The People’s Republic of China is postponing the third reading of a controversial draft of a new counter-terrorism law which, among other things, would have required Western technology firms to hand over encryption keys, source code, and install “backdoors” (bypassing normal authentication) giving Chinese authorities remote access to computers and networks.
Recent reports by U.S. authorities that the law has been put on hold for good have turned out to be premature. The law will likely be somewhat revised to address some Western concerns, since Beijing is still dependent on foreign companies, despite a push to eliminate foreign technology in key sectors by 2020. “Currently, the deliberation on this law is ongoing,” according to Foreign Ministry spokesman Hong Lei on March 16.
What to make of this development?
In short, China is trying to accomplish two things. First, the law fits into Xi Jinping’s broader plans to clear banks, the military, state-owned enterprises and key government agencies from its dependency on foreign technology (e.g., Microsoft Corp.’s Windows operating system and core servers) by 2020. The already existing trend in Beijing towards technological nationalism was merely amplified by the NSA spying revelations.
Xi Jinping, who is personally presiding over a newly founded government body called the “Central Internet Security and Informatization Leading Group,” noted during its first meeting in March 2014, that developing domestic technologies and ensuring cyber-security are “two wings of a bird and two wheels of an engine.” According to Bloomberg Business, China invested $182 billion in its tech sector 2013, a jump of 8.1 percent from the previous year.
There have been signs of progress. In November 2014, National Petroleum Corp., the country’s largest energy producer, that it had swapped Microsoft Outlook with the homegrown eYou email software in order to bolster cybersecurity. Also, Bloomberg Businessnotes that, Huawei Technologies Co. and ZTE Corp., among other Chinese tech companies, have already begun to gain local market share at the expense of foreign competition.
This spillover effect for industrial growth is certainly a much-desired byproduct for the communist leadership, given the lower economic growth rates projected for the years ahead and the growing fear of social upheaval. However, up until now the People’s Republic has been almost entirely dependent on foreign vendors, which brings me to my second point.
Since China still has to rely on foreign technology in the immediate future, the law, which the Chinese leadership knew would stir controversy, might have been used in a “shot across the bow” manner to tell the United States government not to overplay its hands in cyberspace and engage in what Beijing called “reckless behavior” in the critical months ahead (e.g., both countries are currently negotiating a Bilateral Investment Treaty).
In May 2014, the U.S. Department of Justice accused five men in the People’s Liberation Army of allegedly hacking into the computer systems of U.S. companies to extrapolate sensitive data, which caused China to suspend its involvement in a joint China-US Cybersecurity Working Group.
Also with the release of reports by U.S. cybersecurity firm on Chinese hacker activities increasing over the past two years, and the call of the U.S. private sector for the Obama administration to take a tougher stance on Beijing cyberespionage activities, the over-the-top draft counter-terrorism law is an insurance card for the communist leadership. For one, it will ensure that the United States will abstain from publicly exposing yet another Chinese cyberespionage ring. Since almost all the major American IT-companies are active in China (with a few notable exceptions), Beijing can dangle the law over the U.S. private sector’s head to encourage cooperation.
In particular, the debate surrounding the draft counter-terrorism law also offers another opportunity for Chinese leadership to highlight the alleged hypocrisy of the United States, since the Snowden leaks confirmed that the National Security Agency had installed backdoors in, for example, Cisco routers and networking equipment (although the company denied it), which are widely used in China.
Before the Snowden revelations, in October 2011, the U.S. Commerce Department rebuffed the bid by Huawei to build a wireless network for first responders in the United States on the grounds of national security. A U.S. Congressional report from 2012 emphasized that the presence of Huawei and ZTE, China’s two largest telecommunication companies, in the U.S. domestic market could be used by Chinese spies to penetrate U.S. communications networks. As a consequence, Huawei announced in 2013 that it will pull back from bidding for big U.S. contracts.
To sum up, “Beijing is happy to give the United States a taste of its own medicine,” as one commentator noted. However, as I stated before, cooperation between the United States and China is of crucial importance, which essentially implies an almost schizophrenic, two-layered approach of simultaneously cooperating with Beijing on one level of cybersecurity, while dissuading elements within China from excessively engaging in malicious cyber activities at another level; this strategic doublethink dichotomy holds true for all nations in cyberspace.