| Hi folks, it's Shelly. Political tension between the U.S. and China is rising, and the tech industry is caught in the middle. But recent moves to ratchet up trade restrictions against Chinese technology companies may not actually be the best way to protect Americans' interests, or their data. Late last week, the U.S. added dozens of Chinese companies and universities to a trade blacklist citing national security concerns. And on Tuesday, a stock market rally was hindered by the administration's threats of further action against the country. The moves are part of a broader rekindling of tensions: In the last two weeks alone, the two superpowers have collided over China's handling of the global pandemic, the status of Hong Kong and Taiwan, and further restrictions on Huawei Technologies Co., aimed at cutting off the Chinese tech behemoth from essential supplies. Later today, Huawei's chief financial officer, fighting extradition to the U.S. on fraud charges, will get her first chance at release in a trial that's triggered a nearly two-year diplomatic fight among the U.S., China and Canada. But while all that political posturing is having a big impact on the tech industry, it probably isn't a particularly effective way to safeguard America's digital assets. Samm Sacks, a cybersecurity policy fellow at the think tank New America, says that a more effective solution would be to limit data collection in the U.S. for every tech giant—not just Chinese ones. "We need to get our own house in order when it comes to data governance and federal privacy, putting more limits on collection and retention of data by all companies, whether in China or the U.S.," Sacks said during a Friday presentation to New York University's U.S.-Asia Law Institute. That way, if a company like Huawei or a service like the TikTok video app was sending U.S. information to Beijing, it would have less of it to send. And there could be benefits for U.S. companies, too. Sacks brings up the example of Equifax, the credit reporting giant that the U.S. Department of Justice said was hacked by four members of China's People's Liberation Army, who allegedly accessed sensitive personal information of more than 140 million U.S. citizens. If Equifax didn't have the access to that volume of data in the first place, it would never have ended up in Beijing, Sacks said. She says the same argument can be made for TikTok and Huawei, as well as Alphabet Inc.'s Google, Facebook Inc. or any other tech company operating in the U.S. The argument is a cogent one: If the U.S. spent fewer resources playing whack-a-mole with Chinese companies deemed threats to national security, coming out with scores of loopholes and exemptions along the way, policy makers could instead focus their efforts on passing real cybersecurity standards and legislation to govern all companies in a uniform way. That would have the added benefit of helping Americans feel safer about where their personal data is going, no matter what company they're working with. A comprehensive strategy on data and security would avoid further inflaming our current politics-fueled techno-nationalist tendencies—it also just might work. —Shelly Banjo | 
Post a Comment