Did China Telecom deliberately divert US network traffic to China on multiple occasions between 2015 and 2019?
If it did, it would certainly deserve to get banned from not just the US but any country that values its information security.
Unfortunately, the US government recommendation that China Telecom's common carrier status be terminated doesn't give us an answer.
"This argument is akin to a hazardous chemicals manufacturer arguing that the public need not worry about its failure to monitor safety conditions or follow voluntary fire safety codes, because nothing has exploded yet, and even if it did, it would not be purposeful," says the report.
Which begs the question: Why keep all this a secret? If, as this exchange seems to suggest, China Telecom doesn't trouble itself with rigorous network security, that is almost as damaging as if it had been caught deliberately manipulating traffic.
Why not put China Telecom on the stand in a public hearing? As a large and secretive bureaucracy, more attuned to the latest party directive than world-class security practice, you can be sure it will incriminate itself.
It would also help the US make the public case against China as a bad actor in cybersecurity – something it badly needs to do after the over-zealous claims against Huawei.
In the end the committee makes a twofold case: First, China can't be trusted; second, the telco breached rules on storage of US data and disclosure to US authorities. It goes on to say there can be no mitigation because the "underlying foundation of trust" is not there.
You get the impression this is the decision it was going to make anyway, regardless of the niggardly detail.
But if we're going to start excluding major telcos, let's do it for solid reasons. For one thing, there'll be more acrimony across the Pacific so why not arm yourself with some facts? Plus, we'll see some tit-for-tat against US operators in China. They don't have big businesses there, but it will be disruptive to them and their customers.
Putting all that aside, it's worth noting the ban doesn't affect all China Telecom operations in the US.
For this exercise – Section 214 of the Communications Act – China Telecom has three kinds of services.
It requires S214 authorization in order able to provide facilities-based services – "international basic switched, private line, data, television and business services."
That would seem to apply to its investments in multiple trans-Pacific cables, like the TPE and the forthcoming HKA. It would also cover its US domestic MVNO CTExcel, which serves mostly Chinese tourists and Chinese-Americans.
The key concern for Team Telecom is that the current authorization would allow China Telecom to extend its facilities-based services, including running its own wireless network (spectrum permitting), without requiring further approval. So they've covered that off.
But there are major exceptions among service categories. A ban under Section 214 would not cover China Telecom's data centers – it has more than 20 colocation facilities in the US – and its public and private cloud services.
Then there's the third category: Those services that Team Telecom itself is not sure about. It doesn't know if MPLS VPN, SD-WAN, managed security and virtual private LAN services would be covered by a S214 ban.
These are fairly significant services but, again, this sounds like a group not overly concerned with the detail.
Team Telecom is convinced China Telecom is a security threat. Why not put some evidence out there to persuade everyone else?
— Robert Clark, contributing editor, special to Light Reading