China to demand source code access, backdoors in some tech products
China's central government has introduced new procurement regulations that would force technology companies wishing to do business with the country's banks to submit source code for review and build government-accessible backdoors into their products, according to a Wednesday report.
The formal entrance to Zhongnanhai, the seat of China's central government.
Word of the changes, which the New York Times says have already prompted calls of protectionism from a number of western firms, comes on the heels of a report that Apple has already agreed to subject its own products to Chinese government audits. It is unclear whether those "inspections," as one official called them, would fall under the same umbrella as the new banking regulations.
Apple does not traditionally compete for the kinds of enterprise infrastructure projects that China's regulators are targeting, but the company has made significant moves in that direction of late. A recent tie-up with IBM has Big Blue pitching Apple's iOS devices to its enterprise customers, many of which are large banks that are the bread and butter of IBM's mainframe and services businesses.
During Apple's quarterly earnings call earlier this week, CEO Tim Cook said that the two firms had made "great progress" since the commencement of the partnership. Ten new mobile applications aimed at banking, retail, insurance, financial services, telecommunications, governments and airlines have been delivered to a dozen "foundational customers," with over 130 more companies kicking the tires.
If Apple were asked by the Chinese government to build backdoors into the iPhone or iPad, it would be an ironic twist.
The company has faced tight scrutiny in China after allegations that it participated in intelligence gathering initiatives run by the U.S. National Security Agency. Apple has repeatedly and emphatically denied involvement, and Cook reportedly sought to reassure top Chinese internet regulator Lu Wei of the company's commitment to user privacy during a meeting in Cupertino.
While there are "rumors of us keeping backdoors and providing data to third parties," Cook is said to have told Lu, the company has "never had any backdoors and never will."
Even if Apple elects not to bid for enterprise sales in China, it may not escape the government's control. A second set of still-unfinished policies, aimed at antiterrorism, would force companies that enable encrypted communications to provide the government with encryption keys and store all Chinese user data on Chinese servers.
The former could prove problematic for Apple, which has overhauled the encryption mechanism in iOS 8 in a manner that makes it impossible to comply with such a request. The company already stores at least some Chinese user information in datacenters run by China Telecom, but maintains that the state-owned telecom firm does not have access to that data.
The formal entrance to Zhongnanhai, the seat of China's central government.
Word of the changes, which the New York Times says have already prompted calls of protectionism from a number of western firms, comes on the heels of a report that Apple has already agreed to subject its own products to Chinese government audits. It is unclear whether those "inspections," as one official called them, would fall under the same umbrella as the new banking regulations.
Apple does not traditionally compete for the kinds of enterprise infrastructure projects that China's regulators are targeting, but the company has made significant moves in that direction of late. A recent tie-up with IBM has Big Blue pitching Apple's iOS devices to its enterprise customers, many of which are large banks that are the bread and butter of IBM's mainframe and services businesses.
During Apple's quarterly earnings call earlier this week, CEO Tim Cook said that the two firms had made "great progress" since the commencement of the partnership. Ten new mobile applications aimed at banking, retail, insurance, financial services, telecommunications, governments and airlines have been delivered to a dozen "foundational customers," with over 130 more companies kicking the tires.
If Apple were asked by the Chinese government to build backdoors into the iPhone or iPad, it would be an ironic twist.
The company has faced tight scrutiny in China after allegations that it participated in intelligence gathering initiatives run by the U.S. National Security Agency. Apple has repeatedly and emphatically denied involvement, and Cook reportedly sought to reassure top Chinese internet regulator Lu Wei of the company's commitment to user privacy during a meeting in Cupertino.
While there are "rumors of us keeping backdoors and providing data to third parties," Cook is said to have told Lu, the company has "never had any backdoors and never will."
Even if Apple elects not to bid for enterprise sales in China, it may not escape the government's control. A second set of still-unfinished policies, aimed at antiterrorism, would force companies that enable encrypted communications to provide the government with encryption keys and store all Chinese user data on Chinese servers.
The former could prove problematic for Apple, which has overhauled the encryption mechanism in iOS 8 in a manner that makes it impossible to comply with such a request. The company already stores at least some Chinese user information in datacenters run by China Telecom, but maintains that the state-owned telecom firm does not have access to that data.
