Chinese Cybersecurity Regulations & The National Security Risks Being Exploited By China.

China has implemented more than 300 cybersecurity regulations in the past few years, some of which require compliance from companies whose data is transferred to China. However, these regulations are largely unknown to US-based entities that are not prepared to comply, while Chinese companies are given the freedom to operate. The Multi-Level Protection Scheme (MLPS) is a rating system that determines the degree of threat to a company, but the criteria for classification are unknown to entities. China's new laws and regulations on a case-by-case basis give Chinese-based companies an advantage in targeting US-based companies' data. Additionally, China legally reserves the right to mark anything it sees as CII for spot checks and security review. Finally, the standard allows the Chinese government to initiate audits when "deemed necessary," and there is no consensus on the definition of "important data."