Please note this event was originally scheduled on 13 June 2018 and has been postponed to 2 July 2018.

Technology companies, social media platforms and other internet intermediaries dominate the digital age, and harnessing data in algorithmic and artificial intelligence systems is widespread, from political campaigns to judicial sentencing.

The recent Facebook and Cambridge Analytica revelations provide a sharp illustration of the risks to human rights and democracy posed by data-mining and "platform capital".

These revelations have focused public and policy debate on two key issues. First, they raise questions of how accountability and remedies can be effectively achieved, particularly where companies close in the wake of such revelations. Second, key questions arise on what regulation should look like.

Facebook has pledged to respect privacy of its users better, but how effective is self-regulation? There has been heavy emphasis on the role that the EU General Data Protection Regulation (GDPR) can play to improve the protection of privacy and data protection, but will it be enough? What are the implications for international law - how can the established standards in human rights and data protection respond to these challenges?

This event, co-hosted with the ESRC, Human Rights, Big Data and Technology Project, will be followed by a drinks reception.

Read the meeting summary on the Human Rights, Big Data and Technology Project website. 

On 10 September, US National Security Advisor John Bolton used his first major speech since joining the White House to attack the International Criminal Court’s (ICC) potential investigation of American personnel in Afghanistan. The ‘American patriots’, as Bolton describes them, are being investigated for potential torture and ill-treatment of detainees, mostly in 2003 and 2004, during the United States-led invasion of the country.

Bolton has a long history of opposition to the ICC. Although the US signed the ICC Statute under president Bill Clinton, it was ‘unsigned’ by Bolton, then an under-secretary of state in the George W Bush administration.

And when the court first opened its doors in 2002, Bolton helped secure, in what he described on 10 September as one of his ‘proudest achievements’, around 100 bilateral agreements with other countries to prevent them from delivering US personnel to the ICC. Those agreements were often extracted under pressure, with the US threatening to cut off military and other aid to countries that refused to sign.

In recent years under the Obama administration, relations between the US and the ICC improved, and the US offered help and support to the court. Bolton’s attack is aimed at reversing those gains – with measures aimed directly at the court and its staff.

These include: (i) negotiating ‘even more binding, bilateral agreements to prohibit nations from surrendering US persons to the ICC’; (ii) banning ICC judges and prosecutors from entering the US, sanctioning their funds in the US financial system and prosecuting them in the US criminal courts (and doing the ‘same for any company or state that assists an ICC investigation of Americans’); and (iii) ‘taking note if any countries cooperate with ICC investigations of the United States and its allies, and remember[ing] that cooperation when setting US foreign assistance, military assistance and intelligence sharing levels’.

These are serious threats – they would potentially undermine the work of a court that is designed to prosecute the world’s worst crimes. The ICC prosecutor and its judges would be barred entry from the US to attend to vital work of the court.

Some of that work, ironically, is at the behest of the US. For instance, two of the UN Security Council’s referrals to the ICC, one in relation to atrocities committed in Sudan, the other in respect of the crimes committed by Muammar Gaddafi in Libya, were referred with US support. 

Also, the meetings of the ICC Assembly of States Parties are held each year at UN headquarters in New York. Those meetings may have to be held elsewhere if the ICC judges and staff are under threat of arrest.

In the case of the potential torture linked to operations in Afghanistan, the ICC has not been acting on its own initiative in investigating. For example, the Center for Constitutional Rights submitted ‘victim’s representations’ to the ICC on behalf of two of their clients, Sharqawi Al Hajj and Guled Hassan Duran, emphasizing the importance of an ICC investigation of US officials for serious crimes arising out of post-9/11 detention and interrogations.

According to the center, both Al Hajj and Duran were detained by the CIA in black sites or 'proxy-detention' by other countries, tormented and tortured.

Although the US is not a party to the ICC Statute, Afghanistan is, and therefore the court has jurisdiction over US nationals who allegedly committed atrocities in Afghanistan. And it should be noted that the investigation includes pursuing any atrocities committed by the Taliban and Afghan security forces during the same period.

So the basis for attacking the work of the ICC based on this is shaky, and Bolton’s threats raise a number of important international law questions going forward. 

For one, they may be unlawful retaliatory steps, given that the US has obligations to accord at least some privileges and immunities to judges and other personnel of the ICC under the 1947 UN Headquarters Agreement between the UN and US. Counter-measures might be considered by member states of the ICC, either alone, or collectively. 

