Technology Laws Reshape Espionage and Power - Part 1

-

The defining feature of twenty-first century geopolitics is not simply the return of great-power rivalry, but the profound transformation of how power itself is exercised. Competition today no longer relies primarily on military confrontation or overt diplomatic pressure. Instead, it unfolds quietly through data, technology, and legal authority.

Espionage, once episodic, covert, and human-centric, has evolved into something far more pervasive: systemic, continuous, and embedded within the digital infrastructure of everyday life. Power now resides not only in armies and alliances, but in servers, algorithms, software updates, and statutes.

Modern espionage is no longer primarily about stealing classified documents or recruiting human agents. It is about access, aggregation, and anticipation. States seek persistent visibility into how societies function, how economies operate, and how infrastructure behaves under normal conditions.

Cyber intrusions, supply-chain manipulation, cloud-based surveillance, and long-term metadata harvesting now define intelligence collection. Crucially, many of the most effective intelligence operations today do not require illegal access or dramatic breaches. They operate continuously under the cover of lawful data collection, regulatory compliance, and contractual obligation.

This transformation is inseparable from the proliferation of connected technologies. Smartphones, digital payment systems, smart cities, cloud platforms, and sensor-rich technologies such as electric vehicles generate immense volumes of data as a routine by-product of daily life.

Location patterns, behavioural signals, biometric identifiers, communications metadata, and operational telemetry are collected automatically, often invisibly. When analysed at scale using artificial intelligence, this information reveals far more than individual behaviour.

It exposes system dependencies, infrastructure layouts, mobility patterns, and potential vulnerabilities. Espionage, in this environment, is no longer an exceptional act. It is an ambient condition of digital modernity.

Nowhere is this shift more consequential than in the Indo-Pacific, where strategic rivalry between the United States and China has intensified and broadened. Both powers understand that technological leadership determines future military advantage, economic resilience, and intelligence superiority.

As a result, competition has shifted decisively toward artificial intelligence, advanced semiconductors, cloud computing, telecommunications networks, and data governance regimes. Control over digital ecosystems increasingly determines strategic leverage, shaping not only markets but security environments.

China’s rise as a technological power has fundamentally altered this landscape. Through state-directed industrial policy, extensive financial support, and aggressive global expansion, Chinese firms have become central players in telecommunications, digital platforms, smart infrastructure, and emerging technologies worldwide.

Nevertheless, this commercial reach is inseparable from China’s domestic legal architecture. The National Intelligence Law obliges organisations and individuals to “support, assist, and cooperate” with state intelligence work. Its language is deliberately broad, and it offers no meaningful exemption for overseas operations.

The expanded Anti-Espionage Law further widens the definition of espionage to include data and materials related to national security, even when such data is commercially generated, unclassified, or held outside China.

This legal framework creates a structural intelligence risk for host countries. Espionage does not require malicious intent or direct instruction. If a foreign state has legal authority to compel access to data held by companies under its jurisdiction, then overseas data becomes potentially accessible by default.

This risk is magnified in systems involving continuous data transmission, remote diagnostics, proprietary software, and opaque algorithms that host governments cannot independently audit or fully understand.

However, it would be misleading to frame this challenge as uniquely Chinese. The United States operates under a similar strategic logic, though shaped by different legal traditions and political norms.

Through the Espionage Act, the Foreign Intelligence Surveillance Act (FISA), and post-9/11 expansions such as the PATRIOT Act, US intelligence agencies possess broad authority to collect foreign intelligence, compel cooperation from technology providers, and access cross-border data flows.

FISA allows surveillance of non-US persons located abroad, including through data held by US-based companies operating globally.

While American authorities emphasise judicial oversight, legislative review, and constitutional safeguards, the underlying assumption mirrors that of China: technology companies are integral to national intelligence capability.

Data held by private firms is treated not merely as a commercial asset, but as a strategic resource. For foreign partners, this means that data processed by US-linked platforms may also fall within the reach of US intelligence authorities, even when generated entirely outside US territory.

