EU Strategy on China: Council Conclusions on Cyber Post-Beijing

EU Strategy on China: Council Conclusions on Cyber Post-Beijing

18 July 2016

 In adopting the EU Strategy on China this week, the Council of the European Union issued its Conclusions after the 18th EU-China Summit in Beijing. The policy framework for the EU's planned engagement with China over the next few years is provided by these Conclusions as well as the June 2016 Joint Communication of the High Representative and European Commission on Elements for a new EU Strategy on China (the EU-China 2020 Strategic Agenda for Cooperation is the primary joint document that guides the EU-China Comprehensive Strategic Partnership). The last European Commission Communication on China was in 2006, nearly ten years ago. A number of messages stand out: 1) The EU is now clear that China needs the EU as much as the EU might need China (particularly since the EU is China's largest trading partner). 2) If China intends to participate in a leading role within global affairs, it must take on duties commensurate with such a global role. 3) While mutual economic interests are strong, this should not stop the EU from upholding its values �C "China's needs are as great as ours and failure to cooperate also brings adverse consequences for China".

 The Council cites promoting international security as one of several opportunities for cooperation with China. More specifically, several clauses within these Conclusions have implications for future international cybersecurity issues. A number of areas identified for planned cooperation will feature cyber. First, the Council underlines that promoting human rights and the rule of law will continue to be a core part of the EU's engagement with China �C the EU will continue to urge China to respect its own commitment to upholding the rule of law. The harassment of human rights defenders, journalists and publishers, among others, are cited as a major concern. The Joint Communication specifies concerns over recent trends towards "an extraterritorial dimension". How this might impact rights online as well as offline, like freedoms of expression and association, remains to be seen, especially since the EU intends to hold China to account for its human rights record. More recent national security laws and regulations are also called into question for being too restrictive. The Joint Communication further argues that the EU should promote stronger privacy and data protection rights in China, and EU data protection rules should be respected in all personal data exchanges with China.

 The EU promotes the openness and freedom of the Internet and encourages efforts to develop agreed norms of state behaviour. The Joint Communication argues that China's restrictive approach to Internet governance risks fragmenting the Internet to the detriment of global stakeholders and with negative economic and human rights consequences.

 Second, the Conclusions specify that China should limit the scope of security-related reviews of EU investments in China solely to issues that constitute legitimate national security concerns. The Joint Communication describes the situation such that recent legislative initiatives have introduced new restrictions on foreign operators in China, which goes against market opening and the principles of equal treatment and a level playing field. Notably, the point argued is that this deprives China itself of the best solutions to enhance economic activity.

 Third, while encouraging further research and innovation cooperation with China, it is hoped that cooperation on the digital economy should harness growth through open markets, common standards, and joint research, specifically in areas like the Internet of Things and 5G mobile communications. However, the EU as well as the Member States, intend to intensify cooperation with China on the protection and enforcement of intellectual property rights whilst also reinforcing measures to counter cyber-enabled theft of IP and trade secrets. In effect, the protection and enforcement of IPRs are essential for promoting innovation, and while there may be legitimate government interest in the security of the digital market, the "EU opposes generally applicable policies that require access to or transfer of software source code as a precondition for market access". The EU is therefore encouraged to seek a political agreement with China on combatting cyber-enabled theft of IPR and trade secrets.

 China is criticised for market opening that focuses more on assisting Chinese companies abroad rather than improving access to China's market. The country is also criticised for increasingly protectionist policies and regulations. The Joint Communication argues that European ICT companies are facing market access problems across the value chain (including technologically biased standards, complex and discriminatory licensing and certification requirements, and disproportionate restrictions on account of security-related legislation). The EU therefore intends to make more effort to improve access to the Chinese market. It is also encouraging China to become more active at the WTO and in multilateral trade and investment initiatives �C it is hoped that the country should take on responsibilities that match the benefits it can reap from an open trading system and a rules based international order. Since the Chinese government has ambitions for companies in the digital economy sector to compete globally as national champions, the EU intends to work with China to promote fair competition in both markets and to "discourage China from underwriting its companies' competitiveness through subsidisation or the protection of domestic markets". In particular, the Joint Communication explains that deepening cooperation on customs and trade facilitation, beyond WTO commitments, would benefit both the EU and China, and this should cover the security of supply chains and broader enforcement of IPRs. 

 Fourth, the EU-China Connectivity Platform that is expected to be operationalised soon, could be used to find opportunities to improve infrastructure links between Europe and Asia. Connected critical infrastructures will require enhanced cybersecurity cooperation measures. Fifth, the Council supports establishing not just regular but substantial EU dialogue with China, in conjunction with the Member States, to find more common ground on matters like counter-terrorism and cybersecurity. This may include the whole range of export control, disarmament and non-proliferation issues, such as encouraging China to adhere to the export control standards for arms and dual use goods which apply under international export control regimes.

 Lastly, in order to achieve these ambitions, there is much emphasis on having the EU project a clear and unified voice in its dealings with China. In other words, this framework addresses the need for better coordination so that when Member States deal with China, either bilaterally or in groups, the EU as a whole is positively impacted. In other words, the Joint Communication clearly delineates that EU Member States engaging with China must comply with EU laws, rules, and policies, and the EU institutions should coordinate better with Member State activities.  



Caitríona H. Heinl Research Fellow Centre of Excellence for National Security (CENS)