I am going to stay away from the by now well-trod debate about why Google made its decision to stop censoring the web and possibly retreat from the China market (you can read those here, here, here, and here; this and this, however, bring a new twist: Google left because the hacking exposed how it was collecting information on all of its users through an "internal intercept system."). Instead, I’ll tackle some other questions:
1) Is the attack a wake-up call, a symbol of a more aggressive China? Is this cyber attack part of a "new front among Cold War foes" or, as James Fallow puts it, the beginning of China’s Bush-Cheney era? Uhm, why are we shocked that China is being difficult? While this instance of hacking is clearly dangerous and egregious, it’s not really anything new. We have known about Chinese economic espionage for at least a decade. The Tracking GhostNet report, which uncovered a global effort to target the computers of human rights and Tibetan activists was released in September 2009. The stated goals of Chinese technology policy are to increase China’s own technological capabilities, to develop Chinese firms that are able to compete with Western companies, and to reduce China’s dependence on imported technology.
Last year, when everyone was very expansive about how Washington was going to build a new relationship on broad cooperation with Beijing on everything from regional security to climate change and world trade, Liz Economy and I were much more skeptical, arguing that cooperation would be hard because of "mismatched values, interests, and capabilities."
2) Will Google’s threat fundamentally change how U.S. companies interact with China? Google may have taken the "China corporate communications playbook, wrapped it in oily rags, doused it in gasoline and dropped a lit match on it," in ImageThief’s evocative wording, but I do not see many other companies following that route. They will continue to get along by going along, generally keeping quiet, and dealing with the government behind closed doors. Consumers may love KFC and Nike, but Google probably bet right that it has a special relationship with the most technologically savvy of Chinese users. These Chinese netizens were going to see censorship as the problem and were, at least in the short term, going to side with Google (you can read some of these comments at Global Voices Online). Moreover, most companies have a lot more at stake on the ground--employees, facilities, distribution and supplier networks, alliances--then Google. And with wider adoption of virtual private networks, Google may think it can continue to serve the Chinese market outside of China.
3) What’s the future of cyber security and U.S. foreign policy? While much of the speculation about cyber security has centered around what type of influence and authority the newly-named cyber czar Howard Schmidt will have; what role DHS and NSA should play in cyber defense; and when the Defense Department will "stand up" its cyber command, the most pressing question is now whether a free and open Internet is an essential part of defending American interests in cyberspace.
One day we might look back and see Google’s decision to leave China as one of the first signposts of splintering the world wide web and the emergence of a series of loosely joined regional webs, some more relatively open then others. Would an open Web centered on the United States be more vulnerable to cyber attacks than one guided by China, separated by the Great Firewall, language, culture, and differing technology standards? If so, and I think that could be the case, we need a policy that combines better defense of our own systems, multinational mechanisms to limit cyber conflict, and efforts to promote American values on the Internet, especially individual autonomy, access to information, and freedom of speech. We’ll have to see if this is what Secretary Clinton talks about in her January 21 address on Internet freedom.