Image Source: Getty
In July 2024, the United States (US) Office of the Director of National Intelligence’s (DNI) two institutions, the Office of Economic Security and Emerging Technology and the National Counterintelligence and Security Center, along with the Naval Criminal Investigative Services and the Air Force Office of Special Investigations released a sobering joint report. It alerted the US’s commercial entities dealing with strategic emerging technologies of adversarial investments:
- that startups could be barred from US government projects if foreign investors are found in their beneficiary trail;
- that they could suffer from data and technology thefts due to nefarious foreign investors;
- that such investors could influence the startups’ decisions, which might not be in the US’s national interest; and
- these startups must get their investments reviewed by the Committee on Foreign Investments in the United States (CFIUS).
The US defence industrial base and the Pentagon have increasingly become wary of Chinese investments in US startups in the past few years. This new report has the potential to further reduce global foreign direct investment flows, which were 23% in 2013 and a measly 13% in 2023. The biggest reason for this decline is the increasing geopolitical differences between major economies, particularly the US and China, and the technopolitical blocs they are carving.
The US defence industrial base and the Pentagon have increasingly become wary of Chinese investments in US startups in the past few years.
India needs to look deeper than the Foreign Direct Investment (FDI) indicators. The report, apart from the DNI, has been written by US Naval and US Air Force counterintelligence units, which means there may have been instances or an actionable intelligence of external adversarial investments coming into the defence-technology ecosystem, especially in companies working on projects sensitive to US national security.
In the light of this report, it will do us well to examine how safe India’s defence, space, and strategic emerging technology startups are from similar nefarious investors. India’s strategic emerging technology startups have created a feel-good sentiment in the country. The Indian government and even the media celebrate when these startups secure foreign private equity and venture capital (PE-VC) investments. However, celebrations need to be balanced with safety nets and security checks as many of the projects these startups work on could be intimately linked to national security.
How India’s strategic emerging technology innovation ecosystem is defended is not known today. This is particularly concerning, especially when a sizeable number of startups, started independently or in respected academic institutions, are now part of strategic national projects, like the Innovations for Defence Excellence, Mission DefSpace, National Supercomputing Mission, National Quantum Mission, India Semiconductor Mission, Deep Ocean Exploration Mission, amongst others. In many cases, the foreign PE-VC investors, thanks to their financial heft, invest early to control or monitor the innovation life cycle. Eventually, the startup acquires a beneficial ownership pattern that makes it an India-based company with foreign stakeholders working behind the curtain with Indian founders and an Indian staff at the forefront. The frontage, often by over-optimistic and media-savvy Indian founders and CXOs, citizens or NRIs, is perceived to be the only way these companies can flourish. Unfortunately, this ‘letting it be’ attitude is a slippery slope, where one slippery investment in the sensitive ecosystem can create damage whose consequences the nation has to bear for decades.
The 2010 Amendment of the Foreign Trade (Development and Regulation) Act of 1992 regulates the export of specified goods, services, and technologies that are classified as weapons of mass destruction and their delivery systems.
Although there are no precise safeguards to identify and counter adversarial PEs and VCs, three powerful mechanisms tangentially exist in trade and financial regulations for such scenarios.
The 2010 Amendment of the Foreign Trade (Development and Regulation) Act of 1992 regulates the export of specified goods, services, and technologies that are classified as weapons of mass destruction and their delivery systems. However, the Act does not specify measures to prevent malicious investments that could bypass such import and export controls, nor does it have much to do with screening FDI.
Under the Securities and Exchange Board of India’s (SEBI) Foreign Venture Capital Investor Regulations, 2000, compliance for VC was created. SEBI has the power to cancel the registration certificate of a foreign VC investor if it is found to be “guilty of fraud or has been convicted of an offence involving moral turpitude.” It is not clear if SEBI has the inherent scope to detect defence-corporate high-tech espionage, especially in matters of defence innovation entities, and to take action on such moral turpitude.
