Criticism of the Chinese Communist Party (CCP) runs a wide gamut. Accusations of human rights abuses, intellectual property theft, authoritarian domestic policies, disrespecting sovereign borders, and propaganda campaigns all have one common factor: the CCP’s desire to control information. Controlling information means controlling data. Lurking beneath the People’s Republic of China’s (PRC) tumultuous relationship with the rest of the world is the fight between nations to control their citizens’ data while also keeping it out of the hands of adversaries. The CCP’s Three Laws are its newest weapon in this data war.
One byproduct of the CCP’s emphasis on controlling the narrative is that analyzing the PRC’s laws and policies requires reading between the lines—in the dark, by candlelight. Even the most informed analysis requires assumptions. The Three Laws are no different. Their broad language, drastic penalties, and sweeping scope rule out the traditional tools of statutory interpretation. Ordinary meaning, canons of construction, and legislative history are useless. In the PRC, the law means what the CCP says it means. To understand the Three Laws and predict the associated regulatory risks, lawyers, economists, and politicians alike must think and reason by analogy.
This Note offers analyses, case studies, and recommendations that provide practitioners a solid framework to assess a company’s regulatory risk under the Three Laws. First, this Note outlines the guiding tenets of the CCP to understand the motivations behind the Three Laws. Next, it provides case studies of different companies’ relationships with the CCP. Realizing how the CCP has dealt with some of the largest companies in the world—Ant Group, Didi Chuxing, Apple, Tesla—is crucial to understanding the threat of future capricious CCP action.
This Note then analyzes alleged CCP hacking campaigns and global influence building so the reader may better understand the types of actions that the CCP undertakes—and fears being done to it by others. Finally, this Note provides recommendations for companies with different levels of exposure to the CCP and its ability to enforce its laws. Ultimately, this Note provides the reader with a primer on an important geopolitical issue: the shadowy battle between the world’s great powers to control their citizens’ information, procure their adversaries’ data, and the ways that the law is being used to further these goals.