DHS warning on Chinese Services and Devices
The DHS Issued an advisory to U.S. businesses, warning them of data security risks associated with using communications equipment and services from China-linked companies.
The big picture: The advisory comes as the US administration makes a final push on China, highlighting the administration’s emphasis on the risks posed by the close relationship between some Chinese companies and the Chinese government.
- Its stated goal is to warn U.S. companies of the risk of Chinese government-sponsored data theft that can occur through U.S. business partnerships with Chinese companies, or through the use of their products and services.
- It lays out China’s legal environment, which requires Chinese companies and individuals to comply with government requests to hand over data and provide other assistance to law enforcement and security agencies, with little legal recourse.
The advisory specifically cautions U.S. businesses with regards to data centers owned or operated by Chinese firms, foreign data centers built with Chinese equipment, joint ventures with Chinese firms, software and mobile device applications, and fitness trackers and other wearables, according to a copy of the advisory reviewed by Axios.
- It also recommends U.S. companies who do choose to engage with Chinese companies should reduce the amount of their data stored in China, take steps to protect proprietary information, scrutinize business relationships, and strengthen terms of service agreements.
What they’re saying: “Practices that give the PRC government unauthorized access to sensitive data – both personal and proprietary – put the U.S. economy and businesses at direct risk for exploitation. We urge businesses to exercise caution before entering into any agreement with a PRC-linked firm,” .