China’s intention to control the internet sphere were announced. It appears that China is ready to seize its opportunity to take over the internet.
In November, 2014, Li Yuxiao, research fellow at the Chinese Academy of Cyberspace, warned “Now is the time for China to realize its responsibilities. If the United States is willing to give up its running of the internet sphere, the question comes as to who will take the baton and how it would be run?”
“We have to first set our goal in cyberspace, and then think about the strategy to take, before moving on to refining our laws,” he continued.
Well, that time is now here.
Li’s comments were in response to news, also in 2014, that the United States would relinquish its remaining federal government control of the internet by ending its contract between the Commerce Department and the Internet Corporation for Assigned Names and Numbers (ICANN), which is scheduled for Oct. 1.
As the United States plans to relinquish control of ICANN—and with this, fully end U.S. oversight of the internet—the Chinese regime has moved to fill the void.
Over the last two years, it has drafted an authoritarian set of laws that governs every facet of the internet, and it has formed or gained control over domestic and international bodies to press these new laws for the internet through the United Nations, through domestic enforcement including on foreign companies inside China, and through organizations formed to interface directly with major technology companies abroad.
ICANN is the body that governs domain name registration and ensures users are not redirected to a site they don’t intend to visit.
The United Nations branch responsible for telecommunications issues, the International Telecommunications Union (ITU), has members pushing to assume control of the internet—and China has been working hard to control the ITU.
Laying the Groundwork
In the two years since Li gave his speech at the World Internet Conference, which had the slogan “An Interconnected World Shared and Governed by All,” the Chinese regime has gained ground in the goal to govern the global internet that Li laid out. The three-day conference in Wuzhen brought together more than 1,000 internet companies from over 100 countries and regions.
Li is now the secretary-general of the Cyber Security Association of China, which is chaired by Fang Binxing, the creator of China’s “Great Firewall,” which censors and monitors its internet. While the association uses enforcement of “cybersecurity” as a front, it is tasked specifically with enforcing the Chinese regime’s version of law on the internet.
The Chinese regime has also begun bringing major U.S. tech firms—including Microsoft Corp., Intel Corp., Cisco Systems Inc., and IBM—into its Technological Committee 260, tasked, according to the Wall Street Journal, with helping Chinese authorities draft rules for issues including encryption, big data, and cybersecurity, and with determining which technologies should be “secure and controllable” under the Chinese regime.
The Chinese regime created a requirement that all key network infrastructure and information systems need to be “secure and controllable” as one piece of the sweeping National Security Law that covered everything from culture to politics, military space, the economy, the environment, and technology.
Soon after it was passed on July 1, 2015, The Information Technology and Innovation Foundation explained the requirement as “part of a strategic effort” intended to “ultimately supplant foreign technology companies both in China and in markets around the world.”
While the Chinese regime has started using “cybersecurity” to mask its goals, officials of the Chinese Communist Party (CCP) and its state-run news outlets were very candid about their intentions at the 2014 World Internet Conference.
The state-run China Daily reported at the time that, “experts said China is using the platform to sell its own strategy and rules to the world, a mission that the world’s largest cyber power with the most internet users has deemed significant and urgent.”
CCP Premier Li Keqiang said, in comments summarized by China Daily, that “China is considering setting up its own rules in cyberspace,” and that the CCP wants to create a “common code of rules” for the internet.
China Daily then quoted Shen Yi, an associate professor specializing in cybersecurity at Fudan University, who stated more directly that “China has the capability now to set up international rules for cyberspace and use our strategy and our rules to influence the world.”
A Contentious Move
Many U.S. government officials, organizations, and experts have sounded an alarm about the upcoming plans for the United States to relinquish control of ICANN, over concerns that a foreign authoritarian power may attempt to do precisely what the Chinese regime has already set into motion.
Sen. Ted Cruz (R-Texas) and Rep. Sean Duffy (R-Wis.) introduced a bill, the Protecting Internet Freedom Act, on June 8, which seeks to prevent the U.S. handover of ICANN, and to ensure the United States retains sole ownership of .com and .mil domain names.
A post about the bill on Ted Cruz’s website states, “If that proposal goes through, countries like Russia, China, and Iran could be able to censor speech on the internet, including here in the United States, by blocking access to sites they don’t like.”
According to Chris Mattmann, who helped create some of the core technologies of the internet, these concerns could hold true, since part of ICANN’s role is to manage and coordinate the Domain Name System (DNS). If ICANN is no longer under U.S. oversight, he said, the process of determining which websites are shown to you when you enter a URL “will no longer be driven the U.S. Department of Commerce,” and this could be manipulated by foreign powers for anything from censorship to cyberattacks.
Mattmann helped develop how email systems work under a proposal from the Internet Assigned Numbers Authority, which is a department of ICANN. He also helped develop several Apache systems that are at the heart of the internet; currently he works with the NASA Jet Propulsion Laboratory.
“I think it needs to be heavily vetted,” he said, referring to ICANN, noting, “Even when the internet is itself distributed and decentralized, which it is, it starts to break down when there isn’t some element of centralized authority.”
These sentiments were shared by Philip Zimmermann, creator of the PGP encryption standard and chief scientist and co-founder of Silent Circle, a company specializing in secure communications.
Zimmerman said the United States needs to maintain control over the internet, lest “we give into control by an international body that can be easily influenced by member states that are oppressive societies.”
