March 30, 2019

Where is the room for thinking for India by India?

Our Congress government work under the assumption that the majority is always wrong and is always burdened by this guilt while dealing with Pakistan. (The majority of lower caste Muslims are the real victims.) The BJP government implicitly believes the contrary.

Our Think Tanks are pretty banal (recall nonalignment 2.0 of CPR) or overseas branches of USA based think-tanks, whose primary goal is to promote USA intetests and protect/obtain green cards. Who mans these offshore think-tanks? Kids of India's foreign, defence, and intelligence officials (but no doubt all of them have obtained appointments based on their merit).

Indian language education and media has collapsed and the Indian language folks do not have global exposure.

Where is the room for thinking for India by India?

In every crisis we first lose the game in our minds (and of course there are Osamaji's friends in our political parties) and our adversaries and "friends" alike know this.

March 29, 2019

Iran-Russia rivalry for Syrian economic sway may grow

Source: Oxford ANALYTICA
Oxan.com


Thursday, March 28, 2019

Iran has been cultivating commercial networks in Syria and harbours plans for regional trade integration

Iran is currently in advanced negotiations to take control of the Latakia container port on Syria’s Mediterranean coast, with news reports on March 22 indicating that it may have already been awarded the contract. Iran has been looking to build up its business ties on the ground in Syria, and views access to trade infrastructure as a key component in its plans for an integrated trade and transport network spanning Iran, Iraq and Syria. Yet Russia also has its eye on the economic rewards from Syrian reconstruction and has been exerting influence over Damascus to favour its own contractors.

What next

As Syria moves from civil war to the post-conflict phase, competition between Russia and Iran for economic access is likely to intensify. Yet both states have an interest in building a strong and economically viable partner in Damascus and will avoid open confrontation, instead looking to carve out greater areas of influence for themselves.

Subsidiary Impacts

Israel may launch airstrikes on Latakia port if it believes the facility is being used to ship weaponry as well as commercial goods.Russia may feel threatened by the prospect of Iranian control of Latakia port and push Damascus to end the deal.A planned rail link from Iran to the Mediterranean is unlikely to become operational in the near future.Without assistance from wealthier nations, Syria’s economic recovery will be slow.

Analysis

Both Iran and Russia view Syria's post-war reconstruction opportunistically and compete for leverage over President Bashar al-Assad, who metes out concessions on a case-by-case basis to maintain his authority and maximise revenue.

However, the two countries' approaches differ. Iran is developing economic networks with local Syrian business allies; Russia is focusing on strengthening Syria's state institutions.

Western countries are not players, saying they will not aid reconstruction without a political solution to the conflict (see SYRIA/US: Added sanctions may prove self-defeating - March 12, 2019).

Iranian business ties

Tehran is recouping its investment in the Syrian civil war (believed to have cost 45 billion dollars) through state and private contracts, rather than viewing its involvement as a necessary cost to support an ally. Indeed, the country's intervention in Syria has not always been well received at home, where there are grumblings over the costs.

Iran has signed agreements for large-scale projects in Syria, primarily in the energy sector, including resuscitating the country's gas fields, building a 450-million-dollar power plant in Tartus and a 1-billion-dollar oil refinery near Homs.

Iranian trade with Syria is also growing rapidly, and the country is now Damascus's largest trading partner, overtaking Russia, with total trade for the last year valued at 5 billion dollars.

Exports have doubled over the past two years, aided by credits from Tehran to purchase Iranian goods.

$7.5bn

Total Iranian trade credits to Syria

The value of those credits has now surpassed 7.5 billion dollars, with the most recent top-up announced in February during Assad's surprise visit to Tehran. The credits are intended primarily to cover Syria's oil consumption of 2 million barrels per month. Funds are also being funnelled into smaller projects managed exclusively by Iranian companies based in Syria.

Significant effort is going into building relations with local Syrian partners in business, transportation, agriculture, manufacturing and the construction industry.

This is coupled with attempts to ramp up the presence of Iranian companies on the ground, such as the carmaker Saipa. The firm currently manufactures 1,000 cars per year in Syria but aims to double this number by year-end. To promote this business, Tehran is heavily subsidising its foreign operation. It is also investing in land, particularly around Damascus city centre.

This programme faces setbacks from Syrian state corruption, and as Tehran and Damascus are both under US sanctions, transfers of funds for parts and investment are difficult. In January, the governor of the Central Bank of Iran announced that the two countries were working to facilitate cross-border transactions in local currencies, although the precise mechanism for this is unclear.

Regional aims

Promoting Syria's recovery falls in the broader context of Tehran's aim to boost regional economic growth and integration. Indeed, during Iranian President Hassan Rouhani's visit to Baghdad earlier this month, the head of Iran's Chamber of Commerce, Gholamhossein Shafei, proposed a free-trade treaty between Syria, Iraq and Iran.

The Iranian government has even indicated that Rouhani may soon visit Damascus to incorporate the economic plan more formally into Tehran's foreign policy.

Transport links

It is in this context that Iran is pushing to take control of Latakia port. The facility is currently operated by a joint venture between Souria Holding, a Syrian investment company, and the French shipping company CMA CGM.

Their lease expires in October. Iran has been in discussions over the port since at least last November, although those negotiations have been stepped up over the last month. The port facility is one of the main points of entry and departure for Syria's imports and exports, boasting 23 warehouses and a cargo handling capacity of 3 million tonnes per year.

Iranian companies -- some linked to the Islamic Revolution Guard Corps (IRGC) -- are already shipping car parts and other goods through Latakia to avoid Israel bombing their cargo at Damascus airport.

Tehran plans a regional trade network linking Iran to the Mediterranean

Obtaining the licence to operate the port would not only facilitate Iranian trade with Syria, but would also be the culmination of a longer-term vision to create a transport link between Iran and the Mediterranean.

That vision would make use of existing railway lines in Iraq and Syria. An additional line is planned between the Shalamcheh border crossing and Basrah, joining the Iranian and Iraqi networks.

Tenders are currently out to build that stretch of track, just 30 kilometres long and estimated to cost just 52,000 dollars. Although most of the new track would be in Iraqi territory, Iran has committed to funding the project.

At the same time, Iranian engineers are active on the ground in Syria restoring lines that have been damaged by years of war.

Some areas of the proposed railway link between the three countries are still outside Damascus's control.

Parts of the railway are currently held by US-backed forces. Washington is unlikely to permit its use to facilitate Iranian exports, although the long-term US commitment to remaining in Syria is questionable at best (see SYRIA: Actors' next steps hinge on US withdrawal plans - February 18, 2019).

Russia's approach

In contrast to the Iranian agenda of profiting from reconstruction through more of a bottom-up approach, in which it negotiates for individual deals and contracts with local partners, Russia favours a top-down method.

Moscow aims to rebuild Syrian state institutions, over which it exerts considerable influence, that will then lead an economic recovery. In this regard, Russia demands oversight and negotiating rights over contracts formally agreed by Damascus.

Russia uses this position to muscle out competitors, notably Iran. In fact, Moscow has been known to do this even when deals have already been agreed, as was the case with the Sharqiya phosphate mines near Palmyra.

