Cybersecurity & Tech

As Blinken Visits Europe, China Retaliates Against U.S., EU Xinjiang Sanctions

Abby Lemert, Eleanor Runde
Friday, March 26, 2021, 8:01 AM

Lawfare’s biweekly roundup of U.S.-China technology policy and national security news.

Secretary of State Antony Blinken met with China's top diplomat Yan Jiechi in Anchorage, Alaska on March 18, 2021. (State Department photo by Ron Przysucha)

Published by The Lawfare Institute
in Cooperation With

As Blinken Visits Europe, China Retaliates Against U.S., EU Xinjiang Sanctions

On March 22, the United States, along with the European Union, the United Kingdom and Canada imposed coordinated sanctions on Chinese officials accused of human rights abuses in Xinjiang. The sanctions freeze all of the targeted officials’ assets under the control of the sanctioning nations and ban the Chinese officials from traveling in or through those countries. China responded with its own sanctions against European officials and academics. U.S. Secretary of State Antony Blinken is currently in Brussels, meeting with high-level European officials; on March 23, he reportedly told NATO personnel that “we’re in it together” when it comes to China and Russia.

The EU sanctions represent a significant hardening of European attitudes toward Beijing, as these actions are the bloc’s first major sanctions against China in 32 years. The European Union had not imposed substantial sanctions on China since the Tiananmen Square massacres in 1989.

The EU sanctions included four senior Xinjiang officials, along with the Xinjiang Public Security Bureau, described as a “state-owned economic and paramilitary organization” that controls Xinjiang. Britain and Canada announced their own sanctions shortly after the European Union. British diplomats described the coordinated sanctions as “intensive diplomacy” meant to force action after the United States officially labeled China’s actions against Uighurs in Xinjiang as genocide on Jan. 19.

This is the second round of sanctions levied by the United States on Chinese officials responsible for the central government’s repressive actions in Xinjiang; the last were imposed in July 2020. In a statement on March 22, Secretary Blinken said the coordinated sanctions demonstrate the United States’s commitment to “working multilaterally to … shin[e] a light on those in the [People’s Republic of China] government and [Chinese Communist Party] responsible for these atrocities.”

The sanctions on Chinese officials were issued pursuant to recently implemented EU, U.K. and Canadian versions of the United States’s Global Magnitsky Act, which allow governments to declare sanctions on foreign individuals accused of gross violations of human rights or corruption.

In retaliation, China sanctioned 10 European officials and four institutions for damaging China’s interests and “maliciously spread[ing] lies and disinformation.” The sanctioned individuals include five members of the European Parliament, as well as Adrian Zenz, a leading researcher on the human rights situation in Xinjiang, and MERICS, the leading European think tank on China. Raphaël Glucksmann, one of the sanctioned Parliament members, called the sanctions a “badge of honor” in a tweet.

Cyberattacks Among U.S. Complaints at Anchorage Summit

On March 18 in Anchorage, Alaska, Secretary Blinken and National Security Adviser Jake Sullivan met their Chinese counterparts, Director of the Office of the Central Commission for Foreign Affairs Yang Jiechi and State Councilor Wang Yi, for the first high-level dialogue between the U.S. and China under the Biden administration. The diplomats’ first meeting began with an extraordinary public statement of grievances, a sight once unusual in diplomatic fora but more frequent since the beginning of the Trump administration. Among the complaints made by the Americans were “cyber attacks on the United States.”

In the past year alone, hackers linked to the Chinese government have been publicly accused of an email hacking campaign against some 30,000 U.S. companies, ransomware attacks against gaming and gambling entities, espionage against the U.S. defense industry, illegal scans of U.S. government networks, and attempts to steal coronavirus vaccine research.

Chinese-linked cyber espionage in the United States—of which there have been 152 publicly reported instances since the year 2000—was three times as common from 2010 to 2020 as it was in the preceding decade. (Unreported numbers are likely much larger than reported numbers.) Of the total publicly reported cases, according to a Center for Strategic and International Studies report, 45 percent of the malicious actors were Chinese military or government employees, and nearly half were motivated by acquisition of commercial technology.

In a July 2020 speech at the Hudson Institute, FBI Director Christopher Wray called Chinese espionage “one of the largest transfers of wealth in human history.” He went on to say: “[T]he potential economic harm to American businesses and the economy as a whole almost defies calculation …. [E]very figure I’ve seen is breathtaking.”

