In the age of rapid technological advancement, as the news outlets in China increasingly goes digital, and as television goes mobile, the digital ecosystem has become one of the major concerns to the Chinese leadership and its rule. As part of its political propaganda, Beijing has been setting different communication strategies to control the outflow of news by instrumentalizing and implementing stringent laws to dominate international cyberspace. Through the implementation of three recent laws – the Cybersecurity Law, Data Security Law (DSL), and Personal Information Protection Law (PIPL) – China has taken a range of measures that restrict cross-border data flows and enforce data localisation.
The Chinese cybersecurity law was enacted by the Standing Committee of the National People’s Congress on November 7, 2013, and it came into effect on June 1, 2017. The law is widely seen to be in line with the 12th Five-Year Plan (2011-2015) which aims to promote domestic industries such as cloud computing and big data processing. The 14th Five-Year Plan aims to centralize and control China through a digital ecosystem. As outlined in the 14th FYP:
We will welcome the digital age, activate the potential of data factors of productions, promote the construction of a cyber powerhouse, accelerate the construction of the digital economy, digital society, and digital government, and leverage digital transformations to drive overall changes in production methods, lifestyle, and governance.
The legislation passed by China’s largely rubber-stamp parliament accelerates the damage it could do for global trade and services. According to the law, it requires companies to store all data within China and it also includes contentious requirements to pass the security review, within China’s stated goal to achieve “cyber sovereignty.” The idea is that the state should be permitted to govern, monitor, and control data flow in their digital ecosystem.
The law forces the foreign companies operating within China to either invest in domestic server infrastructure following the law or partner with service providers such as Tencent, or Alibaba, thus saving capital expenditure costs for the foreign companies. The law is seen as a boon to domestic companies and has been criticized by the international community as creating unfair competition against international technology companies such as Microsoft and Google.
Since the law came into practice, many foreign technology companies have already complied with the law. Apple has established a data center for Chinese users in a contractual arrangement with state-owned firm in Guizhou with $1 Billion in partnership. The Company has close ties to the Chinese government and transferred the operation and source of iCloud data to China.
In July 2017, Apple pulled out 60 VPN services from its AppStore in China. Meanwhile, online services, such as Skype which refused to store their data locally and was thereby delisted from China’s domestic app stores. Since, China is home to Apple’s manufacturing services, Apple and other companies who are investing in China need to place human rights over profit-making.
The requirement for data localization in article 37 of the Cyber Security Law is also seen as a move by Beijing to instrumentalize Chinese laws to prosecute entities and individuals who are viewed by the Chinese government in violation of it laws. Critics have concluded that the law exemplifies the practice of digital totalitarianism by the Chinese Communist Party (CCP).
Xi Jinping’s Web of Laws
Since President Xi Jinping took the reign of China in 2013, he was instrumental in creating mass surveillance in cyberspace by cracking down on online activities which are deemed to be politically sensitive. Xi would also upend and reform the Chinese internet governance to gain greater control over cyberspace than his predecessors. He also oversaw the creation and expansion of the Great Firewall.
Hence it is not a surprise when President Xi Jinping himself emphasized the link between the two concepts: “Without cybersecurity, there is no national security.” With the rising power of the Cyberspace Administration of China (CAC), the country’s internet regulator, China has strictly extended its iron grip and tightened control over the flow of information.
The Data Security Law (DSL)
On August 20, 2021, the Standing Committee of the National People’s Congress of the People’s Republic of China (PRC) passed the Personal Information Protection Law (PIPL), which came into effect on November 1, 2021. This Law curbs what information companies can gather and sets the standard for how it must be stored. It triggered concerns among foreign business companies and civil societies.
Before the implementation of the Data Security Law, there are more than 56 million LinkedIn members in China, which makes it lucrative and the third-biggest market after the United States and India. Because of the DSL, the company felt “a considerably more difficult operating environment and higher regulatory requirement.” Following this, the tech giant LinkedIn decided to withdraw despite China’s lucrative market.
Yahoo, one of the foremost search engines entered the Chinese market in the year 1998. It was a roller coaster ride for them to operate in China. On 15 Feb, 2006, Yahoo, Microsoft, Cisco, and Google were criticized in the US Congressional hearing for yielding to pressure from China for censoring their content. On 7 September, 2005, Yahoo is charged with supplying sensitive information to the Chinese authorities which led to the jailing of journalist Shi Tao. The recent timing of Yahoo pulling out from China, coincided with the implementation of China’s new data protection law on 1 Nov, 2021, marking an important milestone in China’s effort to create stricter guidelines on the Chinese digital ecosystem.
The new law intrudes upon individuals’ rights to freedom of expression, opinion, privacy, and access to information. It also forces individuals’ to self-censor and restricts sharing images or videos that are perceived by the Chinese authorities as politically subversive. The law too limits the conditions where companies can gather personal information and set rules for how it is being used. DSL also stipulates that the companies operating in the country must hand over their data if requested. For instance, one of the largest companies, Alibaba was fined a record of $2.8 billion after an anti-monopoly probe found that it has abused its market dominance. Other than heavy fines, the laws have also raised concerns among both foreign and domestic companies that they would have to hand over intellectual property rights or open a backdoor channel to operate in China’s market. The law is widely criticized for limiting freedom of speech. For example, the law explicitly requires most online services operating in China to collect and verify the identity of their users, and, when required to, surrender such information to law enforcement without a warrant. For instance, article 33 states that:
When institutions engaged in data transaction intermediary services provide services, they shall require the party providing the data to explain the source of the data, examine and verify the identities of both parties to the transactions, and retain verification and transaction records.
