An Alternate Vision: China’s Cybersecurity Law and Its Implementation in the Chinese Courts

GRACE PYO*

China’s 2017 Cybersecurity Law (CSL), one of the first comprehensive cybersecurity laws by a major power, drew attention for its ambitious, all-encompassing approach to managing cybersecurity from the top down. The CSL also reflected China’s efforts to respond to its citizens’ demands for consumer protections, data privacy, and data security. However, when the CSL was implemented, ambiguity surrounded its interpretation and enforcement. This is the first detailed study of the Chinese judicial system’s treatment of the CSL to date—by examining a sample of administrative, criminal, and civil cases, this Note showcases the on-the-ground realities of the CSL’s implementation. These cases reveal that strengthened legal protections for consumers may come at the cost of eliminating anonymity. The CSL has increased the State’s ability to monitor the citizenry and enforce the State’s restrictive vision of “cybersecurity,” with impacts on both individuals and businesses. Most significantly, the State is using the CSL to target politically sensitive and anti-government speech. This trend is particularly worrying as China’s role as an exporter of technology and cyber policy continues to grow.

*J.D Candidate, Columbia Law School, 2022. Thank you to Professor Benjamin Liebman for his excellent guidance on this Note and more broadly for his insights as a mentor during law school. Thank you to Tim Wang, Vineet Surapaneni, Krista Landis, Daniel Spicehandler and the hardworking staffers of the Columbia Journal of Transnational Law for their constructive feedback and detailed edits. Finally, I am grateful to God, Derek, and my family and friends, without whom this Note would not have been possible.