China has passed cybersecurity laws that include contentious requirements for security reviews and data stored on servers.
The controversial law was passed on Monday and will take effect in June 2017. Its aim is counter growing threats such as hacking and terrorism, but it has triggered concerns among foreign business and rights groups.
Provisions in the bill include requirements for “critical information infrastructure operators” to store personal information and important business data in China, provide unspecified “technical support” to security agencies, and pass national security reviews. Companies fear they will have to hand over intellectual property or open back doors in products to operate in China's market.
The regulation also says agencies and enterprises must improve their ability to defend against network intrusions, while demanding security reviews for equipment and data in “strategic sectors.”
A long list of sectors is defined as strategic, including financial services.
Critics also argue the law threatens to shut out foreign technology companies, and will tighten restrictions on China’s internet which is already subject to the world’s most sophisticated censorship mechanism.
The country has been working to boost its cybersecurity since President XI Jinping came to power four years ago.