A logo shaped in the outline of China, is seen through a magnifying glass on a computer screen showing binary digits in Singapore in this January 2, 2014 file photo illustration. The United States is considering sanctions against both Russian and Chinese individuals and companies for cyber attacks against U.S. commercial targets, several U.S. officials said on August 31, 2015. [Photo/Agencies]
The US alleges China is engaged in an unceasing and highly successful cyber espionage campaign against the United States, its government and economic interests.
Could poor cyber relations with China also be the fault of the Americans?
For starters, in the diplomatic realm there is no other relationship on cyber issues like it. China and the European Union get along quite well on cyber issues, including joint research through OpenChina ICT. Certainly, there is less acrimony and less overt suspicion between the two sides.
Russia and China, for their part, have signed an agreement to limit hacking against each other. Beyond Russia, China’s relations with India and Japan are not so bad in this field either.
At one level, the present state of affairs can be explained easily for the US. It can (afford to) be more strident than any other Western country in its diplomacy because it is more powerful.
In addition, relative to most countries that are getting along better with China in cyber affairs, the US also puts more stock in certain issues of principle, such as human rights protection in cyberspace and theft of intellectual property. Washington also believes it has to stand up to Beijing on such issues, not least because of the way in which China’s power is disturbing American allies in the Pacific. This is one motivation of the “rebalance to Asia” in US strategy.
At another level, the style and tone of current US cyber diplomacy toward China looks surprisingly messy. This is unexpected because US diplomacy toward China under President Barack Obama has generally been impressively organized and thought through.
The best way to understand the current situation is to point to several negative factors, which, in their sum total, undermine the coherence of US cyber diplomacy. They include:
A misplaced US sense of moral outrage that, in turn, arises from the mistaken belief that there are unambiguous norms in cyberspace that China is flagrantly violating;
Failure to appreciate China’s deep insecurity in cyberspace;
Lack of knowledge of the details of US cyberespionage and cyber-military operations against China－in addition, there is no net assessment readily available;
Unresolved inter-departmental turf disputes, that is, the Pentagon or National Security Agency skewing the cyber debate for institutional interests;
Inflation of the threat from China’s theft of intellectual property;
A failure to give due weight to the consideration that most cyber systems are inherently vulnerable and cannot be secured against a determined cyber adversary;
The emergence of the US cyber security industry as a lobby group that is very alert to all of the above and plays it for commercial gain;
A lack of understanding of how dependent China is on the US and allied supply of communications and information technology;
An almost hysterical relationship between the two major US political parties on national security issues; and
A mass media environment that is all too receptive to cyberspace dramas and anti-China stories.
But what is equally undeniable is that the impact of the China cyber threat compared with other threats is exaggerated by the US cybersecurity community.
What is particularly ironic, given all the US charges against China, is the deep interdependence of the two countries’ cyber-industry sectors. China depends on the US for its own cyber power. And leading US suppliers of communications and information technology are heavily dependent on China in their supply chain or even as a source of final manufacturing. Their level of involvement in China is so deep that they have even lobbied against US sanctions on China for cyber espionage.
The challenge is to unravel this entanglement of influences and to base US cyber diplomacy on a more sophisticated notion of everything that is actually playing out.
The détente experience of Soviet-US relations during the Cold War suggests that less outrage against espionage and a more nuanced appreciation of its limited impacts relative to the larger military threats could lead to better－more realistic－relations.
The author is a professorial fellow at the EastWest Institute and has the book, Cyber Policy in China, to his credit.