Defense Department-Amazon Deal Risks Chinese Espionage

Recent Department of Defense (DoD) actions indicate that the DoD is considering making Amazon the DoD's sole online cloud provider, the Washington Examiner notes.  Such a deal entails numerous disadvantages, not least of which is threats of espionage arising from Amazon's compromising relationship with China.

On October 30, the DoD made a "Request for Information" (RFI) soliciting private-sector advice about modernizing DoD cloud services.  The RFI specifications suggest that the DoD is seeking a single global cloud-provider.  Amazon would most likely be the contract recipient, given several past multimillion-dollar cloud contracts with multiple national security agencies.

I.T. contractors and several trade groups have made "stern warnings about the potential effects of choosing just one cloud provider."  The "[DoD]'s diverse needs and mission requirements" argue against an "approach that could eliminate the potential for multiple cloud services providers."  As one trade group analogizes, "almost all Fortune 500 counterparts have established multi-cloud architectures because no singular cloud solution meets all of their mission and business application requirements."

Innovation and cost-cutting also favor multiple suppliers, the trade groups and contractors note.  "A Department cloud [comprising] multiple interoperable offerings would ensure that the Department obtains the benefits of competition to achieve best value."  The "diversified solutions from the commercial market will facilitate a culture of experimentation, adaption, and risk-taking and increase the speed of technology development and procurement."  By contrast, "selecting only one cloud[-]provider drastically impairs competition in the future, effectively leaving [DoD] captive to one provider."

"Failing to diversify," the Washington Examiner notes with particular concern for national security:

... puts any investor, especially the government, at a greater risk.  The stakes are high here, as a breach by a cloud services provider could lead to the leak of military secrets to China and other U.S. competitors that do business with Amazon.

One trade group sees particular concerns in the RFI's terms.  The RFI "appears to raise in priority the needs of the supplier above the needs of the customer for issues, like national security."  The RFI specifically states that "DoD is prepared to pursue the revision of existing policies and federal regulations to remove barriers to success."

The Amazon-DoD deal's inadequacies are especially glaring, given the extensive history of Chinese espionage against the United States.  National Security Agency director General Keith Alexander once called the economic fruit of this spying the "greatest transfer of wealth in history."  Sophisticated Chinese government hackers have breached the computer security of American media firms like the New York Times and Washington Post as well as major corporations like Alcoa, U.S. Steel, and Westinghouse.  Some commentators worry that "businesses are now unlikely to keep valuable information secure online."

The Trump administration's recently revealed new national security strategy only emphasizes China concerns, noting:

China and Russia challenge American power, influence, and interests, attempting to erode American security and prosperity.  They are determined to make economies less free and less fair, to grow their militaries, and to control information and data to repress their societies and expand their influence[.] ... China gathers and exploits data on an unrivaled scale and spreads features of its authoritarian system, including corruption and the use of surveillance.

As one CIA analyst noted, companies like Amazon that invest in China are particularly susceptible to China's pressures.  For example, "Beijing encourages multinational corporations to conduct R&D in China as a means to promote domestic technological innovation.  Increasingly, key firms are complying for their own self-interest."  Chinese laws have already forced Amazon's Chinese operations to run Amazon's Chinese cloud businesses through a Chinese partner in which Amazon may have only a minority share as well as to accede to Chinese online censorship.

The extent of Amazon's business relationships with China makes the firm particularly vulnerable to Chinese pressure.  Some estimate that 25 percent of Amazon's retailers are from China.  Predicted coming trade fights between China and the Trump administration will only place Amazon's China investments in a more precarious position and incentivize Amazon officials to stay on China's good side.

Under these circumstances, making Amazon a sole-source DoD provider for the very type of cloud technology Amazon has sold to China is fraught with hazards.  The United States cannot allow Chinese espionage to extend its tentacles from American business to national defense.  Rather, the United States should draw upon the best in its free-market economy of numerous private producers to protect vital national interests.

