By Wolfgang KleinwächterProfessor Emeritus at the University of Aarhus
In 2020, the pandemic accelerated digitalization around the globe. Homeoffice, Online Shopping, Zoom Conferences became part of the daily life for billions of people. But if somebody would have expected that the Covid-19-Desaster is a wake-up call for the world to be more united, work hand in hand, and pool resources reducing risks of a borderless threat, this “somebody” was wrong. 2020 was dominated by “My country first.” The global cyberspace was filled with building new barriers, widening old gaps, growing mistrust, nasty cyberattacks, more cybercrime and the first Internet-based drone-war in the Caucasian mountains. What about 2021? Will the pendulum swing back? Or will the digital cacophony continue to grow in a splintering Internet?
National Approaches: The European Union
The EU is undoubtedly a supporter of a non-fragmented Internet. However, for years Europe has not felt comfortable being sandwiched between the two cyber superpowers, the USA and China. On the eve of 2021, Brussels is now on its way to give the global Internet a more European flavor. Ursula von der Leyen, the EU Commission president, wants to make the next ten years a “Europe’s Digital Decade.” In her “State of the Union Address” in September 2020, she said: “We need a common plan for digital Europe with clearly defined goals for 2030, such as connectivity, skills and digital public services. And we need to follow clear principles: the right to privacy and connectivity, freedom of speech, free flow of data, and cybersecurity. But Europe must now lead the way on digital — or it will have to follow the way of others, who are setting these standards for us. This is why we must move fast.” This is an ambitious plan, but von der Leyen and her chief of the “digital cabinet,” Margarete Vestager, are very serious about what they have called the “New Green and Digital Deal.”
Based on the positive experiences with the General Data Protection Regulation (GDPR), the EU presented in December 2020 drafts for a “Digital Service Act” (DAS) and a “Digital Market Act” (DMA) as well as a “Cybersecurity Strategy for the Digital Decade.” Combined with “White Papers” on AI and Data Management, this comprehensive digital package sends a clear message to the rest of the world: In cyberspace, Europe wants to be a “Norm-Maker,” not a “Norm-Taker.” The ambition goes from cybersecurity to platform regulation, from AI to IoT, from digital trade to digital taxation.
Making the 2020s a “European Digital Decade” is a big plan, and it remains to be seen how much material substance is behind the conceptual plans. The GAIA-X cloud project is an interesting start. But more has to come. Anyhow, the new coherence of a long-term European digital strategy signals a new European digital self-confidence. And the new “female tandem” at the top of EU’s digital policymaking understands obviously much better than all its forerunners the complexity of the challenges in an interconnected world. They know that in the age of cyber interdependence, one needs next to a strong “digital home” a fine-tuned and flexible double strategy for the international theater: A strong new transatlantic partnership with the US — based on common values — and a good relationship with China — based on common interests as well as an engagement in multilateral and multistakeholder organizations and a constructive outreach to the “rest of the world,” as the new EU-partnership with the African Union is signaling. According to von der Leyen, the European Union is “ready to compromise,” but not compromising on fundamental principles as democracy, the rule of law, and human rights.
Brussels sees itself at the eve of a new beginning if it comes to “digital”: As the EU president has said: “We cannot turn the clock back. And we cannot go back to the exact same agenda we had five years ago. We should not fall into that trap. We need a fresh approach. Because the world has changed, and so has the United States, and so has Europe.” And this is true also for China. “The EU-China relations are of real strategic importance to both sides and to the world. But this relationship is also one of our most challenging. You have heard me say many times, China is a negotiating partner, an economic competitor and a systemic rival. All at once.”
National Approaches: United States
Europe’s position is rather clear. It is now up to the Biden-Administration to re-frame US- cyber policy for the 2020s. The implementation of the recommendations of the “Cyberspace Solarium Commission” will probably be the easier part. This is primarily a domestic issue. There will be a new “Cyber-Czar” in the White House. There will be better coordination among various governmental institutions and enhanced cooperation with non-state actors. There will be better and bigger budgets for digital projects. But foreign cyber diplomacy could become more complicated.
