The Snowden Effect Technology is at the center of most U.S.-China tensions today. Edward Snowdenʼs leaks helped put it there. By Eli Binder and Katrina Northrop — December 6, 2020
Illustration by Luis Grañena
In March 2012, a 28-year-old federal contractor named Edward Snowden first reported to the National Security Agencyʼs Kunia Regional Security Operations Center on the Hawaiian island of Oahu. Though he would later hatch a complex plan to leak highly classified intelligence documents, Snowdenʼs original contract was for a straightforward task: detect and thwart Chinese hacking of U.S. government operations.
The mission was urgent. Chinese cyber attacks against the U.S. were on the rise, and by the end of that year, attacks from China accounted for more than 40 percent of the worldʼs activity, according to a study by Akami Technologies. In the depths of the Kunia base — a decrepit former Navy Armory that NSA employees nicknamed “The Tunnel” — a team of NSA experts focused on what top defense officials had called “Chinaʼs cyber thievery.”
By then, Snowden was well versed in Chinaʼs hacking operations. In 2010, when he worked at the NSAʼs Pacific Technical Center outside of Tokyo, he gave a training presentation on the China threat for U.S. intelligence employees. Danielle Massarini, the training organizer who had spent her entire career in Chinese counterintelligence, would later call Snowdenʼs session “without question the best cyber briefing on China intel weʼd ever had.”1
But along the way, Snowden grew increasingly disaffected with what he perceived to be the NSAʼs overreach. He began to anonymously communicate with journalists, and just over a year after his initial report date, he left Hawaii and fled to Hong Kong with a massive trove of digital documents that revealed NSA programs surveilling both American and foreign nationals with the help of major U.S. tech companies such as AT&T and Verizon.
By sharing the classified documents with journalists, Snowdenʼs disclosures created an international firestorm and fueled debate in the U.S. about the proper balance between civil liberties and national security. But the leaked documents also had an unintended impact in Beijing, not far from where Snowden was holed up in a Kowloon hotel. Edward Snowden speaking in a 2013 interview in Hong Kong. Snowden revealed details of top-secret surveillance conducted by the United Statesʼ National Security Agency regarding telecom data. Credit: The Guardian via Getty Images
For China, the leaks offered critical revelations. Not only could the U.S. governmentʼs complaints about Chinaʼs cyber thievery be seen as disingenuous — the U.S., after all, was shown to have hacked Huawei, Chinaʼs private telecom company — but America itself was monitoring its own citizens. Whatʼs more, it was using private tech companies as a backdoor to aid in that effort. Suddenly, the risks of relying on U.S. technology for Chinese technology infrastructure were painfully obvious.
“The Snowden files were a really big deal for us,” recalls Lyu Jinghua, a PLA colonel at the time and now a visiting scholar at the Carnegie Endowment for International Peace. “What we read from the Snowden files showed that almost all the big companies in China were actually collaborating with American intelligence agencies. Some not quite actively, but some were collaborating really actively. That made China feel really insecure using all these components from American companies.”
Although China had long sought to reduce its reliance on foreign technology, the Snowden revelations altered the trajectory of those plans, acting as a kind of accelerant that caught the U.S. and American companies off guard. Snowdenʼs actions also emboldened China to view cyberspace in the most cynical terms possible — not only as a new theatre for conflict, but as a space devoid of trust. The aftermath of this turning point is painfully evident today with Chinaʼs efforts to boost domestic giants like Huawei and ZTE, decouple from foreign internet infrastructure and expand its dragnet of digital surveillance of its own citizens.
“The Snowden leaks dramatically changed Chinese policy towards the internet, its own people, the United States, and the world, with respect to the internet and cyber security,” says Max Baucus, the former Montana senator who eight months after the leaks arrived in Beijing as the U.S. Ambassador to China. “It was a watershed development. You could feel it.”
The contents of the leaks from Snowden — who could not be reached for comment for this article — probably werenʼt a complete surprise to Beijing. China had its own sophisticated hacking capabilities, and was likely aware of the NSAʼs web of surveillance. But the scope of American operations was stunning, raising the possibility that China could be more vulnerable to U.S. efforts.2 And so with U.S. hypocrisy on stark display, Beijing had a field day. “These, along with previous allegations, are clearly troubling signs,” said a columnist for Xinhua, the official state-run news agency. “They demonstrate that the United States, which has long been trying to play innocent as a victim of cyber attacks, has turned out to be the biggest villain in our age.” In Snowdenʼs 2019 autobiography, Permanent Record, he recalls leaking classified information in 2013.
