China is intensifying investigations and enforcement against data leaks in critical sectors across its industrial supply chain, targeting areas such as rare earths, semiconductors, and digital data resources.
Secrets for sale
According to a recent case reported by Jiemian News, a senior executive at a rare earth company was sentenced to 11 years and six months in prison for providing confidential information to overseas parties. The case underscores how China has elevated supply chain security to a national security priority, with authorities imposing heavy penalties to deter similar violations.
In a separate case cited by CCTV, citing China's Ministry of State Security, an overseas non-ferrous metals firm used local employees to approach a deputy general manager at a domestic rare earth company with financial incentives. Despite knowing the information constituted state secrets, the executive disclosed seven categories of classified data — including stockpiling types, volumes, and pricing — in exchange for payment. Both parties were ultimately convicted on charges including illegally providing state secrets to foreign entities. The deputy general manager received an 11.5-year prison sentence and asset confiscation.
Gray markets and smuggling routes
China considers rare earths a strategic resource for advanced manufacturing and defense technologies. Industry sources indicate the emergence of gray-market supply chains designed to bypass logistics and trade controls, including mislabeling high-purity rare earth materials as low-value metal powders or embedding them in construction materials and consumer goods for small-batch smuggling.
Semiconductor and data leaks widen the net
Beyond rare earths, semiconductors have also become a key regulatory focus. Chinese media have reported cases in which engineers at semiconductor firms violated confidentiality agreements after leaving their positions, sharing core process technologies and design blueprints with overseas organizations. Such leaks are seen as undermining China's competitiveness and influence within the global semiconductor supply chain, with those involved facing legal consequences.
Digital economy under the microscope
Data security risks in the digital economy are also drawing scrutiny. In one case, a company embedded unauthorized code within e-commerce platform systems to extract operational data at scale, stealing up to millions of records per day for profit. Authorities have classified such activity not as conventional commercial infringement but as organized data exfiltration.
National security authorities have stressed the need for a comprehensive protection framework spanning hardware, software, and personnel. Measures include stricter sourcing and traceability checks for chips, servers, and industrial control equipment; enhanced code auditing and vulnerability detection to prevent backdoors and malware; and tighter oversight of sensitive roles alongside stricter controls on cross-border data flows.
Article translated by Levi Li and edited by Jerry Chen
