Risk Update

Security, Compliance & Client Risk — Will Any International Law Firm Practice in China Come 2020?

Posted Dan Bressler

What happens to international law firms practicing in China on January 1, 2020? Can that even be a thing anymore? Will new appointees be “inserted” at firms? Will client outside counsel guidelines take note and evolve?

Read why many are concerned about new security rules taking effect: “China’s new cybersecurity rules ban foreign companies from using VPNs to phone home” —

  • “The latest move is the long-threatened extension of Chinese spying powers over foreign companies, whose employees are to be prohibited from using working VPNs to communicate with their non-Chinese offices. These employees will now be left to use the same censored internet as Chinese citizens, and every trade secret and confidential communique they transmit to their home offices will be open to capture, inspection and use by Chinese authorities and the state industries they have long supported by funneling proprietary foreign corporate data to domestic competitors.”
  • “The Chinese ‘Cybersecurity Law’ enables Chinese authorities to access any data on any server or personal computer, even those used by foreign firms.”
  • “Moreover, a new Foreign Investment Law that takes effect in 2020 will eliminate any special dispensations currently enjoyed by foreign firms (for example, foreign firms are presently exempt from rules that allow the Chinese state to insert political appointees within the executive ranks of companies to monitor their operations — this will no longer be the case as of Jan 1).”
  • “As Steve Dickinson points out on the China Law Blog, the ability of Chinese firms to spy on all communications between Chinese and offshore offices of US firms compromises US companies’ ability to comply with US laws restricting the export of “sensitive technologies” — the fact that the Chinese state can simply plunder these technologies from US companies’ servers means that whether or not the US companies turn their trade secrets over, they can still be presumed to be in the hands of the Chinese state and military and the Chinese companies that are closely aligned with them:
    • “Under the new Chinese system, trade secrets are not permitted. This means that U.S. and EU companies operating in China will now need to assume any “secret” they seek to maintain on a server or network in China will automatically become available to the Chinese government and then to all of their Chinese government controlled competitors in China, including the Chinese military. This includes phone calls, emails, WeChat messages and any other form of electronic communication. Since no company can reasonably assume its trade secrets will remain secret once transmitted into China over a Chinese controlled network, they are at great risk of having their trade secret protections outside China evaporating as well.”
    • “The U.S. or EU company may have an enforceable agreement with the Chinese recipient of its confidential information. So trade secrecy is protected with respect to that authorized recipient. But if the secret is easily available to the Chinese government, there is no real trade secret protection.”
    • “By giving the Chinese government and its cronies full access to its data, the U.S. or EU company may very well be deemed to have illegally exported technology to China and it could face millions of dollars in fines and even prison sentences for some of its officers and directors. There is an inherent conflict between foreign laws mandating a company not transfer its technology and China’s laws which effectively mandate that transfer.”