China’s proposed cybersecurity regulations for the insurance industry has sparked a dispute with foreign business lobbies who seek substantial revisions on the policies, according to a report by Reuters.
In a joint letter to China Insurance Regulatory Commission (CIRC), more than 20 foreign business lobbies, including the American Chamber of Commerce, the American Council of Life Insurers, and Japan Electronics and Information Technology Industries Association (JEITA), have expressed their disagreement over the provisions, stating that the policy contradicts global information security standards.
"We urge CIRC to avoid the risks associated with exclusive reliance on localized solutions, prescriptive technologies and restrictions on data flows," said the lobby group. "By excluding foreign technology that may be the most secure, this approach is likely to result in less secure digitalized operations."
Last month, the CIRC released the draft regulations which state that insurance companies, along with their holding companies and asset managers, must prioritize the purchase of "secure and controllable" products. The policy also dictates the inclusion of local hardware and software equipment.
According to an official at JEITA, the business lobbies consider the draft rules as unclear and biased toward Chinese products, among other concerns.
The CIRC has not yet responded to requests for comment.
A similar response to regulatory guidelines occurred in Sept. 2014, as the China Banking Regulatory Commission (CBRC) and other state authorities jointly released guidance policies regarding the application of "secure and controllable information technology" for the banking industry.
Industry experts say there is no assurance that China's insurance regulator will revise its rules in response to the criticisms.
The report stated that on Oct. 30, the CIRC extended its comment period on the draft rules by two weeks until Nov. 15, a move which critics of the regulations said could be significant.