Authors:
Ramnath Sai Sagar
The latest in a wave of sovereign data security laws has emerged from China, causing some alarm with companies trying to understand how it could impact their businesses. Several sectors are identified as “critical information infrastructure”, including telecommunications, information services and finance, who would be required to store personal information and sensitive business data in China, among other things. Perhaps the most significant concern is the ambiguity of China’s intentions with this new legislation, although the acceptance of several U.S. technology companies into the Technical Committee 260 earlier this year indicates a broadening will to collaborate.
Regardless of the objectives and enforcement methods used in this and similar legislation around the world, if users and customers encrypt their data before corporate networks or applications process it, it is virtually impossible for authorities in any sovereignty to hold enterprises accountable for content that they cannot see or access.