China: The Walls Have Ears

China is watching you.

I am convinced about 99.9% of all emails go through. But to me, that means at least a few of the emails I send each week will not reach its destination. If I do not hear back from someone rather quickly, I just assume they did not get my email and I send it again. In other words, I assume the worst.

I have a similar attitude regarding my privacy when in China. I assume my hotel room is bugged and my Internet is monitored. I assume the worst and I take every measure I can to be careful. I know people will laugh at my “paranoia,” but I have plenty of stories to tell involving people who were not careful about their data:

  • Many years ago, I was staying on the business floor of the Lotte Hotel in Busan, Korea. This floor has a couple of computers for its guests. I got on one of those computers and the first thing that popped up was a letter written by a Seattle company revealing information I know they would not have wanted anyone to see. Someone from this company had written this letter on the computer and simply left it there. Not smart.
  • Many times I have gotten on the internet at an airport computer and been let right into someone’s webmail account. Not smart.
  • A couple of years ago, I found a memory stick in the desk drawer of my Shanghai hotel that contained huge amounts of information on a European plastics company. Not smart.
  • A stockbroker I know was sent an email by a rival stockbroker, urging my stockbroker friend to oppose some proposed law that would strike hard at those with massive net worth. The stockbroker who sent this email cc’ed it to a half dozen or so of his best clients. My friend figured the clients were people with the requisite massive net worth and so he cold-called them for their business. He ended up getting a great client with this tactic. Not smart.
  • Many years ago, a client of ours discovered an employee was running a rival business within my client’s business. My client then arranged for this employee to bring his two company laptops to the office. When the employee went to lunch, the locks were changed and he was locked out. You would not even believe the stuff we found on those laptops. I am talking both business and personal. Very, very personal. Not smart.

I thought of data protection today after reading a New York Times article, Britain Warned Businesses of Threat of Chinese Spying. This article talks about a 2008 report from Britain’s M15 intelligence agency, setting out the following:

Officers from the People’s Liberation Army and the Ministry of Public Security had approached British businesspeople at trade fairs and exhibitions with offers of “gifts” that included cameras and computer memory sticks that were found to contain bugs that provided the Chinese with remote access to the recipients’ computers. “There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.”

The MI5 report described how China’s computer hacking campaign had attacked British defense, energy, communications and manufacturing companies, as well as public relations companies and international law firms. The document explicitly warned British executives dealing with China against so-called honey trap methods in which it said the Chinese tried to cultivate personal relationships, “often using lavish hospitality and flattery,” either within China or abroad.

“Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurize individuals to cooperate with them. Hotel rooms in major Chinese cities which have been frequented by foreigners are likely to be bugged. Hotel rooms have been searched while the occupants are out of the room.”

Many years ago, I was going to a particular city in a former Communist country and my client and I agreed that, above all else, I should completely avoid meeting with or even talking to “Oleg”. I had to go to this city, but I was going to be there for only two days. I fly in, walk into my hotel lobby and, before I can even check in, two people come up to me and tell me Oleg will be coming by to take me to dinner at 7:00 p.m. I felt I had no choice at that point but to meet with Oleg and I did. When I asked Oleg how he knew of my arrival, he said he gets emailed the list of all foreigners as soon as they arrive at the airport. Oleg runs a very successful private business.

An international lawyer I know who lives in China and someone I have every reason to trust, sent me the following email, which I have modified slightly to erase any possibility of anyone being able to trace it back to its source:

Some Chinese companies own their own hotels or have very close relationships with a particular local hotel and contractually require foreign parties stay in one of these hotels at a special rate. Any attempt to arrange different accommodations is met with strict and swift countermeasures. Penalty clauses in the contract are brought up. If you do find other accommodations they will not pay for them.

Why? All telephone calls are recorded. I have actually been in the room used by one of these companies as it’s actually not all that difficult to get into.

All of the “photocopies” made at the hotel are scanned and saved. Colleagues would leave their notebooks in the meeting room at lunch, “locked.” These notebooks’ hard-drives were removed and cloned.

Once, a foreigner locked horns with someone at a big Chinese company and ended up in jail on a prostitution sting. The “prostitutes” were in fact not prostitutes. The girl’s room was camera’ed out. It is very rare for someone to be arrested in China for soliciting. This person subsequently got out on greatly reduced charges and I have to believe that was in return for his agreeing to start going along more with the Chinese company.

I have a client who refuses to stay in any hotel recommended by those with whom he does business. He always books his hotels on his own, without revealing where he will be staying. Probably a pretty good policy.

January 23, 2023 UPDATE: I have no doubt that the sort of spying described above has only increased exponentially in China in the 13 years since this post was written.