The User, the Superuser, and the Regulator: Functional Separation of Powers and the Plurality of the State in Cyber
70 Pages Posted: 27 Apr 2021
Date Written: December 30, 2020
Beyond a shared understanding that regulating cyber is complex, the role the state plays in this domain has thus far eluded systemic analysis. This Article addresses this gap by offering a working definition of “cyber” and proceeds unearthing the polycentric roles and functions performed by various state organs in relation to digital-to-digital defense, offense, and surveillance. More specifically, the Article details the institutional matrix within which the state operates in cyber, and then sheds an innovative light on the potential tensions between the state in its capacity as a user, a “superuser,” and a regulator. As users of networked products and services, public entities depend on the developers and providers of such products and services, just like any other user. As a superuser, the state belongs to an exclusive club of a handful of entities that have the capacity to act in cyber in a manner that affects many, if not all, other players by engaging in offense, defense, and surveillance on a large scale and at high intensity. The regulatory capacity of the state is not only dispersed among multitude of agencies and faces challenges by the domestic and transnational industry, but is also confronted with the conflicting demands of users (including public users), seeking protection and a stable environment for innovation, and superusers (including state-run superusers), seeking exemptions in return for cooperation with the regulatory agenda and a commitment to maintain a qualitative edge vis-à-vis adversaries. The Article concludes by offering a preliminary set of recommendations designed to address these tensions.
Keywords: Cyber, separation of power, state, the role of the state, cyber offence, cyber defense, cyber conflict
JEL Classification: K00, K10, K20, K30, K40, K49
Suggested Citation: Suggested Citation