Beyond Triple Invisibility: Do Submarine Data Cables Require Better Security?

Landing of Google's Dunant submarine cable on the French coast. At 6,600 km long, it is the most important transatlantic data cable. (Sipa via AP Images)

Submarine data cables are the core critical infrastructure of the digital age. 99 percent of the world’s digital communications transit through the global cable network: Zoom meetings, emails, hotel reservations, flight bookings, and financial transactions depend on it. All of this data does not travel through satellites or the air, but physical fiber-optic cables that lay on the ocean floor. With the current trend toward remote work, the increasing use of cloud storage and the arrival of 5G and the Internet of Things, industrial production, public services, and our everyday lives will become even more dependent on the smooth working of undersea cables.

The global submarine cable network needs to be governed and protected, but it also has risks and vulnerabilities, and indeed the potential to spur new forms of tensions and conflicts. To date, the network has mainly been viewed in narrow, technical terms, despite its importance for national and international security, geopolitics, and statebuilding and development.

Security Concerns

While protecting and controlling submarine communication infrastructure was a core part of security calculations during the two World Wars as well as the Cold War, in the post-Cold War environment uncontested US naval hegemony and the primacy of non-state threats moved such issues to the margins.

Renewed concerns center around the rise of hybrid warfare, the perceived hostility of Russia’s foreign policy, fears of a large-scale cyber-attack, and the growing technical sophistication of terrorist groups. Some experts have begun to consider the undersea cable network as a national security priority and have called for military responses to mitigate such threats, including increased naval patrols and surveillance activities.

The calls were largely triggered by observations of Russian submarine activities in territorial waters and in proximity to cable routes—which became public in 2015—raising concerns that the Russian navy may tap into cables for espionage and surveillance purposes, tamper with them, or even cut them as part of a hybrid warfare campaign.

Others suggest that undersea cables are inherently susceptible to attacks from non-state violent groups and terrorism since their location is usually public, cables tend to be highly concentrated geographically, and the level of technical expertise and resources required to damage them is limited.

So far, no intentional hostile disruptions to the submarine cable infrastructure have been reported publicly. The scenarios underpinning the threat discourse seem to be built not on prior incidents but on overall assessments of the geopolitical landscape. Arguably, this implies that the threat scenarios being discussed could be exaggerated and suggests a substantial risk of threat inflation and fearmongering.

The Geopolitics of Submarine Cables

Cable systems establish particular forms of transnational relations that often extend or transcend conventional bilateral or regional forms of cooperation. Some countries have a particularly important position in the international cable system, acting as connecting points between political regions.

Cables are, however, increasingly spurring geopolitical concerns. Contemporary geopolitical dynamics concerning the new fiber-optic cables are particularly revealing in at least two regards: the return of geopolitical inter-state contestation and the rise of transnational technology companies as geopolitical players.

Geopolitical competition primarily revolves around two centers of gravity—the United States and China—but pledges to digital sovereignty, technological sovereignty, cyber sovereignty, and data sovereignty are increasingly seen throughout the world.

One example of the geopolitical importance of the submarine cable network and its entanglement with digital sovereignty is the Clean Network Program, announced by the United States (US) in August 2020, which includes five lines of effort—in addition to 5G—to counter China’s influence on US telecommunication networks, mobile app stores, software apps, cloud computing, and undersea cables. The goal of the program is to safeguard sensitive citizen and private company information from intrusions by malign actors.

In Europe, the Portuguese government announced earlier this year that it intends to “focus on the strategic creation of a European Data Entry Platform based on submarine cables, in particular for links between Europe, Africa, and South America, to contribute to greater European digital autonomy, linking infrastructures and data.”

It is, however, not only Western countries that are occupied with the crucial geopolitical role of undersea cables. While discussions among BRICS countries (Brazil, Russia, India, China, and South Africa) of a shared undersea cable system appear to have been abandoned, major international players, including individual BRICS countries, either have or are planning to build their own submarine cable networks, to bypass what they perceive to be the US-dominated internet and associated surveillance risks demonstrated by the Snowden revelations. The expansion of the cable system is part of the Chinese “Digital Silk Road” strategy.

The rise of transnational Information, Communication, and Technology (ICT) companies is intrinsically entangled with the geopolitics of emerging and disruptive digital technologies and infrastructures, as well as the renewed great power rivalry. The entanglement is evident when thinking of the undersea cable network as an economic trade route carrying the most important commodity of the information age: data.

Until recently, highly specialized international telecommunications conglomerates laid and operated most of the undersea cables, but over the past decade, it is increasingly American tech giants or other state-owned companies that control this critical infrastructure. Internet content and cloud service providers, such as Facebook or Google, now own or lease more than half of the undersea bandwidth and they are behind about four-fifths of transatlantic cable investment planned in 2019-2020. The Chinese company Huawei has also heavily invested in undersea cable systems all over the world. Huawei Marine, its submarine cable subsidiary, deployed over 50,000 kilometers of submarine cable, including 12 submarine cable systems in Africa from 2008 to 2018, before being sold in 2019.

