US: Buying Chinese Tech is a “Grave Threat” to Your Data Security

The US government has urged domestic businesses not to invest in Chinese IT kit or data services over fears companies there will be coerced by the Communist Party into enabling cyber-espionage.

The business advisory from the Department of Homeland Security (DHS) clarified what many have known for some time: that the People’s Republic of China (PRC) is on a mission to become self-sufficient in technology and a global tech superpower over the coming decades.

A key part of this strategy is to steal intellectual property from foreign firms and governments. The same tactic is used to enhance the PRC’s military capabilities, the advisory noted.

Local Chinese firms are compelled to covertly assist intelligence officers according to the requirements of the 2017 National Intelligence Law (aka the Cybersecurity Law), and an updated version in 2020 which is designed “to force foreign markets to remain open to Chinese data services providers.”

A third law from 2020 requires foreign commercial crypto firms to provide encryption keys to the PRC government.

Together, these make Chinese tech firms a bad bet for US businesses, because they mean the state can force local providers to send customer data and encryption keys to Beijing, and install backdoors in equipment, the advisory argued.

“The PRC’s data collection actions result in numerous risks to US businesses and customers, including: the theft of trade secrets, of intellectual property, and of other confidential business information; violations of US export control laws; violations of US privacy laws; breaches of contractual provisions and terms of service; security and privacy risks to customers and employees; risk of PRC surveillance and tracking of regime critics; and reputational harm to US businesses ..

Support the originator by clicking the read the rest link below.