Expert Speak Digital Frontiers
Published on Jul 05, 2022 Updated 13 Days ago
The rise of extraterritorial ISPs indicates that the great power politics has also slowly permeated into this realm.”
The rise of the extraterritorial ISPS The internet is a fairly new phenomenon in human history. In only a couple of decades, the medium has now become an integral part of contemporary life for millions across the globe. The network has altered interactions between businesses, individuals, and governments. Though conceived primarily as a force for “democracy” and “liberalism,”, it has become the medium that has also been leveraged by many parties to enact objectives contrary to the founding vision of the internet. The notion of a ‘Surveillance State’ traces its origin to an era much before the conception of the internet; this concept was first floated by the famous author, George Orwell. In the modern era, the lines between surveillance, espionage, warfare and plain-old business have blurred. Data is now seen as a resource. Data is leveraged for a host of purposes; these include advertising, political campaigning, and enacting cross-border surveillance. Such data can also be “weaponised” by certain states to impose their political will on unsuspecting adversaries. Such had been the case in the numerous election interference efforts, such as in Taiwan, the United States (US) and Europe. This is no longer merely limited to election interference. The notion of ‘Cognitive Warfare’ has begun to emerge in the National Security strategies of various states. The objective of such warfare is to “twist the subject’s social ideologies, mentality, and the sense of law-and-order through cyber infiltrations and manipulation of mentality and public opinions. "This is leading to states attempting to institute “global data-collection ecosystem(s).”

The objective of such warfare is to “twist the subject’s social ideologies, mentality, and the sense of law-and-order through cyber infiltrations and manipulation of mentality and public opinions.

With the rise in digital technology, surveillance metamorphosed into mass surveillance. Internet Service Providers (ISPs) have long been used by the US government to execute such surveillance. This was fairly evident in the Snowden leaks from the last decade. The ability of ISPs to collect user data, carry out tracking, and surprisingly, even deliver malware to their unsuspecting users is well documented. A 2021 report by the US Federal Trade Commission notes that ISPs have the ability to collect voluminous and “highly-granular” user data, providing them with the ability to track user activity across websites and devices, whilst building detailed “behavioural profiles” of users. The Electronic Frontier Foundation (EFF) notes that ISPs have the ability to, and have in fact in the past engaged in practices such as “hijacking” user searches, and inserting “undetectable, undeletable tracking cookies” in all unencrypted network traffic. In the context of rising geopolitical tensions between the US and the People’s Republic of China (PRC), technology, especially digital technology has played a key role. PRC’s apps and network infrastructure were banned by countries like India and the US a few years ago, citing national security concerns. It was argued that such services and products engaged in massive user data collection, in addition to imposing the PRC’s censorship diktats on a global scale. In a similar light, the PRC also banned any remnants of US tech services within its borders, citing similar concerns.

Strategic use of ISPs

This conflict may now be extending to the realm of ISPs. PRC-owned ISPs had begun operating in the US in recent years. However, with the rise in tensions between the two powers, the US banned China Mobile from operating in the US in 2019. A similar fate was met by PRC-owned China Telecom Americas in October 2021. Such a ban was also extended to China Unicom America. A significant factor motivating these decisions was that PRC-owned ISPs are subject to the National Intelligence Law (NIL). The NIL legally obligates PRC companies to assist PRC authorities in intelligence work overseas. This is in conjunction with other requirements mandating data sharing with the PRC government.

PRC’s apps and network infrastructure were banned by countries like India and the US a few years ago, citing national security concerns.

Similar measures are also taken by the US. For instance, partners of the PRISM programme of the NSA similarly share global user data with the US government. This occurs without a judicial mandate in the case of non-US persons. Akin to the data-sharing mandates of the PRC, the US has the instrument of the National Security Letters. These can and have been used to compel companies storing user data within the borders of the US to share it with the US government. In recent times, this conflict has also escalated beyond the terrestrial realm. The rise of satellite-based broadband has meant that both ISPs providing such services can now cater to populations at great distances outside their borders. Private low-Earth-orbit (LEO) 5G satellite mesh constellations such as “Galaxy Space” and “GW”, with plans to develop 140 and 13,000 satellites respectively, are joining their state-owned counterparts such as “the Hongyun Project” and the “Hongyan,” both sporting near 150 LEO satellites each in orbit. Such an offering provides the US and the PRC with great Reflexivity beyond their borders. In essence, this means that US and PRC companies serve as ISPs in foreign states. This would provide them with the ability to undertake mass surveillance in regions where they previously had no method of conducting the same. The situation is exacerbated by the fact that these ISPs would be regulated by the laws of their country of origin and not their country of operations.

Such ISPs would be capable of global mass surveillance, whilst also bypassing country-level restrictions vis-a-vis content blocking, user surveillance and data collection, and, delivery of malware.

What this means is that such companies would be bound by all laws which facilitate surveillance and state cooperation. Such ISPs would be capable of global mass surveillance, whilst also bypassing country-level restrictions vis-a-vis content blocking, user surveillance and data collection, and, delivery of malware. This makes companies incredible important national security assets. The ability that such extraterritorial ISPs provide their governments is unparalleled from the perspective of offensive security. Subscriber countries have only the option to either allow their operations in their jurisdiction or to block them completely. Global norms and regulations for satellite broadband providers are needed at some stage. However, it cannot be denied that this is a new arena for strategic competition. States with any global ambitions are deploying their offerings in this sphere. If India aims for superpower status, a homegrown extraterritorial ISP is crucial. Private Indian entities have been offering ISP services in the terrestrial domain. Some others have commenced efforts to offer ISP services through the satellite medium. However, the mere presence of an indigenously developed extraterritorial ISP is akin to the “Smiling Buddha” nuclear tests of the 1970s. It proves that India has the capability to develop an offering in this arena. However, India cannot possibly leverage it without a satellite equivalent of “Operation Shakti”. The 1998 nuclear tests definitively demonstrated India’s weaponised nuclear capabilities. The “Operation Shakti” in this case would be legislation or policy akin to those developed by the US or the PRC to leverage such private-sector offerings for national security purposes.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.