Rights to the complex were granted to Iranian operators, yet in mid-2017 -- within six months of the signing of that contract -- Russian-backed armed groups moved into the area. Damascus then awarded Stroytransgaz, a Russian private company, an exclusive 50-year contract to extract and sell phosphate from Sharqiya, with 30% of the revenues going to the Syrian state.

Moscow is likely to accept that there is space for both Russian and Iranian companies as part of Syria's reconstruction, but will look to ensure that its own firms and interests get the upper hand.

GCSC Cyberstability Update, 29 March 2019

GCSC Cyberstability Update, 29 March 2019

Your weekly news updates on the GCSC, its members, and relevant developments in the field of international cyber affairs. For more information about the GCSC, please visit www.cyberstability.org.

Global Commission Meets Alongside ICANN64 Forum in Japan
 

The Global Commission on the Stability of Cyberspace (GCSC) conducted its second meeting of 2019 alongside the ICANN64 Community Forum, on March 9-10 in Kobe, Japan. Hosted by the Japanese Ministry of Internal Affairs and Communications and in partnership with ICANN, the meeting offered GCSC members the opportunity to engage with the ICANN community, which lies at the foundation of Internet governance and multistakeholder cooperation. The Commission also met in closed sessions on March 9 and 10, with a focus on developing a definition of “cyber stability” and underlying principles in support of international efforts to advance peace and security in cyberspace. The Commission also continued its work to identify policy recommendations and a governance framework in which to embed norms and anchor stability in cyberspace. During its time in Japan, the Commission participated in several sessions of the ICANN64 program, including holding a public consultation with the ICANN At-Large Advisory Committee. Commissioners also had the opportunity to engage with several ICANN constituencies at the forum, providing briefings to the Generic Names Supporting Organization (GNSO), the Non-Commercial Users Stakeholder’s Group, the Noncommercial Users Constituency, and the Internet Service Providers and Connectivity Providers Constituency. In addition, Commissioners met with members of the ICANN Board and the Security and Stability Advisory Committee (SSAC).
 

Read More

INTERNATIONAL CYBER AFFAIRS:

Cyberspace and International Law: The Penumbral Mist of Uncertainty

This article by Michael N. Schmitt was published in Harvard Law Review, 29 March 2019
 
It has become de rigueur to characterize cyberspace as a new dimension of warfare, one devoid of international law and subject to catastrophic abuse. In fact, malevolent states, cyberterrorists, or malicious hackers will likely exploit cyberspace to strike at global critical infrastructure and other essential cyberassets. The ensuing consequences of such operations could range from the disruption of government functions and economic loss to massive physical destruction and widespread death. The prominent place cyberspace occupied in the Director of National Intelligence’s 2013 worldwide threat assessment was therefore neither hype nor hyperbole. History may help place the concerns regarding cyberoperations in perspective.
 

Read More

Are Tech Companies Becoming the Primary Legislators in International Cyberspace?
 

This article by Ido Kilovaty was published in Lawfare, 28 March 2019
 
The global regulation of cybersecurity is one of the most contentious topics on the international legal plane. States, the actors primarily responsible for arranging most other international regulatory regimes, have so far been incapable of reaching a consensus on how to govern international cyberspace. For example, in 2017, the United Nations Group of Governmental Experts, arguably the most promising effort to create international norms for cyberspace, collapsed. In this vacuum, private tech companies are seizing the opportunity to create norms and rules for cyber operations, essentially creating a privatized version of cybersecurity law. As Julie Cohen argued recently, the “dominant platforms’ role in the international legal order increasingly resembles that of sovereign states.” This increasing involvement of tech platforms is challenging to the structure, values and future of the international legal system. But tech companies, unlike governments, need not respect values such as accountability, transparency or fairness. This post details the norms that tech companies have articulated or emphasized and highlights the gaps that remain.

 

Read More

Asus Just Patched the ShadowHammer Malware That Was Masquerading As A Security Update

This article by Sean Hollister was published in The Verge, 26 March 2019
 
That “critical” software update for your Asus computer may have actually been malware, planted by hackers in a targeted attack now known as “ShadowHammer,” we learned yesterday. Now, Asus says it has a fix in the form of an actual security update — one that you can download using its Live Update software tool. In addition, the company says it has a second “security diagnostic” tool you can use to scan to see if your computer has been affected. “[W]e encourage users who are still concerned to run it as a precaution,” reads part of the company’s press release, which includes a link to the software.
 

Read More

Cyber Implications of Brexit
 

This article by Sam Curry was published in Forbes, 27 March 2019
 
However you slice it, countries like the U.K., France and Germany top lists of cyber-capable countries. With Brexit front and center in the news, the opportunity for a new MDL or Green Line to be drawn through the channel changes the politics and diplomacy of Europe. As I mentioned in Hack-Back, Carl von Clausewitz called war ‘extension of politics by other means,’ and cyber is therefore another tool in the world of international relations and politics. This makes Europe a new potential hotbed for extensions of politics by other means and for cross-channel intrigue. It is to be hoped that no matter how hard or rough Brexit winds up, that pluralist democracies and military allies won’t suddenly get nastier online with one another. Let’s not pretend that there hasn’t been some cross-channel hacking already. In 2015, I attended a presentation by a group of European telcos that cited GCHQ as their main concern with hacks on the continent. This is par for the course among nations to some degree, but it could escalate enormously in the weeks and months to come. It’s also probably fair to say that the harder Brexit is, the more cyber activity we could potentially see.

 

Read More

Insurers Creating a Consumer Ratings Service for Cybersecurity Industry
 

This article by Leslie Scism was published in The Wall Street Journal, 26 March 2019
 
Some of the world’s biggest insurers plan to work together on an assessment of the best cybersecurity available to businesses, an unusual collaboration that highlights the rising dangers posed by digital hackers. The program, which was launched Tuesday by the Marsh brokerage unit of Marsh & McLennan Co, will evaluate cybersecurity software and technology sold to businesses. Marsh will collate scores from participating insurers, which will individually size up the offerings, and identify the products and services considered effective in reducing cyber risk. The results will be available to the public on Marsh’s U.S. website. Many insurers see the burgeoning cyber-risk market as a rare growth opportunity when many other insurance lines are growing sluggishly. Dozens of insurers sell cyber-risk policies, with annual premiums now tallying about $4 billion world-wide, Marsh said. Global spending on information-security products and services will likely top $120 billion this year, according to research and advisory firm Gartner Inc.

 

Read More

Russian Military Deployment in Venezuela Includes Cybersecurity Personnel, Says U.S. Official
 

This article was published in The Japan Times, 27 March 2019
 
The Russian military contingent that arrived in Venezuela over the weekend, drawing U.S. condemnation, is believed to be made up of special forces, including “cybersecurity personnel,” a U.S. official told Reuters on Tuesday. The official, speaking on condition of anonymity, said the United States was still assessing the Russian deployment, which Washington has called a “reckless escalation” of the situation in Venezuela. The U.S. assessment that the Russian contingent includes cybersecurity specialists and those from “related fields” suggests that part of their mission could be helping Maduro’s loyalists with surveillance as well as protection of the government’s cyberinfrastructure. Russia’s foreign ministry said on Tuesday that the presence of “Russian specialists” in Venezuela is governed by a military-technical cooperation agreement between the two countries. But it did not provide further details. On Tuesday afternoon the Lima Group of Latin American countries said in a statement it was concerned about the arrival of military airplanes in Venezuela.
 

