Robert Atkinson, founder and president of the Information Technology and Innovation Foundation, discussed implications for western technology firms operating in China as the Chinese government begins to demand access to encryption keys. Atkinson views this move as an attempt by the Chinese government to push its own protectionist policies, under the guise of protecting itself from cyber thefts.
The Cipher Brief: Why do you think China is attempting to access Western technology companies’ encrypted data?
Rob Atkinson: The Chinese central government’s economic strategy is first and foremost to move up the industry value chain through growing technology-based output in Chinese-owned companies. Because Chinese companies have nowhere near the needed intellectual property and other knowledge needed to match global technology leaders, the Chinese government strategy is to acquire that information “by hook or by crook.” This involves tactics such as requiring technology transfer as a condition of market access, forced joint ventures, and theft (both cyber and physical).
TCB: To what extent, if at all, is this move motivated by a desire to force technology transfers versus an effort to protect China from cyber threats?
RA: There is simply no way that this is an effort to protect China from cyber thefts, despite how skillfully government officials portray it as such. You don’t see countries like Chile and France demanding “secure and controllable” devices. They are no less interested in cyber security than China is. The Chinese central government is skillfully using the Snowden revelations to push its protectionist policies. If it were really interested in “secure and controllable” devices and systems it has an easy answer: allowing foreign firms to sell tech products in China that comply with industry-led voluntary security standards, but if they find that the firm has been working with a foreign government to secretly install “back doors” to then ban that firm from access to the Chinese market. There is no major tech firm that would risk losing that market access. As it stands now, “secure and controllable” is a tactic to favor domestic Chinese firms in government and SOE tech procurement, and a way to force U.S. firms to either partner with Chinese firms or more directly provide access to source code so the Chinese can steal the code.
TCB: The American defense industry is closely tied to American tech firms. How would the ability of the Chinese government to access encrypted data affect U.S. national security?
RA: It is unlikely that U.S. firms would make deals (under threat, of course from the Chinese) that would directly impact U.S. military technology. The worry is more indirect that the Chinese mercantilist policies will weaken the U.S. technology industry, which would weaken the overall U.S. industrial base, while at the same time giving the Chinese government technology capabilities that have dual use capabilities, including helping Chinese defense technology.
TCB: Is there a way for U.S. tech firms to accommodate the Chinese government without alarming the U.S. government? What is the way forward?
RA: There is no way for U.S. tech firms to accommodate the completely unreasonable Chinese government demands without alarming the U.S. government. In part, this is because the Chinese will accept nothing less than the coerced transfer of U.S. technology company capabilities. As noted above, this has nothing to do with cybersecurity. Moreover, the Chinese actions violate the spirit, if not the letter, of the World Trade Organization law. The only way forward is for the world community, particularly Japan, Europe, and the United States, to finally draw a line and declare that this kind of deep, destructive innovation mercantilism is not allowed, and that if China wants the rights and privileges of being part of the global trading system, it will need to dramatically roll back these practices.
TCB: How can the U.S. and China better cooperate to avoid creating situations like this in the future?
RA: This is the wrong question as it implies good faith on both sides. On this issue, the Chinese central government is not acting in good faith. It is all an excuse to gain access to advanced technology that they did not do the hard work to develop. It’s not like the current trade dispute with Europe over data flows and the Safe Harbor agreement, where both sides are acting in good faith but have some modest differences in views and values. This is about trade “cold war,” where both sides have fundamentally different values and goals. The U.S. (and European) value is closely tied to the WTO trading system (including the notion of competitive advantage and two-way trade) and the responsibilities that imposes on members. The Chinese value is to gain absolute advantage based on unfair practices. There is no real way to reconcile these two systems, absent making it clear to the Chinese central government that their strategy of IP theft and mercantilism will have such negative economic consequences globally that they choose to back down.
