President Joe Biden came away from his summit with China’s President Xi Jinping on Nov. 15 committed to prosecuting what he called “simple, straightforward competition” with China. Yet Beijing is already beating the United States and its allies in one crucial domain: data.
Data is the oil of the 21st century, the indispensable resource that will fuel artificial-intelligence algorithms, economic strength and national power. The wellspring of this data is all of us: our health records and genetic sequences, our online habits, the supply chain flows of our businesses, the terabytes of imagery guzzled by phones, drones and autonomous cars.
The competition for global influence in the 21st century will require protecting and harnessing this data to achieve commercial, technological and military advantages. So far, China is winning, and the West is barely even engaged.
Through a latticework of recent laws and regulations, Mr. Xi has been hard at work making the Chinese Communist Party the world’s most powerful data broker. How does Beijing do that? By walling Chinese data off from the world, exerting new extraterritorial power over global data flows and putting foreign companies operating in China in a legal bind — all while absorbing other countries’ data by means licit and illicit.
Mr. Xi knows that even locking down only Chinese data, representing the patterns and behavior of some 1.4 billion people, would hobble Beijing’s rivals in the quest for global economic superiority.
The Biden administration has spoken about the importance of data in our competition with China. But no visible strategy has emerged. That threatens Americans’ privacy, economic competitiveness, national security and future global standing. This will be a major test of America’s China policy in 2022.
Washington’s blind spot to the centrality of big data in Beijing’s ambitions and to the ways our own data are being exploited in service of those ambitions is perplexing at a time when American politicians are growing more concerned about the collection and potential exploitation of big data by U.S. tech giants.
It is further perplexing because Americans in bipartisan fashion also are wising up to the ways that Beijing exploits and weaponizes other U.S. resources, like our capital markets.
That’s evident in how Washington is finally — if fitfully — beginning to address the self-destructive flow of U.S. dollars into China’s military and global surveillance apparatus. While these sorts of measures still need to be scaled up dramatically, at least policymakers now have some tools to curb Beijing’s easy access to U.S. capital.
Not so when it comes to data, where Beijing believes that it has a free hand and that the West is too distracted or feckless to respond meaningfully. Mr. Xi is thinking and acting big, and has been since his first days in power.
In 2013, shortly after assuming the presidency in Beijing, Mr. Xi declared: “The vast ocean of data, just like oil resources during industrialization, contains immense productive power and opportunities. Whoever controls big data technologies will control the resources for development and have the upper hand.”
Since then, Beijing has been building the framework to ensure that mass accumulations of data serve the Chinese Communist Party’s strategic interests.
A series of laws implemented in 2017 asserted the party’s power to gain access to private data on Chinese networks, whether in China or associated with Chinese firms such as Huawei overseas.
Now Beijing has quietly enacted a new set of laws — first the Data Security Law in September, followed in November by the Personal Information Protection Law — that go even further by demanding not just access to private data but also effective control over it.
This has a huge impact on foreign firms operating in China. Not only must their Chinese data stay in China and be accessible by the state, but Beijing now demands control over whether they can send it to their own headquarters; to a corporate lab in, say, California; or to a foreign government that has made a law enforcement or regulatory request.
Beijing’s new laws may make it criminal to comply with foreign sanctions against China that involve data — like shutting off banking or cloud services to a Chinese entity linked to human rights atrocities. In these cases, foreign firms can comply with U.S. law, or they can comply with Chinese law, but not both.
The impact of these laws is clear. Tesla, Apple and others have opted to build dedicated Chinese data centers — sometimes in partnership with Chinese state entities, lest they lose access to the large Chinese consumer market. Goldman Sachs faced pressure against sending memos to its U.S. headquarters.
Beijing’s recent actions complement its longstanding efforts to buy, steal and otherwise acquire data from foreign sources worldwide. Beijing hacks multinational corporate databases. It runs “talent recruitment” programs at foreign universities and firms. It buys foreign companies, such as an Italian maker of military drones. It funds its own data-driven start-ups in open foreign markets like Silicon Valley.
The approach is nakedly nonreciprocal. It relies on access to foreign data while denying foreigners access to Chinese data — and appears to assume that foreign governments won’t respond. The United States, after all, has no comprehensive federal approach to data governance, while the European Union’s General Data Protection Regulation is focused mostly on consumer privacy.
Will American and allied policymakers develop approaches to limit strategic data flows to China? For now, the Biden administration’s answer is: maybe.
“Our strategic competitors see big data as a strategic asset,” the U.S. national security adviser, Jake Sullivan, said this summer, “and we have to see it the same way.”
This is clear and compelling language. But data did not appear to be high on Mr. Biden’s agenda with Mr. Xi, judging from official readouts of the summit.
And to date, U.S. policy remedies are idle and insufficient.
In June, the administration issued an executive order embracing a new regulatory process to restrict cross-border data flows on national security grounds. But the new process hasn’t yet been put to use — not against Chinese drones, Chinese access to U.S. data centers and biotech labs, or other potential targets.
In the meantime, U.S. diplomats’ and trade negotiators’ engagement on data issues is dominated by bitter fights with European regulators over privacy rules for American tech giants. The far greater threat from Beijing goes largely unaddressed.
The good news is that if democratic nations get their act together, they may be in a better position than Beijing, which complicates its own progress through apparent paranoia.
In recent months, Mr. Xi has cracked down on private Chinese tech giants such as Alibaba and Tencent, forcing them to relinquish their data troves to state-controlled third parties. This crackdown, which helped erase more than $1 trillion in market value, will make these companies less innovative now that they no longer control their data.
But banking on Chinese authoritarian overreach to preserve America’s edge is no strategy.
A smarter approach would begin domestically, with actual (and robust) implementation of the Biden administration’s June executive order. This would entail blocking or unwinding arrangements by which large volumes of sensitive U.S. data flow to China, whether through medical records, cellphone apps or other channels — all of which are basically unregulated right now.
Democratic allies must also work together to promote data sharing among themselves while limiting flows to China. A blueprint was introduced by former Prime Minister Shinzo Abe of Japan. This idea, called Data Free Flow With Trust, ought to become allied policy.
For upward of a generation, Beijing has been coldly effective in designing a strategy of global data mercantilism: data hoarding for me, data relinquishing for thee.
If Washington and its allies don’t organize a strong response, Mr. Xi will succeed in commanding the heights of future global power.
Matt Pottinger, a former U.S. deputy national security adviser, is a distinguished visiting fellow at the Hoover Institution. David Feith, a U.S. deputy assistant secretary of state for East Asian and Pacific affairs until early 2021, is an adjunct senior fellow at the Center for a New American Security.
The Times is committed to publishing a diversity of letters to the editor. We’d like to hear what you think about this or any of our articles. Here are some tips. And here’s our email: [email protected].
Follow The New York Times Opinion section on Facebook, Twitter (@NYTopinion) and Instagram.