Georgetown Law
Technology Review

On February 23, 2018, the United States informed the World Trade Organization (WTO) that China’s data network restrictions, coming into force on March 31, appear to create illegal restrictions for cross-border service supplies and needs to be addressed by the WTO.1Tom Miles, United States Tells WTO of Concerns over China’s New Web Access Rules, reuters (Feb. 23, 2018, 6:08 AM), https://www.reuters.com/article/us-usa-china-cyber-trade/united-states-tells-wto-of-concerns-over-chinas-new-web-access-rules-idUSKCN1G7179. Specifically, the statement claimed that new Chinese regulations would prohibit Virtual Private Networks (VPN) and leased lines from connecting across the Chinese border.2Tiffany Hu, China’s New VPN Crackdown ‘Troubling,’ US Tells WTO, LAW360 (Feb. 23, 2018), https://www.law360.com/articles/1015487/china-s-new-vpn-crackdown-troubling-us-tells-wto. According to the United States, China had been notified of these concerns as early as September, 2017, but so far has failed to remedy or address them.3Id.

Considered one of the most complex and far reaching cybersecurity legislations, China’s data security law went into partial effect last year.4Trevor Schmitt, China’s Great Firewall Remains Shut to Noncompliant U.S. Tech Firms, GEO. J. INT’L L. ONLINE (Jan. 15, 2018), http://www.gjil.org/2018/01/chinas-great-firewall-remains-shut-to.html. The law gives wide discretion to Chinese officials over how Chinese user-data may be used or transferred abroad.5Id.

In January 2017, Chinese officials published a circular titled “Cleaning up and Regulating the Internet Access Service Market” expected to come into force March 31, 2018.6Olivia Solon, China Cracks Down on VPNs, Making It Harder to Circumvent Great Firewall, GUARDIAN (Jan. 23, 2017, 4:38 PM), https://www.theguardian.com/technology/2017/jan/23/china-vpn-cleanup-great-firewall-censorship. The circular outlined a fourteen-month crackdown on unapproved VPNs and leased lines in order to “strengthen cyberspace information management.”7Id.

VPNs and leased lines are private communication connections often used by businesses to ensure the confidentiality of sensitive information.8Bryce Baschuk, China’s VPN Crackdown May Violate WTO Rules, U.S. Says, Bloomberg L. News. (Feb. 23, 2018), https://www.bna.com/chinas-vpn-crackdown-n57982089214/ [https://perma.cc/6NKZ-A9JD]. These connections protect online data by creating a secure data pathway.9John Park, VPN: Privacy and Anonymity for All, 2 GEO. L. TECH. REV. 129 (2017), https://georgetownlawtechreview.org/vpn-privacy-and-anonymity-for-all/GLTR-12-2017/. Individuals may also use these connections to anonymize their behavior or access restricted content.10Id. The ability of VPNs to circumvent detection creates a loophole in Chinese censorship laws, allowing violators to evade prosecution.11Frank Chen, Beijing to Block VPNs but There Are Still Ways Around the Wall, ASIA TIMES (Feb. 27, 2018, 6:21 PM), http://www.atimes.com/article/beijing-block-vpns-still-ways-around-wall/. The new Chinese data security law attempts to close this loophole by banning unapproved versions of the technology. But banning these secure connection techniques harms international business trade in violation of WTO rules, according to the United States.12Communication from the United States, WORLD TRADE ORGANIZATION (Feb. 23, 2018) [hereinafter Communication], https://docs.wto.org/dol2fe/Pages/FE_Search/FE_S_S009-DP.aspx?language=E&CatalogueIdList=243365,243385,243363&CurrentCatalogueIdIndex=0&FullTextHash=371857150&HasEnglishRecord=True&HasFrenchRecord=False&HasSpanishRecord=False.

The WTO’s General Agreement on Trade in Services (GATS) requires that any member country who implements measures that impact telecommunication networks should notify the WTO’s membership body and consult with member countries specifically affected by the measure.13GATS: General Agreement on Trade in Services, Apr. 15, 1994, Marrakesh Agreement Establishing the World Trade Organization, Annex on Telecommunications, 1869 U.N.T.S. 183, 33 I.L.M. 1167 (1994) [hereinafter GATS]. Additionally, GATS specifically requires that “service supplies of any other Member may use public telecommunications transport networks and services for the movement of information within and across borders, including for intracorporate communications.”14Id. This includes measures that discriminate against foreign businesses operating within and outside of the jurisdiction of a member country.15Id.

In the statement to the WTO’s Services Council, the United States claimed that China’s circular would prohibit the use of VPNs and leased lines across international borders. 16Communication, supra note 12, at ¶ 5. According to the United States, the result of this prohibition would severely impact foreign service providers because VPNs and leased lines are “commonly used to ensure the security and confidentiality of information . . . in the course of supplying a service.” 17Id. Based on the pervasive use of secure connection technology, “[t]he Circular, as with China’s proposed regime relating to cross-border transfer of information, would appear to create significant new constraints on market access opportunities for cross-border service suppliers” constituting a potential violation of China’s WTO commitments under GATS.18Id.

Also citing concerns among foreign businesses over the restriction of cross-border data flows and asserting there are other, more effective, ways to achieving legal compliance without inhibiting trade, the United States urged China to “promote rather than disrupt cross-border transfers of information and trade in services.”19Communication, supra note 12, at ¶ 9.

China argues that its data security law is fully compliant with WTO rules because it protects the interest of the general Chinese public.20Baschuk, supra note 8. According to Qi Xiaoxia, Director of the Bureau of International Cooperation at the Cyber Space Administration of China, the data security law ensures that foreign companies and actors “do not do any harm to Chinese national security and national consumers’ interests.”21 Schmitt, supra note 4.

The WTO contains several provisions, including provisions of the GATS, that allow member countries to implement any measure that the member country considers “necessary for the protection of [the member’s] essential security interests.”22GATS, supra note 13. This national security exception to WTO rules has been heavily criticized as overbroad and subject to abuse.23Scott Miller, National Security Exception: When Trade Rules Don’t Apply, tradevistas (June 1, 2017), https://tradevistas.csis.org/national-security-exception-trade-rules-dont-apply/. Critics fear that because a member of the WTO can “self-judge” what it considers important to its own national security, that member may engage in pretextual protectionism and illegitimate policy goals under the guise of legitimate state interests.24Matthew Kahn, Pretextual Protectionism? The Perils of Invoking the WTO National Security Exception, LAWFARE (July 21, 2017, 2:51 PM), https://lawfareblog.com/pretextual-protectionism-perils-invoking-wto-national-security-exception. In response, WTO officials have long recommended caution when invoking the national security exception to invalidate WTO rules.25Miller, supra note 23.

Despite warnings against abuse of the national security exception, WTO member countries have increasingly pointed to national security as a defense to unfair trade measures.26Baschuk, supra note 8. Recently, the United States announced that it would violate WTO rules by imposing tariffs on steel and aluminum under the national security exception.27Ana Swanson, Trump to Impose Sweeping Steel and Aluminum Tariffs, N.Y. TIMES (Mar. 1, 2018), https://www.nytimes.com/2018/03/01/business/trump-tariffs.html. So though the United States may be applauded for speaking out against China’s VPN and leased lines ban, the ban is still expected to come into effect on March 31.28Darren Allan, China Will Block All Non-Approved VPNs Next Month, techradar.pro (Feb. 1, 2018, 3:57 PM), https://www.techradar.com/news/china-will-block-all-non-approved-vpns-from-next-month.