China is watching you.
I am convinced about 99.99% of all emails go through. But for me, that means at least a few of the emails I send each week will not reach their destination. If I do not hear back from someone quickly, I assume they did not get my email and I send it again. In other words, I assume the worst.
I have a similar attitude regarding my privacy when in China. I assume my hotel room is bugged and my Internet is monitored. I assume the worst, and I take every measure I can to be careful. I know people will laugh at my “paranoia,” but I have plenty of stories involving people who were not careful about their data:
- Many years ago, I was staying on the business floor of the Lotte Hotel in Busan, Korea. This floor had a couple of computers for its guests. I got on one of those computers and the first thing that popped up was a letter written by a Seattle company revealing information I know they would not have wanted anyone to see. Someone from this company had written this letter on the computer and simply left it there. Not smart.
- I once found a memory stick in the desk drawer of my Shanghai hotel that contained huge amounts of information on a European plastics company. Not smart.
- A stockbroker I know was sent an email by a rival stockbroker, urging my stockbroker friend to oppose some proposed law that would strike hard at those with a massive net worth. The stockbroker who sent this email copied it to a half dozen or so of his best clients. My friend figured the clients were people with the requisite massive net worth and so he cold called them for their business. He ended up getting a great client with this tactic. Not smart.
- Many years ago, a client of ours discovered an employee was running a rival business within my client’s business. My client arranged for this employee to bring his two company laptops to the office. When the employee went to lunch, the locks on the office were changed, and he was locked out. You would not even believe the stuff my client found on those laptops — both business and personal. Not smart.
I thought of data protection today after reading a New York Times article, Britain Warned Businesses of Threat of Chinese Spying. This article talks about a 2008 report from Britain’s M15 intelligence agency, setting out the following:
Officers from the People’s Liberation Army and the Ministry of Public Security had approached British businesspeople at trade fairs and exhibitions with offers of “gifts” that included cameras and computer memory sticks that were found to contain bugs that provided the Chinese with remote access to the recipients’ computers. “There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.”
The MI5 report described how China’s computer hacking campaign had attacked British defense, energy, communications, and manufacturing companies, as well as public relations companies and international law firms. The document explicitly warned British executives dealing with China against so-called honey trap methods in which it said the Chinese tried to cultivate personal relationships, “often using lavish hospitality and flattery,” either within China or abroad.
“Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurize individuals to cooperate with them. Hotel rooms in major Chinese cities which have been frequented by foreigners are likely to be bugged. Hotel rooms have been searched while the occupants are out of the room.”
Many years ago, I was going to a Russian city, and my client and I agreed that I should be sure not to meet with or even talk with “Oleg”. I had to go to this city, but I was going to be there for only two days.
I fly in, walk into my hotel lobby and, before I can even check in, two people come up to me and tell me Oleg will be coming by to take me to dinner at 7:00 p.m. I felt I had no choice but to meet with Oleg and I did. When I asked Oleg how he knew of my arrival, he said he gets emailed the list of all foreigners as soon as they arrive at the airport. Oleg runs a very successful private business.
An international lawyer I know who lives in China and someone I have every reason to trust, sent me the following email:
Some Chinese companies own their own hotels or have close relationships with a local hotel and contractually require foreign parties stay in one of these hotels at a special rate. Any attempt to arrange different accommodations is met with strict and swift countermeasures. Penalty clauses in the contract are brought up. If you do find other accommodations, they will not pay for them.
Why? Everything in those rooms are monitored and recorded. I have actually been in the room used by one of these companies as it’s actually not that difficult to get into.
Colleagues would leave their notebooks in the meeting room at lunch, “locked.” The notebooks’ hard drives were removed and cloned.
Once, a foreigner locked horns with someone at a big Chinese company and ended up in jail on a prostitution sting. The “prostitutes” were in fact not prostitutes. They were company spies and their rooms had cameras everywhere. It is very rare for someone to be arrested in China for soliciting prostitutes. This person subsequently got out on greatly reduced charges and I am certain was in return for his agreeing to start going along more with the Chinese company.
I have a client who refuses to stay in any hotel recommended by those with whom he does business. He always books his hotels on his own, without revealing where he will be staying. Sounds like a pretty good policy.
May 16, 2024, UPDATE: I have no doubt that the sort of spying described above has only increased exponentially in China in the 14 years since I wrote it.
