What's new

Don’t let the long arm of China reach to our critical infrastructure

master_13 said:
can you quote a link that point chinese smartphone selling data to the "government"?
Click to expand...

Not selling, but giving. That is the government order from the latest cybersecurity law in 2016

Article 38: At least once a year, critical information infrastructure operators shall conduct an inspection and assessment of their networks security and risks that might exists either personally, or through retaining a network security services establishment; and submit a network security report on the circumstances of the inspection and assessment as well as improvement measures, to be sent to the relevant department responsible for critical information infrastructure security protection efforts.

https://www.chinalawtranslate.com/cybersecuritylaw/?lang=en

Which mean each year, a company is to compile a report on data used both personally or retaining from a third party network security service and submit the report to the Chinese government for risk assessment.

Which basically mean the government have access to "personal", which is the keyword here, data and determine if that is the potential risk of the state. Exactly the same thing Snowden accuse of what NSA is doing.

Every Chinese company have to compiled to this law, which include telco like Huawei and ZTE or Lenovo.

But what more surprising is that while that law is to be used domestically, which is to monitor Chinese user, company like DJI and Huawei have been accused of sending overseas user data to the Chinese government.
 
.
jhungary said:
Not selling, but giving. That is the government order from the latest cybersecurity law in 2016

Article 38: At least once a year, critical information infrastructure operators shall conduct an inspection and assessment of their networks security and risks that might exists either personally, or through retaining a network security services establishment; and submit a network security report on the circumstances of the inspection and assessment as well as improvement measures, to be sent to the relevant department responsible for critical information infrastructure security protection efforts.

https://www.chinalawtranslate.com/cybersecuritylaw/?lang=en

Which mean each year, a company is to compile a report on data used both personally or retaining from a third party network security service and submit the report to the Chinese government for risk assessment.

Which basically mean the government have access to "personal", which is the keyword here, data and determine if that is the potential risk of the state. Exactly the same thing Snowden accuse of what NSA is doing.

Every Chinese company have to compiled to this law, which include telco like Huawei and ZTE or Lenovo.

But what more surprising is that while that law is to be used domestically, which is to monitor Chinese user, company like DJI and Huawei have been accused of sending overseas user data to the Chinese government.
Click to expand...

"at least once a year, critical information infrastructure operators shall conduct an inspection and assessment of their networks security and risks that might exists either personally, or through retaining a network security services establishment; and submit a network security report on the circumstances of the inspection and assessment as well as improvement measures, to be sent to the relevant department responsible for critical information infrastructure security protection efforts. "

this sounds like routine cyber security check, by saying conducting cyber security check is equivalent to sending personal information to the government is a gross extrapolation. My company as well as other company in my industry conduct similar cyber security check each year as well and need to send report to relevant agencies, and no, my company does not send any personal data to the government. You are making too much assumptions there based on article 38.
 
.
master_13 said:
"at least once a year, critical information infrastructure operators shall conduct an inspection and assessment of their networks security and risks that might exists either personally, or through retaining a network security services establishment; and submit a network security report on the circumstances of the inspection and assessment as well as improvement measures, to be sent to the relevant department responsible for critical information infrastructure security protection efforts. "

this sounds like routine cyber security check, by saying conducting cyber security check is equivalent to sending personal information to the government is a gross extrapolation. My company as well as other company in my industry conduct similar cyber security check each year as well and need to send report to relevant agencies, and no, my company does not send any personal data to the government. You are making too much assumptions there based on article 38.
Click to expand...

You cannot cherry pick which is "too much assumption" and which is not, if that is the case, then wasn't what the NSA did to the PRISM is also a routine cyber security check and you are making too much assumption the American Telco will give user detail to the government and spy on them willy-nilly?

And a report COMPLIED by personal data is still personal data. What if you found an anomalies? How would you identify the source if you did not include that personal data to the report? Or at least look for it on behalf of the government? That is the action and definition of spying.
 
.
jhungary said:
You cannot cherry pick which is "too much assumption" and which is not, if that is the case, then wasn't what the NSA did to the PRISM is also a routine cyber security check and you are making too much assumption the American Telco will give user detail to the government and spy on them willy-nilly?

And a report COMPLIED by personal data is still personal data. What if you found an anomalies? How would you identify the source if you did not include that personal data to the report? Or at least look for it on behalf of the government? That is the action and definition of spying.
Click to expand...

If it's standard procedure being used all over the world, then I don't see what China doing is more "threatening" than others. Australia clearly targets China specifically, and that's where I have problem with. The point here is, there hasn't been a single concrete evidence that Huawei/ZTE spied on anyone, anywhere in the world. What they are collecting currently is no different and neither more spy-worthy than what's being collected anywhere else in the world by other country's technologies.
 
.

Similar threads

艹艹艹
China-aid port in Cameroon benefits local community
Replies
0
Views
425
艹艹艹
艹艹艹
dani92
Hindus don’t need execuse to turn the mosques of India into Hindu temples
Replies
0
Views
695
dani92
dani92
艹艹艹
China donating two corvettes to Cambodia
Replies
0
Views
492
艹艹艹
艹艹艹
艹艹艹
Indonesia expands coal downstreaming with China partnership
Replies
0
Views
332
艹艹艹
艹艹艹
H
Chinese People's Liberation Army (PLA) entered approximately 60 kilometers into Indian territory in Arunachal Pradesh
Replies
0
Views
571
HamzaWaseem
H

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Military Forum Latest Posts

Country Latest Posts

Back
Top Bottom