Online: | |
Visits: | |
Stories: |
Story Views | |
Now: | |
Last Hour: | |
Last 24 Hours: | |
Total: |
The latest hot issue in China/U.S. trade relations is the highly restrictive bank technology rules recently announced by PRC banking regulators. As reported in the foreign press, these rules will require all Chinese banks prove that their computer technology and software is “secure and controllable.” The following are the most controversial provisions:
As would be expected, these rules have been greeted by strong opposition from U.S., European and Japanese software and hardware manufacturers. The U.S. trade representative has taken up the issue in formal talks with Chinese regulators and President Obama indicates that he discussed the matter personally in recent talks with Xi Jinping.
For anyone even remotely aware of the technical issues involved, it is difficult to understand what these rules are intended to accomplish. Consider the following:
Since this kind of thing has happened many times in the past, many worn out old China hands like me respond by saying: “this is just the same old thing.” An impossible proposal designed by officials who do not understand the technology and did this to extract some sort of trade concession. The proposed rules will not work and are not intended to work. As soon as the trade concession is granted, the rules will quietly die.
Unfortunately, I am not so sure that is the case here and this issue must be considered more carefully for two reasons. First, the impact of this kind of regulation risks having an impact on a significant portion of the Chinese economy. Second, the concerns of the Chinese regulators are actually quite reasonable. When rules that have a reasonable basis have the potential for significant impact, the situation must be treated seriously and it is not appropriate to just laugh off the rules as the “same old thing”.
Consider first the seriousness of the rules. In discussing these regulations with others here in China, I am being told that this type of regulation is not a significant trade issue because it impacts only one business sector and it applies only to state owned enterprises. But this argument fails for several reasons. First, the banking sector plays a major role in the Chinese economy, especially in the area of software and hardware. Second, all Chinese banks are owned by the government, so state owned enterprises constitute the entire sector. Third, and most threatening, if this set of rules gets applied in the banking sector, it is almost certain that similar rules will be applied in other SOE dominated sectors such as insurance, shipping, petroleum and telecommunication. Thus, virtually all of the relevant sectors of the Chinese economy would ultimately be restricted in similar ways. Not to mention that a country’s banking system — as much as any other industry — has tentacles that reach into an entire economy.
Consider then the fact that the rules reflect a reasonable concern with security on the part of the Chinese government. For many years, the Chinese government has seen international computer networking in a negative light. Chinese regulators have consistently portrayed these systems as a weapon aimed at the heart of China. The Great Firewall can perhaps protect China from invasion through the Internet, but what about invasion through weapons hidden inside foreign software and hardware?
Until recently, it was possible for Western companies and governments to laugh off these concerns as just a cover story for economic motives. The argument has been that the Chinese authorities are not really concerned about security; they are really just trying to force Chinese entities to purchase (inferior) product from Chinese companies.
However, this dismissive portrayal of the concerns no longer holds water. In the past year it has become clear that U.S. software and hardware companies have cooperated with the U.S. government, the NSA and the FBI to make use of vulnerabilities in software and hardware to obtain otherwise confidential information. The NSA has also been accused of secretly placing surveillance software on sim cards and other networked devices. Going beyond intentional spying, vulnerabilities in software and hardware that allow for hacking banks and other significant businesses has become daily news. For these reasons, Chinese regulator concerns with the security of foreign software and hardware can no longer be laughed off as paranoia.
So far as I can see, foreign companies have yet to directly confront the issues. Instead, U.S., E.U. and Japanese software/hardware companies are treating this entirely as a trade issue. Trade representatives are now negotiating the matter, with their industry trade associations watching carefully in the background. I am dubious that this sort of approach will succeed
How do I propose proceeding in this area? I will let you know in my next post.
The post China Bank Technology Rules: Not the Same Old Thing appeared first on China Law Blog.
We will be discussing the practical aspects of Chinese law and how it impacts business there. We will be telling you what works and what does not and what you as a businessperson can do to use the law to your advantage. Our aim is to assist businesses already in China or planning to go into China, not to break new ground in legal theory or policy.