CFR Presents

Asia Unbound

CFR experts give their take on the cutting-edge issues emerging in Asia today.

Print Print Email Email Share Share Cite Cite
Style: MLA APA Chicago Close

loading...

China and Information vs. Cyber Security

by Adam Segal
September 15, 2011

Flags fly in front of the United Nations Headquarters in New York. (Brendan McDermid/Courtesy Reuters)

On Monday, China, along with Russia, Tajikistan, and Uzbekistan, asked UN Secretary-General Ban Ki-moon to circulate their proposed International Code of Conduct for Information Security as a formal UN document at the 66th session of the General Assembly.  The Global Times quotes foreign ministry spokeswoman Jiang Yu as saying that “China believes information and Internet security is a common challenge facing all countries, thus it can only be effectively coped with through international cooperation.”

U.S. policymakers will be pleased to hear Chinese officials framing Internet security as a global problem requiring international cooperation, but the rest of the proposed Code is bound to give them heartburn.  The title alone, with its focus on information security, signals the problems to come in the document.  Information security includes not only the protection of computer, communication, and other critical networks that is the primary focus of U.S. officials, but also the threats that the free flow of information can present to domestic stability in closed authoritarian states—hello Twitter and the Arab Spring.  The document refers to the use of communication technologies that “are inconsistent with the objectives of maintaining international stability and security,” as well as the responsibility to “prevent other states from…undermin[ing] the right of the countries, which accepted this Code of Conduct, to independent control of ICTs.”  This is going to be hard to square with the State Department’s support for the “Internet in a suitcase,” and other circumvention technologies designed to get around the Great Firewall.

The document also places states at the center of international cooperation, giving them a dominant role in cyber governance.  The Code “underlin[es] the need for enhanced coordination and cooperation among States” and “stress[es] the role that can be played by the United Nations and other international and regional organizations.”  By contrast, the United States has taken a more inclusive approach involving civil society and the private sector through less traditional groups such as the Internet Governance Forum.

In addition, the Code also tries to call the United States out for its deterrence policy in cyberspace.  In the words of the International Strategy on Cyberspace, the United States reserves “the right to use all necessary means—diplomatic, informational, military, and economic—as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests.”  Or as one Department of Defense official told the Wall Street Journal, “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”  In contrast, signers of the Code will “settle any dispute resulting from the application of this Code through peaceful means and refrain from the threat or use of force.”

Not all is bad in the Code.  There is a call for countries to work together to protect supply chains.  The United States will also want to try and build on the call for states to take responsibility for bad behavior that originates from their own networks.  It will, however, take some serious diplomatic jujitsu to convince China to control their “bad” patriotic hackers without the U.S. doing something about its “good” digital activists in return.  Maybe this is a negotiating gambit, but I don’t see U.S. diplomats offering up their Internet Freedom agenda in return for less Chinese hacking.  In short, the U.S. and China are still a long way away from agreeing on acceptable behavior in cyberspace.

 

Post a Comment 2 Comments

  • Posted by gatoMalo

    The top priority of Chinese

    • Industrial espionage aimed at defense industry and high tech sectors

    • Infiltration of critical infrastructure and military targets

    • Nexus of organized cybercrime and terrorist fundraising

    • Monitoring and Disrupting Dissidents

    We need to understand the Chinese government mindset to understand them, paranoia, saving face and economic these are the 3 pillars of the new communism in China. Let’s start with paranoia. One of China’s prime paranoia, lack of trust of anything not created in China it must have back doors. Look at all the discussion on the Chinese company Huawei, installing back doors in our telecom infrastructure. We did it to them and now they’re paying us back. The Chinese know they are putting backdoors in our electronics because they can, they own our manufacturing. China worked very hard in creating kylin (Unix). They have to use Microsoft because some applications only run on it but it’s too easy to hack and “made in America” didn’t make them happy. This is why Google left; they refuse to give the Chinese the keys to the code.

  • Posted by Bill Hagestad

    So, what’s the security issue?
    Threat of cyber attacks against;
    Corporations;
    Research institutes;
    Militaries;
    International organizations; and,
    Governments…
    But not the中国人民共和国…why?
    What is the Chinese motivation?
    Fear of外国人…foreigners….
    Self-preservation and,
    Hegemony (霸权)…..what, yes hegemony…..
    A perfect description of the Communist Party of China (CPC)…..implied power of the Chinese state subordinates every element of modern Chinese Society…

Post a Comment

CFR seeks to foster civil and informed discussion of foreign policy issues. Opinions expressed on CFR blogs are solely those of the author or commenter, not of CFR, which takes no institutional positions. All comments must abide by CFR's guidelines and will be moderated prior to posting.

* Required

Pingbacks