Originally Published 2016-04-30 05:36:18 Published on Apr 30, 2016
Internet security: India’s quest for data localisation

Cyber-statecraft is customary, but an impinging wilful act to ‘balkanise the internet’ will show the way to war, not peace. Entire discourse of cyber-balkanisation can be distinguished in two school of thoughts - security driven school and business driven school.

The ‘security-driven school’ basically argues in favour of national security which has assumed prominence in the Post-Snowden era. Business-driven school is the old school that advocates for the splinter (net).  Presumably, in 2001 Cato Institute researcher Clyde Wayne Crews used the term in his commentary ‘One Internet is not enough’. Whatever, shape would be, but balkanisation of internet has larger security implications.

It took centuries to create frontier, but in a matter of few decades, internet connected human smiles beyond the terrestrial bondage. Real world is undergoing a critical phrase by reordering the ‘land of cyberspace’. Does the virtual world really need a regulation that is steeped in a rather dated reality of inviolable sovereign space?

More the nation-states try to colonise the internet, more would the threat of cyber warfare unfold. They can strengthen their terrestrial laws on privacy and national security without infringing on the benefits that accrue from a global access to something that is essentially very transcendental in its nature- the internet.

‘You’re in the great game now. And the great game is terrifying’, the most awaited Game of Thrones Season Six, will decide the fate of Jon Snow. On other hand, global policy makers have been keeping a bird-eye-view on the outcome of IANA-Transition. What would be the future of the multi-stakeholder governance model? Will the US oversight of ICANN reach its end? Or its counter-construct will play a dubious role?

These are some critical questions which have no answer yet. On the sideline, the surging demand for balkanisation of global internet is also a concern for the many cyber-wonks. China has created ‘the wall’ to induct a Chinese way of ‘night watch’. Few others also follow the same path like the Iranian net, North Korean net.

Nonetheless, would cyber sovereignty solve the purpose? If nation-states are ready to face the winter, then splinter (net) is the internet of future. The ‘winter of cyber–warfare’, to use the language of the famous TV show, Game of Thrones, is coming and it will hit hard and fast. It will affect both government and private sectors, which will then have to cooperate for ensuring access to secure and safe internet rather giving advocacy for Splinter (net). Nation-states will cooperate if their interest converges with others, but the same does not apply with the ‘white walkers’ (terrorist organisations). Governments should not treat private stakeholder as wildlings creeping on the wall.

Google’s executive chairman Eric Schmidt in his book ‘The New Digital Age’ underlined that “the internet is among the few things humans have built that they don’t truly understand”. These less than 140 charters significantly emphasised the fact of present digital life. Nearly a quarter century ago, internet was designed for cutting edge individuals, professionals and academia in select nations and those alone.

A Professor in Security Studies form the War Studies of King’s College London, Thomas Rid in 2013 claimed that the ‘cyber war will not take place’. His entire analogy is based on the theoretical assumptions of conventional warfare. The book robustly negates the notion of cyber warfare. Whereas the Chatham House Report in 2010 on cyber warfare reads as “warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation. However, the ways and means of cyber warfare remain undeniably from these other modes of conflict”.

In particular, concerns have grown about surveillance, privacy, and potential disabling attacks on areas of critical information infrastructure. Few months back, the founder and executive chairman of World Economic Forum, Mr. Klaus Schwab remarked that the world is experiencing the Fourth Industrial Revolution. This is a revolution of networks, platforms, people, and digital technology that is “blurring the lines between physical, digital and biological spheres.”

Earlier this year, international media had reported that the US is waging cyber war on Islamic State. An instance from those reports has underlined that the Pentagon is building 133 cyber warrior squads by 2018. Not surprisingly, those teams will be distributed to enhance cyber offensive and defensive apparatuses of the US. Various open source analyses have suggested that out of 133 teams, 27 are designed for combat and will work with regional commands to support fighting operations, 68 teams assigned to defend Defence Department networks and systems, 13 would respond to major cyberattacks against the US, and 25 support teams. A conservative assessment of this distribution has suggested that more than 80 per cent of cyber warriors of the US will be deployed in offensive or semi-offensive mode.

