China: How Much of US Citizens’ Data Do They Have?
Posted On June 29, 2020
This article contains commentary which reflects the author's opinion
Get The Real News Delivered To Your Inbox
China’s National Intelligence Law
Article 7 of China’s National Intelligence law, states: “any organization or citizen shall support, assist and cooperate with the state intelligence work in accordance with the law,” adding that the state “protects” any individual and organization that aids it. This basically means that every Chinese company and every Chinese citizen is obligated to spy for China.
China is building databases on vulnerabilities of hundreds of millions of Americans through hacking, through selling cloud storage services, and through the National Intelligence Law, which obligates companies to allow the government to read their files, databases and records. This includes both employee data and customer data. So, if you are working or have worked in China, your data has definitely been entered into a database. But, even if you do business with an American company in America, it is possible they store data in China or use Chinese services or hardware to process payments. In that case, China has your data.
Sen. Josh Hawley (R-Mo.) explained how The National Security Law and the National Intelligence Law grant the Chinese government lawful and technical access to all digital data within its borders and possibly even large volumes of data beyond its borders. According to Kara Frederick, Fellow at the Center for a New American Security, China’s new security plan will be fully implemented during the year 2020 as part of the Foreign Investment Law. It will also now be expanded to include foreign companies. Hence, even foreign companies will be obligated to hand over all data.
Censoring Posts and Content
The National Intelligence Law also requires citizens and companies to inform on people who post anti-government sentiments on social media. As the law will now be expanded to cover foreign companies, this may mean that even foreign companies would be required to censor their employees’ social media posts. Additionally, since all data would now be available to the government, this could extend to contents of private chats and emails.
The sorts of comments the Chinese government would want to know about would not be limited to revolutionary thoughts and conversations but also mentions of Tibet, Taiwan and Tiananmen Square. Known as the three T’s, they are regularly removed from social media platforms. Other forbidden topics would include the Xinjiang detention camps and the Hong Kong protests. We saw last year what happened when Daryl Morey, the general manager of the Houston Rockets basketball team, tweeted in support of the Hong Kong protesters. The Rockets lost millions in TV and endorsement deals in China. Under the new law, the company would be responsible for finding dissenting employees and turning them in.
Hawley is one of the American congressmen who is concerned about our China vulnerability. In November 2019, he warned the Senate Subcommittee on Crime and Terrorism about the dangers of TikTok, the Chinese social media platform. TikTok is owned by a Chinese company called ByteDance, which claimed that they were storing data in the US. However, the Chinese National Security Law would apply to all Chinese companies, even those working abroad. This means that any data stored by any Chinese company, anywhere in the world, could be at risk of being divulged to the Chinese intelligence services.
The Peterson Institute for International Economics advised the US government that TikTok posed a major threat to national security. It has the ability to collect information on location, image and biometrics, all of which it would make available to ByteDance who would be forced to hand it over to the Chinese government. CEO Zhang Yiming, the founder of ByteDance, issued a letter in 2018 in which he stated that ByteDance would “further deepen cooperation” with Communist Party of China authorities to promote their policies.
The Huawei Threat
The other Chinese company that became the center of a great deal of the national security and cyber espionage debate worldwide was 5G maker Huawei. Based on cybersecurity and surveillance concerns and the company’s close ties to the Chinese government, the US government has asked its allies to stop using products made by Huawei or fellow Chinese telecommunications company ZTE.
The company’s founder, Ren Zhengfei, was a People’s Liberation Army information technology and communications engineer. One of the reasons for which the US is so suspicious of Huawei is they have lied about their true ownership. The company claims to be employee owned because employees are given shares when they join. But these shares, called “virtual restricted shares”, are neither portable, nor transferable, which would suggest that they are actually just a profit-sharing scheme and not ownership. One percent of the actual shares are owned by the founder Ren Zhengfei while the remaining 99% of shares are owned by a trade union committee. However, this is not the same as a trade union. The officers, organizational chart, and manner in which the entity functions are all a mystery. The trade union committee is comprised of dues-paying members of the All-China Federation of Trade Unions, which is effectively controlled by the Communist Party of China.
For this reason, it would seem that Huawei is actually state owned while trying to disguise itself as a private company. It does not matter either way because under the National Intelligence Law and the National Security law, Huawei would be obligated to help the Chinese government conduct surveillance overseas. At various times, Huawei has been accused of intellectual property theft against numerous companies including Nortel, Cisco Systems, and T-Mobile US. In one case, a Huawei employee secretly took photos of a robotic arm made by a US company and, in another, a Huawei employee stole a robotic finger from a US lab.
State-Level Support for Hacking
In a number of cases the Chinese government, through its embassies, have threatened countries that were considering not using Huawei. China’s ambassador to Denmark threatened to cancel a trade agreement if they did not allow the Huawei 5G network in the Faroe Islands. A few days later, the Chinese ambassador similarly threatened Germany by stating that it would block the sale of German cars in China. The ambassador stated they would claim German cars were unsafe if Germany did not agree to use Huawei. In January, the Chinese ambassador threatened Canada with retaliation if they blocked Huawei 5G. The fact that the Chinese government would step in to support a particular company, violating international political protocols, suggests that Huawei is state owned.
In addition to state level data hacking and the National Security Law, Chinese systems are believed to have backdoors and security flaws that give the Chinese government access to data of third party systems, as well. So, you may be doing business with a US company based in the US who provides a service to or buys a service from a Chinese company. Then, through a backdoor, the Chinese government could obtain your data. There is even something called a “bugdoor”, a backdoor which is introduced to the system later through a software update.
Unless the US acts now to limit the inroads to American owned business by China on US soil and the use of Chinese cloud and other data services by American businesses, the number of breaches in security and safety for Americans will be infinite.