One key question is how Biden will handle the digital trade war with China. Trump and Pompeo did fuel this war in 2020 with more aggressive attacks against Huawei, TikTok, We Chat, and recently against Alipay. Is it the right strategy to beat the horse, if you mean the horseman? And how to handle the “horseman”? Will Biden continue to collect signatures from countries like Kosovo, Slovenia, Bulgaria and others for bilateral MoUs to support the “Clean Network Initiative” (CNI) to form an “Anti-China Coalition,” as Pompeo did? What about Pompeo’s plan for another Prague-5G-Conference to counter Huawei? And how “global” such a coalition could become?
But cyber diplomacy in the 2020s is more than the US vs. China. The global agenda for digital cooperation is a long one, and in many cases, the positioning of the new US-Administration will have a key impact on the possible outcome. How will Biden manage the digital trade negotiations in the WTO? The eCommerce-Moratorium terminates in summer 2021. Will Biden come back to the OECD negotiation table to find common ground for the establishment of a new global digital tax regime? If there is no agreement until mid-June 2021, the EU will start to introduce a “European Digital Tax.” How will Washington participate in designing new regulatory and normative frameworks for cybersecurity (in the OEWG) and artificial intelligence (in UNESCO)? Will the US support the “Roadmap on Digital Cooperation” proposed by UN Secretary-General Antonio Guterres? Any plans for a return to a constructive US engagement in other UN institutions? Or will Washington consider the formation of new alternative digital alliances of “Like-Minded Countries” (as a “T12”) outside of existing multilateral and multistakeholder mechanisms as the better way forward?
National Approaches: China
By rebuilding a fair transatlantic digital partnership between the United States and the European Union, China will be the elephant in the room. China did counter Pompeos Prague’s speech with its own “Global Data Security Initiative” (GDSI). Foreign Minister Wang Yi presented China as a savior of multilateralism in global digital policymaking and used a lot of language from documents published by the EU.
But the problem with Wang’s GDSI is not the proposed language. There are indeed several good points in the proposal. The problem is what is not included in Wang’s “8-Points-Plan”. There are no paragraphs for human rights and freedom of expression, and there is only little room für multistakeholder policy development. Even the much broader “20-Points-Plan” — published end of November 2020 by the “Organizing Committee” of the so-called “World Internet Conference” (WIC) in Wuzhen — does not include references to issues that are critical essentials for the EU and the US.
The new Wuzhen-Plan has a great title: “Jointly Building a Community with a Shared Future in Cyberspace.” Its ambition is obviously to offer something for the whole world. It looks like another “NetMundial.” Insofar it makes sense to compare the “Sao Paulo NetMundial Declaration” (2014) — probably the most comprehensive policy document on global Internet Governance since the Tunis Agenda from 2005 — with the new Wuzhen-Plan. The “NetMundial Statement” starts with “Human Rights and Shared Values.” The most important Internet governance principles are “Multistakeholder, Transparency and Bottom-Up Policy Development.” Such language is missing in the 20-Points-Plan. How to design a “shared future in cyberspace” without “shared values”? How “building a community” if non-state actors are sidelined? The Wuzhen paper supports the IGF, UN and ITU. But there is no support for the Paris Call on Trust and Security in Cyberspace, the Tech Accord, the Charter of Trust or the Contract for the Web.
The Wuzhen plan looks like a proposal to build another coalition of “Like-Minded Countries,” a coalition with governmental partners from BRICS, the Shanghai Cooperation Organisation (SCO), and others, which have their “own mind” based on more autocratic values. Is this the start of “another new beginning,” a beginning from a different corner? Is there a space for compromise between the two different value systems? Is this a long term plan which looks “beyond 2030”?
National Approaches: Russia
BRICS and SCO were chaired in 2020 by Russia. Russia has its own ideas and priorities in cyberspace. Ten years ago, when the then Russian president Dmitri Medwedjew supported the multistakeholder principle for Internet Governance by signing the “G8-Deauville-Declaration”, Russia planned to make Skolkowo a technical incubator and a global player like Silicon Valley or Shenzhen. It did not work as expected. Nevertheless, Russia is a world leader in many cybersecurity areas.
