Good morning, and thank you for the invitation to return to this forum. This conference is one of the few devoted to national security reviews of foreign investment. It’s a unique opportunity for us in the government to talk to the private sector about the threats we see and the approaches we are taking to address them, and to hear your concerns and questions in response. The dialogue that results helps us do a better job. So thank you for being here today.
As you know, the foreign investment and telecommunications landscape is rapidly changing, because of technological advancements, legal reforms, and changes in policy. There’s a lot to discuss in the next two days, especially because of changes in the statutory authority underpinning CFIUS. But before I turn to foreign investment and telecom security work, specifically, I want to take a step back and describe the larger context for that work at the Justice Department. I want to give you a sense of how we view certain threats related to China, which, I hope, will give you a better sense of our perspective on foreign investment reviews that concern our areas of expertise and equities. Then I will turn to the Foreign Investment Risk Review Modernization Act (FIRRMA) and how I expect it to improve how the Department conducts its reviews, better tailoring our efforts to meet modern threats and allocating resources to the most complex cases.
I. The China Initiative
As you may be aware, in November 2018, then-Attorney General Sessions announced a “China Initiative” at the Justice Department. Attorney General Barr has indicated he supports it, and the Initiative continues under his leadership of the Department.
Why has the Justice Department started a China Initiative? Because we see increasing threats to national security from Chinese state actors, across a range of vectors. Broadly speaking, the China Initiative aims to raise awareness of those threats, to focus the Department’s resources in confronting them, and to improve our response, particularly to newer challenges.
The Department’s prosecutors and other lawyers have choices to make in deploying limited resources, opening and prosecuting cases, in our foreign investment reviews, and so forth. When the Attorney General announces that certain types of cases, and certain threats, are priorities, it matters to our decisions. And I hope it matters to the private sector, as well.
A. The Threats
So what do I mean by “threats” from China? Let me begin with China’s industrial policy. As reports by the U.S. Trade Representative (USTR) and others have laid out, the Chinese government regards technology development as integral to its economic development and has set out an ambitious agenda to become a global leader in a wide range of technologies. More than 100 five-year plans, science and technology development plans, and sectoral plans have issued over the last decade, all in pursuit of that objective.
To take one example, in 2015, China’s State Council released the “Made in China 2025 Notice,” a ten-year plan for targeting ten strategic manufacturing industries for promotion and development: (1) next generation information technology; (2) robotics and automated machine tools; (3) aircraft and aircraft components (aerospace); (4) maritime vessels and marine engineering equipment; (5) advanced rail equipment; (6) clean energy vehicles; (7) electrical generation and transmission equipment; (8) agricultural machinery and equipment; (9) new materials; and (10) biotechnology. The program leverages the Chinese government’s power and central role in economic planning to alter competitive dynamics in global markets and acquire technologies in these industries. To achieve the program’s benchmarks, China aims to localize research and development, control segments of global supply chains, prioritize domestic production of technology, and capture global market share across these industries.
In so doing, China has committed to pursuing an “innovation-driven” development strategy. But if that’s all the policy amounted to, we would have nothing to complain about. No one faults a nation for aspiring to self-sufficiency in strategically important industries.
The problem is not that China is working to master critical technologies, or even that it is competing with the United States, but rather the means by which it is doing so.
“Made in China 2025” is as much a roadmap to theft as it is guidance to innovate. Since the plan was announced in 2015, the Justice Department has charged Chinese individuals and entities with trade secret theft implicating at least eight of the ten sectors. Over a longer time period, since 2011, more than 90 percent of the Department’s economic espionage prosecutions (i.e., cases alleging trade secret theft by or to benefit a foreign state) involve China, and more than two-thirds of all federal trade secret theft cases during that period have had at least a geographical nexus to China.
Some of those cases demonstrate that China is using its intelligence services and their tradecraft to target our private sector’s intellectual property. In the space of two months last year, the Department announced three cases alleging crimes by the same arm of the Chinese intelligence services, the Jiangsu Ministry of State Security, also known as the “JSSD.”
- In October, the Department announced the unprecedented extradition of a Chinese intelligence officer accused of seeking technical information about jet aircraft engines from leading aviation companies in the United States and elsewhere. According to the indictment, while concealing his true employment, he recruited the companies’ aviation experts to travel to China under the guise of participating in university lectures and a nongovernmental “exchange” of ideas with academics. In fact, the experts’ audience worked for the Chinese government.
