The argument that China's cyberattacks are "no different" from Western surveillance programs like the NSA's PRISM is an oversimplification that ignores crucial distinctions in intent, targets, methods, legal frameworks, and oversight.

While both involve intelligence gathering in cyberspace, the specifics create significant differences.

Let's break down the comparison:

NSA's PRISM Program (and similar Western surveillance):

• Primary Stated Purpose: National security, counter-terrorism, and foreign intelligence gathering against legitimate foreign intelligence targets. The intent is to protect the nation and its allies from external threats.

• Legal Basis: Operates under domestic legal frameworks (e.g., Section 702 of the Foreign Intelligence Surveillance Act - FISA in the US), with varying degrees of judicial and congressional oversight. While the extent of this oversight and its impact on privacy are highly debated (especially regarding incidental collection of U.S. person data), there is some legal authorization and review.

• Targeting: Primarily focused on non-U.S. persons located outside the United States. While U.S. persons' communications might be "incidentally" collected if they communicate with foreign targets, the stated primary target is foreign intelligence.

• Method: Involves compelled cooperation from U.S. internet companies to provide access to data already on their servers that matches court-approved search terms. It's a data collection program, not typically involving the hacking of systems or intellectual property theft.

• Transparency (Post-Snowden): While initially highly secretive, the revelations by Edward Snowden led to significant public debate, congressional hearings, and some reforms aimed at increasing transparency and accountability. There is an ongoing public and political discourse about its legality and ethical implications.

• Economic Espionage: Western intelligence agencies generally disavow engaging in economic espionage to benefit domestic companies, adhering to the principle that intelligence gathering is for national security, not commercial advantage.

China's State-Sponsored Cyberattacks:

• Primary Purpose:

  • Extensive Economic Espionage: A defining characteristic. Chinese state-sponsored actors are widely accused of systematically stealing intellectual property, trade secrets, and proprietary data from foreign companies across various sectors (technology, defense, manufacturing, pharmaceuticals) to accelerate China's economic and military development. This directly benefits state-owned enterprises and Chinese industries, giving them an unfair competitive advantage.

  • Traditional Espionage: Gathering political, military, and diplomatic intelligence from foreign governments and defense contractors.

  • Maintaining Internal Control: Monitoring and harassing dissidents abroad, suppressing dissent, and conducting surveillance on minority groups or those critical of the CCP.

  • Pre-positioning for Future Conflict: Increasingly, Chinese actors are accused of hacking critical infrastructure in other countries (e.g., power grids, pipelines) not just for espionage, but to pre-position capabilities for potential disruptive or destructive attacks in a crisis or conflict.

• Legal Basis: Operates under China's state security laws, which often compel companies and individuals to cooperate with intelligence services, with little to no independent oversight or public transparency. China promotes the concept of "cyber sovereignty," emphasizing state control over the internet within its borders and, implicitly, its right to project that control globally.

• Targeting: Broad and often indiscriminate, targeting not only government and military entities but also a vast array of private companies, universities, research institutions, and individuals globally, often for economic gain.

• Method: Involves active hacking, exploitation of vulnerabilities (including zero-days), social engineering, malware deployment (including destructive wipers in some cases, though less common than espionage), and persistent access to networks. It's an aggressive intrusion and exfiltration model.

• Transparency: Almost none. The Chinese government consistently denies any involvement in state-sponsored cyberattacks, despite overwhelming evidence and public attribution by multiple governments and cybersecurity firms.

• Accountability: There is no public or independent accountability mechanism within China for these actions.

Why the Comparison is Often Seen as Unfair:

1. Economic Espionage: This is the most significant differentiator. While all major powers engage in intelligence gathering, China's alleged systematic and large-scale theft of intellectual property for commercial gain is a violation of international norms that Western intelligence agencies generally claim to avoid.

2. Lack of Legal Process and Oversight: Western surveillance programs, while controversial, operate under domestic legal frameworks that involve some level of judicial review (even if often criticized as insufficient) and legislative oversight. China's operations lack such transparency or independent checks.

3. Destructive Potential and Intent: While PRISM is about data collection, Chinese state-sponsored groups are increasingly seen as preparing for potential disruptive or destructive attacks on critical infrastructure, a much higher escalation than mere intelligence gathering.

4. Targets and Scope: While Western intelligence targets foreign intelligence, Chinese operations often target entire industries and a wide array of civilian entities, and explicitly target overseas dissidents for political control.

5. Transparency and Denial: Western governments, particularly after the Snowden leaks, engaged in public debate and some reform. China, in contrast, maintains a consistent stance of denial, making diplomatic resolution or norm-setting more challenging.

In conclusion, while the existence of state-sponsored intelligence gathering in cyberspace is common to many major powers, equating China's cyberattacks with Western surveillance programs like PRISM is misleading. The scale, intent (especially economic espionage and potential for disruption), lack of legal oversight, and aggressive methods employed by Chinese state actors are distinct and raise different, often more severe, concerns for international security and economic fair play.