Castells and the Global Cybersecurity Heuristic
The current storm about cybersecurity in the US has rightly been the subject of some skepticism, not least from yours truly, but it’s worth remembering that there is a world beyond the US. This week, the UN announced its intentions to dig deep and do something about terrorist use of the internet, and yesterday South Korea seems to have leaked its intentions to host a UN cybersecurity agency. Last October, the UN announced it would attempt to ban global first cyber strikes by the end of 2010, and they may have had a hand in US-Russia cyber talks. Interestingly, the UK’s Office of Cyber Security seems to take a pretty dim view of the utility of such talks, or of any agreements that might come out of them. I suspect they’re right.
All this put me in mind of the following lengthy quote from Manuel Castells’ excellent Communication Power (OUP, 2009, p.115). Castells has just expressed his frustrations with the UN’s attempts to address global internet governance, and stem from his involvement in these discussions over the last decade. I’ve split what are two long paragraphs into more digestible chunks:
I came to the conviction (leading, of course, to my withdrawal from all these bodies, including those relating to the United Nations) that the fundamental concern of most governments is to establish regulations to control the Internet and find mechanisms to enforce this control in the traditional terms of law and order.
Regardless of my personal feelings about such a policy (I am against it), there are serious reasons to doubt the effectiveness of the proposed controls when they are not directed toward specific corporations or organizations but at the user community at large (unless there is a generalized attack on Internet service providers that would cripple the entire Internet communication system—never say never).
Yet this is an unlikely hypothesis given the extent of business interests already invested in the Internet and the widespread support that the Internet enjoys amongst most of the 1.4 billion users for whom it has become the communication fabric of their lives. Therefore, the regulation of the Internet has shifted its focus from the Internet itself to specific instances of censorship and repression by government bureacracies, and to the privatization of the global communication infrastructure that supports Internet traffic.
So, in spite of regulation, the Internet thrives as the local/global, multimodal communication medium of our age. But it submits, as everything else in our world, to relentless pressure from two essential sources of domination that still loom over our existence: capital and the state.
Castells goes on to explain that capital trumps state in this communications environment, and has facilitated the ‘global diffusion of new forms of communication’, including his concept of ‘mass self-communication’ (which is what I’m doing right now). He finishes the passage by suggesting that the result of ‘the yielding of the state to the interests of capital leads to the rise of a new form of communication that may increase the power of citizens over both capital and the state.’
Surely, this is where we’re at now, right? Is this actually what’s driving the current stampede to enfold ‘cybersecurity’ within government, rather than entrusting it to producers and consumers as the free market would mostly do? Has the beast has been unleashed by communications deregulation and re-regulation over the last twenty years, and governments are now wondering what the hell they’ve done? Branding computer and network security as national security may well be just a discursive ploy, and internationalising action on this problem is looking like some weird universal heuristic for reconfiguring global flows of capital and political power.
I described Castells to someone the other day as ‘an enlightened Marxist’, and I guess he has more of a structural take on global networks than I do. However, the explosive rise of ‘cybersecurity’ in the global political imagination has to be explained somehow, and Castells seems as good a place as any to start.
Governments, and in particular the factotums who run them, are all-consumed with the principle of control. Whether through media spend or regulatory construct, Government today is a self-replicating virus-like organism. That which it can’t control it consumes.
I’m not sure government’s the only game in town, though. Nor that governments are nearly as ‘viral’ as you think they are, or that they might like to be.
Read my missives. China will FORCE the UN to relocate in Beijing. Follow us on http://www.twitter.com/China70sChild
With the emerging potential for serious organised conflict (whether state or non-state/criminal) in the cyber domain, would it not be negligent if the UN and other bodies did not even make an attempt to establish some kind of framework of understanding or best conduct for the coming years? Its good to be sceptical because every new problem is a wonderful opportunity for foul play and system-rigging, but the art of ‘cyberwar’ and the tech are still in their infancy, so any attempt by the UN at this stage, or anyone else, is necessarily going to be clumsy and inefficient, even laughable, at least to start with. The point is you have to start somewhere. We all recognise that cyberworld is not going to be that utopian unregulated wild-west of ideas and interactions, free of real world neurosese, that was once imagined. It is pointed out repeatedly that the old models of control that states wish to apply to the digital domain are likely to be either ineffectual or downright counter-productive, and i couldn’t agree more, but has anyone established a workable alternative? Or even a theoretical alternative? A policy of laissez-faire in itself will not be a solution to the emerging problems. Am i missing a critical component of the debate here?
No, you’re not missing much. The point that Castells would make is precisely the one you do: that regulatory models are “likely to be either ineffectual or downright counter-productive”. His view is that the reasons for the UN attempting to regulate in this area are fuelled by states’ desire to perpetuate a Westphalian approach to the internet, rather than actually trying to find a new model that works for citizens as well as governments, in an environment that isn’t really receptive to traditional forms of governance. Asking “in whose interests is global cybersecurity working?” is a valid question, to which we don’t really have an answer. At the moment, vocal critics tend (and this is a generalisation) to fall into either the ‘(inter)national security’ camp, or the land of the tinfoil hat.
Given that it has yet to be satisfactorily established whether cybersecurity is even really a security issue, in the way it is being presented politically at least, it’s a bit of a stretch to extend this concept globally. Note that discussions of cybersecurity have a terrible tendency to argue quite reasonably for a while that there are real security-related concerns (and there are) but then to wind up somewhere in “if we don’t do this, the terrorists will win” scenarios. I’m not sure this is particularly useful.
I don’t think anyone’s being “laissez-faire” about this. I’m not either. But I do wonder at the discursive levers that are being pulled, and the reasons for that. There is a big difference between repeatedly invoking national security, and championing consumer confidence, or commercial innovation, or whatever. The truth is, because ‘cyberspace’ is rather more than just a domain for warfighting, or profit-making, or surfing for porn, or arguing about soap operas, providing ‘security’ is an incredibly dense and complex challenge. Attempts to regulate this on a global scale are, as you say, going to be necessarily experimental. It is right, though, to question what are the drivers of this regulation.
Understood. I suppose if the process of regulation (its formation and its application) is constantly under global scrutiny there is a chance that vested interests will not get their way every time. Give em hell.
Hehe. That’s precisely it. I think your original comment was spot on when you said that regulation of some kind is inevitable – it is. It’s interesting that even now a lot of people kind of assume that the internet is not regulated. A lot of different components and processes make up this thing we call the internet, and many of those are heavily regulated, and have been for years. A lot of analysis actually shows that some forms of regulation (which ebbs and flows, of course) have actually been very beneficial, others not so. It’s not an on or off proposition. What is changing at the moment is the relationship between this communications environment and the concept of security; this is not a black or white proposition either. In fact, it is likely to remain unresolved, possibly for ever. I do think that there are many government actors who genuinely understand this, and are well-motivated to manage change as constructively as possible. Unfortunately, there are others for whom regulation in its many forms offers opportunities for serving a very narrow range of interests. ‘Twas ever thus, of course, and this is what must be held to account, and resisted if necessary.