National science funders eye setting up international network to share research-security information

As part of a broader push to tighten security, science funders in the US, UK and Canada are considering setting up a network to share information about security risks affecting international research projects, according to a senior US science official.

The network would enable regular sharing of unclassified information among key science agencies and their ministries. “Because our researchers collaborate together so much, it makes sense for us to share information – to create an international network,” said Rebecca Keiser, head of research security at the US National Science Foundation (NSF).

The discussions are already underway with the UK science ministry and its main funding body, UK Research and Innovation, as well as with Canada’s innovation ministry and Natural Science and Engineering Research Council. Discussions are also planned with Dutch officials, and possibly others. The intent is to share information that can help each region’s research performers – including universities and small businesses – avoid security risks when operating internationally. Planning is still at an early stage, Keiser said, “but I think that there is definitely an overall joint interest.”

Tougher controls

The discussions are the latest manifestation of rising activism among western science funders over what they regard as potential science and tech espionage by China, Russia, Iran and others. But the drumbeat of new security measures is especially loud these days in Washington, where a series of Congressional and administrative actions have pointed towards tougher controls – even as leading US academics say the campaign risks restricting the ability of American scientists to collaborate with partners abroad.

One event last week has caused particular alarm in academia: passage by the Republican-controlled House of Representatives of legislation that would greatly expand public reporting requirements on researchers receiving foreign funding – including from close US allies.

“There seems to be an insatiable appetite to address issues related to research security,” said Tobin Smith, senior vice president for government relations and public policy at the Association of American Universities. While universities support safeguarding research and have already acted to do so, “we are arguing for a risk-based approach – not an approach that uses a sledgehammer to hit a nail.”

At the same time, also in the House on 7 December, the Republican chair of the Foreign Affairs Committee released a report urging a revamp of export control rules that since the Reagan administration have exempted most forms of fundamental research. Separately, next January 2 new rules will take effect requiring that foreign researchers sub-contracting to US grantees of the National Institutes of Health will have to make their lab notebooks available to NIH examiners online – political fall-out from claims that the NIH didn’t adequately police a grantee working with the Institute of Virology in Wuhan, China before the start of the COVID-19 pandemic.

SECURE centre is coming

The National Science Foundation, meanwhile, has been leading a broad government effort to review research security procedures – and one of the first outcomes is due to start operating by October 2024: a new clearing-house for research-security information, open to US research organisations, called SECURE, an acronym for ‘Safeguarding the Entire Community in the US Research Ecosystem’.

In contrast to some other security diktats flying around Washington, the NSF project has received strong academic support. “We are very much in favour of the SECURE centre,’” said Smith. US universities are “already doing a lot” to beef up security, but SECURE will provide “more information about where the risks really are, and how we can address them in a sensible fashion.”

In the view of Keiser, the aim of the centre is “safeguarding” research, “not locking things down.” It will be run by an independent, non-governmental agency – for which the NSF is evaluating tenders it solicited this autumn – on an initial budget of $9.5 million already appropriated by Congress. The plan is that it gradually scale up from its October 2024 launch, with a mix of extra federal funding and institutional membership fees.

Besides providing basic guidelines and information about security risks, the centre will also advise research organisations – for instance, informing them that certain kinds of foreign research partners may have military ties. To make that possible, Keiser said, the NSF is currently in discussions with the Director of National Intelligence to work out a system to gather and redact sensitive information so it can be safely passed to the non-governmental centre and made public, without compromising classified information. The centre’s services are aimed only at US-based research organisations – but its publications will be available to anyone, Keiser said.

The aim, then, isn’t to warn a university off a specific project, but to give enough information so that it can make its own decision. “I view it like the National Weather Service,” Keiser said.
“It will tell you ‘there’s a 60% chance of rain’. But it’s not going to tell you whether to bring your umbrella or not. You have to decide that.”

SECURE would also fit into the international agency network now in the planning. The UK, Canadian, Dutch and Australian governments have already launched or begun planning initiatives to advise their own research communities about security risks – though the approaches vary widely. In Canada, national security services have been given access to grant applications, and have already vetoed some projects. In the EU, the Commission this year published a security “toolkit” for research organisations, and next February the Council is due to discuss further security measures. And in Australia, draft legislation would impose prison terms of up to 10 years on researchers who don’t observe rising restrictions on sharing sensitive technologies – even to allied nations.  

DETERRENT in the works

In Washington this week, however, the biggest security fuss is over the House-passed DETERRENT Act – an acronym for ‘Defending Education Transparency and Ending Rogue Regimes Engaging in Nefarious Transactions’. Like many of the current security measures, it was pushed by House Republicans trying to demonstrate their support for tough security, while also scoring political points against “woke” universities.

The bill would toughen disclosure requirements for research organisations that get funding contracts from any country, including close US allies. Under the law, the threshold for reporting most foreign funding would fall to $50,000 a year from the current $250,000 – and unlike at present, the reports would be publicly available. For “countries of concern” – such as China and Iran – the threshold would drop to zero. And there would be a new reporting requirement for individual researchers receiving foreign “gifts” while working at any US university that receives at least $50 million a year in federal R&D money.

The law was advanced by Michelle Steel, a California Republican – who, on social media, joined other Republicans in blaming US universities for security lapses. “It's never been more clear: foreign adversaries are working to influence the minds of our future leaders,” she posted. But the universities call the new law unworkable, badly written and harmful to science.

It isn’t clear yet how the bill will fare in the Democratic-controlled Senate, where it’s in the jurisdiction of a committee chaired by left leaning Vermont senator Bernie Sanders. Though, in an ominous sign for universities, the House passage was as close to bipartisan as anything gets these days in Washington: 31 House Democrats joined Republicans in voting for the legislation.