- In another case unsealed that month, two JSSD officers were charged with managing a team of hackers to conduct computer intrusions against at least a dozen companies, a number of whom had information related to a turbofan engine used in commercial jetliners. A Chinese state-owned aerospace company was working to develop a comparable engine for use in commercial aircraft at or about the same time, and it could have saved substantial research and development expenses by exploiting that stolen data. The defendants are charged with co-opting at least two Chinese nationals employed by one of the victims, who infected the company’s network with malware and warned the JSSD when law enforcement appeared to be investigating.
- Finally, in September, the Department charged a U.S. Army reservist, who is also a Chinese national, with acting as a source for a JSSD intelligence officer. According to the complaint in that case, the Chinese intelligence officer prompted his source (the defendant) to obtain background information on eight individuals, including other Chinese nationals who were working as engineers and scientists in the United States (some for defense contractors) for the purpose of recruiting them.
A fourth case, unsealed in December, charged two individuals with working in association with a different bureau of the Ministry of State Security to conduct a global campaign of computer intrusions targeting, among other data, intellectual property and confidential business and technological information at managed service providers (MSPs) (companies that remotely manage the information technology infrastructure of businesses and governments around the world), more than 45 technology companies in at least a dozen U.S. states, and U.S. government agencies.
The group they worked for, commonly known as APT 10, targeted a diverse array of industries and technologies, including aviation, satellite and maritime technology, industrial factory automation, automotive supplies, laboratory instruments, banking and finance, telecommunications and consumer electronics, computer processor technology, information technology services, packaging, consulting, medical equipment, healthcare, biotechnology, pharmaceutical manufacturing, mining, and oil and gas exploration and production.
These techniques—covertly recruiting assets, hacking into networks—are not themselves shocking in the context of traditional espionage, the targeting of one government’s secrets by another. But this is not traditional: the concerted efforts and resources of a determined nation-state target our private sector.
Moreover, these actions are contrary to both the spirit and, in some cases, the letter, of China’s 2015 commitment to the international community not to steal trade secrets and other confidential business information through computer hacking “with the intent of providing competitive advantages to [its] companies or commercial sectors.”
To be sure, there are trade secret cases where we cannot prove beyond a reasonable doubt that the Chinese government itself directed the theft. One example was the conviction of a Chinese company—the Sinovel Wind Group Company—for stealing wind turbine technology from a U.S. company resulting in the victim losing more than $1 billion in shareholder equity and almost 700 jobs, more than half of its global workforce. Another was the conviction of a Chinese scientist for theft of genetically modified rice seeds with biopharmaceutical applications, providing a direct economic benefit to the Chinese crop institute that was the intended recipient of the seeds. But although we could not prove in court that these thefts were directed by the Chinese government, they are in perfect consonance with the Chinese government’s economic policy. And the absence of meaningful protections for intellectual property in China, the paucity of cooperation with any requests for assistance in investigating these cases, the plethora of state sponsored enterprises, and the authoritarian control exercised by the Communist Party—all of which create an environment where such thefts are tolerated, if not rewarded—amply justify the conclusion that the Chinese government is in some sense responsible for those thefts, too.
B. The Rule of Law
This brings me to another aspect of the threat we face from China: its failure to honor its commitments or to respect the rule of law and legal process more generally.
When a Chinese firm or individual violates American law, requests by us for documents and interviews go unanswered for years, and commitments to cooperate go unfulfilled. In 2015, China and the United States agreed to cooperate with requests to investigate computer crime, collect electronic evidence, and mitigate malicious cyber activity emanating from their respective territories. Yet in 2017, when the Department invoked that commitment to request assistance in connection with an investigation of a purported Internet security firm for trade secret theft, we received no meaningful response.
Since 2001, the United States and China have had a Mutual Legal Assistance Agreement. The Agreement creates an obligation, after one country makes a request to the other, to provide evidence gathering and other assistance “in investigations, in prosecutions, and in proceedings related to criminal matters.” Over the past 10 years, however, China has rarely produced bank or similar transactional records pursuant to multiple MLA requests. And in the minority of cases where it produced records, they were incomplete, untimely, or inadmissible. And when we exercise our authorities as federal prosecutors to compel businesses located here to produce records, the Chinese government threatens them not to comply, on pain of sanctions under their laws.
We do not have an extradition treaty with China, but China by and large will not prosecute its nationals who violate our laws. Even requests to serve the charges on the defendants, so that they may answer them in our courts under due process of law, are rebuffed. For years, we struggled to hold the Pangang Group accountable on charges that it conspired with a former employee of DuPont and others to steal the trade secrets that enable the company to make Titanium Dioxide, a compound used to color everything from house paint to food “white.” The Chinese government refused repeated requests to serve the charges on the Pangang entities. Because of that recalcitrance, the Department persuaded the Supreme Court to change the applicable rule of criminal procedure to permit additional means of giving notice of charges, and federal courts have now held that Pangang Group was served. It is scheduled to stand trial early next year.
