US technology companies are now being encouraged to sign a pledge that will “comply with Chinese information security policies. However, it could also give China backdoor access to the companies.
“The terms of the pledge, which the New York Times reports requires companies to ‘promise they would not harm China’s national security and would store Chinese user data within the country,’ are similar in ways to the PRISM agreement between technology companies and the US government revealed by former National Security Agency contractor Edward Snowden,” according to Arstechnica.
“But the pledge also goes further, pressing for systems to be ‘secure and controllable’—suggesting that companies may have to provide direct backdoors to systems for surveillance and provide the Chinese government with source code to their applications.”
The report does state that the document allows information such as where the user data will be stored, how to control how much data is collected and give users the ability to opt out of the data collection. It’s essentially giving China a leveled playing field when it comes to access of sensitive user informations.
“As part of the requirements for ‘security of user information,’ the pledge would require tech companies to ’employ effective measures to guarantee that any user information collected isn’t illegally altered, leaked or used,'” according to the report.
“All data collected from Chinese customers would have to be stored in Chinese facilities and not be moved outside the country ‘without expressed permission of the user or approval from relevant authorities’—meaning the government would have oversight over what data could be exported for corporate use (and potentially accessed by foreign intelligence organizations).”
The concern for many of the US tech companies is the extraction of trade secrets in an example “economic espionage.”
Read the full story.