Such trends raise concerns over digital sovereignty, but also the practices of surveillance, algorithmic governance, and cyber security that shape and are shaped by global tech companies. It also raises the question of whether the cable network can be governed as a global common.

Small States and Fragile States

The cable issue goes beyond the industrialized nations that have hitherto been the center of attention. States require stable connectivity for future growth, but they are often dependent on a single, sometimes badly secured cable connection. Breakdowns can lead to major economic harms.

States that are particularly vulnerable are those that are reliant on one or two cables, are in remote locations, such as small island states, or are developing or recovering economically. In 2019, accidental damage to the single cable connecting the Pacific Island state of Tonga took two weeks to repair and caused considerable economic damage. The tourism sector—the country’s main source of income—was hit particularly hard, with all flight and hotel bookings halted.

Cable protection also concerns fragile states and those recovering from civil war. The importance of cable infrastructures for democratic transitions and participation of civil society should not be underestimated. There is hence a need to feature cable governance into statebuilding, interventions, and post-conflict reconstruction programs. Whether and how violent conflict and terrorism can directly threaten the system—intentionally or not—is also of concern.

Whether it concerns small island states or post-conflict states, efforts to secure submarine cable connections should be included in development, peacebuilding, and capacity-building projects.

Protecting The Undersea Cable Network

While many of the threat scenarios of deliberate attacks to cables are over-exaggerated, there is a need to zoom in on the actual vulnerabilities the network faces, mainly accidental damage and non-human hazards. Accidents or malfunctions stemming from marine activities such as fishing and shipping account for at least 40 percent of the damage done to the undersea cable infrastructure. Earthquakes, volcanic eruptions, tsunamis, landslides, and sharks feature among the non-human threats. Much of the protection of the cables will continue to revolve around mundane technical tasks.

Other vulnerabilities are linked to weak governance, lack of law enforcement, and the absence of effective regulatory policies. Under the United Nations Convention on the Law of the Sea (UNCLOS)—the primary legal regime governing submarine cables—states are asked to establish national legislation concerning the functioning and protection of the system, including criminalizing the destruction of theft of a submarine cable. Yet most states have not fulfilled these obligations, and in many countries, it is unclear which government agencies are in charge. There is an urgent need for countries to review their protection regimes and strengthen the implementation of existing legal obligations.

Submarine cables must also be considered in broader maritime management and marine spatial planning processes. States could, for instance, establish cable protection zones over submarine cables of national significance in order to prohibit or restrict activities in zones where damage is likely to occur. While such approaches are viable within territorial waters and Exclusive Economic Zones of a coastal state, the majority of cables are in the high seas, and rights and responsibilities under international law—both of states and ICTs—are ambiguous at best. There is even no agreed-upon definition of cables under international law. Other challenges arise in situations where maritime boundaries have not been delineated or are subject to ongoing contestation and disputes. No international governing body is in charge of overseeing and protecting cables or addressing disputes.

Legal analysts suggest that an ideal solution would be the development of an international treaty specifically on the protection of undersea cables, for which there appears to be little appetite. Other suggestions for enhancing the regulatory regime span using the structure of the UN counterterrorism conventions over proposals for the creation of national cable protection zones, to the deployment of an international agency rooted in the UN system with legal and policy responsibility for submarine cables, which could lead the development of additional law. The negotiation of the new treaty for the high seas under the header of Biodiversity beyond National Jurisdictions could also potentially provide new opportunities for cable protection in international waters.

Overcoming The Triple Invisibility Problem

Physically, submarine cables lay underground, and they are out at sea, rendering them largely invisible. There is a tendency to pay little attention to what happens at sea more generally—a phenomenon that has been described as sea blindness.

Like other types of infrastructure, they often go unnoticed until they fail. It is when streets close, shipping routes are blocked, or the electric power grid fails that we recognize our dependency on them.

Given that data is the defining resource of the twenty-first century, protecting submarine cables is far too essential a domain of international politics to remain a technical addendum to security studies. It concerns how our digital futures will be governed, and how a global free, open, and secure circulation of data can be ensured.

A debate is required on how cables should be governed at the global level, how the different actors can be orchestrated, the industry is regulated, responsibilities and rights are clarified, and which global governance and United Nations bodies are in charge.

Christian Bueger is a professor of international relations at the University of Copenhagen, and one of the directors of SafeSeas. He tweets at @c_bueger. Tobias Liebetrau is a postdoctoral researcher at Science Po, Paris. He tweets at @TobiasLiebetrau. Read their full 2021 Routledge article on this topic here.