Take a company with an internal, shadowy board run by the government that was called out for violating customer privacy.
Team it up with a company that is one of the best known for openness and privacy.
Then create a smartphone, and put it on eBay for $60.
This is exactly what is taking place right now with the new ZTE Open Firefox OS phone, and it’s looking like a privacy advocate’s nightmare.
Mozilla, a U.S. software company praised for its openness and respect for user rights, has teamed up with ZTE, a Chinese telecom with an internal board controlled by the Chinese Communist Party, which is decried for its violation of openness and respect for user rights.
The ZTE Open Firefox OS phone was announced by Mozilla on Aug. 12, and turned some heads in the tech world, not only for its $60 price tag, but also for the positive reputation Mozilla has from its Firefox Web browser.
Yet, there was little discussion about the other company behind the phone: Chinese telecom ZTE.
On Oct. 8, 2012, a report from the U.S. House Intelligence Committee warned companies to avoid Chinese telecoms ZTE and Huawei, stating that doing business with the telecoms can put a company and its users at risk.
The report came after an extensive review of Huawei and ZTE, which included interviews with both companies. It pointed out that both have internal boards controlled by the Chinese regime. It states that, while the companies put on a show of being cooperative during interviews and congressional hearings, they avoided questions, and declined to provide crucial information on the grounds that it would violate China’s spying laws.
The conclusion of the report was clear and simple: “Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems.”
An even clearer warning was given by Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee in an interview with “60 Minutes.”
Rogers said, “I would find another vendor if you care about your intellectual property, if you care about your consumers’ privacy, and you care about the national security of the United States of America.”
In response, rather than addressing the concerns raised against them, Huawei and ZTE used standard rhetoric from the Chinese regime to deflect criticism and mask the real issue, for example, saying that the criticism is “against China.”
ZTE then took another route, and partnered with a foreign company with an established image of openness and respect for user privacy: Mozilla.
When asked how Mozilla will ensure the privacy and rights of its users, in light of the findings of the House Committee, a Mozilla spokesperson said over email, “We will continue to keep the cautions articulated by the Committee in mind when we evaluate all of our mobile ecosystem partners. If we learn of specific information that would impact Firefox OS we will respond accordingly.”
Monitoring and Security
The partnership mirrors a similar move by the Chinese regime itself, which recently made a deal with Canonical, creators of the Ubuntu operating system and one of the most respected companies in the open software movement.
When criticized, the response shot back by the Chinese regime harkens back to its Cultural Revolution days: You can’t criticize someone unless you yourself have no flaws. And many users in the open software movement have written off security concerns by regarding the Chinese regime as just another country among many that monitor communications.
China recently found itself with room to maneuver in the international privacy debate, after the NSA was accused of spying through its PRISM program.
Yet, the programs run by the NSA and the Chinese regime are incomparably different. While the NSA program searches for keywords that indicate red flags on possible terrorists and spies, the Chinese system is extremely broad.
The Chinese regime blocks more than 4,000 keywords online, including “Tiananmen Square incident,” “Chinese language Wikipedia,” “Falun Gong,” and “Google Blogger,” and the people it regards as threats to the state are not limited to just terrorists and spies.
For the Chinese regime, “threats to the state” is also a much broader category that includes democracy activists, people who believe in religion, and people who believe in a independent Taiwan or a free Tibet.
Yet, for users of the new Firefox-ZTE phone, the problem runs much deeper. The concern on an individual level is intellectual property theft—something the Chinese regime is notorious for.
And for people outside China who fit into any group of particular interest to the regime—such as human rights activists—the threat is even more real.
In the past, if the Chinese regime was monitoring people abroad, it was often done through complex cyberattacks, which have included Operation Aurora, which hacked Gmail accounts of foreign activists; Operation Shady Rat, which was a system of corporate espionage; and Ghostnet, which was monitoring Tibetans and other activists.
Yet, by finding a way into the foreign market through a telecom where it controls a board—and with a history of leaving backdoors and ignoring intellectual property laws—the regime has convinced users in the West to open their doors willingly.