By Josh Horwitz
SHANGHAI (Reuters) - China's policy regarding data transfer and localisation are causing companies to cancel projects due to fears of compliance issues, according to a report from the British Chamber of Commerce in China published on Tuesday.
"The uncertainty is causing considerable anxiety, as it could create insurmountable barriers to data flowing from China," the chamber writes.
"Some businesses are already affected by slowed data flows – one business has canceled two thirds of their planned R&D projects in China, while another has been forced to downgrade the quality of service they provide to clients."
The report describes legal requirements for overseas companies to store data locally in China and conduct "security reviews" before transferring data overseas as "costly" and "restrictive," diverting resources away from more productive R&D endeavors.
The chamber adds that other parts of the laws remain too vague. Authorities, for example, require companies that transfer "important data" to undergo security reviews, but the definition of important data remains too imprecise, the chamber argues.
Meanwhile, the exact administrative requirements for conducting a security assessment have also confused British companies.
"These gaps and ambitious articles throughout China's cybersecurity legislation have created significant challenges for British companies in trying to ensure compliance, hampering their ability to use data to make business decisions at a global and local level."
The chamber recommended that Chinese authorities take efforts to clarify its policies to allow foreign companies in China to share as much data with overseas divisions as possible.
This year, China implemented the Data Security Law and the Personal Information Protection Law, two key provisions dictating how companies must store, protect, and share data.
(Reporting by Josh Horwitz; Editing by Sam Holmes)