On February 23, 2018, the United States informed the World Trade Organization (WTO) that China’s data network restrictions, coming into force on March 31, appear to create illegal restrictions for cross-border service supplies and needs to be addressed by the WTO.1 Specifically, the statement claimed that new Chinese regulations would prohibit Virtual Private Networks (VPN) and leased lines from connecting across the Chinese border.2 According to the United States, China had been notified of these concerns as early as September, 2017, but so far has failed to remedy or address them.3

Considered one of the most complex and far reaching cybersecurity legislations, China’s data security law went into partial effect last year.4 The law gives wide discretion to Chinese officials over how Chinese user-data may be used or transferred abroad.5

In January 2017, Chinese officials published a circular titled “Cleaning up and Regulating the Internet Access Service Market” expected to come into force March 31, 2018.6 The circular outlined a fourteen-month crackdown on unapproved VPNs and leased lines in order to “strengthen cyberspace information management.”7

VPNs and leased lines are private communication connections often used by businesses to ensure the confidentiality of sensitive information.8 These connections protect online data by creating a secure data pathway.9 Individuals may also use these connections to anonymize their behavior or access restricted content.10 The ability of VPNs to circumvent detection creates a loophole in Chinese censorship laws, allowing violators to evade prosecution.11 The new Chinese data security law attempts to close this loophole by banning unapproved versions of the technology. But banning these secure connection techniques harms international business trade in violation of WTO rules, according to the United States.12

The WTO’s General Agreement on Trade in Services (GATS) requires that any member country who implements measures that impact telecommunication networks should notify the WTO’s membership body and consult with member countries specifically affected by the measure.13 Additionally, GATS specifically requires that “service supplies of any other Member may use public telecommunications transport networks and services for the movement of information within and across borders, including for intracorporate communications.”14 This includes measures that discriminate against foreign businesses operating within and outside of the jurisdiction of a member country.15

In the statement to the WTO’s Services Council, the United States claimed that China’s circular would prohibit the use of VPNs and leased lines across international borders. 16 According to the United States, the result of this prohibition would severely impact foreign service providers because VPNs and leased lines are “commonly used to ensure the security and confidentiality of information . . . in the course of supplying a service.” 17 Based on the pervasive use of secure connection technology, “[t]he Circular, as with China’s proposed regime relating to cross-border transfer of information, would appear to create significant new constraints on market access opportunities for cross-border service suppliers” constituting a potential violation of China’s WTO commitments under GATS.18

Also citing concerns among foreign businesses over the restriction of cross-border data flows and asserting there are other, more effective, ways to achieving legal compliance without inhibiting trade, the United States urged China to “promote rather than disrupt cross-border transfers of information and trade in services.”19

China argues that its data security law is fully compliant with WTO rules because it protects the interest of the general Chinese public.20 According to Qi Xiaoxia, Director of the Bureau of International Cooperation at the Cyber Space Administration of China, the data security law ensures that foreign companies and actors “do not do any harm to Chinese national security and national consumers’ interests.”21

The WTO contains several provisions, including provisions of the GATS, that allow member countries to implement any measure that the member country considers “necessary for the protection of [the member’s] essential security interests.”22 This national security exception to WTO rules has been heavily criticized as overbroad and subject to abuse.23 Critics fear that because a member of the WTO can “self-judge” what it considers important to its own national security, that member may engage in pretextual protectionism and illegitimate policy goals under the guise of legitimate state interests.24 In response, WTO officials have long recommended caution when invoking the national security exception to invalidate WTO rules.25

Despite warnings against abuse of the national security exception, WTO member countries have increasingly pointed to national security as a defense to unfair trade measures.26 Recently, the United States announced that it would violate WTO rules by imposing tariffs on steel and aluminum under the national security exception.27 So though the United States may be applauded for speaking out against China’s VPN and leased lines ban, the ban is still expected to come into effect on March 31.28