Cybersecurity & Tech

In Defense of the Global, Open Internet

Jason Pielemeier, Chris Riley
Thursday, September 1, 2022, 8:01 AM

Shifting U.S. internet foreign policy priorities away from protecting global human rights online and toward a security-centric posture would be a strategic mistake, and risks harm to freedom and security.

Earth at night. (Photo by NASA; https://flic.kr/p/58JLdy)

Published by The Lawfare Institute
in Cooperation With
Brookings

In the global race for internet governance, freedom is the West’s strategic advantage. And yet, a recent report from the Council on Foreign Relations (CFR) declares provocatively that “the era of the global internet is over.” The report’s evidence for this claim is an assertion that the past decade-plus of democratic investment in global internet freedom has failed, and it is therefore time for the United States to jettison the vision it has championed of a global, open, secure, and interoperable internet. The report argues that the United States should focus instead on responding to the geopolitically driven cyber activities of China and Russia, countries that position the internet as a cyber-military battlefield rather than a space designed to empower innovation and social progress. As CFR’s Adam Segal writes in Lawfare, this is an intentional departure from the organization’s 2013 report and reflects “a sense of lost possibility and influence.” Indeed, the world has changed. But moving the goalpost in by abandoning even the aspiration of protecting global human rights online, as the new report recommends, would be a strategic mistake. It would likely harm individuals living in repressive environments in the short term and hamper the ability of Western governments to advance shared goals of security and openness in the long term.

Cyber warfare and information warfare are undoubtedly in our midst. However, embracing the CFR report’s narrative and changing the course of U.S. policy in response to the continued trajectory of attacks not only would undermine human rights, democracy, and the internet itself but also would empower governments like China and Russia that benefit most from the “every country for itself” approach to the digital world. Instead, the United States should recommit to its vision for internet freedom by articulating and demonstrating how democratic states can address complex cybersecurity threats and digital harms through innovative, collaborative, and democratic means.

The CFR report proposes three pillars for a new U.S. foreign policy. Notably, the specific proposals put forth in the report are not incompatible with internet freedom; but they fail to—individually or collectively—effectively replace it. 

First, the report calls on the United States to “confront reality” and bring together “allies and friends” around a new “vision” for the internet, by prioritizing “a trusted, protected international communication platform.” Securing communications online is a worthy goal and one that can and should be developed collectively through multilateral mechanisms. But within the report’s absolutist paradigm, this recommendation futhers an explicit “us versus them” dynamic on the international stage, declaring that some governments are sufficiently aligned with U.S. interests to be permitted into the club, while others will be excluded. 

Putting aside the practical challenges of deciding who gets “in” and who stays “out” (for a taste of how messy this would get, look at the invitations to the 2021 U.S. Summit for Democracy), this approach is at odds with the globally interconnected infrastructure and protocols that make up the internet. The internet is a network of networks, and despite the advanced information controls imposed in some jurisdictions, its technical design—including the critical Internet Protocol and Border Gateway Protocol—are designed to maintain interconnection above all else. Separating countries into friends and enemies also, ironically, buttresses the long-standing goals of China, Russia, Iran, and other authoritarian regimes to center internet governance in “cyber sovereignty” rather than internationally protected human rights. 

In a moment of historic expansion of internet connectivity, most governments around the world still haven’t firmly established their position on the spectrum between an authoritarian and freedom-centric approach to internet governance. If the United States, in particular, portrays the future of the internet as inevitably isolationist, it is as likely to push governments toward authoritarian models as it is to incentivize governments away from them. This could result in a potentially disastrous fait accompli that will likely imperil innovation, equity, economic growth, and human rights in the decades ahead. 

A shift toward walling off countries with differing views not only would provide normative validation for existing national firewalls but also would abandon the people within those countries seeking to realize their rights. This would contradict the Biden administration’s Presidential Initiative for the Democratic Renewal and the recent U.S.-led Declaration for the Future of the Internet, which provides a clear and compelling alternative by creating an opportunity to join for “partners who actively support a future for the Internet that is … open, free, global, interoperable, reliable, and secure” without boxing other nations into choosing a “side.” 

Second, the report calls for U.S. foreign policy to “balance more targeted diplomatic and economic pressure” and “more disruptive cyber operations” with “self-imposed restraint … among U.S. allies.” It is possible to consistently promote a global open internet while increasing diplomatic, economic, and digital pressure to support that goal. Where tensions arise, such as when Ukraine asked the Internet Corporation for Assigned Names and Numbers to disconnect Russia from the global internet, the balance typically lies in favor of preserving the global internet. American policy can and should reinforce this. 

In its pursuit of a more globally harmonized internet policy, the United States must complement its outreach to current allies and its response to current threats with greater engagement with the majority world. Businesses in these regions benefit from access to American capital, markets, and partners. Their governments can realize incredible benefits through joint economic programs and global digital flows, showing the merits of openness and freedom rather than oppression and manipulation. 

Focusing primarily on increasing pressure on adversaries is likely to mean taking attention and resources away from direct support to and engagement with the myriad countries whose only existing option for stronger internet infrastructure has been, and remains, the acceptance of Chinese “aid” and its accompanying influence. China has invested massively around the world through the Belt and Road Initiative, including in global network infrastructure, creating debt and dependencies across a wide number of states. And China’s narrative of control is likely attractive to governments seeking to expand their domestic authority both online and offline. But for every Myanmar-like setback, there is usually a Sri Lanka-like opportunity. The United States would be wise to continue investing in open internet policies that facilitate democratic turns and position itself to provide critical assistance to convert these moments into lasting, democratic change. 

