Big Brother in China and the UAE: Surveillance tech’s threat to U.S. national security
The development of surveillance technologies has indisputably lent a hand to strengthening the iron-grip of authoritarian regimes. Blurring the distinction between the public and private sectors, several governments have used this technology to maintain their political hegemony and inflict human rights abuses. Prominent among these countries is China. In response, the United States placed restrictions on Chinese companies abetting this behavior. With a similar story unfolding in Dubai, where the upsurge of technology has also played into autocratic behavior, the current U.S. administration should curtail certain commercial connections between companies in the United Arab Emirates (UAE) and the United States. Until conditions on the use of these technologies have been agreed upon, the sanctioning of these companies is necessary to both preserve U.S. national security and uphold democratic principles.
The Chinese government has amassed an arsenal of mass surveillance technology: over 200 million surveillance cameras dot the streets, many of which are equipped with facial recognition capabilities and infrared technology. “Wifi sniffers” track IP addresses of nearly all networked tools. The thousands of security checkpoints spread out across the country compile information on individuals ranging from license plate numbers to blood type to family planning. In late 2016, the government released a mobile app as part of the Integrated Joint Operations Program (IJOP). Currently being piloted in the province of Xinjiang, the app streamlines all the data into a single analysis system, enabling the government to easily access a compendium of information on any given individual. The system also documents activity deemed “suspicious” like possession of an inordinate number of books or an unusually large purchase of fertilizer. In tandem with the social credit system also tested in Xinjiang, by which citizens are assigned a score that determines their social opportunities based on their socioeconomic reputation, the Chinese government has established its presence in nearly every facet of public and private life.
Such an extensive program of surveillance is purportedly targeted towards crime prevention and reduction. In a white paper published in early 2019, officials claimed to have “destroyed 1,588 violent and terrorist gangs, arrested 12,995 terrorists, seized 2,052 explosive devices, punished 30,645 people for 4,858 illegal religious activities, and confiscated 345,229 copies of illegal religious materials.” The magnitude of the statistics, however, belies the true objectives of the surveillance system: the Big Brother style of governance aims not only to deter crimes, like petty robberies and traffic infractions, but also to stifle what Beijing claims are crimes against the government. Use of surveillance software thus serves an ulterior purpose of clamping down on instances of divergence from the ruling party. “Terrorists” usually consist of the minority Muslim Uighur people which, on the basis of their religion, are perceived as a menace. “Gangs” are often simply groups of political dissidents and social activists. By labeling those seen as threats in such pejorative terms, the government justifies its oppressive methods such as its “re-education camps,” the conditions of which are not unlike those of concentration camps, and its systematic abuse of torture.
While the precise motives of the White House remain hazy, several supporters of these restrictions have cited national security concerns and the potential erosion of democratic values. Several high-ranking officials, including chairman of the Senate Intelligence Committee Richard Burr (R-NC) and FBI director Christopher Wray, have expressed unease regarding the technologies’ capabilities to infiltrate the American telecommunication and public infrastructure sectors. The capacity to do so would potentially enable unauthorized access of classified information and expose U.S. vulnerabilities to foreign espionage. The apprehension is not unfounded: an investigation by the French newspaper Le Monde found that the computer systems in the Chinese-built headquarters of the African Union had been sending classified information back to Beijing every day for five years. While there has yet to be such comparable large-scale Chinese involvement in public infrastructure in the United States, the precedent points to prospective dangers should U.S. companies engage in an unrestrained sale and purchase of Chinese parts.
Further, application of these tools to stymie any sort of political challenge resulting in flagrant infringements of human rights threatens the principles underpinning democracy. A bipartisan group of Senators led by Marco Rubio (R-FL) sent a letter to the Treasury and State Departments calling for restrictions on Dahua and Hikvision contracts on the grounds of the companies’ complicity in human rights violations in Xinjiang. To compound this, as Chinese capacities grow, many of these companies, like Hikvision and Huawei, are exporting their products to other countries also seeking to centralize power in the hands of their respective autocratic leaders. A New York Times report indicated that at least 18 countries are using Chinese-made surveillance systems. For many, these systems have been provided for by the Chinese government as part of its Belt and Road Initiative, headquartering an unprecedented attempt at global surveillance in Beijing. This international system of policing in favor of the Chinese thus jeopardizes not only basic rights of those under such regimes, but also the international order and norms of sovereignty.
