In its earliest days, the internet was like a small village of known users whose designers did not pay much attention to security because there was a climate of trust. All that changed with the burgeoning growth of the World Wide Web in the late 1990s. While the openness and accessibility of cyberspace as a medium of communication provides valuable benefits to all, malicious behavior in the form of crime, attacks and threats creates insecurity. Every day, new viruses and malware are discovered. The result is a demand for protection that can lead to fragmentation; yet, most states do not want fragmentation into a “splinter-net” that would curtail economic benefits.
Providing security is a classic function of government and some observers believe that growing insecurity will lead to an increased role for governments in cyberspace. Many states desire to extend their sovereignty in cyberspace and seek technological means to do so. Governments want to protect the internet so that their societies can continue to benefit. At the same time, however, they want to protect their societies from what comes through the internet. China, for example, has developed its own companies behind filters that are called “the great firewall of China.” Nonetheless, China — and other governments — still seek the economic benefits of connectivity. The tension leads to imperfect compromises. Agreement on norms to govern security on the internet is complicated by the fact that while democratic countries speak of “cyber security,” authoritarian countries like Russia and China refer to “information security,” which would allow censorship of content that would be protected in countries like Japan or the United States.
These differences were dramatized at a December 2012 conference convened by the International Telecommunications Union in Dubai. The underlying issue was the extent to which the ITU would play a role in governance of the internet. Authoritarian countries and many developing countries feel that their approach to security and development would benefit from United Nations bloc politics. Moreover, they disliked the fact that internet addresses — the “phone book of the internet” — was overseen by a nonprofit corporation accountable to the U.S. Commerce Department.
Democratic governments, including Japan and the United States, feared that the cumbersome features of the ITU would undercut the flexibility of what is called the “multi-stakeholder” process that stresses the role of the private and nonprofit sectors as well as governments. The vote in Dubai, while nonbinding, was nearly two-to-one against the Western governments. In the aftermath of the Dubai conference, there were many articles about the crisis in internet governance. Subsequently, revelations that the American government had used the internet for surveillance of their communications angered leaders like Germany’s Angela Merkel and Brazil’s Dilma Rousseff. This month, Rousseff is holding a major conference on internet governance in Brazil. Many more conferences are likely to follow before agreement is reached on some rules of the road to govern the internet.
Joseph S. Nye Jr. is a professor at Harvard and author of “The Future of Power.”