China Passes New Cybersecurity Law That Grants Government the Power to Shut Down the Internet at Will

On Monday, November 7, 2016, the Chinese government passed a new cybersecurity law that heavily restricts Internet freedom for the country's citizens and gives the government the power to shut down Internet access at will, in the name of "national security."

Chinese authorities have been working on a version of this law since 2015, and have officially passed it at a recent bimonthly meeting of the National People's Congress (NPC) Standing Committee.

As expected, privacy and human rights groups didn't like the new law at all, with the Human Rights Watch organization publishing a scathing report on the law's final version.

Government has the de-facto right to monitor the Internet

First and foremost, the law gives the government full rights to monitor all Internet traffic for various purposes that include scanning for attempts to overthrow the socialist system, split the nation, undermine national unity, advocate terrorism and extremism, inciting ethnic hatred, discrimination, violence and obscene content.

While this sounds like a grand endeavor, the means through which the Chinese government wants to ensure this happens aren't that noble.

The Chinese government will benefit from special provisions that will allow it to take full control of network communications in special conditions, which the law only describes under a vague term of "security incidents."

The new law also forces network operators to log all Internet traffic and provide the government full access during official investigations. Network operators are also mandated by law to disclose any information they might have about their clients.

Companies must store data on Chinese users in China

Additionally, Internet companies are mandated to go through a security audit of their personnel and have to store data on Chinese users in the country, similarly to a law Russia passed in September 2015, which it recently started to enforce for the first time against LinkedIn.

Furthermore, Internet companies must require users to register with their real names. This is consistent with China's two-year-long effort to suppress the usage of VPNs, proxies, and other anonymity tools inside the country. A recent government report has categorized VPNs as "terrorist software."

Ironically, the new cybersecurity law also includes user data privacy protections, which are all redundant since the government can access user data whenever and however it wants. Nevertheless, the user privacy protections force companies by law to safeguard user information and notify customers in the case of a data breach.

The law has its good sides, taking a harsher stance against criminal groups using the Internet to commit crimes, but uses generic terms that could be interpreted very broadly by investigators, and could be used to go after political dissidents.

Chinese president says China has a sovereign right to control its Internet

Many companies such as Facebook, Twitter, Google, and YouTube are blocked in the country for not complying with previous requests from the Chinese government to censor content for the sake of "national security." It's very probable they won't be allowed in China ever again unless they're willing to play by China's new draconian law, which gives the government control of what they can show to users.

Many companies and governments have accused the Chinese government of intentionally blacklisting foreign Internet businesses in China by making them abide by strict laws, in order to ensure the growth of local Chinese companies.

President Xi Jinping has been quoted as saying that China and every other country has a sovereign right to decide how its citizens can access the Internet, and what they can access.

China previously showed its tight grip over the usage of Internet content when it banned news sites from using content posted on social media as basis for news stories, forcing news agencies to use government approved sources or face severe punishment.