The People’s Republic of China (PRC), and more importantly the ruling Chinese Communist Party (CCP), is a major factor in the global information environment. China is both a consumer and a supplier for that network. Some 850 million Chinese people have access to the Internet. China is an integral part of the global supply chain for information and communications technologies (ICT). As one of the world’s most important political as well as economic powers, the PRC also has an enormous impact on both the governance of that environment, and the norms that influence it.
Unfortunately, the PRC’s perspective on international norms indicates that it has an approach that is fundamentally at odds with those of the West.
The PRC has long valued sovereignty as a key international principle. Indeed, it might be said that there is no greater defender of the Westphalian system of sovereign states in today’s world than the PRC. While Europe has sought to create a transnational structure erasing international boundaries, China has very clearly worked to strengthen them. China’s claims to the South China Sea, Tibet, and Xinjiang, as well as Taiwan, are all based on the notion of territorial sovereignty (and its view of where its boundaries lie). But its support for sovereignty is not limited to the geographic and political space, but also extends to the cyber domain.
The PRC has long opposed the role of the Internet Corporation for the Assignment of Names and Numbers (ICANN) in administering the Internet. ICANN pursues a multi-stakeholder model, which includes not only nations but academia, civil society (e.g., religious institutions, non-governmental organizations). From the Chinese perspective, Internet governance should solely be the purview of states—not surprising given China’s growing political influence.
In proposing Internet codes of conduct at the United Nations, the PRC (along with Russia and several Central Asian republics) has consistently emphasized that “policy authority for Internet-related public issues is the sovereign right of States, which have rights and responsibilities for international internet-related public policy issues.”
As important, in the PRC view, non-state actors should have limited access to the Internet. This begins with Taiwan. China opposed granting Taiwan its own domain suffix (--.tw), insisting that it should use China’s domain suffix (--.cn). But it extends to other non-state actors as well. Chinese-backed proposals also state that the Internet should not be used to disseminate calls for “separatism,” which would affect not only Taiwan, but also Uighur and Tibetan activists.
If the state should be sovereign in establishing international norms for information, it has no limits on domestic norms. China’s rejection of informational privacy is a matter of record, reflected in the creation of the Orwellian “social credit score” system. PRC officials make no effort to hide the fact that not only are Chinese citizens under constant monitoring, but that the information that is derived will be used to preemptively control their actions. Some 11 million flights and 4 million train trips were prohibited because the would-be traveler had a social credit score problem.
Meanwhile, under a variety of Chinese laws, including the National Security Law (2015), Cybersecurity Law (2016), and National Intelligence Law (2017), firms and corporations, including Internet Service Providers and hardware vendors, and even foreign firms can be required to provide Chinese officials with access to a variety of data. Under the National Intelligence Law, for example, companies would have to “grant intelligence officials the right to enter otherwise restricted facilities, examine private records, investigate and question personnel, and access or even requisition communications or transport equipment owned by companies or individuals.” Notably, this is not only in response to criminal investigations, but in order to support Chinese collection of intelligence.
This incredibly expansive view of the writ of the Chinese government is reinforced when one examines other, more problematic Chinese activities in the information domain, such as exploitation of the Border Gateway Protocol (BGP) system. The BGP system helps route Internet traffic, but is built upon the presumption that key players will not abuse their role as traffic directors. A recent paper, however, suggests that China Telecom, a state-owned telecom provider, has used its “points of presence” in North America and elsewhere to redirect significant chunks of global Internet traffic to China. The professors note that, unlike accidental rerouting, these shifts were marked by “lengthened routes and abnormal duration.” A similar incident involving European mobile traffic occurred in June 2019, with “traffic destined for some of Europe's biggest mobile providers … misdirected in a roundabout path through the Chinese-government-controlled China Telecom” for over two hours.[6]
Such incidents suggest that China is pushing a norm of informational mercantilism, centered on extending its sovereignty within the information domain. Viewed in parallel with similar Chinese efforts to extend its sovereignty into other international common spaces (e.g., the South China Sea), it suggests a broader Chinese effort to define a new set of norms which challenges the current international rule set. In particular, China appears to be trying to create a self-serving set of norms, whereby, it will expand its own rights in international common spaces, whether in the cyber or physical realms, while rejecting others’ rights to do the same. In particular, in the cyber realm, China’s actions suggest that it will expand its own access to others’ information, whether through legal, technical, or illicit means, even as it closes off its own market to foreign competitors and vendors.