Skip to main content

Economic Cyber Espionage and International Law: Controversies Involving Government Acquisition of Trade Secrets through Cyber Technologies

By David P. Fidler

Introduction
In late February 2013, a controversy erupted after a U.S. cybersecurity company released a report alleging that the Chinese military was using cyber technologies to obtain trade secrets from foreign companies. The Chinese government rejected the allegations, but the report resonated with U.S. concerns about Chinese economic cyber espionage. After the report's release, the Obama administration issued a new strategy to counter theft of trade secrets from U.S. companies. This Insight examines the international legal issues this controversy about economic cyber espionage raises.

Economic Espionage and Cybersecurity
Espionage comes in different forms. Traditional espionage encompasses a government's efforts to acquire clandestinely classified or otherwise protected information from a foreign government. Economic espionage involves a state's attempts to acquire covertly trade secrets held by foreign private enterprises. “Corporate espionage" or "industrial espionage" describes a company's illegal acquisition of another company's trade secrets with no government involvement. Many countries have long considered economic espionage important to national security and economic development.
States engaged in economic espionage prior to the use of cyber technologies. The United States adopted the Economic Espionage Act (EEA) in 1996, before the Internet became a global means of communication. As societies became dependent on cyber technologies, experts identified economic cyber espionage as a growing threat. U.S. cybersecurity policy included economic espionage as a problem. However, economic cyber espionage continued to metastasize, with U.S. leaders arguing that it was contributing to the "greatest transfer of wealth in history."

U.S. officials and cybersecurity experts have accused China of engaging in economic cyber espionage. In October 2011, the Office of the National Counterintelligence Executive (ONCIX) labeled China a "persistent collector" of U.S. economic secrets accomplished through cyber means. However, attributing cyber intrusions to the Chinese government has proved difficult. The ONCIX admitted that "the [Intelligence Community] has not been able to attribute many of these private sector data breaches to a state sponsor."

In late January 2013, the New York Times reported it had been hacked from China, and allegations followed that other newspapers had similarly been hacked. On February 10, 2013, a National Intelligence Estimate “concluded that the United States is the target of a . . . cyber-espionage campaign that is threatening the country’s economic competitiveness,” with China identified “as the country most aggressively seeking to penetrate the computer systems of American businesses and institutions to gain access to data that could be used for economic gain.”

On February 19, 2013, Mandiant, a cybersecurity company, released a report in which it claimed to have evidence linking Unit 61398 of the People's Liberation Army in Shanghai to a global cyber espionage campaign against nearly 150 companies from 20 economic sectors "designed to steal large volumes of valuable intellectual property." Mandiant's report garnered widespread press coverage, prompted angry responses from China, and catalyzed the Obama administration's release of a new strategy to combat theft of U.S. trade secrets on February 20, 2013.

International Law and Economic Cyber Espionage
International Law, Espionage, and Economic Espionage
The desire to combat economic cyber espionage confronts a lack of international law on espionage and economic espionage. Although a victim country could assert that spying violates the principles of sovereignty and non-intervention, state practice has accepted state-sponsored espionage such that these appeals are not serious claims. Although cyber espionage is sometimes described as "cyber attacks" and "cyberwar," no government regards cyber espionage of any kind as a prohibited use of force. Other bodies of international law under which espionage issues arise, such as rules on armed conflict and on diplomatic relations in peacetime, do not prohibit or seriously constrain espionage or economic espionage.

Thus, participation in, and tolerance of, spying indicates that espionage and economic espionage do not constitute wrongful acts triggering state responsibility under international law. Persons caught and accused of being spies can be punished, but international law contains protections for spies captured during armed conflict or covered by diplomatic immunity. The United States could not prosecute a Chinese diplomat caught engaging in economic cyber espionage unless China waived the immunity and, absent a waiver, could only declare the Chinese national persona non grata, triggering that person's return to China.

International Law, Criminal Law Enforcement Cooperation, and Economic Espionage  
Many countries prohibit economic espionage under national law. However, enforcement confronts difficulties because the offense’s elements include foreign government participation. Using extradition or mutual legal assistance treaties proves ineffective when the requested state is accused of sponsoring criminal acts. The U.S.-China mutual legal assistance treaty is unlikely to be helpful to U.S. efforts to apply the EEA to perpetrators of economic cyber espionage linked to the Chinese government.