Recent Department of Defense (DoD) actions indicate that the DoD is considering making Amazon the DoD's sole online cloud provider, the Washington Examiner notes.  Such a deal entails numerous disadvantages, not least of which is threats of espionage arising from Amazon's compromising relationship with China.

On October 30, the DoD made a "Request for Information" (RFI) soliciting private-sector advice about modernizing DoD cloud services.  The RFI specifications suggest that the DoD is seeking a single global cloud-provider.  Amazon would most likely be the contract recipient, given several past multimillion-dollar cloud contracts with multiple national security agencies.

I.T. contractors and several trade groups have made "stern warnings about the potential effects of choosing just one cloud provider."  The "[DoD]'s diverse needs and mission requirements" argue against an "approach that could eliminate the potential for multiple cloud services providers."  As one trade group analogizes, "almost all Fortune 500 counterparts have established multi-cloud architectures because no singular cloud solution meets all of their mission and business application requirements."

Innovation and cost-cutting also favor multiple suppliers, the trade groups and contractors note.  "A Department cloud [comprising] multiple interoperable offerings would ensure that the Department obtains the benefits of competition to achieve best value."  The "diversified solutions from the commercial market will facilitate a culture of experimentation, adaption, and risk-taking and increase the speed of technology development and procurement."  By contrast, "selecting only one cloud[-]provider drastically impairs competition in the future, effectively leaving [DoD] captive to one provider."

"Failing to diversify," the Washington Examiner notes with particular concern for national security:

... puts any investor, especially the government, at a greater risk.  The stakes are high here, as a breach by a cloud services provider could lead to the leak of military secrets to China and other U.S. competitors that do business with Amazon.

One trade group sees particular concerns in the RFI's terms.  The RFI "appears to raise in priority the needs of the supplier above the needs of the customer for issues, like national security."  The RFI specifically states that "DoD is prepared to pursue the revision of existing policies and federal regulations to remove barriers to success."

The Amazon-DoD deal's inadequacies are especially glaring, given the extensive history of Chinese espionage against the United States.  National Security Agency director General Keith Alexander once called the economic fruit of this spying the "greatest transfer of wealth in history."  Sophisticated Chinese government hackers have breached the computer security of American media firms like the New York Times and Washington Post as well as major corporations like Alcoa, U.S. Steel, and Westinghouse.  Some commentators worry that "businesses are now unlikely to keep valuable information secure online."

The Trump administration's recently revealed new national security strategy only emphasizes China concerns, noting:

China and Russia challenge American power, influence, and interests, attempting to erode American security and prosperity.  They are determined to make economies less free and less fair, to grow their militaries, and to control information and data to repress their societies and expand their influence[.] ... China gathers and exploits data on an unrivaled scale and spreads features of its authoritarian system, including corruption and the use of surveillance.

As one CIA analyst noted, companies like Amazon that invest in China are particularly susceptible to China's pressures.  For example, "Beijing encourages multinational corporations to conduct R&D in China as a means to promote domestic technological innovation.  Increasingly, key firms are complying for their own self-interest."  Chinese laws have already forced Amazon's Chinese operations to run Amazon's Chinese cloud businesses through a Chinese partner in which Amazon may have only a minority share as well as to accede to Chinese online censorship.

The extent of Amazon's business relationships with China makes the firm particularly vulnerable to Chinese pressure.  Some estimate that 25 percent of Amazon's retailers are from China.  Predicted coming trade fights between China and the Trump administration will only place Amazon's China investments in a more precarious position and incentivize Amazon officials to stay on China's good side.

Under these circumstances, making Amazon a sole-source DoD provider for the very type of cloud technology Amazon has sold to China is fraught with hazards.  The United States cannot allow Chinese espionage to extend its tentacles from American business to national defense.  Rather, the United States should draw upon the best in its free-market economy of numerous private producers to protect vital national interests.