The use of data encryption is regulated in China.
Like many regulations in China, there are often difficult to interpret areas and enforcement is often non-standard across different administrative locations. When in doubt, many people either adopt a do it until questioned approach or not to do anything at all.
In the case of encryption, this has prevented the widespread use of SSL in websites. Even among e-commerce or social websites, SSL is hardly used to protect the transit of personal data and sensitive information.
In fact, you will hardly see any web hosting company even mentioning or providing SSL certificate.
This article has an interesting comment:
If you encrypt data in China, you have to provide the Chinese government the ability to access the keys. By this regulation, the Chinese should be able to get access to [Secure Sockets Layer]-encrypted traffic, too.” The result is that businesses tend not to use encryption in China …
If you are using any kind of encryption in your servers in China or even VPN, you are well advised to seek opinion from a qualified laywer.
More information:
