China has suspended a set of controversial cybersecurity rules restricting Chinese banks from using foreign technology amid heavy opposition from the Obama administration and governments worldwide, U.S. officials confirmed Thursday afternoon.
The New York Times first reported the decision.
Chinese regulators sent a note on Monday to banks across the country telling them to “suspend implementation” of the rules, which would require companies selling computer equipment to Chinese banks to submit all software for inspection.
{mosads}The rules — part of a broader counterterrorism measure meant to protect China from cyberattacks — have exacerbated the already frosty U.S.-China cybersecurity relationship.
About two weeks ago, U.S. officials indicated China was hitting pause on these same rules, only to have Beijing officials and industry groups deny it days later.
But this time, the information comes from Beijing officials themselves.
U.S. representatives were informed of the decision at a Treasury Department meeting yesterday with Chinese delegates.
If the suspension sticks, or the rules are drastically altered, it would be a victory for the Obama administration.
A number of senior officials, including Treasury Secretary Jack Lew and Commerce Secretary Penny Pritzker, have traveled to China over the last month and directly protested the law to their counterparts.
“It would be a significant barrier to U.S. companies doing business in China if they were to go ahead with the proposals pending,” Lew told reporters in Beijing after meeting with Chinese Vice Premier Wang Yang in late March. “And I think they heard the concerns.”
President Obama also called Chinese President Xi Jinping to express his concern.
U.S., European and Japanese trade groups have heavily protested the regulations, which they argue would freeze them out of the country and expose their intellectual property and user data to Chinese spies.
In the memo to banks, Chinese regulators indicated the rules had been paused because of “amendment suggestions” from the financial sector and other stakeholders.
It did mention that after the regulations were revised they would be reissued.
The note does not mention whether the broader slate of cybersecurity requirements, which mandate companies use Beijing-approved encryption, would also be delayed.
The bank rules are part of a concerted effort by the Chinese government to favor the use of domestic technology.
Over the past few years, Beijing has also removed a number of major U.S. tech companies, including Apple and Cisco, from its list of approved companies for state purposes.
— Updated 4:11 p.m.