Tougher “Immigration” Policies On Foreign Tech Crossing U.S. Border

It’s not only people from other countries that are struggling harder to get into the United States these days, it seems. Technology from foreign nations may also be subject to stricter “immigration” rules.

The national origins of tech devices and services wasn’t a front-burner question—at least for the general public—until the issue came up at a Senate Intelligence Committee hearing in May on Russia’s suspected hacking of the 2016 presidential election. Leaders of six U.S. intelligence agencies—including the FBI, CIA, and the National Security Agency—all told the senators they would not be comfortable using cybersecurity software provided by Russia-based Kaspersky Lab.

According to The New York Times, Kaspersky software was already barred at the NSA. There had been speculation for years that Russian intelligence agencies might be using a “back door” in Kaspersky’s popular antivirus software to siphon data from the computers of Kaspersky customers, The Times reported. In September, the U.S. Department of Homeland Security ordered all federal agencies to stop using Kaspersky products. Kaspersky, which has U.S. operations in Massachusetts, has denied wrongdoing, and has sued the Trump administration for allegedly damaging its reputation.

National security concerns also underlie reported moves recently by members of Congress to restrict access to the U.S. market for two communications companies from China, according to a Reuters story this week based on information from congressional aides who were not named.

Dallas-based AT&T has been under pressure from U.S. lawmakers to cancel plans to sell handsets from the Chinese phone manufacturer Huawei Technologies, and to join the opposition to a longstanding application by telecommunications company China Mobile for access to the U.S. market, Reuters reported.

The push for these “tech immigration” restrictions seems to be based in part on suspicions that equipment from China could be used for Chinese government spying activity, and in part on U.S. government concerns over the potential for China to gain control over strategic U.S. industries.

The global nature of tech innovation, manufacturing, and marketing poses a daunting challenge for nations trying to insulate themselves from the potential security threats that could exist within devices, device components, software, and networks—whether those threats are deployed by an enemy nation-state or a hacker motivated merely by greed. The option to “buy American” is probably impossible in most tech sectors. American companies outsource a substantial amount of their manufacturing overseas, as Apple does to make its iPhones.

The approval power for access to U.S. markets, or for partnerships between foreign firms and American tech companies, is spread over an array of different federal agencies, in addition to Congress and the president.

For example, China Mobile’s longstanding license application is pending before the Federal Communications Commission, one of the agencies where the leadership changes as a new president names his or her own appointees.

Proposed deals involving Chinese companies may come before the U.S.-China Economic and Security Review Commission, which was established by Congress in 2000 to monitor “the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China.” The commission also makes recommendations to Congress for new laws and administrative actions.

And then there’s the Committee on Foreign Investment in the U.S. (CFIUS), whose thumbs-down put the kibosh on the proposed purchase of Dallas-based MoneyGram International by Ant Financial, a major Chinese financial services firm that operates mobile payments platform Alipay, Bloomberg reported early this month. Security concerns were raised about the possibility that the merger would expose data from military families to bad actors. The CFIUS panel has become more active in blocking Chinese investments, according to the Bloomberg story.

The foreign investment committee is an inter-agency panel, chaired by the U.S. Department of the Treasury, which scrutinizes “transactions that could result in control of a U.S. business by a foreign person…in order to determine the effect of such transactions on the national security of the United States.” If CFIUS finds any security risks, it can set conditions on the deal or recommend actions by the president.

MoneyGram CEO Alex Holmes, in a statement on Jan. 2 announcing that his firm and Ant Financial had agreed to abandon plans for the sale, said, “The geopolitical environment has changed considerably since we first announced the proposed transaction with Ant Financial nearly a year ago. Despite our best efforts to work cooperatively with the U.S. government, it has now become clear that CFIUS will not approve this merger.”

Trending on Xconomy