Just before, on May 22, 2013 at the National Press Club in Washington, as Snowden was en route to Hong Kong, Dennis C. Blair, a retired Navy admiral and the former Director of National Intelligence under President Obama, and Jon M. Huntsman Jr., the former U.S. Ambassador to China, held a joint press conference to publicize the release of a detailed study of Chinaʼs industrial espionage, its effort to steal IP from American companies, sometimes through sophisticated cyber attacks. Members of the commission that published the report included Craig R. Barrett, the former chairman and chief executive of Intel, and former Deputy Secretary of Defense William Lynn. It was supposed to be a wake up call to American firms, and a warning to China to cease its cyber theft activities.3 Now, no one cared. It was the U.S. that was suddenly cast as a villain.
Back in Beijing, Xi Jinping had been Chinaʼs president for just 12 weeks when Snowden told the world what the U.S. was doing. The beginning of Xiʼs term was already full of aggressive campaigns — like tackling corruption in the Communist Party and building a permanent military presence in the South China Sea — but after Snowden, an urgent focus on cybersecurity joined the list.
“The Snowden revelations created a perfect event that galvanized concerns around U.S. technological dominance,” says Rogier Creemers, a postdoctoral scholar in Modern China Studies at Leiden University. “Thatʼs really where the ball starts rolling on what ends up being an almost complete reconstruction of the Chinese cyber governance system.”
In 2014, Beijing established the Cyberspace Administration, a centralized body to oversee internet policy and digital propaganda, with Xi himself at the helm. Two years later, it enacted a cybersecurity law that required critical network equipment to be approved by the Chinese government and banned most of the countryʼs data from being stored outside of China.
The result is an authoritarian cyber governance system that is distinct from American influence. China also pushed the accelerator on other initiatives aimed at building up its economy and challenging Americaʼs technological supremacy. There was the “Thousand Talents” program, which sought to attract global talents, Made in China 2025, a program begun in 2015 that aimed to fast-tracking high tech manufacturing capabilities, as well as government efforts to encourage Chinese firms to acquire foreign technologies overseas, especially in Silicon Valley.
Looking back, Snowdenʼs revelations may have also helped set the stage for this darker period in U.S.-China relations, which emerged during the Trump administration. In the aftermath of the 2013 leaks, China stepped up its cyberattacks on U.S. companies and the U.S. federal agencies. China also found reasons to crack down on American companies doing business in China — including the tech giant Qualcomm — and to force U.S. firms to share technology.
Trust quickly dissipated.
Indeed, even before Washington began blacklisting Chinese firms and attempting to ban Chinese apps over national security concerns, Beijing had made it increasingly clear that, post-Snowden, American internet companies were no longer welcome in China. This would escalate, and Chinaʼs leaders would eventually test the limits of the open internet itself.
PANDORAʼS BOX
Most observers point to Chinaʼs introduction of the Great Firewall in 2000 as the first tear in the seams of the global internet. The vast censorship apparatus blocks overseas sites like Google, Facebook and The New York Times, and was the first attempt to control the vast flow of information online.
“The founding of the Great Firewall was the Bunker Hill of the bifurcation of the internet,” says Orville Schell, the Arthur Ross director of the Center on U.S.-China Relations at the Asia Society. “Everything else is a footnote.”
One of the first notable footnotes came in 2010, when anti-government activists in Tunisia used Facebook to organize the Jasmine Revolution. The ability of the internet to channel the unrest in Tunisia into political change — Tunisian President Zine El Abidine Ben Ali was ousted after 23 years in power — was touted in the West as proof of the internetʼs liberating potential and in China as proof of the Great Firewallʼs necessity.
But if the Great Firewall is the Bunker Hill in the internetʼs bifurcation, the Snowden revelations were its Battle of Saratoga. Just two days after the first Snowden story appeared on the Guardianʼs front page, President Barack Obama and President Xi Jinping met in Rancho Mirage, California. It was Xiʼs first visit to the U.S. as the head of the Chinese state, and while the U.S.-China relationship was not exactly rosy, the Obama administration hoped the summit would lay the groundwork for a productive bilateral relationship on sticking points like North Korea, human rights, and cyber espionage.
But it was immediately clear that the Snowden leaks had thrown a wrench in these ambitious plans. Xi stayed at a nearby Hyatt, instead of the Sunnylands estate where the meeting was being held and where President Obama was staying, reportedly due to fears of U.S. government spying. The two-day summit produced little of value, and instead of Obama getting Xi to agree to curbing Chinaʼs extensive cyber espionage operations against U.S. companies, Chinese state media began publicly attacking U.S. tech companies as a national security threat.
At the time, Apple, Cisco, Google, IBM, Intel, Microsoft, Oracle and Qualcomm composed a major portion of Chinaʼs cyber systems, including even its Great Firewall. But the Chinese media started condemning the American companies as the “Eight Guardian Warriors,” and the “de-Cisco campaign” calling for the Cisco technology to be removed from Chinaʼs networks became a popular rallying cry among government officials and social media users.
