Earlier this year, The Strategy Bridge asked civilian and military students around the world to participate in our seventh annual student writing contest on the subject of strategy.
Now, we are pleased to present an essay selected for Honorable Mention from Stephen Kopach, a recent graduate of the National War College.
The United States and its adversaries are engaged in a high-stakes contest to gain the upper hand in cyberspace. The U.S. approach to cyber governance—outlined in the Declaration for the Future of the Internet—favors multi-stakeholder engagement to promote an “open, free, global, interoperable, reliable, and secure” Internet.[1] Integral to the U.S.-backed model is a system that promotes fundamental human rights such as freedom of expression and privacy.[2] China and Russia are attempting to assert control over the digital domain by steering the international community toward a closed and controlled model of Internet governance. Authoritarian regimes in Beijing and Moscow have led a movement to challenge the status quo in favor of a system that elevates the concept of cyber sovereignty and seeks to fragment the web into repressive splinternet enclaves.[3] These governments value complete control of all information and networks transiting their territories and are attempting to push this concept through foreign policy engagement. The repressive vision of China and Russia for a closed and controlled Internet threatens America’s long-term national security and economic interests and challenges democratic values, which are advanced through the unrestricted flow of information and ideas on a free and open web.
To counter Russia and China, the United States must set conditions to attract international support for its democratic vision of the Internet. To strengthen America’s military and economic leverage over its adversaries, the United States should employ a multi-faceted strategy that persuades the international community to reject the illiberal, authoritarian model for cyberspace and align with the West. America can achieve this by continuing its proactive engagement on cyber norm dialogues at the UN and other multilateral forums, countering Chinese and Russian efforts to dominate technical standard-setting international bodies, and outcompeting China in the race to dominate next-generation information communication technology (ICT). In accomplishing these goals, America will constrain China and Russia economically and militarily by limiting their access to advanced technology, increase economic prosperity for American citizens by safeguarding tech innovation and expanding access to new markets, and secure America’s leadership role in a multipolar world weighted technologically and ideologically toward the West.
Authoritarian regimes challenge the existing Internet governance system by advancing competing dialogues in international forums, sponsoring state-backed participants in Internet governance organizations, and establishing information communication technology footholds worldwide. Authoritarian regimes have proposed competing initiatives at the UN and in regional forums to steer the conversation in a self-serving way. In 2019, Russia proposed an alternative dialogue under a UN Open-Ended Working Group (OEWG) construct after the U.S.-backed UN Group of Governmental Experts (GGE) discourse on the norms, rules, and principles of responsible state behavior in cyberspace reached an impasse.[4] Russia objected to the GGE proposal for applying international law to cyberspace, particularly humanitarian law, which they viewed as a threat to sovereignty and an infringement on their domestic affairs.[5] Authoritarian regimes have built legitimacy for their competing model by having additional voices at the table to challenge America’s dominant role in negotiating international cyber norms.[6] An expanded range of international and regional forums allows countries to choose between competing ideas of internet governance models, which can muddy the water and make consensus difficult. Beyond the UN dialogue, Russia and China have sought to shape technical aspects of the cyber environment by manipulating technology standard-setting bodies.
China and Russia have sought to steer dialogue to their favored vision of cyberspace by advancing preferred candidates into leadership roles among multilateral bodies like the International Telecommunications Union (ITU), which influences information communication technology technical standards and protocols.[7] China and Russia often advance hand-picked candidates who will drive technical committee discussions toward their preferred internet standards.[8] According to the Heritage Foundation, an independent think tank:
China, Russia, and other countries have sought for years to impose constraints on the Internet through intergovernmental regulation and treaties to censor or block content and activities they deem offensive or damaging to their interests. They would very much like to shift governance to organizations such as the ITU, where governments enjoy full participation while the private sector’s role is limited.[9]
Russia lost its 2022 bid to lead the International Telecommunications Union against an American contender, providing some near-term relief for open-internet advocates.[10] However, many study groups have representatives from Chinese companies like Huawei and China Telecom holding vice chairmanship positions.[11] Authoritarian regimes will continue to establish new regulatory frameworks and strive to achieve market dominance in information communication technology to dictate the terms of web access.
China has pushed countries to adopt its infrastructure, service providers, and preferred media to establish a foothold in regions where it would like to expand economically and exert political influence.[12] Beijing is developing splinternets under the banner of internet sovereignty and assembling coalitions behind their vision through coercive economic policies.[13] According to Freedom House, an independent internet research nonprofit, “At home and on the international stage, authoritarians are on a campaign to divide the open internet into a patchwork of repressive enclaves.”[14] Many authoritarian countries welcome China’s assistance and see value in having digital infrastructure that allows them to create sovereign networks for maintaining internal control.[15] Beijing uses the Digital Silk Road to lure other countries into accepting its information communication technology, which is steeply discounted through government subsidies.[16] Adopting Chinese infrastructure, in turn, leaves these countries vulnerable to technical exploitation and economic coercion.[17] In 2012, for example, China helped the African Union build its headquarters in Addis Ababa as “a gift from China to the friends of Africa” but put backdoors in the IT infrastructure to monitor and exfiltrate organizational data back to Shanghai.[18] Beijing would like to use its monopoly of markets to push foreign policy goals using aggressive Wolf Warrior and debt trap diplomacy.