Comments
China is going to be heaven for smartphone smugglers.
And this is a prime reason why China should be kicked out of the WTO.
Bad, BAD move Apple.
How long will it be before the Chinese Gov't starts spying on anyone with an iOS device, and they sell the source code to tech conglomerates there in China?
Bad, BAD move Apple.
Wouldn't it be prudent to criticize a move after you know if one has been made and what it is?
F#ck!ng Chinese government. The first thing they would do is take that source code and start pumping out Chinese knockoffs.
I find it hypocritical that China accuses us of building backdoors into our products to spy on Chinese citizens, yet is not demanding those same backdoors for them to use.
This is a moment where the WTO needs to step up and tell China to either get its act together or get out. Unbelievable how the WTO looks the other way, all the while grabbing their ankles and hoping China is gentle.
Screw China. I don't care how much their untapped market potential is. It's sleeping with the devil.
And this is a prime reason why China should be kicked out of the WTO.
I agree. This is ridiculous by the Chinese government. China just wants this information from tech companies so they don't have to develop it themselves. The Chinese copy everything and steal corporate secrets from as many companies as they can.
How long will it be before the Chinese Gov't starts spying on anyone with an iOS device, and they sell the source code to tech conglomerates there in China?
Bad, BAD move Apple.
I know, I'm utterly enraged at Apple for making this horrendous, theoretical, imaginary move in the future. Just livid. Apple, how dare you.
Sounds mostly like a china only thing for tracking their own users. Doesn't mean it can't be expanded of course secretly.
Still doesn't make it any less of a crap move.
Oh well, I Love seeing the US and China hypocritically banter at each other so I'll grab my popcorn. Willing to share if anyone wants any.
People, chillax*.
The Chinese government is UTTERLY trustworthy.
*The "CH" added to the word "relax" actually comes from the fact that anything with a "CH" in front of it is actually WAY better than anything else. So just chill.
If governments have access to backdoors, so will hackers. Simple as that.
It was one thing to look at the source code. But it's going way to far making Apple put backdoors into it. I thought that was the whole issue. So it's BAD if the U.S. is doing it, which Apple is not allowing, though what the NSA is hacking?!?! But China now telling Apple to but backdoors in, that's just asking for China and the NSA and anyone else free access to all. I hope Apple doesn't allow this crap. Putting backdoors in software is just making a big hole and weakness to be exploited by anyone with a little skill.
Oh, wait....
When it comes to trade, we are hardcore to small players with no value to us like Cuba. But when it comes to big money opportunities like China and Saudi oil, we look the other way and pave a special road to all that money. The biggest growth opportunities and the biggest market, I am going to guess that American companies and politicians will be willing to bend over whichever way money dictates.
The rest of our large 'American' 99% conservative businesses already sold us out for cheap labor to them. What's the difference?
How long will it be before the Chinese Gov't starts spying on anyone with an iOS device, and they sell the source code to tech conglomerates there in China?
Bad, BAD move Apple.
Having been working in software validation industry for a long time now, I understand the word "Audit" in the software environment is that software manufacturers will provide an auditor access to source codes ONLY at their facility, not give the auditor the source code. They can spend days and months at software company facilities to look through the source codes, software life cycle or validation documents but no documents will leave the facility. This is for transparent practice in doing business and Apple is not stupid to give away their intellectual propriety, but complying with the law only.
In worst case scenario, Apple can even pull the fck out of China and will see what China can deal with iPhone smugglers. Vietnam, Thailand and other South East Asia countries are more than willing to let Apple in their country with less regulations.
Very funny.
Oh, wait, maybe not so funny.
No, this should be criticized when it is just a possibility. If you wait until it has been implemented, it will be too late!
How American of them.
The first thing they would do is take that source code and start pumping out Chinese knockoffs.
I find it hypocritical that China accuses us of building backdoors into our products to spy on Chinese citizens, yet is not demanding those same backdoors for them to use.
Backdoors are probably not going to happen because it would compromise Apple sales. Trust is a big part of Apple's sterling reputation, but the code inspection is reasonable, however there is little chance that China would be able to steal the code. I think the way it works is that they get to see certain parts of the code, but the inspection would be done in Cupertino under strict conditions. They don't get to take the code back to China and disassemble it.