Some of the most prolific China-linked cyber threat actors targeting the United States are Advanced Persistent Threat (APT) 41, known for the software supply chain attacks that led to Department of Justice indictments in September 2020; APT 40, which focuses its activities on nations engaged in challenging China in the South China Sea; TA 410, which targets utility companies; and APT 10, a state-sponsored group that focuses on hacking telecommunications infrastructure. (China denounces American accusations of state-sponsored hacking as untrue and unfair; Chinese officials counter that tens of thousands of attacks have been made by American actors against Chinese networks.)

China is not the only strategic competitor to have allowed cyberattacks from its territory to penetrate U.S. systems; Russian actors were accused last fall of perpetrating a massive attack against U.S. government and private servers known as the SolarWinds hack.

The Biden administration is now crafting a two-pronged response to these Russian and Chinese threats: bolstering U.S. defenses in private and public realms against the attacks, and raising the level of deterrence. Cyber has been designated a “top priority” in Biden’s national security regime and featured prominently in the administration’s Interim National Security Strategic Guidance. The administration is taking new steps to facilitate communication between private and public experts in the cybersecurity sector, secure agency cloud systems, and create a new cybersecurity rating system for private companies. Biden’s nominee for undersecretary of defense for policy, Colin Kahl, stated in his confirmation hearing that cybersecurity, in the face of new competition in quantum computing, would require a whole-of-government approach. Congress has also mandated the creation of a new position: national cyber director.

One commentator has urged that the cyber operators in the Biden administration use their capabilities, together with those of the private sector, to hit back against foreign actors. Others support the creation of stronger international norms to promote cyber deterrence.

On March 17, President Biden alluded in a televised interview to potential retaliation against Russia for the SolarWinds breach. According to recent reports, a retaliatory cyberattack against Russia is expected in the coming days. At least one commentator worries that cyber espionage and cyber sabotage could be conflated; if they are, retaliation could result in dangerous escalation.

The Commerce Department and the FCC Take Action Against Chinese Telecoms

On March 17, the U.S. Department of Commerce issued subpoenas to multiple Chinese information and communications technology companies to collect information on transactions involving those companies and U.S. persons or entities. The Biden administration stated that it would continue to investigate and take action against Chinese technology companies to protect the “security of American companies, American workers, and U.S. national security.” The U.S. government did not name the Chinese companies it had subpoenaed.

The subpoenas follow a number of high-profile administrative actions against private Chinese entities operating in the United States: Chinese companies Huawei and ZTE Corp. faced restrictions under the Trump administration; Chinese social media platforms WeChat and TikTok were temporarily banned in September 2020; and the Chinese chipmaker Semiconductor Manufacturing International Corporation (SMIC) was sanctioned in December, preventing U.S. suppliers from transacting with the company.

The subpoenas were issued pursuant to a Trump-era executive order issued in May 2019 about securing U.S. technology supply chains. Commerce Secretary Gina Raimondo said the information gathered by the subpoenas would allow the U.S. to “make a determination for possible action” on the national security risk of transactions with the Chinese companies. She reiterated the Biden administration’s whole-of-government approach to ensure “untrusted companies cannot misappropriate and misuse data” and that “U.S. technology does not support China’s … malign activities.”

The Federal Communications Commission (FCC) announced on March 17 that it would revoke the authorization of two Chinese telecoms—China Unicom Americas and Pacific Networks—to provide international telecommunications services in the United States. China Unicom Americas had held its license for 20 years. The FCC initiated a similar proceeding in December 2020 against China Telecom, the largest Chinese telecommunications company. FCC regulators noted that there was “strong reason to believe” the Chinese companies would have to “comply with requests from the Chinese government and advance its goals and practices.”

While announcing the revocations, FCC Commissioner Geoffrey Starks highlighted data centers within the United States operated by Chinese telecoms as a “potential national security threat,” causing some commentators to speculate that Chinese-owned data centers may be the next target of adverse FCC and Commerce Department action.

In response, China’s foreign ministry spokesman urged the United States to “stop overstretching the concept of national security to politicize economic issues.”