The technology war has created new battlegrounds in regions like the Middle East where China is actively courting traditional U.S. regional allies such as Saudi Arabia. Riyadh recently signed agreements for Beijing to build its cloud computing infrastructure.[19] On the other hand, Jordan chose to rip-and-replace Chinese telecom for Western options at a high cost to preserve its security relationship with Washington.[20] This battle is consequential because if China becomes the de facto 5G leader globally, it will have greater leverage in establishing the rules for governance over the associated technology. As authoritarian governments attempt to entice or co-opt middle powers toward their repressive model, the United States should use its own strengths to maintain its role as the global leader in internet governance.
China and Russia will continue to shape cyberspace in ways that ultimately harm U.S. interests unless America pushes back. Tolerance of unacceptable behaviors in cyberspace creates new norms by setting unwanted precedents within the international arena. Efforts by authoritarian regimes to advance the sovereign internet model present a real threat to liberal democracy. Chinese and Russian efforts to shape the Internet to suit their interests warrant a concerted and coordinated response by the United States government and its allies. The United States must implement a strategy to promote a cyberspace aligned with its values where online actors respect international law and human rights.
Shaping and Enforcing Rules and Norms
The first objective of this strategy is to increase support for the U.S.-favored cyber policies in multilateral dialogs. To accomplish this goal, the United States should build tools for promoting American views, enhance its leadership role in international forums, and incentivize states to adhere to established norms and principles for responsible state behavior in cyberspace. This goal requires investment in U.S. cyber resources, sustained diplomatic engagement, and a willingness to call out and punish bad behavior.
The first step is for the United States to develop and invest in means for promoting its views in multilateral dialogs. To achieve meaningful outcomes, the United States must develop expertise, institutions, and tools across the interagency to advocate the U.S. position in cyberspace and foster the development of expertise in cyber policy. The U.S. State Department should continue to build its cadre of foreign and civil service cyber officers with expertise on digital issues and empower them to push cyber issues during bilateral and multilateral negotiations. Workforce development will involve recruiting STEM (science, technology, engineering, and mathematics) expertise and providing cyber-specific training and education to the workforce.
The United States can bolster current federal workforce expertise by reinforcing educational institutions and encouraging engagement with public universities. The Foreign Service Institute can closely coordinate with the National Defense University’s College of Information and Cyberspace to build a curriculum on international cyber engagement. The Foreign Service Institute should expand its curriculum to train and equip its officers with the expertise to engage on cyber issues. Its “Cyber Diplomacy Tradecraft” course is a significant first step to improving workforce knowledge and fluency in cyber policy issues.[21] The Department of Education can help grow domestic talent through initiatives like “Raise the Bar: STEM Excellence for All Students,” which aims to improve readiness and global competitiveness and forge closer links between government organizations and academia.[22]
New organizations such as the State Department’s Bureau of Cyberspace and Digital Policy can help foster engagement among allies and partners during international forums. The interagency should also promote cross-organization knowledge through joint rotational assignments and facilitate seamless intergovernmental movement of cyber experts. For example, Cyber Command's hunt forward operators would gain a new perspective by serving in policy roles at the State Department, while diplomats could gain an appreciation of the utility of offensive technical operations by completing a tour at combat support agencies like the National Security Agency (NSA). The government should also encourage increased circulation of cyber expertise between the government and the private sector through sabbaticals and cross-training programs. People are attracted to the private sector for salaries and perks like telework but are attracted to government service because of the unique mission and sense of purpose.[23] To improve retention and encourage a whole-of-government cyber workforce, the government should create pathways for experts to move back and forth between the government and private sector.
By leveraging these new capabilities, the United States can maintain its leadership role in international cyber-governance dialogues. A more capable cyber diplomacy workforce can more effectively convince global community members to adhere to established cyber norms through sustained bilateral, regional, and multilateral engagement.[24] The State Department’s mission at the UN will continue to advocate the U.S. position to the global community. The UN First Committee, which covers disarmament and international security, also handles the cyber governance discussions under the frameworks of the Group of Governmental Experts and Open-Ended Working Group, has played an instrumental role in setting up the global cyber rules of the road.[25] Norms established through years of back-and-forth negotiations have helped reduce risk by encouraging confidence-building measures, increased transparency, mutual predictability, collaboration, and measures of restraint. Diplomats also play critical roles in multilateral organizations like the G7 and regional forums like the Association of Southeast Asian Nations (ASEAN) and the Organization of American States (OAS), where area-specific issues are considered. The State Department must continue bilateral talks with countries based on the unique needs and circumstances of the relationship, often based on requests for U.S. assistance in technology infrastructure and development.[26] Together, these efforts are developing a standard code of conduct in cyberspace and building cyber capacity among friends and allies.
