The Trump Administration recently announced the expansion of the Clean Network Program (CNP), an initiative purportedly intended to safeguard United States citizens and companies from malicious cyberattacks by the Chinese government and its affiliates. Secretary of State, Mike Pompeo, explained that the CNP expansion is a result of growing discourse within the Chinese government and the desire of the Trump administration to end its reliance on Chinese technology and decouple the two systems.
The CNP expansion is a consequence of American companies’ growing reliance on cloud technology and their concerns about data security in relation to the Chinese government. In the United States, cloud spending from large corporations has generated an estimated US$214 billion to US GDP and created approximately 2.2 million jobs. The rise in the United States’ dependence on cloud technology has resulted in various hacking attempts traced back to the Chinese government that have stolen both US citizens’ personal information as well as classified US government data. There are concerns that should Chinese companies increase their industry exposure in the United States market, because of policies in China requiring companies to cooperate with government intelligence efforts, Beijing could potentially gain easier access to intelligence and data gathering from American users through private sector backchannels and thereby pose a threat to US consumer interests.
China’s counter offer
To combat the Chinese government’s exposure to the United States’ tech industry, the US created the CNP. The CNP is characterized by the “6 C’s” which include: Clean Cloud, Clean Carrier, Clean Store, Clean Apps, and Clean Cable. The CNP expansion, in partnership with 30 countries, aims to exclude Chinese companies from areas like corporate operations and cloud services, and prohibits Chinese web-based applications from using technical infrastructure currently used by the United States and participating countries.
Following the announcement of the CNP, the Chinese government quickly accused the United States of targeting and sabotaging its technology sector. In retaliation, on September 8, 2020, the Chinese government announced its counter-initiative, the Data Security Initiative (DSI). The DSI highlights countries’ sovereignty, introduces international policies covering data security, and calls on all participating countries to handle data security in an objective and fact-based manner. Through the DSI, China and participating countries also agree to reject the use of surveillance against other nations and work together to impose policies that reflect the interests of the majority.
Key differences between the two initiatives
China’s Data Security Initiative directly competes with the US Clean Network Program. As it currently stands, it is unclear whether the United States’ CNP expansion will prevail or if third party countries will align with China’s DSI. As it currently stands, there are roughly 20 countries partnered with China’s DSI versus the 30 nations aligned with the United States’ CNP. As China emphasizes international policy and community, there lies a possibility of bringing its DSI forward to organizations like the United Nations, where China has a heavier hand through leadership positions in committees like the International Telecommunication Union.
As China’s technological influence continues to grow in the United States, it stresses the lengths that both the US and China are willing to go in order to protect national sovereignty and data security from prying actors. As tensions over the safeguarding of governmental, corporate, and citizen data grow between Washington and Beijing, the CNP and DSI initiatives may set the stage for the next cyber battleground between the two nations.