This chapter builds on the understanding of fuzzy logic regulatory practice, but re-focuses on the main topic of the book: the policy contradictions between the emergence of a seemingly more restrictive cyber regime in China since 2014 and simultaneous announcements of new top-down policies for encouraging entrepreneurial activity. It argues that China’s data and cyber security laws cannot be understood without first understanding both the Chinese government’s Informatisation drive (which includes the Internet Plus policy) and the concept of Network Sovereignty. The chapter is also necessary to understand China’s unique system of governance that is well suited to promote innovations proposed by private Chinese tech companies.

This chapter explains the extent of fuzzy logic law surrounding the legal structure of technology companies in China. The chapter provides a profound illustration of the environment in which Chinese entrepreneurs must operate and remains an ongoing story. From the outset, Chinese technology entrepreneurs must decide how to legally structure their companies in order to account for vague conceptions of legality.

This chapter demonstrates the extent of the data protection problems in China, and the public’s growing concern about loss of privacy and abuse of their personal data. It proceeds to show that under China’s Cyber Security Law, the government has responded to this issue by strengthening ‘data protection’ from abuse by private companies but without shielding ‘data privacy’ from government intervention. In particular, enforced real-name user registration for online services potentially allows the Chinese government to demand access to the local data of any person who uses an online service in China, for national security or criminal investigation purposes. The chapter argues that this internal contradiction within the Cyber Security Law – increased data protection while demanding real-name user registration – may also benefit AI development. This is due, in part, to the vagueness of key terms within the Cyber Security Law, and the accompanying fuzzy logic within the Privacy Standards issued under that law, which allow both tech firms and government regulators considerable discretion in how they comply with and enforce data protection provisions. In the final part of the chapter, it is argued that due to the potential benefits of AI in solving serious governance problems, the Chinese government will only selectively enforce the data privacy provisions in the Cyber Security Law, seeking to prevent commercial abuse without hindering useful technological advances.