Report: US Tech Firms Helped Develop Chinese Surveillance Tools
The Intercept reported yesterday that IBM, Google, and Xilinx helped develop technology used by China's government to spy on 200 million people. According to the report, the U.S. tech companies worked with a Chinese analytics company named Semptian via the OpenPower Foundation, a non-profit established by IBM and Google to "assist data centers in rethinking their approach to technology."
Semptian joined the OpenPower Foundation in September 2015. That was after reports exposed the company's relationship to China's government, to which The Intercept said it has supplied a variety of services used to "secretly collect people’s email records, phone calls, text messages, cell phone locations and web browsing histories" via chips embedded in the country's phone and internet networks.
The Intercept published documents from Semptian, which it obtained by posing as a potential customer, as well as an edited video demonstrating what the company's products can do. (The video was purportedly edited to hide personally identifying info.) Anonymous sources told The Intercept that Semptian's products are used to surveil 200 million of China's roughly 800 million Internet users.
It's not clear to what extent IBM, Google and Xilinx collaborated with Semptian. IBM denied a direct relationship with Semptian; the other companies declined to comment on the report. The OpenPower Foundation reportedly told The Intercept that any "technology available through the Foundation is general purpose, commercially available worldwide and does not require a U.S. export license."
That might clarify the legality of any collaboration between these companies and Semptian, but it doesn't address the moral aspects of allowing the company to join the OpenPower Foundation despite being a known partner of the Chinese government in mass spying. We don't often hold gun-makers accountable when someone is shot, for example, but there are restrictions on the sale of most weapons.
The Intercept's report probably won't do U.S. companies any favors when it comes to working with their Chinese counterparts. Tech companies have already lobbied against increasing tariffs, sales restrictions and other regulations stemming from the ongoing trade war between the U.S. and China. Now some of the most prominent members of the industry have been accused of aiding Chinese surveillance.
We've reached out to IBM, Google, Xilinx and the OpenPower Foundation to request additional information about their relationship with Semptian. We'll update this post if the companies or non-profit respond.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.
-
yep, all in bed together, nice and cozy. they luvs them some communists and spying on citizensReply
-
bit_user This strikes me as rather sensationalist.Reply
As I understand it, the OpenPOWER Foundation is basically a way for users and providers of hardware and firmware around IBM's POWER CPUs to collaborate & share specifications, etc. It's not terribly different than various other industry consortia, such as the PCIe SIG, the RISC V Foundation, consortia around memory & flash standards, etc.
So, the real question is how much responsibility do these groups have for vetting their members? How strictly should their charters be drawn, in order to facilitate this? Should these groups really be concerning themselves with policing their members and enforcing some ethical/political standard, or just focusing on the technical problems they're intended to solve... and let governments worry about which firms should be shut out.
I'm pretty firmly in the camp of just having government do the policing. If the US government wants to use this as a point of leverage against the Chinese, then let them blacklist Semptian. They've shown they're well capable and willing to do such things.
There's a down-side to this sort of action that's also worth consideration. I mean, you won't prevent these sorts of companies from eventually getting the tech they need to build their products - only slow them down. But, if the US government builds a wall around US tech companies, what's at stake is potentially the entire principle of having open and unified standards. So, you could have Chinese computers that use their CPU architecture, their bus standards, their memory technologies, etc.
Now, imagine China sells a lot of its hardware into African, Asian, and South American countries, and all of a sudden, you could find that US and European tech companies are completely frozen out of those markets, because none of their tech is in any way compatible with the dominant computer systems in use by them. Worse yet, which way will the Koreans and Japanese go? Maybe try to play both sides?
So, in my opinion, the US should be very selective and judicious in restricting cooperation between tech companies. It's a weapon that gets weaker with each use, yet the likelihood of blowback only gets worse. -
bit_user
No, I don't think that's what's going on, here.Mandark said:yep, all in bed together, nice and cozy. they luvs them some communists and spying on citizens
The article is really vague about the kind of information being shared, but it's really low-level stuff around motherboard standards, BIOS, etc. for POWER CPUs.
It's not like they're trading data collection and analysis techniques, AI technology, or anything like that. These types of organizations are usually populated by a bunch of electrical engineers focused on the nuts and bolts of computer systems, who have very little to do with what else is going on, in the mega-corps they work for.