US examines security risks posed by China Telecom and China Mobile’s operations
The Biden administration is conducting a review of China Mobile, China Telecom, and China Unicom due to concerns that these companies could take the American data they access through US cloud and internet providers and provide it to Beijing.
According to three sources familiar with the matter, the Commerce Department is carrying out this previously unreported investigation.
The state-backed companies have been served subpoenas, and ‘risk-based analyses’ for China Mobile and China Telecom have been completed, while the probe into China Unicom is at an earlier stage. Even though these companies have faced restrictions in the past, a few still operate cloud services and handle the routing of wholesale US internet traffic, serving marginally within US boundaries. This continued presence allows them access to Americans’ data, even after telecom regulators barred them from providing telephone and retail internet services in the country.
The Chinese companies and their US-based lawyers did not respond to requests for comment. Reuters reported that no comment was provided by the Justice Department, and questions were redirected by the White House to the Commerce Department, which also refrained from commenting. Meanwhile, the Chinese Embassy in Washington urged the US to ‘stop suppressing Chinese companies under false pretexts’ and declared that China will persist in defending the rights and interests of its companies.
Importantly, no hard evidence shows that these companies have passed on prodigious amounts of sensitive US data to the Chinese government or engaged in any other misdeeds that justify their inclusion.
This investigation is part of a broader push by Washington to prevent Beijing from using the access Chinese firms have to US data in ways that could harm companies, individuals, or US national security. It demonstrates the administration’s efforts to block every remaining path by which Chinese corporations targeted in Washington could access US data.
Potential regulatory actions
Regulators have yet to determine any potential course of action. However, they might also be able to forestall transactions that give these companies a place in data centres and allow them to transfer to internet providers that require high-priced spectrum. The impact of such an action on the ability of Chinese firms to offer competitive cloud and internet services in America would be substantial, potentially gutting what is left of their US operations for global customers.
Doug Madory, an internet routing expert at Kentik, commented: “They are our chief global adversary and they are very sophisticated. I think (US regulators) would not feel like they were doing their job if they weren’t trying to shore up every risk.”
The Chinese telecom companies have a vast presence within US internet infrastructure systems. For example, China Telecom operates eight Points of Presence (PoPs) in the US at major public internet exchange points, enabling networks on a large scale to leverage connectivity and share their routing details. According to the FCC, PoPs pose “serious national security and law enforcement risks” when operated by companies that are considered a national security risk.
Commerce investigators are also probing the companies’ US cloud offerings, fearing that they could access personal information and intellectual property stored in their clouds, provide it to the Chinese government, or disrupt Americans’ access to it.
Regulators are particularly concerned about a data centre partly owned by China Mobile in California’s Silicon Valley. According to Bert Hubert, a Dutch cloud computing expert, owning a data centre could provide greater opportunities to mishandle client data.
Political support and future outlook
Republican lawmakers have expressed strong support for the investigation and urged the administration to take decisive action to protect US data from potential exploitation by Chinese companies.
This investigation underscores the ongoing tensions between the US and China in the technology sector, particularly regarding data security and national interests. It represents another chapter in the deepening tech war between these geopolitical rivals.