TELECOMS: China’s Insecurity Fuels Looming New Trade War

By newsdoug on March 7, 2015

Bottom line: China needs to realize that hardware from private western firms isn’t a risk to national security, and change its stance on new security-related requirements or risk another major trade war.

China’s growing insecurity is quickly shaping up as the next front line in a seemingly endless series of business disputes with the west, with word that Beijing is weighing a major new anti-terrorism law that would place huge new intrusive conditions on western technology firms. This story has been gaining rapid momentum over the last year, though until now many of the moves have been largely talk and one-time actions aimed at individual companies.

This new move, involving a proposed counter terrorism law, looks set to formally place many of the previous requirements on all foreign tech companies that sell their equipment to Chinese government agencies and other sensitive sectors like banks. Most of the companies being targeted come from the telecoms and related sectors, including networking equipment and the software that runs such equipment.

Before we look more closely at the latest developments, I should start with my own view that the US needs to take at least some of the blame for China’s sudden paranoia, which is partly the result of disclosures about cyber-snooping made by Edward Snowden. At the same time, China’s sudden paranoia seems hugely disproportionate for the situation, and the moves it is taking are starting to look more like retaliation than any real serious attempt to improve national security.

According to the latest report, China’s parliament has created a draft counter-terrorism law that has gone through 2 readings and could be formally adopted in the coming weeks or months. (English article) The law’s first draft was published late last year, and includes a wide range of measures aimed at helping Beijing to fight terrorism.

Highlights include provisions that would force tech companies to hand over their source code and install back-doors in their products to give Beijing access. In addition, companies would also be required to keep data from their Chinese customers on locally-based servers, and to assist investigators with any probes into people suspected of threatening national security.

As an interesting footnote, it appears a large part of the news report I read is coming from non-Chinese sources, with numerous unnamed industry sources quoted. One such source equates the draft law to the “Patriot Act on really, really strong steroids”, in a reference to the US’s own anti-terrorism law passed after the September 11 attacks. That shows the frustration and concern that foreign tech companies like IBM (NYSE: IBM) and Cisco (Nasdaq: CSCO) are feeling about this law, which has prompted them to complain loudly to Washington.

Of course, none of this is completely new. Microsoft (Nasdaq: MSFT) began the trend of capitulating to Chinese security worries as early as 2003, when it gave its Windows source code to Beijing. More recently, Apple (Nasdaq: AAPL) made the unusual decision to base data for its China-based users on servers based in China, presumably to give Beijing legal authority to demand access to that information for investigations.

As I’ve said at the outset, Washington is at least partly to blame for Beijing’s fast growing national security paranoia. Chinese leaders must have been horrified to read about US snooping on phone conversations by German Chancellor Angela Merkel, and realized that if Washington would spy on an ally like Germany it would probably monitor them even more closely. Later revelations that Washington security police also easily broke into the system of telecoms giant Huawei probably only made the Chinese paranoia worse.

But all of that said, China’s reaction with this new anti-terrorism law seems misguided and unlikely to solve many of the national security issues it worries about. The US has already shown that it’s quite sophisticated at hacking into any telecoms system it wants, and forcing companies to hand over their source code won’t change that.

What’s more, China’s growing preference to buy more high-tech equipment from local companies will probably just make the nation less secure, since many of these companies’ products are far less sophisticated than rival goods from the west. At the end of the day, China needs to realize that cyber security is an issue it needs to tackle through diplomacy and its own efforts to safeguard vital computer networks. It also needs to understand that placing burdensome and invasive requirements on equipment suppliers will have minimal or no impact in achieving any of those aims.