China has put into effect a new cybersecurity law, mainly to vex U.S. companies.
The policy went into effect on June 1; it is expected to cost large firms millions of dollars
to comply with.
The tangle of rules will be especially tricky or near impossible for small US companies who are trying to enter the Chinese market. Remember they don’t want you there…
Many firms apparently are still unaware of the law. Since it targets a wide array of digital data that flows through Chinese networks and adds strict mandates such as local data storage and invasive security reviews (all the better to steal your data).
The government is still rolling out specifics and allows an 18-month grace period to let companies comply. But many businesses think that won’t be enough time.
Local Chinese companies are poised to cash in as more U.S. companies are forced to use local companies or will need a regional partner with Chinese consulting or security firms to allow them to conduct business. Many U.S. companies see it as the best way to obey the complex rules and avoid fines (and give all trade secrets to China).