I was recently asked about using “BitLocker in China” and apparently, there’s some confusion around this topic on the Internet, so I contacted our Windows deployment folks as well as those in China to shine some sunlight on the matter.
This was their response:
This is an older matter really related to the TPM chipset – not BitLocker itself. To be clear, BitLocker’s use was never prohibited by Chinese Government: It was TPM 1.2 that wasn’t approved previously by Chinese Government, but since 2015, TPM 2.0 has been approved by the Chinese government. Read the following for more detail:
- Governments recognize the importance of TPM 2.0 through ISO adoption
…the [TPM 2.0] standard was supported by a large number of countries, including Australia, Belgium, Canada, China, Czech Republic, Denmark, Finland, France, Ghana, Ireland, Italy, Japan, the Republic of Korea, Lebanon, Malaysia, Netherlands, Nigeria, Norway, the Russian Federation, South Africa, the United Arab Emirates, the United Kingdom and the United States, underlines the growing level of concern around cybersecurity, among both developed and emerging economies.
https://cloudblogs.microsoft.com/microsoftsecure/2015/06/29/governments-recognize-the-importance-of-tpm-2-0-through-iso-adoption/
There are some OEMs selling machines in China with TPM 2.0, and this has changed over time. For more detailed background you can read: https://microsoft.sharepoint.com/teams/Tradenet/Pages/Global-Encryption-Controls.aspx
Locally chip manufacturer, “Nation-Z” (www.nationz.com.cn) can provide TPM 2.0 chip-compatible components with TPM/TCM 2.0.
For example, Microsoft Surface devices ship with this chip in China and China only.
kurtsh
Kurt Shintaku's Blog 