U.S. tech companies are asking themselves what the heck happened over the weekend after China laid down a new anti-terrorism law that, among other things like creating its own version of James Bond, has given it powers to demand the decryption of electronic messages.
New China Anti-Terrorism Law Confuses the Out of U.S. Tech Companies
Rep. McCaul and Sen. Warner call for a commission on national security to tackle issues raised by encryption.
andrey_l / Shutterstock
While China stopped short of mandating back-door access to encrypted communications, the new law published on Sunday raises fresh questions about what information U.S. tech companies will be required to turn over to the government.
“It’s entirely possible that what ends up happening is … They’ll just turn to us and say, ‘This is the information we want. How you procure it is your business,’” said one representative of a major U.S. technology company, who asked not to be identified.
Multinational corporations that do business in the region, including Apple, IBM and Cisco, had worried about an earlier draft of the law that would have required them to turn over source code, which would allow authorities to monitor users.
Chinese government officials have been quoted as saying companies operating in China won’t be forced to surrender their intellectual property or create back-door access to private communications. But they will be required to provide “decryption and other technical support” when the police or state agents demand it for investigating or preventing terrorist attacks.
“This rule accords with the actual work need of fighting terrorism and is basically the same as what other major countries in the world do,” Li Shouwei, deputy head of the parliament’s criminal law division under the legislative affairs committee, told reporters. This will not affect the normal operation of tech companies and they have nothing to fear in terms of having “back doors” installed or losing intellectual property rights, he added.
Throughout the tech industry, executives are struggling to understand what exactly the Chinese government means when it asks for help with encryption, according to several people who have been monitoring the proposed legislation for a year. It could take six months for regulations to emerge that make the government’s intent clear.
The larger concern is that the Chinese government might use the information to crack down on dissident groups, such as the Uighurs, an ethnic minority of largely Sunni Muslims, who have accused the government of restricting their ability to practice their religion.
The terrorist attacks in Paris and San Bernardino, Calif., have fanned concerns about encryption around the world, with legislators and members of the law enforcement community in the U.S. and Europe arguing these technological tools allow those planning acts of violence to evade detection.
In Britain, an investigatory powers bill would give the U.K. government power to demand that Apple alter the way its messaging service, iMessage, works. In the U.S., some politicians are turning up the heat on Silicon Valley over the issue of encryption.
Virginia Sen. Mark Warner and Texas Rep. Michael McCaul wrote an op-ed in the Washington Post Monday, calling for a national commission on security and technology to find a solution. They acknowledge that encryption is essential to global commerce, but add that the terrorist threat cannot be ignored.
“We cannot wait for the next attack before we outline our options, nor should we legislate out of fear,” Warner and McCaul wrote. “Instead, Congress must be proactive and should officially convene a body of experts representing all of the interests at stake so we can evaluate and improve America’s security posture as technology — and our adversaries — evolve.”
This article originally appeared on Recode.net.
