U.S. tech giant Microsoft is defending its extensive presence in Beijing despite a China-linked hack that ripped through the Big Tech company’s security last year and exposed sensitive emails of U.S. government officials.
House lawmakers in a pointed congressional hearing last week expressed repeated concerns that Microsoft’s presence in China exposes the company’s systems to snooping by Chinese Communist Party minders looking for access to American data and systems.
Microsoft President Brad Smith told lawmakers his company is not complying with Chinese law compelling his company to work with the government, despite the Chinese regime’s policies of military-civil “fusion.”
“I always make sure that it’s clear to the Chinese government that if the Chinese government wants to sue somebody, they need to sue me,” Mr. Smith said at a House Homeland Security Committee hearing last week.
“It’s not about suing,” Rep. Carlos Gimenez interjected. “In China, they don’t sue you, man. They arrest you.”
The Florida Republican said he doubted the tech executive’s testimony before the committee.
Microsoft’s corporate website says the company has had a presence in China since 1992, an investment championed by founder Bill Gates. Despite rising U.S.-China tensions over trade and other issues, the company’s largest research center outside the U.S. is still based in China.
House Homeland Security Committee Chairman Mark Green said Microsoft’s presence in China was “one of my biggest concerns,” noting the company’s decision to establish research and development centers in Beijing and in other locations around the country.
Mr. Smith sought to downplay the significance of Microsoft’s China business. He said his company’s China activities were “not a major source of revenue,” amounting for at most roughly 1.5% of global revenues.
The Big Tech executive said he could not recall his business’ corporate structures in China, but said Microsoft operated as a subsidiary and had “at least one joint venture for certain activities,” without elaborating.
Critics say Microsoft’s security staff has done a poor job of protecting customers from China’s prying eyes. China-affiliated hackers breached Microsoft Exchange Online mailboxes in May and June of 2023, including email accounts for GOP Rep. Don Bacon of Nebraska and Commerce Secretary Gina Raimondo, according to the Cyber Safety Review Board.
The federal board of cyber investigators said in March the breaches exposed the digital mailboxes of 500 individuals and 22 organizations around the world.
Mr. Smith, however, argued his company’s work in China was necessary to protect American businesses from cybercriminals.
“The reason I think this is so important is if you’re an American automobile company, an aircraft company, a pharmaceutical company, a coffee company, you need to use the cloud when you’re in China,” Mr. Smith said. “We want their American trade secrets to be stored in an American data center in China.”
Mr. Green pressed Mr. Smith on whether Microsoft’s Chinese footprint could give the ruling Communist Party a foot in the door as it seeks to infiltrate the company’s most sensitive systems.
“What access does the Chinese government have to that?” Mr. Green asked of Microsoft’s China data center presence.
“None,” Mr. Smith replied. “And believe me, every time there is anything remotely close to a request, I always ensure we say no.”
Some China watchers say Microsoft’s answers to Beijing are not always refusals. Geoffrey Cain, policy director for the Tech Integrity Project, said Microsoft readily hands over its computer code to China as the price of doing business in one of the world’s largest IT markets.
“Dating back to 2003, Microsoft has repeatedly given the Chinese government access to its sensitive source code as a de facto requirement to sell Windows in China,” Mr. Cain said on X. “As a result of a 2003 agreement, a research institute at the Ministry of Public Security was granted access to Microsoft source code.”
Mr. Cain pointed to a 2009 State Department cable revealed by Wikileaks documenting Microsoft’s agreement to give a Chinese company access to its source code in 2003. The following year, the cable said, representatives of the People’s Liberation Army were sent to the company to receive network security training.
Mr. Smith acknowledged he has faced pressure from the Chinese government but portrayed his company as taking a principled stand on behalf of America.
“I was in Beijing in December. I got pushed because there was unhappiness about reports that we’ve made publicly about attacks from China, about U.S. critical infrastructure and about influence operations,” Mr. Smith told the committee. “And I said, ‘There are lines that we don’t believe governments should cross. We’re going to be principled and we’re going to be public.’”
China’s version of its interactions with Microsoft appears different. Rep. Clay Higgins, Louisiana Republican, asked Mr. Smith about a rumor that the executive reiterated Microsoft’s support for helping China make tech advancements.
Mr. Smith disputed the rumor as false and coming from the Chinese government, but he did not disagree with the substance of the statement.