In 2020, the United States banned Huawei from participating in development of its 5G networks on the grounds that the company’s obligations towards the Chinese government made it a national security threat. In May 2022, Canada became the latest of the US allies and partners to ban Huawei and ZTE from participation in development of its 5G networks – Australia, Japan, UK and India, among others, have already done so; albeit to varying degrees. The 2017 Chinese National Cyber Intelligence law, which obliges Chinese companies to share data with the country’s intelligence agencies dealing with threats to national security if required, became the pretext of the decision. Linked with other Chinese domestic cyber security and counterintelligence laws, it was asserted that involvement of Huawei could enable the government to snoop on user data.
In May 2020, the United Kingdom proposed a D-10 club of the democracies (to include Australia, India, and South Korea besides the G-7) to create alternative sources of supply for 5G equipment and other related technologies to bypass dependence on China. By July 2020, former US Secretary of State, Mike Pompeo, was threatening a new Cold War against China based on its communist ideology, authoritarian system, and hostility towards freedom. He also called for a new grouping of like-minded nations – a new alliance of democracies. Earlier, Keith Krach, former US Under Secretary of State for Economic Growth, Energy and the Environment, also made similar assertions about how the Chinese Communist Party’s 5G strategy was a real and urgent threat to all who ‘valued liberty and justice around the world’ and how it could expand the party’s surveillance state.
Analysts point out that pursuit of such alliance/s would not be devoid of challenges given each country’s different approach and relationship with China.
In the prevailing geopolitical environment, Chinese involvement in such projects is seen with increasing mistrust by Western countries, led by the US. As Krach put it, ‘the more countries, companies, and citizens ask whom should they trust with the most sensitive data, the more obvious the answer becomes: not the Chinese Communist Party’s surveillance state.’ As a solution, he recommended solidarity to ‘prevent CCP authoritarianism from winning the day on 5G.’
However, if history is any guide, a state’s prevailing democratic political system does not guarantee responsible stewardship of data!
With its National Intelligence Law and associated legislations, China seems to be learning lessons from the US. Not long ago, Edward Snowden revealed how the National Security Agency (NSA) was engaged in mass surveillance. While surveillance of countries like North Korea and Iran – or even Pakistan (despite being a frontline state in the US led war on terror at the time) did not come as a surprise to many, what was shocking was that the surveillance extended to American citizens, allies, and even international organisations.
Such massive surveillance was enabled by companies like Seagate, Microsoft, Google, and Facebook etc., collectively called the Big Tech. In some cases, these companies voluntarily enabled the NSA to benefit from their hardware and software infrastructure; while in others, they were made to – through legal obligations under the US Foreign Intelligence Surveillance Act (FISA) and the Patriot Act.
Although there is no evidence to suggest that Huawei was facilitating the Chinese government’s intelligence activities (and the company emphatically asserts that it cannot be strong-armed by the government to do so); US companies were actually facilitating their government either voluntarily or under legal compulsions.
For any third country (and analysts), the logical conclusion is that both ‘Big Tech’ and ‘Red Tech’ (a term collectively used for Chinese tech firms) could, voluntarily or under legal obligations, serve the objectives of their respective governments.
The, often confrontationist, rivalry between the US and China has not receded even under the Biden Administration. Instead of competing alliances, there is a need for a global alliance that obliges all tech companies to ensure that consumer data is not made available to any government, whether authoritarian or democratic. If certain threats/compulsions demand such a sharing of data, it should be under well laid-out global norms, laws and procedures. An international convention in this regard could prove to be a useful model where states debate and agree on universal definitions for concepts like ‘data sovereignty.’
The European Union (EU)’s General Data Protection Regulation (GDPR) could provide a baseline framework for other states to follow. Through such regulation, the EU has created boundaries around data use cases, at least when it concerns its own citizens. Australia, Canada, and India have also enforced domestic legislation to protect the digital rights of their citizens and organisations. These efforts can be streamlined to pursue shared interests among the majority of client states (those using the services and products of Big and Red Tech giants). This will not only protect the interests of consumers (without distinction), but also enable the tech companies to streamline their processes without having to implement different privacy arrangements for different regions and countries.
Sameer Ali Khan is a Senior Researcher at the Centre for Aerospace & Security Studies (CASS), Islamabad, Pakistan. He can be reached at email@example.com