Cybersecurity has captured the attention of policymakers around a range of technical and economic questions, but this convenient term can muddy different threats and challenges. Perhaps the most important and least understood is the question of what some have labeled economic espionage, and we call Cyber Theft of Competitive Data (CTCD). Properly identifying and clearly understanding the scope of this issue is critical for several reasons. First, it has become central to the US cyber agenda, particularly as the Administration works with the Chinese government. Both Vice President Biden and Treasury Secretary Lew specifically addressed the importance of addressing this issue in the recent Strategic and Economic Dialogues with China.
Second, from a policy perspective, a better understanding of the problem will help promote the urgency of a response from Congress and the White House. At the same time, it will help tamp down some of the aggressive rhetoric that has surrounded this issue. A member of the independent Commission on the Theft of American Intellectual Property has testified that the scope theft of American intellectual property was “comparable to the current annual level of U.S. exports to Asia,” and pointed to China as the chief culprit.[1] For their part, the Chinese call the accusations of economic espionage ‘unfounded,’ and caution that they are ‘hyped into something that would overshadow and obstruct’ cooperation between the US and China. This issue has dominated headlines for the past year, with bold statements and confusion on all sides.[2] Even the official in charge of defending American cyberspace, Cyber Command’s General Alexander, does not seem above inflammatory rhetoric, calling it “the greatest transfer of wealth in history.”[3]
Perhaps most importantly, however, a complete understanding of the mechanics of CTCD will help policy makers understand how to respond. If we do not understand the nature and mechanics of the threat, then sizable technical investments and elaborate diplomatic negotiations may fail to actually address problem. Different sectors depend on different types of data to generate value, and face different threats from theft of that data. Only by appreciating the underlying processes that harm the American economy can we explore the efficacy of mitigating solutions.
[1] Slade Gorton. Testimony before the House Energy & Commerce Committee; Subcommittee on Oversight and Investigations. July 9, 2013. http://docs.house.gov/meetings/IF/IF02/20130709/101104/HHRG-113-IF02-Wstate-GortonS-20130709-U1.pdf
[2] Yang Quingchaun. Commentary: Don’t let cyber security overshadow key China-U.S. dialogue. Xinhua News Service. July 9, 2013. http://news.xinhuanet.com/english/indepth/2013-07/09/c_132525189.htm
[3] NSA Chief