On Wednesday, 2 May, the Wall Street Journal broke the story that the Pentagon plans to prohibit the sale of phones made by Chinese mobile phone companies Huawei Technologies Co. and ZTE Corp. in retail outlets on U.S. military bases around the world, citing potential security threats they say the devices could pose. As of this writing, the Department of Defense has not yet made any announcements via defense.gov or any other official medium.
According to reports, defense officials are concerned that the Chinese government could order the firms to track soldiers’ movements or snoop on their communications. Both Huawei and ZTE have denied that such a scenario is even a possibility.
The current parameters of the ban are not particularly strict. First of all, the Pentagon isn’t blocking military members from using Huawei or ZTE phones for personal use—officials couldn’t do that if they wanted to. Additionally, the military may still issue an advisory on purchasing the devices in specific scenarios deemed necessary. But clearly the cutting off of core supply lines on bases and defense installations around the world was meant to temper the prevalence of the handsets made by these companies among military personnel. Apparently, while Huawei and ZTE phones aren’t particularly widespread on U.S. bases, they are considerably more popular with foreign deployed personnel, especially in other Western countries. Providers on bases in countries like Germany have already pulled these Chinese products off the shelves.
A Long Vendetta
The decision by Defense to restrict Huawei and ZTE devices in military locations is the latest in a years-long effort by the federal government to undermine these companies in the U.S.
As the Pentagon came out with these new restrictions, some members of Congress are busy with efforts to even further expand restrictions on Huawei and ZTE. Back in February, two Republican senators introduced legislation to block any U.S. government entity from buying or leasing telecommunications equipment from Huawei Technologies or ZTE Corp. According to Arkansas Senator Tom Cotton, a supporter on legislation targeting the group, “Huawei is effectively an arm of the Chinese government, and it’s more than capable of stealing information from U.S. officials by hacking its devices.” Cotton added: “There are plenty of other companies that can meet our technology needs, and we shouldn’t make it any easier for China to spy on us.” The February bill was similar to another piece of legislation introduced a month before in the House, also aimed at forbidding government entities from using Chinese technology.
The fact that multiple laws of this type have been brought to the floor of Congress should come as no surprise. Over the past several months, Chinese companies have come under a salvo of regulations from federal bodies, many of them having substantial effects on American business and commerce. Earlier this year, AT&T Inc. was forced to scrap a collaborative plan with Huawei, in which the company would offer its customers Huawei handsets. AT&T was pressured into dropping the deal after members of Congress lobbied the Federal Communications Commission (FCC) directly by sending a letter to its head, Ajit Pai, which expressed concerns “about Chinese espionage in general, and Huawei’s role in that espionage in particular.”
The U.S. government also blocked the purchase of MoneyGram International by Chinese company Ant Financial. A federal interagency panel known as the Committee on Foreign Investment (CFIUS) refused to approve what would have been the greatest purchase of U.S. assets by a foreign buyer. Over a year ago, as the deal was just getting off the ground, several members of Congress had come out with public statements against the acquisition. Here again, the concern was that the purchase could allow “malicious actors” to obtain data on U.S. military personnel and their families who use MoneyGram’s service.
The New Red Scare
The measures taken by lawmakers and officials in Washington over the past several months are far from a recent development. They have their roots in nearly six years of federal investigations and concerns over foreign technology.
In October 2012, the Senate Select Committee on Intelligence released their Investigative Report on the U.S. National Security Issues Posed by Chinese Telecommunications Companies Huawei and ZTE. The 60-page report outlined the “threat posed to US national-security interests by vulnerabilities in the telecommunications supply chain” by the influx of Chinese technology in the American market. The reports claimed that Huawei “did not fully cooperate with the investigation and was unwilling to explain its relationship with the Chinese government or Chinese Communist Party” while at the same time “credible evidence” was discovered that the company “fails to comply with US laws.” What the Committee found even more distressful were the reports gleaned from interviews of current and former company employees that Huawei USA is managed almost completely by the Huawei parent company in China which “undermines” Huawei’s claims that its American operations are largely disconnected from the parent company. Similar findings were presented regarding ZTE. According to the report, ZTE executives did not cooperate with investigators and failed to explain its connections with the Communist Party and Chinese authorities.
https://youtu.be/rQd3RxMG5m8
Around the same time, the Pentagon came out with its annual “Military and Security Developments Involving the People’s Republic of China” report for 2012. The Defense Department made specific reference to the threat posed by the “Civil-Military Integration” in China, and how authorities could use these connections to exploit the presence of Chinese technology the world over for intelligence gathering. The report mentioned several technology firms by name, including Huawei, and asserted that “ties to the PRC government and PLA entities, pose potential challenges in the blurring lines between commercial and government/military-associated entities.”
The claims of the reports were vague. Little evidence was presented. But the dye had been cast.
Ever since, Chinese tech, Huawei and ZTE in particular, have been on the radar of not just the United States, but that of the whole Western world. Shortly after the federal reports damning Chinese tech were released, European Union officials began building a case against Huawei and ZTE on suspicions that they colluded with PLA authorities to lower product prices through government subsidies. That same year, Belgian state security service, the VSSE, began investigating Huawei and ZTE due to concerns that their technology may be exposing the country’s national critical infrastructure. Both companies provided hardware for the 4G network used by Belgian phone operators Belgacom and Mobistar. Reports popping up penned by analysts from New Zealand, Australia, UK, and other European states, indicated that Huawei and ZTE were almost certainly “fronts for Chinese intelligence.”
All along, the lack of incriminating evidence has lead to quite a bit of skepticism. As many observers in the IT security world have pointed out, the world doesn’t have to rely on governments to detect threats from technology anymore. Private firms and developers have become very good at identifying malware, infected apps, and other malicious tools on devices. If there was really some PLA conspiracy to use Chinese technology to spy on the world, the private industry would have almost certainly spotted it.
When Markets and Government Collide
All of this is pointing to a slightly disconcerting pattern that has developed over the last two U.S. administrations. Executive powers have been used several times over the past several years to regulate foreign tech on the basis of unspecified security concerns. Some of these decisions have only affected the government sphere, such as the ban on software produced by Russian firm Kaspersky on federally-owned computers. But other instances have had major consequences for the private market, the above deals involving AT&T and MoneyGram being two cases in point.
In other cases, deals have been nixed by authorities years into negotiations. Last year, President Trump blocked the sale of Lattice Semiconductor Corp. to a buyer funded by a Chinese state-owned entity. The acquisition of Lattice by Canyon Bridge was announced in November 2016 for a total purchase price of $1.3 billion. The parties filed for approval by CFIUS around December 2016, only weeks after President Obama issued an executive order blocking the Chinese acquisition of the American wing of German firm Aixtron. CFIUS recommended the deal be blocked by executive order, a recommendation Trump carried out in September 2017.
Walking the Tightrope
The potential threat of foreign technology to American infrastructure, civilian and military alike, is real. Writing off these fears as complete paranoia is not only wrong, it’s unsafe. With that said, history has demonstrated the risk of descending into a downward spiral in which unfounded fear becomes the key factor in determining policy.
As the spread sources of our technology become increasingly more diversified, the job of verifying the safety of our hardware, programs, and array of mobile devices, will take on a new importance. The most effective thing for US policymakers is to approach the subject with a good dose of prudence, and perhaps some solid guidelines—consultation and input from the private sphere being an excellent place to start. Only in this way can America insure that its national security efforts will not run amok and wreak unnecessary havoc on the free commerce, the material bedrock of our society.