BEIJING — As China moves to enforce a new cybersecurity law, foreign companies face a major problem: They know very little about it.
The law is part of efforts to manage the Internet within China’s borders. They have been stepped up in the years since Edward Snowden, whistle-blower and former US intelligence contractor, revealed foreign technology firms could help governments spy.
And while Chinese officials say the new rules will help guard against cyberattacks and prevent terrorism, critics, many of them from businesses, have concerns. Companies worry that parts of the law, which takes effect Thursday, will make their operations in China less secure or more expensive. In some cases, they argue, it could keep them out entirely.
“Industry is not ready because the implementation rules are not clear,’’ said Michael Chang, a Nokia executive and vice president of the European Union Chamber of Commerce in China. “We still have a lot of unclarified territory that needs to be addressed as soon as possible.’’
The law would require that companies store their data within China and impose security checks on companies in sectors like finance and communications. Individual users would have to register with their real names to use messaging services.
But Chang said that officials had conveyed “less than half’’ of the specifics of how the law would be implemented.
Executives complain the law’s wording is ambiguous, fearing that it gives China’s ruling Communist Party substantial leeway to target them.
In May, a coalition of business lobby groups representing European, US, and Asian companies called on China to delay implementing the law, while the European Union Chamber of Commerce in China asked for additional time because of the “substantial compliance obligations.’’
The Cyberspace Administration of China has so far decided to delay implementation only of the regulations governing cross-border data flow, which will now take effect at the end of 2018, according to a revised draft of the rules seen by The New York Times.
The regulator could not be reached for comment.
Paul Triolo of the risk consultancy Eurasia Group noted the decision to delay that component, saying last week that “getting the cross-border data flow issue right is a prerequisite for Beijing’s efforts to promote economic globalization.’’ He wrote that China, for the time being, “is eager to avoid being seen as stifling digital trade.’’
The EU and China plan a summit meeting on Thursday in Brussels.
