A bombshell out of Google today as they threaten to leave the very lucrative Chinese market entirely due to recent cyberattacks on human rights activists, Google itself, and a range of corporate and financial targets. Naturally, the news itself has been censored in China. From the Official Google Blog:
In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.
First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.
However, while a number of corporations were attacked, Google believes that the real goal was to attack human rights activists critical of China, albeit unsuccessfully:
[W]e have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.
Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.
At the core of the decision to contemplate leaving China, according to Google, is their long internal struggle about how to access the huge Chinese market while living up to their corporate moto to ‘not be evil.’ This is pretty hard to do in what the OpenNet Initiative calls one of the most pervasive filtering systems in the world, which Google had to be a part of by prohibiting searches and access to a range of content the Chinese regime did not like. Former Berkman Fellow Rebecca MacKinnon told the Times today that “Google had endured repeated harassment in recent months and that by having operations in China it potentially risked the security of its users in China.” And as our own Jonathan Zittrain said in the same article:
‘I think it’s both the right move and a brilliant one’ said Jonathan Zittrain, a legal scholar at Harvard’s Berkman Center for Internet and Society.
It seems unlikely that the decision was based on human rights concerns alone, but I imagine that rights concerns taken together with the costs in bad PR, cyberattacks, and having to retreat from their own corporate mission are now outweighed by the relative small profits they make in China. The latest attack may simply have been the straw that broke the camel’s back.