Last week, Xiaodong Sheldon Meng, a Chinese national from Beijing with Canadian citizenship, pleaded guilty to providing restricted software products to China. His guilty plea came at the cost of 34 of the original 36 counts against him. His maximum jail time will be 24 months–I suspect fewer. What struck me most about this story was the way all of the news agencies reported it. What Meng allegedly gave to the Chinese government was called "trade secrets" or was considered "industrial espionage". The original press release from the U.S. Attorneys Office was very telling.
United States Attorney Kevin V. Ryan stated, This case highlights the vital importance of protecting the intellectual property and trade secrets not only in Silicon Valley but also for our country's businesses. The alleged economic espionage and theft and export of trade secrets such as these — visual simulation training software that has military application, no less — has real consequences that could jeopardize our country's military advantages in the world, in addition to creating substantial financial losses for our businesses which legitimately developed and owned this information. We are grateful to our law enforcement partners for taking swift and appropriate action here, and also want to acknowledge the pivotal role private industry's ready cooperation has in these investigations.
Since when did military secrets become simple intellectual property? Meng is a spy and stole information that is reported to give another country's military a distinct advantage over ours. However, the U.S. government spent three years investigating Meng, only to cut him a weak plea deal, and then the prosecutors charge him with intellectual property theft.
How did a DOD defense contractor allow a Chinese national access to such sensitive information? This is bothersome. Back in the late 80s when I obtained my own TS-CSI clearance, I had to report any and all connections I had to any communist country. This included relatives, acquaintances, or business relations. I fault the DOD for not classifying the software and for not holding defense contractors to higher standards. If this software was that sensitive, Quantum3D should have been forced to follow certain protocols and hiring practices. It's like the government learned nothing from the Cold War.
Inept management of sensitive information and technology has become a theme with the government these days. Each agency seems to outdo the other with complete incompetence. I think some of this stems from the 1990s when the Government Accounting Office (GAO) analyzed why so many defense contractors were bailing from government contracts. They documented personnel frustrations about bureaucratic processes and inability to make things happen. I also remember that many previous government defense contractors saw the dot com millions and how much easier that seemed than jumping through hoops for a large contract. At the same time, the branches of the military were pressuring the DOD to become more nimble and get better technology faster. What was lost in all of this discussion was how to deal with classified information in a sensible way.
I haven't had TS clearance for a long time now and can't speak directly to current DOD policies versus how they are actually implemented, but as the case of Xiaodong Sheldon Meng demonstrates, the government as a whole has become too passive when it comes to protecting national secrets. The very fact that the comically ineffective ICE was investigating this guy for three years for "economic espionage" is frightening. ICE can't secure the borders and deport illegals, but they are charged with protecting military secrets?
This was a case of incompetence all the way around. The DOD should be enforcing standards for military secrets. That doesn't mean going back to the old days of too-long-for-profit sales cycles for defense contractors, but it does mean holding those contractors to a minimum standard for classified information. Probably the reason the information wasn't classified was to accommodate this particular vendor. ICE's job is to protect the borders, not investigate DOD-related espionage. That is actually the responsibility of the FBI and other agencies participating in the Defensive Information Counter Espionage" program like the DIA and DOD. By the time this went to indictment, it wasn't about military espionage, it became a white collar, seemingly benign crime.
What will it take for these agencies to realize the dangers of not taking information security seriously?
Popularity: 1% [?]
Unrest by Parkway Drive