China Mobile Continues Its Expansion in Africa–Does It Pose a Threat to the Privacy of African Citizens?

ChinaPic

[Business]

By the number of subscribers, China Mobile is the world’s largest wireless network operator. The company has started to further expand its reach this September by opening a new office in Johannesburg, South Africa. Its partnership with MTN Group will not only add another 230 million users to its subscription base but will also grant it access to 23 operating companies across the region.

China Mobile International Limited (CMI) and MTN will thus become collaborators on multinational projects involving network resources sharing, international transmission interconnection, and international business expansion. What the people of Africa will get are significantly lower telecom service costs, which includes both local communications and roaming. But what price will they pay in return?

Why CMI Might Pose a Threat

Even before CMI and MTN have partnered to “conquer” the South African market, citizens have expressed concerns about what this could mean for their privacy. In the aftermath of numerous recent data breach scandals, their concerns are more than just paranoia. CMI has had a bad reputation ever since it fell out with the US.

A couple of years ago, China Mobile attempted a similar business expansion project in the US market. After being halted for seven long years for bureaucratic reasons, the project was eventually shut down by the Trump administration. CMI was forbidden from entering the US market because its application did not “serve the public interest”, as the National Telecommunications and Information Administration (NTIA) elaborated in its filing to the FCC.

“To the contrary”, NTIA added, “the authorization would pose substantial, unacceptable national security and law enforcement risks.” The national security question was raised after CMI applied for a Section 214 facilities-based license, “which would give it the authority to build its own telecommunications network in the US and connect this network to those run by domestic operators”.

This would have given China Mobile access to US cables and satellites, which were built with minimum security as they were never intended to be used by anyone but trusted parties from the US.The  FBI, the Department of Homeland Security, and the Justice Department’s national security division all agreed that, with this license, CMI would have enabled China to easily spy on American citizens.

ZTE and Huawei had similar plans, too. Neither of these Chinese companies was accepted to the US market, and both of them were described as “severe national security threats”. As cautionary tales for all non-Asian countries to be aware of, these three examples justify South African concerns about CMI being a possible threat to its government’s and citizens’ privacy.

Who’s Running China Mobile?

The question we need to ask is – if China Mobile gains free access to African telecommunications and broadband networks, will this mean that all private data will immediately end up in hands of the Chinese government? Isn’t CMI a privately run corporation? What about ZTE and Huawei? Another example involving China reveals how text messages, email and other data are handled in these cases.

When Apple opened a new Chinese data center to host Chinese users’ iCloud accounts back in February 2018, it became apparent that the Chinese government actually had access to all data stored on Chinese territory, be it privately held or not. In order to access these accounts, the authorities need a cryptographic key. As Apple testified, their cryptographic key went directly to the Chinese.

This was the first time Apple stored the keys for Chinese iCloud accounts in China. Along with the new data center, this freed the Chinese government from the obligation to seek formal permission from the US court every time it needed to access Chinese citizens’ private information. With the cryptographic key being on Chinese territory, the Chinese were finally allowed to use their own legal system.

This example goes to show not just how zealous the Chinese government is in applying monitoring and censorship rules whenever and wherever possible, but also that all companies operating on Chinese territory must comply with these rules. If this is true for US-based Apple, then it will apply to the majority of businesses operating in China too, which would include ZTE, Huawei and China Mobile.

That being said, there’s a good reason to believe that a similar destiny awaits African cryptographic keys as well. Sooner or later, the 23 companies operating under the MTN Group’s wing might need to hand their keys over to CMI. Once that happens, who knows where those keys might ultimately end up?

The most dangerous thing here is that South African citizens may not even know who has the right to access their information or how that information might be used. This might result in increased use of encrypted virtual private networks, private messaging applications or anonymous internet browsers such as Tor. Either way, it will be interesting to see how the expansion of the Chinese mobile operator will unfold and whether it will provoke a new privacy and security related scandal.

Leave a Reply

Your email address will not be published. Required fields are marked *