Summary

There has been growing awareness that the research enterprise is vulnerable to foreign adversaries that exploit our openness. Absent aggressive action, foreign adversaries may exploit America’s scientific progress and become the primary beneficiaries of U.S. funded research. Recent congressional investigations, nonpartisan watchdog reviews, and investigative reports have identified significant vulnerabilities in American research programs. Unless the administration prioritizes research security, foreign adversaries will continue to steal the outputs of government-funded R&D and undermine American economic and national security.

Recent administrations have recognized the significance of research security; however, vulnerabilities have persisted. In January 2021, President Trump issued National Security Presidential Memorandum 33 on U.S. Government-Supported Research and Development National Security Policy, which required all federal research agencies to strengthen protections for federal research and prevent federal employees from participating in foreign talent recruitment programs. The memorandum remained in force during the Biden administration.

President Biden later signed into law the CHIPS and Science Act, which included several initiatives to strengthen research security. The law authorized funding for the National Science Foundation to increase oversight of NSF-funded research projects at postsecondary institutions, created new reporting requirements for foreign payments to institutions that receive NSF funds, and established a new Office of Research and Security Policy within NSF. However, the Biden administration also reduced enforcement of Section 117 of the Higher Education Act, which requires colleges and universities to disclose certain payments from foreign sources.

During President Trump’s second term, the administration—specifically, the Office of Science and Technology Policy (OSTP)—should reprioritize securing the U.S. research enterprise, including through the following:

1. OSTP should follow the recommendation of the Government Accountability Office (GAO) and lead a government-wide initiative to improve information-sharing about foreign ownership, control, or influence in research programs.

2. OSTP and the White House should direct the Intelligence Community to establish an information-sharing regime to enable public and private sector partners to vet potential research partners for foreign counterintelligence risks.

3. OSTP and the White House should direct all research-funding agencies to encourage a “Know Your Collaborator” culture in the U.S. research community.

4. The White House should recommend the transfer of legal authorities for enforcing Section 117 of the Higher Education Act from the Department of Education to the Department of Justice. In addition, the federal government should increase transparency about postsecondary institutions’ disclosures foreign payments received.

5. The Federal Bureau of Investigation and Department of Education should establish a hotline for individuals to contact federal authorities if they believe they may be being recruited, targeted, or pressured by foreign intelligence services.

Why Research Security Matters

Congressional investigations, nonpartisan watchdog reviews, and journalists have consistently revealed alarming security vulnerabilities in U.S. government funded research programs, including the following examples:

