What just happened? A month ago, the Trump administration revealed a five-part "Clean Network" plan to drive out all Chinese tech companies from the American Internet. Now China has launched a global data security initiative to prove it has good intentions, but we'll have to wait and see how this unfolds into concrete action before we can judge its implications.
According to the U.S. Secretary of State Mike Pompeo, the "Clean Network" plan is a necessary move in the face of an increased threat of Chinese espionage and the propagation of a different set of values through popular apps targeting the youth.
China today responded in kind with the announcement of a similar initiative that seeks to prevent foreign governments from exerting too much control over the data of Chinese consumers. The plan is called the "Global Initiative on Data Security," and is comprised of a set of rules concerning data governance and security.
Chinese officials don't mention the Clean Network program in the preliminary draft, but their press statements suggest it was indeed the driving force behind the Global Initiative on Data Security. Chinese Foreign Minister Wang Yi noted "the unilateralism practised by certain countries in the name of cleanliness, and the global hunting of the leading enterprises of other countries on the pretext of security, are blatant acts of bullying that should be opposed and rejected."
Wang believes there is a deficit in global data governance and as such countries should work on communication and coordination to build mutual trust when it comes to the way they handle the data that flows through Internet and telecom infrastructure. This trust deficit was highlighted by Pompeo in his recent remarks about the fact that Chinese companies are required by law to share information with the Chinese government whenever they're asked to do so.
At least in theory, the Global Initiative on Data Security would call on tech companies to refrain from manipulating the hardware and software of their customers, illegally extracting data from devices, or installing backdoors into their products. It would also establish bilateral agreements on cross-border data circulation that "does not infringe a third country's juridical sovereignty and data security." In other words, no espionage or mass surveillance allowed, unless it's done through subtle influence on UN standards.
Wang also reiterated that the Chinese government has not and will not require domestic companies to violate other countries' laws when handling overseas data. In the meantime, there's the issue of two state-sponsored Chinese hackers that have been charged on 11 counts earlier this year for a decade of espionage on US robotics, aircraft, energy, and biotech engineering – to name a few. Their most recent campaigns have targeted coronavirus vaccine research.