Launch Site Security in the PRC
Inadequacy of Current Safeguards
The Select Committeeís investigation has identified numerous security lapses in connection with U.S. satellite launches in the PRC that could have provided the opportunity for improper transfers of controlled information.
U.S. policy permitting the launch of U.S. satellites from the PRC rests in large measure on the assumption that companies will comply with legal requirements governing controlled information, and that such information will not be transferred to the PRC during a launch campaign. However, as noted below, reporting available to the Select Committee indicates that there have been lapses in security.
There is also reason to believe that not all lapses in security may have been reported. During the course of the Select Committeeís investigation, no witness has been found to confirm that a transfer to the PRC of controlled technology has occurred as a result of ineffective launch site security. However, given the difficulty of proving that an improper transfer has occurred, it cannot be inferred that no such transfer has taken place.
Security lapses reported by the Defense Department at a number of launches in the PRC include the following:5
- A PRC national set up all secured and unsecured fax, voice and data communications for a U.S. satellite manufacturing company at the PRC launch site
- Doors, windows or equipment unsealed or unattended
- Unsecured windows ó in one instance a window may have been unsecured for 21 days
- Multiple instances of equipment left unattended
- Doors discovered with seals ripped off
- Controlled documents missing or unattended
- A laptop computer containing digital pictures of the satellite left unattended in a hotel room
- Notebooks containing controlled information left unattended in areas where the PRC had access
- Filing cabinets containing controlled documents left open or without proper seals
- Documents improperly removed from cabinets
- Controlled equipment improperly discarded in trash
- Multiple examples of documents shipped without proper locks/seals
- Satellite test data left in cabinets without seals
- Satellite diagrams and other sensitive documents left out in the open
- Schematic of satellite bus equipment module and related documents left out
- Test valve document left out
- X-ray position diagrams found in improper location
- Notes left on blackboards
- Improper access by PRC workers
- PRC workers spent long periods of time (an hour or more) in areas where they were not supposed to be present
- No access list of PRC personnel provided to monitor
- PRC workers in controlled areas without proper escorts or badges
- PRC technicians worked unsupervised in the area of the satellite
- PRC personnel had improper access to fairing doors that provided visual/physical access to the satellite
- Unauthorized photographs were taken of the satellite
- Controlled information not properly inventoried
- Telephones used without proper security procedures
- Improper practices with security cameras
- Security cameras mis-positioned, giving the PRC potential access to the satellite container without detection
- Failure to man proper location when security camera inoperable
- Lax attitudes toward security exhibited by U.S. personnel, including failures to record or investigate potential violations
- Blueprints of Vandenberg Air Force Base facilities exposed in the presence of PRC personnel
- Unauthorized discussions with PRC personnel
Defense Technology Security Administration Director Tarbell confirms that Defense Department monitors have provided reports that there had been circumstances of short-duration, unescorted PRC access to U.S. communications satellites in the PRC.6 However, Tarbell says that he is not aware of any evidence that this access resulted in a technology transfer that would significantly affect national security.7
A Defense Department monitor wrote the following comments in his final report during a 1998 PRC launch campaign:
This assignment for DTSA [the Defense Technology Security Administration] has proven to be exceptionally taxing and difficult. We are trained, given the necessary tools/skills and expected to protect U.S. technology from improper disclosure/compromise.
Our responsibilities as monitors become transparent when aerospace companies (some not all) are given a Commerce License. It is viewed by industry as a license to steal and the monitors are a necessary evil to pacify management and our government.
There is a general consensus within the public sector that, if restrictive measures and significant penalties are not levied against industries (specifically aerospace) by the Commerce Department (or higher), our technology will be compromised to such a staggering level and that our highest level of technology advancements will be available to our international competitors before it comes off the research and development floor.
We as a nation cannot allow or afford to have industry police itself when it comes to national security . . .
History is filled with unnecessary shortcuts in safeguard/security procedures resulting in the loss of American lives and federal grand jury investigations into illegal transfer of our technology by major corporations in an effort to increase their profit . . .8
In an October 27, 1992 memorandum, Sumner Benson, Director of the Defense Technology Security Administration Technology Policy Directorate, expressed the following concerns regarding the security situation relating to the launch in the PRC of the FREJA satellite:
During the subject launch campaign, PRC personnel had unmonitored access to the FREJA satellite after it had been mated with the PRC LM2C launch vehicle [Long March 2C rocket]. Because PRC access was unmonitored, the [Defense Department] technology security monitors cannot state with certainty that no technology was transferred.
During a three day period from 26-28 September 1992, the [Defense Department] representatives noted PRC activity in the Vehicle Equipment Bay (VEB), located in the lower section of the FREJA clean room at the top of the LM2C [Long March 2C] booster.
