Info career

info centre



During 2015, China introduced several far-reaching pieces of legislation in the area of technology and cyber security. The most recent of these was the Counter-Terrorism Law (“CTL”), promulgated on December 27, 2015.

CTL contains several provisions of great significance to users of telecommunication and internet services (i.e. everyone!). Among these, certain disclosure requirements related to encryption and internet content stand out. For example, under the new law, internet service providers are supposed to “provide technical interfaces, decryption and other technical support and assistance to public security organs and state security organs”. As is common, the specific scope and practical implementation of new rules remain to be seen. In the area of encryption, it is not clear that the internet service provider would be able to assist the government even if it wanted to as many encryption tools are impenetrable without access to end-user passwords, an aspect the CTL fails to address. Further “Implementing Guidelines” should be expected during the coming twelve months.

CTL in its promulgated version does not include two controversial requirements that had been put forward at the draft stage, namely (i) a need for internet service providers to locate their servers and domestic user data in China; and (ii) a “backdoor” key into telecommunications and internet services to allow the Chinese government to “prevent” and “investigate” terrorist activities. These had for obvious reasons been subject to serious concerns, both from the business community and individual internet users.

CTL was preceded by a draft Cybersecurity Law (“CSL”), floated on July 8, 2015. CSL, when eventually promulgated in its final form, will represent China’s first comprehensive regulation of information security and privacy online. As such, it includes a right for users to access, correct, and delete personal information. Network operators are put under an obligation to notify users and relevant government departments when privacy breaches occur. Worth noting is that the draft CSL includes the type of localization requirements that were ultimately omitted in final version of CTL. How the final version of CSL deals with localization of data will have an impact on how companies with international operations, say banks or online retailers, handle Chinese customer data.

Overarching CTL and (the draft) CSL is a new Chinese National Security Law (“NSL”) promulgated on July 1, 2015. The main implication of the NSL is that the concept of “national security” is broadened beyond a previous scope mainly related to military and defense matters, into new areas that will end up being of significance to foreign businesses active in China. While NSL is a piece of framework legislation awaiting further implementing rules, it is already clear that China is expanding its “national security review” regime, which will kick in in relation to certain types of foreign investments, key technologies, “network information technology products and services”, construction projects, and other major activities that have national security implications. 

In summary, the new NSL, along with (the draft) CSL and the recently promulgated CTL, highlight the ever-evolving regulatory environment that Magnusson’s clients are facing in China. Among other things, the new laws further put internet and data management issues into focus.

About Magnusson China Group

Magnusson China Group has more than a decade of experience in working with Chinese customers. We have advised more than 150 Chinese clients across the Baltic Sea Region, including AAC Acoustic Technologies, Air China, Asus, Bank of China, China National Electric Engineering Company, China Railway Tunnel Group, Denim Group, Minmetals North-Europe AB, Youngman Automobile and ZTE.

Our services include, inter alia, the following areas:

  • Corporate set-ups and other greenfield investments
  • Mergers and acquisitions    
  • IT and telecom projects
  • Commercial contracts
  • Joint Venture projects
  • Public and private placements
  • Public procurement
  • International arbitration and litigation
  • Migration law

Related People: Kristian Odebjer
Related Service Areas: China Group | Technology
Related Countries: Hong Kong / China

Other publications


    On 21 June 2018 the Financial Supervisory Authority (FSA) published a report on Brexit's potential impact on the Swedish financial market.impact on the Swedish financial market.

    read more

    Som en generell huvudregel har arbetsgivare i Sverige rätten att omorganisera sin verksamhet på sätt de finner lämpligt. Arbetsbrist som ett resultat av en omorganisation anses som en så kallad ”saklig grund” (ett juridiskt rekvisit) för uppsägning enligt svensk arbetsrätt.

    read more

    As a general rule, an employer in Sweden has the right to reorganise its business as it sees fit. A reorganisation may have an impact on the workforce and as a result, employers may need to dismiss redundant employees.

    read more

    As Sweden transposes the EU Insurance Distribution Directive (IDD) 2016/97 into local law, restrictions on third-party remuneration are being introduced by the legislature.

    read more
more publications