Search Google

9/30/15

The US-China cyber deal shouldn’t halt ongoing action against Chinese cyber criminals

On Friday, President Obama and Chinese President Xi Jinping announced a new cybersecurity “understanding” between the two countries. The Wall Street Journal promptly labeled it a “mirage,” while Robert Knake, a cybersecurity expert at the Council on Foreign Relations robustly calls it “masterful diplomacy” on the part of the Obama administration. Despite the biting WSJ scorn and the effusive plaudits of Mr. Knacke, the truth is there is no way at this point to make a final, serious judgment. But whatever the ultimate meaning of the summit, the Obama administration should not be deflected from its announced determination to retaliate against ongoing Chinese economic cyber-espionage.

What is in the agreement?

First, a review of the widely reported exchanges between President Xi and President Obama, as reflected in their verbal statements and the separate Fact Sheets issues by the two governments. Obama stated at the joint news conference: “The United States government does not engage in cyber-economic espionage for commercial gain. And today, I can announce that our two countries have reached a common understanding on the way forward. We’ve agreed that neither the US or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”

In response, Xi stated: “Both sides agree to step up crime cases, investigation assistance and information-sharing. And both government[s] will not be engaged in or knowingly support online theft of intellectual properties…China strongly opposes and combats the theft of commercial secrets and other kinds of hacking attacks.” While initially there was some concern that the Chinese fact sheet might not reflect these verbal commitments, subsequently it was found that it pretty much mirrored Xi’s comments: “China and the United States agree that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”

As I and others have noted previously, these are exactly the limits on economic espionage that the US has been pushing for some years; thus, Obama and Xi’s statements at least represent important verbal commitments, though they are not legally binding obligations. Still, there is room for caution on the deal. As the WSJ points out, enforcement is based on the “respective national laws” of each country, opening a potentially wide loophole for the Chinese if they want to exploit it. And of course, there is the fact that Chinese officials – from Xi on down – continue to deny responsibility for any cyber-espionage, with one Foreign Ministry spokesman still angrily demanding that the US “stop its groundless attacks against China” regarding cyber-espionage. And finally, conspicuously left out of future implementing sessions was the People’s Liberation Army (PLA), which has been at the center of China’s cyber-espionage. Whether President Xi can or even wants to curb the extensive military-directed espionage operations remains an open question.

To his credit, the president underscored the fact that the US is not foreclosing unilateral action against IP or trade secrets cyber theft in the future, noting the US has a variety of law enforcement and other tools to combat cyber theft: “I did indicate to President Xi that we will apply those and whatever other tools we have in our toolkit to go after cyber criminals, either retrospectively or prospectively. Those are tools generally that are not directed at governments; they are directed at entities or individuals that we can identify.”

The US should still advance announced action against Chinese cyber criminals

This brings us to the crux of this blog post. Despite the potential breakthrough in this deal, the argument here is that it would be a great mistake for the administration not to go forward with already-planned law enforcement actions against Chines entities or individuals. This is not as a means of poking Chinese leaders in the eye, but to follow through on the administration’s announced intentions. For weeks before the summit, administration officials had signaled that Chinese cyber espionage was continuing and that it would identify the culprits and bring the full force of US laws against them. One has to assume that the FBI and the Justice Department have built a solid case of facts regarding stolen intellectual property or trade secrets and the exploitation of such information by Chinese companies or individuals. Further, it must also be assumed that the US government stands ready to supply the information necessary to back up the indictments, including at least some intelligence data.

While one can hope that the summit did indeed mark a turning point on Chinese cyber theft, there are two reason for going forward with the legal action: first, it would underscore the seriousness with which the US holds these incursions. Cliché or not, actions do speak louder than words. And second, without leveling any cheap shots against the diplomacy of the Obama administration, it is a fair point to note that the world has seen the US blow past a number of “red lines.” In this case, after promising action, follow-through could help to redress that record.



from AEI » Latest Content http://ift.tt/1iKJBwI

0 التعليقات:

Post a Comment

Search Google

Blog Archive