The People’s Republic of China is postponing the third reading of a controversial draft of a new counter-terrorism law which, among other things, would have required Western technology firms to hand over encryption keys, source code, and install “backdoors” (bypassing normal authentication) giving Chinese authorities remote access to computers and networks.
Recent reports by U.S. authorities that the law has been put on hold for good have turned out to be premature. The law will likely be somewhat revised to address some Western concerns, since Beijing is still technologically dependent on foreign companies, despite a push to eliminate foreign technology in key sectors by 2020. “Currently, the deliberation on this law is ongoing,” Foreign Ministry spokesman Hong Lei said on March 16.
What to make of this development? In short, China is trying to accomplish two things. First, the law fits into Xi Jinping’s broader plans to clear banks, the military, state-owned enterprises and key government agencies from its dependency on foreign technology (e.g., Microsoft’s Windows operating system and core servers) by 2020. The already existing trend in Beijing towards technological nationalism was merely amplified by the NSA spying revelations.
Xi, who is personally presiding over a newly founded government body called the “Central Internet Security and Informatization Leading Group,” noted during the group’s first meeting in March 2014 that developing domestic technologies and ensuring cyber-security are “two wings of a bird and two wheels of an engine.” According to Bloomberg Business, China invested $182 billion in its tech sector 2013, a jump of 8.1 percent from the previous year.
There have been signs of progress. In November 2014, National Petroleum Corp., the country’s largest energy producer, announced that it had swapped Microsoft Outlook with the homegrown eYou email software in order to bolster cybersecurity. Also, Bloomberg Business notes that, Huawei Technologies Co. and ZTE Corp., among other Chinese tech companies, have already begun to gain local market share at the expense of foreign competition.
This spillover effect for industrial growth is certainly a much-desired byproduct for the communist leadership, given the lower economic growth rates projected for the years ahead and the growing fear of social upheaval. However, up until now the PRC has been almost entirely dependent on foreign vendors, which brings me to my second point.
Since China still has to rely on foreign technology in the immediate future, the law, which the Chinese leadership knew would stir controversy, might have been intended as a “shot across the bow.” In other words, China wanted to tell the United States government not to overplay its hands in cyberspace and engage in what Beijing called “reckless behavior” in the critical months ahead (both countries are currently negotiating a bilateral investment treaty).
The release of reports by U.S. cybersecurity firms on Chinese hacker activities has increased over the past two years. Those public reports, plus complaints from the U.S. private sector, have pushed the Obama administration to take a tougher stance on Beijing cyberespionage activities.For example, in May 2014, the U.S. Department of Justice accused five men in the People’s Liberation Army of allegedly hacking into the computer systems of U.S. companies to extrapolate sensitive data, which caused China to suspend its involvement in a joint China-U.S. Cybersecurity Working Group.
The over-the-top draft counter-terrorism law is an insurance card for Beijing. For one, it will ensure that the United States will abstain from publicly exposing yet another Chinese cyberespionage ring. Since almost all the major American IT companies are active in China (with a few notable exceptions), Beijing can dangle the law over the U.S. private sector’s head to encourage cooperation.
In particular, the debate surrounding the draft counter-terrorism law also offers another opportunity for Chinese leadership to highlight the alleged hypocrisy of the United States. The Snowden leaks confirmed that the National Security Agency had installed backdoors in, for example, Cisco routers and networking equipment, which are widely used in China (although Cisco has denied this).
Before the Snowden revelations, in October 2011, the U.S. Commerce Department rebuffed Huawei’s bid to build a wireless network for first responders in the United States, citing national security concerns. A U.S. Congressional report from 2012 emphasized that the presence of Huawei and ZTE, China’s two largest telecommunication companies, in the U.S. domestic market could be used by Chinese spies to penetrate U.S. communications networks. As a consequence, Huawei announced in 2013 that it will pull back from bidding for big U.S. contracts.
To sum up, “Beijing is happy to give the United States a taste of its own medicine,” as one commentator noted. However, as I stated before, cooperation between the United States and China is of crucial importance, which essentially implies an almost schizophrenic, two-layered approach of simultaneously cooperating with Beijing on one level of cybersecurity, while dissuading elements within China from excessively engaging in malicious cyber activities at another level. This strategic doublethink dichotomy holds true for all nations in cyberspace.
A version of this article was previously published at ChinaUSFocus.com.