Why should you read this article?

Key Takeaways

1. 2021 was a significant year for Chinese cyberspace, as it marked the start of China's 14th Five-Year Plan (2021-2025). In 2021, China had launched a sweeping tech crackdown and accelerated consolidation of power in reigning everything within the Great Firewall (GFW).
2. The Chinese regulators had taken high-profile actions against major tech companies, especially those operating social media and commerce platforms. Firms like Alibaba, ByteDance, Tencent, Didi Chuxing, and Meituan have faced record fines and cybersecurity probes. In contrast, "hard tech" companies in strategically critical sectors like Huawei and SMIC have been mainly exempted from regulatory scrutiny.
3. The Chinese regulators, led by the Cyberspace Administration of China (CAC), introduced and amended a series of regulations to tighten their control over the management and flow of data. The new rules range from privacy protection and data transfer to vulnerabilities disclosure.
4. International technology firms also faced pressures and censorship from the Chinese regulators. Famous apps like Clubhouse, Signal, and Quran Majeed have been reportedly blocked in China. Besides, companies like LinkedIn and Yahoo have pulled out of China, citing a challenging environment.
5. With China's expansion of power over cyberspace, stakeholders and cybersecurity practitioners should stay vigilant to their network and asset exposure to China's jurisdiction. Besides, we have observed that China's regulatory campaign were often followed by covert cyber operations. Indicators have shown that 2022 will undoubtedly be another challenging year for Chinese and international tech giants.

Overview: A Year of Tech Crackdown

A More Difficult Environment for Domestic and International Tech Firms

Abbreviations

CCP: Chinese Communist Party

CAC: Cyberspace Administration of China

MIIT: Ministry of Industry and Information Technology

SAMR: State Administration for Market Regulation

Timeline

2021Q1

• SAMR launched antitrust investigation into Alibaba
• CAC issued a new law to regulate public accounts to combat disinformation and fake traffic

• SAMR finalized anti-monopoly guidelines
• MIIT drafted new regulations to combat excessive data collection by mobile apps
• US audio-chat app Clubhouse reportedly blocked in China

• CCP's Two Sessions 2021
• SAMR fined 10 big tech firms for failing to report acquisitions
• CAC issued new rules to tighten supervision over big tech’s collection of user data
• Encrypted messaging app Signal reportedly blocked in China

2021Q2

• SAMR imposed record US$2.8 Billion fine against Alibaba
• CAC launches hotline for netizens to report “illegal” history comments
• SAMR announced investigation into delivery giant Meituan
• CCP reviewed “Data Security Law” and “Personal Information Protection Law”
• CAC issue draft rules on users’ privacy protection of mobile apps

• CAC called out 84 apps Including Tencent, Alibaba, and Baidu for violating user privacy

• CCP Passed “Data Security Law” and “Anti- Foreign Sanctions Law”
• China widens cryptocurrency crackdown: mining projects shut down; banks ordered to step up clampdown

2021Q3

• CAC banned Didi Chuxing’s apps after its U.S. IPO
• CAC to amend “Cybersecurity Review Regulations,” tightening controls over foreign-listed firms
• CAC issued new vulnerability disclosure rules
• MIIT launched 6-month rectification program, ordering tech firms to fix anticompetitive, security issues
• 7 Chinese agencies sent officials to conduct on-site cybersecurity inspections at Didi Chuxing

• Chinese state media labeled online gaming “spiritual opium” and called out Tencent
• CAC drafted "Personal Information Protection Law"
• CAC launched regulations to protect critical information infrastructure
• China orders state firms to migrate to government cloud services

• CAC launched “Security Threat Information Sharing Platform” for reporting vulnerabilities
• CAC ruled all crypto-related transactions illegal

2021Q4

• LinkedIn shut down operation in China as compliance challenges increase
• CAC banned cross border transfer of core industrial and telecoms data
• China bans Quran Majeed, one of the most popular Quran apps in the world

• Personal Information Protection Law (PIPL) took effect
• Yahoo pulled out of China, citing 'challenging' environment
• China suspended Tencent apps update and limiting use in state-run firms
• China to ban business use of WeChat and Alipay personal payment QR codes
• China censored tennis star Peng Shuai over sexual assault claims against CCP high-ranking official

• CAC issued rules to block foreign religious content online
• MIIT suspended cooperation with Alibaba Cloud, citing delayed report of Log4j2 vulnerability
• Didi Global delisted from the NYSE
• CAC fined Weibo for publishing illegal information

Outlook: China's Endless Pursuit of Cyber Power and Regulatory Control