China's new draft cybersecurity law, reportedly released on Tuesday (11 April), proposes that all outbound and large-scale data undergo scrutiny. Export of any data, be it financial, economic or scientific, will be banned if it is deemed a threat to national security.
The draft law, released by China's top cyber authority, the Cyberspace Administration of China (CAC), comes just a day after local media reported the Chinese government's intention to reward any citizen between $1,500 and $73,000 for reporting suspected spies.
The proposed law, which focuses on personal information, will require any business transferring over 1,000 GB data or affecting over 500,000 users to undergo an annual assessment, based on new security measures to combat cyberattacks and terrorism. The law would also require businesses to obtain users' consent before transferring data overseas, Reuters reported.
The proposed law is reportedly meant to be an extension of the controversial cybersecurity law that China passed in November 2015, despite widespread international concerns. Various international businesses have criticised the cyber law, which is slated to go into effect in June 2017, calling it "vague". Some have charged that the law unfairly targets foreign companies by imposing stringent requirements and restrictions.
However, Chinese officials have denied that the law targets overseas firms. Since the passing of the cyber law, the CAC has renewed focus on tightening cybersecurity and called for increased scrutiny of the tech sector.
The new law could see sensitive geographic data such as information on marine environments come under increased scrutiny. Factors such as the destination of the data being transferred as well as the likelihood of data being tampered with overseas will reportedly be taken into account, in relation to assessments.