IT Industry Groups Protest Restrictions On Chinese IT Systems Due to Cyber-Risks

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

A provision in a U.S. fiscal year 2013 government spending bill that restricts government purchases of Chinese information technology due to concerns over possible “cyber-espionage or sabotage” risks runs counter to the need for increased global cooperation that is essential to improve cybersecurity, according to an April 4 letter from industry groups to congressional leaders.

At issue is Section 516 of the Consolidated and Further Continuing Appropriations Act, 2013 (Pub. L. No. 113-6), which requires that the FBI assess risks from purchases of IT “system[s] being produced, manufactured or assembled by one or more entities that are owned, directed or subsidized by the People's Republic of China” by the departments of Commerce and Justice, as well as the National Aeronautics and Space Administration and National Science Foundation (12 PVLR 550, 4/1/13).

According to the IT industry groups, product security fundamentally “is a function of how a product is made, used, and maintained, not by whom or where it is made.”

Groups Warn of Troubling Precedent

Groups signing the letter included BSA | The Software Alliance, Emergency Committee for American Trade, Information Technology Industry Council, Semiconductor Industry Association, Software & Information Industry Association, TechAmerica, Technology CEO Council, Telecommunications Industry Association, U.S. Chamber of Commerce, U.S. Council for International Business, and the U.S. Information Technology Office.

The IT assessment requirements in Section 516 “set a troubling and counterproductive precedent that could have significant international repercussions and put U.S.-based global IT companies at a competitive disadvantage in global markets,” they warned in a letter to House Speaker John Boehner (R-Ohio), Minority Leader Nancy Pelosi (D-Calif.), Senate Majority Leader Harry Reid (D-Nev.), and Minority Leader Mitch McConnell (R-Ky.).

The IT groups argued that geographic-based restrictions run counter to the need for increased global cooperation on cybersecurity. “In the near term, we strongly encourage a meaningful bilateral dialogue between the United States and China to address cybersecurity concerns in a manner consistent with best security and trade practices,” the groups said.

The groups also expressed concern that the restrictions will end up complicating efforts by civilian agencies to adopt Defense Department cybersecurity procurement reforms reducing technology life cycles to 12 to 36 months rather than five or more years.

The letter also warned that the restrictions could prompt the Chinese government to enact a similar policy for screening IT system purchases in China.

China Ministry of Commerce (MOFCOM) spokesman Shen Danyang March 29 expressed “strong dissatisfaction and resolute opposition” to the restrictions (see related report).


The industry groups' letter is available at http://www.techamerica.org/Docs/Multi-assn_letter_CR_language_section_516_%28FINAL_April_4_2013%29.pdf.