(1) accordance to its national legislation. ” Regarding to

(1)    According to the claimants’ request, the
article 37 of China´s Cyber Security Law (CSL) imposes and unfair and
unequitable treatment between foreign and national investors in the mainland of
the Peoples of Republic of China (PR China) and violate the article 2.2 of the
Bilateral Investment Treaty between China and Korea (BIT).

First of all, the BIT agreement does not
prohibit China of the right to regulate in its territory even more regarding to
its national security issues. It is demonstrably that the purpose of the Chinas
CSL is protect the personal data of millions of networks users and prevent the
cyber security threats.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

On the other hand, is well know that every
individual or corporation who wants to invest and operates in a foreign country
must follow the laws of the host country in which they operate or reside. The
BIT agreement establish in this line in the article 2, para. 1 that:

“Each Contracting
Party shall encourage investors of the other Contracting Party to make
investments in its territory and admit such investments in accordance with its
laws and regulations.”

Also in the article 2, para. 4:

 

“Nationals of one Contracting Party who wish to enter the
territory of the other Contracting Party and to remain therein for the purpose
of making investments (…), shall be given sympathetic consideration to
their applications for entry, (…) as well as applications for licenses and
permits to conduct business activities, in the territory of that other Contracting
Party in accordance to its national legislation. ”

 

Regarding to the Fair and Equitable
Treatment (FET) claimants failed explaining in what sense the article 37 of the
CSL violates the FET. We assert that the CSL does not violate the article 2.2
or any principle contained in the BIT.

 

Likewise, regarding to national treatment
and non-discrimination, CSL does not make any distinction between foreign and
local investors since this law is applicable for every individual or company
regardless of their nationality  

 

A well reading of article 37 of CSL is that
all companies -without any
distinction- must undertake a security assessment, made by the
government, before moving data out of China only if it contains personal
information of users or sensitive data that could be affect national security
or social public interests.

 

For China´s government and evidently for
every country, cyber security issue is a public interest and this measures
taken by China is the only, effective and reasonable way that would be
appropriately deal with the cyber security risks. For Instance, the requirement
for data localization, bringing data under Chinese jurisdiction make effective
and efficient the prosecution to entities which are violating China’s
internet laws.

 

(2)   
In regarding to the objected article 23 of CSL, claimants fail
interpreting the article 23 in a wrong way. What the article 23 estipulate is
that providers can only sell their critical network equipment, products or
services after receiving security certifications. In any way this provision
points out that network operators have to disclose their proprietary software
secret. What claimants assert is
based in purely suppositions and cannot be considered seriously, additionally,
they did not show any factual evidence of their allegations so far.

As a general principle in
international law, the party alleging a violation of international law given
raise to international liability has the burden of prove all the factual
elements necessary to support its case. And in the present case, claimants
failed this requirement in the whole claim request.

 

(3)   
This law
is not less favorable than before, simply because this law is the first
approach of China towards a consolidated
legal act in data protection and it is in line with th global cyber security norms and best practices.

 

Unlike an
increasing number of countries around the world, China did not have an integral
data protection law. Instead of that, the regulation of privacy and cyber
security issues were spread in a several number of industry-specific laws, such
as the Practicing Physicians Law, Commercial Banking Law, Postal Law, and the
Provisions on the Protection of Personal Information of Telecommunication and
Internet Users. 

 

(4)   
Claimants
does not know when is the appropriate time to comply the law, China gave them 2
years until 31 December 2018 to comply with the law

 

The time given by the Chinese government is
reasonable taking into account that the risks of network system are by time to
time increasing exponential

 

PR China is aware that the implementation
of the law has to be gradually, which will allow companies to better assess
their obligations. That’s why the Cyberspace Administration of China sets 18-month
phase-in period from June 2017, delaying the full implementation of the law to
give companies more time to comply.

 

It has to take into account that the risks
given by the new technology push the governments to take effective and
efficient actions on time, in this way Peoples of Republic of China takes
seriously the rights that can be violated by the new technology.