Neither the [Defense Department] representatives nor the Swedish Space Corporation (SSC) representatives [the purchaser of the satellite] had been informed about this activity, and it had not been included in Combined Operations Procedures. The PRC were apparently working on their navigation and guidance equipment, but access to the lower side of the FREJA satellite was possible from the VEB.
When the [Defense Department] representative became aware of and attempted to monitor this activity, he was prevented from doing so by the PRC launch site commander.
Through a series of meetings with PRC representatives of the launch site, the launch site parent organization (CLTC) and PRC Defense Department (COSTIND), the [U.S. Defense Department] representative determined that the PRC:
Did not believe that unilateral work on their equipment was combined operations activity and therefore advanced notification and monitoring was not required;
Felt that the [Defense Department] monitor was overzealous in wanting to monitor the PRC activity in the VEB;
Did not feel monitoring was necessary because they [the PRC] could be trusted not to try to acquire any technology even when they had access to the satellite; and finally,
Felt that they [the PRC] had not violated the Technology Safeguards Agreement. 9
In another instance, a Defense Department monitor indicated that he deliberately attempted to break into the satellite processing building in the PRC to determine whether he would be detected. The monitor was able to penetrate the facility and approach the security supervisor undetected until tapping him on the shoulder.10
Safeguarding U.S.-Built Satellites and U.S. Rocket Technology at PRC Launches
In 1988, and again in 1993, the United States entered into agreements with the PRC for the purpose of precluding the unauthorized transfer of sensitive technology associated with the export of U.S.-manufactured satellites for launches in the PRC.
The agreements specify that at no time will there be unmonitored or unescorted access by PRC nationals to any of the equipment or associated technical data.11 Additionally, only "form, fit and function data" 12 that describe mechanical and electrical mating requirements for attaching the satellite to the rocket are authorized for release to PRC nationals.13 The agreements further indicate that the U.S. Government shall oversee and monitor implementation of Technology Transfer Control Plans, which are required to be developed by the satellite manufacturer. The PRC is required to permit and facilitate that monitoring.
Access to all satellite equipment and technical data is required to be controlled on a 24-hour basis by U.S. persons who have received training in security procedures from the U.S. Government. These U.S. persons must exercise this control throughout launch preparations, satellite transportation, mating/demating, test and checkout, satellite launch, and required return of equipment to the United States.14
With the passage of the Strom Thurmond National Defense Authorization Act for Fiscal Year 1999, all satellites and related items have been transferred to the United States Munitions List, and their export is controlled by the State Department under the Arms Export Control Act.15
Prior to this Act, the Department of Commerce had jurisdiction for licensing the export of some commercial satellites from 1993 through 1996, and over export licenses for all commercial satellites from 1996 through 1998.16
During the period 1993 through 1996, the Department of Commerce issued three export licenses for commercial communications satellites to be launched in the PRC that did not require the presence of Defense Department monitors, and did not require the U.S. exporter to reimburse the Defense Department for the expenses of providing monitoring in the PRC.17
Although the U.S. licenses routinely stipulate the presence of a Defense Department monitor, this requirement has not always been well-received by the satellite manufacturer.
For example, in one instance, a satellite manufacturing company demonstrated a negative attitude toward the presence of a Defense Department monitor as required under a license issued by the Department of Commerce. The Defense Department monitor explained that he had a disagreement with a program manager and the company site security supervisor over the manner in which a computer board would be shipped. The security site supervisor told the monitor that his company had a Department of Commerce license for that particular satellite launch and, therefore, the Defense Department monitor was in the PRC as a courtesy.18
Licenses issued by the Department of State include detailed provisos concerning technology transfer and security. For example, one license issued to Hughes stipulated:
Hughes must develop a plan(s) to comply with the applicable provisos of this [license]. These plans must address the technology safeguards implementation, security support, tranportation, debris recovery and other issues. 19
The Defense Departmentís Responsibilities for Safeguarding U.S. Technology at Launches
The Defense Department provides oversight in safeguarding technology at launch sites in the PRC. The Defense Department does this in part by overseeing implementation of Technology Transfer Control Plans and Security Plans prepared by the U.S. satellite manufacturers as required under export licenses.
The Defense Department also is responsible for monitoring all technical interchange meetings between U.S. and PRC personnel.20 These meetings can occur as early as two years prior to a launch and continue during the launch campaign, as well as after a launch. Provisos in the U.S. export license for the PRC indicate the limits of the technical data that may be exchanged in these meetings. A Defense Department monitor is required to attend technical interchange meetings when PRC nationals are in attendance in order to assure that only data permissible under the license is exchanged.
Back | Forward