Other News

Xi Reaffirms Crackdown on China’s Big Tech Companies

On March 16, in his first public statement on the issue since December, Chinese President Xi Jinping called on regulators to continue enforcing the crackdown on private tech in China that began last fall. “Loopholes” in the regulations had to be closed, said the president.

Twelve leading Chinese tech firms were given small fines on March 12 for alleged “monopolistic behavior.” Alibaba faces a $1 billion fine for its anti-competitive practices and a potential mandate to divest some of its media assets. Alibaba’s internet browser was also removed from Chinese app stores for failing to curtail misleading medical advice given on its platforms. There is at least one report that Tencent may be next in the crosshairs.

Both Tencent and Alibaba have been summoned by the Chinese government to explain the security of voice-based social media and software. Regulators are concerned that the software can be used to create deepfakes—manipulated video and audio content so realistic that it can con media consumers into believing its validity—on social media.

Chinese companies are not alone. Chinese regulators recently rebuked LinkedIn for its lack of censorship enforcement; political content on the platform had apparently gone too far.

China Opens Borders to Those Who Have Chinese Vaccines

Chinese embassies worldwide announced an easier path through the visa application process would soon be available to those who had received their coronavirus vaccine, but only if that vaccine was China-made. Chinese officials deny that these rules have anything to do with global reluctance to approve China’s five home-grown vaccines.

At least 23 Chinese embassies issued guidance in the week following March 15 that visa applications from individuals who had received a Chinese vaccine would be prioritized above other vaccinated individuals. This included embassies in the United States and United Kingdom, where no Chinese vaccines have been approved by regulators. Individuals from those countries seeking a visa to China could have to wait longer than individuals from countries like Brazil or Indonesia, which have accepted Chinese vaccines.

Neither the United States nor the United Kingdom has approved any of the Chinese vaccines. The U.S. regulatory process, conducted by the Food and Drug Administration, is considered the global gold standard. The Oxford-AstraZeneca vaccine is likely to become the fourth vaccine to gain U.S. approval, although it has faced controversy over its trial data in recent days.


A collective of more than 100 Asian Americans and Pacific Islanders in national security released a statement against hate and discriminatory practices directed toward those groups in the United States.

Former Australian Prime Minister Kevin Rudd writes for Axios on China’s hopes and expectations for the Biden administration’s foreign policy.

Evan Medeiros proposes in Foreign Affairs a “durable” China strategy, predicated on risk management rather than risk mitigation, involving a combination of balancing China’s power, hindering its progress in key sectors, enmeshing it further into international institutions and engaging in dialogue.

Seven experts weigh in for ChinaFile on Hong Kong’s economic future.

In The Diplomat, Deborah Lehr suggests that even climate change cooperation between the United States and China will be an uphill battle.

Yangyang Cheng, particle physicist and fellow at Yale Law School’s Paul Tsai China Center, writes for Vice on the costs of the Justice Department’s China Initiative to the global scientific community.

Shannon Tiezzi asks if grandstanding diplomacy is the new normal in The Diplomat.

For Protocol, Zeyi Yang describes a recent souring of public opinion toward facial recognition technology in China after official state-run media outlets investigate harms to consumer privacy.

Freya Ge and David Ownby translate an article by Lai Youxuan on delivery drivers and China’s 996 work culture, which went viral on WeChat.

University of Hong Kong Professor Angela Zhang discusses her forthcoming book “Chinese Antitrust Exceptionalism” with the China Tech Investor podcast.

Abby Lemert is a J.D. Candidate at Yale Law School, Class of 2023. She researches digital authoritarianism, surveillance technology, and international human rights and has worked for the U.S. State Department, the NSA’s Civil Liberties & Privacy Office, and Privacy International. She holds an M.Sc. in Informatics from the University of Edinburgh and an M.A. in Public Diplomacy & Global Communication from UCL, where she studied as a Marshall Scholar. She received her B.S.E. in Engineering and International Relations from Purdue University.
Eleanor Runde is a first-year student at Yale Law School and a member of the National Committee on U.S.-China Relations. Before law school, she worked on foreign policy and political history research for Kissinger Associates, Inc. She holds a bachelor's degree in Ethics, Politics & Economics from Yale College, where she focused on Chinese language studies and American political rhetoric.

Subscribe to Lawfare