China doesn’t only collect enormous amounts of data on its own citizens: it also sucks up data from around the world that might one day be useful for its national security, using both domestic and foreign companies as conduits. Samantha Hoffman of the Australian Strategy Policy Institute, one of the leading experts on the Chinese surveillance state, shed light on this phenomenon last year with a report, “Engineering Global Consent,” that focuses on GTCOM, one of the state-owned firms at the heart of China’s global data-gathering strategy. This interview has been condensed and edited for clarity.
Q: How does the Chinese Communist Party (CCP) collect data?
A: The data used by the Party comes in many forms, including text, images, video, and audio. Inside China, accessing this data is straightforward. To get access to global data, the Party uses state-owned enterprises, both Chinese and foreign tech firms, and partners such as university researchers.
The CCP doesn’t only collect data through invasive surveillance technologies like cameras that employ facial recognition. It also relies on technologies that provide everyday services, like devices associated with smart cities. Long before AI or “big data” became buzzwords, the Party’s intent was to co-opt–not simply coerce–society to participate in its own control.
Q: What is the CCP doing with all of this data?
A: The CCP collects data in bulk and worries about what to do with it later. Even if it’s not all immediately usable, the Party anticipates better technical ability to exploit the data later on.
Large data sets can reveal patterns and trends in human behavior, which help the CCP with intelligence and propaganda as well as surveillance. Some of that data is fed into tools such as the social credit system. Bulk data, like images and voice data, can also be used to train algorithms for facial and voice recognition.
The CCP’s methods are not that different from what we see in the global advertising industry. But instead of trying to sell a product, the CCP is trying to exert authoritarian control. It’s using capitalism as a vehicle to access data that can help it disrupt democratic processes and create a more favorable global environment for its power.
Q: Why is this a threat outside China?
A: Citizens of liberal democracies are rightly concerned with how tech companies abuse their data, but at least in liberal democracies there are growing restraints on how data is used. In China, where the party-state literally says that the purpose of the law is to “strengthen and improve the Party’s leadership,” technology is deployed to extend the political power of the party-state and developed according to that standard. The Party talks about its intent to shape global public opinion in order to protect and expand its own political power. At the same time, Chinese tech companies collect data in support of such efforts. Anyone living in a liberal democracy should be concerned about the ramifications this has for freedoms and privacy.
Q: So should we all delete TikTok from our phones?
A: I will not put it on mine. TikTok is a good example of a seemingly benign app that can give the CCP a lot of useful data. You wouldn’t think of a social-media app that is used by a lot of children around the world as being inherently problematic for political reasons. But the sentiment data from an app like TikTok can be used to understand how people are influenced and how they think. A lawsuit recently filed against the company in California alleges that face data collected from the app was connected to PRC [People’s Republic of China]-based servers, raising significant privacy concerns.
TikTok has said that it stores user data in servers located in the US and Singapore, but this is a way of evading questions about the Party’s potential political control over the company. Additionally, the app has been found censoring or suppressing Black Lives Matter and LGBTQ content, among other subjects. To me this has happened frequently enough around the world to look like a pattern rather than a mistake, and this is a wrong that I cannot overlook.
Q: Can you explain why you are concerned about GTCOM, a little-known Chinese company you’ve studied?
A: GTCOM is a big-data and AI company that is controlled by China’s Central Propaganda Department, which is deeply involved in Party attempts to shift the global narrative around China’s power. One of their products claims to collect 10 terabytes of data a day, or two to three petabytes per year, from web pages, forums, Twitter, Facebook, WeChat, and other sources. In terms of size, that’s the equivalent of 20 billion Facebook photos. The company describes its work as contributing directly to China’s national security, including military intelligence and propaganda.
GTCOM’s research and development arm has developed algorithms that look for military keywords in the information it collects, which could for instance come from CVs or patents. The company has specifically stated that its work assists with state security. In 2017, a senior executive said that GTCOM had established an information security system that relies on image, text, and voice recognition to “prevent security risks” and “provide technical support and assistance for state security.”
Q: What about GTCOM’s work overseas?
A: GTCOM has strong relationships with Chinese tech companies that have a large global presence. For instance, it has a strategic agreement with Alibaba Cloud to embed its translation services in the company’s technology. GTCOM’s service-providing business model allows it to collect any data that GTCOM translation services generate. At face value, it might look like its services are used to improve translation quality, but in reality they are also used to build other products, including products connected to national security work.
GTCOM has established partnerships with linguistics researchers worldwide. These partnerships give GTCOM access to a broad variety of data. What GTCOM is doing is not dissimilar to [American analytics company] Palantir in terms of big-data analytics. The difference is that the intent driving GTCOM’s work is framed by the CCP, whose interests run counter to those of a liberal democracy.
Q: What should we do about all this?
A: Ideal solutions don’t exist yet, partly because research on these issues hasn’t been in-depth or forward-looking. But we can start with greater investment in data literacy and data transparency programs. Liberal democracies must improve due diligence around security in the digital supply chain, invest in research and development, and become more competitive in the smart technologies market. They cannot go at this alone; alliances must be strengthened. Finally, liberal democratic governments must bolster data privacy laws and rethink how to manage propaganda from both foreign and domestic sources in the digital age–but without compromising democratic values along the way. To do that, they must be clear about what their values are and why they differ from those of authoritarian regimes.