Getting Personal

Ever since the Chinese took the personal data of 23 million people from the US government security clearance files, things have been getting personal.  An ABC News report today says we are about to go through the the same thing with the US Visa database;  this one has half a billion records in it.  It will make the OPM database seem small.

Sony was the first round and was done by North Korea, undoubtedly with China's active help.  A tit-for-tat exchange will get ugly pretty fast.  In my testimony before the US China Economic and Security Review Commission I said Sony was a warning to the US about what happens in an exchange of personal attacks - from email, or other data.  The Chinese have all that data on personnel security clearance forms that tell a lot about the White House staff and Congress.  It is pretty hard to start a tit-for-tat exchange unless you know what you are getting into. We have no idea what was hidden away in all of that data, but drug use, loans in default, financial disclosure statements, run-ins with law enforcement (even if innocent) are all documented in those reports.

I think the ZTE documents were the first in a new round of disclosures about what China has been doing to us, using their own documents as evidence. We were going to try a little tit-for-tat exchange of data.  As you remember from one of my previous posts [see David Sanger's article in the New York Times at http://www.nytimes.com/2015/08/01/world/asia/us-decides-to-retaliate-against-chinas-hacking.html?_r=0]  this was discussed as an option for retaliation against China for what North Korea did, a clear indication our government thought they two countries were collaborating on it.  China hides behind a proxy whenever it can.

Now, just a short time after those sanctions against ZTE were announced, they went away.  We clearly don't know how to play this game.