'Not much time left' to adapt to new terror law

China's draft counter-terrorism law is still very much alive, but some of the clauses that require overseas tech companies to reveal source codes and other sensitive information to government officials could be softened, according to industry insiders.

Commenting on White House suggestions made last week, that China had suspended the third reading of the planned anti-terrorism law, Charlie Dai, principal analyst at Forrester Research Inc, said he had every confidence the legislation will still be implemented, but that "lawmakers need to carefully choose their words to avoid diplomatic confrontation and to make the law easy to practice".

United States companies have expressed fears that China's tightening grips on information security will damage their interests in the country. The US government has also vigorously opposed the draft law.

China Central Television on March 9 that quoted Wang Aili, a senior official with the National People's Congress Standing Committee's law committee, as saying that the bill was not on the schedule for the NPC's annual session, which has just finished, but that a third reading and vote would be scheduled in "due time".

Dai said: "Overseas providers have a short but critical window to seek local partners before the implementation of the law, which is still important to China because having the country's first counter-terrorism law in place will provide legal support for moves related to national security."

Dai said he thought the law "will be implemented very soon", meaning there is "not much time left for overseas tech firms (to localize their businesses)".

The Obama administration has claimed the clauses asking IT companies operating in China to provide encryption keys and other sensitive information will hurt economic ties between the two nations.

US-based vendors still dominate the top end of the IT market in China although local players are gradually eroding lower-end demand belonged to multinationals such as IBM Corp, Microsoft Corp and EMC Corp.

China is one of the biggest markets for IT products, ranging from servers, business software and storage facilities. Its IT spending is on track to hit $256 billion by 2018 from $207 billion last year, according to research company IDC.

Michael Daniel, the White House's cybersecurity coordinator, claimed last week that the third reading of the law had effectively been suspended.

The National People's Congress, the top legislative body, did not comment on the matter on Monday, however according to an NPC official familiar with the procedure, if a draft fails to go through the review process for more than two years, only then will it be treated as suspended.

The law was put under review for the second time in February by the NPC. The lawmakers usually review law drafts every two months.

Kitty Fok, director of IDC China, agreed with Dai, that teaming up with Chinese players is the only way for overseas tech providers to effectively compete for government-backed IT projects.

More data security regulations - targeting banking and other critical sectors - are also expected before the anti-terrorism law comes into effect.

For instance, banking industry watchdogs are believed to be wrapping up their own preliminary security-vetting program.

An official from the China Banking Regulatory Commission insisted the program, co-launched by the Ministry of Industry and Information Technology, was not targeting overseas IT products.

"Our requirements on the use of information technologies at banks do not differentiate between countries," said the official, who spoke to China Daily anonymously.

Several top Chinese lenders, including Industrial and Commercial Bank of China Ltd, declined to comment.

Contact the writers at gaoyuan@chinadaily.com.cn and jiangxueqing@chinadaily.com.cn