International Law, Protection of Intellectual Property and Trade Secrets, and Economic Espionage
Some experts have argued that the United States should use international trade law's protections for intellectual property against countries engaged in economic cyber espionage. In trade and investment agreements, states have used international law to protect intellectual property rights of private-sector enterprises. The Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) of the World Trade Organization (WTO) requires each WTO member to protect certain types of intellectual property rights, including trade secrets, within its territory.
However, WTO members have, to date, shown no interest in addressing economic espionage within the WTO despite mounting worries about this practice.  

One reason why WTO members have not used the WTO is the difficulty of formulating claims that economic espionage violates WTO agreements. WTO rules create obligations for WTO members to fulfill within their territories and do not generally impose duties that apply outside those limits. WTO members that covertly obtain intellectual property of nationals of other WTO members operating in their territories could violate WTO obligations to protect such property. However, the economic espionage of greatest concern—and especially acts of remotely conducted economic cyber espionage—involves governments obtaining information from private-sector companies located outside their territories.

Even if a WTO member could construct a claim that economic cyber espionage violates a WTO rule, it would have to establish that another WTO member's government is responsible for the infringing acts. Usually, establishing governmental responsibility for challenged acts is not difficult, but WTO cases have not involved accusations against government-sponsored espionage. It is not clear that a WTO member could satisfy this burden by relying on evidence from private-sector entities (e.g., Mandiant's report) and without revealing counter-intelligence means and methods.

Another strategy proposed by experts is for the United States to impose trade sanctions on countries engaged in economic cyber espionage and justify the sanctions under national security exceptions in WTO agreements. This approach admits that unilateral trade sanctions would violate WTO obligations and require an exception to justify them. Whether a WTO member’s invocation of a national security exception could be successfully challenged remains controversial.

Other proposals focus on U.S. law rather than international law. For example, experts have argued that the United States should (1) impose sanctions on foreign nationals and companies that engage in, or benefit from, economic espionage, and (2) permit civil claims in U.S. courts against foreign governments that steal U.S. trade secrets under the Foreign Sovereign Immunities Act. These proposals borrow from other contexts, such as countering terrorism and transnational crime.

The Obama Administration's New Strategy
Arguing that trade secret theft threatens U.S. national security, the Obama administration's strategy contains five strategic actions:
  • Focus diplomatic efforts to protect trade secrets overseas;
  • Promote voluntary best practices by private industry to protect trade secrets;
  • Enhance domestic law enforcement operations;
  • Improve domestic legislation; and
  • Public awareness and stakeholder outreach.
Although the administration considers trade secret theft a serious matter, its strategy does not assert that economic espionage violates international law. Nor does it contain a blueprint for international legal changes that would directly address economic cyber espionage. The strategy seeks "improved legal frameworks, stronger enforcement of existing laws and strong and efficient remedies for trade secret owners," but its focus is at the national level, as evidenced by the domestic-centric content of four of the action items.

Internationally, the strategy aims to raise trade secret protection as a priority in diplomatic processes and legal agreements. The administration will use "formal cooperative agreements or arrangements with foreign governments" in investigations that require law enforcement cooperation (e.g., mutual legal assistance treaties; INTERPOL). The U.S. government will also emphasize trade secret protection in trade and intellectual property forums, including the TRIPS Council at the WTO and the Asia-Pacific Economic Cooperation process.

More specifically on trade, the strategy includes using "trade policy tools to increase international enforcement against trade secret theft to minimize unfair competition against U.S. companies." This approach will involve deeper cooperation with like-minded trading partners, seeking "new provisions on trade secret protections" in trade negotiations (e.g., the Trans Pacific Partnership Agreement), and using the Special 301 "priority watch list" process "to gather and . . . act upon information about the adequacy and effectiveness of trade secret protection by U.S. trading partners."

