2019 saw increased attention by the media and policymakers on the threats posed by Chinese telecommunications and technology firms. However, a number of unresolved issues remain that if left unaddressed, will continue to leave American and western users and systems vulnerable to hacking, data breaches and technology transfers. Progress made over the coming year will in part be determined on the answers to the following questions:
- Will the Pentagon take any meaningful steps to address the findings of the July 2019 Department of Defense Inspector General report which documented Army and Air Force purchases of printers and laptops from Chinese firms with “known cybersecurity risks”?
- Will the Commerce Department expand the Entity List, to include additional Chinese companies that pose threats to national security and information technology supply chains?
- Will the Cyberspace Solarium Commission provide the needed framework to effectively inform and guide federal policy on cybersecurity, and if so, will it be heeded by government officials?
- Will retailers continue to sell consumer products without warnings that they potentially allow access to the information they store online, like banking, bill paying, investments, and health care records?
- Will telecom operators in western nations to turn to companies other than Huawei, to rip, replace and/or upgrade existing networks, as Australia, Greenland, Denmark and Norway have?
- Will the Trump Administration use Section 232 of the Trade Expansion Act of 1962 to initiate a broader investigation of Chinese ICT imports?
- Will Congress move on the Defending America’s 5G Future Act, which would codify President Trump’s Executive Order placing Huawei on the Commerce Department’s Entity List and provide Congress with the ability to block waivers provided to companies looking to engage in business with Huawei?
- Will Congress move on the MICROCHIPS Act, or a similar measure that prevents supply chain exploitation, cyber-attacks on computer systems and cyber espionage?
- Will Congress heed the recommendations of the U.S.-China Economic and Security Review Commission, mainly that Congress pass legislation that prevents Chinese companies from being listed on American stock exchanges if they fail to meet the same financial regulatory requirements as U.S. firms?
- Will state Chief Information Officers (CIOs) provide the appropriate scrutiny necessary to prevent the acquisition and use of problematic, Chinese-made equipment in state capitols, court houses and schools throughout their jurisdiction?