The Chinese government has passed a new law on data encryption, and yes it’s targeted towards security conscious Chinese users and IT companies that deal with encrypting data. According to the new law, security companies will be obliged to help the Chinese government in decrypting any encrypted information when requested. According to the Chinese government, the law is justified as many western countries have similar laws already put in place.
ISP and telecommunication companies will be expected to assist the Chinese government in decrypting information, be it related to terrorism, espionage or other threats to the communist country. However, according to government news agency, the new law does not require the IT companies to install backdoors in their encrypted products.
Accordingly, the new law is set to take effect in January. This law was passed as a direct result of rising threats of terrorism. However, critics say that the law could be used to target free speech, as the country has a bad reputation for violating human rights. It important to note that western organizations could be impacted as a result of this new law – although to what extend – it’s yet to be determined.
The new law penalizes ISP and internet companies for failing to curb extremist propaganda or anything related to terrorism.
Also, In the United States, the government is ramping up pressure on IT companies to somehow make it easier to access encrypted data. However, IT companies are not willing to comply, purely due to the fact that such loose ends could create opportunities for hackers to exploit loopholes in users’ or enterprise security. There could also be a threat of cyber terrorism.