None of the strategy's trade-related initiatives mention potential legal claims against other WTO members. Under WTO rules, any trade-restrictive measures imposed by the United States based on information gathered in the Special 301 process cannot be taken unilaterally and must be authorized by the WTO dispute settlement process—unless the United States relied on a national security exception to justify unilateral sanctions.

Conclusion
Through its strategy, the Obama administration seeks international change on attitudes about trade secret theft, including that undertaken through cyber technologies, and is putting increased pressure on China on this issue. Whether the administration can achieve change and translate it into international law on economic cyber espionage remains to be seen, but obstacles exist.

Many countries, including China, do not consider economic espionage different from traditional espionage and will not cooperate when they perceive the United States to be a pervasive practitioner of cyber espionage. In addition, focusing on national criminal laws and law enforcement cooperation appears ill-suited to economic cyber espionage, especially given the lack of international law regulating economic espionage, the ability to conduct economic espionage remotely, the way cyber technologies exacerbate the attribution problem, and the problems cooperation confronts when economic espionage is the crime in question.
The flare-up between the United States and China over economic cyber espionage also intensifies geo-political competition over cyberspace and cybersecurity. Chinese perspectives on the accusations leveled against China emphasize the extent of U.S. cyber espionage and Chinese perceptions of American attempts to impose its interests and values on other countries through political and military cyber dominance. In this deteriorating climate, espionage of all kinds is only likely to increase in the foreseeable future.

Source: American Society of International Law

Comments

Post a Comment

Popular posts from this blog

Terrorism in Africa

According to state.gov, ISIS was defeated a few years ago. However, the organization's presence and existence remain conspicuous in Africa. Ongoing conflicts in Somalia, Ethiopia, Mozambique, Nigeria, and Burkina Faso demonstrate that ISIS has shifted its focus away from Iraq and Syria. Although ISIS lacks a clear hierarchy like Al-Qaeda, its followers and supporters wholeheartedly believe in its strong ideology. In 2014, the United States led the formation of a broad international coalition known as 'The Global Coalition to Defeat ISIS' to combat the organization during the height of the Syrian and Iraqi conflict. The primary objectives of this 83-member coalition are to degrade and defeat ISIS, which poses a threat to international peace and security. ISIS has brought thousands of foreign fighters from around the world to combat zones like Syria and Iraq, and it has used technology to promote its violent extremist ideology and instigate terrorist attacks. For example, t
Post a Comment
Read more

Sedition Act 1948 should have been repealed a long time ago. But why?

THE Sedition Act 1948 is a legislative measure that was enacted in Malaysia during the colonial era, designed to curb any form of speech or expression that was deemed to be seditious in nature with the aim of maintaining public order and security. The Sedition Act has been subject to much debate and criticism, with some arguing that it is a violation of freedom of speech and expression. Despite this, the Act remains in force in Malaysia to this day, albeit with some amendments made over the years. Although I concur with the abolition of this Act, it is imperative that a comparable new legislation be enacted to address the escalating prevalence of racially and religiously bigoted remarks that have been unsettling our distinctive multicultural and multi-religious society as of late. An instance that exemplifies the prudent decision-making of the governing body is the substitution of the Internal Security Act of 1960 with the Security Offences (Special Measures) Act 2012 (SOSMA). This rep
Post a Comment
Read more

THE HISTORY OF TERRORISM: MORE THAN 200 YEARS OF DEVELOPMENT

The history of terrorism dates back at least 1500 years when Jewish resistance groups (66 - 72 A.D.) known as Zealots killed Roman soldiers and destroyed Roman property. The term assassin comes from a Shi'ite Muslim sect (Nizari Isma'ilis - also known as hashashins "hashish-eaters") fighting Sunni Muslims (1090 - 1275) and during Medieval Christendom resisting occupation during the Crusades (1095-1291). The hashashins were known to spread terror in the form of murder, including women and children. The brotherhood of Assassins committed terror so as to gain paradise and seventy-two virgins if killed and to receive unlimited hashish while on earth. The modern development of terrorism began during the French Revolution's Reign of Terror (1793 - 1794). During this period the term terrorism was first coined. Through the past two hundred years, terrorism has been used to achieve political ends and has developed as a tool for liberation, oppression, and i
Post a Comment
Read more