Evaluating the US-China Cybersecurity Agreement, Part 1: The US Approach to Cyberspace

Recent Features


Evaluating the US-China Cybersecurity Agreement, Part 1: The US Approach to Cyberspace

How Washington approaches cyberspace and its 2015 cybersecurity agreement with China.

Evaluating the US-China Cybersecurity Agreement, Part 1: The US Approach to Cyberspace
Credit: Official White House Photo by Pete Souza

The 2015 agreement between the United States and China concerning economic espionage has been viewed with both optimism and skepticism. It’s the first agreement of any substance on the issue, which is a hopeful sign. China doesn’t enjoy a reputation of carefully adhering to international agreements, however, and there is doubt about whether the agreement will have any practical effect on China’s behavior.

Part one of this three-part series reviews how differing approaches to their respective national interests have driven China and the United States to contrasting views on the implementation of cyber policies and explores the U.S. position. It also looks at the agreement. Part two details China’s approach to cyberspace and cybersecurity. Part three concludes by reviewing reactions to the agreement, and assessing its success to date and its longer-term prospects.

Since the early 2000s, cyber espionage issues have increasingly strained U.S.-China relations. All countries engage in espionage, but China is one of the largest and most persistent perpetrators (as is, to be fair, the United States). In 2010, suspected Chinese cyber activities started to become a regular topic of discussion inside the U.S. government and press. By 2011, the eye-popping scope of China-based cyber espionage catapulted the issue to center stage, as new intrusions into U.S. corporate and government networks were reported on a regular basis. Although not every penetration was asserted to have been sponsored by the Chinese government, the incidents brought into focus China’s role in conducting commercial espionage, which is defined here as the theft of trade secrets, intellectual property, negotiating tactics, and the like with the intent of using the information to provide economic benefit to a commercial enterprise. The United States has been particularly troubled with China engaging in espionage to benefit their domestic companies and state-owned enterprises (SOEs). The corporate beneficiaries of the stolen information profited financially from it, which seemed to the U.S. to be espionage of a different, and less acceptable, form than spying for the benefit of national security.

China and the United States have accused and counter-accused each other regarding a number of cyber incidents. Washington has complained about Beijing’s interference with its business interests, while China has criticized the U.S. for its hypocritical dominance of Internet governance and for using its commanding position in cyberspace to secure advantages for its own intelligence gathering. China blames a “Cold War mentality” for the United States characterizing China as the miscreant. As Xi Jinping put it in September 2015, “The Cold War has long ended. [China and the U.S.] should make joint efforts to build a new model of major-country relations between two countries, and realize non-conflict, non-confrontation, mutual respect, and cooperation.”

The differing approaches to cyberspace use and governance also reflect, to some extent, the larger world views of the U.S. and China. The United States values freedom of expression and self-determination. It seeks to increase these freedoms in its international interactions and believes the free flow of information over the internet is the key to strategic and diplomatic success.

The U.S. also has a strong commitment to privacy (although not as strong as the European Union, which recently invalidated the U.S.- EU data transfer agreement because it provided insufficient protections for EU citizens). The activities of government agencies like the National Security Agency (NSA) in cyberspace has generated lively debate in the U.S. regarding how best to balance privacy and national security. Most recently, Congress eliminated the NSA’s bulk phone-records collection program, replacing it with a constrained measure designed to keep the records in phone companies’ hands.  The internal, on-going privacy debate influences U.S. policies across the board, but especially with regard to cyber activities.

China, meanwhile, views economic competition as a way to achieve peer status with the U.S. and sees cyberspace as an asymmetric instrument which it can successfully use to compete with the United States. As a result, it hasn’t generally appeared to draw fine distinctions between using cyber capabilities to steal information for traditional national security uses and for more direct commercial purposes.

Finally, China has consistently been sensitive to the spread of ideas both within China and coming in from outside.  The Chinese specifically identify the danger posed to Communist Party rule by U.S. soft power and the corrupting influence of American ideas. Having witnessed the painful process of social media-driven turmoil in the Middle East, China is undoubtedly anxious to make sure it controls information sufficiently to avoid a societal catastrophe. This motivates attempts to control political speech and limit the dissemination of information.

