Microsoft Claims It Is Exempt from China’s National Intelligence Law, Echoing Huawei and TikTok

It’s no secret that U.S. companies with a presence in China are compelled, under the country’s 2017 national intelligence law, to cooperate with its intelligence services. The U.S. intelligence community has repeatedly warned American businesses that the law is a risk to their operations in the country. It did so last July, in a bulletin that said the law creates a legal responsibility for business to “provide access to, or collaborate with, the PRC’s intelligence efforts.”

But during testimony before Congress last Thursday, Microsoft vice chairman and president Brad Smith denied that his company is subject to the law. Microsoft has both a presence in China and contracts covering the Pentagon’s cloud computing and other essential government services.

Smith was on the Hill to answer for security breaches affecting Microsoft products that enabled Chinese intelligence to get into the email accounts of senior U.S. officials last summer. During his line of questioning, though, Representative Carlos Gimenez homed in on Microsoft’s possible compliance with the 2017 law.

Gimenez asked repeatedly if Microsoft complies with the 2017 national intelligence law.  “No, we do not,” Smith said.

“There are two types of countries in the world. Those that apply every law they enact, and those who enact certain laws but don’t always apply them. And in this context, China, and that law, is in the second category,” he said.

Gimenez challenged him again, asking him if he really believes that: “You operate in China, and you’re telling me that you don’t have to comply with the laws of China?”

Smith replied: “I will tell you that there are days when questions are put to Microsoft, and they come across my desk. And I say no. We will not do certain things.”

After Gimenez said that Microsoft employees in China would need to comply with the law, Smith said that he makes clear to the Chinese government “that if the Chinese government wants to sue somebody, they need to sue me.”

Divyansh Kaushik, a senior fellow at American Policy Ventures with an expertise in the U.S.–China tech competition, told National Review that Smith’s answers don’t add up and that they sound remarkably like the deflections employed by Chinese firms that faced U.S. federal national-security restrictions.

“Any company that is doing business in China and asserting that they don’t need to comply with China’s national intelligence law because Beijing doesn’t intend to enforce the law is either itself being audaciously naïve or hoping that US lawmakers are. These claims echo the same dubious assurances we’ve heard from Huawei and TikTok over and over — assurances that are as flimsy as a house of cards in a hurricane,” Kaushik said. “And the stakes especially couldn’t be higher for companies that are so deeply embedded in our national security ecosystem.”

During his appearances before congressional committees this year and in 2023, TikTok CEO Shou Chew dodged questions about his company’s compliance with the national intelligence law. TikTok maintains that the Chinese authorities have not asked for U.S. user data and that it would reject such requests if they were posed. Congress, of course, was not convinced and chose to pass legislation forcing ByteDance, the parent company, to sell TikTok.

Microsoft is poised to face some more scrutiny around Washington. For one, there are already indications that it is toeing Beijing’s line. Earlier this year, it drew criticism after a report found that its Bing search engine censored search results for topics sensitive to the Chinese Communist Party. The way that House lawmakers approached their session with Smith last week was not quite as hostile as their treatment of Chew, but patience with Microsoft’s China ties is wearing noticeably thin.