Embassy country teams worldwide should be empowered to lead initiatives with foreign governments on cyber-related issues. Cyber liaisons at each embassy can forge relationships with host nation cyber organizations and facilitate U.S. private industry engagement to help build partner capacity and business relationships. Most embassies have a foreign service officer that handles the cyber portfolio, but this is often one of many issues they cover.[27] Cyber should not be relegated to a collateral duty but a primary area of expertise and focus. Where not doing so already, Ambassadors should convene cyber and technology country team working groups that bring together interagency partners within the embassy to manage cyber engagement.
During interagency engagement with foreign actors, representatives of the U.S. government should encourage their counterparts to reaffirm their commitment to the voluntary, non-binding norms established under the UN Group of Governmental Experts framework for responsible state behavior in cyberspace.[28] These include interstate cooperation on cyber incident response and combating cybercrime, agreement to not conduct cyber-attacks against critical infrastructure, respect for privacy and human rights in cyberspace, and agreement not to harm cyber emergency response teams.[29] The goal should be to reinforce the non-binding frameworks and provide training to countries on the value of these principles to promote stability. The United States interagency must set an example by upholding expected standards of behavior in cyberspace wherever practicable. This means closer coordination between the Department of Defense, the Intelligence Community, and the Department of State and deconfliction at the National Security Council to weigh the benefits of offensive cyber efforts against possible disruption of other foreign policy initiatives. The NSA is constantly engaged with interagency partners, including through representatives at embassies, to weigh the implications of cyber initiatives on diplomatic efforts and how the two can work together toward the best outcome for national security.[30]
For the final line of effort, the United States should incentivize adherence to consensus-based norms and prepare to punish egregious violations. Washington can incentivize acceptance and adherence to the international code of conduct by offering security and economic benefits to those who align with the West. This could include preferential trade partnerships brokered by the Department of Commerce’s International Trade Administration and the U.S. Trade Representative for nations engaging in responsible cyberspace behavior. Conversely, the United States can threaten to withhold such benefits for states that violate rules and impose costs through sanctions and other punitive measures. For instance, the Department of Treasury’s Office of Foreign Assets Control can implement economic sanctions in response to unacceptable acts. The International Trade Administration can create export controls on advanced technologies.
The State Department can wield the diplomatic and information instruments of power to help establish consensus on violations of norms to form a free world coalition that can stand together to condemn unacceptable cyber behavior. America must maintain the drumbeat during diplomatic engagements on U.S. red lines and be prepared to act when they are violated. If groups of states are willing to attribute attacks to a particular belligerent, they can collectively agree on appropriate retaliatory measures. In 2018, the so-called Five-Eye partners and other allied states attributed the NotPetya ransomware attack to Russia GRU and later activities of a Chinese cyber intellectual property theft to China's Ministry of State Security.[31] This type of group naming-and-shaming can be effective in deterring future activity and arm diplomats ahead of negotiations with China and Russia. The United States should wield cyber and non-cyber tools as points of leverage to impose costs and hold our adversaries at risk.
In select cases, punitive actions may include a military response to cyber-attacks violating international law above certain thresholds. U.S. Cyber Command can retaliate in kind against cyber-attacks or create strategic ambiguity with other instruments of power. There are many cyber lessons learned from the conflict in Ukraine. As the cyber environment has matured, the U.S. Defense Enterprise has figured out what works and what fails. For cyber deterrence, the key is reciprocity of value rather than effect.[32] The Defense Department should be ready to employ all measures including U.S. military force to punish violations exceeding certain thresholds, such as a catastrophic attack on domestic infrastructure. The justification for such retaliation against a cyber-attack will require international state attribution and public condemnation of international law violations.
Setting Technical Standards and Protocols
The second objective of this strategy is for standard-setting organizations to adopt free, open, secure, and reliable internet standards and protocols. To achieve this goal, the United States should empower U.S. non-government stakeholders, build trust and relationships with foreign partners, and use an American values-based proposition to dissuade the adoption of internet standards that benefit repressive regimes. The United States and its allies gain a significant advantage over China and Russia if they set the Internet’s technical baseline.