Even where we or our law enforcement partners obtain custody of Chinese nationals, China appears to detain foreign citizens as a means of retaliating or inflicting political pressure. In 2014, Canadian authorities arrested a Chinese national named Su Bin at the request of the United States. We sought his extradition for hacking-related offenses and the theft of sensitive military and export-controlled data that was sent to China.
In an apparent act of reprisal, Chinese authorities apprehended a Canadian couple who had lived in China for 30 years without incident. They were accused of spying and threatened with execution. The wife was detained for six months before being released on conditions. The husband did not meet with a lawyer for almost a year. He was held for more than two years.
On the other hand, when China seeks to track down its nationals accused of political or corruption crimes, they have refused to work with U.S. authorities to bring them to justice. Instead, it has been known to send agents known as “Fox Hunt” teams to the United States and elsewhere to “persuade” their fugitives to return to China. The squads enter foreign countries under false pretenses, track down their fugitives and deploy intimidation tactics to force them to return to China.
C. Our Strategy
To respond to these threats, the China Initiative establishes a number of goals and priorities.
Investigating and prosecuting economic espionage and other federal crimes will remain at the heart of our work. We will ensure that these investigations and prosecutions are adequately resourced and prioritized. And we will continue to work with a growing list of likeminded nations to do so. But as important as they are, we must broaden our approach. Here are three other prongs to our strategy.
First, criminal prosecution alone is not enough to remediate the harm caused by theft or to deter future thieves. That’s why we are looking for ways to use our tools to support those of our federal partners, including economic tools available to the Departments of the Treasury and Commerce and the U.S. Trade Representative, diplomacy by the State Department, and engagement by the military and intelligence community.
A recent case is a great example of this approach. Until recently, China did not possess the technology needed to manufacture a basic kind of computer memory, known as dynamic random-access memory (“DRAM”). The worldwide market for DRAM is worth nearly $100 billion, and an American company in Idaho, Micron, controls about 20 to 25 percent of that market. In 2016, however, the Chinese Central Government and the State Council publicly identified the development of DRAM as a national economic priority and stood up a company to mass produce it.
How did they set out to meet that goal? According to an indictment unsealed in San Francisco in November, a Taiwan competitor poached three of Micron’s employees, who stole trade secrets about DRAM worth up to $8.75 billion from Micron. The Taiwan company then partnered with a Chinese state-owned company to manufacture the memory. And in a galling twist, when Micron sought redress through the courts, the Chinese company sued Micron for infringing its patents.
Our goal was not just to hold the thieves accountable: we want to ensure that Micron does not have to compete against its own intellectual property. So, in addition to the criminal indictment, we civilly sued both the Chinese and Taiwan competitors, seeking an injunction that would bar the importation of any products based on the stolen technology into the United States. And days before our charges were announced, the Commerce Department placed the Chinese state-owned enterprise on the Entity List, which should prevent it from acquiring the goods and services required to manufacture DRAM based on the stolen trade secrets. Through these actions, we have sought to deprive the foreign companies of unjust enrichment, mitigating harm to Micron and, we believe, deterring similar conduct by others.
Second, the best strategy empowers American businesses and the private sector to defend themselves in the first place. That is why we are equipping our U.S. Attorneys around the country with the information they need to speak about these threats to companies and others in their jurisdictions, raising awareness and developing the relationships of trust and cooperation that lead both to effective prevention and to partnerships with law enforcement in responding to incidents.
That is also why we need to develop enforcement strategies that target non-traditional threats in unique, sometimes sensitive contexts. I am speaking here of non-traditional collectors, including researchers in labs, universities, and the defense industrial base, some of whom may have undisclosed ties to Chinese institutions and conflicted loyalties based on the expectation of reward through Talent Plans and other PRC incentive programs. I am also thinking of covert efforts to influence public opinion and policy, by leveraging student groups on campus that have ties to the Chinese consulate, or American businessmen with interests in China. Outreach and education will be critical to countering conduct that is covert, corrupt, or coercive, but for which criminal tools may not be the best, first choice.
Third, we must better secure our telecommunications networks from supply chain threats and guard against other national security threats through foreign investment. It is this aspect of the China Initiative that I want to spend the balance of my time on.
All too often in this context, the security of a product or service, or the threat from a company that sells it, is debated as if the test is binary: whether there is proof, a “smoking gun,” so to speak, that the company in question is currently breaking the law by, say, conducting illicit surveillance. But whether a company has a culture that promotes theft, dishonesty, or obstruction of justice is just as relevant, because it tells you how the company will behave when it suits its interests.
