Cyber security Law targeted at China
April 10, 2013 10 Comments
By Yu Xinran
On April 4th, a letter signed by the U.S. IT industry groups raised alarms about a provision in the U.S. 2013 spending bill enacted last month. The provision, aiming at thwarting the cyber attacks, restricts government purchase of Chinese information technology systems due to possible “cyber-espionage or sabotage” risks.
As required in Section 516 of the Act, FBI risk assessments should be conducted if the purchased IT systems are “produced, manufactured or assembled by one or more entities that are owned, directed or subsidized by the People’s Republic of China”.
Effects on the U.S. side
The cyber security law may be sufficient to ensure a critical level of protection and help relieve some of the cyber attacks emanating from China.
On the other side of picture, though the new provision only affects four government entities, namely NASA, Departments of Commerce and Justice, and the National Science Foundation, the primary fear of the technology groups is that such language may be included in the future spending bill or expand to other agencies. Such provision may threaten their subcontractors in China and bars their routine purchases of technologies.
Additionally, the measure could initiate an unfavorable precedent for other governments to approve anti-U.S. technology policies, which will also impair the interests of the tech groups.
One thing worth noticing is that the provision is pale in the real practice, because it is difficult to detect the “Chinese ownership” through the complex and diversified components of technology products.
Impacts on Chinese companies
Companies with large portion of exports towards the U.S. market, for example, Lenovo and Haier, could be adversely affected. And losses may go wild if such provision is widely applied to IT industry.
Chinese officials also claimed that the Congress should review and repeal the law. As Huawei and ZTE has garnered disapproval of the House of Representatives since October 2012, the new provision takes further discriminatory steps against Chinese companies. And China could always choose to retaliate against U.S. IT companies just like the recent Apple and Microsoft’s warranty issues.
To sum up, the U.S. IT industry groups are more concerned with their own business—access to IT products, policy risks, and contractor relationships, while Chinese IT companies may sweat more to bear the barriers generated from the U.S. government’s haunted sense of cyber insecurity.
1. Consolidated and Further Continuing Appropriations Act, 2013
2. April 4th letter regarding the language in section 516
3. U.S. business groups worried by cybersecurity law aimed at China
4. IT Industry Groups Protest Restrictions On Chinese IT Systems Due to Cyber-Risks
5. U.S. law to restrict government purchases of Chinese IT equipment
6. Silicon Valley Fights Restrictions on Chinese Tech