Can Google be export controlled?

SC was absolutely thrilled over the weekend to receive an e-mail from Thomas Lipscomb, whose actions in response to Soviet censorship of a book fair were discussed in a recent post about Google's Chinese business dealings. Mr. Lipscomb wished to direct your host to a follow-up piece he wrote for the magazine Human Events, advocating the updating of export control laws to penalize American companies that actively aid and abet tyrannies. It's a provocative idea, and we'll offer just the outline of response because the subject is so complicated.

Your host has some minor experience with export control laws, having prepared an ontology of controlled dual-use materials for an ARDA project a few years ago (in case anybody is worrying about security issues, the project was Unclassified, and also not Sensitive, so it's OK to have mentioned that). The current export control list contains sections for  NBCR (nuclear, biological, chemical and radiological) materials, computers, encryption software, sensors, lasers, and other sorts of hardware or production tools -- in other words, it's essentially the same as it was when SC worked with it 3 years ago. It doesn't really address services, where the actual products/technologies remain under the control of the developer, which is the case with search engines, web-based e-mail, and other offerings from Google/Yahoo!/Microsoft/etc. This of course only demonstrates that Mr. Lipscomb is on target when he writes:

Since those export controls were originally imposed back in smokestack America, the United States economy changed from an industrial economy to an information economy. Today more than half of America’s GDP comes from information technology and information products. Not surprisingly, the Federal Government is often the last to understand changes like this. It can be hard to see that in today’s world information technology might be more dangerous than military equipment.

Regardless of the specific merits of updating export control for dealing with some particular government's policies and behaviors, application service providers have been around for a few years already, and to still have no approach to that business model is insane. Section 730.5 of the Export Administration Regulations addresses this to the extent that it recognizes "export" can mean things other than the physical transfer of hardware or media, and therefore covers things like trying to make nuclear blast simulations a service offering rather than delivered code, but there is still no recognition of the technologies which are best suited to a service model. Filtering technologies provided as a service are functionally equivalent to denial-of-service attacks, in that they have the same outcome of blocking information from being exchanged between legitimate users. The fact that no content provider's servers are being directly vandalized by the filter does not change the outcome. Export controls would come into play with any hardware device designed to provide denial-of-service capabilities to the Chinese government; why mandated filtering should be treated differently is a matter that at least deserves scrutiny.

Mr. Lipscomb also calls for Congress to recall the Jackson-Vanik amendment, which linked trade status to emigration rights, and act in that spirit. The principle here strikes SC as basically sound -- a foreign policy with no actual implementation mechanisms isn't much of a policy at all -- but also hard to sell. Aside from the fact that the specific compliance mechanism provided by Jackson-Vanik is no longer available, there are material differences between the present situation and the Cold War. Whereas trade with the Soviet Union was limited, U.S. trade with China is pervasive. Whereas a specific grievance could be readily targeted beforehand -- the emigration of dissidents being restricted -- it's harder to see how restrictions on information could be dealt with. Chinese crackdowns on dissident journalists, bloggers, or other media sources, are often couched in terms of "state secrets", and while this is often plainly untrue in any sense that would be recognized in the U.S., a dialogue that consisted of "We have a right to protect our secrets! No you don't! Yes, we do!" would bog down with few results. Trying to gain popular support for restrictions on our biggest source of cheap goods is best undertaken when there is no opportunity to obfuscate the source of conflict.

There are all sorts of arguments about whether or not export control is even a good idea, the specific goals of present U.S. regulations notwithstanding, and SC won't pretend to consider them in any sort of detail here. However, as the actions of the American software industry come into increasingly sharp conflict with American foreign policy, it would be a grave mistake to simply ignore the issue. Thomas Lipscomb deserves our thanks for his efforts to keep this from happening.

Comments

"Filtering technologies provided as a service are functionally equivalent to denial-of-service attacks, in that they have the same outcome of blocking information from being exchanged between legitimate users."

This seems very apt and the real crux of the issue. I agree that (some) admininistration will have to address the question of to what extent filters actually count as a governmental (i.e. import/export) control

Posted by: Emcee Escher | February 11, 2006 at 10:52 PM