Our cases show that the Chinese government will use the employees of Chinese companies doing business here to engage in illegal activity. A week ago [April 17], a former airline ticket counter agent pleaded guilty to acting as an agent of the Chinese government, without notification to the Attorney General, by working at the direction and control of military officers assigned to China’s Permanent Mission to the United Nations. During her employment at JFK with a Chinese Air Carrier, she accepted packages from PRC military officers, and placed those packages aboard Air Carrier flights to China as unaccompanied luggage or checked in the packages under the names of other passengers flying on those flights. She encouraged other Air Carrier employees to assist the military officers, telling them that, because the Air Carrier was a Chinese company, their primary loyalty should be to China. But covertly doing the Chinese military’s bidding on U.S. soil is a crime, and the defendant and the Chinese military took advantage of a commercial enterprise to evade legitimate U.S. government oversight. Her actions violated TSA regulations requiring checked baggage be accepted only from ticketed passengers.
While there is a presumption of innocence in the criminal context, we are here today as risk managers, not criminal lawyers. We must gauge the likelihood that a company or individual will want to (or be coerced to)—and can—exploit a vulnerability, and how dire (or not) the consequences of that action are likely to be. And then we must evaluate whether there is a reliable way to lower the overall risk of those eventualities to tolerable levels. It’s more art than science, to be sure, but in making our assessments, we should consider all of the relevant evidence, including the implications of doing business in an authoritarian state.
In my remarks so far, I have made the case that the Chinese government has the stated motive and intent to dominate certain, critical technologies. I have also given you examples that the PRC is using a combination of intelligence services and other hybrid techniques to target our companies to that end or exploit their presence here. And I have described Chinese unwillingness to adhere to its stated commitments or play by reciprocal rules. Added together, these are reasons for concern that may add up to an intolerable risk in the context of particular transactions.
Last July, the Administration recommended that the Federal Communications Commission deny an application by the indirect U.S. subsidiary of China Mobile Communications Corporation (a Chinese state-owned enterprise and the world’s largest telecom carrier) for a license to offer international telecommunications services in the United States, under Section 214 of the Communications Act of 1934. The Justice Department led the national security and law enforcement review of the application, and the Executive Branch’s recommendation highlights the risks to U.S. law enforcement and national security from granting the indirect subsidiary of a Chinese state-owned enterprise the status of a common carrier provider of telecommunications services. Such a status would give China Mobile access to trusted, peering relationships with American carriers.
In evaluating whether the China Mobile application was in the public interest, the Department considered a number of factors, including whether the applicant’s planned operations would provide opportunities to undermine the reliability and stability of our communications infrastructure, including by rendering it vulnerable to exploitation, manipulation, attack, sabotage, or covert monitoring; to enable economic espionage; and to undermine authorized law enforcement and national security missions. As the recommendation puts it, in light of those factors, “because China Mobile is subject to exploitation, influence, and control by the Chinese government, granting China Mobile’s [application] in the current national security environment, would pose substantial and unacceptable national security and law enforcement risks.”
Last week, we were gratified to learn that FCC Chairman Ajit Pai announced that, in his view, “it is clear that China Mobile’s application . . . raises substantial and serious national security and law enforcement risks” and that “approving it would [not] be in the public interest.” He urged his fellow commissioners to reject its application at their May meeting.
Cases like China Mobile have brought home to the Department how important our foreign investment review work is to protecting our equities in law enforcement, counterintelligence, and telecom security. That is why, during the first two years of this Administration, we co-led more CFIUS reviews than in the five years before that, combined. That is why we have renamed the staff that conducts these reviews to be a “Section,” and reorganized its management structure, to match other operational components of NSD. And that is why the President’s proposed budget for the Department would significantly increase the staff and other resources devoted to this work.
In doing so, we are positioning ourselves to be ready to do our part in implementing the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA). We are already working closely with the Department of the Treasury to implement the newly launched pilot program under the statute and to develop regulations to implement the Committee’s expanded authority.
As this room already knows, FIRRMA represents the most significant reform of the CFIUS process in more than a decade. The Department was pleased to support the act, which adapts CFIUS to address current threats. Most significantly, in my view, it expands the Committee’s authority to address emerging national security risks that fall outside foreign control thresholds, such as minority investments that give access to sensitive information or technology, or any deal structured to circumvent CFIUS review.
