At some of the world’s most sensitive spots, authorities have installed security screening devices made by a single Chinese company with deep ties to China’s military and the highest levels of the ruling Communist Party.
The World Economic Forum in Davos. Europe’s largest ports. Airports from Amsterdam to Athens. NATO’s borders with Russia. All depend on equipment manufactured by Nuctech, which has quickly become the world’s leading company, by revenue, for cargo and vehicle scanners.
Nuctech has been frozen out of the U.S. for years due to national security concerns, but it has made deep inroads across Europe, installing its devices in 26 of 27 EU member states, according to public procurement, government and corporate records reviewed by The Associated Press.
The complexity of Nuctech’s ownership structure and its expanding global footprint have raised alarms on both sides of the Atlantic.
A growing number of Western security officials and policymakers fear that China could exploit Nuctech equipment to sabotage key transit points or get illicit access to government, industrial or personal data from the items that pass through its devices.
Nuctech’s critics allege the Chinese government has effectively subsidized the company so it can undercut competitors and give Beijing potential sway over critical infrastructure in the West as China seeks to establish itself as a global technology superpower.
“The data being processed by these devices is very sensitive. It’s personal data, military data, cargo data. It might be trade secrets at stake. You want to make sure it’s in right hands,” said Bart Groothuis, director of cybersecurity at the Dutch Ministry of Defense before becoming a member of the European Parliament. “You’re dependent on a foreign actor which is a geopolitical adversary and strategic rival.”
He and others say Europe doesn’t have tools in place to monitor and resist such potential encroachment. Different member states have taken opposing views on Nuctech’s security risks. No one has even been able to make a comprehensive public tally of where and how many Nuctech devices have been installed across the continent.
Nuctech dismisses those concerns, countering that Nuctech’s European operations comply with local laws, including strict security checks and data privacy rules.
“It’s our equipment, but it’s your data. Our customer decides what happens with the data,” said Robert Bos, deputy general manager of Nuctech in the Netherlands, where the company has a research and development center.
He said Nuctech is a victim of unfounded allegations that have cut its market share in Europe nearly in half since 2019.
“It’s quite frustrating to be honest,” Bos told AP. “In the 20 years we delivered this equipment we never had issues of breaches or data leaks. Till today we never had any proof of it.”
[ READ: New Law Will Help Chinese Government Stockpile Zero-Days ]
In addition to scanning systems for people, baggage and cargo, the company makes explosives detectors and interconnected devices capable of facial recognition, body temperature measurement and ID card or ticket identification.
Critics fear that under China’s national intelligence laws, which require Chinese companies to surrender data requested by state security agencies, Nuctech would be unable to resist calls from Beijing to hand over sensitive data about the cargo, people and devices that pass through its scanners. They say there is a risk Beijing could use Nuctech’s presence across Europe to gather big data about cross-border trade flows, pull information from local networks, like shipping manifests or passenger information, or sabotage trade flows in a conflict.
Airports in London, Amsterdam, Brussels, Athens, Florence, Pisa, Venice, Zurich, Geneva and more than a dozen across Spain have all signed deals for Nuctech equipment, procurement and government documents, and corporate announcements show.
Nuctech’s ownership structure is so complex that can be difficult for outsiders to understand the true lines of influence and accountability.
What is clear is that Nuctech, from its very origins, has been tied to Chinese government, academic and military interests.
Nuctech was founded as an offshoot of Tsinghua University, an elite public research university in Beijing. It grew with backing from the Chinese government and for years was run by the son of China’s former leader, Hu Jintao.
Datenna, a Dutch economic intelligence company focused on China, mapped the ownership structure of Nuctech and found a dozen major entities across four layers of shareholding, including four state-owned enterprises and three government entities.
Today the majority shareholder in Nuctech is Tongfang Co., which has a 71 percent stake. The largest shareholder in Tongfang, in turn, is the investment arm of the China National Nuclear Corp. (CNNC), a state-run energy and defense conglomerate controlled by China’s State Council. The U.S. Defense Department classifies CNNC as a Chinese military company because it shares advanced technologies and expertise with the People’s Liberation Army.
Xi has further blurred the lines between China’s civilian and military activities and deepened the power of the ruling Communist Party within private enterprises. One way: the creation of dozens of government-backed financing vehicles designed to speed the development of technologies that have both military and commercial applications.
[ READ: Combating China’s Insider Threat: Can New Laws Curb IP Theft by Spies? ]
In fact, one of those vehicles, the National Military-Civil Fusion Industry Investment Fund, announced in June 2020 that it wanted to take a 4.4 percent stake in Nuctech’s majority shareholder, along with the right to appoint a director to the Tongfang board. It never happened — “changes in the market environment,” Tongfeng explained in a Chinese stock exchange filing.
But there are other links between Nuctech’s ownership structure and the fusion fund.
CNNC, which has a 21 percent interest in Nuctech, holds a stake of more than 7 percent in the fund, according to Qichacha, a Chinese corporate information platform. They also share personnel: Chen Shutang, a member of CNNC’s Party Leadership Group and the company’s chief accountant serves as a director of the fund, records show.
Nuctech maintains that its operations are shaped by market forces, not politics, and says CNNC doesn’t control its corporate management or decision-making.
But Jaap van Etten, a former Dutch diplomat and CEO of Datenna, said the question was “whether or not we want to allow Nuctech, which is controlled by the Chinese state and linked to the Chinese military, to be involved in crucial parts of our border security and infrastructure.”
