Trump’s Tough Talk on Chinese IP Theft: Too Little Too Late?

trumpDonald Trump made some questionable remarks this week that have rightly caused an almighty backlash. But one thing he did that may have more support, is sign an executive memorandum which will most likely lead to a lengthy investigation into alleged widespread Chinese theft of US IP. This is a big deal in Silicon Valley and something that has irked US business in general for years.

The question is, will this latest strategy actually result in any concrete changes on the Chinese side? As you can see from this new IDG Connect piece, I’m not convinced.

Years of theft

There are few things Democrats and Republicans agree on, but one is that China has had things far too long its own way when it comes to trade. The US trade deficit between the countries grew to $310 billion last year, helped by the growing dominance of Chinese businesses. Many of these have been able to accelerate their growth and maturation thanks to IP either stolen by hackers from US counterparts or take via forced joint ventures and tech transfers. Many of them are selling back into the US or their huge domestic market, undercutting American rivals.

Chinese firms don’t have the same restrictions around forced JVs and tech transfers to enter the US market. In fact, the likes of Baidu even have Silicon Valley R&D centres where they’re able to recruit some of the brightest locals, while government-backed VC firms have been funding start-ups to continue the seemingly relentless one-way IP transfer.

There are, of course, more nuances to the dynamic, but you get the point.

All talk

So, will this investigation get us anywhere? After all, it will empower the President to take unilateral action including sanctions and trade embargoes. Well, on the one hand, little gain can be made from stopping Chinese IP hackers, as they have stopped outright theft ever since a landmark Obama-Xi deal in 2015, according to FireEye Chief Intelligence Strategist, Christopher Porter.

“If anything, discontinuing straightforward theft of intellectual property for strictly commercial purposes has freed up Chinese actors to focus more on these other targets than ever before, so the risk to companies before and after the Xi Agreement depends heavily on what industry that company is in and what sort of customer data they collect,” he told me via email.

That’s not to say the Chinese aren’t still active in cyberspace, but it’s less around IP theft, which is the focus of this investigation, Porter added.

“We have seen an increase in cyber threat activity that could be Chinese groups collecting competitive business intelligence on US firms selling their products and services globally—several companies that were targets of proposed M&A activity from would-be Chinese parent companies were also victims of Chinese cyber threat activity within the previous year, suggesting that they may have been targeted as part of the M&A process to give the Chinese company a leg-up in negotiations,” he explained.

Which leaves us with JVs and tech transfers, which have provided Chinese companies with vital “know-how” and “know-why” over the years. To my mind, if there’s any area where the US can and should focus its diplomatic and negotiating efforts, it’s here. However, as reports in the past have highlighted, it took China years to construct a gargantuan, highly sophisticated tech transfer apparatus, and it won’t be looking to bin that anytime soon, especially with the Party’s ambitious Made in China 2025 strategy now in full swing.

Neither side will want to become embroiled in a trade war. The US has too many companies which count China as a major market – it’s Apple’s largest outside the US, for example – and Chinese firms are doing very well selling into the US, as that huge trade deficit highlights.

In the end, my suspicion is that this is just another bit of Trump tough talk which will actually produce very little.

“This long-awaited intervention should also probably be viewed in the larger picture of the way the Trump administration operates: in terms of ‘carrot and stick diplomacy’,” Trend Micro European Cyber Security Strategist, Simon Edwards, told me.

“It is also well documented that the US administration is trying to use trade deals to get action on the situation in North Korea; and perhaps this is more of a stick to be used with the accompanying ‘carrot’ of a greater trade deals?”

Time will tell, but it’s unlikely that US tech companies operating in China, and their global customers, will be any better off after this latest test.

Advertisements

The Annual Cost of China’s Economic Cyber Espionage: $5 Trillion

chinese flagHow much do you think Chinese state-sponsored cyber spies steal from the US each year? No, you’re way off. It’s in the region of $5 trillion – 30% of GDP – according to one expert interviewed in a new exposé of Beijing-backed cyber attacks by the Epoch Times.

I covered this one for Infosecurity and IDG Connect because although most of the info for the article came from publicly available sources, it had some interesting insight from various industry experts and tied together the whole shadowy web of guanxi-tinged goings-on in the Middle Kingdom very well.

Particularly illuminating were claims that there are hundreds of state-backed “tech transfer centres” whose mission is to earmark IP they want, send scientists abroad to study in relevant industries and then reverse engineer products from stolen IP. It’s China investing in state-sanctioned theft because it’s quicker, easier and way cheaper than doing R&D the legal way. It’s happening on an industrial scale, to feed the country’s military aspirations and economic growth – many of the products are produced cheaply and sold back to the West at a fraction of the cost of the originals.

It’s thoroughly depressing but fascinating stuff and will make for frustrating reading if you’re a US tech CEO. If you haven’t been breached yet, you will be – or maybe you just haven’t found out about it yet.

China can do this, of course, because there’s a very fine line between government, academia, military, state-owned enterprise and even private business. All organisations must have a CCP committee which some believe sits even higher than the board. And all are expected to pull together for the betterment of Team China. But while the report calls out state-owned enterprises, there is in fact little in the way of evidence that private businesses have capitalised on stolen IP to accelerate R&D and produce cheap kit with which to flood Western markets.

Report author Josh Philipp told me that evidence was hard to find – even the US indictment of five PLA hackers last year referenced only SoEs. IP theft does happen, however, especially by contract manufacturers making products for US firms, although this is slightly different from the cyber espionage/tech transfer cycle mentioned in the report.

“Any private company involved would likely be running a small-scale counterfeit operation, which would be hard to pin down,” Philipp told me.

