Guest Post: Foreign Official Immunity and the Chinese Cyberespionage Indictments

[Chimène Keitner is Harry & Lillian Hastings Research Chair and Professor of Law at the University of California Hastings College of the Law, and an Adviser on Sovereign Immunity for the American Law Institute’s Fourth Restatement of the Foreign Relations Law of the United States.]

As Duncan has pointed out, if a U.S. court sought to exercise jurisdiction over the five Chinese officials indicted by a Pennsylvania grand jury for computer fraud, identity theft, economic espionage, and trade secret theft, the officials would likely claim entitlement to foreign official immunity because they acted on behalf of China. While state action is not a required element of any of the alleged crimes, it permeates the facts of this case, which Attorney General Eric Holder emphasized “represents the first ever charges against a state actor for this type of hacking.”

The Foreign Sovereign Immunities Act provides the sole basis for obtaining jurisdiction over foreign states and their agencies or instrumentalities, see 28 U.S.C. § 1604, although it remains unsettled whether the FSIA applies to criminal proceedings against entities. The FSIA does not apply to individual foreign officials, see Samantar v. Yousuf, except for the section creating a limited private right of action for state sponsored terrorism, 28 U.S.C. § 1605A(c). Rather, the immunity of current and former foreign officials is governed by applicable treaties (such as the Vienna Convention on Diplomatic Relations, implemented by the Diplomatic Relations Act) and, in the absence of a statute, the common law.

As Duncan indicates and Jack Goldsmith also notes, the question of foreign official immunity will only arise as a practical matter if the Chinese defendants come within the personal jurisdiction of a U.S. court. The officials could not claim status-based immunity unless they were heads of state, diplomats, or members of special diplomatic missions at the time of the legal proceedings. Instead, they would claim conduct-based immunity on the grounds that their acts were all performed on behalf of the Chinese state.

The decision to bring charges suggests that the USDOJ does not view the defendants as lawfully entitled to assert immunity for their alleged conduct. This could be for one of several reasons:

• Belief in Executive Authority: In the Samantar case, the Executive branch claimed the authority to determine questions of foreign official immunity based on “[p]rinciples adopted by the Executive branch, informed by customary international law.” Although the Executive is generally seen as entitled to absolute deference on questions of status-based immunity, the degree of judicial deference owed to Executive branch suggestions of conduct-based immunity remains disputed. Absent an applicable statute, it would be incumbent on the Executive to articulate a principled basis for the denial of conduct-based immunity to individual defendants in a case involving state-sponsored cyberespionage.

• View of Challenged Acts as Involving Commercial Activity: In the DOJ’s press release, Assistant Attorney General for National Security John Carlin emphasized that “State actors engaged in cyber espionage for economic advantage are not immune from the law just because they hack under the shadow of their country’s flag” (emphasis added). If legal proceedings had been brought against Unit 61398 of the Chinese People’s Liberation Army rather than against named individuals, the question would be whether the alleged hacking constitutes a commercial activity, bearing in mind that “The commercial character of an activity shall be determined by reference to the nature of the course of conduct or particular transaction or act, rather than by reference to its purpose” under 28 U.S.C. § 1603(d). Similarly, if the state were the real party in interest (for example, if U.S. companies were seeking money damages from China), then the FSIA’s commercial activity analysis would apply. Individual officials, however, do not generally bear personal responsibility for commercial transactions entered into on behalf of a state. The restrictive theory of state immunity was not designed to grapple with questions of individual official immunity from prosecution by foreign states.

• View of Challenged Acts as Beyond Scope of Official Functions: The Chinese cyberespionage prosecutions appear to support the theory that not all acts performed under color of law amount to “official capacity” acts for the purpose of conduct-based immunity. If China could claim state immunity for cyberespionage by its military (based on the argument that such activity is not commercial in nature), then denying conduct-based immunity to Chinese officials for the same acts would reinforce the disjunction between foreign state immunity and foreign official immunity in U.S. courts.

At a broader level, the announcement of indictments against named Chinese officials reinforces a trend towards focusing pressure on individuals associated with undesirable state policies, whether through immigration enforcement or targeted sanctions. The full implications of this trend for international law and international relations remain to be seen.