Asia Pacific Contributions to International Cyber Stability
Panorama, A Journal of the Konrad Adenauer Stiftung, Forthcoming
Posted: 12 Oct 2018
Date Written: August 10, 2018
This article examines the contribution of Asia Pacific states to a regime for international cyber stability, including promoting common views and implementation of norms of responsible state behaviour in cyberspace, CBMs and capacity building. It argues that it is important to persevere with ongoing endeavours at national and bilateral levels as well as among like-minded groupings, regional bodies, and informal mechanisms. Recognising, however, that this process will take time. This is particularly the case since more state actors and experts are now involved, differences about the very understanding of cybersecurity persist, and high geopolitical tensions are slowing progress.
Even though regional states are fully cognisant of their economic self-interest in cooperating, ongoing geopolitical tensions are detracting from the political willingness needed to make progress. Both globally and regionally, major power rivalry, rising nationalism as well as challenges to the rule of law and international human rights obligations are making it even more difficult to find common ground on state behaviour in cyberspace. Within the Asia region itself, countries vary in terms of cultural and political values, including different conceptual understandings of world order and cybersecurity. These dynamics will continue to impact international security cyber issues. Moreover, there is clear dissatisfaction with the current order and rising powers like China also have ambitions in order building, evidenced by states’ willingness to use cyber-enabled influence operations and engage in low-level activities without resorting to the use of military force and without fear of significant retaliation.
The article finds that, although it may lead to delays, it is better that more states in the region are becoming, and continue to become, involved in shaping the regional and global agenda. Several countries are continuing their efforts to create an international regime for cyber stability, and countries such as India and China can have a significant impact on the global ecosystem. Nevertheless, there is a developmental and digital divide, and several countries do not even consider cyber-related issues to be a national priority. Such diverse levels of cyber maturity can make international and regional cooperation more difficult. This is exacerbated by a situation whereby infrastructure needs, concerns about interference in internal affairs, geopolitical support and regime changes further impact the ability to make progress or forge consensus that is often needed in regional institutional mechanisms like ASEAN.
Moreover, global concerns about terrorism and fake news mean that regional states are also introducing initiatives to address their social stability and Internet control worries. Even where this has led to concerns about excessive (and illegitimate) content control, the ways in which the United States and European states are dealing with these problems as well as nationalism, hate speech, freedom of expression and anti-democratic sentiments are watched closely for examples of hypocrisy. Although many countries share similar social harmony concerns, the inattentiveness of the current United States administration to democracy and human rights is leaving a vacuum in the region. That said, this article finds that Internet sovereignty and information control differences will likely persist.
Numerous bilateral initiatives such as MOUs and like-minded efforts are helping to make progress where regional and international mechanisms like the GGE and ARF are sometimes ineffective by finding common ground, exchanging experience, and implementing norms that can extend to larger groups. Ideally, these efforts should aim to support global initiatives and avoid causing further fragmentation by creating ad-hoc approaches that undermine existing international institutions.
Given the importance of a strong regional security architecture for international and regional stability, continuing with the ARF and OSCE initiatives to build common understanding and implement cyber CBMs regionally is essential. As is the more recent push in ASEAN for better coordination and greater attention to norms, CBMs and capacity building, which should hopefully also contribute to international cyber stability. A lot of awareness raising has been conducted already, however, with fewer examples of concrete implementation of CBMs and meeting agreements. While these regional forums still have a long way to go, there is also room for more cross-regional exchange of good practices. This can help to avoid a situation where regional bodies evolve in very different directions and thus add more uncertainty and instability (although interregional and bilateral initiatives may be hindered by incompatible state and regional views on issues such as internal stability). Lastly, informal diplomatic mechanisms and academic initiatives can continue to help make progress by examining ways to transition to the next phase of regional and international security discussions where formal international and regional mechanisms like the GGE and ARF sometimes stall.
Keywords: Asia Pacific, International Cyber Stability, Cyber Norms, Cyber CBMs, Cyber Capacity Building, ASEAN
Suggested Citation: Suggested Citation