Both partners should utilise existing diplomatic channels to enhance mutual security and cooperation
This article is part of the series—Raisina Edit 2023.
The European Union (EU) and India find themselves confronted with increasingly similar sets of cybersecurity challenges. Firstly, both partners are confronted with a neighbouring state that uses sophisticated cyberattacks to underline geopolitical aspirations. Secondly, the EU and India both embrace the concept of a global and interconnected Internet and reject country-firewalls shielding their societies from everything external. Finally, while cyberspace remains the most unregulated domain in international law, both partners want to be shapers of global rules. As a result, cybersecurity depicts a pivotal area for the EU and India to enhance their strategic partnership.
< style="color: #0069a6;">The EU and India both embrace the concept of a global and interconnected Internet and reject country-firewalls shielding their societies from everything external.
Since cybersecurity had first been mentioned as a subject of bilateral discussions at the 4th India-EU Summit in 2003, bilateral platforms and legal frameworks have been created that would allow more EU-India cooperation on Information and Communication Technologies (ICTs). Notwithstanding the economic and geopolitical gravitational forces, bilateral cybersecurity collaboration remains at a nascent stage. A recent analysis by the Observer Research Foundation and EWISA has pointed to the top cybersecurity priorities that both partners currently seek to address. They agree that capacity building, confidence-building measures as well as convergence over global norms and standards are relevant to advance the EU-India cybersecurity partnership. Taking into consideration not only previously identified areas of cooperation but also building on newly emerging political opportunities, this commentary focuses on the key institutional and legal frameworks that can be the basis for increasing mutual trust and confidence. The following two examples suggest that existing institutional and legal mechanisms are well suited to leverage the strategic partnership beyond its bilateral scope of action.
During the opening of the Raisina Dialogue 2022, Indian Prime Minister Narendra Modi and EU Commission President Ursula von der Leyen jointly announced the creation of the EU-India Trade and Technology Council (TTC). In February of this year, both partners announced that the TTC will have three working groups. Cybersecurity cooperation will be discussed in the first working group on strategic technologies, digital governance and digital connectivity.
< style="color: #0069a6;">The TTC would be a suitable place to coordinate potential bilateral convergences on an open, free, and secure Internet.
One opportunity that should come out of the TTC is that the EU and India can use the platform to coordinate their positions regarding peaceful norms for cyberspace. As both the EU and India are members of the (CRI), bilateral conversations on the future roadmap could facilitate the entire initiative’s progress. Both parties are further working within the United Nations (UN) and the Open-Ended Working Group (OEWG) and Group of Governmental Experts (GGE) on responsible State behaviour in cyberspace in the context of international security. The TTC would be a suitable place to coordinate potential bilateral convergences on an open, free, and secure Internet. The UN Secretary General’s mission to establish a A closer coordination between the EU and India could inspect perspectives on how democratic norms and values matter in the context of international cybersecurity. Another major concern for both partners is to increase the resilience of both digital economies. Most importantly, India and the EU must recognise each other as responsible cyber-actors. This requires a detailed roadmap that indicates norms and standards for the public- and private sector. The TTC has thereby an opportunity to specify the expectations that both partners have regarding trusted geographies by agreeing on requirements for privacy, cross-border data flows, and open-code technologies. The TTC can be an important factor in reducing any dependence on technology from Russia. Until the beginning of the war in Ukraine, different private and public sector-led initiatives between India and Russia fostered new and enhanced cooperation in 6G technology development, robotics, Artificial Intelligence, and telecommunications. The Indian government realises that its oldest strategic partner will not be able to deliver on these demands and that new partners are required to fill the gap. The EU and India should seek to identify areas in which Russia’s war in Ukraine and global supply chain problems allow a window of opportunity for joint research and development, educational institution partnerships, and private sector collaboration.
< style="color: #0069a6;">The EU and India should seek to identify areas in which Russia’s war in Ukraine and global supply chain problems allow a window of opportunity for joint research and development, educational institution partnerships, and private sector collaboration.
Lastly, a key to the success of cybersecurity cooperation within the TTC is to structurally include stakeholders from the private sector, civil society, and research institutions. Initiatives such as the Data Security Council of India in India and the CyberPeace Institute in the EU have been essential in enriching domestic digital debates. Involving non-governmental stakeholders will help to immediately direct the debate to the issues that matter for businesses and civil society.
For the last 20 years, the Budapest Convention for Cybercrime has remained the only international treaty suggesting how to jointly address cybercrime challenges. Originally crafted by Council of Europe countries and some of its closest partners, the Budapest Convention today features 68 parties from all world regions and with varying cybercrime threat landscapes such as Argentina, Ghana, and Sri Lanka. During Prime Minister Modi’s first term, India’s accession to the Budapest Convention was often discussed in New Delhi with growing support amongst government representatives of the national security establishment. The joining of South Africa and Brazil in recent years has further opened a new incentive for India to join. In earlier years, the BRICS countries’ concerted reservations vis-à-vis the Budapest Convention had been a hurdle for serious considerations. With India’s diplomatic aspirations to shape international norm- and rule-building processes proactively, becoming a party to the Budapest Convention appears useful.
< style="color: #0069a6;">A key to the success of cybersecurity cooperation within the TTC is to structurally include stakeholders from the private sector, civil society, and research institutions.
For EU-India relations, New Delhi’s accession would allow both partners to leverage their mutual learning experiences. Most importantly, collaboration through the Budapest Convention and its protocols will allow a better understanding of shared interests regarding current efforts to build a UN-led convention on cybercrime. Secondly, with India as a party, the Budapest Convention itself would receive further legitimacy. India’s accession would provide both the EU and India the chance to introduce a new dialogue on the norms and practices that both partners imagine for the future of the international struggle against cybercrime.
To unleash the potential of the EU-India strategic partnership, the TTC and the Budapest Convention offer useful pathways for the domain of cybersecurity. For both partners to mobilise enough political will, it is important that they realise the geopolitical and economic value of strong cyber partnerships in geopolitically unstable times. As such, the EU-India cybersecurity partnership may not only strengthen bilateral relations but further expand both partners’ political footprint in plurilateral and multilateral fora.
< style="color: #0069a6;">India’s accession would provide both the EU and India the chance to introduce a new dialogue on the norms and practices that both partners imagine for the future of the international struggle against cybercrime.
If approached comprehensively and through the right international channels, cybersecurity cooperation can go beyond jointly improving national security interests. It can be a diplomatic tool to build trust, foster technological cooperation, and strengthen the digital resilience of the EU’s and India’s societies.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
Tobias (he/him) is a PhD Candidate in International Relations at King's College London and National University of Singapore. Before joining King's Tobias studied political science ...
Read More +
PREV
