China׳s information security standardization: Analysis from the perspective of technical barriers to trade principles

•Information security has become a critical issue in China׳s ICT standardization.•Two cases of information security standardization (WAPI and ZUC) are examined and compared from the perspective of WTO׳s TBT principles.•The comparison shows that China׳s standardization strategy has become international-bound, and flexible and communicative with foreign stakeholders.•The changes are attributed to growing external pressure from foreign firms as well as to internal efforts toward innovation based on indigenous technology.

There have been many attempts for ICT standardization in China. Among them, this paper deals with information security standards. Although information security is often mentioned regarding China׳s ICT standardization, it has been rarely examined per se. While most studies on China׳s ICT standardization focus on economic aspects (e.g. increased bargaining power) or the government׳s role, this paper draws on legal aspects. We select WAPI and ZUC for case studies, and examine their legal aspects, particularly from the perspective of WTO׳s TBT (technical barriers to trade) principles. We have found that China׳s standardization strategy becomes international-bound and, in fact, the manner in which the Chinese government handles standardization projects has become refined, flexible, and communicative with foreign stakeholders. We see that the changes are responses to the trade concerns raised by foreign stakeholders in various TBT Committee meetings and bilateral meetings. In addition, the Chinese government appears to become market-oriented even in the field of information security where it previously maintained a rigid stance on the ground of national security. This paper points out that the changes are attributed to growing external pressure from foreign governments and firms as well as to internal efforts toward innovation based on indigenous technology.