Virtual defense

ZHANG YUJUN/FOR CHINA DAILY

International security norms for cyberspace are a pressing need as it is becoming increasingly politicized

In the digital age, two factors--the technical logic and the geopolitical logic featuring competition between major countries--have become the driving force for the international governance of cyberspace. Under the technical logic, the purpose of formulating international rules in cyberspace is to solve security problems caused by technology, while under the geopolitical logic, the purpose is to enable the distribution of interests and the shaping of order among countries. The current process of formulating international rules in cyberspace has become more complex, in the face of both technical problems and geopolitical confrontations.

The dark side of cyberspace, if left uncontrolled, will bring great threats and risks to national and international security, and it is important for the international community to strengthen cooperation in response to such threats and risks.

The internet, in its early days, was seen by many as a booster for the global democratic process. However, now we see that the internet, like any other technology, can be used for both good and bad purposes. People are using the internet to commit cyber crimes, circulate hate speech and disinformation and promote militarization. The security risks posed by the internet are rising on a daily basis. In particular, the emergence of geopolitical confrontations in cyberspace has led to an uptick in the risk of militarization and an arms race in cyberspace.

Cyber attacks, despite the fact that they have not crossed the redlines stipulated in the UN Charter, have brought about potential spillover effects and escalated risks, such as wars, including proxy wars, as has been evidenced in the Russia-Ukraine conflict.

In addition, disputes centering on internet technology standards are also surging in the international community, such as those over the New IP, the 5G and 6G networks. Some countries have tried to use democracy as a slogan to establish internet alliances, which could further divide the internet.

In this regard, it is important for the international community to reach a tacit understanding on internet operations to ensure interconnection and protect it from the impact of geopolitical conflicts.

In the digital sector, some countries attempt to draw ideological boundaries, build digital barriers, promote digital decoupling and establish new political blocs, which will intensify geopolitical confrontation.

The last two years have seen the emergence of an increasing number of such political blocs, from an alliance of techno-democracies known as the T-12, to the EU-US Trade and Technology Council to the "Indo-Pacific Economic Framework for Prosperity" and the I2U2 Group, comprising Israel, India, the United States and the United Arab Emirates. Considerations based on geopolitical conflicts are overriding the logic of market efficiency, bringing instability to global value chains, industrial chains and supply chains, and running counter to the economy of scale--the inherent driving force for the digital economy.

Meanwhile, international cooperation has also been advanced. The international community has conducted dialogues and negotiations on issues such as digital trade rules, digital economic cooperation and digital taxes via various intergovernmental platforms such as the United Nations, the World Trade Organization, the Organization for Economic Cooperation and Development, the G20 and the Asia-Pacific Economic Cooperation. The high-level dialogues of Internet Governance Forum+ and World Summit on the Information Society+20 under the framework of the United Nations, and the Global Digital Compact, are committed to bridging the digital divide and achieving the 2030 Goals for Sustainable Development.

A few years ago, it was often said that the formulation of international rules in cyberspace had gone into uncharted waters, which meant that it was difficult to strike consensuses over the hardcore problems left behind after fixing the easier ones. This has been highlighted in the session of the UN Group of Governmental Experts. The UN GGE process has been going on for 18 years since it was first launched in 2004. Despite the important progress it made in 2015 on 11 voluntary non-binding norms, rules and principles for responsible national behaviors, it has not been able to come up with legally binding norms.

There are many reasons. First, a lack of security design, the anonymity, and the difficulty in origin tracing in cyberspace make it difficult to apply international laws to cyberspace. Second, it is important for countries, especially major countries, to reach consensuses before international norms can be established. However, due to the imbalance in strengths between major countries in their internet sectors and differences in their interests, there is a lack of common ground on which to agree on international norms. Third, the balancing of interests requires bridging the differences between countries and balancing the relationship between state and non-state actors, while countries are also faced with the issue of coordinating development and security.

Cyberspace is faced with a very severe security situation. It is in a state of cold peace even if there are no hot wars. There are two ways to respond to the above challenges: First, the international community must strengthen cooperation and jointly tackle common security threats in cyberspace and the digital sectors. Second, it is important for nations to strengthen communication and exchanges, enhance mutual trust in cooperation, and use the United Nations as the main channel to formulate the international rules to be followed through negotiation and consultation.

In the future, the formulation of international rules in cyberspace can start from the following three aspects: First, more attention should be paid to challenges faced by the international community, such as cyber crimes, systemic risks in cyberspace and corresponding measures to avoid, resolve or remedy such risks. Second, countries could start with informal negotiations and take a step-by-step approach. For instance, they could start by drawing the redlines, determining which behaviors are not allowed, and formulating a negative list that is reinforced by positive behavior commitments, to build up trust bit by bit. Third, there can be some innovations in cyberspace security negotiation methods. The traditional methods of arms control negotiations should be avoided, as it is difficult to impose limits on various countries on building up their military capabilities in cyberspace. Instead, countries should focus on reaching consensuses on the use of cyber capabilities, especially for the most aggressive behaviors that could lead to major emergencies or escalate conflicts.

The author is a research fellow and head of the national security division of the Institute of World Economics and Politics at the Chinese Academy of Social Sciences. The author contributed this article to China Watch, a think tank powered by China Daily. The views do not necessarily reflect those of China Daily.

Contact the editor at editor@chinawatch.cn