NATIONAL HARBOR, Md. -- Jie Zhang says that as a child in China she played a game picking up marbles with chopsticks and performing the delicate task of carrying them to another room without dropping them. That\u2019s what doing business in China is like for Westerners, she told a breakfast gathering today at Gartner\u2019s Security and Risk Management Summit.They have to get used to long-standing customs and practices that violate some basic business principles respected outside of China and some new ones that deal specifically with technology.For example, a January 2016 cybersecurity law says that companies operating in China that want to use encryption technology in their infrastructure must pick it from a government-approved list. Other laws dictate that if the gear isn\u2019t on the list, encryption keys must be turned over to the government.The given reason is to fight terrorism, and the law settles a debate there that is still raging in the West about whether encryption backdoors should be mandatory so law enforcement can gain access to private communication.Zhang says a Gartner client setting up shop there had been working on its private cloud for six months when the project stalled because it hadn\u2019t gotten this type of approval. \u201cYou might find yourself in that position,\u201d she says. \u201cDo your due diligence.\u201dWhen I translate \u2018privacy,\u2019 I have issues. There is no direct word in Chinese that means privacy.The acceptance of this practice may have something to do with the country\u2019s sense of privacy. \u201cWhen I translate \u2018privacy,\u2019 I have issues,\u201d she says. \u201cThere is no direct word in Chinese that means privacy.\u201d The closest term is yin si, which means \u201chidden personal secret.\u201d \u201cIn China people identify with a group and privacy is a non-existent concept.\u201d+ MORE FROM THE SUMMIT: Gartner: DDoS defenses have been backsliding but starting a turnaround +This sensibility may carry over into a tolerated but officially unsanctioned banking practice. A colleague told her that someone he knew who worked at a bank routinely sold lists of customer information. Zhang says she later had this practice confirmed by a bank executive who said, \u201cYes, we know our employees do that.\u201dBanks are changing, though, with economic policies put forth in the government\u2019s 2015 five-year plan, she says. As part of reforms for more transparency in financial entities, IBM, Oracle and EMC (known as IOE) are losing their seat as the go-to tech firms to supply banking infrastructure.The push is to encourage use of local suppliers, which has led to a jump in business for the China-based tech giant Huawei. IBM has responded by partnering with local companies, she says. Foreign businesses couldn\u2019t build data centers of their own under the new rules. Microsoft partnered locally; Google left the country.There are big differences in other areas. The well-established and effective Western practice of meeting governance, risk and compliance (GRC) objectives to boost corporate productivity is a concept just getting a foothold in China, she says.Last year massive industrial explosions in Tianjin were pinned on issues including IT infrastructure. \u201cThey were not diligent that security systems for checking and testing worked,\u201d she says. Now China will look more at GRC, she predicts.+ ALSO: Gartner: \u2018Insider threat is alive and well on the dark Web\u2019 +In other areas, Chinese are quick to embrace new technologies in ways that Westerners haven\u2019t. Take laptops, for example. Most business people may have a desktop, but most don\u2019t have laptops that they carry around. They do all their mobile computing on cell phones, she says.Outside of technology, even when it comes to standard practices like contract negotiations, there are curve balls. When Zhang worked for a German pharmaceutical company it sat down with potential Chinese business partners to hash out a voluminous contract, she says. The Chinese partners seemed disinterested in the German presentation, then one of them pulled out a two-page document they said should replace the one they had been working on. The flummoxed Germans had to call for a break so they could regroup.This type of jarring tactic isn\u2019t so common anymore among large Chinese internationals, but it can crop up dealing with smaller firms, such as local businesses that may be part of a supply chain, so Westerners should be aware. \u201cExpect a lot of unexpected things in China,\u201d she says.