Cybersecurity is a playing field where both China and Russia have common interests and shared values. In 2015, the two countries signed a bilateral cybersecurity treaty. Russia is open to investments by Chinese Internet giants such as AliBaba and Huawei. But Russia and China are also different. There is a hidden traditional cultural conflict about “natural leadership” in Sino-Russian relations. Artificial intelligence is one sphere where “my country first” will play a crucial role, also between Moscow and Bejing. Already in 2017, the Russian president Vladimir Putin said: “Whoever becomes the leader in this sphere will become the ruler of the world.” And Putin does not doubt that Russians are “born to lead.”
But Russian 2020 leadership in BRICS and SCO did not produce any concrete outcome for digital policymaking. The two summits, scheduled for July 2020 in St. Petersburg, were postponed and took place virtually in November 2020. The language of the final documents did not go beyond previous declarations. It included many nice words but little hard facts. Even the plan to move forward with a plurilateral cybersecurity treaty — to counter the Budapest Cybercrime Convention from 2001 — didn’t make any progress. After all, Russia successfully put such a project on the agenda of the 3rd Committee on the UN General Assembly.
National Approaches: India
In 2021, the BRICS leadership goes to India. And India is not without national ambitions. In 2020, India redefined its priorities in international cyber diplomacy. A new department in the foreign ministry (New Emerging and Strategic Technologies/NEST) coordinates now national policies and India’s positions in international negotiations: From digital trade and human rights to the OEWG and the GGE-LAWS (Lethal Autonomous Weapon Systems).
India wants to play a greater role internationally. It knows that its strengths are next to a very skilled digital labor force, the large domestic market, a size similar to China with 1.3 billion people. It is understandable that India plays the “local card” and supports the idea of “digital sovereignty” in cyberspace. Laws on data localization, content curation, protection of domestic IT-industries, and the development of offensive cyber capabilities go hand in hand with restrictions against foreing players, from US-platforms such as Facebook and Google to China’s TikTok and We Chat.
However, India is still searching for a future-oriented sustainable digital concept between “gated globalization,” a new “digital social contract,” and “libertarian paternalism.” There are also voices in India which remember 1955, when then Prime Minister Nehru became one of the global leaders of a “Non-Aligned Movement” (NAM), which — in the cold war years — positioned itself between the USA and the Soviet Union. Is there room for a “digital non-aligned movement” (dNAM) in cyberspace, with equidistance to the two “like-minded coalitions,” the more autocratic one (China and Russia) and the more democratic alliance (US and EU)? And would such a digital NAM ne attractive for “swing states” in South-East Asia, Africa, Latin America, or for new emerging mid cyber power such as Saudi Arabia, United Arab Emirates, Israel, Taiwan, Singapore and others?
National Approaches: The African Union
Africa, which for many years has been a continent sleeping on cyberspace, has got its own digital wake up call. In May 2020, the African Union (AU) adopted a “Digital Transformation Strategy for Africa (2020 –2030)”. Within the next ten years, a “Digital Single Market in Africa” should be built “where free movement of persons, services and capital is ensured, and individuals and businesses can seamlessly access and engage in online activities.” The plan includes the harmonization of “policies, legislations and regulations” and is aimed to “establish and improve digital networks and services with a view to strengthening intra-Africa trade, intra-investment, and capital flows and the socio-economic integration of the continent while maintaining a relational balance with other continents in the context of networked economies.”
In other words: the African Union knows that its nearly 1.5 Billion people constitute an attractive market, and its young population becomes a strategic asset if digital education is widely promoted from Capetown to Cairo, from Accra to Maputo. It was no surprise that the first visit of the new EU-president was Addis Ababa, the AU-Headquarter, to build a EU-AU Digital Partnership. The new “AU-EU-Digital4Development (D4D) Hub”, which started in December 2020, will serve as a key strategic tool to advance multistakeholder dialogue, joint partnerships, and investments in the African digital economy. The Hub’s activities are demand-driven and specifically targeted to bridge the digital divide and leverage digital innovations for inclusive and sustainable development.
But Europe is not the only partner for a “Digital Africa.” For years, China and the US have offered a variety of programms to become involved in Africa’s digital transformation and to save future market shares. Will the African cyberspace become a geopolitical battlefield?
