China�s Take on Cyber Sovereignty

The security of global information systems has become a controversial issue in recent years. The disclosure of users’ information, website attacks, and other incidents have occurred casually and regularly due to the lack of risk awareness, sense of responsibility, and necessary protective measures. The efforts at domestic and international policy coordination are being complicated in the dynamics of cyber security as domestic political and economic factors in each state loom large. Cyber security experts of China are trying to elicit a coherent policy response at the global forum simply because of the fact that the Chinese People’s Liberation Army (PLA) views cyberspace as a new domain of conflict.

Cyber Sovereignty

As cyber attacks pose serious threat to security of any nation, cyber sovereignty becomes critical to national sovereignty. In the sphere of internet governance, cyber sovereignty refers to a country’s option to exercise control over the Internet within its own geographical boundary. It further implies that no surveillance or hacking is allowed against any sovereign nation in the cyberspace.Internet users belong to a global community free of borders and at the same time freely sharing and exchanging ideas. Cyber sovereignty, thus, acquires a global forum.

China’s Take on Cyber sovereignty

The idea of China’s ‘cyber sovereignty’ is a high-profile resurrection of a concept first rolled out in a 2010 White paper called “The Internet in China”.[i] China aspires for an ‘information border’ in addition to traditional sovereignty over land, air and sea. Till 2014, China was content to have other countries respect its tight domestic controls of the Internet. But by the end of 2015, taking clue from the World Internet Conference held in Wuzhen town of Zhejiang province in December 2015, it can clearly be gauged that internet security and control have become subjects of national priorities for China. The 2015 Conference was strategically targeted towards the international community for buying into the Chinese vision of “an interconnected world shared and governed by all”.[ii] While the internal component of the Chinese vision attributes to each government the right to develop, regulate and manage its domestic internet in line with its national autonomy, the external component involves the right to defend its internet from foreign intrusion and attack. China, through the Conference, loudly sent the message that it would not allow any compromise of its cyberspace sovereignty.

Xi Jinping, the Chinese President, called on countries to respect one another’s “cyber sovereignty” and different internet governance models. He further maintained that countries had the right to choose how to develop and regulate their internet.[iii] The message he spelt out was that with more than 650 million internet users, China should have a say in drawing up the global rules, including the right to decide what to censor and block. The Conference further aimed at gaining allies against the perceived Western encroachment upon China’s cyber sovereignty – key component for defending both the physical territorial integrity of China and the unchallenged rule of its Communist Party.

China upholds that no country should pursue “cyber hegemony” or engage in activities that undermine others’ national security. The concept of the principle of sovereign equality enshrined in the Charter of the UN is what the Chinese emphasize upon, tying it further to the primacy of internet sovereignty. Xi advocated a global governance system to “curb the abuse of information technology, oppose network surveillance and hacking, and fight against a cyberspace arms race”.[iv]

Xi denounced ‘foreign interference in internal affairs’ through cyber means, and dismissed the concept of “absolute freedom” in cyberspace.[v] He also targeted the United States for monopolizing cyber governance while also using sophisticated technologies to conduct cyber espionage. The message was clearly echoed by Xinhua article attributing China’s growth to this system of censorship.

The challenges to national sovereignty and security posed by internet must be met by pursuing ‘common governance’ over the internet, said Xi during the December Conference. He was of the view that each country must be given a legal, internationally recognized right to control and restrict domestic use of the Internet however it sees fit.[vi] Out of this view came the recent blocking of a number of foreign social media sites. In an interview in 2014, the Chinese Ambassadorto the UK said “websites that did not follow thecountry’s laws and fail to serve people’s interests”would continue to remain blocked in China.[vii] It was deemed fit to do so for protecting national security and the interests of Chinese consumers and to set it forthright that to enter China foreign firms must abide by Chinese laws and regulations. China is, in fact, exploring new ways to manage the virtual world spreading ‘positive energy’ as a main goal which is fast becoming a code word for content acceptable to China censors.

Growing Cyber Crime in China

The Chinese vision of cyber sovereignty evolves out of the growing cyber crimes and attacks in China. Along with facing a variety of idiosyncratic risks, such as ballooning levels of domestic cybercrime and widespread dependence on Western software, the Chinese networks also face uneven legal regimes and enforcement. While cybercrime has been on the rise around the world, it exhibits some interesting characteristics in China. There is a large underground market targeting virtual goods such as video game accounts and currencies in which both the criminals and the victims are Chinese.[viii] Chinese cybercriminals exploit online forums to buy and sell their goods, whether stolen assets or hacker infrastructure, and lax law enforcement means they are often quite open about it.

