By Noah Vehafric
In June President Biden issued an executive order replacing Donald Trump’s Executive Order which sought to ban Chinese-owned apps such as TikTok and WeChat for posing national security threats to Americans and their data.
Biden’s executive order asks the federal government to evaluate threats to Americans personal data. Our personal data has been at risk from one cyber incident after another; particularly from China. In recent years, China has undertaken efforts to collect massive amounts of data on American citizens:
- In 2015, 4 million federal employee files were accessed from the Office of Personnel Management (OPM), including the names, addresses, and other personal information of security clearance holders. China is the suspected culprit.
- Also in 2015, A hack of Anthem insurance by Chinese operatives revealed the information of 78.8 million Americans personal data.
- In 2017, China accessed 145 million Americans credit files in the Equifax breach. Names, addresses, birth dates, Social Security numbers, credit history and more.
- In 2018, A cyberattack by China against Marriott Hotels collected personal details of roughly 500 million guests.
- In 2021, China may have accessed millions of Americans genetic information through COVID-19 tests offered produced and distributed by BGI Group.
- China can access the user data of over 1 billion TikTok users to support the development facial recognition and natural language processing.
What is the purpose of collecting all this data? Artificial Intelligence. AI is a powerful technology that will have strategic implications for every aspect of life from national defense to agriculture. China has stated out-right that they want to be the leader in AI. To develop AI you need data, and lots of it. And harvesting the personal data from millions of your adversary’s citizens gives your nation an incredible strategic advantage.
There is a question whether there is a real difference between Chinese companies collecting our data and U.S. companies collecting it. The consensus is that there is. In the United States, the government (usually) requests to access the data from companies and those companies frequently fight such requests. But in China, the law requires individuals, organizations, and companies to support Chinese national intelligence interests by complying with data requests made by the government. Additionally, major companies must have a CCP member on their board of directors.
We can’t fully grasp the implications from this harvesting by a foreign power. Our government will need to look at solution to counter or compete with this invasive practice against us. For now though, we must individually take the responsibility to mitigate just how much of our data can get in the hands of China.