Apple and Other Tech Companies Subject to Security Reviews in China
Products sold in China by Apple and other big foreign companies in recent months have been subjected to reviews that target encryption and the data storage, according to people familiar with matter speaking with the New York Times.
The reviews are run by a committee associated with the Cyberspace Administration of China and they are applied more broadly compared to other countries where such reviews focus mostly on products targeted for military use or other parts of the government that are concerned with security.
In China, the reviews target American consumer software and popular gadgets as well, according to the sources, making this a concern for tech companies, as the reviews could be used to extract tech knowledge. The reviews are also supposed to ensure that the US won’t use the products to spy.
The companies also fear that the reviews could be used to block products or to extract trade secrets in exchange for market access.
Those secrets could be leaked to Chinese competitors or expose vulnerabilities, which, in turn, Chinese hackers could exploit.
Further, tech companies are concerned that the reviews could set a precedent and that other countries will follow suit, each demanding different checks that would not only be costly but also put the companies at risk of having to hand over further secrets in exchange for market access.
The information reviewers have sought from tech companies is yet unknown, and there is no indication that those firms have shared sensitive information such as source code. You may recall that Apple’s senior counsel Bruce Sewell has said that China has previously asked for a source code, but that the company refused to provide it.
Considering that Apple has been facing regulatory issues in China — see the shutdown of the iTunes Store and iBooks Store — the New York Times suggests that the $1 billion Didi investment was perhaps a tool for smoothing the relationship with the country.