China’s ‘Multilateral’ Approach to Cyber Governance

Chinese version of cyber governance entails allowing each country the right to govern cyberspace for its own citizens which directly contradicts the prevailing view of cyberspace as a sort of global commons. Moreover, China’s vision that its own cyberspace will balance both ‘freedom’ and ‘order’ blatantly puts forth Chinese agenda which reverberated during the 2014 IWC when Lu Wei, the director of China’s Cyberspace Administration, said that ‘Internet freedom requires strict order’.[ix] China’s emphasis on keeping ‘order’ in cyberspace translates to censorship, whether it isblocking foreign websites (from Facebook and Twitter to the New York Times) or deleting social media posts by Chinese citizens.Under the garb of cyber sovereignty, the Chinese authorities are trying to curb the freedom of expression.

China also brought the issue of cyber sovereignty to the United Nations platform and a key word ‘multilateral’ was incorporated into the UN document at China’s insistence. China spearheaded this inclusion to enshrine state control over the Internet. ‘Multilateral’ stands in direct opposition to the Western concept of a ‘multi-stakeholder’ approach towards Internet governance. While the latter emphasizes a full involvement on equal footing of all actors with a vested interest in the internet including businesses, civil society and governments, the former emphasizes nation-states as the principal decision-makers.[x] China’s notion of a multilateral approach to cyber governance in which states reign supreme, thus, forms the core of China’s concept of cyber sovereignty. This is intrinsically connected to allowing the state to control all critical information infrastructures within a country as well as their usage and flow in and out of the country.

Chinese Response to Growing Concerns

China seeks to purge most outside technology from its banks, military, state-owned enterprises, and key government agencies by 2020.[xi] In that direction, telecommunications and Internet companies operating in China, after a law took effect on 1^stJanuary 2016,are now required to provide law enforcement with technical assistance, including decryption of sensitive user data, in any probe meant “to avert and investigate terrorist activities”.[xii] The law also builds on other counterterrorism, national security, and banking and insurance measures enacted last year that either ease regulation on or directly subsidize purchases of homegrown technologies. According to a11 January  2016 report by the Information Technology and Innovation Foundation, a Washington based think tank, the latest rules “continue the Chinese government’s ongoing efforts to restrain or force out foreign technology companies”.

Lessons for India

It cannot be denied that internet is transforming into a new domain of conflict because of its openness, and, thus, becoming imperative for national security. In such circumstances, India must also take a leaf out of the growing concerns and act accordingly. India, however, must also support the idea that all stakeholders should play an equal role in the governance of the internet given the historical role of the different stakeholders in the creation and development of the internet.India should come up with a National Cyber Strategy as a part of national security strategy. It is needed to ensure that all stakeholders work as a united force for the protection of our critical infrastructure. A coordinating mechanism needs to be established for this purpose. Our entities must depend on indigenous equipment and software. India must also have the deterrence in place at least to limit attacks from adversaries and groups supported by them.

Conclusion

The concept of cyber sovereignty spells out China’s aim to repress free speech and, thus, doubts loom large whether China will make much progress convincing other countries to buy into its vision for the Internet. China has, in fact, come out as a unique case in its lack of respect for the idea of an open internet. Whereas the States’ efforts to address security of Information and Communications Technology must go hand-in-hand with respect for human rights and fundamental freedom set forth in the Universal Declaration of Human Rights, China’s concept of cyber sovereignty stands juxtaposed to it.  Internet, by default, is a globally interconnected knowledge system network and therefore must be subject to international rule and universal values rather than limiting it to domestic spheres. Also, the Chinese proposal has not taken into account the risks it poses for citizens of non-democratic governments. The very concept, in fact, stems out from the fear of an uncontrolled internet and social media being a serious threat to Communist Party control over China.

Defining and demarcating borders for network infrastructures will not be a practical solution as no country can independently face the challenges posed by cyberspace. In such scenario, working with international Computer Emergency Response Teams (CERTs) would go a long way in securing the internet. There is also a need for coordinated working with the Internet Service Providers (ISPs). In fact, confidence building measures (CBMs) in the form of transparency and exchange of information together with agreed upon norms of conduct and critical infrastructure would be a practical step in securing the dynamic flows spatially.

Chinese vision of a strict and regulated control over internet usage, therefore, must give way to collaborating with other countries bilaterally and multilaterally on various platforms. China must also marry norms of responsible behaviour/CBMs (as a practical tool for protection) and mature crisis management (as a practical tool for contingencies).

However, Chinese principle of ‘Cyber-sovereignty’ brings with it the promise of substantial new opportunities for global technology firms operating in China, even though it challenges the Western assumptions about a free and democratic Internet. Major players in this field will not stay away from China for too long even if it means compromising on internet freedom to reap the rich dividends from Chinese markets. The increased dependence on indigenous hardware and software is going to augur well for the local companies based in China and China may come closer to shopping locally in the near future.