The government’s recent response to the Intelligence and Security Committee’s China report stressed that little further guidance would be provided to the sector over research security.
“Whilst the government continues to work… on threats facing the sector… British universities are independent,” the response read, concluding that it would be”critical for institutions to own their own risks.” This was despite the sector earlier in the year suggesting that the government needs to be clearer on where the “red lines” are for international partnerships in research.
There are a number of likely reasons why further support is currently not forthcoming. First, resources such as the Research Collaboration Advice Team (RCAT) and Trusted Research are still new to the sector, making it difficult to consider what further interventions might be necessary. Second, any shift away from the “country agnostic” approach taken so far would likely cause several diplomatic headaches.
Third, the UK government lacks the structure and resources to develop and maintain the required scientific knowledge that would be required to identify (and publish, as the committee recommended) a definitive list of what the “sensitive” areas of research are.
This last point is in stark contrast to the network of think tanks and committees maintained by China to advise its government on scientific priorities. These contribute to strategy, funding and partnership decisions across ministries, and are coordinated by the recently formed Central Science and Technology Commission.
The recent MIT China Strategy echoes the UK government’s argument and exhorts universities to develop their own risk management practices beyond government guidance and policy. So, how should UK universities respond?
Any strategic activity must begin with building a strong understanding of the operational context. In the case of collaborating with China, the UK is working from a very low baseline of knowledge and there is a significant information asymmetry between the two sides. Chinese individuals and institutions will, on average, be more familiar with UK counterparts than the reverse.
Building this capacity could be through engagement with relevant teams and resources such RCAT, Universities UK International, and my former colleagues at UKRI China – or seeking external help from consultancies and other experts. But the long term goal should be to cultivate internal expertise and leadership to develop informed strategy and guide decision-making.
Along with a deeper understanding of the external context, a clear picture of the internal situation is also needed. This should include both centralised visibility of existing formal partnerships – such as MoUs, grants, exchange programmes, visiting scholars, and delegations – and an understanding of more informal relationships and networks that people in the institution may be accessing.
Such clarity will enable institutions to begin a thorough process of mapping their existing internal landscape of risk and resources, leading to greater confidence that partnerships are in the right area, for the right reasons. Such an approach can also lead to new opportunities as previously unnoticed synergies are discovered.
For many institutions such a process will not be easy. Siloed data is still a significant problem. Many institutions have an aversion to centralisation, or to data-driven oversight and management techniques. However, without internal clarity there is the chance that unnoticed risks and vulnerabilities are exploited.
There is often an unwillingness to grapple with the more unpleasant realities of international engagement. It must be understood that state-sponsored espionage and other attacks are a real threat to UK institutions. For a long time, these threats have not been taken seriously – they are uncomfortable to discuss.
While there are certainly voices in this debate prone to hyperbole or aiming for the equally unhelpful outcome of complete decoupling, we cannot build the productive partnerships needed for the long term health of the planet without genuine understanding and transparency over the realities of such work, clarity over how it might affect each institution, and the mitigation measures needed to protect our resources, staff, and institutions.
This transparency and decision-making will necessarily require robust and supportive governance procedures. Institutions are already considering how to implement such procedures in response to the Trusted Research guidance and can work closely with RCAT on specific enquiries, but overall, this approach is still just beginning. Much more work needs to be done to both fully recognise the potential risks and build cross-functional capacity for monitoring and mitigation.
Such processes need to seriously consider hard questions of issues like access control (both physical and digital), background checks for staff and visitors, a more robust approach to monitoring conflicts of interest, reputational risks even for entirely legal activities, due diligence as a continual process and one that includes networks of collaborators, cumulative risks from certain partnerships or technologies, crisis responses and mitigation planning, overreliance on certain markets and financial risks, oversight of funding sources, and the balance of responsibility between the PI or individual researcher and administrative staff.
The opportunity costs and proportionality for any new policy or curtailment of activity also need to be considered. So do the growing challenges presented by changes to China’s own legal system. The National Security Law, Anti Foreign Sanction Law, Data Security Law, Export Control Law and Personal Information Protection Law have all been introduced or updated in recent years – while Covid travel restrictions have meant that UK awareness of these changes is limited.
Internal communication about new governance processes and the reasons behind these changes will be critical to ensuring compliance. Anyone in the institution should know that if they feel their free speech is under pressure, or are unsure about a particular activity, they can access expert advice and will be supported.
These experts should be widely visible points of contact, key parts of the escalation chain, able to provide the advice and support necessary to effectively mitigate risks and help colleagues to take full advantage of the opportunities that such partnerships may bring.
To drive confidence in the system, there also needs to be leadership willing to visibly make hard calls when necessary. This will include robustly defending research and educational partnerships, events, or visits that are ongoing – despite seemingly inevitable media, and sometimes political, criticism. And this defence can only be made when leadership is confident in the internal decision-making processes and overall strategy for the institution.
A secure and sustainable partnership with China is critical to the ongoing health of the planet. Beyond the necessity of scientific collaboration, universities as civic and global institutions are crucial to building shared understanding across cultural and political boundaries – something which may eventually lead to a more stable geopolitical environment.
A lack of robust and proactive action risks sleepwalking into a decoupled world with fewer opportunities to build such mutual understanding and collaboration. But that action can’t be founded on biased assertions, a lack of evidence, or misperceptions of risk and reality. We need to clearly and transparently grapple with the risks such collaboration presents, while also developing a genuinely informed strategy to guide future engagement.