China passed a new antiterrorism law that stepped back from previous language of concern to global technology firms, but which still raises questions about its scope and the potential impact on companies doing business there.
The law, passed Sunday by China’s rubber-stamp parliament, is intended to help prevent terror attacks, according to Chinese authorities. It contains much of the language from a draft version released a year ago that U.S. officials, business groups and rights advocates criticized as having an overly broad definition of terrorism and onerous requirements for companies dealing with proprietary commercial information and private data in China.
The final version of the law requires telecom operators and Internet companies to help authorities with decryption of data and other counterterrorism efforts. Unlike the draft version, however, it leaves out some controversial language requiring tech companies to store their data locally and provide their encryption systems for review to be able to operate in China.