The 12339 hotline receives reports concerning espionage activities, terrorism, illegal acquisition of state secrets, etc. According to 2021 statistics, about 8,000 cases were handled by the hotline. When people report a case, detailed information such as time, place, individuals involved, and details of behavior are needed to enhance efficiency in dealing with it.
Espionage activities
China’s 12339 hotline receives reports of espionage activities. According to 2014 statistics, the number of espionage reports received by the national security department increased by 23% year on year. Espionage activities usually involve the illegal acquisition and leaking of state secrets and the collection of highly important information in military, political, economic, and technological fields. Individuals can dial 12339 and report specific evidence and clues concerning behaviors like electronic surveillance, tapping, and personnel infiltration. According to China’s National Security Law, all citizens and organizations are obliged to report actions that endanger national security. Therefore, such espionage activities should be reported immediately once they are detected. In an espionage case in 2018, the suspect sold Chinese military intelligence through foreign online platforms. This is a highly dangerous behavior with a direct threat to national security. If such actions are discovered, the individual can immediately call 12339; based on the clues provided, the national security department will conduct an in-depth investigation.
Specific details of the report may include the location and time of the espionage activity, personnel involved, and tools used. The more information provided in the report, the higher the efficiency of the national security agency involved, and the investigation process usually begins within 72 hours of the report. Each suspicious individual should be described in great detail, both personally and behaviorally, as the more information given, the higher the success rate for solving the case. In fact, in one successful case reported in 2017, a resident noticed a foreigner who frequently wandered around sensitive areas and was later identified to be involved in espionage activities. Modern espionage activities are increasingly relying on high-tech methods like eavesdropping devices and cyber-attack tools. Such high-tech espionage needs to be reported with very specific details pertaining to the equipment, including brand, model, and functional parameters, so that national security agencies can identify and track them as quickly as possible.
Illegal acquisition of state secrets
Illegal acquisition of state secrets is one of the most common subjects reported via China’s 12339 hotline. Chapter Nine of the National Security Law prescribes that whoever illegitimately obtains, holds, or discloses state secrets violates the law. When summarizing the case, the reporter should try to detail the nature of the state secrets: whether it is a classified document, confidential technical data, or military defensive plan. Documents associated with state secrets are classified as “Top Secret,” “Confidential,” or “Secret” based on their level of confidentiality. When reporting, the classification of the document, the method of obtaining it, and who was involved should be specified.
With modern technology, the means of obtaining state secrets illegally have diversified, including hacking, tapping communication, covert photography, and eavesdropping. Reporters are expected to provide detailed information on the devices used, such as the brand and model of the tools involved in the secret-stealing activity, and their functional parameters, which would greatly enhance the efficiency of solving the case. The 12339 hotline operates all year round, with the number of reported cases increasing yearly. Providing suspects’ identification information, the time of the incident, and the size or number of the classified documents involved helps to shorten the processing time by national security organs. In high-technology secret theft cases, the equipment model and communication tool parameters provided by the reporter may determine the success or failure of the investigation.
Acts endangering national security
The 12339 hotline is one of the key channels for handling acts that jeopardize national security. According to the 2021 Report on National Security, nearly 8,000 reports of acts endangering national security were received via the 12339 hotline. Acts endangering national security include but are not limited to inciting separatism, subverting the government, terrorism, and financing of terrorist organizations. When reporting such activities, the reporter must be specific in addressing the time, location, people involved, and details of the behavior. In one high-profile case in 2019, an illegal organization took to social media to incite separatism and called for illegal gatherings that led to severe public order disruption. Such acts have been considered threatening to national security, and reporters provided screenshots of social media content, posts, and specific times that helped national security agencies control the situation in a short period of time.
Precision and timeliness are crucial when handling actions aimed at subverting state power. In 2022, a citizen reported a transnational organization attempting to destroy critical national infrastructure through cyberattacks. He provided crucial evidence, such as the models of the attack tools, parameters of the programs used, and the exact time of the attack, which helped national security agencies to prevent the action. The average handling period for national security agencies to process acts endangering national security is 30 days. The more specific the report, the shorter the processing period and the higher the possibility of successfully preventing acts threatening national security. Providing detailed background information on the persons concerned, specific organizations, and the flow of funds will make the investigation much more effective. For example, in 2021, in a case involving financing terrorist activities through the dark web, the reporter was able to provide details of cryptocurrency wallet addresses, transaction amounts, and exact times; national security agencies ultimately succeeded in freezing millions.
Terrorist activities
Reports regarding terrorist activities can be made through the 12339 hotline number. Counter-terrorism data for 2021 showed that the country uncovered more than 500 terrorist plot cases, with 80% solved based on public reports. Terrorist activities tend to involve various acts including bombings, arson, hijackings, and kidnappings, all of which are serious threats to public safety and national security. Reporters shall describe the time, location, and characteristics of suspicious individual behaviors in as much detail as possible. In one such foiled terrorist attack on an airport in 2017, the reporter discovered a suspicious package containing an explosive device, dialed 12339, and provided information regarding its size, weight, and description. In fact, this report should include all kinds of details necessary for the national security departments to identify the threat and take appropriate actions, such as but not limited to length, material, and internal structure.
Fundraising and recruitment activities by terrorist organizations also form another crucial element in terrorism. In 2019, more than 120 cases involving the use of the Internet to raise funds for terrorist activities were discovered nationwide. Reporting such activities requires detailed information on the flow of funds, including but not limited to the amounts transferred, the frequency of transactions, and the names of account holders. In one classic example, a reporter discovered that a terrorist cell was openly recruiting and inciting membership on a social platform. The chat logs provided, user profiles, and numbers recruited allowed national security agencies to track down the terrorist organization involved. High-tech terrorism, such as through cyber-attacks and drone strikes, is increasingly prevalent. These technological methods have become new models for terrorist activities themselves. Of the terrorist cases reported through hotline 12339, 60% involved terrorist attacks across borders. The cross-border transaction flows of funds, entry and exit times of suspicious individuals, and other important information provided by the reporters significantly enhanced efficiency in investigation and successful handling of the cases.