Read More

Russia Wants to Cut Itself Off from the Global Internet. Here’s What That Really Means

This article by Charlotte Jee was published in MIT Technology Review, 21 March 2019
 
Russia is planning to attempt something no other country has tried before. It’s going to test whether it can disconnect from the rest of the world electronically while keeping the internet running for its citizens. This means it will have to reroute all its data internally, rather than relying on servers abroad. If Russia can successfully set up its own DNS infrastructure across the country and compel its ISPs to use it, then Russian users are likely not to notice, unless they try to access a website that’s censored. The purpose, the Kremlin says, is to make Russia’s internet independent and easier to defend against attacks from abroad. Many observers see the move as part of Russia’s long tradition of trying to control the flow of information between citizens. Pulling an iron curtain down over the internet is a simple idea, but don’t be fooled: it’s a fiendishly difficult technical challenge to get right. It is also going to be very expensive. Not only that, but it has already proved deeply unpopular with the general public. Though it’s still not clear when if ever the law will become a reality, the Russian government isn’t known for being flexible or responsive to public pressure. It’s far more likely to be delayed than dead.
 

Read More

Russia’s cyber blindspot: Vulnerabilities and measures
 

This article by Nicholas Morgan was published in Global Risk Insights, 26 March 2019

Russian officials have announced plans to disconnect the nation from the wider internet to protect against cyber-attacks. Frequently depicted as a cyber aggressor, Russia suffers from numerous significant weaknesses in its own approach with cyber-attacks. This article covers Russia’s past vulnerabilities to major cyber attacks and how these measures would be deficient in currently preventing one. In February, Russian officials declared that the country would conduct a test to “unplug” itself from the global internet by April 1st. By this, Russia will not completely cut its citizens’ access to the web. Instead, it would route all data between Russian firms and citizens away from international servers towards only domestic ones. Under the draft law, known as the Digital Economy National Program, Internet Service Providers (ISPs) must be capable of servicing domestic users during a shutdown. The process is an internal safeguard. Officials may implement this in the event of any foreign attempts to take the country offline through a cyber-attack. On the surface, the draft law is another step in the Kremlin’s attempts to exert greater control. The focus is over internet traffic within Russian territory. This follows other efforts to censor internet content and force companies to erect data centres for Russian users. However, this exercise may also mask another reality for Russian officials: their ill-preparedness for a major cyber-attack.

 

Read More

How to Govern a Digitally Networked World

This article by Fadi Chehadé and Anne-Marie Slaughter was published in Project Syndicate, 25 March 2019
 
Governments built the current systems and institutions of international cooperation to address nineteenth- and twentieth-century problems. But in today’s complex and fast-paced digital world, these structures cannot operate at “Internet speed.” Recognizing this, United Nations Secretary-General António Guterreslast year assembled a high-level panel – co-chaired by Melinda Gates and Alibaba co-founder Jack Ma – to propose ways to strengthen digital governance and cooperation. (Fadi Chehadé, a co-author of this article, is also a member.) It is hoped that the panel’s final report, expected in June, will represent a significant step forward in managing the potential and risks of digital technologies.
 

Read More

The 7 Biggest Cybersecurity Threats In An IoT World
 

This article by Jason Compton was published in Forbes, 26 March 2019
 
Widely cited estimates put current IoT data output at 2.5 quintillion bytes daily, which will grow as the IoT encompasses up to 30 billion devices within the next two years. “With so many devices coming out and the IoT being so new to everybody, it’s difficult for most organizations, especially smaller ones,” says Troy La Huis, digital risk leader at the accounting, consulting and technology firm Crowe. As the scale grows, so do the risks. Take a look at seven of the most significant cybersecurity threats the IoT poses today, and read on to find out how cybersecurity leaders and advisers can stay ahead of the challenges.

 

Read More

Half of industrial control system networks have faced cyberattacks, say security researchers
 

This article by Danny Palmer was published in ZDNet, 27 March 2019
 
Industrial control systems in manufacturing, energy, chemical and other environments are coming under an increasing number of cyberattacks, as hacking groups of all kinds attempt to breach these networks. By targeting industrial systems attackers can potentially do vast amounts of damage, ranging from using backdoors to make off with sensitive data, causing the network to shut down due to a ransomware attack, or even leading to dangerous situations and industrial systems break down, causing physical damage. Many control systems still run on old or bespoke operating systems making them vulnerable to interference, and cyber attackers ranging from criminal gangs to state-backed hacking groups know this and are looking to take advantage.

 

Read More

Botnet Detection Market Is Anticipated to Register a Significant Growth Rate Up to 2024, Asia Pacific to Steer the Regional Growth Path

This article was published in Digital Journal, 23 March 2019
 
Botnet Detection Market in Asia Pacific is expected to register an accelerated growth over the forecast timeline due to the rising adoption of IoT and rapidly increasing penetration of smartphones, leading to the increased vulnerability of connected devices. China dominated the global network of botnets in 2017. In June 2017, Kaspersky Lab reported that 17,060 botnets were detected in China where the botnet activity was reported to be 80% higher as compared to the U.S. where 7,350 bots were detected. North America is projected to hold a major share of the botnet detection market due to the rising incidents of botnet attacks in the region. Government agencies, such as the U.S. Department of Defense, are propagating actions for taking necessary steps against the rapid proliferation of malware attacks by developing advanced automation methodologies. A report released by the U.S. Department of Homeland Security and Commerce in May 2018 has identified botnet attacks as a global problem and has advocated enhancing the resilience of the internet and communications ecosystems in the country against botnets and other types of automated and distributed threats.

 

Read More

Pentagon Hopes to Have New Cybersecurity Standards for Contractors in 2020

This article by Aaron Mehta and Mike Gruss was published in Fifth Domain, 27 March 2019
 
The Pentagon’s top acquisition official said the department is working with government agencies to develop cybersecurity standards that industry partners would need to follow before they can win a contract. In the past two years, Pentagon officials have become increasingly concerned that one of their greatest cybersecurity risks lies in the second- and third-tier contractors who work with the Defense Department and the largest defense companies. In written testimony dated March 26 to the Senate Armed Services Committees cybersecurity subpanel, John Luddy, the vice president for national security at the Aerospace Industries Association, said while he applauded the idea of reporting breaches and applying standards, “the dynamic nature of cyber security today makes it extremely difficult for small to mid-size suppliers to create self-sustaining cyber security programs capable of managing the risk posed by advanced adversaries.” AIA has suggested its own standards for cybersecurity, one that it argues is not a one-size-fits-all checklist for compliance.

 

Read More

Bipartisan Bill Aims to Close Gap in Congressional Cybersecurity

This article by Kevin Collier was published in CNN, 27 March 2019
A bipartisan bill set to be introduced on Wednesday aims to close what is regarded as a major gap in congressional cybersecurity and extend the government's protections to senators and their staffers' personal phones and computers. The fact that Senate employees, especially those with high security clearance, enjoy federal security on their work devices but not the ones they purchase themselves has long been regarded as a glaring oversight by cybersecurity experts. Called the Senate Cybersecurity Protection Act, the bill, would task the Senate sergeant at arms with extending cybersecurity training and prevention services for staffers' personal use and devices. The sergeant at arms has previously said that it's only permitted to use its funding for government-issued devices and accounts.

