China’s new wide-ranging cybersecurity law is drawing some serious apprehension from the U.S. property/casualty insurance industry. Trade associations and experts alike caution that it will create business obstacles in the world’s second-largest economy.
“Most insurers already find China a difficult market in which to get a toehold,” Michael Barry, vice president of media relations with the Insurance Information Institute, told Carrier Management via email. “This action will not make things easier.”
As reported by Bloomberg and others, the new law was recently passed by China’s main legislative body, the Standing Committee of the National People’s Congress. It takes effect in June and will implement a number of new requirements, such as mandatory testing and certification of computer equipment. Companies are also required to give government investigators complete access to their data if there is suspected wrong-doing, and Internet operators must cooperate in any national security or crime-related investigation.
In August, 46 global business groups covering finance, information technology, insurance and manufacturing submitted a letter to Chinese Premier Li Keqiang urging that the cyber rules be redrafted, arguing they would hamper trade, Reuters reported. Insurance industry worries remain.
The American Insurance Association “is very concerned about the development on China’s cybersecurity law,” Steve Simchak, AIA director of Internal Affairs, said in an emailed statement. “We and business associations around the world have communicated our shared concerns, and we hope that there can be a dialogue with the Chinese Government on implementation.”
Dave Snyder, vice president of international policy for the Property Casualty Insurers Association of America, said that his association wants to see further progress with the recently passed regulations.
He noted that the insurance industry, individuals and government all have interests regarding data and that a balance between all three can be achieved.
“We will continue to work with our Chinese counterparts to find an effective balance,” Snyder said. “This should be of interest to the Chinese not only internally but externally. As these [Chinese] companies wish to do business abroad, they too would want to have the right balance of policies applied to them by other countries.”
The I.I.I.’s Barry noted that China appears to want to “gain greater control over its domestic Internet activity” in a way that would prompt other nations’ companies “to interact more broadly with Chinese-based firms when storing information and conducting business in China.”
But Barry said that the policies as reported appear to suggest that “China is making it more difficult for non-Chinese firms to do business in China either directly or through partnerships.”
Barry added that while it is too early to say how the new Chinese cybersecurity law will affect P/C insurance companies, early indications aren’t good.
“P/C insurers will likely see the cost of complying with this new action as a disincentive to conduct business in China,” Barry said.