Cheng Li’s and Ryan McElveen’s good post over the weekend (via Daniel Byman) sparked the following reflections on U.S. economic espionage, post-Snowden. Li and McElveen nicely summarize U.S.-Chinese relations concerning cybersecurity in the run-up to and aftermath of the Snowden revelations. The post is especially helpful on how the Snowden revelations have hurt some U.S. business interests in China – a point underscored by recent U.S. IT firms’ demands for “global government surveillance reform.”
I have some quibbles Li’s and McElveen’s conclusions, however, which are as follows:
As 2013 comes to a close, it is now well documented and well-known that both the United States and China engage in extensive espionage efforts for national security interests. But China’s espionage efforts are different in one key respect: China conducts surveillance on U.S. commercial entities, while the United States focuses on government targets. Although the U.S. government classifies its surveillance and does not share business secrets with U.S. companies, Chinese spies readily hand over proprietary information from U.S. firms to Chinese firms, breaching intellectual property rights and stealing the fruits of research and development on which American companies have spent billions of dollars.
To address these concerns, the United States must clearly indicate that its primary concern is China’s commercial cyber espionage, and that its goal is to protect future U.S. innovation. This is a goal to which both the U.S. and her allies can commit. By working to forge an agreement with China on the enforcement of intellectual property rights protections, the U.S. will finally be able to move out of the shadow of Edward Snowden. Even then, U.S. technology companies must prepare for their new reality—a greatly reduced share of the Chinese market wherein the enforcement of IPR will only soften their downfall.
First, it is misleading to say that “China conducts surveillance on U.S. commercial entities, while the United States focuses on government targets.”
The distinction between “government” and “commercial” entities in China is not a clear one. But in any event, if the suggestion is that the USG does not generally collect against foreign firms, it is wrong. As I noted before the Snowden revelations:
In a 1991 essay (behind paywall), former CIA Director Stansfield Turner noted that “as we increase emphasis on securing economic intelligence, . . . we will have to spy on the more developed countries—our allies and friends with whom we compete economically.” Former CIA Director James Woolsey said in 2000 that the United States “steal[s] secrets with espionage, with communications, with reconnaissance satellites” from “foreign corporations and foreign government’s assistance to them in the economic area,” in three “main [i.e. probably not exclusive] areas”: (1) to understand how sanctions regimes are operating; (2) to monitor dangerous dual-use technologies in private hands; and (3) to learn about bribery practices. With regard to (3) the 1996 Aspin-Brown Report suggested that the USG spies on foreign firms to “identify situations abroad where U.S. commercial firms are being placed at a competitive disadvantage as a result of unscrupulous actions, e.g. bribery and ‘kickbacks.’”
Following suggestions in the Snowden documents (and in interviews with Snowden) that the U.S. intelligence community was spying on Swiss banks and Brazil’s Petrobras, and other private commercial entities, DNI Clapper issued this statement in September (my emphasis):
It is not a secret that the Intelligence Community collects information about economic and financial matters, and terrorist financing.
We collect this information for many important reasons: for one, it could provide the United States and our allies early warning of international financial crises which could negatively impact the global economy. It also could provide insight into other countries’ economic policy or behavior which could affect global markets.
Our collection of information regarding terrorist financing saves lives. Since 9/11, the Intelligence Community has found success in disrupting terror networks by following their money as it moves around the globe. International criminal organizations, proliferators of weapons of mass destruction, illicit arms dealers, or nations that attempt to avoid international sanctions can also be targeted in an effort to aid America’s and our allies’ interests.
What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of - or give intelligence we collect to - US companies to enhance their international competitiveness or increase their bottom line.
As we have said previously, the United States collects foreign intelligence - just as many other governments do - to enhance the security of our citizens and protect our interests and those of our allies around the world. The intelligence Community’s efforts to understand economic systems and policies and monitor anomalous economic activities is critical to providing policy makers with the information they need to make informed decisions that are in the best interest of our national security.
Clapper’s very carefully worded statement does not deny that the USG spies on foreign firms and business interests. Rather, he denies only that the USG does so for a particular purpose, namely, to give the information to U.S. firms to help such firms be more competitive or profitable. In other words, Clapper implies that the USG does steal such secrets to provide the USG with insights about (among other things) emerging financial crises, “other countries’ economic policy or behavior which could affect global markets,” “economic systems and policies,” and “anomalous economic activities.” These are very broadly worded purposes. Given the USG’s broad economic interests, and the tight link between economics and national security, one can assume that NSA collection of commercial and economic information is very robust.