 

Read More

UK Cyber Security Watchdog Ramps Up Warnings over Huawei Risks

This article by David Bond and Nic Fildes was published in Financial Times, 28 March 2019
 
The UK watchdog set up to monitor products supplied by Huawei has issued its harshest warning yet over the cyber security risks posed by the Chinese telecoms company, raising fresh questions over Huawei’s future involvement in critical 5G systems. In a damning report published on Thursday, the Huawei oversight board stopped short of calling for an outright 5G ban on the Chinese company’s equipment in British telecoms networks. But the board, which is chaired by the head of GCHQ’s National Cyber Security Centre, said it will be “difficult to appropriately risk-manage future products in the context of UK deployments, until Huawei’s software engineering and cyber security processes are remediated”.
 

Read More

THE GCSC IN THE NEWS:

Inside The R&D Of AI Ethics

 

This article was published in Forbes, 27 March 2019
 
How do you start to wrap your head around some of the most fundamental issues surrounding new technology and how it impacts society? If you’re Jonathan Zittrain, you take this “brainstorming exercise,” as he calls it, and force it into the real world. Zittrain is, among other honorifics, a Harvard Law School professor and the faculty director of the Berkman Klein Center for Internet and Society. He’s also the force behind Assembly, a collaboration between Berkman Klein and the MIT Media Lab, a program which is taking a unique approach to solving problems related to AI and ethics.
 

Read More

The Huawei Threat Isn’t Backdoors. It’s Bugs

This article by Lily Hay Newman was published in WIRED, 28 March 2019
 
A report on Thursday from a British government oversight group found that Chinese telecom-equipment maker Huawei has basic, but deeply problematic flaws in its product code that create security risks. The shortcomings, many of which Huawei had previously promised to improve, stem from issues with its software development processes, according to the report. Though the geopolitical discourse has gotten heated, the report concluded that the flaws in Huawei's code are related to "basic engineering competence and cyber security hygiene" and could be exploited by anyone. The report does not conclude that the bugs are intentional backdoors created for the Chinese government. Such broad exposure is still problematic—it could be exploited as well by US espionage agencies and the rest of the Five Eyes, but that’s of less concern to the White House. "There is no backdoor, because Huawei doesn’t need a backdoor. It has a front door," says James Lewis, a former State Department official and director of the Center for Strategic and International Studies' Technology and Public Policy Program. "The UK government has lots of problems with Chinese hacking. It’s not like there are Swedish hackers breaking in to steal British intellectual property every week. If Huawei was a Swedish company or a Brazilian company or something it wouldn’t be having these troubles. But it's seen as a tool of a very aggressive Chinese government."
 

Read More

Is US Foreign Cyber Policy on Track?
 

This article by Tom Field was published in Bank Info Security, 27 March 2019
 
U.S. cyber-policy has faced a significant set of challenges in the past two years. How the country responds to the growing threats will shape its diplomatic, military and economic power. With the stakes this high, is the U.S. getting it right? In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Christopher Painter, commissioner of the Global Commission on the Stability of Cyberspace and former White House cybersecurity czar, discusses challenges to cybersecurity policy.

 

Read More

Can Cyber Policy Protect the 2020 Elections?

This article by Nick Holland was published in Bank Info Security, 29 March 2019
 
The latest edition of the ISMG Security Report features Chris Painter, Commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections.
 

Read More

When Russia meddles, what’s a business to do?

This article by David Ignatius was published in the Albuquerque Journal, 24 March 2019
 
When the debris settles after special counsel Robert Mueller completes his investigation into Russian hacking of the 2016 presidential election, America will still be left with the underlying problem that triggered the probe in the first place – the threat of malicious cyberattacks against political parties, corporations and anybody else who uses the internet. Mueller’s findings about President Trump will have their own fiery afterlife on Capitol Hill, which nobody can predict. But Congress should also be thinking about the less-sexy fallout from the investigation, which highlighted the vulnerability of all data to foreign spies, meddlers and information pirates. Private companies are going on the offensive in cyberspace, too – even though the legal terrain is murky and there’s a big risk of triggering a tit-for-tat melee. American history offers an unlikely lesson in how cyber-offense might be enhanced and also regulated, as explained by Michael Chertoff, former secretary of homeland security, in his recent book “Exploding Data.”
 

Read More

Firms urged to gear up for new malware and tactics as threats proliferate

 

This article by Warwick Ashford was published in ComputerWeekly, 26 March 2019
 
Global malware attacks rose in 2018 for the third consecutive year, with a record number of 10.52 billion attacks recorded, according to the latest Cyber threat report by security firm SonicWall. The number of malware attacks was up 22% compared with 2017, and up 29% compared with 2016, with more than 391,600 new attack variants identified in the past year, including 74,290 never-seen-before attacks. The report was based on threat intelligence obtained from SonicWall’s more than one million sensors around the world and showed that in addition to an escalation in the volume of cyber attacks, cyber attackers were using new, targeted threat tactics. “The concern over security and privacy is more prevalent than ever before. Industry and government must collaborate to build a more secure environment, mitigate risk, and build citizen trust in government and consumer trust in business,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group, and former US secretary of homeland security.

 

Read More

Changing landscapes: The evolution of Black Hat Asia, 10 years on

 

This article by Jessica Haworth was published in The Daily Swig, 29 March 2019
 
Today marked the end of Black Hat Asia’s 10th year, as thousands of attendees from 85 different countries met to exchange ideas, learn new security research techniques, and network. But the inception of the conference wasn’t without its teething problems. When Black Hat Asia first opened in 2000, the show ran for three years in Singapore before moving to Japan. “When we started in 2000 we were here for only about three years, so we were really early in the market here – too early,” Jeff Moss, Black Hat founder and CEO, told The Daily Swig this week. A show in Japan was followed by one in the Middle East, but Moss said there were issues still – Black Hat just wasn’t working in the regions, he said. They were too early in the game for Asia-Pacific. Fast forward to 2013, and Black Hat Asia was back in Singapore – and the conference has been thriving ever since.

 

Read More

Medical AI systems could be vulnerable to adversarial attacks

 

This article was published in Harvard Law Today, 26 March 2019
 
A new paper published in Science by a team of researchers from Harvard University and MIT suggests that medical artificial intelligence systems could be vulnerable to adversarial attacks. The paper was co-authored by Harvard Law School Professor Jonathan Zittrain ’95, faculty director of the Berkman Klein Center for Internet & Society at Harvard University; John Bowers, a researcher at Berkman Klein Center; Samuel Finlayson, an M.D. Ph.D. candidate at Harvard and MIT; Isaac Kohane M.D. Ph.D., chair of the department of Biomedical Informatics at Harvard Medical School; Andrew L. Beam Ph.D., an instructor in the department of Biomedical Informatics at Harvard Medical School; and Joichi Ito, director of the MIT Media Lab. In their article, “Adversarial attacks on medical machine learning,” the authors note that medical machine-learning systems may be uniquely susceptible to such attacks because of the specific systems and incentives at play in the medical industry. With competing interests within health care and billions of dollars at stake, various players in the health care system could be motivated to influence the system in “subtle, impactful, and sometimes ethically ambiguous ways,” making medical AI systems a likely ground zero for the emergence of adversarial attacks.

