The Obama administration signed an informal espionage agreement with Chinese President Xi Jinping in 2015, calling for an end to intellectual property or trade secret theft by either nation against the other.
The Marriott hacking involving 500 million customer records, now allegedly connected to China's government, took place between 2014 and 2018, both before and after the deal was reached.
The Trump administration is seeking to show in a range of ways that China has not operated in good faith on cybersecurity.
The massive Marriott hacking that the hotel chain revealed this month could become part of the trade negotiations between the U.S. and China.
The data breach lasted four years, and the intruders stole information about 500 million customers. On Tuesday, The New York Times reported that investigators had traced the hack back to the Chinese government, calling it part of a broader intelligence-gathering operation. Reuters had previously reported Chinese involvement.
But back in 2015, the Obama administration struck a data-theft deal with Chinese President Xi Jinping, agreeing that neither country would steal personal information of the other's citizens.
The Marriott breach would have crossed right through that timeline. If it can indeed be attributed to China, it would give the Trump administration more leverage for its position that China has not been acting in good faith on cybersecurity.
An informal deal during a different era of trade tensions
"The agreement was struck very quickly at a time when the U.S. was threatening retaliation over IP theft, and President Xi Jinping was traveling to D.C. for a summit with President Obama," recalled Robert Silvers, who helped sign the deal in his prior role as assistant secretary for cyber policy at the Department of Homeland Security.
"There was leverage there, and we capitalized on that leverage."
The deal was informal and didn't impose significant consequences on either party for not complying. It called for more communication and cooperation over investigating cybercrimes between the two countries, in addition to prohibiting either side from stealing intellectual property or trade secrets from the other.
After the deal, Silvers said DHS received confirmation from government sources and third-party companies that monitored Chinese IP theft that those attacks had dropped "significantly."
"But we entered a different era now. It looks like China has taken the gloves back off," said Silvers, who now serves as a litigation partner with law firm Paul Hastings LLP.
Joseph Campbell, former assistant director of the criminal investigative division for the FBI, recalled that around the same time in 2015, he met with Chinese authorities alongside then-FBI director James Comey. They, too, sought to halt "widespread intellectual property and trade secret theft," he said.
Campbell said those conversations in large part focused on the hack of the federal Office of Personnel Management, announced in June 2015. The agency processes security clearances, and information on 21.5 million government workers was stolen.
The FBI also had hope the concerted and targeted attacks from China would abate after the agreement, Campbell said.
"But we know that regardless [of the deal], there was still a significant effort to penetrate sensitive U.S. companies and obtain information this way," said Campbell, who is now director of global investigations and compliance for consulting firm Navigant.