The Snowden leaks dramatically changed Chinese policy towards the internet, its own people, the United States, and the world, with respect to the internet and cyber security. It was a watershed development; you could feel it.
Max Baucus, former U.S. Ambassador to China As Snowden wrote in his 2019 autobiography, Permanent Record, the U.S. controls the internetʼs on-off switch: “The cables and satellites, the servers and towers — so much of the infrastructure of the Internet is under U.S. control that over 90 percent of the worldʼs Internet traffic passes through technologies developed, owned, and/or operated by the American government and American businesses, most of which are physically located on American territory.”
The Snowden leaks underscored this fact, and not long after, China took a series of actions to remove the physical network components as much as it could. One indication of how serious Beijing was about this goal came in February 2014, when Xi Jinping set up and chaired the first meeting of the National Cyber Leading Small Group. Xi told the group that “internet security and information is a major strategic issue concerning a countryʼs security and development as well as peopleʼs life and work.”4
There were other measures as well. In addition to its new internet regulator, Beijing started drafting a cybersecurity law that enforced provisions like a blackbox Cybersecurity Review Regime, under which the government conducts periodical inspections of foreign technology companies to prevent “risks that could harm national security.” It also ramped up its efforts to help Chinese telecom companies like Huawei and ZTE expand overseas.
“Microsoft, for example, used to be the major equipment vendor in China,” notes Min Jiang, a professor at the University of North Carolina at Charlotte who studies Chinese cyber policy. “After Snowden, you saw the Chinese government passing regulations ordering government agencies to swap out the equipment.”
By November 2013, just five months after the first Snowden leaks were made public, Cisco reported an 18 percent drop in orders from China and predicted that its world-wide revenue would decline nearly 10 percent that quarter because of troubles in China. The same month, IBM reported a 22 percent drop in revenue in China. And Microsoft acknowledged that revenue growth in China was slowing.
The “Eight Guardian Warriors” became a symbol of American corporate influence in China.
This was a big hit for American companies, because sales in China made up a huge portion of their revenue. For example, at Qualcomm, China accounted for 42 percent of the companyʼs sales. They were now on the receiving end of both punitive measures and loss of business from real cybersecurity concerns.
As China aggressively tried to reduce its reliance on U.S. technology, the U.S. was caught flat footed. According to Baucus, the former U.S. ambassador, there wasnʼt a cohesive response to the Snowden fallout, which caused many American CEOs to feel like they couldnʼt rely on their own government. Some executives visiting Beijing decided to bypass seeing him, choosing instead to meet directly with Xi or Premier Li Keqiang in the hopes of working out individual deals.
But these deals were only a play for time, Baucus says. Beijingʼs mind was made up. “There was no dramatic kicking out of U.S. companies, but rather slowly, [China introduced] more onerous regulations. They got more and more difficult with U.S. companies,” he says. Largely through bending to Beijingʼs will, many U.S. tech companies eventually saw their revenue in China rise again, but with significantly reduced leverage and autonomy.
Even if there had been a more concerted U.S. response to slow or stop the technological decoupling, itʼs not clear it would have helped. The U.S. had lost its moral high ground. James McGregor, who runs APCO Worldwideʼs China business and was previously the chairman of the American Chamber of Commerce in China, notes that the Snowden revelations gave China an easy retort to American complaints or requests. “They would just say, ‘But what about Snowden?ʼ They would filibuster with that,” McGregor says.
American tech companies, for example, had long been furious about the hundreds of billions of dollars in annual losses from Chinese intellectual property theft and wanted the Obama administration to stop Chinese industrial espionage.5 But China could now point to Snowdenʼs disclosure that the U.S. had hacked Huawei, a privately-owned company. China, in other words, could easily reject the American distinction between economic and national security espionage.
This rejection continues today. Though Xi joined Obama in the White House Rose Garden in 2015 to announce an agreement ending commercial espionage, Chinese hacking of American companies jumped back up soon after Trumpʼs inauguration in 2017. A 2018 report from the United States Trade Representative also showed that China continues to conduct cyber espionage. The Trump administration, in fact, says China has tried to hack into U.S. companies and research institutions seeking information on a Covid-19 vaccine. President Obama and President Xi announced a commitment to ending commercial espionage in the White House Rose Garden in Sept. 2015. Credit: Pete Souza, Official White House Photo
“In Chinaʼs mind, this economic hacking is national security,” says McGregor. “For China, it is a national security issue for them to be behind. They have been playing tech catch up since the opium wars.”
Henry Gao, who teaches law at Singapore Management University, agrees. “After Snowden, you saw China do lots of things in the name of national security,” he says. “It opened Pandoraʼs box.”