Washington should start by empowering non-governmental entities favoring the free and open internet model to take proactive roles in standard-setting bodies.[33] The United States can provide financial support and public recognition to U.S. technology firms, academics, or other private sector experts to encourage participation in multi-stakeholder engagements on cyber issues.[34] This recognition could come from organizations such as the Defense Department or the Cybersecurity and Infrastructure Security Agency (CISA) or come as recognition at the national level through presidential-level awards. The U.S. government can legitimize existing multi-stakeholder models by working with the private sector through the Cybersecurity and Infrastructure Security Agency, U.S. Cyber Command, and the NSA to improve network security and patch vulnerabilities. This partnership will demonstrate the critical role non-government entities play in enhancing internet reliability while allowing the United States to take a leadership role in internet standard-setting discussions.[35]
The United States government must continue its leading role in multilateral technical setting organizations like the International Telecommunication Union. It is equally essential to ensure that authoritarian regimes cannot manipulate multilateral forums by directing government-sponsored candidates to push their agenda. The United States should use various messaging tools, such as the State Department’s Office of Public Diplomacy and Public Affairs, to highlight Russia and China’s efforts to install state-sponsored individuals into these bodies. The United States should also take advantage of events like Russia’s war in Ukraine to marginalize and delegitimize authoritarian participation. Russia’s aggression has already led to several of their candidates not receiving visas to attain International Telecommunication Union, making them unable to influence outcomes in their favor.[36]
A second priority is for America to build trust among the international community through cyber outreach initiatives and foreign engagement on cybersecurity issues. The United States can increase outreach and collaboration with technically like-minded countries and seek new engagement with neutral or adversary-aligned states. The United States should increase engagement with foreign internet stakeholders, including governments, industry leaders, and civil society institutions, to demonstrate American commitment to partnership on issues of concern. Through mechanisms like the U.S.-EU Trade and Technology Council, the United States can promote initiatives to build partner capacity.[37] Non-aligned countries and emerging internet markets, particularly across the Global South, will be more likely to support U.S.-backed internet standards if the United States establishes trust through dialogue and exchange of best practices.[38]
Beyond talk, the United States must make meaningful financial contributions to organizations like the World Trade Organization for building information and communications technology infrastructure to promote innovation, trade, and new technology-based markets in developing countries. Economic efforts could involve an update to the 1996 Information Technology Agreement to allow a tariff-free flow of information and communications technology across borders to boost the technology sector in developing states. The United States can also promote cyber training and education opportunities, which may lead to a better appreciation of the risks presented by the authoritarian model and the benefits of a free and open Internet.[39] Existing government institutions such as the National Defense University’s College of Information and Cyberspace or the NATO Cooperative Cyber Defence Centre of Excellence can serve as cyber knowledge repositories. These organizations should harness expertise in academia, think tanks, and the private sector. American technical experts should be encouraged to join cyber training teams assembled to address specific foreign training needs. This, in turn, will improve trust and attract countries toward the Western approach. Private cybersecurity firms from Mandiant to Microsoft have proven their worth in helping Ukraine defend against Russian cyber-attacks. “Cyberposses” have helped Kyiv detect malware, thwart attacks against critical infrastructure, and protect data.[40] There is no doubt that the rest of the world is watching the model set by American firms enabled by the U.S. government.
The last step is for America to make a compelling argument for its preferred technical standards within international bodies by extolling the values of a free and open Internet, including protecting civil liberties, human rights, and privacy. China and Russia have used their tightly controlled networks to suppress dissenting voices, censor critics, repress minority groups, restrict access to information, and criminalize communication, in gross violation of international law. The U.S. State Department’s Bureau of Cyberspace and Digital Policy has made “Advancing Digital Freedom” a key topic for consideration, noting, “We support a vision of our open digital future rooted in enduring U.S. values” with “cyberspace and digital policy…anchored in democratic principles, openness, and human rights.”[41] In April 2022, the United States partnered with over 60 nations to release The Declaration of the Future of the Internet, charging the international community to “recommit to its vision for internet freedom by articulating and demonstrating how democratic states can address complex cybersecurity threats and digital harms through innovative, collaborative, and democratic means.”[42] The State Department should wield its strategic communications plan to promote America’s vision for a free and open Internet. Diplomats should make this a primary tenet of engagements related to technology.
The third objective of this strategy is to achieve global market domination of next-generation information and communications technology. To achieve this goal, the United States must outcompete authoritarian regimes by investing in the technology sector to increase America’s competitive advantage, making a compelling argument for global adoption based on the merits of U.S. technology, and lowering barriers to adopting Western information and communications technology through subsidies and foreign aid. Being the market leader in technology is essential for America to retain its competitive edge against authoritarian regimes who would otherwise use their information and communications technology advantage to push their repressive network agenda.
