Government Officials Punished for Storing Classified Data on Cloud with Weak Security Measures

In a recent push to bolster data security, Chinese officials have been admonished for using cloud storage to handle classified information, revealing a “weak security awareness” for which they have been punished, albeit the specifics of the espionage involvement or the nature of the penalties remain undisclosed. The ministry has issued stringent guidelines to government employees, urging them to avoid discussing, storing, or transmitting sensitive information via the internet, mobile phones, or cloud services. Recommendations include disabling sharing features, encrypting documents, frequently changing passwords, and disabling automatic backup features to prevent data leaks.
The call to action is grounded in the 2021 comprehensive data security law and an amended anti-spy law that broadens the definition of espionage, alongside a revised law on guarding state secrets that expands coverage significantly. These laws emphasize the protection of “core data” critical to national and public interest and impose severe penalties for unauthorized overseas data transfer. The Ministry of State Security is actively engaging on social media to educate and warn against threats from foreign espionage, including a recent highlight of alleged espionage by MI6. It underscores the protection of both traditional security domains—political, economic, military—and non-traditional areas such as biosecurity, data security, and artificial intelligence. Additionally, there’s a growing concern over foreign NGOs potentially using environmental research as a facade for collecting sensitive environmental data from China.