- 注册
- 2012-02-27
- 消息
- 9,440
- 荣誉分数
- 2,120
- 声望点数
- 273
中国索要在华银行设备源代码 美国企业集体抗议
周三(28日),由多位政策专家、游说家和律师组成的美国商会(American Chamber of Commerce)给中共中央网络安全和信息化领导小组写信,表示反对新政策,并抱怨称这些政策相当于保护主义。据观察者网查询,美国商会是一个代表多间企业和贸易协会的美国游说团体。美国商会并不是美国政府的官方单位。美国商会是美国最大的游说团体之一,每年的开销金额超越了其他的游说团体。
《纽约时报》惋惜美国一些主要高科技公司或许会因为这些规定而受到伤害,目前正在大举进军中国市场的苹果公司(Apple)也包括在内。苹果在iPhone 6中使用了新的加密方法,每部手机都有一个独一无二的编码,这个方法就建立在与一个编码绑定的复杂算法之上。苹果称,公司也无法获取这些编码,但是根据反恐法草案,当局可能会要求它提供密钥,使中国政府能够破译存在iPhone上的数据。
“我觉得他们明显是针对在华运营的外国供应商,”分析公司高德纳(Gartner)分析师马修•张(Matthew Cheung)说。“他们在推动本土科技公司的发展,如此一来,有能力为企业提供系统的本土供应商就可以获得更多市场份额。”例如,银行新规定称,截至2019年,75%的中国机构所使用的科技产品必须达到“安全可控”级别。
“银行是据我们所知第一个发布了白纸黑字的监管文件的行业,”IDC负责企业研究的副总裁Jeffrey Yao说。“在其他一些行业,和客户聊一下就知道,其中许多人就会受到采用本土品牌的压力,但是在大多数情况下,这些都通过高层官员下达的内部通知实现。”
网络设备制造商思科系统公司(Cisco Systems)的首席执行官约翰•T•钱伯斯(John T. Chambers)提出了这一问题,芯片制造商高通(Qualcomm)的高管也提出了这一问题。本周,微软(Microsoft)首席执行官萨蒂亚•纳德拉(Satya Nadella)称,他的公司正在处理与中国相关的“地缘政治问题”。
“我们目前受制于人。如果别人停止服务,我们该怎么办?”他说。他指出当微软停止为Windows XP提供支持时,许多中国企业和地方政府都开始手忙脚乱。“从安全的角度而言,这根本是不能接受的。我们要杜绝这种局面。”
New Rules in China Upset Western Tech Companies
By PAUL MOZURJAN. 28, 2015
HONG KONG — The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.
The new rules, laid out in a 22-page document approved at the end of last year, are the first in a series of policies expected to be unveiled in the coming months that Beijing says are intended to strengthen cybersecurity in critical Chinese industries. As copies have spread in the past month, the regulations have heightened concern among foreign companies that the authorities are trying to force them out of one of the largest and fastest-growing markets.
In a letter sent Wednesday to a top-level Communist Party committee on cybersecurity, led by President Xi Jinping, foreign business groups objected to the new policies and complained that they amounted to protectionism.
The Chinese prime minister, Li Keqiang, with Tamara Lundgren and Thomas Donohue from the U.S. Chamber of Commerce before a meeting last July in Beijing. The chamber is seeking urgent talks over new rules. CreditPool photo by Ng Han Guan
The groups, which include the U.S. Chamber of Commerce, called for “urgent discussion and dialogue” about what they said was a “growing trend” toward policies that cite cybersecurity in requiring companies to use only technology products and services that are developed and controlled by Chinese companies.
The letter is the latest salvo in an intensifying tit-for-tat between China and the United States over online security and technology policy. While the United States has accused Chinese military personnel of hacking and stealing from American companies, China has pointed to recent disclosuresof United States snooping in foreign countries as a reason to get rid of American technology as quickly as possible.
Although it is unclear to what extent the new rules result from security concerns, and to what extent they are cover for building up the Chinese tech industry, the Chinese regulations go far beyond measures taken by most other countries, lending some credibility to industry claims that they are protectionist. Beijing also has long used the Internet to keep tabs on its citizens and ensure the Communist Party’s hold on power.
Chinese companies must also follow the new regulations, though they will find it easier since for most, their core customers are in China.
China’s Internet filters have increasingly created a world with two Internets, a Chinese one and a global one. The new policies could further split the tech world, forcing hardware and software makers to sell either to China or the United States, or to create significantly different products for the two countries.
While the Obama administration will almost certainly complain that the new rules are protectionist in nature, the Chinese will be able to make a case that they differ only in degree from Washington’s own requirements.
