For now, many conversations about global ‘cyber norms’ start with Beijing
China’s government is taking steps to become an international leader in discussions concerning “cyber norms,” a formal but still vague understanding about the appropriate behavior between states regarding offensive cyber operations.
Chinese leaders signed one such agreement Friday with Canada, marking Beijing’s sixth deal in two years. The first was with the Obama administration in late 2015. It curbed some cyber-enabled economic espionage by the Chinese against American companies.
China is promising to end state-sponsored cyberattacks aimed at Canada’s high-tech private sector, curtailing the practice of stealing Canadian trade secrets.
Beijing has now come to similar terms with the U.S., Canada, the United Kingdom and Australia — four of the Five Eye nations — in addition to Russia and Brazil.
In similar fashion to China’s other international cybersecurity agreements, this deal is non-binding, unenforceable in nature and only covers economic espionage. It outlines no punishment mechanism in case either China or Canada were to break the agreement.
The accord comes at a time when Canada’s private and public sectors are investing heavily in the development of artificial intelligence technologies and applications and while major Chinese government-owned enterprises look to purchase companies based in the country. Over the past several years, Canada has increasingly become known as a pioneering force in the evolution of AI.
“China’s recent signing of another agreement pledging to refrain from state-sponsored theft of business and trade secrets reflects Beijing’s calculus that these pacts boost China’s image as a responsible actor in cyberspace,” said Paul Triolo, a practice director with D.C.-based Eurasia Group, a consultancy that helps advise corporations about foreign policy. “The prohibition against IP and trade secret theft for commercial gain is fast becoming an international norm of behavior, despite being unenforceable.”
He added, “Beijing believes that this type of bilateral or multilateral agreement (G20, UN) benefits China’s global standing, at a time when Chinese leaders are pushing the idea of cyber sovereignty, and preparing for the 4th World Internet Conference, likely to take place in November or early December after the Party Congress.”
The bilateral agreement was made during a preplanned diplomatic talk held in Ottawa between senior Communist Party official Wang Yongqing and Prime Minister Justin Trudeau’s top national security adviser, Daniel Jean. It occurred four days after Trudeau spoke with Chinese Premier Li Keqiang by phone.
While most cybersecurity analysts believe that Chinese cyber-enabled economic espionage against the U.S. declined in recent years, since the famous Obama-Xi 2015 deal, there are some signs that this activity continues and is getting more difficult to spot.
“[Attributable] Chinese [hacking] activity does continue in some places not covered by these agreements, and there does seem to be a growing grumbling that some of this behavior might be starting up again,”said Adam Segal, director of digital and cyberspace policy at the Council on Foreign Relations..
Historically, the newly unveiled China-Canada cyber deal represents yet “another step in strengthening the norm against commercial cyber espionage, after agreements with U.S., U.K., Australia, and G-7 and G20,” Segal said.