Five Eyes and Operation Friction II

In March, 1946, the U.S. and UK extended WWII intelligence-sharing practices in the form of the "United Kingdom - United States of America Agreement," which was later extended to include Canada, Australia and New Zealand.  This Anglosphere alliance of intelligence operations is popularly (well, among a certain set of people) known as "Five Eyes."

While by most accounts the intelligence sharing (primarily signals intelligence, AKA eavesdropping and trolling) has been an open and collaborative process, the U.S. has on occasion been known to leverage control of information over its friends.  For instance, in 1973, President Nixon is said to have briefly cut off Britain out of pique for the then-PM's pro-European policies.  

Yet more recently, President Bush shut out Canada when that country initially balked at sending aging warships to the Gulf after the 1990 Iraqi invasion of Kuwait.  Three days after their screens went blank, Ottawa about-faced and sent potentially ill-equipped ships into harm's way.  Intelligence sharing was restored. (Amusingly enough, rumor has it the Canadians dubbed their military operation in the Gulf "Operation Friction" in deference to the U.S. antics).

Flash forward.

In late September, 2011, the U.S. and Australia announced that they would introduce cybersecurity into their existing bilateral defense treaty, citing, among other things, the ongoing cyber threat emanating from China.  At the mid-November, 2011 annual Australia-United States Ministerial Consultations (AUSMIN) meetings between the Australian Minister for Defense and the U.S. Secretary Defense, it was further agreed to "intensify cooperation to meet emerging security challenges in...cyberspace."  

Shortly thereafter, in December, 2011, the Australian Government banned Huawei from bidding on a state-sponsored next generation network due to "concerns over cyber attacks originating in China."  This ban flew in the face of considerable political and commercial opposition, as well as the seemingly ironic fact that Huawei was already providing the equipment powering multiple large-scale commercial networks across Australia.

Operation Friction II?

Perhaps.  If so, one has to wonder why the UK and Canada have thus far been allowed - for a number of years now - to let their respective markets operate freely and fairly in terms of Huawei's competitive presence.  Did they say no?  Have they been cut off from the American intelligence teat?  "Who knows?" on the former and a highly unlikely "no" to the latter.  Was the Australian cave a short-term measure?  

Perhaps.  

Almost one-year after the Huawei ban - this month, January 2013 - the Australian Government announced the opening of an "Australian Cyber Security Center" (ACSC) as the hub of the Government's cyber security efforts to be responsible for analyzing the nature and extent of cyber threats"...and..."work closely with critical sectors and key industry partners to protect our nation's most valuable networks and systems."   

The seemingly "brand-agnostic" structure and function of the ACSC, as announced, would seem to have great promise as effective, fact-based and technologically and commercially rational approaches to cyber threats.  Perhaps here is the backbone necessary to stand-up to bullying allies with thinly-veiled political or protectionist agendas?

Am I suggesting that the U.S. does not care about cyber threats, particularly those from China?  

Of course not.  

But U.S. credibility on such issues is increasingly compromised by fringe elements that purport absurdities like banning select companies from telecom networks as supposed cyber security solutions. Any expert would tell you such proposals are laughable.  All that's left is to call them what they are: mis-guided protectionism, sadly and dangerously, at the expense of real and effective cyber security solutions.

Steve Quixote

For the last year-and-a-half, a major news wire investigative reporter has attempted to spin fantastical tales of China-based multinationals either supporting Iranian Government suppression of its citizens or circumventing U.S. export controls to provide embargoed telecommunications or computing equipment to Iran.  Playing somewhat fast and loose with the facts, the Reporter's true agenda is as muddy as might be, at least seemingly, his journalistic ethics. 

In late 2011, while still at a major U.S. daily, the reporter wove a hole-ridden cloth of a story suggesting that Huawei had in years past nefariously installed telecommunications equipment in Iran that would allow police to intercept calls and track people based on the location of their cellphones.  Huawei attempted to explain to the reporter that all telecommunications equipment venders build network equipment to the same global specifications which require an interface to allow for what is known as lawful intercept (as mandated by the U.S. Government, among others).  Huawei further explained that while the company incorporates the interface for lawful intercept into its solutions, Huawei does not produce lawful intercept solutions themselves nor has Huawei even been involved in providing services related to monitoring or filtering.  Yet, the reporter chose to ignore these facts. 

But why listen to Huawei?  How about an official U.S. Government report?

Nope.  The reporter further opted to ignore the Summer 2011 U.S. Government Accountability Office (GAO) report which specifically found that no company had been identified as having violated the Comprehensive Iran Sanctions, Accountability, and Divestment Act of 2010 (CISADA) in terms of  the export of technologies to the Iranian Government for monitoring, filtering and disrupting information flows.  The GAO Report cited "the lack of a clear distinction between technology exported to Iran to disrupt the free flow of information versus technology exported to Iran to support necessary and acceptable filtering and monitoring of communication."  This is common industry knowledge, as Huawei had attempted to inform the journalist.

