The United States is a global leader in science and technology. Part of our strength comes from the open exchange of ideas and collaboration among researchers, including across international borders. But some foreign governments are exploiting that openness to acquire U.S. research and technology, both legally and illegally.
One of many potential targets is the National Institute of Standards and Technology (NIST), which employs about 1,400 researchers. NIST works on emerging technologies—such as quantum computing and 5G—that could have significant economic and national security implications.
Today’s WatchBlog post looks at our new report on NIST’s efforts to ensure research security.
What’s the threat?
NIST, like many research institutions, enhances its work by collaborating with outside researchers. These collaborations pave the way for new technologies, medical treatments, and better infrastructure. But this success also comes with risks of theft by foreign competitors.
Foreign adversaries, whose conduct harms U.S. national security or foreign policy, have tried to use collaborative research efforts to access sensitive information. They might try to send researchers to NIST sites to access unpublished research or might try to recruit NIST staff to gain sensitive information. These countries can also request NIST’s measurement services for their own military or commercial benefit, such as by asking NIST to calibrate scientific instruments.
NIST efforts to safeguard American research
NIST has several safeguards in place to prevent an adversary from obtaining sensitive research information. An important one is to assess all potential collaborations with foreign adversaries. For example, NIST receives requests from countries to meet either virtually or by sending NIST staff abroad. If there are concerns about a requesting country’s motives, NIST may decline the collaboration. One such rejection came in fiscal year 2022, when a Chinese institute requested NIST’s assistance in calibrating a scientific tool. NIST rejected this request because the tool had potential military applications.
Another safeguard NIST uses is to look into the backgrounds of researchers who collaborate in person at NIST facilities. These researchers are not NIST employees and are referred to as either domestic associates or foreign national associates, depending on their citizenship. On average, NIST researchers collaborate with about 1,700 domestic associates and 800 foreign associates each year.
NIST requires foreign associates to disclose information—such as their employment, affiliations, and sources of funding. This information can help reveal a security concern if, for example, an associate has been employed or supported by a U.S. adversary.
But threats to U.S. research aren’t just coming from foreign associates. American researchers can also be a threat. For example, a former Harvard chemistry professor who had received $18 million in federal research funding was convicted in December 2021 of crimes related to lying to U.S. authorities about his foreign involvement and income. He had a research contract with China’s Thousand Talents program—a “foreign talent recruitment program” that paid him a salary and funded his research—but denied the affiliation to authorities.
This example did not involve NIST, but NIST’s domestic associates may similarly find themselves influenced by foreign interests. And in our report we found that NIST requires fewer disclosures from domestic associates. For example, it does not require domestic associates to disclose participation in a foreign talent recruitment program. Officials told us NIST primarily focuses on risks posed by foreign national associates and by certain adversaries.
In addition, NIST hasn’t been able to implement certain disclosure requirements because the White House Office of Science and Technology Policy (OSTP) has not released the needed guidance. Specifically, OSTP had not issued guidance on foreign talent recruitment programs. Without these guidelines, NIST can’t develop its own policy, as required by law.
What more should be done?
NIST is missing critical information that could help respond to the risk of research being divulged to foreign entities. So, we recommended that NIST strengthen disclosure requirements for domestic associates. We also recommended that OSTP expedite its guidelines on foreign talent recruitment programs to help NIST better assess research security risks.
Learn more about NIST’s efforts to protect U.S. research from foreign threats by reading our new report.
- GAO’s fact-based, nonpartisan information helps Congress and federal agencies improve government. The WatchBlog lets us contextualize GAO’s work a little more for the public. Check out more of our posts at GAO.gov/blog.