Silicon Valley shouldn’t let China strong-arm it into spying

Washington, DC (HRW) – In an impassioned speech at the White House’s February 2015 cybersecurity summit, Apple’s chief executive Tim Cook argued that in a world where “too many people do not feel free to practice their religion or express their opinion or love who they chose,” privacy can “make a difference between life and death.” In the two years since Edward Snowden’s first revelations about the National Security Agency’s surveillance excesses, Silicon Valley companies such as Apple, Google,Facebook, Microsoft and Cisco have used their influence in meetings with President Obama and concerted lobbying efforts to rein in mass surveillance in the United States.

To date, these efforts have found Silicon Valley allied with its users. But with companies under mounting pressure in places like Russia and China to aid abusive government surveillance, the industry must decide whether to stand up for their most vulnerable users—those in countries where peaceful dissent can lead to serious reprisals—even if that may affect its business opportunities.

This month’s state visit by Chinese President Xi Jinping is a major test. Xi’s visit opened with US tech executives in Seattle. Chinese officials like Internet czar Lu Wei will also join companies at the US-China Internet Industry Forum, an annual meeting organized by Microsoft and the Internet Society of China. Media reports indicate that executives from Apple, Facebook, Google, Uber and Cisco are invited.

These meetings come at a time when China is considering a raft of new laws—ostensibly about security and counter-terrorism—that would expand digital surveillance and censorship. These draft laws would force Internet companies to store user data locally, making it more accessible to the government. Companies may also be pressed to turn over encryption keys, submit to security audits, and install “backdoors” in their software to enable surveillance. The laws would also expand requirements for the private sector to censor speech and register real names, chilling online expression. Beijing already began this summer by pressuring tech companies to sign a “voluntary” pledge that their products are “secure and controllable”—code words for the same ends.

In an impassioned speech at the White House’s February 2015 cybersecurity summit, Apple’s chief executive Tim Cook argued that in a world where “too many people do not feel free to practice their religion or express their opinion or love who they chose,” privacy can “make a difference between life and death.” In the two years since Edward Snowden’s first revelations about the National Security Agency’s surveillance excesses, Silicon Valley companies such as Apple, Google,Facebook, Microsoft and Cisco have used their influence in meetings with President Obama and concerted lobbying efforts to rein in mass surveillance in the United States.

To date, these efforts have found Silicon Valley allied with its users. But with companies under mounting pressure in places like Russia andChina to aid abusive government surveillance, the industry must decide whether to stand up for their most vulnerable users—those in countries where peaceful dissent can lead to serious reprisals—even if that may affect its business opportunities.

This month’s state visit by Chinese President Xi Jinping is a major test. Xi’s visit opened with US tech executives in Seattle. Chinese officials like Internet czar Lu Wei will also join companies at the US-China Internet Industry Forum, an annual meeting organized by Microsoft and the Internet Society of China. Media reports indicate that executives from Apple, Facebook, Google, Uber and Cisco are invited.

These meetings come at a time when China is considering a raft of new laws—ostensibly about security and counter-terrorism—that would expand digital surveillance and censorship. These draft laws would force Internet companies to store user data locally, making it more accessible to the government. Companies may also be pressed to turn over encryption keys, submit to security audits, and install “backdoors” in their software to enable surveillance. The laws would also expand requirements for the private sector to censor speech and register real names, chilling online expression. Beijing already began this summer by pressuring tech companies to sign a “voluntary” pledge that their products are “secure and controllable”—code words for the same ends.

It’s not only China that is at stake. If tech companies succumb to Beijing’s demands, other governments will note the precedent and seek similar concessions. The trust of American and global consumers that tech companies have worked so hard to regain in the post-Snowden world will be further undermined.

Instead, US technology companies should be using every lever they have to resist China’s quest for a controlled Internet. Beginning at their meetings this month with President Xi, Lu Wei, and other officials, they should publicly insist on the importance of privacy, oppose the draft cybersecurity and counter-terrorism laws and refuse to comply with any similar informal demands. So that it’s not only the Chinese-market aspirants standing on principle, those already operating in China should also renegotiate terms of market access to maximize the privacy and security afforded their Chinese users.

Public Domain via Pixabay

Public Domain via Pixabay

As Tim Cook himself urged in his speech at the White House summit, “If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money. We risk our way of life.”

Chinese users deserve no less from Silicon Valley than American users do.

Prepared by Kenneth Roth for Human Rights Watch