Foreign Relations & International Law

Beijing’s New National Intelligence Law: From Defense to Offense

Murray Scot Tanner
Thursday, July 20, 2017, 11:30 AM

China’s National Intelligence Law, enacted on June 27 with unusual speed and limited public discussion, is a uniquely troubling milestone in Beijing’s four-year-old campaign to toughen its security legislation. Like the more widely reported Cybersecurity Law (which went into effect on June 1) and a raft of other recent statutes, the Intelligence Law places ill-defined and open-ended new security obligations and risks not only on U.S.

Published by The Lawfare Institute
in Cooperation With

China’s National Intelligence Law, enacted on June 27 with unusual speed and limited public discussion, is a uniquely troubling milestone in Beijing’s four-year-old campaign to toughen its security legislation. Like the more widely reported Cybersecurity Law (which went into effect on June 1) and a raft of other recent statutes, the Intelligence Law places ill-defined and open-ended new security obligations and risks not only on U.S. and other foreign citizens doing business or studying in China, but in particular on their Chinese partners and co-workers.

Of special concern are signs that the Intelligence Law’s drafters are trying to shift the balance of these legal obligations from intelligence “defense” to “offense”—that is, by creating affirmative legal responsibilities for Chinese and, in some cases, foreign citizens, companies, or organizations operating in China to provide access, cooperation, or support for Beijing’s intelligence-gathering activities.

The new law is the latest in an interrelated package of national security, cyberspace, and law enforcement legislation drafted under Xi Jinping. These laws and regulations are aimed at strengthening the legal basis for China’s security activities and requiring Chinese and foreign citizens, enterprises, and organizations to cooperate with them. They include the laws on Counterespionage (2014), National Security (2015), Counterterrorism (2015), Cybersecurity (2016), and Foreign NGO Management (2016), as well as the Ninth Amendment to the PRC Criminal Law (2015), the Management Methods for Lawyers and Law Firms (both 2016), and the pending draft Encryption Law and draft Standardization Law.

A comparison of the final version of the National Intelligence Law and the penultimate draft issued on May 16 indicates that its authors had to soften some of these requirements and make it less explicit about to whom they apply. But the law’s broad language still imposes serious new security obligations, and the authors will probably get another opportunity to tighten these rules if detailed implementing regulations for the law are drawn up in the future.

Initial press coverage of the Intelligence Law spotlighted concerns that it would grant intelligence officials the right to enter otherwise restricted facilities, examine private records, investigate and question personnel, and access or even requisition communications or transport equipment owned by companies or individuals. But while the new law does grant these powers, similar authorizations have already been granted in other legislation, most notably the Counterespionage Law (Articles 9-16) and the Cybersecurity Law. It is the Counterespionage Law which most closely parallels the new Intelligence Law in its structure and focus.

As its name implies, the Counterespionage Law is far more defensive in orientation than the Intelligence Law. Article Four requires all Chinese citizens to preserve, and not harm, national security, and obligates all public groups, enterprises, organizations, and other institutions to “prevent and stop espionage activities and maintain national security.”

The Intelligence Law, by contrast, repeatedly obliges individuals, organizations, and institutions to assist Public Security and State Security officials in carrying out a wide array of “intelligence” work. Article Seven stipulates that “any organization or citizen shall support, assist, and cooperate with state intelligence work according to law.” Article 14, in turn, grants intelligence agencies authority to insist on this support: “state intelligence work organs, when legally carrying forth intelligence work, may demand that concerned organs, organizations, or citizens provide needed support, assistance, and cooperation.” Organizations and citizens must also protect the secrecy of “any state intelligence work secrets of which they are aware.” These clauses appear to limit the obligations on individuals to Chinese citizens, but they do not stipulate that only Chinese “organizations” are subject to these requirements.

In other articles, moreover, the law’s drafters chose language that does not limit these demands on individuals to Chinese citizens. Article 16 authorizes security officials to make inquiries (xunwen; 询问) of any individuals as part of their intelligence-gathering, and to examine their reference materials and files. These officials can also commandeer the communications equipment, transportation, buildings, and other facilities of individuals as well as organizations and government organs (Article 17).

While the law requires that intelligence officials carry out such inquiries according to relevant state regulations, nowhere does the law explicitly authorize individuals or other actors whom they question—citizen or foreign—to refuse to answer questions or decline such access, information, or support. In this context, it is worth recalling that China’s Criminal Procedure Law requires persons questioned by law enforcement officials (including public security officials) to respond “according to the facts” and does not confer on them the right to silence. What is unclear is whether the passage of the Intelligence Law effectively places these intelligence activities within the same realm as criminal cases, which might compel persons who are interviewed to cooperate with intelligence officials.

Like other recent Chinese security legislation, the Intelligence Law leaves key concepts undefined, thereby expanding the law’s potential scope and its risks to foreigners. Most importantly, the law does not define its title concepts—“intelligence” or “intelligence work”—with details that clarify unacceptable government behavior or limit the obligations the law imposes on people and organizations. In this regard, a useful metric for comparison is one of the most fundamental of U.S. intelligence collection authorities, Executive Order 12333 on Intelligence Activities, which lays out detailed definitions, procedures, limitations and prohibitions regarding a number of intelligence activities, including government collection, retention, and dissemination of information on U.S. persons and corporations.