One such country to mirror China is the UAE. In 2016, as part of its Vision 2021 Strategy, Dubai announced plans for Oyoon (“eyes” in Arabic) in cooperation with several high-level governmental ministries. An artificial intelligence surveillance program, Oyoon launched with the installation of thousands of CCTV cameras equipped with biometric surveillance capabilities across tourist destinations, traffic zones, and public transit regions. As with China, the stated goal is to reduce crime: since the program’s implementations, officials reported the 319 arrests and cited a 99.5% decrease in unresolved and disturbing crimes in 2018 alone.
Cautionary measures must, however, be taken when faced with these statistics. Much like Beijing, Dubai makes use of a charitable interpretation of the term “criminals” to include not only criminals like thieves and robbers, but also political dissidents, human rights activists, and journalists potentially threatening the monarchy. With the UAE’s highest rates of political prisoners per capita in the world, legal acceptance of flogging and stoning practices, and a history of torture, the incorporation of technology may only serve to dramatically magnify such immoral state action.
Of specific note recently is the UAE’s Project Raven, a secret hacking operation launched in 2009 under the guise of counterterrorism efforts. The project has been in part effective in achieving its aims: it has since helped the National Electric Security Authority (NESA) break up an ISIS network and aided in the investigation of potential assaults following an ISIS-claimed stabbing of a teacher in 2014. However, the broad scope of “criminals” has also resulted in Project Raven targeting many others on arguably unjustifiable terms. For example, Rori Donaghy, a British journalist who reported on and publicly lambasted the country’s poor human rights records, found many of his networks hacked. To a more extreme extent, Ahmed Mansoor, prominent activist and a critic of Emirati policy, was sentenced to prison for 10 years for sharing his views on Facebook and Twitter. Specifically, he was convicted of “publish[ing] false information, rumours and lies about the UAE and promot[ing] sectarian feelings and hatred that would damage the UAE’s social harmony and unity.” Many others singled out include other journalists and dissidents, among them American citizens. Project Raven’s precedent provides a strong warning of the prospective implications of Oyoon.
The UAE’s success in these hacking operations and surveillance methods are in part due to resources provided for by the West. Many of Project Raven’s capacities are taken from methods learned from the U.S. intelligence community, the UAE having contracted with Baltimore-based cybersecurity firm, Cyberpoint. After hiring several former employees of the National Security Agency (NSA), Cyberpoint was granted a license by the State Department in 2014 to provide sensitive defense technology and services to Dubai for the “protection of UAE sovereignty.” Despite express bans of targeting American citizens and companies, the methods have allowed non-American personnel on the project to hack into iPhones of activists, political leaders, and American journalists alike. Further, Cyberpoint’s successor as the primary cybersecurity contractor, UAE-based firm DarkMatter, was reported to have significantly invested in recruiting top-level talent from American companies such as Google, Qualcomm, and McAfee.
A Buzzfeed investigative report of procurement records revealed that Oyoon is also backed by global suppliers. These suppliers include Canfield Scientific, Inc., a New Jersey-based biotech company specializing in 3D models; Nuance, a voice recognition company based in Massachusetts; and NEC, a Japanese company providing facial matching capabilities. Other companies with global reach are also setting their sights on the UAE as a viable market for their products with Hikvision, Huawei, and IBM marketing their biometric surveillance systems for use in the country.
There should be a U.S. response to these UAE actions. For the protection of national security and the maintenance of democratic values, the United States should (1) sanction any commercial connections affiliated with Oyoon, as it did with China, and (2) negotiate qualifying terms for the future use of American-supplied tools, the two to be done concurrently. On the former, American companies wishing to contract products to Oyoon or Project Raven must first obtain government approval, as with Huawei and Hikvision. Ramifications of Project Raven have shown that such projects may pose grave threats to U.S. national security, specifically in its targeting and hacking of Americans, and its violations of human rights. With this, the United States must tread carefully so as to not facilitate American support of Project Raven’s nefarious activities.
We should also consider potential repercussions should the United States completely block the UAE from purchasing American-made technology products. The Trump administration’s restrictions on sales of products by U.S. suppliers to Huawei could severely impact the bottom line of companies like Intel and Qualcomm, and a total prohibition might have the unintended consequence of inducing China to accelerate its own research into and development of the products. This would only increase current tensions between the two superpowers. Pushback from the U.S. blacklisting of Huawei might be a harbinger of similar headwinds for proposed restrictions on sales to the UAE. As a result, the United States must be mindful of the lessons learned, both on the impact on the U.S. economy and of the stimulus to China’s home-grown capabilities, as it prepares to implement similar restrictions on sales to the UAE.
Sherry Tseng is a senior pursuing her master’s degree in philosophy at the University of Pennsylvania. She was an intern in CERL’s 2019 Summer Internship Program.
Image by endus3r from Pixabay