• In May 2025, the Stanford Review published evidence of Chinese Communist Party intelligence gathering at Stanford University, concluding that China has systematically targeted Stanford’s critical technology research to overtake the U.S. in technological dominance. The investigation, which was conducted through interviews with dozens of Stanford faculty, students, and Hoover Institution fellows, found that the CCP operates an expansive intelligence gathering campaign at Stanford targeting sensitive research, particularly in AI and robotics. The article centers on “Charles Chen,” a Chinese man who pretended to be a Stanford student for years and targeted female researchers studying China-related topics. In the experience described in the article, he offered to pay for the female researcher’s travel to China. He requested communication through WeChat, a Chinese-monitored platform, before authorities identified him as unaffiliated with Stanford and likely working on behalf of the CCP. The investigation also discovered that the CCP uses "non-traditional collection" methods to crowdsource information gathering in the U.S. through its students. Under China's 2017 National Intelligence Law, all Chinese citizens must "support, assist, and cooperate with state intelligence work" regardless of location. The Chinese Scholarship Council, which sponsors approximately 7–18 percent of Chinese students studying in the U.S., requires funded students to submit regular reports about their research to Chinese diplomatic missions, with family members facing punishment for non-compliance—a form of transnational repression.
• Two 2024 articles from Bloomberg revealed that Huawei was secretly funding optics research through the Optica Foundation, while not disclosing the donations to the American nonprofit. Huawei’s obscuring of the donations allowed Huawei to fund research institutions that would normally not accept money from Huawei.
• A 2024 investigative report by the House China Select Committee and the Education and Workforce Committee, CCP on the Quad: How American Taxpayers and Universities Fund the CCP's Advanced Military and Technological Research, exposed lax vetting by the Department of Defense and Intelligence Community in funding research programs. The investigation revealed “8,800+ publications supported by DOD funding published with co-authors affiliated with PRC institutions, and an additional 185 such publications supported by IC funding.” Further, the House investigation found that “[m]ore than 2,000 DOD-funded papers included PRC co-authors who were directly affiliated with the PRC’s defense research and industrial base.”
• A 2024 GAO report, Research Security: Strengthening Interagency Collaboration Could Help Agencies Safeguard Federal Funding from Foreign Threats, found that the U.S. government was unable to adequately vet potential research grant receipts to ensure that foreign entities of concern, including people with links to foreign terrorist organizations and specially designated foreign nationals, because of missing information in federal databases and ineffective information sharing. The report specifically identified OSTP’s role in overseeing research security: “Recent guidance from the Office of Science and Technology Policy (OSTP)—the lead federal agency for interagency coordination on science and technology policies—does not address the issue of foreign ownership, control, or influence. OSTP officials told GAO that they handle this issue on a case-by-case basis and acknowledged the challenges that agencies face in addressing such risks. Information sharing on such complex matters would better position agencies to more fully safeguard R&D funds.”
• In 2023, the Daily Beast discovered that U.C. Berkley had failed to disclose a $220 million investment from the Chinese government in Shenzhen. It also found that U.C. Berkley had prioritized Chinese entities when IP produced from the Tsinghua-Berkeley Shenzhen Institute was commercialized.
• A 2021 report from the Department of Defense’s Protecting the National Security Innovation Base Study Group, Survey of PRC State-Sponsored Technology Transfers Affecting SBIR Programs: A DoD Case Study, found several cases of the Chinese government benefiting from the Small Business Innovation Research (SBIR) awards. The report identified risks such as employees of SBIR firms joining Chinese talent recruitment programs, researchers closing their American research labs and moving their research to China, and firms establishing joint ventures in China. As a result of the report, Congress passed, and President Biden signed, the SBIR and STTR Extension Act of 2022, requiring agencies with SBIR programs to establish due diligence programs within their SBIR program offices.
• In 2019, the Senate Permanent Subcommittee on Investigations issued a bipartisan report, Threats to the U.S. Research Enterprise: China’s Talent Recruitment Plans, which provided a historical overview of national security risks associated with lax research security. The senators warned that China has pursued a multi-decade campaign of recruiting U.S.-based researchers and scientists to gain information to support Beijing’s development programs, and that “the federal government’s grant-making agencies did little to prevent this from happening, nor did the FBI and other federal agencies develop a coordinated response to mitigate the threat.”

The Trump administration’s NSPM-33, issued in January 2021, provided a national strategy for securing the research enterprise, including by assigning the director of OSTP responsibility to “shall coordinate activities to protect Federally funded R&D from foreign government interference, and outreach to the United States scientific and academic communities to enhance awareness of risks to research security and Federal Government actions to address these risks.” And as part of the CHIPS and Science Act passed in 2022, NSF had to establish an office on research security, and federal research agencies had to establish policies prohibiting research awards to members of malign foreign talent recruitment programs.

Recommendations

1. OSTP should lead a government-wide initiative to improve information sharing about foreign ownership, control, or influence in research programs to answer GAO’s recommendations.

At a minimum, OSTP should answer GAO’s 2024 recommendations:

As part of OSTP’s ongoing efforts to address research security risks, the Director of OSTP, in coordination with federal R&D awarding agencies, should facilitate the sharing of information on identifying foreign ownership, control, or influence. This could occur, for example, in conjunction with OSTP's existing efforts to support the national security strategy or its existing role to enhance the federal research agencies’ awareness of research security risks and policies under NSPM-33.

In addition, OSTP should carry out its responsibility for overseeing research security and direct federal agencies to conduct reviews of current research and grant-making policies to assess whether security is given appropriate consideration.

OSTP should require SBIR program offices to establish standardized due diligence processes. While the 2022 reauthorization of the SBIR program created due diligence offices, federal agencies have the latitude to evaluate foreign risk differently. For inspiration on the best due diligence process, agencies should look to AFWERX in the Air Force. With the Air Force’s Office of Economic Analysis and Office of Special Investigation, AFWERX conducts open-source investigations on SBIR awardees to determine whether the companies pose due diligence risks. OSTP could also recommend that agencies comply with recommendations made in GAO’s 2024 report on SBIR due diligence, none of which have been carried out.

