China Is Watching the FBI-Apple Battle Very Closely

Protesters carry placards outside an Apple store in Boston on Feb. 23, 2016.

AP Photo/Steven Senne

AA Font size + Print

Protesters carry placards outside an Apple store in Boston on Feb. 23, 2016.

Even if the U.S. government abandons its insistence on a backdoored iPhone, Beijing may not.

Shadowing the standoff between the FBI and Apple over access to an encrypted iPhone used by one of the San Bernardino attackers is the question: What will China do? If Apple creates unique software that allows Washington access to the phone, does that open the door for Beijing to make similar demands on the company and all other foreign technology firms operating in China? As Sen. Ron Wyden of Oregon argued, “This move by the FBI could snowball around the world. Why in the world would our government want to give repressive regimes in Russia and China a blueprint for forcing American companies to create a backdoor?”

Certainly, China watches U.S. statements and policy very closely. An early draft of China’s counterterrorism law included provisions requiring the installation of backdoors and the reporting of encryption keys. In the face of criticism from the US government and foreign technology companies, Fu Ying, spokeswoman for the National People’s Congress, defended the provisions as in accordance with “international common practices,” adding that it was common for the Western countries, such as the United States and Britain, to request tech firms to disclose encryption methods. The final law, passed in December 2015, was much more ambiguous about what type of demands the government would make on technology companies, but it is clear that Chinese leaders are more than happy to exploit what is happening in the United States as rhetorical cover.

Yet we should be clear that what happens in the United States will have very little impact on what China ultimately decides to do. Beijing, like governments everywhere, wants to collect and analyze data for law enforcement and national intelligence reasons. The desire for data may only intensify under Xi Jinping’s leadership; the Chinese Communist Party appears increasingly worried about domestic stability and the spread of information within the country’s borders. For foreign companies, refusal to cooperate with the Chinese authorities will increasingly lead to a loss of market opportunities.

Faced with competing pressures across the many jurisdictions that they operate in, there are no easy options for the companies. Any resolution will be political, not technical. The ideal outcome is a multilateral agreement that embraces privacy and the strongest encryption possible, but also allows government access to data for legitimate purposes.

The most workable solution within the United States may in fact involve sidestepping the question about whether governments (or companies) should be able to break encryption. As a recent report from the Berkman Center for Internet & Society at Harvard University argues, there are now massive amounts of data generated through the Internet of Things (cars, thermostats, surveillance cameras and hundreds of devices other connected devices) and the metadata (time, location, address, but not content) produced by cell phones and Internet communications. This data can be made available to law enforcement through established legal procedures, while leaving the encryption that protects phones and other devices alone.

This approach could be standardized across the Atlantic. Governments would leave encryption alone, but share other measures to collect data. With Privacy Shield, the new agreement that regulates the transfer of data by companies between the U.S. and the EU, and reports that the U.S. and UK are negotiating a new treaty that would allow easier access for law enforcement to data, there are promising signs that it is possible to develop trans-Atlantic agreements about how information might be shared across national borders.

China, however, remains the hard case. There is no indication that Beijing would be willing to forgo access to encrypted data on a phone, and, given cultural and political differences, little hope for rules and standards shared across the European, Chinese, and American economies. China and Apple seem to have reached a temporary détente. Beijing has so far not made any further public demands on Apple, and the Chinese market is increasingly important to the company’s future, with revenues growing to $12.5 billion in 2015.

Yet Beijing has also made it clear that it expects foreign companies to follow its rules if they want to continue selling in the Chinese market. As China’s cyber czar Lu Wei said in December, “As long as you don’t harm China’s national interests or Chinese consumers’ interest, we welcome you and your growth in China.” Apple is likely to be pushed, unwillingly, into forking its products, creating separate, less secure products for Chinese users. While this will be a bitter pill for Tim Cook and Apple to swallow, given their promises to defend the privacy of all users, it is likely to be the price of continuing to do business in China.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

    Download
  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

    Download
  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download

When you download a report, your information may be shared with the underwriters of that document.