A few weeks ago, hundreds of security professionals—mostly contractors and low-level bureaucrats—packed into a sterile, overly bright conference room in the Washington Convention Center to learn how to protect their company's intellectual property from the Chinese—not from hackers, but employees who might, say, walk off with a thumb drive full of secrets.
"The press likes to glom onto the sexy attacks," said John Lee, the jovial, dark-suited man running a PowerPoint at the front of the room, after introducing himself as a consultant with 30 years of experience doing business in China. But, he said, it’s more common that companies are burned by one (or more) of their own, like when two Chinese employees of an American semiconductor manufacturer left to form one with almost the exact same name, off by one letter, in China.
How to prevent this? Well, non-disclosure agreements are useless—the Chinese have a different set of mores, Lee told the crowd. "They never want to box themselves into an area where they definitively say, 'this is absolutely wrong, this is absolutely right,'" he said. "It's amorality. It's non-moral. It's based on efficacy." He later excused these generalizations by saying, "I can say that because I'm Asian.”
Lee had two solutions. One was obvious: Keep your important information locked away. But he also urged them to watch foreign employees and contractors like a hawk—something American companies are hesitant to do, out of respect for privacy. Lee advised them to get over it, and he provided some unusual tips about how, exactly, to keep an eye on potential thieves.
"I also understand that you want to keep your secrets, and you need to get intel that, while it doesn't break privacy laws, can be gotten in public places," he said. "Karaoke is great. Get them looped up and singing some of their top hits, you've got a lot of information coming out." Even maids and other service people need to be watched, he said. "Do you know who they are? Do you know what they do?"
Lee started his own consultancy in a suburb of Seattle last year after working eight years for a global risk management firm called Pinkerton. When I followed up with him a week later, I asked whether companies should really be targeting their Chinese employees. He demurred, saying Hispanics, Middle Easterners, and Eastern Europeans can be culprits too—but he noted that the Chinese government's tacit encouragement of intellectual-property theft made them a particular risk. "A lot of it really is driven by a wink and a nod from the government of China," Lee said. "'You want the apple, go ahead, but it's in someone else's yard.'"
Indeed, a number of recent reports, including a high-profile commission headed by former Chinese ambassador Jon Huntsman and former Director of National Intelligence Dennis Blair, have found intellectual property theft on a massive scale in emerging markets—especially China, where it's an official policy of the state. And the drumbeat of news about Chinese industrial espionage has been mounting: Last week, The New York Times described a Shenzhen-based institute that's been accused of bribing U.S.-based researchers to share their findings.
Institutional discrimination against Chinese-Americans, both citizens and new immigrants, has largely been confined to U.S. government research and law-enforcement institutions—most famously in the Wen Ho Lee case in 2000, when a Taiwanese-American was wrongfully accused of stealing nuclear technology from Los Alamos. Most recently, in March, a Chinese national was fired from his job at a NASA contractor after Representative Frank Wolf of Virginia claimed he was a security risk and asked NASA to disclose all its Chinese employees (the suspected thief was later arrested for taking a laptop full of porn, not security secrets).
Surely, intellectual property theft is a greater threat today—what with the Internet, discreet storage devices, and same-day mail services—than it was last century. But the hysteria over such theft is even greater. Are consultants like John Lee capitalizing on this fear, or merely providing a necessary service? Either way, it’s not a stretch to imagine how advice like his could inspire private U.S. companies to profile their Chinese employees.
For now, profiling doesn't seem to be rampant. The Asian Pacific American Legal Center says it has just one case that's too premature to make public, and the Society for Asian Scientists and Engineers says it hasn't heard of any such complaints from its members.
If indeed the lack of cases is representative of the state of things—and not of Chinese-American employees being afraid to speak out—then that’s good for American businesses, for two reasons.
First, insider thieves of intellectual property have all kinds of motivations, usually independent of allegiance to a foreign government—from mental health issues to simple personal advancement at their next job. Focusing on people of any particular nationality could be a distraction that would make it harder to spot the real culprits. And, in fact, Chinese people can be more loyal than their American colleagues, according to business security expert Ronald Berenbeim. "In Chinese culture, there's a very high level of loyalty and commitment to whatever institution they're a part of," says Berenbeim, who's done research in East Asia. "You can be pretty sure that they aren't going to to try to steal anything—at least culturally, it defies logic to expect them to engage in anything that might harm their own organization."
And second, creating an atmosphere of suspicion is likely to repel Chinese talent, at a time when China's own business environment is improving and China itself is actively recruiting its diaspora to return, with all their new knowledge, to the motherland. "The Chinese have been very aggressive in trying to attract talent to go back to China," says George Koo, a retired international business consultant and member of the Committee of 100, a group of influential Chinese Americans. "Employment is still a global free market, and talent will go towards where they will be the best appreciated."
In some sectors, there are safety in numbers. Koo is based in Silicon Valley, where discriminating against Chinese people would be foolish, if not impossible. "This place is dominated by Asians, so it doesn't make sense for companies to go around looking at employees who are Asians with any type of suspicion," he says.
Let’s hope companies not based in the Bay Area are equally wise and ignore the worst of Lee’s advice. Getting Chinese employees drunk at a karaoke bar is sure to produce just one thing: lower productivity, and not simply because of the hangover.