Washington is scrutinising Alibaba’s cloud unit, say sources
Office set up during the Trump era said to be assessing the risk to US national security
Washington — The Biden administration is reviewing e-commerce giant Alibaba’s cloud business to determine whether it poses a risk to US national security, according to three people briefed on the matter, as the government ramps up scrutiny of Chinese technology companies’ dealings with US firms.
The focus of the probe is on how the company stores US clients’ data, including personal information and intellectual property, and whether the Chinese government can gain access to it, the people said. The potential for Beijing to disrupt access by US users to their information stored on Alibaba Cloud is also a concern, one of the people said.
US regulators could ultimately choose to force the company to take measures to reduce the risks posed by the cloud business or prohibit Americans at home and abroad from using the service altogether.
Former president Donald Trump’s commerce department was concerned about Alibaba’s cloud business, but the Biden administration launched the formal review after he took office in January, according to one of the three people and a former Trump administration official.
Alibaba’s US cloud business is small, with annual revenue of less than about $50m, according to research firm Gartner. But if regulators decide to block transactions between American firms and Alibaba Cloud, it would damage the bottom line of one of the company’s most promising businesses and deal a blow to the reputation of the company as a whole.
A commerce department spokesperson said the agency does not comment on the “existence or non-existence of transaction reviews”. The Chinese embassy in Washington did not respond to a request for comment.
Alibaba declined to comment. It did flag similar concerns about operating in the US in its most recent annual report, saying US companies that have contracts with Alibaba “may be prohibited from continuing to do business with us, including performing their obligations under agreements involving our ... cloud services”.
The probe into Alibaba’s cloud business is being led by a small office within the commerce department known as the Office of Intelligence and Security. It was created by the Trump administration to wield broad new powers to ban or restrict transactions between US firms and internet, telecom and tech companies from “foreign adversary” nations like China, Russia, Cuba, Iran, North Korea and Venezuela.
The office has been particularly focused on Chinese cloud providers, one of the sources said, amid growing concern over the potential for data theft and access disruption by Beijing.
The Trump administration issued a warning in August 2020 against Chinese cloud providers including Alibaba, “to prevent US citizens’ most sensitive personal information and our businesses’ most valuable intellectual property ... from being stored and processed on cloud-based systems accessible to our foreign adversaries”.
Cloud servers are also seen as ripe for hackers to launch cyberattacks because they can conceal the origin of the attack and offer access to a vast array of client networks.
While there are scant public cases of the Chinese government compelling a tech company to turn over sensitive customer data, indictments of Chinese hackers reveal their use of cloud servers to gain access to private information.
For example, hackers connected to the Chinese ministry of state security penetrated Hewlett Packard Enterprise’s cloud computing service and used it as a launch pad to attack customers, plundering reams of corporate and government secrets for years in what US prosecutors say was an effort to boost Chinese economic interests.
Pillar of growth
Alibaba, the world’s fourth-largest cloud provider according to research firm Canalys, has about 4-million customers and describes its cloud business as its “second pillar of growth”. It enjoyed a 50% rise in revenue to $9.2bn in 2020, though the division accounts for just 8% of overall sales.
It has boasted business relationships with units of top US companies including Ford Motor, IBM’s Red Hat and Hewlett Packard Enterprise, according to press releases.
While the sweeping Trump-era powers don’t cover foreign subsidiaries of US companies, regulators have previously found ways to link them to their American parent companies, which can in turn be subject to restrictions.
Before tech tensions between the US and China started to boil, Alibaba had big ambitions for its US cloud business. In 2015, it launched a cloud computing hub in Silicon Valley, its first outside China, with plans to compete with Amazon, Microsoft and Google. It later added data centres there and in Virginia.
A person familiar with the matter says the company scaled back its US gambit during Trump’s presidency as tensions with China escalated.
In 2018, US authorities blocked a bid by Alibaba affiliate Ant Financial, now Ant Group, to acquire US money transfer company MoneyGram International over national security concerns. But a move to put Ant Group on a trade blacklist failed and an executive order banning its mobile payment app, Alipay, was revoked by Biden.
Biden, like Trump, has placed more and more restrictions on Chinese companies. Last month, the US government put investment and export curbs on dozens of Chinese firms, including top drone maker DJI, accusing them of complicity in the oppression of China’s Uyghur minority or helping the military.
Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.
Please read our Comment Policy before commenting.