New pressure on US tech to comply with China's access demands

New pressure on US tech to comply with China's access demands
© Getty Images

U.S. tech firms may now face increased pressure from Beijing to open up their proprietary source code for review, following a new report that IBM has complied with Chinese demands for access.

IBM has begun allowing officials from China’s Ministry of Industry and Information Technology to examine its source code in a closed space, according to The Wall Street Journal.

IBM says it is seeking to reassure officials that it does not allow the U.S. government “backdoor” access to its systems.

“IBM has in several countries established the capability to conduct limited demonstrations of specific aspects of our technology in highly-secure, controlled IBM environments that have no external communication links,” the company said in a statement on Friday.

“This is done to reassure key stakeholders, including our clients, that no means exist for other parties to access IBM technology or data we manage on behalf of clients.”

Observers say that other firms wishing to operate in China may now have no choice but to follow IBM’s lead.

“The united front is done,” said Christopher Swift, a former official with the Treasury Department Office of Foreign Assets Control and a current national security professor at Georgetown University.

“Other tech companies are going to be very upset with this,” Swift said.

Beijing has been putting pressure on U.S. firms to open up sensitive information for review in order to be granted access to China’s market.

Although President Xi Jinping has cited national security concerns, critics have characterized the Chinese government’s demands as protectionist.

Earlier this summer, China urged companies sign a pledge promising that their products were “secure and controllable,” a highly contentious phrase that some say could give Beijing officials guaranteed access to encrypted data and source code.

The document reportedly included an agreement “to cooperate with third-party institutions for assessment and verification that products are secure and controllable.”

Skeptics are concerned that this level of access could give notoriously light-fingered Chinese firms a competitive edge.

Others say that Beijing’s demand for access is more likely part of backlash across the globe to former government contractor Edward Snowden's revelations about U.S. spy programs rather than a quest for commercial gain.

“Do you think the Chinese government is interested in it for the purposes of determining what the source code is? No, they want to know how people can get into their systems,” Swift said. “It’s a security issue for them.”

Xi has pushed back against allegations that Chinese regulations are meant to promote domestic firms at the expense of foreign competitors.

“We welcome all foreign companies in China and will respect and protect their lawful rights and interests provided that they abide by the laws and regulations of China and do nothing to undermine China’s national interests and interests of Chinese consumers,” Xi said in a long, written interview with The Wall Street Journal in September.

Some say the kind of review that IBM is granting isn’t unusual and, without knowing more detail about the extent of the access the company is allowing Chinese officials, it could be little more than a symbolic gesture.

“There’s always been costs to doing business in China and one of those costs has been technology transfer,” Swift said. “That’s a normal part of doing business in a rapidly developing country and it’s been a normal part of doing business with the Chinese communist regime.”

Matthew Prince, CEO of Internet performance and security firm CloudFlare, says the practice is even more widespread.

“While it can be fashionable to be critical of Chinese policy — and there are certainly things that are extremely challenging about working in the region — they are hardly the only government that has asked to have copies of source code of the companies that they work with,” Prince told The Hill.

“I’m not sure what’s ‘new’ here,” he said, agreeing that IBM’s decision to grant source-code access to Beijing is probably at least in part an effort to build trust after the Snowden revelations sparked worldwide concerns that U.S. firms were granting intelligence agencies unfettered access.

Instead, Prince says, what’s significant about IBM’s source code review is that it’s being discussed publicly.

“What I think is different is one, companies are talking about this, which they’ve been loathe to do in the past, so I think that’s interesting that IBM has chosen to do that,” Prince said. “Two, I think it’s interesting that the Chinese government is talking about it.”

Observers say IBM already has a closer-than-normal relationship with China.

Prince suggested that IBM, which is known for its commitment to open-source software, would not necessarily have been ceding any particular advantage by complying with Beijing’s requests.

CloudFlare’s second largest market is China and the company recently inked a major deal with “the Chinese Google,” Baidu.

Prince says that because CloudFlare’s business is built around open-source software, it hasn’t faced the same “gut-wrenching” hurdles to entry that companies that rely on traditional closed-source software have.

“It may have been an easier choice for [IBM] than for companies that rely on closed-source proprietary software,” Prince said.

The message it sends is the same, however: A major U.S. tech firm is playing by Beijing’s rules.

“From a substantive perspective, this doesn’t seem to be as much of a disclosure as the headlines might suggest,” Swift said. “From a symbolic perspective, it is important because one of the U.S. tech giants has agreed to the Chinese government’s requests.”