 

Read More

MEPs back divisive EU copyright overhaul

This article by Damon Embling was published in EuroNews, 26 March 2019
 
It's pitted Europe's creative industries against tech companies and internet activists. MEPs have thrown their support behind a controversial overhaul of the bloc's copyright rules, which date back two decades. The changes will force the likes of Google and Facebook to pay publishers for use of news snippets - and filter out protected content. "I'm very relieved that we achieved to announce something and give the signal to all our European creators that the European parliament is on their side," said German MEP Axel Voss. Greek MEP Maria Spyraki, a former journalist, added: "For all of them, that are protesting in the streets, I would like to say that the liberty of us is finishing, diminishing when it starts the liberty of the others, when the rights of the others has started." Platforms will have to sign licensing agreements with all sorts of content creators, ranging from musicians to journalists. Critics fear the new rules may be too costly and block too much content. But supporters say it will improve the position of producers. Dutch MEP Marietje Schaake said: "People are promising that publisher rights are going to save the media. If was only that simple, I really think that there is more that needs to happen to protect a pluralist, quality journalism."

 

Read More

Ten European lawmakers say they voted against pivotal copyright amendment by accident

 

This article by James Vincent was published in The Verge, 27 March 2019
 
Ten members of the European Parliament (MEPs) have said they voted against a crucial amendment to yesterday’s controversial Copyright Directive by accident. The legislation was approved by the EU Parliament yesterday, with 348 MEPs voting in favor and 274 against. But a last-minute amendment that would have let MEPs take a further vote on the inclusion of Articles 11 and 13 — the most criticized parts of the law, known as the “link tax” and “upload filter,” respectively — was rejected by just five votes. Official voting records published by the EU show that 13 MEPs have declared they accidentally voted the wrong way on this amendment. According to the record, 10 MEPs say they accidentally rejected the amendment when they meant to approve it, two MEPs accidentally approved the amendment, and one MEP says he intended not to vote at all. If these MEPs had voted as they said they meant to, the amendment would have been approved by a slim majority. Then there would have been further votes on whether the law would include Articles 11 and 13 (renamed articles 15 and 17 in the final draft), though no one can say how those would have gone. These voting records are routinely published by the EU, and they give MEPs the chance to correct the record if they voted the wrong way on legislation accidentally. But those corrections have no effect on the outcome of votes, even if a majority one way or the other is gained or lost. “There is zero recourse,” says Marietje Schaake, a Dutch MEP who brought attention to the mistaken votes on Twitter. Schaake told The Verge: “For the record, you can change [your vote], but as the President calls it, that’s the result. Whatever the President calls is what matters.”

 

Read More

EVENTS:

Security experts to address future counter-terrorism, public safety at Milipol Asia-Pacific 2019

 

This article was published in Back End News, 27 March 2019
 
In this ever-evolving age, security professionals must utilize the most effective technological innovations to help them make informed decisions about pressing security issues. To fulfill this need, the second day of this year’s conference will be dedicated to discussing the relevance of artificial intelligence and digital technologies to improve homeland security with speakers Michael Chertoff, co-founder and executive chair, The Chertoff Group, and former secretary, US Department of Homeland Security; Fuji Foo, vice president, Business Digitalisation, Certis Technology Singapore, Certis; Michel Cadic, chief scientist of France, Ministry of Interior of France; and Jeff Moss, CEO, DEF CON Communications, Inc., USA
 

Read More

INSEC WORLD 2019 to be held in Hong Kong this September

 

This article by UBM Asia was published in Cision, 28 March 2019
 
The INSEC WORLD 2019, hosted by UBM Asia, takes place in Hong Kong from September 22-25. The organiser will invite a brain trust of leaders in the security community globally to attend the event hosted by an independent third party. A legion of big names in tech including Jeff Moss and Kevin Mitnick are likely to be present at the event, together with approximately 2,000 executives, IT supervisors and technical personnel alike from the information technology, communications, government, finance, academic institution, healthcare, retail and other related sectors on the scene, to explore industry hotspots, applications and trends.

 

Read More

The day's top China business headlines

Daily News Update

The day's top China business headlines

Today's briefs

HUAWEI

1.UK chastises Huawei for security failings

The UK government-led board that oversees the vetting of Huawei gear in Britain has publicly chastised China’s Huawei Technologies for failing to fix long-standing security flaws in its mobile network equipment, saidReuters.

The board released a report that revealed new “significant technical issues,” increasing pressure on the company as it battles Western allegations that Beijing could use its gear for spying.

The report also noted that the company had made “no material progress” in addressing the security flaws and it didn’t have confidence in Huawei’s capacity to deliver on proposed measures to address “underlying defects.”

The board specified that Britain’s National Cyber Security Centre does not believe that the defects were a result of state interference, but rather a result of basic engineering incompetence and a lack of cyber security hygiene. 


SAFETY REGULATIONS



2.China launches state-wide security probe after explosion

China is set to launch a month-long, nationwide inspection campaign into hazardous chemicals, mines, transportation and fire safety, following a deadly pesticide plant explosion that killed 78 people, said Reuters.

The Ministry of Emergency Management said in a notice that authorities needed to “deeply absorb” the lesson of the incident.

The blast occurred at a plant owned by Tianjiayi Chemical Co, which produces more than 30 organic chemical compounds. State media said the company had a history of safety violations and had been punished repeatedly as a result.

Safety departments are under pressure to crack down on violations, including the illegal or excess storage of dangerous chemical materials. The departments have also been urged to make use of big data and other technological methods to strengthen real-time monitoring of hazardous chemical producers.


TRADE WAR

3.Beijing introduces cloud concession in trade talks

China has decided to offer foreign technology firms better access to the country’s growing cloud-computing market as a compromise in a tech sector that the US wants opened as part of a trade deal, said the Wall Street Journal.

Premier Li Keqiang disclosed the proposal to allow trial operations for foreign cloud-service providers at a meeting with corporate chieftains, including those from International Business Machines Corp., Pfizer Inc., Rio Tinto PLC, BMW AG and Daimler AG.

The plan is part of a package of offers on technology-related issues that Chinese negotiators are expected to discuss with their US counterparts during high-level meetings scheduled for this week, said Wall Street Journal sources.


TRADE WAR

4.Kudlow says trade talks could go on for months

US trade talks with China could stretch on for “months,” said President Donald Trump’s top economic adviser Larry Kudlow, reported the Financial Times.

“This is not time-dependent. This is policy- and enforcement-dependent,” Kudlow, the head of the National Economic Council said in Washington.

“If it takes a few more weeks, or if it takes months, so be it. We have to get a great deal, as the president says, that works for the United States. That’s our principal interest,” he said, according to Bloomberg.

Kudlow’s comments were made as US negotiators, led by Robert Lighthizer, the US trade representative, and Steven Mnuchin, the US Treasury secretary, began a new session of talks with Liu He, China’s Vice-Premier, in Beijing.


