In a recent Wall Street Journal op-ed, FCC Commissioner Robert McDowell attempted to make the case that the United Nations, through the Internet Telecommunications Union (ITU), is poised to take “unprecedented powers over the Internet.” The main thrust was that a group of states, including Russia, China and Iran, were pushing a set of recommendations on Internet governance through the upcoming ITU World Conference on International Telecommunications (WCIT-12) in December. This threat is widely exaggerated. However, it holds a seed of truth that can help to illuminate preparations for WCIT-12 as well as the cyber “arms control” agenda more broadly.
To begin with the broad: Mr. McDowell’s point about some nations attempting to do away with some of the freedoms found in the current system is actually true. In recent history, especially the last decade, the threat of cyber aggression has loomed large on some national agendas, especially the agendas of developed nations, where issues such as critical infrastructure vulnerabilities to a cyber attack are a troubling possibility.
While much of the activity in response has been focused on developing better defensive, and, in some cases offensive systems, there have been initial talks in the international arena about some manner of cyber “arms control” treaty. There are a number of ways to parse this agenda, but, for our purposes, it makes sense to see it as three distinct issues rolled into one.
The first is the threat posed by state and non-state actors to network, data, and physical infrastructure security. For an effective response, this is an area that should be addressed multilaterally, although some states that stand to gain from state-sponsored espionage might except to this approach.
The second area is the issue of combating cybercrime. This is an issue area not often explicitly referenced in talks on arms control. It is largely being dealt with on a parallel (and much faster relatively speaking) track. It should at least be acknowledged, however, that cybercrime raises many of the same challenges around cooperation than the first area especially regarding industrial espionage and intellectually property (IP) theft. IP protection looms large on the American policy agenda.
The last area is what can best be termed as “information security.” It is here that Mr. McDowell is closest to the truth of the matter. For nearly two decades, Russia has annually introduced a GA resolution that seeks to define “information terrorism,” or the dissemination of destabilizing information by actors external to a country, as an act of aggression. This has obvious special relevance to authoritarian regimes, as it would most like be a method to stifle dissent and crack down on Internet freedom. The position has gained support amongst governments such as Belarus, Burma, China, Cuba, Turkmenistan, Vietnam, and Zimbabwe.
While the UN language has been watered down over the years, more expansive language creeps into other venues. The six member states of the Shanghai Cooperation Organization (SCO) (Russia, Kazakhstan, Kyrgyzstan, Tajikistan, Uzbekistan, and China) agreed in August 2009 to define information war as a “confrontation between…states in the information space aimed at…undermining political economic, and social systems…to destabilize society and state.” Additionally, writing in UN Disarmament Journal, three Russian Ministry of Defense experts added, “even good intentions, such as advancement of democracy, cannot justify [any information operation with a psychological basis].” They argued that this made such information campaigns illegal under the UN charter.
As a consequence of all of these political dynamics, the fight has bled into discussions over general Internet governance. The current Internet governance architecture is sparse. The Internet Corporation for Assigned Names and Numbers (ICANN), a nonprofit organization chartered by the US government, is one of the few bodies involved in actual governance, through essentially maintaining the globally Internet address book. The ITU referenced in the op-ed serves as a multilateral outlet for bridging the digital divide between developed and developing nations, in addition to some work on telecom standardization and managing international radio frequencies. The proposal to move some of ICANN’s responsibilities to the ITU stems from the feeling that much of the infrastructure is dominated by the US through economic rather than regulatory means. While ICANN touts its multi-stakeholder approach, it is far from internationally inclusive.
Regardless of the details of the ITU proposal, the important part is that it is an option that is no longer on the table, according to a leaked State Department document. While the proposal was being pushed a year ago, it has been withdrawn.
Further adding to the factual discrepancy of the op-ed is Mr. McDowell’s mention of the “peering” issue, which is telling. In essence, the “peering” mechanism that Mr. McDowell briefly mentions refers to the way that traffic is routed both domestically and internationally. It’s a bit technical, so without getting into to many details: Internet service providers (ISPs) in underserved areas (i.e., the developing world) must pay US-based ISPs to route traffic.
This is important for two reasons. The first is the issue of revenue, which US ISP’s and telecoms are loath to give up to non-US companies. The other issue ties back to the US preoccupation with IP protection. A key flaw (or function, depending) of the current peering arrangements is that US ISP’s have extraordinary leverage over the types of data being transmitted over the Internet.
So, for instance, during the US congressional debates over the SOPA/PIPA legislation to stop online piracy, there was talk of using US leverage to expand SOPA/PIPA-type legislation internationally. These peering arrangements would have been an essential part of that effort. The “balkanization” that Mr. McDowell fears so much would probably be less prone to censorship in some ways.
It is interesting to note that while Mr. McDowell fears changing the fundamental fabric of the Internet through an international process, he would support SOPA/PIPA (which would fundamentally change the Internet by allowing the US government to arbitrarily shut down websites among other things) and oppose Net neutrality legislation (meant to maintain the current open internet from a tiered access model).
Chris Perry is a Senior Policy Analyst at the International Peace Institute