The key distinction, therefore, is not whether intelligence laws exist - all major powers possess them but how transparently they are applied, how narrowly they are defined, and how much confidence external partners place in their governance systems.

However, trust alone is not a substitute for sovereignty. For middle powers like Malaysia, the challenge lies in navigating between competing intelligence ecosystems without becoming structurally dependent on either.

Malaysia’s exposure is significant. As a global semiconductor hub and an increasingly digitalised economy, Malaysia hosts infrastructure that generates high-value strategic data. Chinese firms are active in construction, surveillance technologies, and digital services, while American-linked companies dominate advanced manufacturing, cloud services, and data-intensive industries.

This dual engagement reflects Malaysia’s openness and economic pragmatism but it also places the country at the intersection of overlapping foreign intelligence jurisdictions.

The danger lies not in foreign investment itself, but in unmanaged dependence. When critical systems rely heavily on technologies governed by external intelligence laws, sovereignty becomes conditional.

Data generated within Malaysia may be subject to foreign legal claims beyond Malaysian oversight. Espionage, in this context, becomes passive and latent - activated not by hostile intent, but by structural access and legal authority.

Malaysia must therefore reconceptualise national security for the digital age. Intelligence threats are no longer confined to military secrets or diplomatic cables.

They arise from procurement choices, infrastructure design, regulatory gaps, and economic policy decisions. Technology is not neutral infrastructure; it is strategic terrain. Law, increasingly, is an intelligence instrument.

Recognising this reality is the first step. The more difficult task is deciding how Malaysia should respond without undermining its economic future; a challenge explored in the second part of this analysis.

21.12.2025

Kuala Lumpur.

© All rights reserved

https://www.malaysiakini.com/columns/764205

Comments

Post a Comment

Popular posts from this blog

Smart Security, Free Society: Malaysia’s Data Dilemma

-
In today’s digitally driven world, national security is no longer confined to borders or traditional threats. Cyberattacks, disinformation campaigns, and asymmetric warfare have become the new frontiers of conflict. Malaysia, strategically located in Southeast Asia and increasingly exposed to regional tensions and internal vulnerabilities, must strengthen its security apparatus. However, doing so must not come at the cost of civil liberties. Malaysia can enhance its security strategy by leveraging insights from advanced data platforms like those pioneered by Palantir Technologies, while maintaining strong democratic oversight to safeguard the fundamental freedoms protected by the Federal Constitution. Palantir Technologies, a U.S.-based company, gained prominence in the aftermath of the September 11 attacks. Its core software, Gotham, was designed to integrate fragmented intelligence and provide real-time, actionable insights to military and intelligence agencies. Over the years,...
Read more

Syringe Attacks in Malaysia and France: Random Violence or Terrorism? - Part 3

-
The syringe attack on the 12-year-old son of Pandan MP and former Economy Minister, Datuk Seri Rafizi Ramli, has shaken Malaysia. What initially appeared as a rare and bizarre incident now echoes a disturbing pattern witnessed abroad, notably in France. In June 2025, during the Fête de la Musique festival, over 145 people across France reported being pricked with syringes in crowded public areas. In both cases, the weapon of fear was not a gun or bomb but a syringe. When viewed together, the Rafizi incident and the mass needle attacks in France reveal an alarming global trend of unconventional, psychological violence that leaves behind not just physical uncertainty but emotional trauma. The question we must now ask is: are these acts simply random criminality, or should they be treated with the gravity of terrorist attacks? A Pattern Beyond Borders In France, the attacks spanned multiple cities, with 13 confirmed cases in Paris alone. Victims included women, men, and even min...
Read more

Constitution of Malaysia: An Introduction Part 5

-
7 (1) No person shall be punished for an act or omission which was not punishable by law when it was done or made, and no person shall suffer greater punishment for an offence than was prescribed by law at the time it was committed. (2) A person who has been acquitted or convicted of an offence shall not be tried again for the same offence except where the conviction or acquittal has been quashed and a retrial ordered by a court superior to that by which he was acquitted or convicted.
Read more