The House Intelligence Committee released on Monday its long-awaited report on Chinese telecom equipment manufacturers Huawei and ZTE, which concludes that the two companies failed to provide adequate information to ameliorate concerns that they are subject to manipulation by the Chinese government and military. The report recommends the U.S. government and contractors avoid Chinese telecom equipment and block any attempts by the companies to merge with U.S. companies. The report focuses mostly on Huawei, which brought in $32 billion in revenue last year, and notes the company has been accused of stealing trade secrets from other firms. Huawei also refused to turn over the majority of documents and explanations requested, while ZTE argued that answering the committee's questions would make the company liable under China's state secret laws. That reaction only served to further the lawmakers' believe that ZTE poses a threat to the U.S. communications grid.
Huawei in particular has cast itself as an independent company that is poised to make major inroads into the U.S. market, but the report will likely give lawmakers further ammunition to block the company's planned moves, which reportedly includes a potential U.S. IPO. The company predictably labeled the report a "political exercise," but this is one case where lawmakers have more action in mind that simply grandstanding. The report recommends Congress consider legislation that would expand the power of the Committee on Foreign Investments in the U.S. to allow that body to review purchases of goods from foreign vendors. Whether such legislation would have enough support to become law remains uncertain, but one fact is clear: Huawei and ZTE will face continue to face serious political opposition in their attempts to penetrate the U.S. market. That news should provide a short-term boost to U.S. telecom equipment manufacturers like Cisco, but also raises some questions about how hardware manufacturers will have to adapt to a global market still divided by politics.
Cybersecurity Exec Order in the Works: The White House and congressional staff continued talks on Friday about a potential cybersecurity executive order that would implement many of the provisions included in the cybersecurity bill (S 3414) that failed to pass the Senate this summer. A spokesman for the National Security Council said the administration is developing the order and gathering stakeholder input, but still believes that legislation is necessary to adequately address the growing cyberthreat. It is not clear how much authority the administration would have to enforce the cybersecurity best practices that would be imposed on critical infrastructure providers, though Democrats have been careful to frame them as voluntary. With Congress looking unlikely to address cybersecurity in the lame-duck session, we expect the administration to eventually issue the order, unless the balance of power in Congress shifts decidedly back to the Democrats during the upcoming election.Unsurprisingly, Republicans and industry are speaking out against the prospect of a cybersecurity executive order, calling it an end-run around Congress. A top U.S. Chamber of Commerce official said Thursday that he was skeptical about the contents of the order, while House Intelligence Chairman Mike Rogers said he hasn't been consulted on the issue. The GOP and the Chamber worked closely to derail the Senate cybersecurity bill, which industry claims would impose an undue burden on private companies. Their opposition further underlines the shaky ground upon which the administration is treading regarding the politics of cybersecurity.
Because White House officials have access to a much more complete picture of the threat against U.S. networks, it is difficult to disprove their assertion that legislation is vital to protecting the nation's interests. But supporters have repeatedly failed to effectively make the case for their legislation, often relying on fear and doomsday proclamations to scare opponents into compliance. So the rules remain a political risk, one unlikely to pay off unless the country experiences a major cyberattack in the near future. We've been predicting that more information about successful attacks on U.S. networks will come to light as the administration pushes for the new rules. Such an event would provide the perfect opportunity to introduce the executive order, and this administration has already shown a talent for using a crisis to advance its policy agenda.
Do Not Track Faces Pushback: Web browser makers have spent the last year developing add-ons that allow users to avoid being tracked online, in response to pressure from the Federal Trade Commission. But one free-market think tank is pushing back by denying users' requests and telling them to leave the site or continue being tracked for 180 days. The idea is to show users how easy it would be for them to be tracked. Do Not Track is a central element in the upcoming debate over consumer privacy legislation,which will likely take place during the next Congress. The FTC has warned companies that Do Not Track may become mandatory if they fail to take sufficient action, but such a change would likely require legislation. Members Face Cybersquatting: Cybersquatting, or buying a website domain name in order to harm someone's brand, has long been a problem for Web users. Now, a trade group that wants Congressional action on the issue is upping the ante by showing how politicians themselves can be the targets of such efforts. The Coalition Against Domain Name Abuse found on average that lawmakers owned only two of six Web addresses featuring their full names. Their hope is that lawmakers may be spurred to action by the fear of their own names being misused by opponents. $10,000 Prize: Treasury Department Chooses Mobile App Contest Winner.