Lorand Laskai is a research associate in the Asia Studies Program at the Council on Foreign Relations. You can follow him @lorandlaskai.
Last week, Chinese officials traveled to Washington, DC for the first U.S.-China Law Enforcement and Cybersecurity Dialogue. The talks are a new iteration of the Obama administration's U.S.-China High-Level Joint Dialogue on Cybercrime and Related Issues. If last week's discussions are any indication, both sides are keen to continue the progress achieved during the Obama administration, and want to make cyber issues an area of stability in the overall relationship. The outcome document checked-off a laundry list of existing initiatives and areas of progress, including strengthening information sharing, reaffirming a ban on cyber commercial espionage, and identifying and promoting cyber norms.
However, at least one Chinese academic sees an undercurrent of change in the U.S.-China cyber relationship. In an op-ed published on Friday in The Paper—a translation of which is posted below—Shen Yi, director of the Cyberspace Governance Research Center at Fudan University, said that Chinese negotiators should prepare to manage a relationship in flux. “It is necessary that we preserve a sober, coherent, and clear recognition of how the cybersecurity relationship will strategically influence the U.S.-China relationship,” he writes.
As the Trump administration upends elements of U.S. foreign policy, Shen Yi’s writing offers a looking glass into how China is interpreting the shift in the cyber domain. A young, media-savvy academic with a close connection to the Cyberspace Administration of China, Shen Yi is a prominent commentator on China’s rise as a cyber power, writing frequently in state-media on China’s cyber strategy and cyber sovereignty. He also spent a year at Georgetown University on a post-doctoral fellowship and frequently decodes developments in U.S. politics for a Chinese audience.
In his op-ed, Shen Yi predicts that upheaval in Washington is shifting U.S. cyber priorities at the dialogue. In particular, he expects a shake-up of the interdepartmental pecking order on cyber, with the influence of the Departments of State and Justice receding and Commerce, Homeland Security, and the Pentagon taking their place. With Secretary of State Rex Tillerson’s decision in August to fold the influential cybersecurity coordinator’s office in the Bureau of Economic and Business Affairs, Shen Yi’s predictions seem reasonable. Whether this means, as he anticipates, that U.S. priorities will shift to a more overt focus on what Shen Yi calls “norms of cyber militarization and combat” and protecting critical information infrastructure remains to be seen.
Shen Yi expresses significant frustration with U.S officials, who he believes make U.S.-China cyber relations more difficult by driving what he deems unnecessarily hard bargains: “Chinese regard goodwill as signifying friendship, whereas the United States interprets goodwill as room to bargain.” He says U.S. officials are mainly concerned with extracting concessions and using stratagem to obtain short-term gains, which he chalks up in part to a difference in strategic cultures and the fact that U.S. officials “do not apprehend the Chinese understanding of things like the overall situation.”
Counterintuitively, the reputation of Chinese officials in Washington DC is not unlike Shen Yi’s critique of U.S. officials— namely, that they’re shortsighted and try to take advantage of their counterparts rather than build a long-term working relationship. It’s unclear exactly what incidents Shen Yi is referring to, though the Chinese government has on a few occasions walked back on agreement pushed by U.S. negotiators. After the 2012-2013 UN GGE meeting, for example, Beijing almost instantaneously began disavowing the consensus that international law applies to cyberspace. Shen Yi’s frustration with U.S. hardball negotiating tactics seems to be also directed towards Chinese negotiators: “China needs to take a more proactive approach ... not simply responding when provoked, but genuinely understanding the essence of General Secretary Xi’s strategic directives.” His advice that Chinese negotiators need to prepare more for U.S. machinations seems to suggest Chinese officials may not always have done their homework before meeting with their U.S. counterparts.
Still, Shen Yi sees a shift in the distribution of power between the U.S. and China in cyberspace towards China. “Time is on China’s side,” he writes. Ever since the Snowden leaks, which revealed China’s vulnerabilities through relying on U.S. hardware and software, Beijing has centralized cyber operations within the People’s Liberation Army (PLA) and enacted the cybersecurity law last fall, which broadened restrictions on foreign internet and tech companies. “China is becoming more confident, more adept at creating advantageous bargaining chips, and more active at setting the agenda of China-U.S. cybersecurity relations,” Shen Yi asserts.
