This month, Canada received a contribution to its cybersecurity policy debate from an unexpected source — a Chinese company banned in several countries over allegations of cyberespionage. On January 21, Huawei released Cyber Security and Data Privacy: Key Considerations for Policymakers, a report written by the German consultancy Roland Berger. The report identifies seven policy challenges, drawn principally from previous studies in Canada’s own cybersecurity strategy, and includes a section on Canada’s data protection ecosystem.
What the report says is perhaps less remarkable than its timing and Huawei sponsorship. The company has been accused of cyberespionage, and its equipment has been banned in Australia, the United Kingdom and the United States. Canada-China relations are also at a historic low. Two Canadian citizens — Michael Spavor and Michael Kovrig — remain unlawfully imprisoned in China, effectively held hostage since December 2018 in retaliation for Canada’s detention of Huawei Chief Financial Officer Meng Wanzhou at the request of US authorities. Trade sanctions loom, and Canada’s criticism of the Chinese government for its repression of Hong Kong and treatment of Uighur Muslim minorities is unlikely to lead to improved relations any time soon.
Huawei’s focus on Canada, however, could be deliberate. Canadian officials have thus far refrained from banning Huawei equipment from its national network, despite mounting pressure from its Five Eyes intelligence alliance partners. As Huawei’s Vice President of Government Affairs Morgan Elliott stated in an interview with Bloomberg, the company would like governments to take a more even-handed approach to how they evaluate technologies — its own, in particular. Viewed in this light, the report may be an attempt to sway Canadian government decision makers ahead of a possible ban.
The report is also consistent with Huawei’s broader strategy to be seen as a trusted global vendor. The company is well aware of the reputational risk it faces. Allegations of cyberespionage may be less important in emerging economies. But as countries begin to think about investments into sixth-generation (6G) and other next-generation network technologies, Huawei needs to build and retain trust (as well as leading-edge technologies) in order to preserve its dominant market position.
Supporting innovative research is a strand in that overall strategy. In 2017, Huawei published a study it commissioned from the UK-based Oxford Economics, which proposed a new method for measuring the global digital economy. Not unlike the Canadian cybersecurity study, the Digital Spillover report was a well-written and valuable contribution to public policy debates.
But this report-funding strategy may prove insufficient to achieve Huawei’s objectives. Investment into public policy research is unlikely to restore lustre to Huawei’s tarnished reputation. As long as Huawei remains closely aligned with Chinese leadership, its public policy charm offensive is unlikely to succeed, or to mend the broader rift in relations between Canada, China and the United States. Healing that rift will require diplomatic work and different engagement from the Chinese leadership.
That said, Huawei’s Canadian cybersecurity report is a useful summary of issues that will need to be addressed by Canadian business leaders and decision makers. Regardless of its provenance, it’s a report worth reading.
