China has passed a new law that classifies cryptography into three different types based on how the technology will be used by the government, businesses and private citizens.
The new law, which goes into effect on January 1st, 2020, makes a distinction among “common”, “core” and “commercial” cryptography.
Core and common cryptography, which will be strictly managed by authorities in cryptography, will be used to protect China’s confidential information and state secrets.
“The law stipulates that confidential information of the state transmitted via wire and wireless communications, and information systems storing and disposing of such confidential information, must use core and common cryptography for their encrypted protection and security certification,” writes state news agency Xinhua.
Conversely, commercial cryptography is for protecting information that is not state secrets and can be used by citizens, legal persons and organizations in accordance with China’s laws.
“According to the provisions, the country encourages the research, academic exchanges, conversion of academic achievements and application of the technologies of commercial cryptography, but the scientific research, production, sales, service and import and export of it must not harm the state security and public interests or other people’s rights and interests,” Xinhua writes.
Those who offer commercial cryptography that has not been authenticated by the Chinese government will be “warned, fined or have their illegal gains confiscated,” Xinhua said.
Those who use cryptography to “engage in illegal activities that harm state security or public interests” will be held accountable by law.