Further, OSTP should ensure that universities are providing necessary resources and guidance for research security training and support for faculty. In 2020, the American Association of Universities put out new guidance for member universities on how to properly secure information related to government-funded and sensitive research. The guidance that OSTP has helped craft now applies to all executive branch agencies providing funds for research, including work done at American universities. OSTP should require agencies that are funding university research to substantiate how each institution is meeting the expectations established under NSPM-33. This should include details on the staff, funding, and activities each institution is using to secure and protect research activities from undue foreign influence.

2. OSTP should advise the president to direct the Intelligence Community to review current databases that are used by the research enterprise and establish an information-sharing regime to improve vetting of research partners. For example, the IC could consider establishing a database akin to the No Fly List for research partners to allow for public- and private-sector vetting of potential research partners.

GAO’s 2024 review identified limitations in the federal databases that are used to identify and prevent federal funding from being provided to foreign countries of concern, including the Specially Designated Nationals and Foreign Terrorist Organizations lists. Further, it is unclear that these databases are sufficient to identify and prevent funding from being provided to people who may pose a counterintelligence threat to the U.S.

Congress and the Trump administration should consider whether a new database is needed to identify potential counterintelligence risks, potentially learning from the No Fly List that was created after September 11, 2001. While the list was imperfect and raised significant civil liberties concerns, the aviation security requirements after 9/11 justified extreme measures to limit access to commercial aviation and to provide national security information to the private sector to mitigate potential security threats. Similarly, the current threat to U.S. research enterprises may justify a similar mechanism to share certain threat information with the private sector.

Making such information available to the research enterprise, including colleges and universities and the private sector, would allow researchers to proactively seek out information and guidance from the national security community and mitigate counterintelligence risks. The administration could brand this new database as a “national security/research security risk” database to underscore that the purpose of a research blacklist would be to protect national security.

3. OSTP should oversee a national campaign to encourage the public- and private-sector research communities to establish a “Know Your Collaborator” culture and to establish information-sharing mechanisms between the research community and the federal government to identify potential counter intelligence risks.

The 2019 Permanent Subcommittee on Investigations report included the following recommendation:

U.S. research institutions should establish best practices in monitoring scientific and research collaboration with foreign nationals and determining whether such collaboration adheres to U.S. scientific research values, especially in the area of research integrity. U.S. research institutions also should investigate and adjudicate allegations of failures to disclose conflicts of interest, commitment, or other outside support.

OSTP could issue national guidance to U.S. research institutions encouraging a “Know Your Collaborator” approach to research security, potentially drawing lessons from the Department of Homeland Security’s long-standing “If you see something, say something” campaign to encourage individual initiative warning about potential security risks.

4. OSTP should advise the White House to recommend to Congress the transfer of legal authorities for enforcing Section 117 of the Higher Education Act from the Department of Education to the Department of Justice.

The first Trump administration issued an executive order, Transparency Regarding Foreign Influence at American Universities, which required robust enforcement of Section 117 of the Higher Education Act. The administration aggressively enforced Section 117 in 2019 and 2020; however, the Biden administration stopped enforcement and reduced transparency about foreign funding on campuses. The first and second Trump administrations have highlighted the need for additional enforcement by the Department of Education and the Attorney General to require postsecondary institutions to follow the law. However, decades of lax enforcement of Section 117 show that the Department of Education is not the appropriate agency for enforcing Section 117. Since President Trump has issued an executive order in March 2025 initiating the Department of Education’s closure, the administration has an opportunity to propose to Congress legislation that would transfer the authority of managing and enforcing Section 117 disclosures to the Department of Justice. At a minimum, the Department of Education or Department of Justice should take steps to increase transparency about foreign payments to American postsecondary institutions, following the House Appropriations Committee’s direction to the Education Department and the recommendations of the Foundation for American Innovation’s scholars.

5. Federal agencies, such as the Federal Bureau of Investigation and the Department of Education, should establish a hotline and educational services for students and other individuals involved with postsecondary institutions to contact if they believe they are being recruited, targeted, or pressured by foreign intelligence services.

Students, researchers, and other individuals involved in postsecondary education or the research enterprise are targets of foreign intelligence services. In many cases, students and researchers do not know how to respond to hostile counterintelligence threats. They are also pressured by foreign countries who may disagree with the speech they produce. Federal authorities such as the FBI and the Department of Education should establish guidance and hotlines for people who believe that they are being targeted by foreign intelligence services. Students and other individuals should be provided with guidance to ensure their personal safety and to avoid potential criminal activity.