How China’s Intelligence Law Backfired

Glenn Chafetz is the Director of 2430 Group, a non-profit, non-partisan institution that produces and disseminates research on state-sponsored espionage against the U.S. private sector. Glenn has more than 30 years experience in government, academia, and the private sector. He spent most of his career at CIA, where he served multiple overseas tours, including three as Chief of Station. He was also the Agency’s first Chief of Tradecraft and Operational Technology.

This article was first published in The Cipher Brief in May 2024.

The Chinese Communist Party (CCP) announced in 2017 that it would compel its citizens and its companies to steal secrets from the rest of the world. This announcement came in the form of Article 7 of the National Intelligence Law, which made cooperation with China’s intelligence services a requirement for all Chinese everywhere. Now in 2024, enough time has gone by to assess the effects of this law. They are not all of what the CCP hoped for and expected.

Predictably, the global targets of China’s espionage responded to China’s new law by scrutinizing the behavior of all Chinese citizens, companies, and other non-official entities in their countries. Of course, the Intelligence Law was hardly the only reason for increased attention to China’s espionage; China’s unprecedented level of spying and theft of technology and intellectual property were causes enough. The law’s main effect was to highlight the role ordinary citizens and companies were compelled to play by the CCP in China’s espionage.

This scrutiny on Chinese individuals and companies has resulted in dozens of strong reactions, including Australia’s 2018 ban on the use of products made by Chinese firms Huawei and ZTE in Australia’s 5G networks; Sweden’s identical ban in 2020; India’s total prohibition of TikTok in 2020; Switzerland’s closure of a Chinese-owned hotel abutting an airbase in 2023; and of course, the ongoing U.S. effort to ban TikTok.

In each one of these cases, the Foreign Ministry of the People’s Republic of China issued a statement to the effect that the foreign actions were unjustified, unfair, discriminatory, lacking evidence, and even paranoid.  Huawei responded to bans by offering to conclude “no-spy” agreements with the countries that prohibited its equipment. TikTok’s representatives have repeatedly assured foreign governments that TikTok does not share user data with the government of China.

Leaving aside the veracity of TikTok’s claims and the sincerity of Huawei’s offer, both companies would be in violation of China’s law if they refused the demands of their intelligence services for cooperation. One might argue, as Huawei and TikTok have, that the government of China has not demanded such cooperation. Wang Jin, who owned the Swiss hotel, insisted that his hotel had nothing to do with the nearby airstrip housing American supplied F-35s. That may be so, but how are Western governments to know which people and which companies the CCP requires to spy on its behalf? Are we to take the word of the CCP and its millions of compelled proxies?  The CCP insists that it does not hack and does spy. The only prudent response to such a law is to treat all PRC citizens and companies as potential intelligence collectors.

What then is the CCP to do? It strenuously decries the scrutiny its own actions invite. If the party wishes to reduce the scrutiny, it could repeal the 2017 legislation, but law as a check on power is meaningless in a one-party dictatorship in which the party holds itself above the law.  The purpose of the 2017 law was to communicate to the Chinese people that they had no choice but to become intelligence collectors. The problem the CCP faces today is that the rest of the world got the message too.

Previous
Previous

Kamala Harris and China

Next
Next

Fox in the Henhouse: The Growing Harms of North Korea’s Remote IT Workforce