August 15, 2022

How Not to “Compete with China”

In the United States, “competing with China” has become the go-to way to frame domestic policy agendas. The problem is that nearly all of these policies are bad ones (see, for example, the CHIPS Act), that imitate Chinese state capitalism instead of promoting an open, global market economy – which is the true competitive advantage of the US-based political economy. The latest entry in this competition of fools comes from the House Financial Services Committee, which has decided that the U.S. must rush into the creation of a central bank digital currency (CBDC) because, well, China is doing it.

It is true that China would like for its currency to displace the dollar as the international reserve currency, but the RMB is a long, long way from that, and digitizing a fiat currency run by a centralized, authoritarian state does not do much to change its status. China has major restrictions on international capital flows, it has squashed its crypto industry and the initiative of its true digital innovators (the platforms like Ant Financial). A CBDC greatly enhances the ability of the state to engage in financial surveillance, and let’s just say that China has a few trust issues in that regard. An article in Business Insider quoted Aleksandar Tomic, Boston College economist as saying, “The digital yuan isn’t a play to displace the dollar necessarily, but it is likely more of a play to give the Chinese government more insight into flows of funds in the country,” Nor is it clear why any government that currently chafes under US dollar hegemony would welcome Chinese hegemony.

Digitizing the dollar could create a number of benefits, such as less expensive international transfers, but it also raises major issues regarding the structure of the banking industry, the possibilities of financial innovation, privacy and security. If the U.S. moves in that direction it needs to do so based on the merits of particular policies, and a clear demonstration of the benefits that would accrue to US citizens and trading partners. Claiming that we are in a “a new digital assets space race” with China is not helpful. It’s also factually wrong.

India Withdraws Data Protection Bill

On August 4, 2020, India’s Personal Data Protection Bill, which had been stuck at the drafting stage for four years, was withdrawn from the Parliament. The 2019 bill required localisation of “sensitive” and “critical” personal data and was being opposed by the technology companies and start-ups. Privacy advocates had also raised concerns about government agencies being exempted from the law  “in the interest of sovereignty” of India. The Minister for Electronics and Information Technology, Ashwini Vaishnaw wrote in a parliamentary statement that the proposed law was being withdrawn because a Joint Parliamentary Committee’s (JPC) review of the 2019 bill suggested many amendments, leading to the need for a new “comprehensive legal framework”. The government has started drafting the new bill, “which is in good advanced stages”, with a public release “very close”. Reports suggest that the government aims to get the new bill approved and made into law by early 2023. The JPC’s December 2021 report had proposed 81 amendments and 12 recommendations and it remains to be seen how these are accommodated in the new bill. However, considering the JPC had gathered industry feedback on the old bill, it is unlikely the new bill will go through an extensive consultation period.  For now, India remains amongst the few countries in the region with no data privacy law.

Apple’s Traffic Hijacked. So What?

According to a report from MANRS, some of Apple’s network traffic was hijacked by Russian ISP Rostelcom for about 12 hours last month. It could have been caused by a mundane configuration error, although some alarmists raised the spectre of geopolitical rivalry. In a global Internet protected by RPKI and secure BGP this would have never happened! But that’s not the Internet we have because secure routing requires collective action among network operators who have varying incentives for adopting the technology.

The interesting bit here is that Apple, unlike some other large competing networks like Google, is a hold out when it comes to secure routing and creating ROAs for its address blocks. We speculate that it has something to do with widespread adoption of secure communications in its platform’s hardware, software and services, something it can directly control. Securing routing is less important when you’re securing data-at-rest and in-transit, channels between devices and network services, etc. by default. Doing so protects Apple’s users’ data from “Russia” stealing traffic, LEAs trying to crack devices without due process, cybercriminals, and other adversaries.