Security: Europe's pushback against Chinese tech has only just begun

A new case of suspected Chinese industrial espionage highlights Europe's tricky balancing act between exploiting opportunities in China and guarding against the theft of technology back home.
Written by Cathrin Schaer, Contributor

Amid growing international suspicion about China's tech companies, a new report suggests the Chinese government could be behind the theft of corporate secrets from chip-making equipment business ASML. 

According to Dutch newspaper Financieele Dagblad, technology stolen by employees at ASML in California was shared with XTAL, a company with links to the Chinese state.

ASML has a dominant position in selling circuitry technology used in making processors. Customers include leading chipmakers such as Intel, Samsung, TSMC, and GlobalFoundries.

SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)

Following the report, ASML, which is headquartered in Veldhoven in the Netherlands, downplayed what boss Peter Wennink disparagingly described as a "conspiracy theory".

"The facts of the matter are that we were robbed by a handful of our own employees based in Silicon Valley, who had broken the law to enrich themselves," Wennink said in the statement about the California incident, which resulted in a November 2018 court case in the US.

"Some of the individuals happened to be Chinese nationals, but individuals from other nations were also involved. We resent any suggestion that this event should have any implication for ASML conducting business in China."

Last year, ASML did about €1.7bn ($1.9bn) of business in China and expected to do about the same this year. That is a significant part of the company's business, which reported net sales of €10.9bn in 2018.

Despite the denials from ASML, this case is bound to fuel growing suspicions in Europe about Chinese intentions.

"This is not the only such incident," confirms Jonathan Holslag, a professor of international politics at Brussels University, who has written several books about China.

"In general, it's taken European countries a lot of time to get to grips with the magnitude of the Chinese industrial espionage problem. They've been more inclined to brush it aside and prioritize business opportunities," he tells ZDNet.

Recently several European leaders, including Dutch prime minister Mark Rutte and French president Emmanuel Macron, have called for a more realistic, and less naive, relationship with China.

In Germany, members of the business community who first saw the Chinese market as a grand opportunity have returned home with bitter complaints about unfair treatment and difficult conditions. Angst about the 2016 Chinese takeover of German robotics company, Kuka, has not abated either.

In March, Brussels finalized a new EU investment-screening framework, an area where European states have been behind other countries. The framework, which entered into force in April, screens potential external investors for risks to security or public order, especially if there is involvement with critical infrastructure or other sensitive projects.

As the Mercator Institute for China Studies, or MERICS, in Berlin noted in a March 2019 paper: "While non-discrimination toward the nationality of an investor is a core principle … of the new regulation, some of its provisions overlap with core characteristics of Chinese investment in Europe to date."

For one thing, "the new rules call for heightened scrutiny of investments by directly or indirectly state-controlled entities", the institute's analysts point out.

However, as Holslag also tells ZDNet, the new European rules cannot be a cure-all because there is still a lack of intelligence about Chinese companies, which often arrive in a sector or a company as minority shareholders, or working through intermediaries.

"It's one thing to claim companies need to be screened but that requires a lot of resources," the China expert explains. Those costs can be problematic, especially for smaller European countries, he adds.

Doubtless this issue is part of the reason why some analysts have expressed concern about a Chinese charm offensive in smaller eastern European states. After last week's EU-Beijing summit in Brussels, Chinese premier Li Keqiang went to Croatia for the first time to meet eastern European business people and politicians there.

A leaked draft of potential legislation from Germany's Ministry of the Interior, seen by local journalists at the end of March, appears to suggest that the Germans want better intelligence gathering.

Germany has already been warned by the US that if it uses Chinese telecoms equipment manufacturer Huawei, in the new, high-speed, 5G network, the US will restrict intelligence sharing.

Although Huawei has continuously denied it, the suspicion that the company might use its componentry to spy on users, or be forced to give up data by the Chinese government, isn't going away.

Germany had already increased security specifications for manufacturers tendering on its 5G project and the Interior Ministry's 90-page draft bill goes further. It suggests that any company providing "core componentry for critical infrastructure" in Germany will need to sign a "declaration of trustworthiness", after which its equipment will also undergo a more thorough security check.

Despite the optimistic verdict on last week's EU-China summit in Brussels, where the Chinese promised to be better business partners, long-time China watchers, Kristin Shi-Kupfer and Mareike Ohlberg, the Berlin-based authors of an April study, 'China's digital rise. Challenges for Europe', are unsure it will change the current, distrustful mood in the tech sector.

"A pushback against China's digitization and technology may only just have begun," they conclude. 

More on China and technology

Editorial standards