author photo
By Bruce Sussman
Tue | Oct 15, 2019 | 10:41 AM PDT

It's called the Cybersecurity Multi-level Protection Scheme (MLPS 2.0), and it will soon be the law of the land in China.

Attorney Steve Dickinson helps companies doing business in that country, and he just published a chilling article on the China Law Blog titled, "China's New Cybersecurity System: There is NO Place to Hide."

He has pored over hundreds of pages of technical documents, including those related to the MLPS 2.0, which kicks in on December 1, 2019. 

And while the Western world debates whether governments should have the right to require some sort of backdoor through encryption, the debate is over in China.

Actually, there was no debate.

What will the new Chinese cybersecurity law do?

And this latest cybersecurity law is what Dickinson calls part of a system that could seriously damage those doing business in the country:

"When one examines all of these various different programs together, it becomes apparent that the MLPS 2.0 system is the 'hardware' component of a comprehensive data gathering, surveillance and control program.

China's plan is to create a system that covers every form of network activity in China: Internet, mobile phone, WeChat type social networks, cloud systems, domestic and international email. China's goal is not to create a commercial system where individual players can participate and make money. Its goals are surveillance and control by the PRC government and the CCP.

To achieve those goals China is creating a system to achieve two ultimately contradictory objectives: the system will be closed against intrusion by 'bad actors' (foreigners and internal dissidents), but completely transparent to the Ministry of Public Security and other internet security agencies of the PRC government and the CCP.

Transparency to the Ministry of Public Security means what it says: No technology that blocks access by the Ministry of Public Security is permitted. No VPN, no encryption, no private servers. If the Ministry of Public Security is required to install back doors or other message/data interception devices or systems to achieve full access, then China Telecom and Chinese based ISPs are required to comply."

If you do business in China, you'll want to read the rest of the post on China's MLPS 2.0

Perhaps you are already resigned to the fact that doing business in China means the government will gain access to your network there.

However, by banning VPNs and encryption, there truly will be no place to hide.

RELATED:
8 Steps Huawei Took to Steal IP from T-Mobile and Cover It Up
China vs. Russia: Cyber Attack Motivations

Comments