Michael Kans reports:
In the worlds of data protection and privacy, too often there is a decoupling of national security issues and what might be termed non-national security issues despite the clear interplay between the two realms. Over the past decade, U.S. adversaries have vacuumed up the personal data of many Americans with one nation possibly being at the fore: the People’s Republic of China (PRC). The PRC was connected to the Office of Personnel Management and Equifax hacks, both of which provided massive troves of data the PRC has reportedly used to foil U.S. espionage and intelligence collection efforts abroad. What’s more, the collection of personal data did not stop with these hacks. In September 2020, an Australian security firm turned up evidence of an enormous trove of personal data on American, British, and Australian citizens collected and maintained by a PRC company, Zhenhua Data, with links to the country’s military and security services. It appears the data was scraped from public-facing websites. But the issue does not stop with techniques like these.
Read more on Lawfare.