Computer security rules stir debate
December 18, 2008 | BY
clpstaff &clp articles &Lack of details worries tech industry
From May 2009, foreign companies may need government approval for computer security technology they use in China. Once new rules are finalised, technology used by foreign companies to secure their email systems and other internal software and hardware will need to be checked and approved.
The Announcement on Imposing Compulsory Certification on Certain Information Security Products, was issued by the General Administration of Quality Supervision, Inspection and Quarantine, and the Certification and Accreditation Administration, on January 28 2008. It states that, from May 1, “information security products listed under the catalogue for compulsory certification will not be allowed to leave the factory, or be sold, imported or used in other business activities without obtaining the certificate for compulsory product certification or having the China Compulsory Certification mark affixed.”
Very few other details have been provided, leaving companies uncertain as to what they will have to disclose.
The rules were discussed at the August 2008 meeting of the US-China Joint Commission on Commerce and Trade. After objections from American officials, China agreed to delay the publication of detailed regulations while negotiations went on. The implementation date of the Announcement will not change, however.
This premium content is reserved for
China Law & Practice Subscribers.
A Premium Subscription Provides:
- A database of over 3,000 essential documents including key PRC legislation translated into English
- A choice of newsletters to alert you to changes affecting your business including sector specific updates
- Premium access to the mobile optimized site for timely analysis that guides you through China's ever-changing business environment
Already a subscriber? Log In Now