The United States has made it virtually impossible for Huawei, a major Chinese maker of computer servers and cellphones, to sell its products in the United States, arguing that its equipment could have “back doors” for the Chinese government.
The documents released by Edward J. Snowden, the former National Security Agency contractor, revealed a major effort by the agency to enter Huawei’s systems, both to figure out who controls the company and to create back doors that the United States could exploit.
Recent calls by the director of the Federal Bureau of Investigation, James B. Comey, to assure that the United States has a key to decrypt information stored on iPhones and other devices will doubtless be used by the Chinese to argue that all governments need access to sensitive computer systems.
For multinationals, the Chinese market is simply too big to ignore. China is expected to spend $465 billion in 2015 on information and communications technology, according to the research firm IDC, which says the expansion of China’s tech market will account for 43 percent of worldwide tech sector growth.
Analysts said new Chinese policies like the bank rules and an antiterrorism law that is still in draft form would make doing business increasingly difficult in China for foreign hardware and software companies.
“I think they’re obviously targeting foreign vendors that are operating in China,” said Matthew Cheung, a researcher at the analytics firm Gartner. “They are promoting the local technologies so that local providers who have the capabilities to provide systems to these enterprises can get more market share.”
For instance, the bank rules say 75 percent of technology products used by Chinese institutions must be classified as “secure and controllable” by 2019.
Though analysts say “secure and controllable” — a phrase that peppers several new Chinese technology policies — may be open to interpretation, a chart attached to the banking regulations shows the troubles foreign companies could have in winning that classification for their products.
For most computing and networking equipment, the chart says, source code must be turned over to Chinese officials. But many foreign companies would be unwilling to disclose code because of concerns about intellectual property, security and, in some cases, United States export law.
The chart also calls for companies that want to sell to banks to set up research and development centers in China, obtain permits for workers servicing technology equipment and build “ports” to allow Chinese officials to manage and monitor data processed by their hardware.
The draft antiterrorism law pushes even further, calling for companies to store all data related to Chinese users on servers in China, create methods for monitoring content for terror threats and provide keys to encryption to public security authorities.
“Banking is the first industry where we are aware a black-and-white regulatory document was issued,” said Jeffrey Yao, a vice president for enterprise research at IDC. “In some other industries, if you talk to the customers, many of them get the pressure to adopt the local brands, but in most of the cases they are via internal communications from the top officers.”
Some of America’s largest tech companies could be hurt by the rules, including Apple, which is making a big push into the country. Apple has used new encryption methods in the iPhone 6 that are based on a complicated mathematical algorithm tied to a code unique to each phone. Apple says it has no access to the codes, but under the proposed antiterrorism law, it would be required to provide a key so that the Chinese government could decrypt data stored on iPhones.
A growing number of American technology executives have complained about new barriers to access to the Chinese market. John T. Chambers, the chief executive of the network equipment maker Cisco Systems, has raised the issue, as have executives at the chip maker Qualcomm. This week, Microsoft’s chief executive, Satya Nadella, said his company was working through “geopolitical issues” regarding China.
In the letter, the Western companies voiced concerns about a broader “cybersecurity review regime” under which the Chinese government would assess the “security and controllability” of hardware, software and technology services sold in China, through audits and other checks. More details about the checks will be sent in February to the Central Leading Group for Cyberspace Affairs, the committee led by the Chinese president, according to a recent report by Xinhua, the state-run news agency.
The committee, which was created after the disclosures by Mr. Snowden, is leading the charge in consolidating and streamlining online security efforts in China. Analysts said it had most likely presided over or given tacit support to the new policies.
The leadership committee is said to be also trying to wean the country from its reliance on foreign technology, a longstanding goal that has gained urgency after Mr. Snowden’s revelations.
Zuo Xiaodong, vice president of the China Information Security Research Institute, said the new policies and the broader push for indigenous innovation were not intended to eliminate foreign companies from the market.
“We’re under the yoke of others. If the others stop services, what do we do?” he said, noting that many Chinese companies and local governments had to scramble when Microsoft discontinued its support of Windows XP. “From a security perspective, that simply wasn’t acceptable. We’re breaking away from these types of circumstances."
Even if Beijing wants it to, the banking industry cannot immediately do away with all foreign hardware makers, Mr. Yao of IDC said. Banks purchase billions of dollars’ worth of hardware and software to manage transactions, and Chinese companies cannot yet produce some of the higher-end servers and mainframes they rely on.
Mr. Yao said 90 percent of high-end servers and mainframes in China were still produced by multinationals. Still, Chinese companies are catching up at the lower end.
“For all enterprise hardware, local brands represented 21.3 percent revenue share in 2010 in P.R.C. market and we expect in 2014 that number will reach 43.1 percent,” he said, using the abbreviation for the People’s Republic of China. “That’s a huge jump.”
