China's
new cybersecurity regulations sent shockwaves through Silicon Valley and US
President Barack Obama has blasted China for privacy concerns his own
intelligence agencies violate. However, could the new regulations have little
to do with Obama and the NSA after all? Here are three motivations.
After
China announced new cybersecurity regulations which would require US tech
companies which do business in China, including Google, Apple and Cisco,
to keep user data on Chinese servers, US President Barack Obama
struck back, saying that "this is something they are going to have
to change if they are to do business with the United
States."
However, there is more than one reason for why China could be pursuing this policy, and not all of them have to do with Obama or the National Security Agency (NSA).
1. It's Not About the Tank Man, Really
It is no secret that China's "Golden Shield," more widely known in the media as the "great firewall of China" can be easily bypassed by both web proxies and virtual private network (VPN) tools. In fact, some social networking and blogging platforms such as Google's Blogspot are not even banned in China.
However, the firewall has allowed Chinese web
companies such as social marketing giant Tencent, Twitter analog Weibo and
search engine Baidu to dominate the Chinese market. Meanwhile, American
companies were forced to either alter their business model for China,
as in the case of Google, or be shut out of the market entirely
for Facebook and Twitter. So the "great firewall," as it is
often called, may not be all about not letting Chinese users see the Tank
Man when they google "Tienanmen Square," although that did push
Google out of a market where it had a 29 percent share.
2. Move Over, Apple, We Have an IPO
to Run
Chinese companies such as cell phone manufacturer Xiaomi, which has developed an Android version completely independent of Google, and worldwide marketplace Alibaba are rapidly expanding their global reach. Meanwhile, forcing Apple and Google to build and maintain data centers in China, as well as having them disclose their encryption keys to the Chinese government, would not only force them to incur extra costs, but open them to probing by the US government.
As Chinese companies spread their influence abroad, the "Golden Shield" provides Chinese tech companies the opportunity to compete for both global users, but also meaty government contracts. Although the Chinese government has almost tripled its volume of IT contracts in the past two years, with the new regulations, it is showing that it is ready to choose Chinese companies over US ones.
The issue appears to matter little for the Chinese government, but it would put a squeeze on US tech firms which are trying to expand their reach abroad. Particularly as Apple's iPhone 6 has taken first place in Chinese smartphone sales and Google is trying to re-enter China after a 2010 spat with the Chinese government caused the company to essentially exit the market.
3. Yeah, We'll Keep Our Information Safe… Right Here
Following
the 2013 Snowden revelations about the breadth and depth of NSA's
surveillance programs, including the hacking of top foreign government
officials' cell phones, countries including China and Russia have given
increasing attention to information security. Although the US tech
industry has called the new regulations "the Patriot Act on really,
really strong steroids," the data center and encryption requirements
really are a reflection of legitimate concerns.
For example, if a government official, as they often do, use their cell phone for work, leaked information may fall into the NSA's hands in real time as traffic for cloud storage is currently not guarded by the firewall. Hacks such as the 2014 "Celebgate," in which hundreds of private pictures of celebrities were leaked following a hack of Apple's cloud storage service, are even less funny for governments, which have billions of documents that they need to keep secure.
With
encryption keys, the issue seems to be who gets them first, so that they
don't find out that they're compromised last. After news on February
20 that at least since 2010, the NSA has been hacking the world's
largest SIM card manufacturer, Gemalto, and stealing encryption keys
as they were being made, China, which buys half of all Gemalto SIM
cards, may want some control over the process.
Although Obama may think that "tech companies are not going to be willing to" give their encrypted data to China, as they have given them to US intelligence agencies, China has given them a choice. Companies can either do business in China, as they have in the US, but admit that their data is not secure, or Chinese companies will be happy to take over their market share.