The American government appears to be paralyzed in dealing a decisive blow against this and other China data incursions. I spoke to two former government officials about why they think this might be the case, and what the U.S. government should be doing if they weren’t so bogged down in pandering to Chinese business interests, including those American corporations who trade with what should be considered the enemy.
According to one of the two former U.S. government officials, who prefers to remain anonymous due to concerns of retaliation, both Democratic and Republican congresspersons recently proposed laws to tighten controls on data so that they do not benefit the Chinese regime. Representative Michael McCaul (R-Texas), for example, proposed legislation that would “address data flows under IEEPA [the International Emergency Economic Powers Act].” However, Democratic leadership rejected the proposed amendment, arguing that the “change would give the executive too much power,” according to the source.
Some Democrats have also proposed legislation. Senator Ron Wyden (D-Ore.) “offered a comprehensive piece of legislation that would empower BIS [Bureau of Industry and Security] to impose data export controls on sensitive data,” according to the source, but the Democratic leadership in Congress, as well as some Republicans and the White House, rejected the legislation.
“China has a grand plan for data mercantilism ... at home and the Digital Silk Road abroad that is supported by the massive coercive extraterritorial [power] of the state,” the source said. Instead of the necessary legislation, the source noted that the present administration “kicked the can [down the road] to study further what kind of data regime [and] data controls we need to adopt.”
The source said that the Biden administration “is pushing for empty China legislation that will do nothing to address China’s data mercantilism (and the asymmetries it embodies) and massive vulnerabilities to data within our own system” and economy.
Concern over the failure of the U.S. government to act more decisively against China, including by a ban on sharing American citizen health data with the country, is shared by Nazak Nikakhtar, former Under Secretary of Industry and Security. She said, “The U.S. Government has made every American vulnerable by failing to take action to protect our national security. The laws exist, but policymakers have, for years, refused to use them. The question we should all be asking is ‘why?’”
I asked Ms. Nikakhtar to describe the legal means for addressing BGI access to American and allied genetic data. She wrote,
“The Government has ample legal authorities to restrict the exportation and exploitation of our genetic data by high-threat actors, and these authorities are actually quite effective. For example, the Committee on Foreign Investment in the United States (CFIUS), through the Foreign Investment Risk Review Modernization Act (FIRRMA), has authority to regulate, and even block, certain foreign direct investments in the United States that would give high-threat actors access to our genetic information. The Government also has the legal authority to prohibit exports of sensitive information to countries of concern through updates to our export control laws, for example to specific countries of concern designated as Country Groups D and E under Supplement No. 1 to Part 740 of the Export Administration Regulations (EAR).”
Nikakhtar explained that there are multiple additional legal means for addressing the threat against American health data security, especially given the growing international concerns over China’s behavior.
“We also have the ability to include high-risk actors on the Commerce Department’s Entity List in order to regulate exports to them. The criteria for designation to the Entity List are straight-forward under the EAR (15 C.F.R. § 744.11): ‘Entities for which there is reasonable cause to believe, based on specific and articulable facts, that the entity has been involved, is involved, or poses a significant risk of being or becoming involved in activities that are contrary to the national security or foreign policy interests of the United States and those acting on behalf of such entities.’”
Nikakhtar proceeded to note that “It’s unclear why this legal provision hasn’t been adequately used to regulate a range of U.S. exports to foreign scientific labs that conduct dangerous research on genetic material and viruses.”
She said, “The President also has authority under [IEEPA] to impose economic sanctions on specific entities or impose export prohibitions on the transfer of sensitive genetic data to foreign entities when significant national security risks are at stake, such as genetic manipulation and weaponization.”
As is increasingly clear, the U.S. government has been dangerously lax when it comes to protecting American citizens from the Chinese regime’s malign activities. “The ultimate point is that we have the laws to protect Americans,” said Nikakhtar. “What is alarming is our Government’s reluctance to use them.”