The European Union's General Data Protection Regulation (GDPR) doesn't come into force until May 2018, but when it does it will have a profound effect on businesses. The regulation will apply to data about every one of the EU's 500 million citizens, wherever in the world it is processed or stored.
... ... Put simply, targeting and tracking companies will need to get user consent somehow. Everything that invisibly follows a user across the internet will, from May 2018, have to pop up and make itself known in order to seek express permission from individuals.
Companies are also required to give government investigators complete access to their data if there is suspected wrong-doing, and Internet operators must cooperate in any national security or crime-related investigation.
Note that China has an extremely flexible definition of "national security".
Additionally computer equipment will need to undergo mandatory certification, that could involve giving up source code, encryption keys, or even proprietary intellectual data, as Microsoft has been doing for some time.
Research is what I'm doing when I don't know what I'm doing. -- Wernher von Braun