27 August 2020

Notes from a CSIS Virtual Event: Countering Chinese Espionage

By Anna Lehman-Ludwig

On August 12, CSIS hosted a conversation with Assistant Attorney General for National Security John C. Demers on Chinese cyber espionage. John Demers leads the Department of Justice’s China Initiative, created in 2018 to combat espionage directed by the Chinese government.

The Initiative attempts to disrupt what Demers called China’s “rob-replicate-replace” policy, where Chinese individuals or companies steal American IP, replicate the product or service in China, replace the American company on the Chinese market, and, if all goes well, on the global market. Most cases prosecuted as part of this are insider cases, concerning individuals who steal IP from American companies or universities where they work and provide that information to China. This can take the form of State-directed cases or individuals induced by the incentives found in Chinese programs.

In State-directed cases, the Chinese intelligence services will develop relationships with individuals working in companies in the U.S. and co-opt them to gain information, utilizing traditional espionage approaches.

Chinese talent recruitment initiatives like the Thousand Talents Program are another way that the Chinese steal IP. Individuals who enter into Thousand Talents contracts may take information from their American employer – generally a corporation or a university – and transfer that information to China. When applying for the Thousand Talents Program, individuals must show how they will bring IP back to China. Notably, these individuals generally hide their affiliation with Chinese institutions from their American employers and the American government.


Demers also spoke to the recent closure of the Chinese consulate in Houston: “Houston has long been on the radar screen of the FBI as a source of significant intellectual property theft” and covert foreign influence. The closure of the Houston consulate and the simultaneous arrests of PLA-affiliated individuals who had not disclosed their affiliations were initial public attempts aimed at disrupting Chinese IP-theft operations in the country.

In addition to IP theft by espionage, Demers noted that there are also cases where Americans provide personal data to China, as is the case of TikTok and other mobile apps. In discussing TikTok, Demers highlighted Beijing’s appetite for large volumes of personal data, citing the 2015 OPM hack and the 2017 Equifax breach.

National security concerns regarding TikTok pertain to data and censorship. Individuals willingly download the app and input personal data, and the app also collects information from your phone – including geolocation data and contact lists. While this information provides users a better TikTok user experience, it can also be abused by China. Censorship is another issue for TikTok, which has been accused of censoring certain policy views, including about Uighur Muslims, protests in Hong Kong, Tibet, and Taiwan. Demers also discussed how the Chinese government uses WeChat to control the information environment of foreign exchange students.

Recent indictments have highlighted China’s attempts to steal IP pertaining to a coronavirus vaccine. According to Demers, the Chinese have long been interested in biomedical research and it would be surprising if China were not trying to access the most valuable biomedical research of the day. Information about a vaccine has enormous value financially and geopolitically, and China’s attempts to access this information is part of a greater effort to collect salient biomedical research to boost its domestic biotechnology sector.

Demers also addressed concerns about how current actions against Chinese IP theft could lead to a potential Red Scare. Demers emphasized the need for corporations and businesses to focus on behaviors that might signify IP theft or other crime, and not focus on ethnicity. He further affirmed that the screening of Chinese researchers and individuals as they leave the country is precise and targeted.

While other countries carry out espionage operations in the United States, China is unique in its focus on stealing commercial technology. Other countries, such as Russia, conduct espionage in the form of trying to access American military and export control technology, but China’s attempts to steal IP for the purpose of creating domestic competitors to American companies is unique. 

The administration has recently acted against Chinese companies – including Huawei, TikTok, and Tencent – operating in the United States. The focus on telecommunications comes from an appreciation that as we move to 5G technologies, our lives are increasingly mediated by networks. The rise of IoT devices increases the amount of data that can be harvested. Recent actions, such as the Clean Network Initiative and Trump’s Executive Order, reinforce the effort to ensure that trusted vendors from trusted, like-minded countries are supplying these telecommunications services.

Demers also discussed U.S. cooperation with allies on China issues. China’s behavior during the coronavirus pandemic and China’s actions towards Hong Kong and the Uighurs has helped move some Europeans share U.S. security concerns. 

Anna Lehman-Ludwig is a former research intern with the Technology Policy Program at the Center for Strategic and International Studies in Washington, DC.

The Technology Policy Blog is produced by the Technology Policy Program at the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).

No comments: