The US government’s assault on TikTok is taking a toll on the Chinese-owned platform, with chief executive officer Kevin Mayer opting to resign after just a few months on the job. While TikTok is certainly a victim of geopolitical tensions, many of its issues stem from legal frameworks that apply to other Chinese tech companies doing business internationally.
Those include telecommunications giant Huawei, the target of new US sanctions dubbed a “lethal blow” to its access to computer chips, as well as DJI, a dominant player in the global drone market increasingly shunned by US government agencies.
In reality, deteriorating US-China relations are just the trigger to act on long-standing data privacy concerns. Even prior to the trade war between Washington and Beijing, Western officials suspected Chinese companies were heavily influenced by China’s political leadership.
In service of the state
There is plenty of evidence pointing to emerging legal frameworks blurring the lines between the Chinese state and private interests and potentially obligating private companies to further government objectives.
In 2015, the Communist Party of China (CPC) introduced a national security law stating that all citizens, enterprises, and public institutions “shall have the responsibility and obligation to maintain national security.” One year later, Beijing introduced a cybersecurity law requiring network operators, including Huawei, to provide technical support to public security and national-security organs.
Official discourse has further shaped outside perceptions of China’s strategy to enhance its dominance over the technology sector. In April 2018, the Cyberspace Administration of China and the China Securities Regulatory Commission jointly released a plan “promoting capital markets to serve the strategy of building China into a cyber-superpower.”
Nor are foreign companies exempt. Article 19 of China’s Corporate Law de facto gives CPC representatives within companies a formal role in business decisions, with police-embedded cells potentially involved in processing personal information without proper due diligence, on the campuses of high-tech Chinese enterprises such as Baidu, Alibaba, and Tencent but also within multinational companies such as Samsung Electronics and Nokia.
While Chinese firms and the government push back against allegations that their equipment and software could be used for spying, Beijing has yet to issue clarifications for its extensive data and digital governance laws to mollify outside criticism.
Western governments taking action
Those suspicions haven’t prevented China from securing a dominant position in high-tech supply chains. They have, however, forced Chinese companies to navigate resistance from governments in Europe and North America. In 2019, President Donald Trump signed an executive order barring US companies from using telecommunications equipment manufactured by companies posing a national security risk – Huawei chief among them.
After the US Department of Justice accused the telecommunications giant of attempting to steal trade secrets from T-Mobile, US Attorney General William Barr advocated the United States and its allies acquiring a “controlling stake” in Finland’s Nokia and Sweden’s Ericsson to counter Chinese dominance. Barr’s proposal has not gained traction, but America’s allies have echoed Washington’s concerns about Huawei.
In May 2019, Dutch intelligence agency AIVD accused Huawei of building a hidden “back door” into the network of a major local telecommunications firm that might help access private data. Similar fears of potential national security threats have emerged in the Czech Republic, Germany and Australia.
Commenting on Huawei’s activities, German Federal Intelligence Service (BND) chief Bruno Kahl asserted, “Huawei has a very high level of dependence on the Communist Party and the country’s intelligence apparatus.”
Huawei has responded by offering to sign no-spy agreements with multiple European governments, in addition to commissioning a 37-page legal opinion documenting its independence from the Chinese government. Further legal analyses of that declaration, however, have described it as “misleading and in places inaccurate.”
Drone manufacturer DJI has run into similar complications. Despite enjoying an estimated global market share of 70% and providing unmanned drones to a number of American state and local agencies, the US federal government has largely ruled out using DJI’s products amidst fears the companies could be vulnerable to hacking or that user data could be transferred to the Chinese government.
While DJI denies allegations of surreptitious data transfers, cybersecurity firms including Synacktiv and Grimm have found “hidden command and control features” within DJI applications that allow Chinese servers to remotely control user devices.
The US military has progressively banned the use of DJI drones by its services, while the Department of the Interior permanently grounded its fleet of more than 800 drones – all made in China or containing Chinese parts – last year.
The Heritage Foundation has urged Washington to go even further, pointing to DJI security protocols that potentially expose American user data, as well as the use of DJI drones by Chinese authorities in Xinjiang, to argue for sanctions in line with those placed on Huawei.
The Kaspersky precedent
Can Chinese companies overcome these fears and shore up the shaken confidence of their foreign customers? In all likelihood, as Russian cybersecurity and antivirus provider Kaspersky Lab learned after its own blacklisting, access to Western markets – especially technology markets – is becoming more dependent on geopolitical developments than commercial ones.
Kaspersky’s products were banned from US government use in 2017, when government agencies were asked to remove the antivirus software from their networks. Much as with Huawei, American officials argued that the Russian company’s products could be under the influence of the Kremlin, representing a threat to US national security.
In 2018, investigative reporting by the Russian independent outlet Meduza revealed how the growing predominance of executives linked to Russia’s security services inside the company laid the groundwork for Kaspersky Lab to push out Western investors and instead work in close collaboration with the Federal Security Service (FSB).
While party cadres embedded within Chinese technology companies raise similar red flags, the rapid growth of these firms makes them more difficult to exclude from the global economy.
In 2009, Huawei’s revenue barely exceeded US$20 billion; by 2019, revenue had soared to $121.72 billion, making the company the world’s biggest maker of telecommunications network equipment and the second largest manufacturer of smartphones.
The company is also a major player in multiple European economies, contributing €12.8 billion (US$15.1 billion) to the European Union’s overall gross domestic product in 2018 and complicating Washington’s attempts to force it out of European communications networks.
Given their overwhelming market share, Washington can hardly expect to exclude dominant players like Huawei and DJI through coercive policy measures alone. At the same time, however, these Chinese companies will have an increasingly difficult time participating in sensitive Western projects – such as government contracts or critical infrastructure.