Second, Li and McElveen focus on the fact – emphasized by Clapper above – that the USG does not give stolen economic secrets to its firms while China (for example) does. I assume this is true because the USG says it is true and because I do not know how the USG would decide to dole out stolen economic secrets to private firms. But of course I tend to trust the word of U.S. intelligence agencies, while the rest of the world does not, and has little reason to do so, especially since the policy of not giving stolen economic secrets to U.S. firms is a policy without (to the best of my knowledge) any basis in law. Moreover, I am skeptical of the distinction between countries that give stolen IP to its firms (China is not the only such country) and those that do not (like the U.S.). The U.S. and Chinese governments have entirely different relationships with their (very different types of) firms. The Chinese government and Chinese business are tightly connected in ways that the USG and U.S. firms are not. Given China’s and the USG’s different political and economic systems and stages of development, it makes perfect sense that China would adopt IP-stealing espionage strategies and the U.S. would adopt (for the most part) IP-preserving espionage strategies, just as the U.S. at an earlier stage of economic development generally adopted IP-stealing (or non-IP-protecting) strategies. I would prefer that China and other nations not steal U.S. commercial secrets to help their firms, but USG complaints about this practice – especially in light of the United States’ now-apparent massive global espionage mechanisms, including via private telecommunications firms – amount to little more than a complaint that the Chinese are pursuing their own interests at the expense of ours. Skepticism about USG motives in this context is especially high in light of the global dominance of U.S. IT firms (which many other nations, not just China, view as a threat to their sovereignty), the revelations of the degree to which the USG apparently collects from or through these firms, and that fact (as I once wrote) the USG is “doing things to China that its government views as direct attacks on the integrity of the Internet and on China’s sovereignty – most notably, taking direct and indirect steps to loosen the government’s strict control over its Internet (by promoting and supplying censorship-evasion technologies, and in other ways).”
Third, I fail to see how (as Li and McElveen put it) “the U.S. will finally be able to move out of the shadow of Edward Snowden” by “working to forge an agreement with China on the enforcement of intellectual property rights protections.” I just don’t see the connection. Even if we focus just on China, the Snowden revelations go far beyond IP protection issues, and reveal to the rest of the world that the USG has deeply penetrated global networks in ways that to the rest of the world appear similar to the practices the USG accuses the Chinese of committing. Many Americans see our motives and activities in penetrating global and foreign networks as relatively benign, but most of the rest of the world – even before, but especially after Snowden – does not see it that way. And that in a nutshell is why moving past Snowden’s shadow will take much, much more than IP agreements.
Fourth, Li and McElveen state that “U.S. technology companies must prepare for their new reality—a greatly reduced share of the Chinese market wherein the enforcement of IPR will only soften their downfall.” True, but this trend has larger causes than the Snowden revelations. And the trend is unsurprising in light of Snowden – not just for economic protection reasons, but also (from the Chinese perspective) for the same reasons that the USG has concerns about Huawei’s presence in the U.S. homeland.
I have been picking on some stray sentences in Li’s and McElveen’s good post because – as I have emphasized many times before – I think it is important for the United States (and thought-makers in the United States) to understand the extent to which USG calls for an “Open” Internet marked by extensive IP protections is (and is widely seen as) a largely hypocritical and narrow U.S. interest. It would be great for the United States if it could preserve the global dominance of its IT firms and of USG intellectual property protections while at the same time engaging in the most extensive global and foreign network espionage of any nation in the world. This position, which I always found untenable (see pieces linked in this paragraph), is especially untenable after Snowden’s revelations. It will be interesting to see how the forthcoming clash between U.S. Intelligence community interests and U.S. IT firm interests shakes out. In particular, it will be interesting to see whether the global fallout for U.S. IT firms – which many think is the greatest cost from the Snowden revelations – causes the USG to scale back its extensive global network espionage. It will also be interesting to see, if this scale-back comes to pass, how the USG will credibly convey that it has scaled back its global snooping. It is not obvious to me that it can credibly convey this information, even if the restraints were embodied in public law. And that fact might be the best argument that it should not scale back, since little concrete credibility can be gained (for the USG or U.S. IT firms), and much can be lost on the intelligence front.