China-U.S. Law Enforcement and Cybersecurity Dialogue: Do not let the U.S. take advantage of Chinese goodwill by demanding a higher price
The Paper, October 5, 2017
From October 3-6, the first round of the Sino-U.S. Law Enforcement and Cybersecurity Dialogue will be held in Washington DC. This is an important step in carrying out the strategic direction laid out by head of state, General Secretary of Central Committee of Communist Party, and Chairman of the Central Military Commission Xi Jinping: “Turn cybersecurity issues into a point of Sino-U.S. cooperation, rather than a point of friction and conflict.” In 2015, during his meeting with then President Barack Obama, General Secretary Xi clearly stated that “China and the United States are both large cyber powers and both sides have an important common interest in cooperation.” He said that both countries should launch a constructive dialogue to build a bright spot in Sino-U.S. cooperation. Since then, newly elected President Donald Trump met with General Secretary Xi at Mar-a-Lago in April 2017, where, based on Xi’s strategic determination and China-U.S. collective deliberation, the Sino-U.S. Law Enforcement and Cybersecurity Dialogue was identified as one of the new dialogue mechanisms. In order to make this mechanism work, it is necessary to deal with the following relationships.
Change, cooperation, and the overall situation
First, manage the relationship between continuity and change. Although this is the first round of the Sino-U.S. Law Enforcement and Cybersecurity Dialogue, in reality the product, name, and specific mechanisms behind Sino-U.S. cybersecurity relations have [for a long time] persisted, evolved and developed. It is necessary that we preserve a sober, coherent, and clear recognition of how the cybersecurity relationship will strategically influence the U.S.-China relationship. The issue of cybersecurity has important significance in the broader U.S.-China strategic relationship. In order words, cybersecurity issues here should be understood within the context of national security and commanding strategic height, not from the technical level of transnational partnerships to fight cybercrime. For the United States, the fundamental goal of the dialogue is to establish a code of conduct 行为准则 for cyberspace; this motive has staying power, which does not change easily despite the change of administrations and other factors.
In terms of change, Donald Trump is a Republican president, and because of his unique qualities, the nature of partisan politics, and other domestic factors, his understanding of cybersecurity issues will inevitably depart from the Obama administration’s. Currently, cabinet positions within the federal government are undergoing complex changes in terms of cybersecurity decision-making: the Department of Justice and State Department, among other departments, which traditionally occupy a position of influence, are witnessing a significant shift in fortunes, increasing the probability that these departments end up marginalized. On the other hand, the position of Department of Defense, Department of Homeland Security, and Department of Commerce are perhaps on the rise. This means that the United States’ understanding of cybersecurity will shift from ideology and fighting cybercrime cooperation to protecting critical information infrastructure, norms of cyber militarization and combat, protecting intellectual property from cyber theft, transnational data flow supervision, among other issues. In this regard, the Law Enforcement and Cybersecurity Dialogue that emerged from the Cybercrime and Related Issues High-Level Joint Dialogue Mechanism should make appropriate adjustments and ensure that the relevant functional bodies are able to engage in effective dialogue through this mechanism.
Second, manage the relationship between cooperation and confrontation. On April 19, 2016, Xi Jinping chaired and delivered remarks at the Cybersecurity and Informatization Work Conference, where he clearly pointed out the nature of cybersecurity is confrontation 对抗 and the core of confrontation is the contest between attack and defense capabilities. Under the framework of the U.S.-China strategic relationship, cybersecurity relations has the same need to manage cooperative and confrontational aspects. It is clear that the strategic culture of U.S. policymakers and China’s traditional culture are entirely different. For this reason, how both sides interpret and decode signals necessarily has subtle and crucial differences: Chinese regard goodwill as signifying friendship, whereas the U.S. interprets goodwill as room to bargain. For this reason, China must make relevant preparation, and in particular avoid the thinking that “spending money can buy peace.” In even franker terms, in order to seek an advantageous position, the Americans usually ask for a sky-high price, the Chinese negotiators must be aware of the enormous space to “extort a very high price, but receive an extremely low counter offer.” Furthermore, the United States is adept at selfishly interpreting signals, and since they do not apprehend the Chinese understanding of things like the overall situation, in many situations U.S. officials will think of the Law Enforcement and Cybersecurity Dialogue as a series of one-off games, in which bargaining takes place in the moment. China must soberly recognize that because of term-limits for government officials and partisanship, the United States is usually concerned with short-terms gains within a four year time frame.