Digital activists have argued that this policy dissuades people from freely expressing their thoughts online, thus it further stifle free expression and reduces them as a sitting duck.
Passang (name changed) who spoke on the condition of anonymity, has recently arrived from Tibet. He expressed his fear and said: “I was more afraid that these data security laws will also be practiced extensively in Tibet. Under the authority of the newly-appointed party secretary of the so-called Tibet Autonomous Region, Wang Zunzheng, the Chinese authorities frequently advise Tibetans not to engage in any anti-social activities including contacting their family members and acquaintances outside Tibet. I have personally witnessed many Tibetans detained under vague and ficticious charges such as ‘leaking state secrets’ and ‘inciting separatism.’ Tibetans are jailed and interrogated with no apparent evidence of any wrongdoing. We are more concerned about the next year’s winter Olympics in China and its further places restrictions on the online activities, particularly on social media.”
Tibetans are subjected to arbitrary arrests, detention, and torture for exercising their rights to freedom of expression in cyberspace. Since the law applies to data handling activities in China as well as those outside China, which will result in more scrutiny of data protection and direct suppression of freedom of expression and rights to privacy.
Digital Totalitarianism: How does CSL directly impact Tibet?
China’s intensive use of high-tech surveillance, including artificial intelligence (AI) and espionage method has further stifled the voices of the Tibetan people, leading to self-censorship. Under Xi’s authoritarian rule, through the manipulation of a series of new laws, Beijing continues to subdue freedom of expression and infringe directly upon individuals’ privacy and daily lives.
A senior Tibetan journalist, who wants to remain anonymous said: “The implementation of cyber security law makes it difficult for gathering any information from Tibet, especially getting information from the capital of Tibet, Lhasa. This has become almost impossible. The Chinese police consider monks to be troublemakers. Monasteries are kept under strict vigilance, the Tibetan monks are forced to install surreptitious monitoring apps on their smartphones. The dubious logic given by the authorities was that the app is meant to alert in case of accidental fire. But in reality, it is intended to monitor their daily conversations. He further explained that “we need to find different avenues to pass the messages of the Tibetan people from Tibet to tell the world about the increasing suppression under the Chinese regime.”
Many Tibetans are arrested knowingly or unknowingly. In March 2018, Woechung Gyatso, a Tibetan Monk was arrested and severely interrogated, and detained in Qinghai on suspicion of sharing politically sensitive content on social media and is being held at an undisclosed location.
In a recent notice, the Chinese authorities in the “Tibet Autonomous Region” announced criminal prosecutions against individuals who use online communication as a tool to engage in activities against the Chinese Communist regime. The general public is ordered to report any rumors circulating on social media and those who are involved in spreading them. On 18 January 2021, a Tibetan named Tse was arrested for spreading rumors on the WeChat group about Coronavirus. Another notice on 24 November, 2020 was also publicly posted about a week ago, which said that the authorities would “strike hard” against offenders as “per law.”
Sharing the photographs, teachings, and talks of the Dalai Lama in viewed by Chinese authorities as illegal and this has resulted in Tibetans being arrested in Tibet. For instance, the Chinese authorities have arrested several Tibetans from Karze (Tibet) for celebrating the 86th birthday of the Dalai Lama.
Through their extensive propaganda machinery, China claims that Tibetans enjoy the freedom of expression and freedom of religion belief in Tibet. The Chinese government has steadfastly maintained a complete crackdown on any expression of reverence to the Dalai Lama, and even the possession of his picture is criminalized.
Recently, a Chinese court in Tibet sentenced writer and educator Go Sherab Gyatso to a 10-year prison sentence. He was known for his outspoken advocacy and activism towards the protection and preservation of Tibet’s environment, religion, language, and culture.
In order to fulfil his dream of retaining power, Xi has been bending laws in the pursuit of digital totalitarianism and has been implementing a series of sophisticated strategies to further control the already suppresed society. By doing this, general secretary Xi Jinping is destroying the dreams of common Chinese people and it will also further tarnish China’s nosediving image exacerbated by Coronavirus. To achieve a truly healthy “Digital ecosystem,” Chinese leaders may review the CSL and its related laws, and implement a stand-alone data protection law that adequately safeguard people’s rights and also give a space to breathe for foreign and domestic companies. China also need to reconsider policies related to data localization, not just to enhance the security of the internet and preserve human rights, but also to ensure society’s overall mental health and progress in the long run. Because to fulfil China’s dream, China may first need to fulfil the common Chinese peoples’ dreams and also the dreams of Tibetans, Uyghurs, and Southern Mongolian people.
*Mr. Tenzin Dalha is a research fellow at the Tibet Policy Institute. Views expressed here do not necessarily reflect those of the Tibet Policy Institute. This article was originally published in Modern Diplomacy on 30 December 2021