Digital bits and bytes are valuable but value-neutral and hence, multiple-use instruments; the use depends on the goal of the hand that holds these. China operates the world’s largest and most sophisticated surveillance system, combining millions of cameras, digital monitoring, Artificial Intelligence, and social credit mechanisms. It has been using this humongous mass of digital data for political and social control domestically and for extending its penetration into governance systems globally. China’s more than 700 million cameras in public places, one for every two persons in the country, had problems with their facial recognition technology during Covid days when everyone was wearing a mask. It was quickly transformed into a body-proportion and gait-recognition system where even a person covered from head to toe could be recognised.

The foundations of the idea of citizen surveillance by the state go back to Imperial China, its ancient legalist thinkers like Han Fei and Shang Yang and the moral principles for the state and the citizens laid down by Confucious. Living in the 4th century B.C., Shang Yang was a Chinese statesman whose efforts ultimately led to the unification of the Chinese empire. He believed that the state needs power comprising a large army, compulsory military service, full granaries, state-administered weights and measures and lots of information about citizens. For the last, he set up a system of mutual spying among the people; this had been the favourite of the likes of Stalin and Mao and continues to be that of present-day totalitarian leaders. The harsh system ultimately hit Shang Yang himself and he was tied to chariots and torn apart. Han Fei, the 3rd century B.C. legalist philosopher, had prescribed strict laws and surveillance of subjects for control by the state rather than relying on moral persuasion. He too was a victim of his harsh ideas; the ruler felt that Han Fei’s influence could threaten his power. He was imprisoned and allegedly died by suicide, much like the victims of purges by Xi Jinping.

Ironically, US companies like IBM, Intel and Dell had enabled Communist China’s surveillance by selling technology to the Chinese state apparatus, in spite of knowing that it would be used to target religious minorities in Tibet and later in Xinjiang. IBM had worked with a Chinese company, Huadi, to strengthen the internet firewall of China to censor information and identify dissidents. The state repression is further strengthened by the Social Credit System, that continuously tracks all activities of citizens, businesses and even of government institutions to reward or punish their trustworthiness through ‘red-listing’ and ‘black-listing’, the former being trustworthy.

Countries of the world, that collect much lesser data on their citizens, have found it impossible to design fool-proof security for such data. In China, the regulations have been stricter for private companies; the Party bosses lived in their bubble presuming that the party discipline will ensure the safety of data in the hands of state entities. Seeing the recurrent purges within the Party, it is obvious that this approach was flawed and unrealistic. That asymmetry – heavy collection of data by the state with weak state accountability - has led to a situation where the surveillance architecture has become a strategic vulnerability, with massive leaks.

Everything about China is big and data leaks are no exception; in mid-2022, a hacker using the name “ChinaDan” stole 23-terabyte of data from the Shanghai police, making it the biggest incident of its kind since the foundation of the Communist state in 1949 and the largest government data breach in history. The hacker claimed that this contained records of one billion Chinese people including names, national ID numbers, addresses, phone numbers, birth places and police records about the individual. The hacker advertised the data for sale for ten bitcoins. Random checks by international media and researchers showed that it was genuine. Nothing is known about what happened subsequently because China, as usual, censored all references to this incident.

There had been many such incidents earlier; in 2016 personal information about Communist Party members was leaked, in 2020, many Weibo accounts were exposed, and in 2022, information was leaked for almost a year about the Xinjiang internment camps. All the incidents involved some negligence relating to cyber-security; the Shanghai leak resulted from a search cluster linked to the Shanghai Public Security Bureau left exposed with no password. Some leaks related to surveillance cameras were traced to such negligence; in Xinjiang, cameras tagging mosques, hotels and police stations were streamed for 24 hours due to an unprotected part of the digital architecture.

These incidents caused considerable alarm about public interest in the Party but more about themselves and their families. The leaked data did not discriminate between citizens and hit the elites too. The BBC reported on 8 July, 2022, under the heading “Security warning after sale of stolen Chinese data,” that Xi Jinping had asked public bodies in China to “defend information security” to protect personal information, privacy and confidential corporate information. The website, where the data sale was advertised, later put up a post saying that the data was no longer available for sale. The small price tag, just $200,000, made it highly unlikely that some foreign intelligence agency would have missed the opportunity of purchasing it before the post was removed. For good measure, the website posted that, “we are not in China and we are not Chinese, so we do not have to obey Chinese laws.” To show that it was not a one-off incident, soon thereafter, 90 million Chinese citizens’ records, said to be stolen from Henan Police, were offered for sale.

Even as the Party was struggling to come to terms with these developments, came the news of the selective killings of Iran’s top clerics and military leadership by the US and Israeli forces in the initial phase of the Iran war. Interestingly, these killings were made possible with the help of a large number of surveillance cameras for citizen control provided to the oppressive theocratic regime by China. The dragon was taken off-guard and its Foreign Minister Wang Yi denounced it saying, “the blatant killing of a sovereign leader and the incitement of regime change are unacceptable.” If Chinese cameras could be hacked to provide information about the elites to Teheran’s enemies, the 700 million cameras in China could be similarly used by Beijing’s enemies too.

China’s Party’s mouthpiece Global Times said on the day after the killing of Khamenei that the US forces amassed in the region had been gathering intelligence enabling them to “simultaneously target Iranian military facilities and top leadership figures in the first wave of attacks.” It gave a Chinese military affairs expert’s ominous assessment, “Iran was said to have been heavily infiltrated, leaving little room for secrecy, especially regarding the movements and locations of senior leaders.”

These events have shown that the world’s largest surveillance structure set up by China is a double-edged weapon. It has kept dissidence under check and has allowed the Party to maintain control over contested regions like Tibet, Xinjiang and Inner Mongolia. Simultaneously, it has created a vulnerability that can be exploited during hostilities by China’s enemies, for selective decapitation of the leadership. Although the parallel may be validly questioned on the grounds of the massive nuclear and military retaliatory clout of China, yet, it delivers a warning to the Party leadership; when you live in a bubble, confident in your capacity to control what is inside, the only thing that separates you from the enemy outside is a thin film of your own making. / DAILY WORLD /

(R N prasher is a former IAS officer. The views expressed are his personal.)