POLITICS & SOCIETY

5.China to probe more individuals after fall of former Interpol chief

China’s Public Security Ministry said disloyalty to the Communist Party would not be tolerated and that it would be conducting further investigations into its own senior ranks, after a decision to prosecute former Interpol chief Meng Hongwei was made, said Reuters.

China announced that the investigation found Meng had spent “lavish” amounts of state funds, abused his power and refused to follow party decisions, resulting in his expulsion from the party and removal from his position as deputy public security minister.

“When it comes to party loyalty and sincerity, it is absolutely not allowed to be duplicitous, to agree overtly but oppose in secret, or to be a two-faced person, or lead a double life, or engage in political social climbing,” the Public Security Ministry said in a statement.

The statement gave no further details on future investigation plans, a part of the Party’s ongoing anti-corruption campaign, championed by President Xi Jinping.

Other stories:

Biotech and Pharmaceutical companies apply for new tech board listings

Nearly a third of the Shanghai Stock Exchange’s new Science and Technology Innovation Board’s applicants are biotech or pharmaceutical companies.

Beijing approves first Chinese-foreign pension insurance provider

China has approved the first foreign-Chinese pension joint venture in the country, between the UK insurance giant Standard Life Aberdeen PLC and China’s Tianjin TEDA International.

Daimler and Geely form smart-car partnership in China

Mercedes-Benz owner Daimler and China’s Geely announced a new joint venture to build electric smart cars in China and sell them on the global market by 2022.

Second Chinese rocket startup fails to put satellite into orbit

A rocket developed by OneSpace, a Chinese private space launch group, failed to reach orbit after lifting off from a state launch facility in northwestern China. It was the second failed orbital launch by a privately funded Chinese firm in five months.

China shifts position on tech transfers in trade talks

China has made proposals in talks with the United States on a range of issues, including forced technology transfers, as the two sides work towards overcoming obstacles in a deal to end the protracted trade war, said US officials.

The Future of Capitalism: Social Democracy in Crisis?

Ged-project.de

A book abstract of “The Future of Capitalism” by Paul Collier

15 March 2019

Photo by Helena Lopes on Unsplash

Share Image

With his latest book, the British economist Paul Collier attempts to unmask the existential crisis of modern capitalism. According to the author, social democracy has failed to deliver on its promise to create a cooperative and morally reciprocal society. “The Future of Capitalism” is Collier’s appeal to reset the mindset of modern social democracy, to reshape the foundation of capitalist societies and to make future capitalism more ethical and prosperous. What does he propose?

“Deep rifts are tearing apart the fabric of our society”

For Collier the problem of modern capitalism has a geographic, educational and moral base. Place itself has become a source of social and economic divergence. Across the globe, metropolitan areas are “surging ahead the rest of the nation”. They have not only become richer and more prosperous, but also socially detached from the rest of their countries. Education adds another dimension to the problem. According to Collier, the “newly successful” are neither capitalists nor normal workers but rather well educated people. This new social class has developed its own sense of morality that elevates minorities into victim groups and lets them therefore claim moral superiority over the less educated. These divergences have awakened new anxieties, frustration and anger in our societies. More importantly, they have been the “pulse of energy” for “charismatic” populists” and “seductive” ideologues.

“The triumph and erosion of social democracy” 

According to Collier, cooperation was the foundation of social democracy. He explains that in the post-war period cooperative policies and organizations were a pragmatic way of solving the anxieties of that time – health care, pensions, education, international organizations, etc. Over the years, the efficacy of such policies determined the political center, both of the right and the left across Europe. However, around the 1980’s the political center “drifted away from their origin of practical reciprocity of communities” and was captured by a group of people “disproportionately influential” – the middle-class intellectuals. The new ruling class was no longer driven by the collective belief of reciprocity but by an academic-anchored self-centeredness.

“Human beings need a sense of purpose, and capitalism is not providing it”

The self-centered intellectuals believe that society functions as the accumulation of self-centered individuals, all acting according to what the author calls a “selfish gene”. Collier states that this is fundamentally wrong, as human beings are morally motivated. Our shared values are the backbone of our belief systems, our actions and hence, of the narratives in our societies. In Collier’s opinion, the main problem of capitalism is its lack of moral acknowledgment. Society needs an ethical capitalism that meets standards built on our shared values, is supported by practical reasoning, and is reproduced by the central social units: the family, the firms and the state.

“Pragmatism tells us that this process will need to be guided by context and evidenced-based reasoning”

The author advocates for pragmatism as the tool to transform capitalism into an ethical capitalism. Pragmatism allows us to redefine values that at first sight could conflict, letting the context reveal their compromise. Additionally, the origin of pragmatism is communitarian, “seeing the task of morality as doing our best to fit our actions to the values of our community and the specifics of context”. Combining both morality and pragmatism, a purposive and ethical capitalism could be achieved.

The Future of capitalism: The capitalism of tomorrow

The first step towards achieving an ethical capitalism is restoring the ethics of the state, the firms, the families and the world.

To construct an ethical state the author proposes patriotism. Patriotism as a place-based shared identity that could give people a sense of belonging and mutual obligation. To create ethical firms, he suggests changing the power of the firm and giving workers’ interests representation on the boards of companies. He also proposes progressive taxation schemes; regulating firms by public interest principles; and changing the narrative of corporations to rebuild their reciprocal obligation with society. To restore the ethical family he advocates for the reinstatement of reciprocity values that profit from the longevity of the modern family. To reach the ethical world he proposes a new club of nations composed of China, India, USA, the EU, Russia and Japan. “A group that encompasses enough of the global economy and military capacity of the world to fix global problems even if non-members free-ride”.

The second step is making societies more inclusive by bridging the gap between the metropolis and the “broken city”, and by helping families in distress.

The author proposes a high-income tax on agglomeration to close the gap between metropolitan areas and neglected cities. This could counteract geographic divergences especially if the tax revenue is used to restore “broken cities” by the creation of new clusters.Additionally,this could also be achieved by cooperative efforts from the public sector (compensating pioneers in new clusters, creating business zones, investment promotion agencies, etc.) and the private sector (returning to firm localization, mega-firms moving to “broken cities”, etc.).

Moreover, Collier states that social maternalistic policies are the key to support families in distress and making societies more inclusive. These policies follow a system that recognizes its supportive role but does not imposes itself It specially provides continuous support for young families; redirects public spending to diminish geographical differences in education; and encourages mentoringfor children and adolescents.

The final step is acknowledging the downsides of globalization.

For Collier, recognizing the negative aspects of globalizing, globalized companies, and migration is also fundamental for the process of achieving an ethical capitalism. Hence, certain questions need to be asked:

What happens with the losers of globalization?” (see also our post: “Globalization Report 2018: Who Benefits Most from Globalization?)“How can globalized companies be better regulated?” and“How much migration benefits a society?”

How questions like these are answered in the process will help determine the path of the future of capitalism.

The Future of Capitalism. Paul Collier. Allen Lane. 2018

March 28, 2019

Gutenberg's legacy

AXIOS FUTURE Steve Levine

Illustration: Sarah Grillo/Axios

 

Johannes Gutenberg died in 1468, more than a decade after inventing moveable type. But he had already set in motion a gold rush-like frenzy of European entrepreneurs who flung open print shops to cash in on his technological earthquake.

