A03 Beyond Malaysian Borders – How Chinese Laws Influence Data Centres in Malaysia

Key Takeaways

  • Data centres located in Malaysia remain primarily subject to Malaysian laws and regulations.
  • However, Chinese laws, policies, industrial strategies, technology ecosystems, and corporate governance frameworks increasingly influence digital infrastructure developments throughout Asia.
  • Unlike the European Union, which often governs through regulation and reporting requirements, or the United States, which often exerts influence through markets and technology platforms, China frequently governs through strategic planning and state coordination.
  • Chinese influence may arise through investors, developers, equipment suppliers, cloud providers, technology companies, telecommunications networks, and digital infrastructure initiatives.
  • Understanding these influences helps explain why some data centre projects in Malaysia are connected to broader regional and global digital development strategies.

A Different Approach to Digital Infrastructure

Over the past two decades, China has transformed itself from a manufacturing powerhouse into one of the world’s largest digital economies.

This transformation required enormous investments in digital infrastructure.

Cloud computing platforms, telecommunications networks, artificial intelligence facilities, semiconductor manufacturing, and data centres became increasingly important components of national development.

As these investments expanded, China developed its own governance model for digital infrastructure.

Rather than relying primarily on regulatory disclosure, as seen in Europe, or market-driven governance, as often seen in the United States, China has generally adopted a more coordinated approach that links digital infrastructure development to broader national objectives.

In this model, data centres are not viewed solely as commercial buildings.

They are also seen as strategic assets supporting economic growth, technological advancement, digital sovereignty, industrial competitiveness, and national security.

MDCO Insight: China tends to view digital infrastructure not merely as a business sector but as a strategic component of national development.

Why Chinese Influence Matters to Malaysia

Malaysia’s data centre sector increasingly serves global and regional markets.

Many projects involve multinational investors, international customers, global supply chains, and interconnected telecommunications networks.

China is now one of Malaysia’s largest trading partners and an increasingly important participant in regional digital infrastructure.

Chinese influence can arise through several channels:

  • Technology suppliers.
  • Telecommunications equipment providers.
  • Cloud service operators.
  • Data centre investors.
  • Artificial intelligence ecosystems.
  • Industrial development initiatives.
  • Regional digital connectivity projects.

Even where a Malaysian facility is not owned by a Chinese company, it may still use Chinese equipment, connect to Chinese digital ecosystems, or serve businesses operating throughout China and Southeast Asia.

MDCO Insight: Influence in modern digital infrastructure often extends through technology ecosystems and economic relationships rather than ownership alone.

Digital Sovereignty: A Core Principle

One of the most important concepts in understanding China’s approach is digital sovereignty.

At its simplest, digital sovereignty refers to the principle that countries should retain control over data, digital infrastructure, and information systems operating within their jurisdiction.

This perspective has shaped many Chinese digital policies.

Data is increasingly viewed not merely as a commercial asset but as a strategic national resource.

Consequently, China has developed legal frameworks governing:

  • Data security.
  • Personal information protection.
  • Cross-border data transfers.
  • Critical information infrastructure.
  • Cybersecurity obligations.

For multinational organisations operating in China, these requirements can significantly influence how digital systems are designed and managed.

MDCO Insight: In the Chinese model, data is often viewed as both an economic resource and a strategic national asset.

The Data Security Law (DSL)

China’s Data Security Law represents one of the central pillars of its digital governance framework.

The law establishes obligations relating to:

  • Data classification.
  • Data protection.
  • Risk management.
  • National security considerations.
  • Cross-border data activities.

The exact obligations vary according to the sensitivity and classification of the data involved.

For organisations operating internationally, the law reinforces the importance of understanding where data is stored, how it moves across borders, and what obligations may apply to different categories of information.

While the law primarily applies within China, multinational companies frequently incorporate these considerations into broader regional governance frameworks.

MDCO Insight: Modern digital governance increasingly focuses not only on where infrastructure is located but also on how information flows through that infrastructure.

The Personal Information Protection Law (PIPL)

China’s Personal Information Protection Law (PIPL) is often compared to Europe’s GDPR.

Both laws seek to protect personal information.

However, they emerge from different legal traditions and policy objectives.

PIPL establishes requirements regarding:

  • Collection of personal information.
  • Consent.
  • Data processing.
  • Data transfers.
  • Individual rights.
  • Organisational responsibilities.

For multinational companies operating across multiple jurisdictions, compliance often requires navigating overlapping privacy frameworks originating from different parts of the world.

