Skip to main content
Now integrates with Aruba ClearPass


Data Protection in China—It’s Complicated

China’s data and information security regulations have broad implications for companies with operations in China. Initiated in 2018, State Administration for Market Regulation (SAMR) compliance requirements now apply to Chinese and foreign entities that sell, manufacture, or distribute products in China.

The letter of the law spells out measures to protect intellectual property and prevent unfair competition. The business implications are not at all clear, with little specific guidance and highly subjective definitions of what “anti-competitive” or “IP infringement” practices look like. China has recently imposed record fines on the internet giant Alibaba, as well as initiated probes for “uncompetitive behavior” against large companies such as Tencent’s music streaming arm and Didi Chuxing, a Chinese ride-hailing startup operating in 4,000 cities in 16 countries. Alleged misdoings are based on charges related to corporate data collection and usage practices. A pending IPO in the US is in jeopardy because Didi maintains large quantities of Chinese user data, which would likely be required by the US Securities and Exchange Commission (SEC) for a compliance audit.

These headline-making incidents are seen as China’s push to rein in private companies and assert control over them through state-backed companies. They also serve as a wakeup call for foreign companies operating in China. Gaining data awareness and data accountability is essential to protecting companies’ competitive advantage. “Infringement” can even include flows of data shared between foreign companies and Chinese supply chain partners in the normal course of business. Enforcement officials are empowered to conduct broad investigations including conducting raids, making copies of relevant documentation, seizing or freezing relevant assets (including data), and interviewing individuals under investigation.

One manufacturing customer took the initiative to proactively defend its data against these “protective” measures using CrowsNest. Read how they are protecting IP and also achieving significant operational benefits. Download Manufacturing: Protecting IP in the Most Challenging Compliance Environments