When all you have is a hammer, everything looks like a nail, but to plumbers and spies, the world is nothing but potential leaks.
There is little to like about China’s newest counter-espionage provisions, issued Monday by the nation’s Ministry of State Security. They stress the need for the whole of society to be increasingly aware of the threat of espionage and on the lookout for potential spies. Even teachers and students going abroad to study are required to be warned about espionage risks before departing and debriefed upon their return. The state security authorities themselves are given broad powers to access computers and physical spaces to investigate potential espionage and to evaluate preventative measures. In short, the new rules perfectly capture the paranoia that is a frequent occupational hazard for those working in intelligence and security.
Still, this dark vision of China, complete with hotlines for reporting on both suspected spies and inadequate security precautions, may register more with western media than it will resonate with the Chinese people. While Chinese citizens might roll their eyes at the idea of counter-espionage propaganda spots on TV or more trainings at work, western audiences, clouded by their own obsession with Chinese spying, may see the new rules as confirmation that state security authorities are involved with every level of Chinese life and permeate all aspects of society.
Unfortunately, there is plenty in the rules worthy of actual concern. For most organizations, the rules require very little but create an obligation to educate their staffs on preventing espionage, report incidents, and cooperate with authorities. Entities identified as more relevant and placed in a directory of ‘key units’ for espionage prevention, as well as the operators of critical information infrastructure, are further obligated to have more concrete systems for detecting and addressing espionage. The real dangers, however, come from the state security organs’ investigatory powers.
Where threats are discovered, leads are received, or as “otherwise needed”, the state security organs may inspect any entity from government agencies to social organizations. Inspections can involve talking to persons involved, entering facilities, and examining electronic communications equipment. They may even inspect and test counter-espionage defenses including computer networks, electrical systems, buildings, and equipment. They can do so on sight using specialized equipment or remotely via the internet.
There are some limits on the state security inspection powers. Higher-level approvals are required for most inspections, entities must be informed before remote inspections, and detailed inspection records are to be kept. Most critically, because the inspections are mainly designed to find security flaws and stop espionage, the legal consequence of ‘failing’ an inspection is only to correct the problem, although recommendations for further punishment may be made where harms have already occurred. Ultimately, however, the rules assume good faith implementation and the ability of authorities to police any misconduct in their ranks themselves—assumptions that seem at odds with the suspicious and security-conscious outlook that otherwise permeates the rules.
Mission Creep in Tibet
Unfortunately, one doesn’t have to look far to see how the authority might be abused. Related local rules for Tibet released last month are a perfect example of how easily loosely worded authority can be extended as they expand the definition of counter-espionage efforts to include stopping the ‘use of religion’ to conduct activities endangering national security. Remember that in China, national security is defined broadly, to include wide-reaching national interests including social stability, cultural integrity, and yes, religious tranquility. It’s probably no surprise that China views some religious activities as threatening, but how did they come to be included in anti-spy efforts?
The 2014 Counter-espionage Law defined acts of espionage relatively narrowly. It included acting on behalf of (or funded by) espionage organizations, prying into state secrets for foreign organizations, identifying targets for enemies, and so forth. Only in a final supplemental provision did it mention that the law might be applied to police or state security agents investigating threats to national security ‘other than espionage’. Generally one would expect that this type of supplemental provision was meant to expand the scope of procedural rules to similar investigations and enforcement actions, rather than expanding the scope of the entire anti-espionage enterprise (which could have been done directly in the main body of the law).
Later implementation rules went so far as to define the scope of this conduct ‘other than espionage’ as used in the law. This generally included existing crimes such as terrorism, subversion of state power, speech and publication threatening national security, and using religion or cults to undermine national security. Still, this definition only existed for the purpose of the Counter-espionage law’s supplemental provision, and should still only act to unify procedures in the affected cases. The Tibet regulations on counter-espionage precautions, however, draw on this language to include these non-espionage activities endangering national security within the scope of its efforts on ‘counter-espionage security precautions’, bringing religion into the idea of espionage.
The reality is that state security organs in Tibet and elsewhere have already been able to act with relative impunity, particularly when investigating espionage, subject only to their own internal restraints and the checks of central discipline authorities. What is new in these provisions is the public declaration that state security organs are authorized to act preventively in all sectors to educate and evaluate security precautions. In effect, they now have an obligation to spread the paranoia that is an asset in their particular line of work, but absurd outside of it.