Digital cards on the cybertable will be reshuffled
One thing is for sure: 2021 will probably see little global consensus. The digital cacophony will become louder. Driven by local needs, governments tend to prioritize the development of national policies. Although all sides recognize that national solutions need a functioning global information infrastructure in an interconnected world, the appetite to intensify mutual beneficial global cooperation, compromise, and find consensus is very low.
On the other hand, there is a more or less a silent agreement that the protection of the public core of the Internet — that is, the functioning of the global mechanisms for the management of root servers, domain names and IP addresses — is in the interest of all sides. It seems that some Internet Governance battles of the past are over. ICANN is not anymore in the line of geo-political fire. Its technical service is needed by everybody.
What ICANN is doing is called now by ICANNs CEO & President Göran Marby “Technical Internet Governance” (TIG). ICANN is afraid to get pulled into a new round of political arm-twisting. Marby’s more neutral “TIG language” goes back to the Internet Governance definition and the consensus of the WSIS Tunis Agenda from 2005, which differentiated between the “development” and the “use” of the Internet. The political Internet Governance problems, which emerged in the last 15 years, are more related to the “use” of the Internet, less to its “development.” And the pandemic has shown that regardless of the different national Corona approaches, the seamless and silent functioning of the Internet was a great gift for everybody to reduce the damage that came with Covid-19.
Insofar, we can see an interesting contradiction: On the lower layer — the “development” or “TIG”-Layer — the Internet remains unfragmented. On the upper layer — the “use” or “IG”-Layer — a special variant of Internet fragmentation, now labeled as “Internet Bifurcation,” is growing. Nevertheless, there are interlinkages between the two layers. Technical issues do have political implications and political problems have a technical component. It will be interesting to watch how the interplay between technology and policy will evolve in the years to come. In any case, 2021 will be a year where the digital cards on the cybertable will be reshuffled.
The Multilateral Agenda
Two decades ago, the UN World Summit on the Information Society (WSIS) was the only intergovernmental mechanism dealing with Internet-related public political issues. In the 2020s, we do have more than a dozen intergovernmental negotiation mechanisms inside and outside the UN system. Cyber and digital are now everywhere, even in the G20 (in 2021 under the leadership of Italy) and the G7 (in 2021 under the United Kingdom’s leadership). The role of the United Nations has changed. There are no plans anymore that the UN “will overtake” the Internet. UN Secretary-General Antonio Guterres has offered the UN a platform for multistakeholder dialogue to find workable solutions for a broad range of global issues. The “UN Roadmap on Digital Cooperation,” published in June 2020, is an offer to guide the global community through the stormy cyber waters of the 2020s.
The issues related to digital and cyber are very complex. They have been politicized and ideologized in recent years. Nevertheless, governments talk to each other. Yes, there are gaps in the system. Yes, negotiations are taking place in silos. And yes, progress is slow. But what is the alternative? The UN Roadmap offers an opportunity to counter centrifugal processes and to promote a “holistic approach” by keeping the Internet a decentralized network of networks, connecting everybody, everything anywhere, and open for all stakeholders.
What are the key negotiation platforms and issues at stake for 2021?
Basket 1: Cybersecurity
The UN’s two main intergovernmental bodies are the Open-Ended Working Group (OEWG) and the Group of Governmental Experts (GGE). Both groups are operating under the 1st Committee of the UN-General Assembly and have a similar mandate: To develop norms for state behavior in cyberspace and to enhance confidence-building among governments and stakeholders. The timetable for both groups became a victim of the pandemic. Meetings were postponed or moved into the virtual space. The final reports are expected in the summer of 2021 (OEWG) and fall 2021 (GGE). In the meantime, the mandate of the OEWG was extended until 2025. Will the OEWG become a permanent negotiation mechanism on cybersecurity? And if yes, will the shaping of paragraph 4 of the new UN OEWG Resolution — which includes a non-specified invitation for consultations with non-state actors — become the starting point for a multistakeholder layer in UN-based cybersecurity negotiations?
