Internet Governance and National Security

Panayotis A. Yannakogeorgos

The debate over network protocols illustrates how standards can be politics by other means.

— Janet Abbate, Inventing the Internet (1999)

The organizing ethos of the Internet founders was that of a boundless space enabling everyone to connect with everything, everywhere. This governing principle did not reflect laws or national borders. Indeed, everyone was equal. A brave new world emerged where the meek are powerful enough to challenge the strong. Perhaps the best articulation of these sentiments is found in "A Declaration of Independence of Cyberspace." Addressing world governments and corporations online, John Perry Barlow proclaimed, "Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here." Romanticized anarchic visions of the Internet came to be synonymized with cyberspace writ large. The dynamics of stakeholders involved with the inputs and processes that govern this global telecommunications experiment were not taken into account by the utopian vision that came to frame the policy questions of the early twenty-first century. Juxtapose this view with that of some Internet stakeholders who view the project as a "rational regime of access and flow of information, acknowledging that the network is not some renewable natural resource but a man-made structure that exists only owing to decades of infrastructure building at great cost to great companies, entities that believe they ultimately are entitled to a say."

The sole purpose of cyberspace is to create effects in the real world, and the U.S. high-tech sector leads the world in innovating and developing hardware, software, and content services. American companies provide technologies that allow more and better digital information to flow across borders, thereby enhancing socioeconomic development worldwide. When markets and Internet connections are open, America's information technology (IT) companies shape the world and prosper. Leveraging the benefits of the Internet cannot occur, however, if confidence in networked digital information and communications technologies (ICTs) is lacking. In cyberspace, security is the cornerstone of the confidence that leads to openness and prosperity. While the most potent manifestation of cyberspace, the Internet, works seamlessly, the protocols and standards that allow computers to interoperate are what have permitted this technological wonder to catalyze innovation and prosperity globally. The power of the current Internet governance model strengthens the global power of the American example and facilitates democratization and development abroad by permitting the free flow of information to create economic growth and global innovation. Today, this Internet is at risk from infrastructure and protocol design, development, and standardization by corporate entities of nondemocratic states.

Cybersecurity discussions largely focus on the conflict created by headline-grabbing exploits of ad hoc hacker networks or nation-state-inspired corporate espionage. Malicious actors add to the conflict and are indeed exploiting vulnerabilities in information systems. But there is a different side of cyber conflict that presents a perhaps graver national security challenge: that is the "friendly" side of cyber conquest, as Martin Libicki once termed it. The friendly side of cyber conquest of the Internet entails dominance of the technical and public policy issues that govern how the Internet operates. Current U.S. cybersecurity strategies do not adequately address the increasing activity of authoritarian states and their corporations within the technical bodies responsible for developing the protocols and standards on which current and next-generation digital networks function. But the issues related to governance of critical Internet resources (CIRs) and their impact on U.S. national security are often overlooked. Foreign efforts to alter the technical management of the Internet and the design of technical standards may undermine U.S. national interests in the long term. This chapter discusses the U.S. national security policy context and presents the concept of friendly conquest and the multistakeholder format of Internet governance, which allows for the free flow of information. There are many global challenges to the status quo, including the rise of alternative computer networks in cyberspace, that beg for recommendations to address those challenges.

INTERNET GOVERNANCE AND U.S. NATIONAL CYBER STRATEGY

Internet governance can be defined as a wide field including infrastructure, standardization, legal, sociocultural, economic, and development issues. Within the context, this chapter focuses on the technical standards-setting bodies and protocols that do not elicit the same attention as more visible threats to national cybersecurity. In a human capital and resource-constrained environment, attention has focused on crime, espionage, and other forms of cyber conflict rather than on the issues related to governance of CIRs, development of technical standards, and design of new telecommunications equipment. In a domain that is already confusing to policy wonks, the complexity of Internet governance makes it even harder for policy makers to commit resources to a field that has no analogy in the physical world. In the nuclear age, there was no debate as to whether one could redesign the physical properties of uranium and apply them universally to eliminate the element's potential for weaponization. The underlying language of nuclear conflict was constrained by the laws of physics (e.g., nuclear fission, gravity). Physical limits in cyberspace exist as well by constraining information flows to the laws of physics — the wave-particle duality of radiation which, when modulated with bits, creates an information flow. However, the technical standards that permit information to flow across networks and appear within applications to create effects in the real world are bound only by the limits of human innovation and the politicized processes by which the standards are created and set. This affects the character of cyberspace. Its current form is free and open, but that does not...