The Treasury Department has issued the rules for carrying out sanctions related to commercial espionage, which were imposed by President Obama last year in an executive order aimed at curbing Chinese hacking.
The regulations, published in the Federal Register on Dec. 31 but not widely reported, seek to define and clarify the scope of Executive Order 13694, promulgated by the president in April. The order, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” was the result of Chinese cyberattacks aimed at stealing trade secrets from American companies.
According to the text of the abbreviated guidelines, Treasury will have the power to take measures against entities engaged in “significant malicious cyber-enabled activities” that include trade sanctions, freezing of assets, and visa bans against individual perpetrators.
Emphasizing that the newly-released text did not constitute new regulatory authority, a source within Treasury said, “These new regulations contain only those provisions deemed essential to administer the Executive Order and are being published in abbreviated form at this time for the purpose of providing initial guidance to the public,” and “do not expand the sanctions authorized under EO 13694.”
Treasury will issue an expanded form of the regulations in the future, which are part of an exchange between China and the U.S. on the issue of commercial espionage.
In September, the U.S. threatened to impose sanctions on several Chinese companies for alleged theft of trade secrets, but backed down after a Sept. 25 meeting between Obama and Chinese President Xi Jinping that resulted in a bilateral agreement to refrain from such theft.
Announcing the agreement with Xi, Obama promised the U.S. would use “whatever other tools we have in our toolkit to go after cybercriminals, either retrospectively or prospectively.” It was an indication that sanctions, which would be shaped by his April order, could remain on the table for some Chinese companies, most of which are state-owned.
Following the agreement, China arrested several individuals at the behest of the U.S. However, cybersecurity firms like FireEye and CrowdStrike have reported that Chinese activity in American servers has continued unabated. Experts have said it will take a bit more time to determine whether the Chinese government is involved.
Related Story: http://www.washingtonexaminer.com/article/2573789
“My reaction when Xi and Obama agreed on this in September … was that it would take about six months to decide whether the Chinese have stopped doing this or not,” William Reinsch, chairman of the U.S.-China Economic and Security Review Commission, told the Washington Examiner, though he noted, “It’s not a rule.”