The other negotiation mechanism operates under the Convention on Certain Conventional Weapons (CCW) and is dealing with lethal autonomous weapons systems (LAWS). The negotiations started in 2013. Progress so far is limited. Two years ago, the participating states could agree on a set of so-called “guiding principles.” But there is a fundamental disagreement on what the final outcome could be: A legally binding treaty, which would ban LAWS (as the ban for landmines or chemical weapons)? A moratorium? Non-binding recommendations? The recent use of armed drones in the Caucasian Fall-War was a serious reminder, how military conflicts could be played out in the future if there are no globally accepted rules. Killer robots are already waiting on the horizon. The digital arms race is in full swing. Will 2021 see the start of serious negotiations on digital disarmament?
Basket 2: Digital Economy
There are three big issues on the table: Digital trade, digital taxation and sustainable development.
In 1998 the World Trade Organisation (WTO) agreed on a so-called “eCommerce Moratorium,” which allowed a free flow of data across borders. The moratorium helped to make internationally traded digital services an engine of economic growth. Today, digital trade is a key element of the global economy. For years there is a debate in the WTO to transit the moratorium into a legal instrument. On the other hand, some governments want to terminate the moratorium to get a free hand for digital services duties to bolster national budgets. In 2019, Japan — as Chair of the G20 — proposed a “Data Free Flow with Trust” (DFFT) initiative. The DFFT should have been discussed at the WTO Ministerial Conference in Summer 2020. But Corona changed the timetable and the conference is now scheduled for Summer 2021.
A similar motivation — to get new income sources — is behind the controversy around digital taxation. In recent years, some countries did introduce national digital taxes and risked tax wars, mainly with the US. Already in 2015, the OECD started negotiations on a new global tax regime where taxes are not collected where a corporation is headquartered, but where it does business. The G20/OECD BEPS Group, which includes 137 countries, now finalizes its proposal with a so-called “Two Pillar Approach.” Pillar One would establish new rules on where tax should be paid, that is, to ensure that digital intensive multinational enterprises (as Amazon and Facebook or Alibaba and Tencent) pay taxes where they conduct sustained and significant business. Pillar Two introduces a minimum tax to avoid the search for “tax heavens.” The US under Trump did leave the negotiations in June 2020. The EU made clear that if there is no global agreement until mid-2021, they will introduce a “European Digital Tax.” A warning came from OECD General Secretary Angel Gurria: “Failure would risk tax wars turning into trade wars at a time when the global economy is already suffering enormously.” At stake are around $200 billion in taxes annually — a big challenge.
Next to digital trade and digital tax, the digital economy will need more digital development in the global South. The UN Sustainable Development Goals (SDGs) are aimed at 2030. The UN has declared the 2020s as a “Decade of Action.” The UN Roadmap on Digital Cooperation includes chapters on how to bridge the digital divide and bring the benefits of the digital economy to underserved regions.
Basket 3: Human Rightds
Cybersecurity and the digital economy have a human rights component. Stronger cybersecurity could lead to less freedom of expression and reduce privacy. Regulating the digital economy has consequences for social and cultural rights.
The UN Human Rights Council had already appointed years ago two “Special Rapporteurs” for “freedom of expression” and “privacy in the digital age.” The annual reports have listed all the new challenges for human rights which will come with further digitalization of the daily life: Content curation to manage fake news and hate speech, facial recognition to fight cybercrime, algorithms to introduce new digital services. The declaration to work towards a “human-centered information society,” as WSIS did in 2005, is one thing. The reality is that individual human rights and freedoms are stress-tested in the new digital age as never before.
Ideas to enhance the mechanisms to protect human rights and to draft additional protocols to the 1966 Human Rights Conventions are on the table. However, governments have shown little political will to move forward. Disagreement and mistrust are growing as well as censorship and mass surveillance. There is no progress concerning the Global Commission’s recommendations on the Future of Work of the International Labour Organisation to offer clear perspectives for “decent work” in the digital age. And the voice of civil society organizations in those intergovernmental debates are widely ignored.
Basket 4: Technology
Technology looks neutral, but it isn’t. “Code is Law,” wrote Larry Lessig in 1998, but the code is made by man/woman. It includes bias, priorities, positions. This is, in particular, true if it comes to algorithms and artificial intelligence (AI). AI is now the subject of a number of intergovernmental negotiations; UNESCO has made progress with a legal instrument to define AI’s ethical dimension. The plan is that the forthcoming 41st UNESCO General Conference, scheduled for November 2021, will adopt a recommendation.