This is increasingly relevant for cloud platforms and digital services operating throughout Asia-Pacific.

MDCO Insight: Privacy laws around the world increasingly share common goals even when they originate from different governance traditions.

Cybersecurity Law and Critical Information Infrastructure

China’s Cybersecurity Law forms another major component of its digital governance architecture.

Particular attention is given to what China designates as Critical Information Infrastructure (CII).

These are systems whose disruption could significantly affect:

  • National security.
  • Economic activity.
  • Public services.
  • Social stability.

Although definitions vary between jurisdictions, the broader principle is increasingly familiar worldwide.

As societies become more dependent on digital services, governments increasingly view certain forms of digital infrastructure as critical national assets.

Data centres play an important role within these discussions because they support communications, financial services, healthcare systems, logistics networks, and government services.

MDCO Insight: The more essential digital infrastructure becomes, the more governments tend to view it through a national resilience lens rather than solely a commercial lens.

China’s National Digital Development Strategy

Perhaps the most distinctive aspect of China’s approach is the integration of data centres into long-term national planning.

Examples include:

  • The Digital China strategy.
  • The 14th Five-Year Plan.
  • Artificial intelligence development initiatives.
  • Advanced manufacturing strategies.
  • National computing infrastructure programmes.

One notable example is the “Eastern Data, Western Computing” initiative.

This programme seeks to optimise the location of data centres and computing resources across different regions of China.

The underlying concept is straightforward.

Not all computing workloads require proximity to major population centres.

By strategically distributing digital infrastructure, policymakers seek to balance economic development, energy resources, network efficiency, and sustainability considerations.

MDCO Insight: China often approaches data centres as components of larger infrastructure systems rather than isolated commercial projects.

Technology Ecosystems and Supply Chains

Chinese influence is also visible through technology supply chains.

Chinese companies have become major suppliers of:

  • Telecommunications equipment.
  • Fibre infrastructure.
  • Power systems.
  • Electrical equipment.
  • Monitoring systems.
  • Artificial intelligence technologies.
  • Digital platforms.

These supply chains increasingly support infrastructure projects throughout Asia.

Consequently, decisions regarding standards, interoperability, cybersecurity, resilience, and technology procurement may be influenced by developments occurring far beyond the physical boundaries of a particular facility.

MDCO Insight: Infrastructure decisions are increasingly shaped by global technology ecosystems rather than individual projects alone.

Which Malaysian Data Centres May Experience Chinese Influence?

Chinese influence can arise through multiple pathways.

Chinese Developers and Investors

Projects involving Chinese capital, partnerships, or ownership structures may naturally be influenced by Chinese governance frameworks, reporting requirements, and strategic priorities.

Chinese Technology Ecosystems

Facilities using Chinese-origin technologies may need to consider interoperability, cybersecurity, support arrangements, and evolving technology standards.

Regional Cloud Services

Many multinational companies operate across both ASEAN and China.

As a result, data centres supporting regional cloud infrastructure may interact with Chinese digital ecosystems even when physically located in Malaysia.

Artificial Intelligence Infrastructure

The rapid growth of AI infrastructure creates additional links to Chinese technology development, supply chains, and computing strategies.

MDCO Insight: The strongest forms of influence often emerge through business ecosystems and technology dependencies rather than direct ownership.

How Are These Requirements Enforced?

China’s governance model combines regulation with administrative oversight and strategic coordination.

Enforcement mechanisms may include:

  • Regulatory reviews.
  • Licensing requirements.
  • Cybersecurity assessments.
  • Data transfer approvals.
  • Industry supervision.
  • Administrative penalties.

However, as with the European and American models, formal regulation is only part of the picture.

Commercial relationships, technology ecosystems, customer requirements, and supply-chain expectations also play important roles.

In practice, multinational organisations often adopt governance frameworks capable of satisfying multiple jurisdictions simultaneously.

MDCO Insight: The most influential governance systems often combine legal requirements with economic and technological incentives.

What Can Malaysia Learn?

The Chinese model demonstrates that data centres can be viewed through a broader strategic lens.

Rather than treating digital infrastructure solely as private commercial investments, policymakers may also consider questions relating to:

  • National competitiveness.
  • Industrial development.
  • Digital sovereignty.
  • Technology capabilities.
  • Economic resilience.
  • Long-term infrastructure planning.

This does not mean Malaysia should replicate China’s model.

Different countries have different institutions, priorities, and governance traditions.

