U.S. Investigates Chinese Telecom Companies Over Data Security Concerns
The Biden administration has launched an investigation into China Mobile, China Telecom, and China Unicom amid worries that these firms might misuse their access to American data through their U.S. cloud and internet operations, potentially sharing it with Beijing. This probe is being spearheaded by the Commerce Department, which has conducted "risk-based analyses" on China Mobile and China Telecom, while the examination of China Unicom remains in early stages.
The state-backed Chinese companies own a minor share of the U.S. market by providing cloud services and facilitating wholesale internet traffic. Despite the Federal Communications Commission (FCC) previously revoking their licenses to deliver telephone and retail internet services in the United States, the firms can still access U.S. data. Responses from the companies and their legal teams were not provided, and U.S. authorities remained reticent, with the Chinese Embassy urging the U.S. to cease its suppression of Chinese firms.
No conclusive evidence has been unearthed indicating these companies have intentionally relayed sensitive U.S. data to the Chinese government or committed other malfeasance. However, this investigation is part of Washington's escalating efforts to prevent potential exploitation of U.S. data by Chinese companies amid a broader geopolitical technology rivalry. Regulatory decisions on managing the perceived threat are pending, but officials possess the authority to halt transactions that facilitate these firms' operations within data centers and internet service routes in the U.S.
Routing Issues and Historical Concerns
These Chinese telecom giants have long been under U.S. regulatory scrutiny. Notably, China Mobile was denied access to the U.S. telecom market in 2019, while China Telecom and China Unicom had their licenses revoked in 2021 and 2022, with the FCC further barring their broadband services in April. The FCC's concerns are rooted partly in a 2020 report citing multiple instances where China Telecom misrouted U.S. internet traffic through China, potentially exposing it to interception or manipulation.
China Telecom has countered these claims, arguing such routing issues are commonplace across all networks. Their appeal to overturn the FCC decision was denied by a U.S. appeals court, which recognized substantial evidence suggesting potential use of Chinese tech firms for espionage and sabotage.
Deepening Scrutiny: PoPs and Cloud Services
The investigation extends to the companies' Points of Presence (PoPs) in the U.S., crucial nodes that connect major networks and facilitate data exchange. China Telecom, for instance, has eight PoPs, which the FCC asserts pose significant national security risks. Potential vulnerabilities at these points include metadata analysis and deep packet inspection, capabilities that could allow access to sensitive data.
Additionally, the probe is examining the U.S. cloud services offered by these firms, initially prompted by a 2020 Justice Department referral concerning China Mobile, China Telecom, and Alibaba. The concerns center around the potential for these companies to access and misuse personal and proprietary information, or disrupt access to such data. Specific focus has been placed on a data center in Silicon Valley partially owned by China Mobile, which presents heightened risks due to the opportunities ownership affords to meddle with client data.
This evolving investigation underscores the intricate challenges in balancing technological growth and national security amidst increasing global tensions, highlighting the proactive measures U.S. authorities are considering to protect American interests.