AI-related issues are on the agenda of numerous intergovernmental bodies: WIPO discusses AI and intellectual property, OSCE deals with AI and Freedom of Expression, ILO with AI and the future of work, ITU with AI for All. And the Council of Europe is working on a feasibility study to find out how AI can be generally regulated.
In 2019, the OECD adopted a first framework that included a handful of principles as general guidelines for developing and using a human-centered AI. This was supported later by the leaders of G20 and has lead to the formation of a new Global Partnership on Artificial Intelligence (GPAI). A lot of good plans. Will 2021 see the first results?
There is another area of conflict where the clock is ticking: The development of standards for Internet-based services and applications. Some experts expect a “standardization war,” which could bring the ITU back into the spotlight of political battles. The ITU World Telecommunication Standardisation Assembly (WTSA) was moved from November 2020 into spring 2021. Technical standards for smart cities, the Internet of things, surveillance, facial recognition and others include much political dynamite. There is a discussion in one of the ITU’s Focus Groups on a new Internet Protocol (New IP), which can remove the existing TCP/IP protocol and build a new re-centralized Internet. And around the corner, 6G is waiting.
The Multistakeholder Agenda
Naturally, the unavoidable politicization of Internet-based issues has pushed governments into a leading position. However, it is also clear that governments will be unable to find sustainable solutions without the involvement of stakeholders from business, civil society, the academic and technical community. The multistakeholder approach, introduced by the WSIS in 2005, is and remains the “golden path” for progress in managing digital and cyber issues globally.
The UN Roadmap on Digital Cooperation is based on this approach. And its proposal, to reform the Internet Governance Forum (IGF) until 2025 to build an IGF+ by bridging the gap between discussion and decision making, inter alia by the formation of a new multistakeholder high level body (MHLB) and the introdcution of an intergovernmental and parliamentarian track, are good initiatives to strengthen the multistakeholder model and to pave the way for more concrete outcome and tangible results.
There are numerous multistakeholder plans and projects which have proved the constructive contributions of non-state actors to global Internet policymaking. Paris Call, Contract for the Web, Charter of Trust, Tech Accord, Global Commission on Stability in Cyberspace, Internet & Jurisdiction, RightsCon, WebSummit, Freedom Online Coalition, Digital Peace Institute, the Global Forum on Cyberexpertise, the Schools of Internet Governance, the national and regional IGFs. The list is endless, and with a grown self-confidence of non-state actors in the digital sphere, more will come in 2021.
It will also be interesting to see how the private sector will position itself in a changing political and regulatory environment. One thing is for sure: The large digital platforms will become the subject of stronger regulation. If there are conflicts between the general public interests and private profit interests, it needs a stronger involvement of parliaments to discuss and find balanced solutions. To delegate responsibilities for managing hate speech and fake news to private companies is not a sustainable solution. It is good that Facebook has started to establish what they call an independent mechanism for content curation. But in a democracy based on the division of powers, a private company can never be a neutral third party and substitute an independent court. Another open and critical issue where private and public interests could collide is the future of digital currencies. It could be a slippery slope if gates are opened for “private coins” that could be used not only to stimulate new businesses but also for money laundering and the financing of terrorism.
Insofar, the wonderful multistakeholder model still has a lot of conceptual weaknesses. There is no blueprint, how multistakeholder cooperation can be further enhanced, structured, and institutionalized. There is a lot to do for think tanks, new global commissions, and innovative policymakers, who have to deal with the next generation of Internet players and problems.
The next big political stop will be 2025. WSIS+20 will review the lessons learned from the ups and downs since 2005. Moving backward is no option. It would minimize opportunities and maximize threats. Stumbling forward is the only alternative.
By Wolfgang Kleinwächter, Professor Emeritus at the University of Aarhus – He is a member of the Global Commission on Stability in Cyberspace, was a member of the ICANN Board (2013 – 2015) and served as Special Ambassador for the Net Mundial Initiative (2014 – 2016).