The Geopolitics of Cyberspace in Asia workshop was held at the French Geographical Society on Thursday, 7 July 2016. The event was organised by the Castex Cyber Strategy Chair, in partnership with the EastWest Institute, the French Institute of Geopolitics (IFG) and Asia Centre, and sponsored by the FIC 2017. It was an opportunity to revisit the very specific views of China and Russia on cyberspace sovereignty and to observe that while these countries were initially put at risk by the development of the Internet, an inverse dynamic now seems to be emerging.

Cyberspace is commonly understood to lack borders, but the actual state of affairs is more nuanced. Indeed, the transnational nature of flows and services tends to obscure a certain reality in which cyberspace does not lie beyond the reach of State control. For Bertrand de La Chapelle[1], the conflict moreover results from the fact that there is a significant number of competing claims to sovereignty over cyberspace, which are mainly Russian and Chinese.

Chinese Claims to Sovereignty

For Kavé Salamatian, China is the epitome of a State seeking to project borders in cyberspace. He emphasises that, from the beginning, the notion of the Internet in China has made a distinction between two spaces: « inner » and « outer. » This distinction justifies controlling information flows in a so-called « inner » cyberspace and responding to a (subjective) censorship mandate. The « Great Firewall of China » thus restricts the country’s interactions with the world wide web to four entry points. Cai Cuihong[2] stresses that China conceives of sovereignty, even digital sovereignty, according to traditional logic, by making a distinction between outer spaces (beyond the Great Firewall) and intra-state spaces (within the Great Firewall). Its presence in these « outer » spaces reflects its desire to be integrated into cyberspace just like other States. The boundaries between these spaces take two forms: infrastructure and the « Great Firewall. » According to this vision, each State independently manages its own defence and its own web, yet shares its infrastructure.

The term « sovereignty » in China was introduced in response to a weakening of the country’s means of control when restrictions on personal behaviour started to loosen and the Internet started to facilitate exchanges of opinions and points of view. However, the Internet has also allowed China to expand its sovereignty, as in defence and e-commerce, since it enables China to act beyond national borders to reach the Chinese diaspora.

Russian Claims to Sovereignty

According to Kevin Limonier, Russia uses cyberspace as a theatre in which its political leaders wage an ideological struggle against the West. This is a struggle in the name of two principles: the view according to which sovereignty continues to reign supreme in the international order; and the view according to which there is no « cyberspace as an incomparable exclusive object that requires its own rules of governance, »[3] that is, the notion of autonomous cyberspace. This concept is in conflict with the concept of an « information space, » preferred by Russian doctrine, wherein the Internet is understood as a medium on which the State ordinarily has a right to regulation[4] and cyberspace is merely a digital extension of States. Russia considers information to be a weapon that allows it to conduct disinformation and anti-Western propaganda campaigns, as in the recent cases of Brexit and the immigration crisis in Europe, and thus strengthen its influence strategy. The information is more important than the attack. Russian claims to sovereignty are also expressed in the attempt to « regionalise » a segment of cyberspace on the basis of a community with a common language and shared practices and values. Thus the Runet, the Russian-language Internet, remains a difficult market for Western companies to penetrate.

Cyberspace may then also be the place where regional powers exercise sovereignty. Yet, despite these representations of a cyberspace divided into multiple sovereign entities, the fact remains that flows and services circulate beyond Westphalian borders. As Bertrand de La Chapelle points out, national borders are indeed nothing more than representations created to simplify human organisation. Thus it is necessary — without eradicating all notions of sovereignty — to be aware of the limitations of the Westphalian model in an environment such as cyberspace in order to solve the problem of the heterogeneity of the standards that characterise it. A new institution responsible for debating and establishing standards, rules and policies specific to cyberspace and capable of engaging with all sovereign jurisdictions is therefore a necessity.

In the absence of such an entity, the cooperation in cybersecurity in Asia that is emerging within the Association of Southeast Asian Nations (ASEAN), an entity that remains at the heart of all attempts to organise a regional security architecture, still faces many obstacles.

First, national priorities and strategies are not in alignment. Countries such as China and Japan has developed the concept of cyber warfare, while others such as Malaysia and the Philippines believe that they do not have to get involved in these debates supposedly reserved for major States. Next, as shown by Miguel Alberto Gomez[5], political rivalries, particularly around claims to territorial waters in the South China Sea, persist despite economic interdependence. Thus the absence of political will is the main obstacle to cooperation in cybersecurity. This explains why defence spending, while substantial in the region, is mainly intended to feed a genuine cyber arms race rather than to support cooperation initiatives, observes Caitríona Heinl. [6]

While there are forms of cooperation in Asia, they are strictly economic and technical. According to Kavé Salamatian,[7] they mainly concern the development of the connectivity and infrastructure necessary to roll out the Internet.

The absence of political cooperation also translates to the absence of a regulatory framework facilitating or promoting the establishment of foreign companies, the major States in the region being wary of large foreign multinationals. Thus the problem is above all a problem of trust and, as Angela McKay[8] emphasises, a question of a balance between economic security and national security.

For example, Chine attaches great importance to encryption. However, domestic production cannot fully meet demand. Despite this, the Chinese market is not favourable towards foreign technologies. Foreign companies in this industry wishing to establish themselves in this market must therefore implement processes of transparency that reassure governments, and push governments to do the same. Thus for Angela McKay, the industry must take part in developing standards that will allow a more stable environment to be established. Cybernetic cooperation in Asia will thus come from cooperation between the private and public sectors.

 

 

 

 

 

 

 

 

 

 

 

[1] Bertrand de La Chapelle is the director and a co-founder of the Internet & Jurisdiction Project. He was a director on the ICANN board from 2010 to 2013. An engineer, diplomat and player in civil society, he also has nine years of experience in the private sector, as a co-founder and the president of Virtools, now a subsidiary of Dassault Systèmes.

[2] Cai Cuihong is an associate professor of international relations from the Center for American Studies at Fudan University. She has also worked for the Foreign Affairs Office at Fudan University.

[3] Limonier, Kevin. « La Russie dans le cyberespace : représentations et enjeux » (Russia in Cyberspace: Representations and Stakes), Hérodote 1/2014 (no. 152-153), pp. 140-160.

[4] Ibid.

[5] Miguel Alberto Gomez is a senior researcher at the French Security Studies Center and has worked in the security and information industry for eight years. His research concerns the strategic use of cyberspace as an instrument of national power as well as the emergence of standards related to this field.

[6] Caitríona Heinl is an associate researcher responsible for cyber analyses at the Centre of Excellence for National Security at the S. Rajaratnam School of International Studies (RSIS) in Singapore.

[7] Kavé Salamatian is a professor of computer science at the Université de Savoie. His main fields of research are Internet measurement and modelling and networking information theory. He has been a visiting professor at the Chinese Academy of Sciences for five years.

[8] Angela McKay is the director of the Government Security Policy and Strategy team within Trustworthy Computing at Microsoft. She serves on the Board of Councilors of the EastWest Institute. Before joining Microsoft in 2008, she worked at Booz Allen Hamilton on cybersecurity policy and communications resiliency, and at BellSouth Telecommunications as an engineer.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.