Recent high-profile data breaches, such as those involving the Office of Personnel Management, airline passenger lists, and hotel guest information, have demonstrated how vulnerable public and private networks are to espionage and theft. What’s less obvious is how a foreign opponent or competitor may target material that isn’t immediately important in terms of national security or espionage. Data on public Sentiments, such as that used by advertisers to analyze consumer preferences, has now become as strategically useful as data on traditional military targets. The ability to identify and preserve crucial data will become an increasingly complex and important national security endeavor as the definition of what is strategically valuable blurs.

This is especially true in the case of nation-state entities such as China, which seeks access to critical data in order to construct a toolbox to counter its opponents. The threat posed by China’s “data trap” was described by MI6 chief Richard Moore last month: “Allowing another country access to truly vital data about your society will erode your sovereignty over time, and you will no longer have control over that data,” Moore claimed. And most countries are only now seeing the danger.

To preserve democracy now, we need a greater understanding of how foreign adversaries, particularly China, acquire and use certain statistics. And, if we’re going to adequately safeguard strategic data in the future (and identify and prioritize which datasets should be protected), we’ll have to think outside the box about how adversaries can utilize it.

Big data collection is already being used by the Chinese party-state apparatus to support its efforts to define, manage, and control its worldwide operational environment. It recognizes that data that appears inconsequential on its own can be extremely strategic when combined. Advertisers may utilize public opinion data to offer us products we didn’t realize we needed. On the other side, an antagonistic actor may utilize this information to inform propaganda activities aimed at undermining democratic dialogue on digital platforms.

The United States and other countries have rightly focused on the threat of malicious cyber intrusions — such as the aforementioned OPM, Marriott, and United Airlines incidents attributed to China-based actors — but data access does not have to come from a malicious intrusion or a change in the digital supply chain. It only takes an enemy like the Chinese government to take advantage of typical and legal commercial partnerships that lead to data exchange down the line. These channels are already taking shape, as seen by mechanisms such as China’s newly implemented Data Security Law and other state security policies. 

However, this did not imply that Chinese businesses were failing to innovate. The R&D incentive structure in China encourages researchers to develop applications with specified policy goals, allowing corporations to own the market and modify their products later. Chinese leaders are well aware that their ambitions to gain global market dominance and establish global tech standards would also make it easier to obtain more data from other countries and integrate it across diverse platforms.

China is developing methods for combining seemingly unimpressive data to produce outcomes that, when viewed collectively, can be highly informative. After all, in the right hands, any data can be used to yield value. Furthermore, the Chinese government collects data that does not appear to be valuable in the future, assuming increased technical capabilities. The same technology that helps people solve problems and provide standard services can also help the Chinese party-state maintain political control at home and abroad.

Responding to this rising dilemma will necessitate a new perspective on the “tech race” with China. The issue isn’t just about building competitive capabilities; it’s also about being able to envision future use cases in order to determine whether datasets are even worth safeguarding. States and organizations must devise methods for determining the worth of their data, as well as the value that data may have for parties who may get access to it in the future.

We’ve already misjudged this threat by expecting that as the world became more technologically linked, authoritarian countries like China would decline. Democracies will not self-correct in response to the difficulties caused by authoritarian technological applications. We need to re-evaluate risk in light of the present threat scenario. We risk falling into China’s “data trap” if we don’t.

Prof. Muzammil Ahmed
Assistant Professor,
DSCE-MBA