By Oiwan Lam
Hong Kong Free Press
The barriers to entering the world’s biggest Internet market — China — just got a little higher for foreign technology companies.
At first, China demanded that user data be stored within its borders. Then it extended this requirement to apply to online content. And now, it is preparing new rules that will require all websites hosted in China to register their domain names within the country.
China revised its Internet Domain Name Management Rules and posted a draft online on March 25 for a one-month consultation period. The new requirement stipulates that all websites hosted in China must register their domain names with authorized domestic domain name service providers in order to gain access to the Chinese network.
In February 2016, China released new Administrative Regulations for Online Publishing Services requiring all foreign-owned media which has mainland Chinese people as part of their target audience to host all of their content — “text, maps, games, cartoons and audio files” — on servers located inside China. The only alternative for foreign media companies would be to distribute their contents through project-based cooperation with local partners with prior approval from the State Administration of Press, Publication, Radio, Film and Television.
The regulation not only bolsters the legality of the Great Firewall, a mechanism that blocks overseas websites, but also raises the threshold for foreign media companies that want to enter the Chinese market.
Foreign tech companies under China’s thumb
This is just another measure of success that Chinese authorities have had in pressuring IT companies to “respect” national and local rules. Since 2014, the foreign IT companies have been compelled to sign a pledge known as the Information Technology Product Supplier Declaration of Commitment to Protect User Security. The pledge requires technology companies to store user data within China’s borders. Since its inception, IT giants including Apple, Microsoft and LinkedIn have started storing their user data in local data centers. Even more companies have joined the China market clubs in the past two years. Establishing content servers was just another step in the same direction.
But the new Internet Domain Name Management Rules take this regime of control to a new level, as they require all websites hosted in China to have their domain names registered in domestic DNS service providers. Companies that fail to do this will simply not be connected to China’s domestic network.
Article 37 of the draft reads:
Domain names that connect to the network from within the borders shall have services provided by domestic domain name registration service bodies, and domestic domain name registration management bodies shall carry out operational management.
For domain names that connect to the network from within the borders, but which are not managed by domestic domain name registration service bodies, Internet access service providers may not provide network access services.
When the new regulations is enacted, leading foreign companies including Microsoft and Apple will have to register their sites’ domain names with local DNS providers in order to remain accessible in China.
And this won’t just affect foreign companies. Today, even some big-name Chinese corporations have their domain names registered with overseas domain name service providers, including Taobao and Baidu.
The changes of course will not affect websites that do not have servers hosted in China, such as Facebook, Google, and Twitter. As usual, these major sites will continue to be blocked in the country.
“If [foreign companies] want to develop their business in China, [they’d] better cooperate with domestic authorities”
Jiang Bojing, an IT analyst explained to a party affiliated news outlet, the Paper, the rationality behind the regulation:
First of all, it further bans those harmful and dangerous websites from connecting to the domestic network. Secondly, it promotes China’s top domain name. Thirdly, it sends a signal to overseas corporates that if they want to develop their business in China, better cooperate with domestic authorities.
Tech blogger William Long pointed out that if all websites hosted in China are to register their domain names in China, they would have to face both political and technical risk as the authorities have the power to suspend a domain name under “client hold” because of the appearance of sensitive contents in the website. Moreover, the DNS registration in China operates using a real-name system, which makes it more difficult for the clients to relocate their DNS servers.
One must also bear in mind that the top-level domain .CN is under the management of China Internet Network Information Center (CNNIC) which is responsible for issuing security certificates to Internet service providers. Last year, Google and Mozilla found out that CNNIC had issued certificates to a corporate entity that subsequently launched a man-in-the-middle attack intercepting connections between users and their intended destinations by directing the users to another website — one that was disguised to look like their destination, but was in fact an entirely different site. The periodic recurrence of such “errors” over the past few years have left some wondering if registering a domain name under CNNIC could result in a security breach.
While the regulation specifies that Internet service providers should not give access to overseas registered domain name websites with servers in China, it does not specify whether ISPs can continue to provide access to non-sensitive foreign websites with both servers and DNS hosted overseas. Critically, some worry that the regulation will eventually cut China off from the global Internet altogether. The Ministry of Industry and Information Technology has stressed that the regulation only applies to websites hosted in China and will not affect the normal development of business for overseas companies in China, but some have their doubts.
A source who had participated in the drafting of the regulation told Wall Street Journal (via China Digital Times):
No one in China will have trouble visiting whitehouse.gov. The White House will not have to submit network access information to the authorities, because it has nothing to do with China […] Still, the rule could affect larger foreign companies that have or want to set up a website or other online service aimed at Chinese consumers.
All of this means that foreign technology companies must now pay a price for entering the Chinese market. We can only expect that the number on the price tag will get higher and higher over time.
What is the Domain Name System (DNS?)
A decentralized naming system for computers, websites, or any resource connected to the Internet, the DNS translates more readily memorized domain names (i.e. “globalvoices.org”) to the numerical IP addresses (i.e. 220.127.116.11) needed for the purpose of locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality of the Internet. (modified explanation from Wikipedia)