David E. Sanger contributed reporting from Washington.
周三(28日),由多位政策专家、游说家和律师组成的美国商会(American Chamber of Commerce)给中共中央网络安全和信息化领导小组写信,表示反对新政策,并抱怨称这些政策相当于保护主义。据观察者网查询,美国商会是一个代表多间企业和贸易协会的美国游说团体。美国商会并不是美国政府的官方单位。美国商会是美国最大的游说团体之一,每年的开销金额超越了其他的游说团体。
《纽约时报》惋惜美国一些主要高科技公司或许会因为这些规定而受到伤害,目前正在大举进军中国市场的苹果公司(Apple)也包括在内。苹果在iPhone 6中使用了新的加密方法,每部手机都有一个独一无二的编码,这个方法就建立在与一个编码绑定的复杂算法之上。苹果称,公司也无法获取这些编码,但是根据反恐法草案,当局可能会要求它提供密钥,使中国政府能够破译存在iPhone上的数据。
“我觉得他们明显是针对在华运营的外国供应商,”分析公司高德纳(Gartner)分析师马修•张(Matthew Cheung)说。“他们在推动本土科技公司的发展,如此一来,有能力为企业提供系统的本土供应商就可以获得更多市场份额。”例如,银行新规定称,截至2019年,75%的中国机构所使用的科技产品必须达到“安全可控”级别。
“银行是据我们所知第一个发布了白纸黑字的监管文件的行业,”IDC负责企业研究的副总裁Jeffrey Yao说。“在其他一些行业,和客户聊一下就知道,其中许多人就会受到采用本土品牌的压力,但是在大多数情况下,这些都通过高层官员下达的内部通知实现。”
网络设备制造商思科系统公司(Cisco Systems)的首席执行官约翰•T•钱伯斯(John T. Chambers)提出了这一问题,芯片制造商高通(Qualcomm)的高管也提出了这一问题。本周,微软(Microsoft)首席执行官萨蒂亚•纳德拉(Satya Nadella)称,他的公司正在处理与中国相关的“地缘政治问题”。
“我们目前受制于人。如果别人停止服务,我们该怎么办?”他说。他指出当微软停止为Windows XP提供支持时,许多中国企业和地方政府都开始手忙脚乱。“从安全的角度而言,这根本是不能接受的。我们要杜绝这种局面。”
New Rules in China Upset Western Tech Companies
By PAUL MOZURJAN. 28, 2015
HONG KONG — The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.
The new rules, laid out in a 22-page document approved at the end of last year, are the first in a series of policies expected to be unveiled in the coming months that Beijing says are intended to strengthen cybersecurity in critical Chinese industries. As copies have spread in the past month, the regulations have heightened concern among foreign companies that the authorities are trying to force them out of one of the largest and fastest-growing markets.
In a letter sent Wednesday to a top-level Communist Party committee on cybersecurity, led by President Xi Jinping, foreign business groups objected to the new policies and complained that they amounted to protectionism.

The Chinese prime minister, Li Keqiang, with Tamara Lundgren and Thomas Donohue from the U.S. Chamber of Commerce before a meeting last July in Beijing. The chamber is seeking urgent talks over new rules. CreditPool photo by Ng Han Guan
The groups, which include the U.S. Chamber of Commerce, called for “urgent discussion and dialogue” about what they said was a “growing trend” toward policies that cite cybersecurity in requiring companies to use only technology products and services that are developed and controlled by Chinese companies.
The letter is the latest salvo in an intensifying tit-for-tat between China and the United States over online security and technology policy. While the United States has accused Chinese military personnel of hacking and stealing from American companies, China has pointed to recent disclosuresof United States snooping in foreign countries as a reason to get rid of American technology as quickly as possible.
Although it is unclear to what extent the new rules result from security concerns, and to what extent they are cover for building up the Chinese tech industry, the Chinese regulations go far beyond measures taken by most other countries, lending some credibility to industry claims that they are protectionist. Beijing also has long used the Internet to keep tabs on its citizens and ensure the Communist Party’s hold on power.
Chinese companies must also follow the new regulations, though they will find it easier since for most, their core customers are in China.
China’s Internet filters have increasingly created a world with two Internets, a Chinese one and a global one. The new policies could further split the tech world, forcing hardware and software makers to sell either to China or the United States, or to create significantly different products for the two countries.
While the Obama administration will almost certainly complain that the new rules are protectionist in nature, the Chinese will be able to make a case that they differ only in degree from Washington’s own requirements.
The United States has made it virtually impossible for Huawei, a major Chinese maker of computer servers and cellphones, to sell its products in the United States, arguing that its equipment could have “back doors” for the Chinese government.
