This study explores U.S. policy options for managing cyberspace relations with China via agreements and norms of behavior. It considers two questions: Can negotiations lead to meaningful agreement on norms? If so, what does each side need to be prepared to exchange in order to achieve an acceptable outcome? This analysis should interest those concerned with U.S.-China relations and with developing norms of conduct in cyberspace.
Getting to Yes with China in Cyberspace
Download eBook for Free
|PDF file||0.8 MB||Best for desktop computers.|
|ePub file||0.3 MB||Best for mobile devices.
On desktop computers and some mobile devices, you may need to download an eBook reader to view ePub files. Calibre is an example of a free and open source e-book library management application.
|mobi file||0.9 MB||Best for Kindle 1-3.
On desktop computers and some mobile devices, you may need to download an eBook reader to view mobi files. Amazon Kindle is the most popular reader for mobi files.
在网络空间 与中国达成共识 (内容摘要)
Chinese language version (summary only)
|PDF file||0.4 MB|
التوصل إلى اتفاق مع الصين بشأن الفضاء الإلكتروني
Arabic language version
|PDF file||1 MB|
Purchase Print Copy
|Add to Cart||Paperback120 pages||$19.50||$15.60 20% Web Discount|
- Can the United States and China achieve meaningful outcomes through formal negotiations over norms and rules in cyberspace?
- If meaningful negotiations are possible, what areas are most likely to yield agreement and what might be exchanged for what?
- What are the feasible paths to getting to useful agreements over norms in cyberspace?
Since the founding of the People's Republic of China in 1949, the U.S.-China relationship has been characterized by conflict, confrontation, and strategic mistrust. The tensions that divide the two countries have been growing in importance in recent years. Unfortunately, they apply just as much to cyberspace as to relations in the physical world. Indeed, of all the areas where the relationship between the two sides is troubled, cyberspace has been one of the most contentious. The United States and China began formal negotiations in 2013 to resolve such differences only to see them abruptly suspended in 2014, when China broke them off in response to the U.S. indictment of several Chinese military officers on charges related to cyber-espionage activities. This study explores U.S. policy options for managing relations with China over this critical policy area through the use of agreements and norms of behavior. It looks at two basic questions: Can the United States and China achieve meaningful outcomes through formal negotiations over norms and rules in cyberspace? And, if so, what areas are most likely to yield agreement and what might be exchanged for what? This analysis should be of interest to two communities: those concerned with U.S. relations with China, and those concerned with developing norms of conduct in cyberspace, notably those that enhance security and freedom.
Chinese and U.S. Views of Cybersecurity Have Very Little Overlap
- The United States and China have very different perspectives on cyberspace. The United States emphasizes extending the rule of law internationally. China stresses the maintenance of state sovereignty.
- The most important U.S. interest on the bilateral agenda is for China to eliminate espionage for commercial gain and modulate its other cyber-espionage activities. The hack of the Office of Personnel Management was a particular sore point.
- Within the bilateral relationship, the United States places more importance on cyberspace issues than China does. Chinese behavior in cyberspace is often the top item on the bilateral agenda; U.S. behavior in cyberspace rarely makes China's top-ten list.
Avoiding Targeting or Carrying Out Espionage on Critical Infrastructure Provides Prospects for Negotiating a Set of Norms
- The Chinese appear interested in norms against countries attacking one another's critical infrastructure. They also understand that such a norm would also have to forbid espionage against critical infrastructure (distinguishing espionage from implanting attacks is very hard).
- The United States believes it can catch Chinese cheating and would like some process by which cheating, once discovered, is acknowledged — with possible consequences to follow.
- The Chinese believe they are unlikely to catch cheating by the United States and are apprehensive of any agreement that would put them at a corresponding disadvantage.
- Any serious agreement would need a process that both sides could trust and may require some way to increase China's confidence it is own attribution capabilities.
- The United States should negotiate with China over cyber rules by linking the issue more directly to the broader health of the overall relationship between the two countries.
- China and the United States could possibly achieve progress in cybersecurity negotiations by means of an agreement that would have both countries refrain from attacking each other's critical infrastructure or carrying out cyber espionage that could leave behind implants that could facilitate such attacks.
- The United States might consider assisting China by sharing insights into attribution if, in exchange, China would to agree to common evidentiary standards and credibly commit to prosecuting those found to have violated them. Such an agreement would require some mutually approved method of determining when one or the other side had violated its part of the bargain in ways that would have the guilty party accord legitimacy to such findings and admit what it has done.
- The United States may need to simultaneously incentivize China to come to and stay at the bargaining table by raising the costs if China continues its economically motivated cyber-espionage activities, while exploring the potential role of a quid pro quo in facilitating agreements that can be monitored.
Table of Contents
The "Cyber Problem" in U.S.-China Relations
Coming to Terms
Getting to Now
Getting to Yes?
Funding for this report was provided, in part, by donors and by the independent research and development provisions of the RAND Corporation's contracts for the operation of its U.S. Department of Defense federally funded research and development centers.
This report is part of the RAND Corporation Research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.
This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.
The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.