Finally, US appears ready to battle China’s rampant IP theft

Last week, President Donald Trump directed U.S. Trade Representative Robert Lighthizer to investigate, among other things, whether China’s laws, policies or practices were harming American intellectual property, innovation and technology. Undoubtedly, Ambassador Lighthizer will come back to the president with a straightforward (and unequivocal) answer: Yes; China is (and has been) robbing us blind.

For the better part of a decade, if not longer, China has been rapaciously pillaging the core intellectual property of American companies, both at home and abroad. Inside the United States, the Chinese government engages in a now well-documented campaign to aggressively steal the trade secrets and creative output of our most innovative companies across the economy, from chemicals to information technology. While this theft used to be human-enabled, today the vast majority of it takes place in cyberspace.

{mosads}Moreover, this theft, unlike traditional espionage, is not principally aimed at gaining an intelligence advantage or enabling more effective government policies. Rather, it is focused on directly improving Chinese corporate economic competitiveness by allowing corporations to build products without the massive investment of time and capital that American companies put into creating new, innovative technology.

Indeed, this theft is so vast from an economic perspective, former National Security Agency Director and founding Commander of U.S. Cyber Command Gen. (ret.) Keith Alexander referred to this ongoing cyber heist as the “greatest transfer of wealth in human history.”

But focusing solely on this form of Chinese government cyber-thievery is short-sighted, because it fails to highlight the highway robbery that takes place everyday inside of China, when American companies seek to sell their wares into China’s massive (and innovation-hungry) marketplace. Some of this theft is garden-variety piracy — albeit at massive scale — focused on software, movies, music and the like.

The even more pernicious variety, however, is the theft undertaken by the Chinese government itself, when it extorts American vendors into “partnering” with Chinese companies, essentially forcing them to transfer valuable technology and underlying intellectual property for the economic benefit of Chinese corporations. In many ways, the economic extortion taking place inside of China is merely the flip side of the Chinese cyber-theft coin.

When one piles this market-access extortion on top of China’s already well-known, weak-kneed protection of intellectual property and rampant cyber theft, it becomes clear that something must be done.

That is why the president’s direction to Ambassador Lighthizer is the exactly the right call. While prior administrations were well aware of the issues with Chinese IP theft in various forms, none had shown a serious willingness to consider strong, responsive trade measures, making last week’s action an important step in the right direction.

More remains to be done, of course, once Ambassador Lighthizer’s investigation reveals what we know it will. Specifically, the administration needs to be ready to actually utilize strong medicine, with trade measures and other coercive economic tools, to tamp down this activity. But the aggressive assertion of trade rights and use of coercive tools will take a while to develop and is only one key step.

More can and should be done now to address the threat posed by nation-state actors, like China, that seek to target our core economic strength, or like Russia, North Korea and Iran, that seek to conduct more politically-focused activities.

Specifically, the U.S. government should immediately begin sharing real-time intelligence on cyber threats — including information obtained through classified means — with American companies in a form that is actionable. Though the federal government has been talking about the need for increased threat-sharing since at least 2011, the reality is that little effective threat-sharing has taken place to date.

It’s also critical the government know what it ought not do. For a number of years now, various groups have been pushing the federal government to regulate private-sector cybersecurity, claiming the presence of a market failure. While such bad ideas have been largely fought off in Congress, various and sundry federal and state regulators have recently taken action.

Though some have argued the time to use regulation is now, when we see threat after threat on the cyber horizon, the reality, of course, is that when it comes to rapidly innovating industries like technology and cybersecurity, any such regulations are almost certain to be out of date before the ink is even dry.

Indeed, rather than improving security, such regulations — developed by notoriously tech-challenged federal and state bureaucracies — are likely to impose significantly more costs than benefits. Rather than improving security outcomes, imposing such regulation simply serves to strangle the very innovation it aims to protect.

I’ve recently helped author a report on cyber regulations at the Federalist Society. One of our key findings was, instead of grabbing for the regulatory stick, the government ought to work to solve the very information problem it has created by too closely hoarding actionable intelligence on cyber threats. 

Ultimately, if the government is able to build a real partnership with the private sector on cybersecurity, rather than working to regulate it from far away, we might just get ahead of the very real threats posed to our innovation economy in the modern era.

Jamil N. Jaffer is the founder of the National Security Institute at George Mason University’s Antonin Scalia Law School and a visiting fellow at the Hoover Institution. Jaffer previously served as chief counsel and senior advisor to the Senate Foreign Relations Committee.

The views expressed by contributors are their own and not the views of The Hill.