U.S. Approach to Cyberspace 

Even though the U.S. admits that it engages in cyber intelligence gathering for national security, it contends that it does not steal information for the benefit of its corporations. In what might seem like a contradiction, the NSA is reported to have engaged in spying on a number of financial targets, including Petrobras, Google, Microsoft, various economic summits, the World Bank, and the International Monetary Fund – activity that might be seen as contrary to U.S. assurances. The United States distinguishes these events by the objective of the operations. In the U.S. view, as long as such operations collect information about economic and financial matters for the purpose of benefiting national security, they are routine intelligence work. According to Director of National Intelligence James Clapper, “What [the U.S. does] not do . . . is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of – or give intelligence we collect to – U.S. companies to enhance their international competitiveness or increase their bottom line.”

The rather subtle distinction Washington draws between types of espionage has often seemed to be lost on other states. For example, military weapons technology might be stolen as traditional espionage, but if it is used to manufacture weapons, the manufacturer undoubtedly also makes a profit. Non-military intellectual property, such as that related to healthcare and energy production, may be stolen for commercial gain, but might have a coincidental benefit of increasing national security (by permitting more efficient military medical care and increasing national energy independence). As a result, although the United States has internally determined it will refrain from commercial espionage as it defines the term, it didn’t advance that particular norm to the UN Group of Government Experts for its 2015 report. There are various theories as to why it was not put forward, a likely reason being that the United States knew it would be blocked by nations like China and Russia. The cyber agreement reached by Obama and Xi may have shifted the balance in favor of refraining from corporate espionage between the two nations, but only time will tell if this will play out in the formation of an international norm.

2015 Cybersecurity Agreement

In 2014, the U.S. Department of Justice (DoJ) indicted five Chinese Army officers for stealing trade secrets and other information from U.S. firms to help economically benefit Chinese firms (the individuals involved were asserted to be members of PLA Unit 61398, which is discussed below).  The case, U.S. v. Wang Dong, includes numerous counts of cyber economic espionage, including stealing secrets from solar, steel and aluminum companies. The information stolen included both technical data and information about trade negotiations. The indictment was seen as a shot across the bow to China, signaling that the United States was growing more serious about taking action against China for its commercial espionage.

After the indictment, China continued to protest U.S. accusations. Some China commentators characterized the indictment as a face-saving maneuver in light of the 2013 NSA leaks. China lodged a formal complaint with U.S. authorities, calling the indictments “preposterous” and said they reflected a double standard.

In July, the NSA reported that China conducted hundreds of successful cyber infiltrations on private and public domains over a five year period. This information, combined with the theft of OPM records, caused the Obama administration to threaten China with sanctions and other diplomatic measures.  Even though the OPM breach was an example of traditional, not corporate, espionage, it still served as a flashpoint and gave impetus to Beijing to reach a “friendly” agreement. The obvious anger expressed by Washington persuaded Chinese officials that the United States was prepared to respond with economic sanctions against China and set the stage for talks between the two nations.

In September 2015, Obama hosted a state visit for Chinese President Xi Jinping. From the U.S. perspective the primary topic was cyber economic espionage. Obama stressed the U.S. desire to protect its corporations from intellectual property and trade secret theft.

The agreement reached by Obama and Xi stated that there should be increased communication and cooperation between the two countries to investigate and prevent cyber crimes emanating from their territory, and that neither the U.S. nor Chinese government would knowingly conduct or support cyber-enabled theft of intellectual property. They also agreed that both sides are committed to identifying, developing, and promoting appropriate norms of state behavior in cyberspace within the international community and establishing a high-level joint dialogue mechanism on fighting cybercrime and related issues.

Although there is skepticism in the United States about whether China will abide by the agreement, China’s willingness to talk about economic espionage as a distinct category of espionage was in itself something of a victory. Xi’s agreement to ensure the Chinese government does not engage in or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantage to private companies came as a surprise. In the past, China had not seemed to concur that there is a separate category of economic espionage, asserting instead that actions taken to strengthen the Chinese economy are ultimately for the purpose of national security. With this agreement, China seemed to adopt the U.S. position that there is a type of spying distinct from national security espionage. If both China and the U.S. agree that states spying to benefit corporate profit is distinct from — and less acceptable than — states spying for national security, it could have a profound effect on international norms in this area.

Even with the best of intentions, the United States might find it more challenging than China to address the issue of malicious cyber activity originating from within its borders. While China maintains a high degree of control over its Internet infrastructure, in the United States the infrastructure is largely privately owned and controlled. It’s estimated that 21 percent of botnet servers are located in the United States.

Gary Brown is Professor of Cyber Security at Marine Corps University. Christopher D. Yung, Ph.D., is Donald Bren Chair of Non-Western Strategic Thought at Marine Corps University. The views expressed here are personal and do not represent the views of Marine Corp University or the U.S. military.