What is clear is that despite recent exhortations from the top to create an “innovation driven” country – an admission in itself that hitherto China’s economic growth and military might has been built on theft – the Chinese communist regime is unlikely to change things around anytime soon.

Western firms must get better at deflecting these attacks – and in so doing force up the size of investment needed by Beijing into cyber espionage activity, so that attack campaigns are just not worth the return in many cases. If they don’t, we can expect the same old breach headlines to continue ad infinitum.

 


Computex 2013: chips with everything

windows OEM devicesSo that was Computex Taipei 2013. Asia’s largest IT show and the world’s second biggest was dominated this year by the launch of Intel’s 4th generation Haswell processor family, and to be perfectly honest there wasn’t an awful lot of other news knocking around, but here’s my brief take on events.

Local heroes Asus and Acer kicked things off in usual hyperactive fashion with a bevy of tablets, notebooks, smartphones and other hybrid devices. The most notable was probably Asus’ 3-in-1 Transformer Book Trio, which combines a notebook, tablet and even desktop functionality in one.

Acer’s presser was more subdued and it remains to be seen whether it’s done enough to win back some of the market share it’s been hemorrhaging over the past few quarters. It actually also depends on whether users decide they want 2-in-1 notebook/tablets – as Intel believes they do –  or a regular notebook with a smaller companion 7 or 8 inch tablet (phablet) device like the Acer Iconia W3.

How this market shakes out will be interesting to watch and to be perfectly honest no-one knows how it’s going to play out, least of all the many analysts I spoke to. It’s all about price, performance, and user experience – nail those three and as a manufacturer you’re giving yourself the best chance of success. Intel was marketing the hell out of the 2-in-1 concept at the show on the back of its Haswells and Silvermont Atoms, but I’m not convinced this will work out as intended.

It makes sense on paper – a tablet for tablet stuff and a notebook for work, in one hybrid device – but if you’re a fanboi, for example, you’re not going to want to give up your iPad, so a convertible isn’t going to cut it.

Form factor chat aside, Microsoft held its first public demo of Windows 8.1  at the show – the OS Windows 8 should have been. There are a lot of cool features in there – better search, the ability to view several apps on one screen and resize them, and the long awaited return of the Start icon. However, the experts are pretty guarded about whether it will be enough to a) rejuvenate the PC market and b) help Redmond grab more market share in the mobile computing space – tabs, phabs and notebooks.

“Being able to lock it in desktop mode and having a ‘Start Point’ will remove the chief barriers that people have with Windows 8. But that doesn’t necessarily address the things that are holding back the PC market as it is,” Forrester analyst David Johnson told me.

“Right now, at the consumer and enterprise level, non-Windows tablet adoption is massive, and Windows 8.1, while improving the tablet experience, will still be competing with Apple iOS and Android. Secondly, most enterprises are completely distracted by just getting to Windows 7 before the April 2014 deadline. They’re at capacity with that transformation and few will have the resources to worry about Windows 8.1.”

Taiwan was quite honestly the star of Computex this year.

I mean, it always has been, but the lack of news made it even more obvious. This is a country whose technology producers account for 80 per cent of the global “branded” tablet market and over 90 per cent of Intel notebooks. They might all be physically made in China but they’re designed here. The IP, basically, is Taiwanese.

It raises an interesting point about whether the People’s Republic of China can ever hope to emulate its tiny neighbour the Republic of China. The Communist Party desperately wants it to start innovating, but you can’t just turn on that tap at will after decades of stealing and copying IP.

Rubber ducks perfectly illustrate just how far it has yet to go.

Hong Kongers have been fawning over a new installation from Dutchman Florentijn Hofman for weeks now. It’s a giant, six storey, yellow rubber duck floating in Victoria harbour.

Now reports have emerged that similar ducks have been spotted across China, from Wuhan to Xi’an. They say imitation is the sincerest form of flattery, but in the tech world, it’s going to get China absolutely no-where.


RIM’s big differentiator: staying out of China

RIM logoIn a startlingly refreshing display of honesty, RIM CEO Thorsten Heins has come out and said the firm is steering clear of China when it comes to manufacturing to reduce the risk of IP theft which could cripple its business.

It’s a bold statement, given that in my experience most tech firms – and even analysts – are very reluctant to discuss China in anything approaching critical terms, especially when cyber security is mentioned.

It’s certainly a valid point. I’ve reported in the past for The Register how many multinationals are suffering IP loss from their Chinese business units.

As RIM is teetering on the brink financially and seems only to be able to differentiate competitively from its rivals by virtue of the superior security capabilities of its handsets and infrastructure, any breach would be a huge blow.

That’s not to say it is necessarily safer anywhere else, but eliminating China from the supply chain could be a wise move.

Even the Chinese government has indirectly admitted its firms do not innovate enough themselves – the inference I’m drawing here is they nick a lot of IP instead.

Kenny Lee, a forensics expert with Verizon Business, sat down with me on Thursday to explain what hacking activity he’s seeing inside Hong Kong and Chinese firms.

Interestingly, while he did admit there was a fair amount of “low level” IP theft from firms in the region, mainly due to employees looking to set up their own businesses, there is a more insidious data leakage problem – technology transfers.

These agreements are usually foisted on foreign multinationals wanting to expand into China. The deal is that they have to partner up with a local Chinese firm by law to sell into the country’s huge market, and in doing so will usually need to share IP with them.

After a certain point, Lee explained, the Chinese partner usually has enough knowledge to pull out of the venture, having sucked all the IP it needs from its foreign partner.

There’s the rub for foreign firms such as BT, who can’t gain direct access to the market but equally reject the idea of handing over their hard-earned IP.

There’s no chance of things changing from the top anytime soon, so foreign firms will continue to have to weigh the risks and make that judgement.