China’s Anti-Espionage Law Raises Foreign Business Risk

News Room

The latest brick in China’s “Legal Great Wall” was laid last week. On July 1, updates to China Anti-Espionage Law came into effect, sending waves of anxiety through foreign business communities in China. The Anti-Espionage Law is the latest in a series of fifteen national security-related laws passed in recent years to strengthen China’s security state, but this one caused a U.S. intelligence agency to issue a public warning. The United States National Counterintelligence and Security Center, part of the Office of the Director of National Intelligence, warned U.S. businesses about an increased risk of doing business in China, citing the revised law. The law creates new risks for foreign companies, business travelers, academics, journalists, and researchers. Its nebulous language allows China significant leeway to investigate and prosecute foreign corporations. To avoid foreign businesses being unwitting weapons as tensions rise between the United States and China, the U.S. public and private sectors must work together to manage this threat.

The updated law expands the definition of espionage to cover “all documents, data, materials and articles concerning to national security and interests included for protection.” The prior law covered only “state secrets and intelligence.” The law does not define the term “national security” and “interests.” The law defines espionage and espionage activities, respectively, as “collaborating with spy organizations and their agents” and “conducting cyber-attacks against state entities, confidential-related units, or critical information infrastructure.” The law also makes “joining espionage organizations and their agents” a category of espionage activity, without defining what linkages qualify as “joining.” “Inciting,” “enticing,” “bribing,” and “coercion” of a foreign official to defect are also considered espionage activities.

Analysts argue that these broad provisions might apply to regular business activities. Corporations doing business with the U.S. government might be deemed to be conducting intelligence activities. Market research and business intelligence might now be considered espionage if documents, data, materials, and items related to national security are involved. Hiring a former government official might constitute coercion. Hiring anyone with knowledge of issues related to national security or relevant technologies might subject a corporation to investigation and sanction. Foreign firms involved in technology collaborations with Chinese enterprises may violate the law if their collaboration relates to national security. Corporate users of data centers and cloud services in China might be investigated if that data relates to national security.

The revised law gives the Ministry of State Security and its local counterparts unprecedented enforcement powers to enter, question, inspect individuals’ electronic devices and business facilities. Analysts fear that the Ministry might gather sensitive data from foreign firms under the guise of preventing espionage. Corporate officials might also be subject to exit bans while under investigation.

Not everyone believes the Anti-Espionage Law presents cause for concern. China has stressed that every country takes measures to protect their national security and counter spying. The Global Times, viewed as a mouthpiece of the Chinese Communist Party (CCP), has accused the West of manufacturing false concerns about the law. Bob Guterma, the CEO of the China Project, says that the law simply clarifies and specifies activities that always would have run afoul of the Party. Chinese Premier and Minister of Commerce have sought to assure corporations that it will not de-risk from their products.

Perhaps the best assurance to Western businesses is that China seemingly cannot afford to alienate foreign corporations and investors right now. China’s economy has had an unsteady recovery from COVID. Even as it tries to decouple from the United States, China is still reliant on foreign investment for growth.

However, experts have sounded the alarm. Besides the Center, U.S. Ambassador to China Nicholas Burns, major law firms, the American Chamber of Commerce, and other business interests have raised fears. China’s counter-espionage Chief has also called for a crackdown on espionage activity under the new law. The Global Times has reported that China will step up law enforcement against foreign corporations. The ambiguous scope of the law chills speech within China. Some analysts believe topics such as the origin of COVID, China’s pandemic death toll, and even attempts to collect or discuss accurate data on China’s economy could all fall under the revised law.

Moreover, the threat environment and timing of the revisions are concerning. China’s crackdowns against foreign corporations have been rising, including detention of employees. In a recent EU Chamber of Commerce survey, nearly two-thirds of businesses reported that doing business in China has become more difficult, and six in ten reported that it has become more politicized in the past year. High-profile detentions of Western business travelers have also sparked concerns. Accordingly, the U.S. State Department updated its travel advisory for China last week, citing the “risk of wrongful detentions.”

The United States should push back on this threat to its economic interests, with help from corporations themselves. The United States should pressure the Chinese government to clarify the meaning of the law, in order to safeguard the interests of American businesses in China. The United States should also assure the PRC that it is not using its private sector businesses for intelligence and security purposes.

Meanwhile, corporations doing business in China must prepare for and insulate themselves from the risks inherent in the new law. Businesses should examine and update their existing processes and policies to ensure that they address the expanded scope of espionage activities in the new law. They should review and strengthen their due diligence processes for employee, vendor, and partner selection to identify potential exposure to materials, individuals, and organizations covered by the law. They should evaluate all data systems, classify potentially sensitive information as such, and develop protocols for limiting and identifying who has access to it. They should develop clear reporting and compliance procedures, incident and crisis management programs, and prepare for unannounced visits and raids by Chinese government officials. Businesses must also ensure risk mitigation, safety plans, and cybersecurity plans for any business travelers to China.

The parameters of doing business in China have changed with the erection of the “Legal Great Wall.” Even if China does not immediately act to enforce the new law, the legal revisions plant the seed for investigation and enforcement against foreign corporations in the future. Businesses will need to perform continual risk assessments as the competition, threat, and legal environments continue to evolve. If the United States bans TikTok or restricts other Chinese technology, China is now in position to strike back by choking Western businesses. Close cooperation between the U.S. private and public sectors to manage this threat will be critical.

Read the full article here

Share this Article
Leave a comment