The conventional analysis of IP theft understands it to be an act of commercial criminality – a renegade engineer, a bribed supplier, a patent casually dismantled in a laboratory in Shenzhen. The application of this diagnosis to India-China relations is not only incomplete, but actively counterproductive, in that it confuses a strategy with a category of crime. The activities that are unfolding across India’s institutions of defence research, pharmaceutical innovation, and semiconductor-enabled technology do not represent opportunistic acts of theft by rogue corporate actors. They are part of a sub-threshold strategy, carefully executed in order to exploit the precise ambiguities that grey zone theorists have sought to clarify over the last decade. India does not face a conventional warfare paradigm, but one of constant grey zone activity – a world of ambiguity, denial, and sub-threshold coercion, in which China’s instruments of high technology are being employed to erode Indian capacity systematically.

There are three core propositions that underlie the argument set forth herein. The first proposition is that China’s targeting of Indian dual-use technology research is intrinsically a matter of state intent, and not accidental or coincidental commercial theft, owing to the nature of Chinese legislation. The second proposition is that India’s institutional system, fragmented across the DRDO, individual sectoral regulators, and inadequate intellectual property protection, creates exactly the vulnerabilities that grey zone strategy seeks to exploit. The third, which is less explored in the existing literature on the topic, is that Beijing employs an integrated strategy of intelligence acquisition and lawfare, utilizing instruments such as export licenses and bureaucratic leverage in order to achieve through non-obvious means what could not be achieved through industrial policy alone.

The Legal Architecture of State-Directed Acquisition

The justification for state direction does not lie in implication but in legislation. China’s 2017 National Intelligence Law makes it incumbent upon all persons and organizations to cooperate with state intelligence activities. In tandem with the provisions of the Counter-Espionage Law, Cybersecurity Law, and Data Security Law, this means the state is able to compel the presence of vulnerabilities in Chinese tech companies and their disclosure of data to the state, which, as explained by the, further enable military-civil fusion in China, whereby companies and individuals must assist state intelligence operations and cyber campaigns. Junmin Ronghe – military-civil fusion – is thus the legal construction whereby the boundaries of civilian research and its military applications are dissolved.

In other words, it means that the sovereignty of Chinese companies is purely contractual fiction and instantly suspended whenever the state sees fit to invoke it. The assessment of the U.S. Department of State concerning the situation is very clear: private corporations developing new technologies in China will not be able to decline integrating them into military projects, as cooperation is mandatory under Chinese laws.

It is also clearly evident in the experience of India. As reported by CyFirma in March 2021, a state-sponsored hackers’ group targeted IT infrastructure of Bharat Biotech and Serum Institute of India when these companies had developed some of the most crucial vaccines intellectual property for the whole of South Asia – part of a broader trend of China systematically engaging in offensive cybersecurity attacks against India for more than a decade. The 2022 breach in the IT networks of power infrastructure in India’s Ladakh further demonstrates that the focus of the operations of state-sponsored hackers expanded from the acquisition of IP to infrastructure reconnaissance; perhaps, the aim of this was to learn about India’s crucial infrastructure and potentially plan future sabotage.  From an international perspective, the threat actors who orchestrated this campaign also targeted a legal firm, a drug manufacturer, aerospace and defense companies, and information technology infrastructure companies. They also took advantage of their current vulnerabilities to carry out attacks that seemed like ransomware attacks, but which were actually intellectual property thefts.

The Architecture of Indian Exposure

This is not to suggest that India has failed in its vigilance. On the contrary, this vulnerability is intrinsic in the very manner in which the country has constructed its capabilities of dual use. As the DRDO recently made a breakthrough in the domestic manufacturing of gallium nitride due to stringent export controls, such as the International Traffic in Arms Regulations, on compound chips, thereby forcing the Indian side to innovate in response to the denial regime . This example shows that India can indigenize successfully when faced with denial. India still needs commercial-grade semiconductor fabrications and depends heavily on its imports of chips necessary for its radar, avionics, electronic warfare programs, over which little or no sovereignty can be asserted.

There is another, perhaps even less visible vector of penetration that needs attention. An apparent investigation into the matter revealed a camera provided by the company Hikvision, partly owned by the Chinese government through China Electronics Technology Group Corporation, the largest defence electronics company of China, being fitted to watch the control stations of an Indian military drone program. Even if this particular case involves an air-gapped machine, the point is not lost; a procurement chain replete with dual-use items is always a latent vulnerability, ready to be exploited. Yet, the greatest vulnerability comes from the legal vacuum surrounding India’s trade. According to India’s Twenty-Second Law Commission in its 289th report, India must recognise the threat of trade secrets theft and the risks posed by this threat to the country’s economic security, pointing out that the Official Secrets Act of 1923 cannot provide adequate safeguards against the modern challenges arising from technological innovations. . At present, there is no specific law in India dealing with trade secret misappropriation, any sort of disclosure or industrial espionage, leaving the victim to depend on civil actions. China, on the other hand, has made a law specifically dealing with such issues that regards any kind of cyber-attack as an “improper means” of obtaining trade secrets.

The Lawfare Dimension

However, the least analysed mode of operation by Beijing is not stealth acquisition but the legal denial of technology through its Export Control Law. The recent changes in China’s Export Control Law have given Beijing significant leverage over denying access to vital technology components. By including seven medium and heavy rare earths in the country’s dual-use control list, China has moved the choke point from the sourcing of raw materials to the reliance on Chinese magnet manufacturing and production processes used by the defence, aerospace, and semiconductor industries. Except this time round the rule would be turned inward to control any product downstream with Chinese origins, wherever its manufacture takes place. The October 2025 reforms added even more to China’s strategic arsenal. China, for the first time, introduced the concept of Foreign Direct Product Rule, thus giving it an opportunity to regulate products produced through the use of technologies and materials of Chinese origin even if the products were made in other countries. It should be noted that this strategy is reminiscent of China’s overall strategy of leveraging its regulatory powers over other countries. The cases of Didi Chuxing and LinkedIn are proof of how quickly Beijing can act to influence businesses around the world. Thus, for India, any technology transfer agreement involving Chinese-origin inputs is fraught with legal risks that may be activated at Beijing’s will without any bullets fired or letters written to embassies or governments.

Toward Threshold Recognition

It is, however, precisely this feature which makes it difficult for them to respond conventionally. There is nothing that one can point to which, by itself, merits escalatory action; but the end result is strategic degradation nonetheless. Legal analysts who compare laws from various countries point out that such methods work well because no one move considered separately can be seen as coercive. Such acts may appear legal and even insignificant separately. But a series of activities intended to destabilise another country’s government may go against the spirit, even if not the letter, of the law protecting countries from outside interference. 

For India, therefore, it is not about waiting for something which might cross the threshold of a trigger warranting escalatory actions because there will be no such thing, at least as far as China is concerned. India needs a framework that recognises and responds to the risk of strategic degradation. This should include a robust trade secrets law that reflects the seriousness of contemporary economic and technological threats. It should also establish a legally enforceable hardware procurement system and treat dependence on Chinese-made hardware as a national security concern rather than merely a commercial issue.