The Google and China Story

The media has covered the Google story as one of an intrepid new age company fighting an authoritarian Chinese state in its quest for privacy data of Google users in China. What is left unsaid in this story is that the US has complete access to all Google privacy data of all gmail account holders. There is a great deal of hypocrisy in Google's account of how they are fighting censorship and jealously guarding the private data of their users

Google had earlier accepted the censorship conditions in China and this fracas is not about censorship. Whether the Chinese censorship makes sense or not is another matter as also the “Great Firewall of China” to which all ISP’s in China have to conform. The issue here is an attack mounted on a number of US companies using Google's gmail accounts. The belief is that this attack originated from China and was in some way connected to the Chinese Government. To make the China connection more credible, this attack has also been linked to some human rights activists’ gmail accounts being hacked.

Let us take each of these issues separately. As Google themselves admit, this is not about censorship and their not conforming to Chinese censorship rules now is a form of retaliation. The current fracas is about a shadowy entity, possibly connected to the Chinese Government, hacking into gmail accounts, and using this for illegal snooping. The problem here is that it even if we accept the Google version and condemn the Chinese hacking of private gmail data, Google is not telling us that the other part of the story. It routinely hands over private information of its account holders to the US National Security Agency. This is the law that Bush administration passed and all US telecom and Internet Service Providers accepted. In other words, while Google self-righteously protests Chinese hacking of its account holders privacy, it has no hesitation in supplying even non-citizens private data to the US spy agencies.

Lest we think that this is some left wing paranoia about the US, some basic facts are instructive. Google has time and again been asked how many requests from US security agencies for private data of its users does it service in a year. Its answer has been to duck the question. Before we condemn Google for this, we must also note that the US laws on this are clear. If a Google executive gets a “dreaded” National Security Letter” (NSL), he cannot even tell this to his wife or family. Even that would be a criminal act. The US laws have in effect converted the entire telecom/ISP infrastructure of the US into a giant spying machine.

The Electronic Frontier Foundation (EFF) is fighting lawsuits on this issue, particularly against AT&T, where it has filed detailed accounts of a shadow hub that copies information from the AT&T telecommunication network hub in San Francisco. Wall Street Journal (March 10, 2008) reports, “In that lawsuit, a former technology adviser to the Federal Communications Commission says in a sworn declaration that there could be 15 to 20 such operations around the country. Current and former intelligence officials confirmed a domestic network of hubs, but didn't know the number”. Verizon, another telecom major in the US, accidentally revealed that the number of security requests it serviced in a year was in tens of thousands.

Let us be clear on this. The Chinese Government’s routine electronic eavesdropping on political dissidents deserve condemnation. My problem with the media campaign and Google’s self-righteous declarations is that it hides the larger problem of states’ snooping on its citizens. The definition of what is danger to a state changes from country to country, but the laws today do not protect its citizens from the states over-reach into their private lives. Protest against Chinese intrusions into private emails of dissidents by all means, but also protest against the US and other states converting the entire cyber space into Big Brother’s private play ground.

The Google China fracas was really not about privacy data of human rights activists. The hacking was primarily directed at various hi-tech companies. It exploited a “hole” in Microsoft’s Internet Explorer and this allowed hostile “take over” of the target computers by shadowy entities. These entities could use these computers, generally belonging to highly placed individuals in these companies to siphon off confidential information. The command-and-control centres identified in these attacks were located in Taiwan, Illinois and Texas. There is no proof yet that the Chinese Government agencies is involved in these attacks except the assumption that a sophisticated attack of this dimension can only be mounted by a Government. One fall-out of the security hole of the Internet Explorer is that various people are not sounding caution on using it. The German Government has suggested discontinuing IE and using other web browser till the hole is fixed. One beneficiary of this could be Google Chrome, Google's web browser.

Google’s grandstanding on censorship could be to divert attention from the larger issue of security of its network based applications – cloud computing -- which it has been selling as the next computing paradigm. If indeed security can be easily breached at Google, it puts under a cloud its attempts win corporate clients for its networked applications. The whispers in Silicon Valley is that a breach of security of this magnitude will steer large corporate entities away from cloud computing and Goolgleapps. That is why the need for a public diversion into China and censorship. In any case, Google in China has steadily fallen behind in the Search engine market. Baidu, the Chinese search engine has three times the market share of Google. The Chinese Search engine Google is rarely used by the Chinese users; they continue to use Google.com and not Google.cn. Is Google sacrificing a market it was losing in order to divert attention from its own failure to provide security? In other words, shorn of high-sounding phrases, was this just a business decision? The issue of cyber snooping by states is a serious one. It is widely known that all countries practice electronic snooping. Israel routinely monitors all information connected to the Palestinian cause and has a history of hostile attacks on pro-Palestinian websites. If this has to be stopped, this needs to be negotiated between countries and some boundaries set. To believe that only the Chinese state indulges in cyber snooping would be extremely naïve. Remember, NSA in the US was set-up precisely for this. We only need to go into public domain information to know the depth to which US agencies penetrated various countries secrets. The EU is on record protesting NSA’a activities, even in helping US firms in commercial negotiations.

Last word. Let us not naively believe that all censorship is bad. We accept that certain kinds of censorship is right – paedophilia, prorogation of violence, hate speech – are illegal in most countries and would widely held to be right. Similarly, we do accept that the state can snoop if it suspects criminal activities. What is at issue is the nature of this censorship or snooping and the kind of judicial or other oversight that exists over it. So let us not pretend that the Chinese state is a modern day evil Dr. No or Fu Manchu while all others are lily-white saints. The world is a lot more grey than the Google and the US will have us believe.