Podcast #12: How China’s Cybersecurity Review Poses Challenges to Foreign Suppliers

Jul 16, 2020
| By Vincent Chow
Supply chain security means minimizing exposure of China's critical infrastructure to tightening U.S. export controls

Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Just as the United States has beefed up its scrutiny of the supply chains of its critical infrastructure in recent months, China has also launched a new cybersecurity review (CSR) for mitigating the national security risks posed by theirs. In this episode, Barbara Li and Zhou Yang explain the scope and process of the cybersecurity review, the basic steps parties must take in order to comply, the implications for foreign suppliers, and more.

For the full episode, click here to listen on Apple Podcasts and here for Spotify.

Barbara Li is Head of Corporate at Rui Bai Law Firm in Beijing, where she spearheads the TMT and FinTech practices. She is former vice chair of the Cybersecurity Sub-Working Group of the EU Chamber of Commerce in China.

Zhou Yang is a Shanghai-based partner at Zhong Lun Law Firm specializing in TMT and cybersecurity issues.

The China Law Podcast is a weekly podcast exploring China’s business and financial sectors from a legal perspective. Get in touch at [email protected] with any feedback and ideas for future episodes.

Episode outline

  • 02:01 Legal basis for the cybersecurity review under Cybersecurity Law and National Security Law
  • 03:54 Scope of the review: CII operators’ procurement of network products and services
  • 08:10 What is required under pre-review self-evaluation
  • 11:46 Punishments for non-compliance
  • 16:43 Export control restrictions for U.S. suppliers
  • 18:25 Situation where Chinese customer have no choice beyond U.S. supplier


Related content

Government Engagement, Support of Chinese Partner Key to Navigating China’s Cybersecurity Review

PRC Cybersecurity Law (中华人民共和国网络安全法)

China’s National Security Review: a Case Study of a Supermarket Chain

Measures for Security Reviews of Network Products and Services (Trial Implementation) (网络产品和服务安全审查办法 (试 行))