This printing fever may be as responsible as Gutenberg's press itself for igniting the transformation that followed — the Reformation, the Scientific Revolution and the Industrial Age, according to new research published by the London School of Economics (LSE).Why it matters: We may be seeing the echoes of Gutenberg in the political and social tumult all around us, Jeremiah Dittmar, lead author of the article and a professor at LSE, tells Axios.

Today's competition for people's attention in the torrent of digitized information — blogging, the 24-hour broadcast news cycle and online commentary (not to mention email newsletters) — may be a key driver of the chaos.

"The technology is an accelerant," says Margaret O'Mara, a historian at the University of Washington.

The big picture: Competition was everything to the Gutenberg revolution, Dittmar and co-author Skipper Seabold wrote on their blog and in a longer paper in January.

When printers of the late 15th and early 16th centuries fought for the market, the price of knowledge — books and pamphlets — plunged.From there, the ideas of Protestantism spread and radical societal and business reform followed.

How they reached their conclusions: Dittmar and Seabold collected data on every known book and pamphlet published from 1454 to 1600 — more than 295,000 of them in some 200 cities. Then they tracked the opening of printing shops.

Details of what they found:

The shattering of a local information monopoly with the opening of even a single added printer in a city caused book prices to drop by 25% within a decade.Municipal Reformation laws followed, suggesting a link between the spread of printed material and political upheaval.

There was also an impact on the value of labor:

The value of knowing something skyrocketed — at once people who had ideas could get them into print, and cheap printing vastly inflated their audience.The pay of skilled and unskilled workers stayed flat from the late 1300s through the 1700s, but the salaries of university professors rose dramatically, especially if their specialty was science.Prior to printing, the median professor earned the same as a skilled worker. But by the early 1500s, professors earned seven times more than such workers.

The bottom line: The lifting of traditional gatekeepers — the Catholic Church in Gutenberg's day, and the mainstream media today — is one factor, but not everything.

Paul Starr, a professor at Princeton and author of the forthcoming book "Entrenchment: Wealth, Power and the Constitution of Democratic Societies" warns against "technological determinism.""

What they are missing entirely is the political and cultural context: the basic framework of control over communication (e.g., variations in censorship), the regimes of control over work (guilds) and intellectual property, and the various factors that influenced the demand for print (e.g., literacy rates)," Starr tells Axios.

Similarly, O'Mara says that, in both the case of Gutenberg and today, public faith in institutions had grown thin. "Even the most transformative technology doesn’t operate in a vacuum," she says. "New media propels political turbulence because of instability or loss of public faith in underlying institutions."

CHINA: Surveillance updates: Data leaks, gait recognition, expansion in Tibet

Freedom House

Data leaks show extent of surveillance, vulnerability of stockpiled information: Recent data leaks uncovered by a Dutch researcher shed light on the extent of Chinese surveillance programs, as well as the lack of data protection measures at some leading Chinese technology firms. On February 13, ethical hacker and security researcher Victor Gevers (@0xDUDE) found an exposed database belonging to Shenzhen-based SenseNets, a company specializing in artificial intelligence (AI) crowd analysis and facial recognition technology. The database, which Gevers claimed was “fully accessible to anyone,” contained information on 2.6 million people in Xinjiang—including their official identification numbers, birthdays, addresses, ethnicities, employers, and perhaps most chillingly, a list of their GPS locations over the past 24 hours. The database had been open since July, but it was locked by the company after Gevers reported the leak. A long-running crackdown in Xinjiang has led to the detention of an estimated one million or more ethnic Uighurs and other Turkic Muslims in a network of internment camps. As a result of the campaign, Xinjiang has become a “laboratory” for testing cutting-edge surveillance technology that in some cases has spread to other parts of China or been exported abroad. On March 6, Gevers revealed on Twitter that the Microsoft platforms Github and Azure were being used in the SenseNets program. That, along with a SenseNets website that listed Microsoft as a partner, sparkedspeculation on whether Microsoft was knowingly or unknowingly allowing its services to be used for Xinjiang surveillance. Microsoft has since denied having a partnership with the Chinese firm. Separately, Gevers on March 2 reported that he had uncovered a similarly unprotected Chinese collection of over 300 million private social media messages that contained highly personal metadata. Later, on March 9, Gevers revealed a different cache of detailed personal information on over 1.8 million women in China, including a “BreedReady” column detailing their childbearing status.

Real-time gait recognition: Last month, news outlets begancovering recent software advances made by Chinese AI start-up Watrix, including a program that is able to identify a person by analyzing physical movement from real-time video images. The company claims that its accuracy rate is above 96 percent, and that the software can identify a person from as far as 50 meters away. Unlike facial recognition software, which an individual can thwart by simply covering or altering his or her face, Watrix claims that its system can distinguish a fake limp from a real one. Police are piloting the software in large cities including Beijing, Shanghai, and Chongqing, and the start-up is reportedly in contract talks with security companies from Singapore, India, Russia, the Netherlands, and the Czech Republic

.US DNA tech firm halts sales in Xinjiang: As the human rights crisis in Xinjiang continues to garner international criticism, the US-based firm Thermo Fisher said on February 20 that it would stop sellingDNA biodata collection equipment in Xinjiang.  Meanwhile, Kenneth Kidd, a prominent Yale University geneticist who had been providing Chinese officials with genetic material that was used to compare Uighur and Han Chinese DNA, told the New York Times that he had been unaware of how the Chinese side had been using his material, and had been led to believe that he was simply collaborating on research in keeping with ethical norms.Chinese tech firms racing to Tibet: As Beijing attempts to further tighten its grip on Tibet in order to “maintain stability,” Chinese tech firms that specialize in AI and big data analysis are elbowing their way into the highly sensitive region. AI start-ups and tech giants like Alibaba, Tencent, and iFlyTek are establishing research and venture-capital units in Lhasa, taking advantage of government subsidies meant to promote economic growth in the region and increase the sector’s proximity to a population that Beijing seeks to control. News about the Tibetan tech rush came at an especially sensitivetime in the region: March 10 marked the anniversary of the 1959 Tibetan unrest and crackdown that led to the Dalai Lama’s flight to India, and March 14 was the anniversary of 2008 protests that sparked the largest crackdown in the Tibetan areas of China in decades. 

Worried about Huawei? Take a closer look at Tencent

The Chinese social media giant is a growing global force, and it does the bidding of the Communist Party.

by Sarah Cook

It has long been understood that Tencent—the Chinese company that owns WeChat and QQ, two of the world’s most widely used social media applications—facilitates Chinese government censorship and surveillance. But over the past year, the scale and significance of this activity have increased and become more visible, both inside and outside China.
 
During the last month alone, several events have illustrated the trend and Tencent’s close relationship with the Chinese authorities.
 
On March 2, Dutch hacker Victor Gevers revealed that the content of millions of conversations on Tencent applications among users at internet cafés are being relayed, along with the users’ identities, to police stations across China. Just three days later, the company’s founder and chief executive, Pony Ma, took his seat among 3,000 delegates to the National People’s Congress, the country’s rubber-stamp parliament. Ma reportedly raised the issue of data privacy even as security agencies were using data from his company’s applications to root out unauthorized religious activity.
 