While his mis-informed article did run, it did so with little traction and, it seems, the reporter came to realize that his story was full of holes, so he shifted tack in 2012.  After uncovering and reporting in the Spring of 2012 on shipping documents and contracts that seemed to show that China-based ZTE was circumventing or poised to circumvent U.S. export controls by shipping or planning to ship gear from IBM, Cisco, Oracle and others (this matter, and the allegations of related ZTE document shredding remain under U.S. Government investigation), the intrepid investigator – with what, by seemingly all accounts, was a legitimate and important story under his belt - decided to take a wild leap and indict Huawei as well.  After all, both companies are based in China...

In October, 2012, his news wire ran his report on purported Huawei attempts to circumvent U.S. export controls with the shipment of around $20,000 worth of off-the-shelf mobile antennas from a U.S. supplier.  Except, as he further reported, it wasn't actually Huawei that would have been selling the antennas, and, in fact, the deal was never consummated.  Nevertheless, the story spun on about evidence of "how China has become a backdoor way for Iran to obtain embargoed U.S. computer equipment." Really?  Well, no.  And, in any event, mobile antennas?  These are "computer equipment" that will somehow power Iran's nuclear ambitions?  Yes, no matter how pedestrian, if an item is controlled, it is controlled, and should not be shipped and in fact wasn’t.  But c’mon, a never-happened antenna deal presented as “China has become a backdoor way for Iran to obtain embargoed computer equipment?”  A ridiculous and irresponsible stretch.  And, an even more naive stretch is for the reporter to believe that Huawei would risk its global reputation and $32 billion in annual sales by facilitating or knowingly allowing some third party to facilitate "backdoor ways" for $20k worth of commodity radio antennas.  Absurd.

Yet, with fire yet elusive and smoke no more apparent, the reporter belched another article in late December 2012, in what now increasingly seems a personal and quixotic quest to fan the flames of fear, whether China- or Iran-related. 

Yet again, his story was about a Huawei "partner" supposedly engaged in yet another never-consummated deal over two year ago which was reported to have involved the potential sale of HP servers to an Iranian telecommunications service provider that, notably, was reported to already possess a farm of the self-same servers.  The reporter's bold "exclusive" limped along based on mirrors but no smoke.  To his credit, he noted that "China's Huawei...says neither it nor its partner, a private company registered in Hong Kong, ultimately provided the HP products to the telecom.”  Yet, in an inexplicable leap, he then proclaimed: "Nevertheless, the incident provides new evidence of how Chinese companies have been willing to help Iran evade trade sanctions."

Um, no, it doesn't.  I mean, really, not at all.  And the suggestion that it does is rather shocking from a journalistic ethics perspective.  Yes, the reporter has clearly telegraphed his intent to pursue a personal long-term prejudicial windmill-tilt at China-based companies, but we should perhaps expect better of his editors.

What's going on here?  Well, Huawei is a global telecom giant doing business across 150+ markets with over 500 operators in a very dynamic industry and with a wide range of partners.  Deal proposals are put together all of the time, and, given that network deployments are usually quite similar from market-to-market and operator-to-operator, it wouldn’t be shocking if a Huawei partner drew from previous bid materials, slides, etc. in crafting an initial proposal.  Yet, the wire reporter points to Huawei slides - marked confidential, no less (in my decades of professional experience in government and the corporate world, I've found the word "confidential" to be terribly overused on a wide range of anything-but-confidential documents) - which have been incorporated into partner materials as being evidence of some sort of Huawei or other party's conspiratorial sanction-circumventing endeavor.  That is blatant - intentional, for whatever reason - misrepresentation on the part of the journalist. 

Here is a fact: Huawei’s business in Iran – and globally - is in full compliance with all applicable laws and regulations, including those of the UN, U.S. and EU.  Furthermore, Huawei requires its partners to adhere to the same commitments, to strictly abide by relevant laws and regulations.  Think about it: The deals the wire reporter was talking about never happened.  Gee, could it be that the system to ensure compliance with export controls actually works?

Demonization of Iran and China are nothing new and, to some extent or another, there are legitimate concerns to be had with both countries, and, certainly, far more so with the former than the latter at this moment in time.  Demonization of Huawei by proxy - by virtue of geographical heritage - is also, sadly, nothing new.  We expect these things from politicians, and from partisan or perhaps fringe media, and certainly competitors.  But we should really expect better from the mainstream media…