National Security Concerns—US State Department and Lenovo
The US Department of State (DOS) is either very paranoid, or it is on to something. Nearly 16,000 Lenovo-brand personal computers were purchased for use by the Department, but after “angry objections” by the Congressionally-appointed US-China Economic and Security Review Committee, the decision to install 900 computers on the Department’s secure network was scrapped.[1] Lenovo purchased IBM’s PC division 10 months ago for $1.75 billion.[2]
According to Frank Wolf, a republican Representative, the purchase “raises serious questions given accusations that China is aggressively spying on the United States.”[3] We discussed these accusations yesterday. Some of the criticism is also aimed at China’s “foreign policies and human-rights record,” but it’s clear that the primary concern is that classified or “unclassified computer communications could be infiltrated and pose a threat.”[4]
In truth, however, most computers, even those manufactured by US companies, are constructed with parts made elsewhere. For example, some of Dell’s monitors are made in Mexico. The speakers that came with some Dell computers are made in China, the wireless keyboards in Thailand, and the wireless mice in China. Blackberries are made in Canada, with the batteries being assembled in China with Japanese parts. Some of Dell’s XPS lines of notebook computers are made in Malaysia. The Western Digital Caviar SE hard drive is made in Malaysia. The Seagate Barracuda hard drive is made in Singapore. The Gigabyte brand of motherboards, which is headquartered in the US, manufactures its motherboards in Taiwan. Most motherboards aren’t even provided by US companies. ABIT, for example, is a Taiwanese company, as are ASUS, Biostar, and ECS (which has manufacturing facilities in China). Some of AMD’s Athlon Turion X2 processor are assembled in Malaysia, and the company has manufacturing plants in Europe, Asia, and Japan, while Intel maintains 11 manufacturing plants across the world, including China. All this is to say that if a foreign country wanted to covertly install surveillance technology in computers, it has ample opportunity to do so, regardless of who the company is owned by.
That said, assuming arguendo that the Chinese government had actually installed some sort of surveillance features into the Lenovos purchased by the State Department, that could have been a cybercrime violation under 18 U.S.C. §§ 2510 et seq. & 2701 et seq. Under section 2511, it is a crime for any person to intentionally intercept any wire, oral, or electronic communication. However, under section 2511, it is a crime to intentionally use an electronic, mechanical or other device to intercept communication only when that communication is oral in nature. The punishment for violating section 2511 is a fine, imprisonment for up to 5 years or both. Under section 2701, the story is a little different. Under this section, it is a crime for a person to intentionally access without authorization a facility through which electronic communication service is provided and thereby obtain access to a wire or electronic communication while it is in electronic storage. The punishment for doing so is a fine, imprisonment for up to 10 years, or both.
[1] Jitendra Joshi, US State Department Pulls China-Made PCs from Secure Networks, Agence France-Presse, May 19, 2006.
[2] Id.
[3] Id.
[4] Id.
posted by McNabb Associates, P.C. @ 3:22 PM
<< Home