With the advent of the globalized, Internet-connected, international political economy, the importance of geopolitics will once again emerge to the forefront of many academic and boardroom discussions. The impact of geopolitical events in a global economy defined by increasingly intesrconnected supply chains has rippling effects on business, economics, policy, and technology. The private sector, particularly information security practitioners and technology business leaders, would benefit from a better understanding of inherit geopolitical risks.
The ethical and legal considerations of consumer data privacy has garnered attention in recent years but despite the progress in addressing public outcry, residual risks to national security persist. State actors have identified the strategic benefits of monitoring, manipulating, and controlling data passed through large scale information systems as evidenced by Russia's intervention in the United States' 2016 election and China's Golden Shield Project. While much has been discussed about the geopolitical threat of Russian interference using Western technology platforms, the geopolitical threat of China’s Golden Shield Project remains more obsecure to many information security practitioners and technology business leaders.
The national security implications of China's Golden Shield Project are often understated or misunderstood. This initiative uses a series of keyword and IP address filters that are programmed into routers or software systems that are positioned in major international peering points within the Internet. This infrastructure effectively renders some Western based platforms inaccessible within China's borders, denying these firms access to the Chinese market.
As China's economy continues to grow and emerges as a "wealthy" country, Western technology platforms striving to provide their shareholders with continued growth may begin to seek a presence in the world's soon-to-be largest economy. In doing so, Western firms will be faced with the decision whether to cooperate or resist the Chinese government's mandates. Such mandates may require Western technology platforms to cooperate with government officials by handing over private data on Chinese nationals or providing a backdoor for the Chinese government. In either case, user privacy or security are compromised with the later being of paramount interest to information security practitioners.
If Western technology platforms choose to cooperate with the Chinese government's mandates, the Chinese hegenony strengthens, resulting in additional national security implications for Western states. State monitoring and control of citizens' data may become normalized beyond China's borders upon the implementation of the technical layers to support such censorship initiatives are built.
This growth of Chinese influence over Western firms present both a national security threat to Western states as well as an information security threat to Western firms. The specifics on how this could happen are far from certain but further consideration on the matter is needed. Executives and security professionals alike would benefit from a stronger understanding of the potential implications from entering Chinese markets. Western policymakers must be prepared for this shift by mitigating risks to national security accordingly. US policymakers may find some success in extending International Traffic in Arms Regulation (ITAR) to provide a framework dealing with this not-too-distant security crisis.