Deep Dive Exchange Session Report: China's Cybersecurity Law

Since June of last year, MNCs in China have been struggling to interpret the business implications of China’s new Cyber Security Law (CSL). On the eve of the one-year mark since the law’s promulgation, May 8, The Conference Board China Center convened its members to examine the impact of new rules, dictates, and compliance demands—definitive or implied, real or prospective—on corporate network and data operations for MNCs in China. The discussion, held in Shanghai, also focused on aspects of VPN access, consumer-oriented websites and on-line forums, data localization, privacy rules, and information control issues.

Members shared perspectives on network and data compliance requirements and discussed ideas and experiences on assuring network and data security, maintaining operational efficiency, and meeting regulator expectations. The group also debated scenarios on how laws, regulatory engagement, and operating conditions will evolve in the future, and what internal and external factors could influence outcomes in the long run. Over two dozen senior-most executives who “own” the Cyber Security Law-related issues for their companies attended, including leaders from across both the business and technical aspects of the issue.