{"id":5728,"date":"2021-01-15T23:41:00","date_gmt":"2021-01-15T23:41:00","guid":{"rendered":"https:\/\/blackopspartners.com\/?p=5728"},"modified":"2021-08-23T02:48:35","modified_gmt":"2021-08-23T02:48:35","slug":"for-chinese-firms-theft-of-your-data-is-now-a-legal-requirement","status":"publish","type":"post","link":"https:\/\/blackopspartners.com\/for-chinese-firms-theft-of-your-data-is-now-a-legal-requirement\/","title":{"rendered":"For Chinese firms, theft of your data is now a legal requirement"},"content":{"rendered":"\n

Original article published by The Hill<\/a>.<\/em><\/p>\n\n\n\n

In late December, the Department of Homeland Security (DHS) released a significant but largely overlooked advisory<\/a> to American businesses, warning of the risks associated with the use of data services and equipment from firms with ties to the People\u2019s Republic of China. The advisory noted that this presents a major threat to data security for the U.S. government, businesses and people, because China will have the ability to access data covertly through entities it influences or controls.<\/p>\n\n\n\n

The advisory highlights the persistent risk of Chinese government-sponsored data theft because of newly enacted Chinese laws \u2014 specifically, the National Intelligence Law<\/a> of 2017, Data Security Law<\/a> of 2020, and Cryptology Law<\/a> of 2020. These laws compel Chinese businesses and citizens \u2014 including through academic institutions, research service providers, and investors \u2014 to support and facilitate China\u2019s government access to the collection, transmission and storage of data. This violates the letter or intent of U.S. and international law and accepted policies. Companies may be required to store data within China\u2019s borders and to permit access by the Chinese government of data under the pretense of national security.<\/p>\n\n\n\n

These risks result from the decision by the Chinese Communist Party (CCP) \u2014 and thus, the Chinese government \u2014 to generate laws that coerce Chinese firms into providing data and relevant information to them. Of great concern to non-Chinese firms, Chinese laws and initiatives compel Chinese firms and entities to cooperate secretly with Chinese security and intelligence services. These laws may be used to compel Chinese firms to provide Beijing with data, encryption keys and other technical information, as well as to install \u201cbackdoors<\/a>\u201d or \u201cbugdoors<\/a>\u201d (a backdoor that masks itself as a computer \u201cbug\u201d) in equipment which create security flaws vulnerable to exploitation by Chinese entities.\u00a0\u00a0<\/p>\n\n\n\n

The DHS advisory noted that data centers owned or operated by Chinese firms, foreign data centers built with or otherwise operating Chinese equipment, such as Huawei and ZTE \u2014 or \u201crebranded\u201d Huawei or ZTE equipment \u2014 and Chinese partners in joint ventures are required to provide information. Moreover, China\u2019s laws introduce vulnerabilities for software and Apple and Samsung mobile device applications, such as TikTok, and fitness wearables and other devices that can provide location and other data to the Chinese government. <\/p>\n\n\n\n

The intent of these laws is to augment and accelerate China\u2019s ambition to rise to superpower status<\/a>. The laws provide a legal foundation to advance the goals outlined in the \u201cMade in China 2025<\/a>\u201d plan, as well as the Digital Silk Road<\/a> and the Military Civil Fusion<\/a> efforts, the intent of which is to make China the leading global technological superpower by 2049, the centenary of the communist revolution.  <\/p>\n\n\n\n

Additionally, the CCP has indicated that it will aid Chinese companies in their efforts to replace foreign companies as engineers, designers and manufacturers of key emerging and foundational technologies. Through state-sponsored theft of data, such as intellectual property and trade secrets, the CCP plans to shift from industrial manufacturing to information technology and the life sciences, with a particular emphasis on genetic research.<\/p>\n\n\n\n

Consequently, China\u2019s sponsored data theft accelerates not only the reduction of foreign competitors\u2019 domestic market share, but also China\u2019s technological dominance in critical markets long dominated by the U.S. and European firms \u2014 aerospace, semiconductors, robotics, artificial intelligence systems, biometrics, cyber intelligence, genomics, pharmaceutical medicines and sustainable\/green energy materials.<\/p>\n\n\n\n

Inevitably, there also is a military dimension. Stolen intellectual property has been essential to the modernization of the People\u2019s Liberation Army, other military services, and China\u2019s intelligence community, equipping them with advanced warfighting and information capabilities. China employs foreign data as a tool to map the activities and vulnerabilities of key individuals, including Chinese dissidents. This data collection aids China\u2019s diplomacy and global opinion, particularly regarding\u00a0human rights abuses<\/a>\u00a0of its Muslim and Tibetan minorities, and to wage political warfare against the West.<\/p>\n\n\n\n

The DHS advisory should be heeded by not only U.S. firms but also those outside of the United States. Because of China\u2019s laws and policies, any entity interacting with Chinese firms risks intellectual property theft, data theft and exploitation. Even if U.S. firms do not trade with China, those that do \u2014 such as European or Japanese firms \u2014 introduce the risk of indirect theft. The economic, legal, political and human rights consequences of this are yet to be fully realized by American firms and the American people. <\/p>\n\n\n\n

Accordingly, the November 2020 Regional Comprehensive Economic Partnership<\/a> agreement, and German Chancellor Angela Merkel\u2019s decision to reach the Comprehensive Investment Agreement<\/a> between the European Union (EU) and China are regrettable. These agreements were reached despite significant human rights concerns regarding China\u2019s widespread violation of the political, religious and civil rights of the Chinese people; its clash with India<\/a> that resulted in the deaths of about 20 Indian soldiers; and its violations of international treaties, such as the 1984 Hong Kong agreement<\/a>. They are manifestations of the willful ignorance of the problem of economic partnership with Chinese entities. Cooperation and partnership with Chinese firms means cooperation and partnership with the CCP, as well as the predatory mining of data and other property of non-Chinese firms. <\/p>\n\n\n\n

In particular, the fact that Germany would ignore China\u2019s gross human rights abuses and concentration camps for Muslim minorities is not simply a dissonant strategic misstep; it is a grotesque historical reminder of the dangers of Merkel\u2019s foreign policy. The agreement will permit investors to acquire companies in a number of sectors and allow foreign employees to work in other markets. Additionally, it was a snub to President-elect Biden\u2019s administration, which has expressed a desire to work with the EU against China.<\/p>\n\n\n\n

The DHS warning is stark: All firms, people or entities choosing to use data services and equipment from Chinese firms, or to store data on software or equipment developed by such firms, should be aware of the economic, reputational and legal risks associated with doing business with these firms. Were this warning to be heeded by Western and other firms, it would protect non-Chinese firms and people, and could slow China\u2019s rise.  <\/p>\n\n\n\n

In the wake of China\u2019s increasing belligerence<\/a> and behavior during the coronavirus pandemic, the world should have recognized that engagement with China comes at too great a cost. China\u2019s laws have simply codified this.<\/p>\n","protected":false},"excerpt":{"rendered":"

Original article published by The Hill. In late December, the Department of Homeland Security (DHS) released a significant but largely overlooked advisory to American businesses, warning of the risks associated with the use of data services and equipment from firms with ties to the People\u2019s Republic of China. The advisory noted that this presents a major threat […]<\/p>\n","protected":false},"author":2,"featured_media":5729,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"acf":[],"_links":{"self":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/5728"}],"collection":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/comments?post=5728"}],"version-history":[{"count":0,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/5728\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/media\/5729"}],"wp:attachment":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/media?parent=5728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/categories?post=5728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/tags?post=5728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}