Flashpoints

Obama: Cyber Theft ‘an Act of Aggression’ but US and China Can Develop Norms

Recent Features

Flashpoints

Obama: Cyber Theft ‘an Act of Aggression’ but US and China Can Develop Norms

The White House recently suggested that Washington and Beijing could lead the world in developing norms for cyberspace.

U.S. President Barack Obama told a group of business leaders Wednesday that he considers a “government or its proxies engaging directly in industrial espionage and stealing trade secrets, stealing proprietary information from companies” to be “an act of aggression that has to stop.” And he told executives the government can best assist businesses if they can go to Chinese counterparts with evidence.

In an answer that covered several cybersecurity issues, Obama also called for the United States and China to cooperatively build a “framework that is analogous to what we’ve done with nuclear power.” Obama went as far as to suggest that the two countries could lead the world in developing norms for cyberspace. “If we and the Chinese are able to coalesce around a process for negotiations, then I think we can bring a lot of other countries along.”

Obama’s dual message underlines a problem with the term “cybersecurity.” It encompasses numerous diverse issues, some of which are areas of confrontation and “aggression,” and some of which might be areas for strategic cooperation and dialogue.

Confronting China on Commercial Spying

Ever since Obama and Chinese President Xi Jinping met for their “shirtsleeves summit” in California in June 2013, the U.S. government has sought Chinese government engagement on the issue of computer-enabled theft of commercial secrets. The two governments established a working group on cybersecurity issues that produced little progress, and the U.S. government in May 2014 indicted five People’s Liberation Army (PLA) members for alleged commercial spying.

The indictments, largely symbolic since the accused hackers are almost sure to never see the inside of a U.S. courtroom, gave the U.S. government the opportunity to lay out detailed evidence of alleged thefts, including specific targets and beneficiaries.

The drive to show evidence continued this year. In April 2015, Obama signed an executive order paving the way to issue sanctions against those engaging in “significant malicious cyber-enabled activities,” and last month reports emerged that the U.S. government was considering sanctions against Chinese individuals or companies for computer-assisted commercial theft.

Obama yesterday alluded to White House frustration with the Chinese government’s lack of response when confronted with U.S. objections. “Typically,” Obama said, “we are not effective with the Chinese unless we are able to present fact and evidence of a problem. Otherwise they’ll just stonewall and slow-walk issues. So if we’re seeing problems in terms of the competitive environment there, in terms of protecting your IP… you’ve got to let us know and let us be your advocates.”

While numerous commentators have called for the U.S. government to take a tougher line on cybersecurity, the Obama administration has in reality been carefully escalating its pressure on the Chinese government on the issue of computer-enabled theft, as well as traditional industrial espionage.

The threat of sanctions, which would entail releasing significant evidence of hacking and could be embarrassing for Xi during his visit next week, might have contributed to the reported “substantial agreement” between U.S. and Chinese negotiators during last week’s quiet visit by Politburo member Meng Jianzhu to Washington.

A Common Interest in Strategic Stability

 The other half of Obama’s answer about cybersecurity and China addressed less immediate but potentially devastating risks to international security. If governments and non-state actors can disrupt computer systems for life-sustaining infrastructure or military systems crucial to the global strategic balance, the risk of large-scale devastation and conflict is very real.

Obama’s call for China and the United States to consider an unspecified “framework” came with the comment that “we don’t want to see the Internet weaponized” by countries going on the offensive.

There are real possibilities for the United States and China to develop norms and procedures to mitigate the risk of strategic crisis, just as the nuclear powers of the world make efforts to establish deterrence.

In the coming months and years, leaders, bureaucrats, and analysts should be careful not to conflate commercial theft, an area where Obama talks tough (“we are prepared to take some countervailing actions to get their attention”) with strategic dialogue, an area where everyone understands there is a common interest in stability and arrangements that could prevent or wind down a future crisis.

Graham Webster (@gwbstr) is a researcher, lecturer, and senior fellow of The China Center at Yale Law School. Sign up for his free e-mail brief, U.S.–China Week.