A bilateral pact has been agreed between the governments of Canada and China. The pact forbids either country from conducting corporate cyber espionage on the other. The agreement was struck just before the weekend in Ottowa, during meetings between the Chinese official, Wang Yongqing, and Canada’s national security and intelligence adviser, Daniel Jean.
The agreement specifically stipulates that no hacking of trade secrets and business information will take place between the two nations. An official statement from the Canadian government about the bilateral pact reads as follows:
“The two sides agreed that neither country’s government would conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”
The agreement comes in the wake of a massive cyberattack that is said to have cost Ottowa “hundreds of millions of dollars.” That hack penetrated Canada’s National Research Council (NRC) back in 2014.
The high estimate was made by the Natural Resources Canada (NRCan) federal agency, which claims the losses were due to the “potential cost of a total IT [information technology] compromise involving multiple departments,” and “lost productivity that would follow such a compromise.”
Despite widespread belief that the costly cyberattack was carried out by China, officials for the Communist Party have stubbornly denied involvement. Following the penetration, Chinese Ambassador to Canada, Lu Shaye, said,
“China never carries out any cyberespionage activities to other countries.”
Too Much to Lose?
What kind of cyber espionage might the Chinese want to carry out on Canada? And why might it have targeted Canada’s National Research Council (NRC) back in 2014?
The answer to this question is pretty straightforward. NRC’s role is to find ways to guarantee Canada’s future prosperity. The agency does this by looking for emerging ideas and technologies, and helping to nourish innovation as it occurs.
In the 1970s, the agency helped to invent Canola – a type of rapeseed that is “characterized by having improved nutritional qualities in both the oil and the meal.” Canola has become a multi-billion dollar export to China and other countries. It is an example of the type of trade secrets that China would like to extract from Canada using cyber espionage.
The new bilateral agreement only stipulates that cyber espionage between the two countries will not be aimed at private corporate entities. As such, both Canada and China are free to keep hacking government agencies and military targets. That means the new bilateral agreement would not have actually stopped China from causing the “hundreds of millions” in damages that it caused during the NRC hack. So, what gives?
The problem for Canada is that it is the much weaker negotiator at the table. For Canada, getting Beijing to agree to even a little less cyber espionage is highly beneficial. A senior Canadian official (who took part in Friday’s talks) has made the following comments on condition of anonymity,
“This is something that three or four years ago [Beijing] would not even have entertained in the conversation.
“For us, having the commitment on paper is good because we can refer to it. The fact that we do this doesn’t mean we won’t be vigilant, but at the same time if things happen we can go back [to this commitment].”
Will China Comply?
One problem for Canada is that China is incredibly stubborn when it comes to admitting any part in cyber espionage. As such, one can’t help wondering how seriously Canada can take this agreement.
After all, China knows that the likelihood that breaking this pact would lead to war between the two nations is close to nil. For that reason, the restrictions placed on China don’t have any solid repercussions to back them up.
Of course, there is always the option of sanctions rather than war. However, in that area China also dominates: Canada imports three times more from China than it it exports. This gives China the upper hand, and makes it very tough for Canada to successfully use sanctions against the Chinese, should they steal corporate secrets despite the bilateral agreement.
Why the Concession?
Why would China bother entering a cyber espionage deal with Canada if it has no intention of honoring it? After all, with the massive power imbalance between them, China hardly needs to do anything to appease Canada if it doesn’t want to.
There is, of course, the chance that China is serious about this deal – and that it hopes to get better trade terms out of Canada in exchange for keeping to the agreement. The trouble is that obfuscation techniques and technologies make it very difficult to assign blame to government agencies when cyberattacks happen – and China is not likely to admit fault.
With that in mind, Canada is right to be wary and must indeed remain vigilant. After all, the danger is that for China, which exports C$60 billion of goods a year to Canada, the agreement may be nothing more than a diplomatic maneuver designed to appease the Canadians following the 2014 attack. With so much more in it for Canada than there is for China, I for one find it hard to believe that China will stop doing what it does best.
Finally, there is concern that this bilateral agreement might have more to do with Beijing’s wish to agree an extradition treaty with Canada than cyber espionage. The Canadian government, however, has said that it will require assurances from China that any person who faces extradition gets a fair trial and cannot be handed a death penalty.
Opinions are the writer’s own.
Title image credit: Prehistorik/Shutterstock.com
Image credits: supimol kumying/Shutterstock.com, PhotoElite/Shutterstock.com,