U.S. business groups worried by cybersecurity law aimed at China

WASHINGTON Mon Apr 8, 2013 12:41pm EDT

U.S. Marine Sergeant Michael Kidd works on a computer at ECPI University in Virginia Beach, Virginia, February 7, 2012. REUTERS/Samantha Sais

U.S. Marine Sergeant Michael Kidd works on a computer at ECPI University in Virginia Beach, Virginia, February 7, 2012.

Credit: Reuters/Samantha Sais

WASHINGTON (Reuters) - The U.S.-China Business Council on Monday criticized a new law aimed at thwarting cyber attacks by discouraging the Justice Department and several other government agencies from buying information technology systems from China.

"The national security of the United States is critical, but it must not be used as a means of protectionism," John Frisbie, the group's president, said in a letter urging leaders in the Senate and the House of Representatives to block similar measures in the future.

"Product security is a function of how a product is made, used, and maintained, rather than by whom or where it is made. Imposing a country-specific risk assessment creates a false sense of security if the goal is to improve our nation's cybersecurity," Frisbie said.

Congress, reflecting growing U.S. concern over Chinese cyber attacks, tucked a new review process for U.S. government technology purchases into a funding bill signed last month by President Barack Obama.

The measure requires the NASA space agency, the Justice and Commerce departments and the National Science Foundation to get approval from law enforcement officials when buying new information technology systems, with a particular focus on whether the systems are "produced, manufactured or assembled by one or more entities that are owned, directed or subsidized" by China.

Chinese officials have urged the United States to repeal the law, which they said uses Internet security as an excuse to take discriminatory steps against Chinese firms.

Fearing Chinese retaliation and copycat legislation in other countries that could harm U.S. interests, the Information Technology Industry Association, Business Software Alliance and other business groups also wrote to congressional leaders on Friday to urge reconsideration of the new law.

"Given the expedited manner in which this provision was enacted, we ask the Congress to review the security implications and competitive impact of this requirement, and consider a more constructive approach to this issue," they said.

The new provision also could inadvertently impede the U.S. government's ability to use the latest cutting-edge technology to protect itself, the groups argued.

"The requirement to assess every IT product purchase, absent any triggering threshold, will likely slow the federal acquisition process and put impacted federal agencies behind the security innovation curve," they said.

(Reporting by Doug Palmer; Editing by Eric Beech)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (5)
Burns0011 wrote:
Apparently, John Frisbie of the US-China trade council has never heard of hard-wired ‘backdoor’ circuitry. Without analyzing each and every chip, each and every circuit-board, it is almost impossible to tell ahead of time if any particular router or firewall component has a ‘backdoor’ hardwired in.

Connection logs might catch that the connection exists, but the only way to protect against an attack like that is to unplug the equipment in question. It is a legitimate concern, but not just for equipment manufactured in China.

Apr 08, 2013 2:14pm EDT  --  Report as abuse
ROJCAR wrote:
in addition to not knowing about hard-wired circuitry (as Mr Burns0011 states), these business also are acutely unaware of the blatant protectionism going on this minute in China. Why does a $30,000 jeep cost $80,000 when exported to China… This is happening across every industry and every product… and then we sit back and say duh.. why do we have a 226 billion a year trade deficit. Lets see… 25% currency manipulation, downright denial of market rights to our companies, and blatant theft of our hard-earned intellectual property rights… and yet they do not think we should protect ourselves? Hey executives.. quit thinking about the short term, and start thinking long term… The Chinese are the new enemy and you better wake up or your companies will be bankrupt.

Apr 08, 2013 4:55pm EDT  --  Report as abuse
MikeBarnett wrote:
One other problem that con-gress fails to recognize is that the US has destroyed US computers, cell phones, and digital cameras with each smart munition detonated during 11.5 years of war. Destruction of US ground and air vehicles also destroys US electronic components. The US cannot compete in global electronics when the US destroys most of its electronic components in endless wars. Therefore, any equipment that the US buys will have Chinese parts.

Recently, Lenovo passed Hewlett Packard in global PC sales, and 2 US con-gress-men told lies about ZTE and Huawei when their main anger was one more decline of the US. US leaders always knew that China would pass the US, but they thought it would be in 2050 when they were dead. Endless, ineptly fought US wars, 3 US economic crimes in 2000, 2001 to 2003, and 2008 to the present, and US sanctions on 50% of the world when China trades with 100% of the world have caused a more rapid US decline. China should pass the US economically by 2015, and, since the economy pays for the military, China should pass the US militarily by 2025. The idiots who lead the US think they can pass laws to reverse the decline of the US relative to China. The US lacks the time, the tools, the wisdom, and the will to make the needed changes.

Apr 08, 2013 5:04pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.