To outcompete China and Russia, the United States must first maintain its competitive advantage in information and communications technology through broad investment and regulation to promote innovation and counter China’s unfair market advantage. Washington should provide government funding to support research and development in the technology sector.[43] The United States must set a regulatory environment encouraging innovation while posturing the U.S. technology sector to compete in the global marketplace. The United States can dictate secure-by-design technical standards in hardware and software development if it maintains the dominant position as a market leader in information and communications technology, along with technically capable partners like Japan, South Korea, the Netherlands, and Taiwan which together control the means of producing the most advanced microchips.[44] The federal government’s $1.5 billion pledge under the 2022 CHIPS and Science Act to boost efforts by the National Institute of Science and Technology, the National Science Foundation, and the Department of Energy’s Office of Science represents the type of action needed to outcompete China.[45]
The Commerce Department will lead innovation efforts by directing funding toward specific priorities and sectors, as outlined on Chips.gov, to maximize the impact of federal dollars.[46] Tailored engagement includes working with the private sector to build domestic production capabilities for critical technologies such as microprocessors and cutting-edge microelectronics to reduce dependence on complex offshore supply chains. Commerce can also restrict adversaries from acquiring critical or sensitive information and communications technology by tightening the Export Control Act. In 2022, the Department of Commerce’s Bureau of Industry and Security limited the export of “Advanced Computing and Semiconductor Manufacturing Items” to China because their use in military technologies and applications is antithetical to U.S. interests.[47] Commerce should continue to refine its export controls and work closely with the Departments of State, Justice, and Treasury to impose diplomatic, legal, and financial costs against entities and actors attempting to circumvent prohibitions. America’s biggest point of leverage is its economy, which can be used to slow down China by restricting market access. The U.S. should continue implementing its strategy for selective decoupling from China regarding critical information and communications technology to bolster Western technological advantage and bargaining position as it shapes cyber regulation.
With a secured technical advantage, the United States can persuade the global community to adopt American information and communications technology based on its technical merits and economic and security benefits stemming from technological alignment with the United States and the dangers posed by alignment with China. America must advocate for adopting U.S. information and communications technology based on the factors that make Western technology superior to Chinese alternatives, including performance, security, and interoperability. The Office of the U.S. Trade Representative and the Departments of State and Commerce should advocate for adopting American technology and work to establish trade organizations focused on strengthening technical cooperation. For example, the U.S.-EU Trade and Technology Council has strengthened Trans-Atlantic cooperation by facilitating cooperation on emerging technologies, securing semiconductor supply chains, and enhancing trade, security, and economic prosperity for participants.[48] Technical cooperation facilitates security cooperation through trust building and network interoperability. This model should be replicated across other regions and expanded to include a broader range of stakeholders. The United States should engage potential adopters of Western technology in a transparent, open, and fair manner in stark contrast to the offerings of Russia and China.
Washington must highlight the dangers to countries choosing to adopt authoritarian government technology from a surveillance, security, and reliability standpoint. The U.S. Intelligence Community can share insights about the vulnerabilities posed by Russian and Chinese ICT with foreign governments to raise awareness about potential risks. Over the past several years, many European governments, including Germany, the UK, and Sweden, have reconsidered using Huawei and ZTE hardware in their telecommunications architecture due to discovered vulnerabilities. The Director Global Public Policy Institute in Berlin says this policy shift is long overdue, noting, “You don’t make yourself dependent on companies that are beholden to the Chinese party-state, because that would repeat mistakes we’ve made with Russia.”[49]
The intelligence community can demonstrate China’s pattern of forcing companies to transfer intellectual property and steal trade secrets through human spies and cyber theft.[50] The 2023 Intelligence Community Annual Threat Assessment notes, “China’s cyber espionage operations have included compromising telecommunications firms, providers of managed services and broadly used software, and other targets potentially rich in follow-on opportunities for intelligence collection, attack, or influence operations.”[51] The intelligence community and State Department must emphasize these warnings during economic and trade discussions with counties technically aligning with China. Countries experiencing buyer’s remorse for adopting Chinese information and communications technology may be receptive to switching to U.S. technology when it comes time to upgrade, presenting a window of opportunity for action.
Finally, the United States should provide subsidies and technology aid packages to facilitate the adoption of its information and communications technology. The United States should lower barriers to adopting Western technology, even if it is a near-term financial loss, to gain first mover advantage in competitive markets. America can subsidize technology across the developing world to enter countries that might otherwise turn to cheaper hardware from China out of necessity.[52] The U.S. International Development Finance Corporation (DFC) can provide foreign direct investment that directly supports information and communications technology infrastructure projects in underserved areas of the globe. For example, the Development Finance Corporation has funded African data centers to “increase internet speeds, reduce internet costs, and provide essential information and communications technology services to African businesses and consumers.”[53] Development Finance Corporation projects can expand access to the Internet, build reliable and affordable networks, and continue to support technology industry projects in areas like “telemedicine, fintech, and online learning.”[54] The U.S. Treasury and the U.S. Trade Representative can also dissuade the adoption of Chinese-produced or controlled information and communications technology by threatening to restrict access to Western financial markets and information sharing in areas related to security cooperation.
