China (PRC) has enacted 5 major laws in the past 6 years, including 2 this year, that define the legal cybersecurity obligations of PRC manufacturers to the PRC government.
PRC video surveillance manufacturers are legally obligated to cooperate with PRC police and intelligence, hand over relevant data, guard state secrets, and "not overturn the socialist system".
PRC authorities say these laws are aimed at "maintaining national security" and "public interest" and include human rights protections. Overseas critics say these "wide-ranging powers" can be used by the government "to build backdoors" and silence dissent.
In this report, IPVM examines five PRC data laws and their impacts:
The National Security Law (2015)
The National Intelligence Law (2017)
The Cybersecurity Law (2017)
The Data Security Law (2021)
The Vulnerability Regulation (2021)
How these laws contrast to EU, US, and UK cybersecurity laws
For each law, we share the PRC government's rationale and concerns from critics.