The Intelligence Law casts a broader net when it discusses the nature of intelligence activities. Article Two requires intelligence work to embrace Xi Jinping’s so-called “overall” or “comprehensive concept of national security” set forth in 2014, which would place virtually any issue—military, political, economic, social, technological, cultural or others—within the realm of intelligence work. Articles Two through Four describe intelligence work as the collection of open source or secret information, at home or abroad, to provide a reference for decision-making and protecting almost any national interest. These interests include, but are not limited to, “preventing and dissipating risks which endanger national security,” “safeguarding [China’s] governing regime,” its “sovereignty, unity, and territorial integrity,” economic prosperity, and the “sustainable development of the economy and society.”

The law also permits authorities to detain or criminally punish those who “obstruct” intelligence activities. But it does not define “obstruction” or distinguish it from mere failure to “support,” “assist,” or “cooperate”—the obligations noted in Article Seven. The law is also unclear about the means by which persons who are subjected to illegal mistreatment by intelligence authorities may file complaints or sue.

A few U.S. IT firms operating in China have expressed concerns about the wide-ranging obligations the new law might place on them to provide technical support to security officials for intelligence-gathering or other activities. The Intelligence Law itself grants officials general authority to demand “assistance” from private organizations and access or use their “communications” facilities. But companies could face even more serious burdens if the law is applied in concert with the new Cybersecurity Law, which accords officials far more specific authority to access and regulate many features of corporate networks that might be useful for intelligence-gathering. These include key business and personal data (which must be stored in China), proprietary codes, and other intellectual property. And like the Intelligence Law, the Cybersecurity Law broadly requires network operators to cooperate with public security and state security officials.

Under the Intelligence Law, corporations could file complaints if intelligence agencies exceed their legal authority, although they may be limited to complaining to the agencies themselves. But the law says nothing about procedures for staying an improper demand for intelligence assistance or for filing lawsuits (in contrast, many recent suits have been filed in U.S. federal courts by corporations and foundations challenging intelligence information requests, National Security Letters, and their confidentiality clauses). Foreign firms may also wonder how aggressively their Chinese lawyers might be permitted to push back against the Intelligence Law, given Beijing’s 2016 release of regulations on lawyers and law firms which punish statements or actions deemed to threaten national security. Speaking to a teleconference shortly before the Intelligence Law’s passage, one senior corporate cybersecurity specialist expressed concern that state security officials could simply show up at a firm’s offices in Beijing, show their badges, and demand technical cooperation.

In the May draft, the law’s authors tried to place more explicit demands on corporations and institutions, but they ultimately accepted revisions striking “enterprises” and social “groups” from those required to assist intelligence authorities, and shortened the list to “organizations,” party and state “organs,” and “individuals” or “citizens.” Still, it remains unclear how much practical relief foreign businesses and organizations will gain from this revision. Intelligence officials might still pressure corporate staff to cooperate by approaching them under the rubrics of “individuals” or “citizens.”

Like China’s other recent security legislation, the Intelligence Law seems calculated to drive wedges of mistrust between U.S. or foreign citizens or firms, and their Chinese partners. U.S. citizens must concern themselves with the escalating and unspoken legal pressures under which their Chinese partners must function. The law also perpetuates the Xi Jinping leadership’s narrative that all foreign contacts should be regarded as suspicious; that Chinese citizens engaged in such contacts do so at the risk of surveillance and harassment by their own government; and that the Chinese Communist Party-state is now strong enough to call for intelligence cooperation even from foreigners doing business in China.

U.S. and other foreign officials, corporations, and institutions will face tough prospects in pressing their concerns about the hostile impact of recent security legislation on Beijing’s climate for business and institutional cooperation. The next chance to reshape the law’s real impact may come as officials begin drafting the law’s implementing regulations, judicial explanations, or Party directives to clarify its key clauses and concepts. This legislative step is critical for China’s often vaguely-worded and hortatory laws. But legislative officials may keep these regulations secret or for “internal circulation.” The scant three-and-a-half-week public discussion accorded to the Intelligence Law, and its swift revision and passage, suggest these officials are anxious to limit outside influence on its content.

Still, the U.S. and its partners will have additional avenues for pursuing their interests. In terms of bilateral approaches, these issues may fit in one of two dialogues within the new U.S.-China comprehensive dialogue mechanism: the Comprehensive Economic Dialogue, or the Law Enforcement and Cyber Strategic Dialogue. Alternatively, given the law’s broad impact on foreign citizens, firms, and organizations, mobilizing multilateral pressure with U.S. allies and partners might prove a more effective approach. Whatever mix of strategies is adopted, the unique pressures that the Intelligence Law places on foreigners to cooperate with intelligence work provides a strong case for challenging China’s rote claim that foreign criticisms of its legislation constitute unreasonable interference in China’s “domestic affairs.”

Dr. Murray Scot Tanner is a Principal Policy Analyst for Alion Science and Technology, and lives in Rockville, Maryland. He has published widely on Chinese and East Asian politics, especially Chinese law enforcement, internal security, and human rights. Among his books and articles are China’s Response to Terrorism (CNA, 2016), China’s Emerging National Security Interests and their Impact on the People’s Liberation Army (Marine Corps University Press, 2015), and The Politics of Law-Making in China: Institutions, Processes, and Democratic Prospects (Oxford, 1998). Scot has previously served as a senior researcher and project manager with the CNA Corporation and the RAND Corporation, Professor of Political Science at Western Michigan University, Co-Chairman’s Senior Staff Member for the Congressional-Executive Commission on China, and as an analyst for the U.S. Government. He received his Ph.D. in Political Science from the University of Michigan. The views in this article are entirely his own, and do not necessarily represent the views of Alion Science and Technology, its corporate officers, or its sponsors.

Subscribe to Lawfare