The new cybersecurity agreement signed by U. S. President Barack Obama and his Chinese counterpart Xi Jinping last week marks a significant first step for both governments to join forces in clamping down on commercial espionage in the cyberspace, analysts say. But many remain skeptical if concrete actions will follow.
President Obama told a joint news conference on Friday that both countries had “affirmed the principle that governments don't engage in cyber espionage for commercial gain against companies" while President Xi stressed such cooperation would be mutually beneficial.
Both nations agreed to investigate online malicious activity toward one another that take place within their respective borders "in a manner consistent with their respective national laws and relevant international obligations." The investigating nation will keep the victim nation updated "as appropriate" during such processes while the victim country won’t be involved in any of the investigations, according to the fact sheet from the White House.
Overseeing the investigative commitments are top-level officials from both countries who will meet for the first time by the end of 2015 and biannually every year after that.
A Win for President Obama
From the outset, the pact heralds a triumph for the Obama administration because China has, for the first time, admitted that cybercrime perpetrated by Chinese companies or individuals does exist and action should be taken. Yet it remains to be seen how China will curb hacking activities originated from its territory said Alexander Neill, a Shangri-La Dialogue senior fellow for Asia Pacific security at the International Institute for Strategic Studies.
China has repeatedly claimed it’s as much a victim as a perpetrator for hacking attacks but rarely made public specific hacking incidents.
The deal’s significance, he adds, lies in substance, not in form, as it may turn out to create few tangible results, such as the Chinese government’s prosecution of perpetrators.
“Evidence that it’s been successful is that China publicizes its companies or individuals who are perpetrating and successfully prosecutes them. Once we start to see that, then, that would show that China is putting its money where its mouth is,” the Singapore-based researcher said.
Neither will the newly-established hot line in the U.S.-China cyber dialogue guarantee real investigation by Chinese authorities into the theft of intellectual property or trade secrets on its soil argued Nicholas Thomas, associate head of the City University of Hong Kong’s department of Asian and International Studies, sharing similar skepticism.
That’s because China has not come anywhere close to matching the U.S. government’s crackdown on intellectual property infringements. He also said that tracing cybersecurity attacks remains complicated and difficult, and could reveal the methods and capabilities of U.S. cyberdefenses.
“Now they do have this hot line that’s been set up to register complaints. But you’ve got to back up the complaints with evidence, which means, America will have to reveal its ability, in terms of tracking cyber intrusions,” said professor Thomas.
The professor believes that the U. S. Justice Department’s indictment of five Chinese military officers last year, charged with hacking into U.S. companies, as well as the White House’s recent threat of imposing trade sanctions on China, put pressure on Xi to step up efforts in addressing the U.S. government’s cybertheft concerns.
A Win For Whom?
President Xi has given little ground to critics on issues such as China's human rights record or its military actions in the South China Sea. But the U.S. threats of sanctions over cybertheft may have gotten the attention of leaders who are already concerned over the performance of the Chinese economy.
“If Xi Jinping had been confident of the resilience of his leadership, then, he may not have offered such concession. So, the deal on cyber [security] may be an indicator that [there is] some degree of vulnerability in the Chinese system at this point,” he says.
Even though China says that it too suffers from cybertheft, there have been no publicized cases of companies that have suffered the theft of intellectual property by U.S.-based hackers.
"How much of China's commercial information is stolen is difficult to assess. It is very difficult for us to defend IPR (intellectual property rights) in cyber space," Teng Jianqun, director of China Institute of International Relations’ department of American Studies, told the All China Journalist Association on Monday. "Both countries will benefit from the new agreement."
Many more believe U.S. firms will gain more than their Chinese rivals. A 2013 estimate by the Commission on the Theft of American Intellectual Property estimated annual losses of $300 billion, more than 50 percent of which was attributed to Chinese hackers.
“The fact that a lot of U.S. companies are much more advanced than Chinese companies, they do have upper hands because there’s not much confidential information for them to steal or access for them to move forward. And so, you can easily see that it’s going one direction,” Peter Yu, law professor at Texas A&M University, said prior to the Obama-Xi summit talks.
Saibal Dasgupta also contributed to this story.