compete with the United States under suboptimal conditions. If it wins, its strength will continue to accumulate, but if it fails, it will be significantly weakened and might not have another chance to challenge the United States for several decades.”

BRIEFLY NOTED

  • A comparative perspective on China’s Draft Rules on Cross-Border Transfer of Personal Information. Following up on the June release of the draft rules for comment (translated by DigiChina), Hong Yanqing posted a presentation from early July that compares the new Chinese rules with APEC’s Cross-Border Privacy Rules and the EU’s General Data Protection Regulation (GDPR).
  • China releases 2019 National Defense White Paper. The Chinese government released its newest National Defense White Paper entitled “China's National Defense in the New Era” (official English translation)—an important official document that offers some insights into Chinese strategic thinking each year. On grand strategy, the 2019 version tracks previous writings without major deviations and describes “cyber” as a key domain of modern warfare, thus justifying the need for the PLA to modernize and develop its cyber capabilities. MIT Professor Taylor Fravel notes on Twitter that the white paper is also openly critical of several areas in which PLA modernization lags behind, one of which is informatization (信息化).
  • CNCERT Report on the State of Chinese Cyber Security. On July 17, China’s Computer Emergency Response Team (CNCERT) published its review of China’s cybersecurity in 2018. According to the report, CNCERT handled more than 100,000 cybersecurity incidents in 2018, most of which related to (in descending order of frequency) fake websites, security leaks, malicious programs, websites being tampered with, website backdoors, and DDoS attacks. CNCERT also states that they managed to lower the number of government websites attacked through backdoors by almost 50% and those illegally tampered with by 16%. The report does not provide the underlying quantities, leaving questions as to how insecure Chinese government websites are overall. The full report can be found here.

About DigiChina

The Stanford-New America DigiChina Project is a collaborative effort to understand China’s digital policy developments, primarily through translating and analyzing Chinese-language sources.

About New America

New America is dedicated to renewing America by continuing the quest to realize our nation's highest ideals, honestly confronting the challenges caused by rapid technological and social change, and seizing the opportunities those changes create.