【经济学人】中国网络安全法惹人担忧|2017.06.01|总第932期

“IF YOU want to stay in China, you have to go all in.” So says James Fitzsimmons of Control Risks, a consultancy, of the impact China’s new cyber-security law will have on multinational companies (MNCs) . These firms have moaned for months about the law’s intrusive and vague provisions and asked for a delay in its implementation, but to no avail. It came into force on June 1st, and foreign firms are now scrambling to figure out its implications. Mr Fitzsimmons, for one, is convinced that they must take the costly step of separating their local IT systems from their global networks.

在化险咨询公司的顾问詹姆斯·菲茨西蒙斯看来，中国网络安全法对跨国公司的影响是，“要想留在中国市场，必须全力以赴！”跨国公司因为其中笼统且极具干扰性的条例哀叹数月，纷纷要求推迟实施网络安全法，然却未果。网络安全法于6月1号正式生效，现在外企正急于弄清其影响。其中，詹姆斯·菲茨西蒙斯确信这些外企定将重金解除其当地信息系统与其全球网络的关联。

• multinational companies (MNCs) 跨国公司

At first blush , the law seems a reasonable effort at tackling two areas of policy in need of reform. The first is cyber-security . Companies in industries deemed to be critical must now ensure that their technology systems are “secure and controllable.” They must store important data locally, and will be subject to audits by official inspectors. Susan Ning of King & Wood Mallesons, a Chinese law firm, thinks that foreign firms should be familiar with such rules since, on her firm’s analysis, European regulations on cyber-security are tighter than those found in the new law.

乍一看来，安全法似乎合理解决了政策中的两方面需要改革的问题。一方面是网络安全问题。向来至关重要的工业企业，现在必须确保其技术体系“安全、可控”，必须将重要数据存储于境内，接受政府检查员审查。来自中国金杜律师事务所的苏珊·宁认为，就其公司所做分析看来，欧洲比中国在网络安全法方面要求更为严苛，外企应早已深谙此类律法。

• at first blush 乍一看

• cyber-security 网络安全

The other neglected area taken on by this law is data privacy. Firms in China have long amassed and manipulated consumer data as they have pleased. And as Ronald Cheng of O’Melveny, an American law firm, observes, online fraud, malware and mobile-phone scams are rife . Under the new rules, companies must be much more careful with data about, or acquired from, individuals in China. They are required to maintain such data on local servers, and must obtain permission before sending bulk data abroad.

安全法承担的另一个被忽视的领域则是数据隐私问题。长期以来，在华企业十分满意于可以大量收集使用顾客信息。美国美迈斯律师事务所的罗纳德·程认为，网络诈骗、网络恶意软件、手机欺诈十分猖獗。但在网络安全法的保护下，在中国，一旦涉及个人信息，各公司将不得不小心应对。政府要求各公司将这些数据保存至本地服务器，且向境外输送大数据前须获得同意。

• rife adj.（通常指坏事）普遍的，盛行的

However reasonable these goals seem, two big worries linger. First, the law is overly broad and mischievously vague. It provides little guidance on what constitutes “ critical information infrastructure ” (though impact on “social or economic well-being” is a criterion) and which firms are “network operators” (so even individuals with multiple computers could fall foul of the law). Kenneth Jarrett, head of the American Chamber of Commerce in Shanghai, argues that the law’s far-reaching restrictions could harm both foreign firms and cross-border trade.The law’s ambiguity is forcing MNCs in many industries to reconsider how they hold data, and Chinese consumers may pay the price. A foreign firm used to monitor its energy turbines in China from its headquarters, using its real-time global data to optimise operations; it now keeps the Chinese information on the mainland, efficiency be damned. A provider of global online education was sending data on Chinese users overseas to allow them to access its courses abroad; it is now rejigging its IT system to keep such data inside China and may have to curtail its offerings.

然而，无论这些目的看似有多合理，都存在两方面担忧。首先，该法过于宽泛模糊，并未具体明确“关键信息基础设施”（即使“社会福利或经济福利”的影响可视作标准），也未明确指出哪类公司才算是“网络运营商”（所以即使拥有多台电脑的个人也会与法律冲突）。上海美国商会领事季瑞达·贾勒特认为，就长远看来，这项法律的局限性不利于外企和跨国贸易的发展。网络安全法的不明确，迫使许多跨国工业公司重新考虑如何保留信息，而中国用户可能要为此付出代价。过去，外企只需在总部监管其在中国的用户信息，利用实时全局数据来优化操作；现在，要是将中国用户的数据信息存储在中国境内，效率就会大打折扣。过去，环球在线教育的供应商将中国用户的数据输送到海外，以便这些用户接受其海外课程；现在，供应商调整了信息系统，将此类数据保留至中国，或者说是不得不减少输送。

• critical information infrastructure 关键信息基础设施

• rejig v.重新安排;重新组织

The second big worry about the new law is that it may be a Trojan horse designed to promote China’s aggressive policy of indigenous innovation. This push has already led Microsoft, an American software giant, to enter into a local joint venture and reveal its source code to officials in order to sell a local version of its Windows 10 operating system. Other foreign technology firms fret that they will be forced to divulge intellectual property to government inspectors, with no guarantees that such secrets will not be passed on to local rivals.

其次，网络安全法可能是中国式的特洛伊木马――为提升本土创新能力的侵袭政策。这一推动已经使得美国软件龙头公司微软，为出售中国版Windows10操作系统，与当地企业合资，将其源代码告知中国行政人员。而国外其它科技公司还在忧心，必须要将知识产权告知于政府监管人员的同时，却无法保证这些机密不会泄露到当地竞争者手里。

• fret vi.&vt.〔尤指不必要地〕烦恼，发愁

They are right to worry, say legal experts. Officials may also decide that certain foreign services do not pass the nebulous test of being secure and controllable. This uncertainty is already boosting the fortunes of such local vendors as Huawei and Lenovo, makers of servers and other hardware, as well as Tencent and Alibaba, both of whom are making a big push into cloud services.（读者试译句） Informed sources say these firms have had a hand in crafting the new law.

法学专家认为，这些公司的担忧并非毫无道理的。行政人员或许还决定了，某些国外服务无法达到所谓安全可控的检测要求。 （期待您的翻译，明天会有针对这句话的长难句解析哟~） 据知情人士说，正是这些公司参与了网络安全法的起草。

The local champions should not celebrate quite yet. As Mr Cheng observes, China’s best technology companies are increasingly active abroad, and so they too will need to harness international flows of consumer data in the future. A law that seems rigged in favour of locals ultimately may end up harming both Chinese firms and consumers.

但是本土公司要庆祝胜利还为时尚早。罗纳德·程提出，中国的科技巨擎在海外的发展蒸蒸日上，未来也需用到用户数据跨境流动，看似支持当地企业的法律最终或影响到中国企业与用户。

• harness v. 控制[利用]〔自然力等〕

翻译 ▍ Ding

审核 ▍ 瞐瞐

图文编辑 ▍且听风吟

责任编辑 ▍毛毛