The Chinese government is regularly bashed in the Western press for its surveillance methods — facial recognition, genetic mapping, etc. I definitely have seen and heard criticisms of China’s surveillance methods in Asia which I agree mostly.
What I have not seen is a doctrinally sound proposal for reform that takes into account the limiting factor that it is a Communist country. In countries with independent judiciary, the warrant doctrine dominates and triages much of state surveillance through fair process. What should a Communist country without the usual tripartite separation of powers do? Having said that, the atrocities in Xinjiang and Uguir must be stopped immediately without any question and should be dealt with separately in terms of brutal colonization. But, we may need a more nuanced approach to domestic run-of-the-mill surveillance and censorship issues.
There is much discussion around the idea that China’s state-run surveillance campaign could spread across the region and the world. However, a surveillance system consists of law and technology. If surveillance law is somehow cross-polinated into another country, it will be less an act of export by the sending country than an act of active adoption by the receiving country: law cannot be easily exported unless the pre-existing legal culture of the receiving country attracts it.
Technology can be more easily exported without active adoption by the receiving country’s government because the software and hardware are ‘purchased’ product-by-product without line-by-line public scrutiny focused on foreign laws being adopted. However, what extra measure of surveillance or privacy infringement is enabled by what cutting-edge technology is not being made clear. Even if there is, it is not clear what incentive the Chinese government will have in exporting such high-powered technology when it can be used against China also.
We need a more fact-based approach to China. For instance, security and privacy concerns with Tiktok and Huawei are something that can be raised against Android and any other social media platform. The main damning factor is not technology but Chinese Communist Party’s access to these companies but under a Communist regime, what companies are safe from the government control? Unless we can afford to ban televisions and dish washers from China, criticism of government access to user data must be more nuanced and contextualized, and more importantly based on facts.
What do we lose by not being nuanced and not factually based? Let’s look at the Tiktok-Oracle deal which was essentially data localization of American Tiktok users within the U.S. Territory. China does violate human rights domestically but is data localization a measured response? At the time of the deal, people wondered: What makes Trump more friendly to North Korea than to China when both countries are Communist and have nukes? Was the Tiktok-Oracle data localization really for protection of Americans’ privacy or for US economic supremacy?
Of course, the UK, citing GDPR, made Facebook set up servers in the UK. But the Tiktok-Oracle deal is different from GDPR in that GDPR does not require data localization but rates countries by level of privacy protection and merely prohibits data from going ‘downrate.’ What US is requiring Tiktok to do is data localization specifically within US, singling out Chinese companies only without fact-based analysis of how Chinese law, technology, or governance is hurting American privacy. No wonder people suspected economic supremacy as the motive or of weaponizing privacy for an economic war with China.
China has already done similar data localization, e.g., Facebook and Google are banned in China because Beijing wanted them to set up host servers there and give the government access. The problem is that we will see more of this from China because the US just stooped equally low. What is clear, China will never undo these digital walls now that US has done the same.
Let’s take the rather innocuous example of China’s new data protection law. Even that law has a provision: “If overseas organizations or individuals are found to have damaged Chinese citizens’ rights to private data or involved in personal data activities that harm national security and public interests, they will be put into a blacklist by the Cyberspace Administration of China.” Many American platforms have been already put on a blacklist and I am worried that the new law will only pile on additional justification on such data localization rules. China’s data protection law has tremendous potential to rationalize data localization rules.
Data localization or other forms of digital protectionism can easily turn into digital authoritarianism, as seen in the case of Hong Kong and Myanmar. The Trump US’ wage of digital war with China did not help stem the tide. [to be continued]