By David Shepardson and Alexandra AlperWASHINGTON (Reuters) – The U.S. Department of Commerce is taking steps to further tighten restrictions on China Telecom’s U.S. division, expressing worries that it may exploit its access to American data through its cloud and internet operations in the U.S. by potentially sharing it with the Chinese government, according to a source briefed on the matter by Reuters.
The source corroborated a report by The New York Times that the Commerce Department recently issued a preliminary finding to China Telecom Americas, indicating that its activities within U.S. networks and cloud services present national security risks to the United States. The company has been given a 30-day window to provide a response.
In 2021, the Federal Communications Commission (FCC) rescinded China Telecom Americas’ authorization to conduct business in the U.S., citing concerns related to national security. Despite these developments, China Telecom Americas has yet to offer a formal comment in response to the latest concerns raised.
There is a growing sense of alarm in Washington over China’s purported efforts, dubbed Salt Typhoon, to infiltrate American telecommunications firms and pilfer data related to U.S. communications. Several senators have voiced their belief that this cyberattack could potentially be the most significant breach in U.S. telecommunications history.
In an exclusive report back in June, Reuters revealed that the Biden administration was actively looking into China Telecom, China Mobile, and China Unicom regarding their cloud and internet operations in the U.S. Subsequently, in June, the FCC introduced a proposal aimed at enhancing security measures for internet routing on networks, spurred by worries expressed by U.S. officials about China’s ability to reroute internet traffic.
Despite the FCC’s ban on providing telephone and retail internet services in the U.S., Chinese companies have maintained a limited presence in the country, offering services such as cloud hosting and routing wholesale internet traffic, thereby gaining access to American data. The Border Gateway Protocol (BGP) plays a crucial role in the global internet routing system, with the FCC noting instances where China Telecom exploited BGP vulnerabilities to misdirect U.S. internet traffic on multiple occasions.
In 2022, the FCC officially withdrew China Unicom America’s authorization to operate in the United States. Additionally, in 2019, the FCC rejected a bid by China Mobile to provide telecommunications services in the U.S. Commissioner Geoffrey Starks of the FCC raised concerns in 2022, warning that Chinese telecom firms might still be able to offer data center services to American consumers despite the revocation of their licenses, thereby urging further action to address security issues posed by these centers.