This strategy requires financial and political investment by the United States. In the near term, the government must dedicate billions of dollars to build out the U.S. cyber diplomacy capabilities, reinforce organizations that execute new cyber-focused missions, and incentivize participation in cyber norm dialogs. The United States must also make even more significant financial investments in the private sector to promote digital innovation and subsidize certain technologies to ensure their adoption by potential allies in the global marketplace. Diplomats and policymakers must expend political capital to institute internal organizational changes and convince foreign governments to side with the United States on cyber issues.
This strategy pits the U.S. view of cyberspace against authoritarian systems, which could create tension among allies who value tighter control of their information space. Freedom House lists allies and close trading partners like Saudi Arabia, South Korea, Bahrain, Thailand, Turkey, the United Arab Emirates, and Vietnam as “not free” on their internet freedom scale.[55] Pushing these countries too aggressively to adopt free and open internet standards could jeopardize other important diplomatic, security, and economic ties.
On the flip side, there are certain opportunity costs for strictly adhering to the tenets of a free and open Internet, such as losing potential strategic advantage gained by conducting offensive operations on friendly foreign networks. To maintain credibility in international dialogue, it is imperative that the United States carefully balances the tension between these two positions and errs on the side of ethical behavior. This will give America the moral high ground against cyber-related subversion by China and Russia.
Conclusion
The U.S. strategy to positively shape the international community to favor a democratic and accessible Internet requires a sustained, long-term commitment. Practiced behaviors, precedents, dialogue, and agreements will set expectations and reinforce norms over time. Washington must use a comprehensive, whole-of-government effort using various approaches and options to shift the environment away from China and Russia’s repressive vision of cyberspace. Authoritarian regimes will continue to push for norms and governance structure in cyberspace, favoring an illiberal model that threatens the U.S. vision of a free and open domain. The United States can take an active role in countering this authoritarian vision. In doing so, America will protect its interests and retain its leadership position within the rules-based international order.
Stephen Kopach is a Marine Corps Reserve Officer and a recent graduate from the National War College. He previously served as the Executive Officer for the Marine Attaché Detachment and is a Department of Defense federal civilian. He holds a Bachelor’s of Arts in Biology from Boston University, a Master’s of Science in Strategic Intelligence from the National Intelligence University, Master’s of Arts in National Security and Strategic Studies from the U.S. Naval War College, and a Master’s of Education from Auburn University. The views expressed are the author’s and do not necessarily reflect the views of the Department of the Navy, the Department of Defense, or the U.S. Government.
The Strategy Bridge is read, respected, and referenced across the worldwide national security community—in conversation, education, and professional and academic discourse.
Thank you for being a part of The Strategy Bridge community. Together, we can #BuildTheBridge.
Header Image: QR codes close-up photography, , 2019 (Boris Bobrov).
Notes:
[1] The White House, Declaration for the Future of the Internet, April 2024, https://www.whitehouse.gov/wp-content/uploads/2022/04/Declaration-for-the-Future-for-the-Internet_Launch-Event-Signing-Version_FINAL.pdf.
[2] The United Nations, “Universal Declaration of Human Rights,” December 10, 1948, https://www.un.org/en/about-U.S./universal-declaration-of-human-rights.
[3] Megan Stifel, “Maintaining U.S. Leadership on Internet Governance,” The Council on Foreign Relations, February 21, 2017, https://www.cfr.org/report/maintaining-U.S.-leadership-internet-governance.
[4] Elaine Korzak, “UN GGE on Cybersecurity: The End of an Era?,” The Diplomat, July 31, 2017, https://thediplomat.com/2017/07/un-gge-on-cybersecurity-have-china-and-russia-just-made-cyberspace-less-safe.
[5] Korzak, “UN GGE on Cybersecurity”
[6] Thomas Lynch III ed., Strategic Assessment 2020, National Defense University Press, 2020, https://ndupress.ndu.edu/Portals/68/Documents/Books/SA2020/Strategic-Assessment-2020.pdf, 227.
[7] Brett Schaefer and Danielle Pletka, “Countering China’s Growing Influence at the International Telecommunication Union,” The Heritage Foundation, March 7, 2022, https://www.heritage.org/global-politics/report/countering-chinas-growing-influence-the-international-telecommunication.
[8] Schaefer, “Countering China’s Growing Influence.”
[9] Brett Schaefer and Danielle Pletka, Countering China’s Growing Influence at the International Telecommunication Union, The Heritage Foundation, March 7, 2022, https://www.heritage.org/global-politics/report/countering-chinas-growing-influence-the-international-telecommunication.
