The Shadow Of Cyber Regulation – Analysis


In response to growing Internet security concerns, governments are working toward further regulation, with the end result possibly being its fragmentation into discrete national networks. To avoid such fragmentation of the Internet, states should negotiate a framework convention on cyberspace.

By Jonas Rey for ISN Insights

Although the Internet was originally created as an academic exchange network, when significant numbers of people started to join, it became obvious that it could be used for more than just academic purposes. The subsequent rise of the Internet as an economic catalyst was quick: thanks to the generativity and openness of the Internet’s architecture, companies in possession of the required technical knowledge could quickly become online powerhouses and reach millions of consumers not only in their country, but in every country with Internet access.

It could be argued that their rise was largely due to the nature of the Internet itself. Governance of the system was handled by the Internet Corporation for Assigned Names and Numbers (ICANN), which was charged with ensuring that the technical features of the Internet remained stable for everyone. Companies were free to conduct business and expand without interference from states. Governments at that point were simply applying pre-existing laws to the online realm, trying to regulate e-commerce, and protect the international property rights (IPRs) of various companies physically headquartered in their jurisdiction. Even after the dot-com bubble that culminated in the March 2000 NASDAQ crash, states still did not engage in massive regulation of the Internet; instead, they chose to allow its users to continue enjoying the economic and social benefits of an open network.

Now, it’s all about security

As the Internet has grown in importance, so have the issues surrounding it. Academia and governments have started to speak out about online terrorism, the protection of personal data, freedom of information, cyber warfare and cyber espionage. In recent years, many countries have begun initiatives to try regulate the Internet, both at the national and international levels. However, the only international treaty concluded so far regarding the Internet has been the Council of Europe’s 2004 Convention on Cybercrime which dealt with a variety of issues such as privacy, child pornography, and hacking.

From Switzerland to China, the security hype surrounding the Internet is making governments start to feel nervous about the national cyber security challenges confronting them. The US’s reaction was to create the United States Cyber Command in May 2010, while France created l’Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI). More concretely, to ensure that critical infrastructures and the national interest remain protected in the online sphere, some countries – Germany, Austria, Australia and the US to name a few – are starting to examine the legality of the so-called ‘kill switch’ option that would disconnect the whole country from the Internet in case of an emergency. Such a kill switch option was recently used in Egypt and is already legal and technically feasible in Canada.

A fragmented Internet

So, what are the governance implications of such a move to “securitize” the Internet? Mario Campolargo, Director for Emerging Technologies and Infrastructures at the European Commission, argues that security is not only a matter of technology; alongside the development of technological defenses, states are also able to regulate the Internet through legislation and policy. The consequences of such regulatory maneuvers should not be underestimated.

In the long term, expanded national regulation could mean a fragmented Internet. The consequence would be an Internet where an Italian citizen could no longer connect to a North Korean website without having to “cross” political borders. Instead, there would be an “Italian” Internet connected to a “North Korean” Internet. The Italian user would have to first connect to the national network, and then request connection to the North Korean Internet. This muscular version of how the Chinese Internet now functions would become the norm, and not the exception. Furthermore, it could entail users needing ‘cyber passports’, or electronic IDs – leading to the loss of online anonymity. Such a scheme has already received support from such high-profile actors as US President Barack Obama and the Secretary-General of Interpol.

Even if these developments have not yet been realized, once states start to move in this direction, it will become very difficult to return after regulation has reached a critical mass.

The need for an international cyberspace treaty

The international community needs to avoid fragmentation: It is against the basic idea of an open Internet, would violate users’ freedom of access, and seriously disturb e-commerce. Instead, the international community should develop a framework convention on cyberspace; one convention is already under discussion at the UN, but mainly focuses on cybercrime. To ensure an open, generative and sustainable Internet, a more comprehensive convention is needed, one which also includes elements of Internet governance.

The advantages of a framework convention on cyberspace, supervised by a World Internet Organization, are numerous:

· It could build on the existing governance structure of ICANN and the ITU to minimize the bureaucratic burden of creating a new international organization.

· It would ensure that Internet governance still includes multiple stakeholders.

· It would harmonize various national attempts to regulate the Internet, thus offering better network security.

· It would ensure that Internet governance is democratic, transparent and includes all countries.

· It would ensure the main governing body would not be motivated by political cyber-interests.

· It would promote the continuous and horizontal development of the Internet and ensure that broadband access is available in every corner of the world, thus greatly reducing the digital divide.

For this to happen, the United States would have to relinquish its leadership in this domain and the international community would have to agree on the basic characteristics of the Internet. As difficult as getting the US to loosen its grip on Internet governance may sound, the Internet is a global good; it requires global governance.

An international agreement could save the Internet. But so far, states have instead been more eager to act in ways beneficial to their own short-term national political interests. Governments need to realize that the yet-to-be-proven security benefits of a regulated, or even worse, a fragmented Internet would never outweigh the pre-existing economic advantages of an open network. A nationally regulated Internet would mean a step back in the history of technology, and of humanity.

Jonas Rey was formerly an Editor at the ISN. He is currently an intern at the Lowy Institute for International Policy in Sydney and is finishing his Master’s thesis on the topic of Internet governance. You can follow him at Published by International Relations and Security Network (ISN)

ISN Security Watch

The ISN is one of the world's leading open access information and knowledge hubs on IR and security issues, based at ETH Zürich, Switzerland.

Leave a Reply

Your email address will not be published. Required fields are marked *