China has emerged as a major player in the global infrastructure and utilities sectors. With the Belt and Road Initiative, this trend is likely to continue and even expand. The fact that many of these investors are state-owned, if not state backed, raises questions about the influence China may yield over strategic sectors of countries far and wide. But while the theoretical possibility of control gives plenty of fodder for conspiracy theories over Beijing’s ultimate intent, the blowback from any reported interference may stifle such ambition. The reputational damage and potential revenue losses are strong factors that can check such desire. Besides, as cyberattacks reveal, absence of a stake does not constitute an impediment to cause harm if there is intent.
State-owned State Grid Corporation of China (SGCC), the world’s largest electric utility company, holds a 40 percent stake in the National Grid Corporation of the Philippines (NGCP) since 2009. Because of longstanding territorial and maritime disputes, bilateral relations have been a bumpy ride with the lowest point reached in 2013 when Manila took Beijing to compulsory arbitration after months of tense stand-off in Scarborough Shoal. SGCC’s stake in the country’s grid was seen as a vulnerability, although the year passed without incident. When the ruling largely in favour of Manila came out in 2016, the threat of potential sabotage resurfaced. But again, the year passed without any issue. While this should not give a sense of vindication or complacency, it should, at least, dispel unstudied notions of the possible risks posed by foreign investments in critical sectors. Foreign firms have been operating public utilities abroad with little controversy. Philippine-based International Container Terminal Services, Inc. (ICTSI), for one, operates 32 port terminals in 18 countries including in Australia, Asia, Europe, Africa and Latin America. Foreign participation in public utilities does carry risks, but so does overly securitizing foreign investments.
Since 2017, SGCC had invested and operated backbone energy networks outside China and Hong Kong, including in countries with which its relations occasionally experience frictions such as the Philippines, Brazil, Australia and Europe. In Europe, the company operates in Italy, Portugal, and Greece. While the 40 percent stake in NGCP may seem high, State Grid, in fact, have acquired larger stakes abroad. In Brazil, it bought 83 percent of Sao Paulo-based CPFL Energia S.A., the country’s third largest electric utility company. It also secured a 60 percent stake in Melbourne-based Jemena that operates in eastern Australia, 41 percent in Adelaide-based ElectraNet which operates in South Australia, and 20 percent in AusNet Services which operates in Victoria.
While the domestic market remains its bread and butter, the company has been actively expanding abroad with overseas investment amounting to $19.5 billion and overseas equity capital of $60 billion. From 2014 to 2017, SGCC exported $2.5 billion worth of equipment to 80 countries. With $387 billion in total revenues last year, the company was ranked fifth in the Fortune Global 500. All this growing international profile would be risked should it interfere in a client country’s power grid. Fresh from the setback of its failed bid to acquire AusGrid in 2016, also because of national security concerns, SGCC is expectedly more cautious in keeping with its overseas contracts. Even a rumor can give it tough time convincing foreign regulatory authorities as it continues to expand business abroad.
This said, the recent Philippine Senate inquiry over SGCC’s role in the country’s domestic grid suggests that unease does not easily dissipate, despite improved relations. Surely, no country would want control over their key industries exercised by an external actor. To this end, caps on foreign investments and participation in the economy’s commanding heights were enacted. But as globalization pushed countries to privatize, deregulate and open-up former state monopolies to foreign capital, managing security risks has become more of a regulatory and technical issue than a political one. As the private sector, including foreign capital, has stepped in to build and operate infrastructure worldwide, ensuring domestic control and mitigating security gaps have become top priorities.
While technology enabled more efficient operation, it has also exposed critical infra to security risks. However, such risks are more industry-related and not necessarily attributable to a specific investor state actor. In fact, one does not have to possess supervision or control to sow damage as cyberattacks reveal. For instance, Stuxnet, a malicious computer worm which targets Supervisory Control and Data Acquisition (SCADA) systems, allegedly developed by US and Israel as a cyberweapon, brought substantial damage to Iranian nuclear facilities in 2010. Despite having no substantial investments in US utilities, Chinese hackers were allegedly behind a similar cyberattack targeting them last August. With the increasing sophistication of such cyberattacks, one may ask if too much emphasis on a foreign company’s stake is misplaced from a security standpoint. Apparently, as long as there is ill intent, absence of equity does not pose an impediment to cause harm.
Short of a government takeover, there are risk mitigation measures that Manila can undertake. Technology and knowledge transfer can be stringently enforced. All technical manuals should be translated in English or Filipino. A training institute can be established to ensure that locals will eventually run and operate critical infra. A backup manual control should remain present for contingencies and relevant personnel regularly trained ready for such scenarios. Independent information security experts, local or foreign, can be commissioned to conduct a system audit to identify vulnerabilities and propose remedial measures. Foreign equity allocation can also be dispersed. A significant stake can also be set aside for government or the Filipino public. More importantly, government can develop a more robust regulatory and oversight regime to meet the security challenges of the information age. The Department of Information and Communications Technology should work with the power and utilities sector on this.
Indeed, beneath the surface of improving political ties lie persistent concerns over Chinese strategic investments in the Philippines. Much of it is fuelled by the longstanding maritime row and trust deficit towards the country’s big northern neighbour. But unless Manila decides to block such investments, it should continue to raise and work such issues with China while taking its own risk mitigation actions.