On March 16, China watcher Chenchen Zhang shared an anecdote on Twitter about a member of the Uighur Muslim minority who was stopped at mainland China’s border with Hong Kong and interrogated for three days simply because someone on his WeChat contact list had recently “checked in” with a location setting of Mecca, Saudi Arabia. The authorities apparently feared that the Uighur man had traveled on pilgrimage to Mecca without permission, warning that such a move could yield 15 years in prison.
 
As Tencent’s pattern of censorship and data sharing with China’s repressive government continues and intensifies, now is the time to consider actions that might help protect the basic rights of all users, regardless of their location and nationality.
 
Tencent’s role in China 
 
Founded in 1998, Tencent and its popular applications have quickly emerged as ubiquitous elements of China’s communications, financial, and social fabric. In January, the company declared that WeChat alone had a billion active daily users.
 
While the company has been forced since its inception to comply with strict Chinese Communist Party information controls, the combination of growing government demands and WeChat’s near market saturation in China has increased the scope and impact of its complicity.
 
In the realm of censorship, media reports and expert research indicate that WeChat has been refining the use of artificial intelligence to identify and delete images, which netizens commonly employ to evade censorship and surveillance of text-based communications. The platform has also shuttered thousands of independently operated social media accounts that produced unauthorized news and analysis. These and other forms of censorship significantly distort the information received by Chinese users on vital topics. Analysis by researchers at Hong Kong University’s WeChatscope project, which tracks deletions from some 4,000 public accounts on the platform, found that among the most censored topics in 2018 were major news stories like the US-China trade dispute, the arrest in Canada of Huawei chief financial officer Meng Wanzhou, the #MeToo movement, and public health scandals.
 
Monitoring of user activity on the platform has been made simpler by enhanced enforcement of real-name registration requirements for mobile phones, the electronic payment features of WeChat, large-scale police purchases of smartphone scanners, and new rules facilitating public security agencies’ access to data centers. As indicated above, content from Tencent applications is being directly “spoon-fed” to police in some cases.
 
This surveillance is increasingly leading to legal repercussions for ordinary users. A sample of cases tracked in Freedom House’s China Media Bulletin over the past year feature penalties against numerous WeChat users for mocking President Xi Jinping, criticizing judicial officials, commenting on massive floods, sharing information abouthuman rights abuses, or expressing views related to their persecuted religion or ethnicity, be they Uighur MuslimsTibetan Buddhists, or Falun Gong practitioners. The punishments have ranged from several days of administrative detention to many years in prison, in some cases for comments that were ostensibly shared privately with friends. These dynamics have inevitably encouraged self-censorship on the platform.
 
Global expansion 
 
Although WeChat’s primary user base is in China, an estimated 100 to 200 million people outside the country use the messaging service. Among them are millions of members of the Chinese diaspora in countries like Canada, Australia, and the United States, but there is also broader expansion in much of Asia. Malaysia is reportedly home to 20 million users, out of a population of 31 million. In Thailand, an estimated 17 percent of the population has a WeChat account. In Mongolia, WeChat was the second most downloaded application in 2017. Merchants inMyanmar’s Shan State along the border with China have taken up the app, and the number of retailers in Japan that accept WePay (mostly when serving Chinese tourists) increased 35-fold last year.
 
Tencent recently purchased a $150 million stake in the popular news aggregator Reddit and is eyeing an entrance into the online video market in Taiwan, according to Taiwanese officials.
 
Evidence that politicized censorship and surveillance may affect Tencent users outside China has begun to emerge. A 2016 study by Citizen Labfound that conversations between an overseas user and a contact inside China were subject to certain forms of keyword censorship, and that once an account is registered with a Chinese phone number, it remains subject to mainland controls even outside the country.
 
In Australia, a more recent study of news sources available to the Chinese diaspora found negligible political coverage of China on the WeChat channels of Chinese-language news providers. Incredibly, between March and August 2017, none of the WeChat channels published a single article on Chinese politics, despite the run-up to the important 19th Party Congress that fall. In Canada, WeChat censors have deleted a member of Parliament’s message to constituents praising Hong Kong’s Umbrella Movement protesters, manipulated dissemination of news reports related to Meng Wanzhou’s arrest, and blocked broader media coverage of Chinese government corruption and leading officials.
 
Amid a massive crackdown in Xinjiang, Chinese police have also harnessed WeChat to connect with overseas Uighurs, demand personal information or details about activists, and insert state monitors into private groups.
 
How to respond 
 
Regardless of whether Tencent is a reluctant or an eager accomplice to the Chinese government’s repressive policies, the reality is that Tencent employees can be expected to censor, monitor, and report private communications and personal data, in many cases leading to innocent people’s arrest and torture.
This should be the starting point for anyone considering using, regulating, or investing in the company’s services.
 
For those inside China, it is nearly impossible today to function without using WeChat to some extent. But they would be well advised to exercise caution, restricting the application to its most practical functions and consulting available guides on enhancing digital security and accessing information on current affairs more safely. (Freedom House published a set of such resources last year.)
 
Users outside China, particularly those without family or friends on the mainland, should rethink whether WeChat is really essential to their daily lives. Individuals who do communicate with personal contacts in China can help protect them by directing them to more secure applications if a sensitive topic comes up, or using homonyms to replace potentially problematic terms, as some journalists have reported doing. Users in the Chinese diaspora should explore ways of expanding their sources of news and information beyond what is available on WeChat.
 
As governments around the world try to tackle problems related to “fake news,” political manipulation, and weak data protections on social media platforms like Facebook and Twitter, Chinese counterparts like WeChat should be subject to at least as much scrutiny and regulation—and be held accountable for any violations. Governments and corporations should also restrict usage of WeChat among their employees, particularly those who work with sensitive information, as the governments of Australia and India have recently done. Politicians communicating with their Chinese-speaking constituents should make sure to do so across a diversity of platforms, not just those that are subject to Chinese government control.
 
International civil society groups can assist both users and democratic governments by maintaining up-to-date digital security guides available in Chinese, documenting the extent to which content outside China is censored or monitored on WeChat, and exploring legal recourse for those whose rights may have been violated by Tencent’s practices.
 
Lastly, investors in Tencent should seriously consider the moral and political implications of their support for the firm. Anyone concerned about human rights, electoral interference by foreign powers, or privacy violations by tech giants should divest from the company, including retirement funds. Socially responsible investment plans should exclude Tencent from their portfolios if they have not already. Even from a purely financial perspective, Tencent shares may not be a wise purchase. The stock’s price has dropped 19 percent over the past year, at least in part because of tighter government controls on user communications. Given that Chinese regulators are now turning their attention to the gaming industry, the company’s most profitable area of activity, its value is likely to dip further. As stock analyst Leo Sun has warned, “investors in Chinese tech companies should never underestimate the government’s ability to throttle their growth.”
 
No amount of pushback from users, democratic governments, civil society groups, or investors is likely to change Tencent’s complicity with the Chinese government’s repressive activities. Its very survival depends on dutiful adherence to Communist Party directives. But the steps suggested above would do a great deal to limit the current and potential future damage caused by the company’s practices—for individual users, for the world’s open societies, and for the very concept of free expression in the digital age. 

Sarah Cook is a senior research analyst for East Asia at Freedom House and director of its China Media Bulletin. This article was also published by the Diplomat on March 26, 2019.