Risks of the Microsoft-G42 Deal
The U.S. government faces a challenging balancing act between increasing American economic competitiveness and safeguarding national security. Announced in May of this year, Microsoft’s plans to collaborate with Emirati company G42 on a $1 billion geothermal-powered data center in Kenya initially seemed like a lucrative way to further the U.S.’ economic goals. In the process, nearby countries like Uganda, Rwanda, and Tanzania would gain access to Microsoft’s AI and cloud-computing services. However, as Washington officials highlight significant national security concerns including corruption and espionage, we should consider whether this investment is worth the security risks.
To curb Chinese access to advanced technology like AI, quantum computers, and semiconductors, the Biden administration is cracking down on U.S. financing of Chinese tech companies. Should China be allowed unchecked access to such technologies from American firms or allies, it could use them against the United States. As part of its deal with Microsoft in Kenya, G42 agreed to divest from China and remove Chinese hardware from its operations in exchange for Microsoft cloud services and Nvidia AI-empowered chips. When the deal moves to its second phase, G42 will then sell Microsoft services with chips used to train and fine-tune generative AI models.
However, G42’s lengthy history with China casts doubts on whether there will be a clean break. G42 has previously partnered with the Chinese government on COVID-19 tests, vaccines, and electronics and until recently held a $100 million stake in ByteDance Ltd., the unlisted Chinese parent company of TikTok. Last year, the Central Intelligence Agency and other national security agencies issued warnings over G42’s connection with Huawei, a Chinese telecommunications company sanctioned by the United States over espionage concerns. G42 also previously partnered with BGI Genomics, who was blacklisted by the U.S. Department of Defense and faces a possible Congressional ban from operating in the United States due to its ties to the Chinese government.
The controversial backgrounds of G42’s executive leadership also introduce significant risk. CEO Peng Xiao previously led Pegasus, a UAE security company known for its surveillance spyware, through a major deal with Huawei. In 2019, G42’s messaging app ToTok, built off of the Chinese app Yeecall, was accused by American officials of being a spy tool for the UAE government to track and record private conversations and messages. The chairman of G42, Sheikh Tahnoun bin Zayed Al Nahyan, is the UAE’s National Security Advisor and brother of the UAE president. He has been involved in numerous controversies such as violating EU sanctions against Syrian president Bashar al-Assad, being listed in the Pandora Papers which detailed offshore accounts and money laundering, and orchestrating the Qatargate bribery case. Last Monday, the management of G42 was transferred to Emirati investment firm Lunate, also chaired by Tahnoun. G42’s leadership being involved with political corruption and Chinese spyware does not inspire confidence that the company will have a clean break from China, thus posing a risk to U.S. national security.
Washington’s newly proposed security policies restrict the export of AI models and require U.S. cloud companies to report to the government when their services are used by foreign customers. This can be difficult for Microsoft to navigate as it moves to expand its services to multiple East African nations, whose IT systems are based on Chinese standards for digital data. Chinese state-owned firms are already infused in African cloud infrastructure through data centers, internet services, surveillance systems and smart power grids. Additionally, since Microsoft is responsible for storing sensitive U.S. government data, operating in places with established Chinese technological infrastructure may create further vulnerabilities for hackers to exploit. The company has already faced breaches from Chinese hackers and been questioned by Congress for its negligence. Between the complicated circumstances for the data center and Microsoft’s own muddy history of cybersecurity failures, it is uncertain how successful the company will be in safeguarding its data from China.
While investing in East Africa should be prioritized to boost our international reputation and establish new partnerships, the Microsoft-G42 deal needs to be strictly monitored by the Bureau of Industry and Security, which is responsible for national security concerning technology and export controls. Although U.S. competitiveness remains important in the global AI race, it is the government’s responsibility to carefully supervise who has access to American data and technology while holding tech companies and allied countries accountable.