The report is correct in asserting that America must update its approach to cyber defense, including responses to cyberattacks at all levels of severity and foreign disinformation campaigns. But again, that can happen while also asserting that internet freedom is a universal goal and that a siloed internet is ultimately unsustainable and counterproductive for all nations. 

Third, the report asserts that “the United States needs to put its own proverbial house in order.” This statement is entirely accurate. There is much work to be done to match the leadership of the European Union and construct a suitable American regulatory framework for privacy, data use, platform accountability, and other issues. The report is correct in highlighting the multiyear gap between Brussels and Washington on data protection in particular, and the consequences of this disconnect for global connectivity and commerce. But in seeking to close this gap, the “how” matters. U.S. legislative and regulatory efforts must serve, and not subordinate, American economic and social goals. In building the response to this challenge, the U.S. playbook must be clearly distinguishable from that of repressive states, or they will have won the ultimate war. The United States must return to its roots of global power online, which lie in openness and fostering a climate of innovation.

In sum, the CFR report seems to equate a free and global internet with anarchy at worst and naive insecurity at best. That is simply not true. Internet freedom posits a rights-centered and rules-based approach to internet governance. Necessary efforts that restrict rights are allowed under international human rights law, when they are clearly articulated, serve legitimate purposes, are proportionately tailored, and are accompanied by relevant accountability and transparency measures. These are the yardsticks against which future actions will continue to be measured, regardless of how the United States frames its cyber policy. They also happen to be the clearest principles policymakers and analysts can use to draw distinctions between authoritarian approaches and democratic ones.

So what? Does it matter whether the goal of foreign policy is a global, open, and free internet—recognizing the impossibility of a perfect end state—or instead “a trusted, protected international communication platform” among allies? Particularly when many of the same near-term tactics, and many of the recommendations in the CFR report, would likely be the same regardless of how the objectives and strategies are framed?

In fact, it does matter—a lot. Governance of the digital world is perhaps the greatest geopolitical competition of our generation. The internet’s infrastructure is deeply and inherently interconnected and constantly evolving. Stasis and detente are not concepts that translate well in this space and cannot realistically serve as goals of U.S. policy, for better or worse. If the United States steps back in the fight for global internet freedom, other forces will most likely step up and continue to degrade it, exponentially expanding the scale and scope of repression and of harm to human rights. 

Focusing on negatives also risks ignoring much of the value that the internet has created and continues to create. And the primary remaining value that the United States must prioritize is freedom. As one of us has argued previously, when compared to offline spaces, the internet continues to create significant opportunities for courageous, consequential, and U.S.-interest-aligned activities including independent journalism, accountability, and the protection of minority rights. 

In all likelihood, this contrast in narratives is reflective of perspective and process. The CFR report is bereft of participation from civil society and digital rights activists, including those who have carried the torch of internet freedom in repressive environments. These stakeholders have the best perspective of internet repression, how it is experienced, and how to counter it. Their voices, undoubtedly, would have changed the report, which instead focuses on nation-state-level considerations and concerns. Unsurprisingly, the result is a framing of internet repression as a tactic of state power—which it is, but not solely—as well as a lack of appreciation of the full impact of internet freedom. Granular effort to help individuals realize their rights improves daily life around the world and contributes to organizing and building power that can challenge ossified authoritarian states and systems.

Centering internet-related foreign policy around freedom, rather than nation-state conflict, provides a strategic advantage in the long term as well as immediate benefits for the realization of human rights in repressive environments. Rather than choose isolation, the Biden administration should double down on the collaborative model that governs the internet, increase its investments in internet freedom, clarify U.S. domestic approaches while working to build alignment on internet policy around the world, and lead by example to show that openness and innovation build the best path to socioeconomic success.

Supporting the true nature of the internet as global, open, and free portrays the repressors of internet freedom as reactive, aberrant, fragile, and ultimately temporary. It is true that the walls of repression have grown taller. It is also true that those walls are filled with cracks. The United States’s best response is not to build walls of its own but, instead, to support the expansion of human rights and democratic norms to nations around the world as the global internet continues to grow and evolve.


Jason Pielemeier is the Executive Director of the Global Network Initiative. Jason previously held roles as Deputy Director and Policy Director at GNI. Prior to joining GNI in 2017, Jason was a Special Advisor at the U.S. Department of State, where he led the Internet Freedom, Business, and Human Rights section in the Bureau of Democracy, Human Rights and Labor. In that role, Jason worked with colleagues across the U.S. government, counterparts in other governments, and stakeholders around the world to promote and protect human rights online.
Chris Riley is a global internet policy and technology scholar, a distinguished research fellow at the Annenberg Public Policy Center, and works as the principal at Cedar Road Consulting and a senior fellow for internet governance at the R Street Institute. Chris is a former director of policy for Mozilla and former internet freedom program manager at the U.S. Department of State. He holds a Ph.D. in computer science from Johns Hopkins University and a J.D. from Yale Law School.

Subscribe to Lawfare