An important manifestation of this confrontation is the United States trying to use this type of dialogue to make China accept certain norms tailored to limit China from the indispensable national security activities in cyberspace that countries like the United States are used to exercising. Concretely speaking, the United States believes that passive intelligence gathering cases like the OPM hack should be packaged under individual cybercrime. Moreover, the United States attempts to exploit each type of circumstantial information asymmetry to lay traps for the Chinese side; and if the Chinese side does not promptly signal that it recognizes the relevant work of the United States, then thinks tanks like the RAND Corporation will use [this signal] to write a third-party report that theorizes or conceptualizes Chinese behavior as some type of rule, norm, or special characteristic. Clearly, China must fully prepare, including drawing from the experience of the United States and China negotiating national security and public security matters with other countries, developing contingency plans, and striving to grab the initiative of the game.
Cooperation is determined by the overall strength and power distribution between China and the United States. As everyone knows, the world cannot afford a full confrontation between China and the United States. For China, apart from recognizing China’s overall and strategic needs, we must clearly recognize that the United States cannot afford the consequences of a total conflict between the two countries. In other words, cooperative relations between China and the United States are becoming more symmetrical. Use struggle to find lasting cooperation, China is becoming more confident, more adept at creating advantageous bargaining chips, and more active at setting the agenda of China-U.S. cybersecurity relations.
Third, manage the relationship between individual components and the holistic whole. The Sino-U.S. Law Enforcement and Cybersecurity Dialogue is an important component of the strategic dialogue mechanisms between China and the United Stataes; China-U.S. cyber relations is an important part of the China-U.S. strategic relationship. Therefore, China-U.S. cyber relations is important to the overall situation, and during the cybersecurity dialogue U.S. officials will not only want to settle cybersecurity issues and establish norms of behavior in cyberspace, but also test the macro state of the China-U.S. strategic relationship, understand China’s behavior, and use the dialogue to launch a new method of competing with China. Therefore, any understanding or comprehension of cybersecurity relations must include the holistic framework of China-U.S. great power relations.
It is overall worth pointing out that the relationship between the relationship’s whole and individual parts is bidirectional. This is because when the power ratio and distribution shifts, not only does the United States need a new awareness and comprehension of China; China also needs the same of China. Therefore, China needs to take a more proactive approach at the Law Enforcement and Cybersecurity Dialogue, not simply responding when provoked, but genuinely understanding the essence of General Secretary Xi’s strategic directives. This means exploring a new model and correct method in accordance with the new power distribution in the macro-competition between China and the United States; innovating an effective China-U.S. bilateral communication mechanism and constructive way to control differences; and realize a new strategic stability at the center of the China-U.S. cybersecurity relationship.
Looking forward in China-U.S. cybersecurity relations
The China-U.S. Law Enforcement and Cybersecurity Dialogue mechanism dates back to at least 2014, when U.S. officials rashly brought charges against five Chinese army officials and disrupted the high-level representatives dialogue mechanism on cybersecurity; in September 2015, after the China-U.S. head of state summit, the high-level joint dialogue mechanism on fighting cybercrime and related issues resumed the discussion; afterward, between December 2015 and 2016, the two side held three dialogue sessions; and then in April 2017, the dialogue evolved into the law enforcement and cybersecurity dialogue. This type of evolution reflects the sensitiveness, importance, and complexity and institutionalized nature of joint decisions; at the same time, this process of fulling this formidable and important task highlights how cyber relations has become a bright spot in U.S. and China relations.
There is reason to be cautiously optimistic that no matter the distribution of power [between China and the United States], or the domestic political environment, time is on China’s side. I am confident that at the same time as China follows General Secretary Xi’s strategic directive to make large strides towards becoming a cyber superpower, China-U.S. cybersecurity relations and even the overall China-U.S. strategic relationship will usher in a more heartening new situation.
"Yi Si" is a biweekly column by Shen Yi, an assistant professor and director of Fudan University’s Cyberspace Governance Research Center which focuses on cyber and information security within the context of great power relations. All text in bold was emphasized in the original.
 Shen Yi is likely referring to “Getting to Yes with China in Cyberspace: Is it Possible?” a 2016 RAND report by Scott W. Harold and Martin C. Libicki that analyzes U.S. and Chinese positions on cyberspace and offers a model to explain areas where the two sides have diverging views.