‘THIS WHOLE DARKNESSʼ
Today, it seems only natural that China, with the tight control of its authoritarian system, would want to create cyber governance distinct from American influence. But the Snowden effect did more than just add fuel to the then-simmering U.S.-China fire. Itʼs possible it also initiated the mutual destruction of the open internet.
The Snowden leaks reverberated around the world, setting off chain reactions that Snowden himself could never have foreseen. For many countries, not just China, the leaks prompted concerns over “internet sovereignty,” the idea that a countryʼs data should be stored domestically and its cyber infrastructure strictly controlled in order to protect against hacking.
“Snowden showed that the worldʼs data is very vulnerable,” says Timothy Edgar, the director for privacy and civil liberties for the Obama White House and author of Beyond Snowden: Privacy, Mass Surveillance, and the Struggle to Reform the NSA. “So that increased peopleʼs desire to splinter off their internet according to their own national borders.”
Until recently, the U.S. has argued against internet sovereignty. In a speech a decade ago on internet freedom in China, Secretary of State Hillary Clinton framed the issue in existential terms, saying, “Itʼs about whether we live on a planet with one internet, one global community, and a common body of knowledge that benefits and unites us all, or a fragmented planet in which access to information and opportunity is dependent on where you live and the whims of censors.”
After Snowden, you saw China do lots of things in the name of national security. It opened Pandora’s box.
Henry Gao, a law professor at Singapore Management University
But, as innovative Chinese companies started succeeding on Americaʼs internet while Chinaʼs internet remained walled off, the U.S. abandoned Clintonʼs cyber utopia. Citing fears about Chinese companies having access to U.S. user data, the Trump administration tried to ban TikTok and WeChat — an attempt that seemed to be out of Chinaʼs own playbook.
With some analysts saying the internet is already bifurcated, with China and the U.S. constructing their own cyber fiefdoms, one of the only remaining questions is where the rest of the chips will fall. Moving into the Biden administration, for example, many foreign policy experts are pushing for the U.S. to bolster its alliances in order to combat Chinaʼs overreaches. But the Snowden revelations have made this cyber dichotomy more difficult.
“Right now, it is much harder to make the argument that other countries shouldnʼt use Huawei because of Chinese hacking, because we are also hacking,” says Edgar, the Beyond Snowden author. “Our only real answer to that right now to other countries is: ‘You want to be on our side.ʼ That argument works with Europe, but it may not work with Africa.”
The heart of any technology relationship is trust. But so long as U.S.-China cyber relations are framed only as a competition, internet sovereignty is likely to rule the day.
“Weʼre in sort of a prisonerʼs dilemma,” says Kaiser Kuo, the host of the Sinica Podcast and former director of international communications for Baidu. “The optimal outcome is us both to extend the hand of trust. But weʼre getting the worst outcome: both of us close each other off.” It doesnʼt have to be this way, he adds, since weʼre not in a real prisonerʼs dilemma: “We can see each other. We can communicate with each other.” CIJ Logan Symposium 2020: Ai Weiwei in Conversation with Edward S…
Snowden and Chinese artist Ai Weiwei spoke at the Centre for Investigative Journalismʼs 2020 Logan Symposium in November 2020.
And in the past year, with a global pandemic raging, Washington and Beijing have not been in the mood for constructive dialogue. But just last month, a different type of dialogue took place: Chinaʼs most famous political dissident and Americaʼs most famous fugitive dissident took part in an online event hosted by the Centre for Investigative Journalismʼs Logan Symposium. Sitting outside in front of a green lawn and glistening pool in England, Ai Weiwei, the Chinese artist, spoke with Edward Snowden, who wore a black shirt and appeared in front of a black screen, somewhere in Russia. Both men talked about their experiences standing up to government power — commiserating about long, sleepless nights — and how they try to make an impact on their countries while living in exile.
At one point, Ai Weiwei said, “In human reality, we are all defined by our actions… You have to be very clear: I am on this side, or I am on that side. Otherwise, you are part of this whole darkness.”
But while Snowden has been very clear about the side he is on — namely, opposition to government overreach and surveillance — neither man seemed to see the irony that China has used his leaks as a justification to flout those norms. Whatever his motivations, Snowdenʼs actions — perhaps more than any other Westernerʼs — may have unintentionally contributed to the “whole darkness” that has emerged under Chinaʼs cyber control. Eli Binder is a New York-based staff writer for The Wire. He previously worked at The Wall Street Journal, in Hong Kong and Singapore, as an Overseas Press Club Foundation fellow. @ebinder21 Katrina Northrop is a journalist based in New York. Her work has been published in The New York Times, The Atlantic, The Providence Journal, and SupChina. @NorthropKatrina