“The internet is supposed to make the weak have a voice, you know. If China controls their own domains within their country, it’s going to be easy to suppress opposition,” he said.
According to Barney Warf, a geography professor at the University of Kansas who has published research on global internet freedom and governance, China has a “a brutal, fascist, oppressive regime that has gone out of its way to suppress human rights.” He said even the possibility that the CCP could enforce its laws over the global internet is a frightening thought.
Warf said one of the advantages of the internet was that while the United States governed it informally, it did not place any firm control over the it, and this factor allowed innovation to flourish. He said the lack of strict governance gave people room to “experiment and make mistakes,” and added “I think the internet has thrived because there is no central power to it.”
Laws For the Internet
In January 2014, the ITU, the U.N. body seeking to take over ICANN, elected China’s Houlin Zhao as secretary-general.
Zhao had stated previously that censorship is subjective, and according to The New American in October 2014, when Zhao was asked about “the dictatorship’s massive censorship regime targeting dissent, dissidents, and ideas it disagrees with,” he replied evasively. “Some kind of censorship may not be strange to other countries,” he said.
The ITU gained international attention in 2012, when it was holding a closed-door world conference to rewrite rules that govern the global internet. The meeting drew heavy criticism from tech-focused groups and websites. Cnet.com reported on a leaked document, where the U.N. organization proposed a global internet tax on content providers including Google, Facebook, Apple, and Netflix.
The Center for Democracy and Technology exposed a proposal the ITU passed, which it said “could give governments and companies the ability to sift through all of an internet user’s traffic—including emails, banking transactions, and voice calls—without adequate privacy safeguards.”
Alongside the CCP’s rising influence in the ITU, the CCP started forming its own laws and governing bodies that could push for regulations both in China and abroad.
In July 2015, the CCP passed the National Security Law mentioned earlier, with its requirement that certain technologies should be “secure and controllable.” Technology news website TechDirt noted at the time that the CCP did not specify the exact requirements this would place on foreign companies, yet speculated it could tie to the CCP’s previous and contentious attempt to require foreign companies to install backdoors in their technology products.
In December 2015, the CCP passed the Counterterrorism Law, which allows Chinese authorities to decrypt information to prevent “terrorism,” and to monitor systems with the excuse of preventing the spread of information that can be used for the CCP’s definitions of terrorism or “extremism.”
Xia Yiyang, senior director of research and planning at the Human Rights Law Foundation, said the phrases “terrorism” and “extremism” are political labels the CCP uses on Chinese dissidents in order to justify its human rights abuses—in this case, mainly against Muslim Uyghurs in Xinjiang, also known as East Turkestan.
“It’s easy to label some group,” he said. “Like Tibetans, they label them as ‘separatists,’ and now it becomes a fixed label. If anyone in China thinks terrorist attacks, domestic terrorist attacks, everyone thinks of Uyghurs. If they talk about separatists, they think about Tibetans. These are fixed labels.”
In July 2015, the CCP also introduced its Cybersecurity Law. Reuters reported that the law requires network operators to “accept the supervision of the government and public,” and that it reiterates requirements that all personal data on Chinese citizens and “important business data” needs to be stored domestically—an element that further exposes the data to government surveillance.
Reuters noted the law was controversial in the United States and Europe, since it affects foreign firms. It also noted it increased the CCP’s power to “access and block dissemination of private information records that Chinese law deems illegal,” and that this has caused concern among governments, multinational companies, and rights activists, since the CCP may be able to “interpret the law as it sees fit.”
There is a long list of similar laws and regulations. In February 2016, the CCP issued rules for online publishing. In March 2016, it drafted rules for domain name registration. It has issued state procurement lists that restrict foreign suppliers and has pending laws on encryption regulations.
Cyber Security Association of China
On March 25, 2016, the CCP formed the Cyber Security Association of China, which claims to be a national nonprofit organization (NPO), but according to a report from the Center for Strategic & International Studies (CSIS), the association answers directly to the Leading Small Group for Network Security and Information, which is chaired by CCP leader Xi Jinping and is “responsible for shaping and implementing information security and internet policies and laws.”
The report states the CCP “is moving at breakneck speed to develop the institutions, as well as legal and regulatory mechanisms, necessary to strengthen cyber governance.” It says the organization will focus on issues including security of information systems, technology support, “public opinion supervision to help in information control and propaganda,” and “protecting core Chinese interests under globalization, and promoting globally competitive Chinese IT companies.”
According to Xia at the Human Rights Law Foundation, there is more to the statement “protecting core Chinese interests under globalization” than meets the eye.
“In the CCP’s language, it’s a way to keep the CCP in power by any means,” he said, adding that “They have a very clear definition of ‘core interests.’”
“No matter the policy, it is to keep the CCP in power. That’s the only reason for all policy [under the CCP],” Xia said. He notes that the CCP’s policies outside China also serve the primary role “to enhance the CCP’s argument that it legally rules China.”
The CSIS report adds that the China’s new Cyber Security organization gives the CCP, for the first time, “an institution that can engage in international cyber diplomacy at more senior levels,” and that it will “lead in engaging with the international industry, academic, and research associations that constitute the global cyber-governance ecosystem.”
Li Yuxiao, secretary-general of the Association, has been surprisingly candid about these goals.
In a Dec. 18, 2015, interview on the World Internet Conference website, Li stated his belief that since China has the world’s most netizens, it should have the right to “make the international rules of cyberspace governance,” and added, “The establishment of rules is just a start.”