The documents released by Edward J. Snowden, the former National Security Agency contractor, revealed a major effort by the agency to enter Huawei’s systems, both to figure out who controls the company and to create back doors that the United States could exploit.
Recent calls by the director of the Federal Bureau of Investigation, James B. Comey, to assure that the United States has a key to decrypt information stored on iPhones and other devices will doubtless be used by the Chinese to argue that all governments need access to sensitive computer systems.
For multinationals, the Chinese market is simply too big to ignore. China is expected to spend $465 billion in 2015 on information and communications technology, according to the research firm IDC, which says the expansion of China’s tech market will account for 43 percent of worldwide tech sector growth.
Analysts said new Chinese policies like the bank rules and an antiterrorism law that is still in draft form would make doing business increasingly difficult in China for foreign hardware and software companies.
“I think they’re obviously targeting foreign vendors that are operating in China,” said Matthew Cheung, a researcher at the analytics firm Gartner. “They are promoting the local technologies so that local providers who have the capabilities to provide systems to these enterprises can get more market share.”
For instance, the bank rules say 75 percent of technology products used by Chinese institutions must be classified as “secure and controllable” by 2019.
Though analysts say “secure and controllable” — a phrase that peppers several new Chinese technology policies — may be open to interpretation, a chart attached to the banking regulations shows the troubles foreign companies could have in winning that classification for their products.
For most computing and networking equipment, the chart says, source code must be turned over to Chinese officials. But many foreign companies would be unwilling to disclose code because of concerns about intellectual property, security and, in some cases, United States export law.
The chart also calls for companies that want to sell to banks to set up research and development centers in China, obtain permits for workers servicing technology equipment and build “ports” to allow Chinese officials to manage and monitor data processed by their hardware.
The draft antiterrorism law pushes even further, calling for companies to store all data related to Chinese users on servers in China, create methods for monitoring content for terror threats and provide keys to encryption to public security authorities.
“Banking is the first industry where we are aware a black-and-white regulatory document was issued,” said Jeffrey Yao, a vice president for enterprise research at IDC. “In some other industries, if you talk to the customers, many of them get the pressure to adopt the local brands, but in most of the cases they are via internal communications from the top officers.”
Some of America’s largest tech companies could be hurt by the rules, including Apple, which is making a big push into the country. Apple has used new encryption methods in the iPhone 6 that are based on a complicated mathematical algorithm tied to a code unique to each phone. Apple says it has no access to the codes, but under the proposed antiterrorism law, it would be required to provide a key so that the Chinese government could decrypt data stored on iPhones.
A growing number of American technology executives have complained about new barriers to access to the Chinese market. John T. Chambers, the chief executive of the network equipment maker Cisco Systems, has raised the issue, as have executives at the chip maker Qualcomm. This week, Microsoft’s chief executive, Satya Nadella, said his company was working through “geopolitical issues” regarding China.
In the letter, the Western companies voiced concerns about a broader “cybersecurity review regime” under which the Chinese government would assess the “security and controllability” of hardware, software and technology services sold in China, through audits and other checks. More details about the checks will be sent in February to the Central Leading Group for Cyberspace Affairs, the committee led by the Chinese president, according to a recent report by Xinhua, the state-run news agency.
The committee, which was created after the disclosures by Mr. Snowden, is leading the charge in consolidating and streamlining online security efforts in China. Analysts said it had most likely presided over or given tacit support to the new policies.
The leadership committee is said to be also trying to wean the country from its reliance on foreign technology, a longstanding goal that has gained urgency after Mr. Snowden’s revelations.
Zuo Xiaodong, vice president of the China Information Security Research Institute, said the new policies and the broader push for indigenous innovation were not intended to eliminate foreign companies from the market.
“We’re under the yoke of others. If the others stop services, what do we do?” he said, noting that many Chinese companies and local governments had to scramble when Microsoft discontinued its support of Windows XP. “From a security perspective, that simply wasn’t acceptable. We’re breaking away from these types of circumstances."
Even if Beijing wants it to, the banking industry cannot immediately do away with all foreign hardware makers, Mr. Yao of IDC said. Banks purchase billions of dollars’ worth of hardware and software to manage transactions, and Chinese companies cannot yet produce some of the higher-end servers and mainframes they rely on.
Mr. Yao said 90 percent of high-end servers and mainframes in China were still produced by multinationals. Still, Chinese companies are catching up at the lower end.
“For all enterprise hardware, local brands represented 21.3 percent revenue share in 2010 in P.R.C. market and we expect in 2014 that number will reach 43.1 percent,” he said, using the abbreviation for the People’s Republic of China. “That’s a huge jump.”
David E. Sanger contributed reporting from Washington.