However, understanding alternative approaches provides useful context for evaluating policy choices.

MDCO Insight: Studying different governance models expands the range of policy options available to decision-makers.

The Observatory Perspective

The global data centre industry increasingly operates at the intersection of multiple governance systems.

European regulations influence transparency and sustainability.

American ecosystems influence technology and innovation.

Chinese policies influence strategic planning and digital sovereignty.

Malaysia increasingly hosts infrastructure connected to all three.

A data centre in Johor or Cyberjaya may simultaneously involve:

  • Malaysian approvals.
  • American cloud platforms.
  • European investors.
  • Chinese technology suppliers.
  • Global customers.

Understanding these overlapping influences is essential for anyone seeking to understand the future of digital infrastructure.

From an MDCO perspective, transparency and access to information help all stakeholders navigate this increasingly complex environment. Communities, developers, investors, policymakers, operators, and customers all benefit when the forces shaping digital infrastructure are better understood.

MDCO Insight: The future of data centres will be shaped not by a single governance model, but by the interaction of multiple systems operating across an increasingly interconnected world.

Selected References

  • Cyberspace Administration of China (CAC) – Cybersecurity, Data Security and Personal Information Protection: Official information on China’s principal authority responsible for cybersecurity governance, cross-border data regulation, data security, critical information infrastructure protection, and implementation of the Cybersecurity Law, Data Security Law and Personal Information Protection Law. https://www.cac.gov.cn/
  • State Council of the People’s Republic of China – Digital China Strategy: Official information on national strategies, policy documents and administrative measures supporting Digital China, digital infrastructure, artificial intelligence and the digital economy. https://english.www.gov.cn/
  • National Data Bureau (NDB) and National Development and Reform Commission (NDRC) – National Data Infrastructure and Eastern Data, Western Computing (东数西算): Official information on China’s national computing power strategy, coordinated development of regional data centre clusters, national data infrastructure and optimisation of computing resource allocation. The National Data Bureau leads implementation while operating under the National Development and Reform Commission. https://en.ndrc.gov.cn/
  • National Development and Reform Commission (NDRC) – 15th Five-Year Plan (2026–2030): Official information on China’s current national development planning framework, including strategic priorities for digital infrastructure, artificial intelligence, computing capacity and technological self-reliance. https://en.ndrc.gov.cn/
  • Ministry of Industry and Information Technology (MIIT) – Digital Infrastructure and Information Technology Development: Official information on industrial policy relating to telecommunications, cloud computing, data centres, digital infrastructure and information technology industries. https://www.miit.gov.cn/
  • World Bank – Digital Development: International research and policy publications on digital infrastructure, digital governance, data policy and the role of digital technologies in economic development. https://www.worldbank.org/en/topic/digitaldevelopment
  • Organisation for Economic Co-operation and Development (OECD) – Digital Economy: International analysis and policy guidance on digital governance, cross-border data flows, digital regulation and the digital economy. https://www.oecd.org/digital/
  • International Telecommunication Union (ITU) – Digital Infrastructure and Data Governance: International standards, guidance and research relating to digital infrastructure, connectivity, telecommunications and data governance. https://www.itu.int/

Citation

Malaysia Data Centre Observatory (MDCO). Beyond Malaysian Borders – How Chinese Laws Influence Data Centres in Malaysia. MDCO Analyse Series No. A03 (Version 1.0, July 2026).

MDCO Note

This article forms part of the Malaysia Data Centre Observatory (MDCO) Analyse Series, which seeks to improve understanding of Malaysia’s data centre ecosystem through independent, evidence-based and balanced analysis. It is intended for educational and informational purposes only and does not constitute legal, engineering, planning, environmental, financial or other professional advice.

Malaysia’s rapidly evolving data centre ecosystem includes facilities developed, owned or operated by organisations such as AirTrunk, Amazon Web Services (AWS), Bridge Data Centres, DayOne, EdgeConneX, Google, K2 Data Centres, Microsoft, NTT Global Data Centers, Princeton Digital Group (PDG), ST Telemedia Global Data Centres (STT GDC), STACK Infrastructure, Vantage Data Centers, YTL Data Centre Park and many others. MDCO is independent of these organisations, as well as governments, regulators, utilities and advocacy groups. Its role is to facilitate transparency, structured understanding and equal access to information by presenting publicly verifiable evidence, relevant context and multiple stakeholder perspectives. MDCO does not endorse, oppose or advocate for any particular organisation, project or policy position.

Similar Posts