[10] Justin Ling, “The Election That Saved the Internet From Russia and China,” Wired, October 30, 2022, https://www.wired.com/story/itu-2022-vote-russia-china-open-internet.
[11] John Seaman, “China and the New Geopolitics of Technical Standardization, “Policy Center for the New South, January 2020, https://www.ifri.org/sites/default/files/atoms/files/seaman_china_standardization_2020.pdf.
[12] Robert Greene and Paul Triolo, “Will China Control the Global Internet Via its Digital Silk Road?” Carnegie Endowment for International Peace, May 8. 2020, https://carnegieendowment.org/2020/05/08/will-china-control-global-internet-via-its-digital-silk-road-pub-81857.
[13] Dan York, “What Is the Splinternet? And Why You Should Be Paying Attention,” Internet Society, March 23, 2022, https://www.internetsociety.org/blog/2022/03/what-is-the-splinternet-and-why-you-should-be-paying-attention.
[14] Adrian Shahbaz, “2022 Freedom on the Net.”
[15] Justin Sherman and Robert Morgus, “Authoritarians Are Exporting Surveillance Tech, And With it Their Vision for the Internet,” Council on Foreign Relations, December 5, 2018, https://www.cfr.org/blog/authoritarians-are-exporting-surveillance-tech-and-it-their-vision-internet.
[16] Michelle Marcus, “Combatting the Seen and Unseen Threats of China’s Digital Silk Road,” Network for Strategic Analysis, September 15, 2022, https://ras-nsa.ca/combatting-the-threats-of-chinas-digital-silk-road.
[17] Marcus, “Combatting the Seen and Unseen.”
[18] Ghalia Kadiri, “In Addis Ababa, the headquarters of the African Union spied on by Beijing,” Le Monde, January 26, 2018,
https://www.lemonde.fr/afrique/article/2018/01/26/a-addis-abeba-le-siege-de-l-union-africaine-espionne-par-les-chinois_5247521_3212.html.
[19] Aziz El Yaakoubi, Yomna Ehab, and Jason Neely, Saudi Arabia signs MoU with China's Huawei -statement, Reuters, December 28, 2022, https://www.reuters.com/technology/saudi-arabia-signs-mou-with-chinas-huawei-statement-2022-12-08.
[20] Telecomreview.com, February 13, 2023, https://www.telecomreview.com/articles/reports-and-coverage/6777-can-jordan-afford-to-rip-and-replace-chinese-equipment-amid-5g-rollout
[21] Congress.gov, “S.Hrg. 117-221 — Training the Department of State’s Workforce for 21st Century Diplomacy,” April 3, 2023, https://www.congress.gov/event/117th-congress/senate-event/LC68067/text.
[22] U.S. Department of Education, “You Belong in STEM,” https://www.ed.gov/stem.
[23]Information obtained by author on U.S. interagency research trip, March 27-31, 2023.
[24]Kristen Eichensehr, “The U.S. Needs a New International Strategy for Cyberspace,” Just Security, November 24, 2014, https://www.justsecurity.org/17729/time-u-s-international-strategy-cyberspace/.
[25] Tomaš Minárik, et al., “11th International Conference on Cyber Conflict: Silent Battle. Proceedings 2019” CCDCOE, June 2019, https://ccdcoe.org/uploads/2019/06/CyCon_2019_BOOK.pdf.
[26]Information obtained by author on U.S. interagency research trip, March 27-31, 2023.
[27]Discussion attended by author during U.S. interagency research trip, March 27-31, 2023.
[28] Bart Hogeveen, “The UN norms of responsible state behaviour in cyberspace,” Australian Strategic Policy Institute, February 2022, https://www.aspi.org.au/report/un-norms-responsible-state-behaviour-cyberspace.
[29] Hogeveen, “The UN norms.”
[30] Information obtained by author on U.S. interagency research trip, March 27-31, 2023.
[31] Harriet Moynihan, “The Application of International Law to State Cyberattacks,” Chatham House, December 2, 2019, https://www.chathamhouse.org/2019/12/application-international-law-state-cyberattacks/1-introduction.
[32] Information obtained by author on U.S. interagency research trip, March 27-31, 2023.
[33] Kristen Cordell, “The International Telecommunication Union: The Most Important UN Agency You Have Never Heard Of,” Center for Strategic and International Studies, December 14, 2020, https://www.csis.org/analysis/international-telecommunication-union-most-important-un-agency-you-have-never-heard.
[34] Melanie Hart and Jordan Link, “There Is a Solution to the Huawei Challenge,” The Center for American Progress, October 14, 2020, https://www.americanprogress.org/article/solution-huawei-challenge.
