Iowa Gov. Terry Branstad, after a friendly confirmation hearing last week, will head to China soon as President Trump’s envoy with an important to-do list on cyber issues.
Branstad earned bipartisan praise from members of the Senate Foreign Relations Committee on May 2 for his firsthand experience on key issues in the U.S.-China relationship.
Senators also were intensely interested in how the six-term Iowa governor would use a 30-year relationship with Chinese President Xi Jinping to address difficult issues between the countries, with many lawmakers emphasizing the need to finally put an end to cyber theft aimed at U.S. companies.
Branstad, as a first-term governor in the mid-1980s, met Xi when the latter visited Iowa as a member of a Chinese agriculture delegation.
In his opening statement, Foreign Relations Chairman Bob Corker, R-Tenn., said the U.S.-China relationship “has been trending in the wrong direction for many years,” citing “outright theft” of U.S. intellectual property by Chinese hackers among other issues.
“China is a serious offender” when it comes to stealing intellectual property, said Sen. Todd Young, R-Ind., a point echoed by other lawmakers. Sen. Cory Gardner, R-Colo., asserted that “10 percent of China’s annual [economic] growth is based on the theft of intellectual property.”
Branstad called protection of intellectual property a top priority and said “I will continue to make that clear” to the Chinese government.
He noted that he “saw firsthand,” as Iowa governor, Chinese efforts to steal patented technology and that he worked on cybersecurity issues as a leader of the National Governors Association.
Branstad said the intellectual property issue is “critical” to U.S. interests and added, “Hopefully, as the Chinese advance, they’ll see there’s a danger to them in others stealing their IP.”
Chinese officials have portrayed themselves as aligned with the U.S. in the fight against intellectual property theft, pointing to their own cyber vulnerabilities.
U.S. officials and industry have been highly skeptical of that assertion, although new mechanisms for assessing efforts to end the rampant hacking were put in place following a 2015 summit between Xi and former President Barack Obama.
How has that worked out?
“China appears to be living up to its commitments under the Obama-Xi agreement,” James Lewis of the Center for Strategic and International Studies said at a May 4 hearing of the congressionally chartered U.S.-China Security and Economic Review Commission.
That’s not the end of the story, of course.
Lewis explained: “The language of this agreement was carefully crafted by the U.S. to allow both sides to continue to engage in political-military espionage. It is not an agreement to end cyber espionage. … It advances Xi’s goal of centralizing control of intelligence collection and assets under his control. The outcome of the agreement is likely to be a more effective and focused Chinese intelligence system, an unexpected consequence, but so far Chinese commercial espionage against U.S. companies appears to have decreased.”
In an interview, Lewis said, “The two biggest problems are the effect of the new [Chinese] cybersecurity rules on American tech companies and the need to re-energize the cyber dialogue.
“I think they were baffled by the new administration, but now I think things are settling down. The biggest issue for the new ambassador is the treatment of American tech companies, since [new domestic Chinese cybersecurity rules] create real risk for market access and IP protection. He’ll need to figure out where to take the U.S.-China dialogue … it may be slow going for a while.”
The Chinese rules, which go into effect on June 1, require extensive and potentially highly intrusive security reviews whenever a foreign company purchases a network or service with national security implications, a category likely to be interpreted rather broadly by the Chinese government.
On the other hand, Congress last week advanced an omnibus appropriations bill that renews language requiring a specific security review of technology products and services purchased by the U.S. government from Chinese firms.
The Chinese have long bristled at this provision as an unfair impediment to trade that disparages their companies. Members of the U.S. tech sector, which has seen subtle and not-so-subtle retaliation against its business operations in China, has tried unsuccessfully for years to get the China-specific language removed in favor of a more general requirement to review the security of government information technology purchases.
Sources offered mixed views on the state of cyber affairs between the U.S. and China.
“Opinions seem to vary dramatically,” said one private-sector source close to the issue. “I have seen reports that suggest that there has been less activity, others that say such activity remains unchanged, others that suggest increased activity.”
The source concluded: “I suppose it all comes down to what one or another expert’s predisposition might be. At the end of the day, it may simply be too early to tell.”
Timing for a Senate vote on Branstad’s nomination has yet to be set, but for lawmakers and many in the U.S. business community, he can’t get on the flight to Beijing quickly enough.
Charlie Mitchell is editor of InsideCybersecurity.com, an exclusive service covering cybersecurity policy from Inside Washington Publishers, and author of “Hacked: The Inside Story of America’s Struggle to Secure Cyberspace,” which is published by Rowman and Littlefield.