But FIRRMA is not just about expanding the government’s power. I believe the legislation reflects a commitment to increased transparency, predictability, and efficiency in the CFIUS process, a commitment we share. More specifically:
- The new declaration process mandates that companies contemplating qualifying transactions file short notifications before consummating a transaction, but this “light filing” requires much less information than a voluntary notification, and it allows the Committee to clear low risk transactions much faster (providing certainty to the parties where appropriate) and to identify significant national security issues in other cases before closing.
- FIRRMA extends the initial review period by 15 days, but even that small increase should allow the Committee to clear more transactions in review and to reduce the need to re-file cases.
- By specifying that any judicial review occur before the Court of Appeals for the D.C. Circuit, the legislation shortens the time required for judicial review and ensures that a consistent body of precedent develops in one court with extensive experience reviewing administrative decisions.
- And by giving CFIUS agencies specialized authority to hire additional staff, it ensures that we can manage the additional CFIUS filings that we expect.
In these ways, FIRRMA reflects our longstanding open investment policy, makes the United States an attractive location for foreign investors, and applies neutrally to investment from any country.
By contrast, and as USTR has highlighted in its Section 301 reports, U.S. companies trying to enter the Chinese market must navigate foreign ownership restrictions, joint venture requirements, discriminatory licensing regimes, and vague and discretionary administrative approval processes that allow the Chinese government to pressure them to transfer their technology as a condition of market access.
In seeking to protect against national security risk, we must remember that free enterprise, market incentives, and the exchange of capital, people, and ideas across borders have been critical ingredients to our economic success. The ultimate goal of our foreign investment reviews is to preserve the framework of private choices and freedom that has made our companies and innovations the envy of the world.
Along those lines, we must also work to reform the ad hoc process by which the Executive Branch advises the FCC on license applications, known as Team Telecom. Although I am pleased with the ultimate recommendation in the China Mobile matter, which sets an important precedent, we must explore ways to make this process more efficient and expedient, so that the Executive Branch never again takes nearly seven years to make a recommendation.
Despite the threats and challenges we face, last year was a tremendous one for American innovation. In 2018, U.S. companies obtained 142,000 new U.S. utility grant patents out of the more than 308,000 patents that the U.S. Patent and Trademark Office approved. Six of the top 10 U.S. patent recipients were U.S. corporations. As of 2016, industries that rely heavily on intellectual property supported at least 45 million U.S. jobs and contributed more than $6 trillion dollars to, or 38.2 percent of, U.S. gross domestic product.
Last year’s headlines offers examples of inventions and advances that are truly miraculous:
- In January, a Massachusetts company introduced the first commercial version of its four-legged, dog-like robot at the Consumer Electronics Show in Las Vegas. This robot can already run, jump, dance, and open doors. The commercial version is being tested for use in construction, work place inspection, and physical security, to name just a few potential uses.
- In April, a California company announced its next generation drone, capable of flying at a speed of up to 80 mph for a range of up to 99 miles round trip while carrying up to 3.9 lbs. Among other uses, drones like this can carry shipments of donated blood or other specialized medical supplies across difficult terrain with few paved roads.
- In June, a Massachusetts medical device company conducted a groundbreaking two week study of their Closed-Loop insulin delivery system. The system is essentially a bionic pancreas, one of a handful of FDA-approved technologies that combines both a glucose monitor and insulin pump to almost entirely automate blood sugar control in type 1 diabetics. The study showed that in normal living conditions Type 1 diabetics could better control blood sugar and reduce incidences of hypoglycemia with the closed loop system; no finger pricks required.
- A U.S. automaker released a luxury sedan with its new semiautonomous, hands-free driver assistance technology. This technology relies upon LiDAR (or laser sensors that work like radar) mapping, in-car cameras, radar sensors, and GPS to detect the road ahead, control speed, and maintain lane position while allowing the driver to travel without touching the wheel or pedals. You still need to pay attention to the road, however, and if the driver begins to nod off or get distracted, the vehicle will alert the driver through a series of escalating vibrations and chimes. This automaker has announced plans to install the semiautonomous technology in all new vehicles by 2020, moving us one-step closer to safe, self-driving vehicles on U.S. road.
- Finally, in December 2018, a California company conducted a test flight of a manned, suborbital plane designed for space tourism. The flight, which was the fastest and highest commercial test flight to-date, reached a peak altitude of roughly 51 miles above the Earth’s surface. It was the first time a commercial vehicle designed for tourism entered outer space.
I believe that, if we get it right---if we balance tailored authorities and a focus on national security with respect for free markets---we will continue to see unparalleled innovations like these in the United States, fueled in no small part by foreign investment. And in the coming year, I look forward to working with you to strike that balance.