The Justice Department raised eyebrows last week when it unveiled charges against four members of China’s People’s Liberation Army for hacking into the credit-reporting agency Equifax and stealing sensitive information on 147 million Americans. The charges are the latest in a campaign of indictments against Chinese-government-linked hackers that dates to 2014 but has ramped up considerably since 2017, the year the Equifax breach took place. Like the defendants in several prior hacking indictments, the men whose identities were revealed to the world this week are based in China and almost certainly will never appear in a U.S. court to stand trial. Taken alone, the indictments are a hopelessly anemic response to one of the largest personal-data breaches ever recorded.
The bigger picture doesn’t look much better. As the Harvard law professor Jack Goldsmith and I have argued before, if deterrence is the measure of success, the United States’ Chinese-hacking indictment strategy has all the earmarks of a spectacular failure. A raft of media and government reports suggests that China’s state-sponsored cybertheft has not meaningfully diminished in response to the U.S. indictment campaign. This shouldn’t come as a surprise: The costs to China of being “named and shamed” are almost certainly dwarfed by the billions of dollars of value obtained from pilfering U.S. technologies and the untold intelligence benefits of cultivating a massive database on American citizens.
If not deterrence, what might be the pu ..
Support the originator by clicking the read the rest link below.
