Will China's new cybersecurity law spell trouble for procurement?

Asia PacificBlogGlobal RiskGlobal sourcingGovernance and Legal ComplianceMarket VolatilityRiskSoftwareSupply DisruptionTechnology and Telecoms+-
china new

A new Chinese cybersecurity law is set to come into force in June this year and a lot of businesses are worried that it could not only make their systems less secure, but also hinder their global sourcing strategies.


The law, part of an ongoing government programme to try and boost the country’s cybersecurity measures, stipulates that the procurement of network products and services, for what it deems as ‘Critical Information Infrastructure Facilities’, must pass a security assessment. Network equipment and software must also receive government certifications.


These ’Critical Information Infrastructure Facilities’ relate specifically to the energy, transportation, electricity, water, gas, financial institutions, medical/healthcare, and social security sectors.


While this law may be designed to improve online security, many businesses based outside of China have said the law is counterproductive and a threat to international trade and innovation.


They argue that they will be forced to divulge technical information about products and that the information will be passed onto Chinese competitors, which in turn increases the risk of counterfeit goods entering the market.


“It shouldn’t be forgotten that the state in China has tremendous power and plays a critical role in economic plans," said Professor Georges Haour, Professor of Technology and Innovation Management at IMD business school in a recent blog post.


"Government interference is much more prevalent than in Western nations. And under the veil of cybersecurity, regulators will have access to proprietary information that could benefit Chinese firms at the expense of foreign business.”


Haour suggested that those businesses most at risk from the implementation of this law were those who manufactured special hardware and systems for network management.

China is such an important market both in terms of manufacturing and sales that businesses will have to find a way to work within the rules that doesn’t compromise sensitive information or add significant costs.


It is a point backed up by Haour in his blog post.


"Despite the challenging dilemma, companies are likely to comply and give in to China’s demands. The market is too huge and far too ripe for future growth, especially when compared to more stagnant outlooks in Europe and the US," he wrote.


What will be important is keeping an eye on whether counterfeits do emerge and where they do, going through the appropriate channels to ensure they are removed from the market.


This article is a piece of independent writing by a member of Procurement Leaders’ content team.

Rachel Sharp
Posted by Rachel Sharp

Want to learn more? Please fill in your details to hear from us.