In January 2010, Google announced that its email servers at its corporate headquarters in the United States had been the target of a sophisticated cyber attack, and that dozens of accounts belonging to human rights activists and NGOs had been compromised.
The company also revealed that these incidents originated from China, leading to worldwide speculation that the Chinese government played a role in the attacks. However, Chinese authorities have adamantly denied responsibility.
Google has struggled for a number of years to strike a balance between its operations in China and concerns about human rights. In 2006, human rights groups and members of the U.S. Congress publicly criticized Google and other U.S.-based companies for working with the Chinese government to create an internet infrastructure that severely limits access to information within China. Their concern was that this infrastructure would become an engine to further limit the free flow of information and allow the Chinese government to more easily identify and persecute human rights defenders.
At the time, Google acknowledged the challenges of creating an infrastructure in China, but voiced the company’s hope that it could prevent large-scale cyber attacks by placing their servers in the United States. As evidenced by this year’s attacks, that effort was unsuccessful in protecting Google users. Currently, Google is negotiating with the Chinese government over the possibility of either launching an unfiltered search engine or terminating its business in China altogether.
U.S. authorities believe they have traced the source of the cyber attacks to Shanghai Jiaotong University and Lanxiang Vocational School. However, U.S. authorities say that with existing technology they cannot identify the individuals responsible. Finding the individuals responsible would require an investigation from inside China, and the Chinese government has been unwilling to assist in any investigation. Although the two identified schools have denied any involvement, the students at each have garnered an international reputation for hacking.
The recent attack on Google’s system is the most high profile to date, but there are reports that human rights defenders and NGOs in China, Tibet, and the United States who use platforms other than Google have been victims of similarly aggressive hacking. As a result, a wide range of NGO servers, websites, and individual e-mail accounts have been compromised. Human rights advocates are understandably concerned about the Chinese government’s access to their e-mail and internet-based information. For instance, in 2005, a Chinese journalist was jailed after Yahoo provided his e-mail account information to authorities.
China has little incentive to stop censoring websites or to prosecute the hackers in January’s attacks. Google is not the leading search engine in China, and other companies such as Microsoft and Apple have been unwilling to raise any concerns with the Chinese government on internet freedom or security issues. However, U.S. Secretary of State Hillary Clinton has called for governments to promote a censorship-free global internet, and stated U.S. businesses are crucial to that effort. “American companies need to make a principled stand. This needs to be part of our national brand. I’m confident that consumers worldwide will reward companies that follow those principles,” Clinton said. Until more international companies follow Google’s lead and demand cooperation from the Chinese government, NGOs and human rights activists may continue to be the targets of censorship and cyber attacks.