The third, the Foreign Exchange Management Act (FEMA) of 1999, governs the flow of incoming and outgoing foreign exchange, including those coming through the venture capital mode. FEMA requires overseas VC firms to be binding in sharing details regarding their investment limits, repatriation procedures and compliance requirements with the Reserve Bank of India.
In the case of the US, the recent report has designated the CFIUS to review investments identified by counterintelligence agencies. CFIUS is qualified to review the strategic significance of the emerging technology startups through its members, the Departments of Defense, State, and Commerce, and the National Security Council. Although established in 1965, CFIUS’ significance has grown lately owing to the 2018 Foreign Investment Risk Review Modernization Act (FIRRMA), which takes into account the review of foreign PE-VC equity investments.
The Indian Department for Promotion of Industry and Internal Trade works with the concerned ministries through the Foreign Investment Facilitation Portal that acts as a single-window clearance to facilitate foreign investments.
At present, the Indian Department for Promotion of Industry and Internal Trade works with the concerned ministries through the Foreign Investment Facilitation Portal that acts as a single-window clearance to facilitate foreign investments. However, whether its standard operating procedure involves counterintelligence to ward off nefarious PE-VC investments is not known. There are other pressing issues:
- Does every ministry have the necessary counterintelligence capabilities to review incoming foreign investments in transdisciplinary domains? Startup innovation does not necessarily depend on one application; more often, for better economic returns, critical technologies emerging from startups may serve as dual- or multi-use. These use cases can span the purview of several ministries.
- The 11 notified sectors, mentioned since the times of the now defunct Foreign Investment Promotion Board (FIPB), do not allude to screening sensitive emerging technologies in sectors like space, and underwater, and technologies like autonomous vehicles, biotechnology, synthetic biology, robotics, artificial intelligence etc. currently in the innovation stages.
- Do FEMA and SEBI have the system to identify military-cum-corporate espionage when dealing with investments in strategic emerging technology startups?
- India lacks a mechanism, at present, to develop counter-intelligence and to incorporate the views of other concerned ministries and departments, in order to present a comprehensive public report the way the DNI has done in cooperation with the US Air Force and Navy.
There may be a scenario in which key strategic-tech startups in the ecosystem might knowingly and unknowingly become hostage to investors and be made part of the PE-VC investors' global design. Crucial supply chains for strategic technology R&D and production might get compromised if investor diligence is followed. Such situations might be difficult to detect.
It has been 10 years since New Delhi began promoting startups and facilitating FDI to sustain its endeavour of making India a global manufacturing hub. The startup ecosystem has begun to deliver and those involved in innovation and production of strategic technologies need to be protected from research, industrial and corporate espionage. The situation compels the Indian government to realise that startups working on defence tech, drone tech, space tech, AI, synthetic biology, quantum technologies, cislunar architecture, multi- and hyper-spectral imaging, vaccines, amongst others, need to be protected as they could serve India’s growing security needs to fight the 2.5 front war.
The startup ecosystem has begun to deliver and those involved in innovation and production of strategic technologies need to be protected from research, industrial and corporate espionage.
A lot of thinking and action must be expected from the counterintelligence potential of the Economic Intelligence Council (EIC). The EIC needs to make a net assessment about whether it should call for creating a multi-ministerial CFIUS-like review committee, and/or if it needs a FIRRMA-like legislation. It also needs to evaluate if it requires to initiate a joint counter-intelligence mechanism where, along with the National Security Council Secretariat, the strategic agencies, armed forces, and other intelligence agencies, it can prepare to scan, warn and protect Indian innovators through an Indian CFIUS-like committee. If the US, the greatest proponent for globalisation, is becoming protectionist about its innovation ecosystem, it not only is a sign of mounting global technopolitical multipolarity, but also an indicator to India that it should bolster the research and industrial security of its maturing innovation ecosystem.
Chaitanya Giri is a Fellow with the Centre for Security, Strategy, and Technology at the Observer Research Foundation.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.