China orders removal of foreign tech in state offices

US President Donald Trump's administration banned US companies from doing business with Huawei Technologies this year and blacklisted other Chinese firms. PHOTO: AFP

BEIJING (FINANCIAL TIMES) - Beijing has ordered all government offices and public institutions to remove foreign computer equipment and software within three years, in a potential blow to the likes of HP, Dell and Microsoft.

The directive is the first publicly known instruction with specific targets given to Chinese buyers to switch to domestic technology vendors, and echoes efforts by the Trump administration to curb the use of Chinese technology in the US and its allies.

The move is part of a broader campaign to increase China's reliance on home-made technologies, and is likely to fuel concerns of "decoupling", with supply chains between the US and China being severed.

Earlier this year, Washington banned US companies from doing business with Chinese telecoms equipment maker Huawei, and is looking at ways to help funnel money to its European rivals.

The US recently proposed that technology sales into the US from "foreign adversaries" would be vetted for national security reasons, and has been pressuring European allies to freeze Huawei out of 5G infrastructure projects.

Analysts at China Securities, a broker, estimate that 20m-30m pieces of hardware will need to be swapped out as a result of the Chinese directive, with large scale replacement beginning next year. They added the substitutions would take place at a pace of 30 per cent in 2020, 50 per cent in 2021, and 20 per cent the year after, earning the policy the nickname "3-5-2".

The analysts noted that the order had come from the Chinese Communist party's Central Office earlier this year.

Although Central Office policy documents are confidential, employees from two cyber security firms have told the Financial Times that their government clients have also described the policy. The employees asked to remain anonymous as the information was politically sensitive.

The 3-5-2 policy is part of a drive for China's government agencies and critical infrastructure operators to use "secure and controllable" technology, as enshrined in the country's Cyber Security Law passed in 2017.

But unlike previous pushes for self-sufficiency in technology, recent US sanctions have added urgency to the project, said Paul Triolo of consultancy Eurasia Group.
"China's 3-5-2 programme is just the tip of the new spear," said Mr Triolo. "The goal is clear: getting to a space largely free of the type of threats that ZTE, Huawei, Megvii, and Sugon now face," he added, naming some of the Chinese companies that over the past two years have been blocked from buying from US suppliers.

Analysts at Jefferies estimate that US technology companies generate as much as us$150 billion (S$204 billion) a year in revenues from China, although much of that will come from private sector buyers.

The pace of replacement is ambitious. Government offices already tend to use Lenovo's desktop computers, following the company's acquisition of US giant IBM's personal computer division.

But analysts say that it will be difficult to replace software with domestic alternatives, since most software vendors develop products for popular US-made operating systems such as Microsoft's Windows and Apple's macOS.

Although Microsoft did produce a "Chinese Government Edition" of Windows 10 in 2017 with its Chinese joint venture, Chinese cyber security firms now say government clients must move to entirely Chinese-made operating systems.

China's homemade operating systems, such as Kylin OS, have a much smaller ecosystem of developers producing compatible software.

Defining "domestically made" is also challenging. Even though Lenovo is a Chinese-owned company that assembles many products in China, its computer processor chips are made by Intel and its hard drives by Samsung.

The impact of the 3-5-2 policy could be significant since the government can control procurement for the agencies covered under the policy, another cyber security analyst said.

When it comes to private companies, "let's see what the government orders are - they will not proactively want to substitute, since the investment is high", the analyst added.

Join ST's Telegram channel and get the latest breaking news delivered to you.