China’s “uniquely restrictive” data laws risk boosting U.S. firms’ cost of doing business in the No. 2 economy and could lead to digital decoupling, a new report from an American business group warns.
The government’s curbs on data movement across borders, ambiguous regulation and inconsistent enforcement “are particularly challenging for multinational firms,” according to the U.S.-China Business Council, which describes itself as a private organization of over 260 American companies operating in the Asian nation.
“If the policies are implemented rigidly, a possible outcome is the creation of data islands that force companies to localize technology, people and processes, disconnecting them from global operations,” the business group said in the report released Thursday, which was based on discussions with more than 30 U.S. companies.
Chinese President Xi Jinping’s government has introduced a raft of data, privacy and cybersecurity regulations over the past five years, citing the need to better protect personal information and strengthen national security. The government also wants to build digital infrastructure and data centers around the country with the goal of creating a market for data that propels economic growth.
The strategy is also politically driven, with Xi last year declaring he intended to pursue “platform” companies that amass data to create monopolies. The government later hit Alibaba Group Holding Ltd. with a record $2.8 billion fine for abuse of market dominance and told other top Internet companies to rectify anti-competitive practices.
The moves have also rattled investors, and last month analysts at JPMorgan Chase & Co. called the Chinese Internet sector “uninvestable,” partly due to regulatory worries.
“Like most governments, Beijing is still figuring out how to thread the needle between protecting data security and enabling cross-border data trade,” said Kendra Schaefer, head of digital research at Trivium China, a consultancy in Beijing.
“It’s uncertain how rigidly existing rules will be enforced and to what extent they will be adjusted over the long term in response to complaints by foreign businesses.”
Many U.S. companies were working with regulators at the regional level of the Chinese government to help them navigate the regulatory environment, the U.S.-China Business Council’s report said. They’re also putting more resources into local teams to review compliance issues, it added.
The report said firms in the auto, hospitality, health care and financial services industries were more heavily regulated than others. It cited potential higher business expenses, such as purchases of local servers, that could cost as much as several million dollars.
“At a minimum, companies would like to see clarity on how they can comply, and they want to be a part of that discussion,” said Matthew Margulies, the council’s senior vice president of China operations. “There are legitimate safeguards necessary for privacy and data security—no one disputes that—but there’s a concern that the security elements of the equation are kind of outweighing or overshadowing some commercial realities.”
Photograph: Pedestrians ride escalators in Pudong’s Lujiazui Financial District in Shanghai, China, Feb. 7, 2022. Photo credit: Qilai Shen/Bloomberg