The defining feature of 21st-century geopolitics is not simply the return of great-power rivalry, but the profound transformation of how power itself is exercised.
Competition today no longer relies primarily on military confrontation or overt diplomatic pressure. Instead, it unfolds quietly through data, technology, and legal authority.
Espionage, once episodic, covert, and human-centric, has evolved into something far more pervasive: systemic, continuous, and embedded within the digital infrastructure of everyday life.
Power now resides not only in armies and alliances, but in servers, algorithms, software updates, and statutes.
Modern espionage is no longer primarily about stealing classified documents or recruiting human agents. It is about access, aggregation, and anticipation. States seek persistent visibility into how societies function, how economies operate, and how infrastructure behaves under normal conditions.
Cyber intrusions, supply-chain manipulation, cloud-based surveillance, and long-term metadata harvesting now define intelligence collection. Crucially, many of the most effective intelligence operations today do not require illegal access or dramatic breaches.
They operate continuously under the cover of lawful data collection, regulatory compliance, and contractual obligation.
This transformation is inseparable from the proliferation of connected technologies. Smartphones, digital payment systems, smart cities, cloud platforms, and sensor-rich technologies such as electric vehicles generate immense volumes of data as a routine by-product of daily life.
Location patterns, behavioural signals, biometric identifiers, communications metadata, and operational telemetry are collected automatically, often invisibly. When analysed at scale using artificial intelligence, this information reveals far more than individual behaviour.
It exposes system dependencies, infrastructure layouts, mobility patterns, and potential vulnerabilities. Espionage, in this environment, is no longer an exceptional act. It is an ambient condition of digital modernity.
Nowhere is this shift more consequential than in the Indo-Pacific, where strategic rivalry between the United States and China has intensified and broadened. Both powers understand that technological leadership determines future military advantage, economic resilience, and intelligence superiority.
As a result, competition has shifted decisively toward artificial intelligence, advanced semiconductors, cloud computing, telecommunications networks, and data governance regimes.
Control over digital ecosystems increasingly determines strategic leverage, shaping not only markets but security environments.
China firms central players
China’s rise as a technological power has fundamentally altered this landscape. Through state-directed industrial policy, extensive financial support, and aggressive global expansion, Chinese firms have become central players in telecommunications, digital platforms, smart infrastructure, and emerging technologies worldwide.
Nevertheless, this commercial reach is inseparable from China’s domestic legal architecture. The National Intelligence Law obliges organisations and individuals to “support, assist, and cooperate” with state intelligence work. Its language is deliberately broad, and it offers no meaningful exemption for overseas operations.
The expanded Anti-Espionage Law further widens the definition of espionage to include data and materials related to national security, even when such data is commercially generated, unclassified, or held outside China.
This legal framework creates a structural intelligence risk for host countries. Espionage does not require malicious intent or direct instruction. If a foreign state has legal authority to compel access to data held by companies under its jurisdiction, then overseas data becomes potentially accessible by default.
This risk is magnified in systems involving continuous data transmission, remote diagnostics, proprietary software, and opaque algorithms that host governments cannot independently audit or fully understand.
US surveillance
However, it would be misleading to frame this challenge as uniquely Chinese. The United States operates under a similar strategic logic, though shaped by different legal traditions and political norms.
Through the Espionage Act, the Foreign Intelligence Surveillance Act (Fisa), and post-9/11 expansions such as the Patriot Act, US intelligence agencies possess broad authority to collect foreign intelligence, compel cooperation from technology providers, and access cross-border data flows.
Fisa allows surveillance of non-US persons located abroad, including through data held by US-based companies operating globally.
While American authorities emphasise judicial oversight, legislative review, and constitutional safeguards, the underlying assumption mirrors that of China: technology companies are integral to national intelligence capability.
Data held by private firms is treated not merely as a commercial asset, but as a strategic resource.
For foreign partners, this means that data processed by US-linked platforms may also fall within the reach of US intelligence authorities, even when generated entirely outside US territory.
The key distinction, therefore, is not whether intelligence laws exist - all major powers possess them but how transparently they are applied, how narrowly they are defined, and how much confidence external partners place in their governance systems.
However, trust alone is not a substitute for sovereignty. For middle powers like Malaysia, the challenge lies in navigating between competing intelligence ecosystems without becoming structurally dependent on either.
Malaysia’s exposure
Malaysia’s exposure is significant. As a global semiconductor hub and an increasingly digitalised economy, Malaysia hosts infrastructure that generates high-value strategic data.
Chinese firms are active in construction, surveillance technologies, and digital services, while American-linked companies dominate advanced manufacturing, cloud services, and data-intensive industries.
This dual engagement reflects Malaysia’s openness and economic pragmatism, but it also places the country at the intersection of overlapping foreign intelligence jurisdictions.
The danger lies not in foreign investment itself, but in unmanaged dependence. When critical systems rely heavily on technologies governed by external intelligence laws, sovereignty becomes conditional.
Data generated within Malaysia may be subject to foreign legal claims beyond Malaysian oversight.
Espionage, in this context, becomes passive and latent - activated not by hostile intent, but by structural access and legal authority.
Malaysia must therefore reconceptualise national security for the digital age. Intelligence threats are no longer confined to military secrets or diplomatic cables.
They arise from procurement choices, infrastructure design, regulatory gaps, and economic policy decisions. Technology is not neutral infrastructure; it is strategic terrain. Law, increasingly, is an intelligence instrument.
Recognising this reality is the first step. The more difficult task is deciding how Malaysia should respond without undermining its economic future; a challenge explored in the second part of this analysis. - Mkini
R PANEIR SELVAM is the principal consultant of Arunachala Research and Consultancy Sdn Bhd, a think tank specialising in strategic national and geopolitical matters.
The views expressed here are those of the author/contributor and do not necessarily represent the views of MMKtT.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.