For the fiscal year 2017, the US government allocated USD 19 billion to support a broad-based cybersecurity strategy for securing the Government, enhancing the security of critical infrastructure and important technologies, investing in next-generation tools and workforce, and empowering Americans. On the other hand, the Chinese military modernisation and growing emphasis on cyber capabilities has ignited new debates in security domain.

This underlines the fact that if any nation wants to be secure, it should not hesitate to invest more in offensive mechanisms. The geopolitical interaction of the US and theoretical scholarships of the offensive realist also converge in same ground. It is better to die for strategic victory rather embraces a Pyrrhic victory. Obstinately, a strategic victory has long term advantage to the victor and destroys the ability of the enemy to wage a war. On the contrary, the Pyrrhic victory is winning a battle as expensive as losing a war.

Inaugurating ‘Digital India Week’, Prime Minister Narendra Modi pitched for ‘digital power’ in the country and also underlined the fact that the “clouds of a bloodless war are hovering over the world. The world is terrified by this... India has a big role to play in this”.

Military Balance 2016 published by the International Institute for Strategic Studies has underlined a hierarchy of cyber capabilities. Whereas US, Russia and China occupy particular strategic relevance due to their status as cyber, space and nuclear powers with all their escalatory potential in the cyber domain, India on the other hand, strategically has been advocating a distinct form of cyber diplomacy in all international forums for cyber security and internet governance.

‘Digital India’ is one of the flagship initiatives of the present government to connect India digitally. Which is why, Indian budget 2016 fundamentally focused on connectivity. According to media reports to strengthen the online monitoring and stop communal driven content in the social networking platform New Delhi had established National Media Analytics Centre. In contrary, privacy activist arguing that the NMAC is an offensive moves in many regards by the Indian government. There is lack of information about the functions of NMAC, but one can take a look at the British Facebook warriors to understand it.

On the other hand, Ministry of Home Affairs’ strengthen the voices for ‘data localisation’ also indicates New Delhi’s intentions in cyber affairs. India’s advocacy for the cyber security and Internet governance is firm and clear which does not subscribe to the theory of colonising the internet.  In the think tank domain, DSCI, IDSA and ORF have been making strong cases against cyber security apparatuses.

In his book Diplomacy, Kissinger underlines that ‘the Statesmen must act on assessments that cannot be proved at the time that he is making them; he will be judged by history on the basis of how wisely, he manages the inevitable change and, above all, by how well he preservers the peace’.

It is an obvious nature of cyberspace which maintains the anonymity of the cyber domain, which makes the attribution of an attack difficult - although arguably not impossible. The ‘place of nowhere’ has interlinked a man to each and every corner of the world. And provided enormous ability to deliver his (un)hidden capacities, power maximisation, economic growth, information gathering or wage a war against a man, community, society, state or corporate organisation.

Why Nations go to War, a classic literature of John G. Stoessinger on war studies reflects that the World War I had happened due to communication gap between the then European leaders. The World War II was the outcome of extreme form of nationalism and discriminating nature of the Treaty of Versailles in 1919. This digital world negates both the shortcomings of 20th century.

There is a fear looming large about what might happen if the political authority of state ends up creating sovereign internet and impose century rules that can result in cyber warfare. Data localisation may be a better option than balkanising internet at large. In this sense, India’s demand on data localisation is clear. Facebook, Twitter, Google and other service providers perhaps invest some energy on this. On the sideline, Indian private sector should come to the negotiating table to give some way forward. There are some economic implications to it, but for a country like India where threats emanate both internally and externally, data localisation would be a blessing in disguise.

This commentary originally appeared in the South Asia Monitor.

The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.