[35] Megan Stifel, “Maintaining U.S. Leadership on Internet Governance,” Council on Foreign Relations, February 21, 2017, https://www.cfr.org/report/maintaining-U.S.-leadership-internet-governance.
[36] Ling, “The Election That Saved the Internet From Russia and China.”
[37] The White House, “U.S.-EU Joint Statement of the Trade and Technology Council,” December 5, 2022, https://www.whitehouse.gov/briefing-room/statements-releases/2022/12/05/u-s-eu-joint-statement-of-the-trade-and-technology-council.
[38] Megan Stifel “Maintaining U.S. Leadership on Internet Governance.”
[39] Ling Zhu, “A Revisit of the Domain Name System After Russia’s Invasion of Ukraine,” Congressional Research Service, March 23, 2022, https://crsreports.congress.gov/product/pdf/IN/IN11898.
[40] Dina Temple-Raston, “Exclusive: Rounding up a cyberposse for Ukraine,” The World, December 2, 2022, https://theworld.org/stories/2022-12-02/exclusive-rounding-cyberposse-ukraine.
[41] U.S. Department of State Bureau of Cyberspace and Digital Policy, “Key Topics,” https://www.state.gov/key-topics-bureau-of-cyberspace-and-digital-policy/#freedom
[42] The White House, Declaration for the Future of the Internet, April 2024, https://www.whitehouse.gov/wp-content/uploads/2022/04/Declaration-for-the-Future-for-the-Internet_Launch-Event-Signing-Version_FINAL.pdf.
[43] Makada Henry-Nickie, Kwadwo Frimpong, and Hao Sun, “Trends in the Information Technology Sector,” Brookings, March 29, 2019, https://www.brookings.edu/research/trends-in-the-information-technology-sector.
[44] Pieter Haeck, “The Netherlands to block export of advanced chips printers to China,” Politico, March 8, 2023, https://www.politico.eu/article/netherlands-impose-restrictions-chips-export-to-china-asml.
[45] The White House, “FACT SHEET: CHIPS and Science Act Will Lower Costs, Create Jobs, Strengthen Supply Chains, and Counter China,” August 9, 2022, https://www.whitehouse.gov/briefing-room/statements-releases/2022/08/09/fact-sheet-chips-and-science-act-will-lower-costs-create-jobs-strengthen-supply-chains-and-counter-china; and Ina Fried, “U.S. to spend $1.5 billion to jumpstart alternatives to Huawei,” Axios, December 7, 2022, https://www.axios.com/2022/12/07/huawei-alternatives-5g-cellural-equipment-oran.
[46] U.S. Department of Commerce, “Commerce Department Launches CHIPS.gov for CHIPS Program Implementation,” August 25, 2022, https://www.commerce.gov/news/press-releases/2022/08/commerce-department-launches-chipsgov-chips-program-implementation.
[47] U.S. Department of Commerce, “Commerce Implements New Export Controls on Advanced Computing and Semiconductor Manufacturing Items to the People’s Republic of China (PRC),” Bureau of Industry and Security, October 7, 2022, https://www.bis.doc.gov/index.php/documents/about-bis/newsroom/press-releases/3158-2022-10-07-bis-press-release-advanced-computing-and-semiconductor-manufacturing-controls-final/file.
[48] Office of the U.S. Trade Representative, “Fact Sheet: U.S.-EU Trade and Technology Council Advances Concrete Action on Transatlantic Cooperation,” December 2022, https://ustr.gov/about-us/policy-offices/press-office/fact-sheets/2022/december/fact-sheet-us-eu-trade-and-technology-council-advances-concrete-action-transatlantic-cooperation.
[49] Rob Schmitz, “Germany moves toward restrictions on Huawei, as Europe sours on China,” NPR, March 8, 2023, https://www.npr.org/2023/03/08/1154315168/germany-china-huawei-restrictions.
[50]Anja Manuel, “How to Win the Technology Race with China,” Stanford University, June 18, 2019, https://fsi.stanford.edu/news/how-win-technology-race-china.
[51] Office of the Director of National Intelligence, “2023 Annual Threat Assessment of the U.S. Intelligence Community,” February 6, 2023 https://www.dni.gov/files/ODNI/documents/assessments/ATA-2023-Unclassified-Report.pdf.
[52] Ann Mei Chang “Foreign Assistance in the Digital Age,” Brookings, February 1, 2016, https://www.brookings.edu/wp-content/uploads/2016/07/ChangForeignAssistanceintheDigitalAge.pdf
[53] U.S. International Development Finance Corporation, “Overview,” https://www.dfc.gov/who-we-are/overview.
[54] U.S. International Development Finance Corporation, https://www.dfc.gov/who-we-are.
[55] Shahbaz, “2022 Freedom on the Net.”