In our last post we documented how Huawei technology, thanks to massive cross-subsidization from the Chinese government, was succeeding in deploying its telecommunications network around the world. That is a story that is fairly well known in Washington policy circles. However, Huawei is by no means the only technology threat China poses though its comprehensive digital policy (and TikTok – while problematic is not serious enough to even make the list of top five threats).
Early in the digital age, the Chinese perceived that the vulnerabilities in the new digital systems could be used to gain access to western intellectual property that could help jump start their own domestic industries. They also understood the international market for advanced digital systems in developing, as well as developed countries desperate to reap the economic benefits of the digital age. By providing massive subsidies to their domestic companies China enabled them to approach nations on 5 continents and literally make countries “offers they couldn’t refuse.”
Huawei is just the tip of the iceberg – or perhaps better said the tip of the sword. Three firms Baidu, Alibaba and Tencent (BAT) already have a combined value of over a trillion dollars and each, with China state support and allegiance, are making remarkable inroads into all manner of world commerce and culture.
Alibaba is leading the world in FinTech disruption and already controls the world’s largest money market fund and handles more payments than Mastercard. It is operative in over 200 countries and is launching a $15 billion initiative in AI, quantum computing, and emerging new tech driven markets.
Baidu was the first to apply deep learning and is extending into multiple markets such as brain inspired neural chips and intelligent robotics – all under China’s state-run umbrella.
According to analyst Peter Diamandis, “When it comes to Chinese tech giants with absolutely no analog in the West, Tencent takes the cake, hands down. Tencent combines the functionality of Facebook, iMessage, PayPal, UberEATS, Instagram, Expedia, Skype, WebMD, GroupMe and many others into a single ecosystem with its WeChat system. It is aggressively entering markets as varied as high-end health care and mobile gaming (its League of Legends game is played by over a 100 million people every month).
A recent study out of Carnegie Mellon University found that “Relatively little attention has been given to the role of the Internet in the promulgation of China’s Bridge and Road Initiative (BRI). Often overlooked in the current discussion are the massive digital infrastructures (e.g., fiber-optic cables and data centers) that have been laid alongside transport and energy projects… Speaking at the first BRI forum in Beijing President Xi declared the critical role of the digital silk road in the overall initiative. He called for further integration into BRI of next generation network technologies – including artificial intelligence, nano- technology, quantum computing, big data cloud, and smart cities.
China is aggressively using this vast and growing technology base to expand its reach to both influence and, when needed, spy on the rest of the world.
By embedding Chinese infrastructure in networks around the world, the Chinese government has created the ability to access information traveling across these networks for their own national interests whenever they desire.
That’s not the bad news.
These Chinese-based commercial digital companies generally follow the paradigm detailed in the Huawei example. Former Asst. Secretary Ford noted that “The Global Chinese firms do not always make decisions for commercial and economic reasons…. All such firms are subject to a deep and pervasive system of Chinese Communist Party control which uses them as instruments not only for making money but also for pursuing the Party-State’s agenda… Such firms are subsidized by the government with massive lines of credit and long-duration loans with generous grace periods from state owned banks in order to undercut competition and penetrate foreign markets more deeply.”
Moreover, as is the case with Huawei, there are a wide range of Chinese laws that require these companies to cooperate “unconditionally” with the Chinese Communist Party’s security apparatus. For example, the National Intelligence Law requires entities in China to cooperate with its intelligence services and covers both privately-owned and state-owned enterprises. Analogous provisions are also included in China’s National Security Law, Counter Terrorism Law, and Cybersecurity Law.
Speaking at the second annual Multilateral Action on Sensitive Technologies (MAST) Conference former US Assistant Secretary of State Dr. Christopher Ashley Ford said:
“The Chinese system of military-civilian fusion (CMF) presents an additional layer of problems. Military-civil fusion is a national level Chinese effort that seeks to systematically take down barriers between China’s civilian and military sectors….firms such as Huawei, Tencent, ZTE, Alibaba, and Baidu have no meaningful ability to tell the Chinese Communist Party “no” if officials decide to ask for assistance – e.g., in the form of access to foreign technologies, access to foreign networks, useful information about the foreign commercial counterparties, insights into patterns of foreign commerce or specific information about activities or locations of users of Chinese hosted or facilitated social media computer or smartphone applications or telecommunications.”
It is of course true that the US has responded to a degree to this aspect of the Chinese threat. For example, here in the US the FCC has a program to rip-and-replace Huawei technology with government footing the bill. The US has been successful in convincing a number of other nations to enact similar policies. Unfortunately even here in the US the funding needed to make these policies a reality doesn’t exist – the US rip-and-replace policy is billions of dollars short. The same problem exists around the world with similar polices – and that is just to undo the inroads Huawei has already made.
The US badly needs to develop a much more fulsome cybersecurity strategy. One that is the equivalent to China in its thoughtfulness, its sophistication, its breath and the degree of economic support that will be required for industry to truly partner in this 21st century conflict. Basic technology mandates and reporting systems are nowhere near sufficient to address the cyber threat our global adversaries are engaged in.
Abstracted from Fixing American Cybersecurity: Creating a Strategic Public Private Partnership. Larry Clinton editor Georgetown University Press 2023 – available on Amazon.