In this regard, Bolton’s comments about the EU will not go unnoticed: he suggests Europe is a region where ‘the global governance dogma is strong’. The US may yet come to learn just how strong that ‘dogma’ is.

With US abstention from the ICC, the opening remains for Europe and other regions to position themselves at the heart of the international criminal justice regime, thereby – as in response to the US attitude towards climate change – building a network of partnerships with other like-minded nations to compensate for US disengagement.

Further, while the ICC has many critics, and could be improved as an institution, Bolton’s speech may have the effect of galvanizing support for the world’s first permanent international criminal court. That could be a good thing for the court, which is sorely in need of support for its work.

Whatever concerns states may have about the ICC, they may be outweighed by a mutual desire to stand up to perceived bullying by the Trump administration, in favour of the international rule of law. 

The rapid growth in the Asia-Pacific’s economic and political power has significant implications for global governance. Asia-Pacific countries such as Japan, India and China – and regional bodies such as ASEAN – are increasingly informing, influencing and seeking to shape international standards and norms.

This conference will bring together international law and policy experts to explore the political and legal dynamics affecting economic relations, security challenges and maritime governance in the region.

Given security and prosperity challenges within the region as well as the increasingly complex environment for global governance, to what extent is international law operating as a tool of cooperation in the Asia-Pacific? In which areas is it a source of friction?

And what are the broader implications for global governance including the development of international law?

The idea that trade agreements should be subject to human rights impact assessment has been gathering momentum in recent years. This idea springs from concern – particularly on the part of trade unions and civil society organizations – that states are not presently doing enough to anticipate and address the human rights-related issues that arise from their trading arrangements with other countries.

This meeting will coincide with the launch of a research paper on human rights impact assessment by Dr Jennifer Zerk. It will bring together experts from law, trade policy, human rights impact assessment practice and civil society to take stock of progress so far and consider the future prospects for human rights impact assessment as a risk-analysis and policymaking tool in the trade context.  

The meeting will explore the key risks and benefits of the human rights impact assessment of trade agreements. What legal, political and practical challenges have been encountered so far? In what ways could communication, stakeholder consultation and follow-up of findings be improved? And what is needed to build political and stakeholder support for these kinds of processes?  

This meeting will be followed by a reception. 

In a decade as UN Secretary-General, Kofi Annan championed a vision of global governance anchored in shared responsibility and the rights and dignity of the individual.

Confronted with multiple global crises that raised questions about the UN’s purpose, Annan pressed for human rights and development to be at the centre of international efforts and sought to broaden participation in shaping and delivering solutions to global challenges.

As the UN’s 75th anniversary approaches, this conference will explore Annan’s legacy for the future of global governance.

Questions include the appropriate response to high-profile and ongoing failures to prevent human rights atrocities and protect victims of conflict, the impact of technology on democracy, lessons from the Millennium Development Goals for the Sustainable Development Goals and ways to meaningfully involve civil society, businesses and individuals in addressing global challenges.

The conference will bring together key figures involved in Annan’s initiatives with actors currently engaged in conflict prevention, humanitarian action, human rights and development to identify lessons and generate forward-looking recommendations.

This conference is being held as part of a series, including a public event hosted by UNA-UK at Central Hall in Westminster, exploring Kofi Annan's legacy.

This initiative is generously supported by the Bill & Melinda Gates Foundation and Open Society Foundations and enjoys the cooperation of the Kofi Annan Foundation.

About the Conference

In the run-up to the UN’s 75th anniversary and almost a year after his death, Chatham House and the United Nations Association – UK (UNA-UK) held a two-day conference to explore Kofi Annan’s legacy in the context of the current period of global uncertainty.

The ‘Our Shared Humanity’ conference brought together a global and diverse group of individualsworking on peace and security, human rights and development issues to:

• Reflect critically on Annan’s record, and capture lessons learned from his tenure as UN secretary-general, and his later work as a mediator and elder statesperson; and
• Generate recommendations for current policymakers and influencers.

This paper summarizes key points raised during each session of the conference, and presents the substantive recommendations that emerged from the discussion.

In order to bring the conference themes to a wider audience, UNA-UK held a public event on the eve of the first day of the conference at Central Hall Westminster – where the UN had held its first ever meetings in 1946 – with speakers including Nane Annan, Sherrie Westin (president of global impact and philanthropy, Sesame Workshop), Amina Mohammed (current UN deputy secretary-general) and Mary Robinson (chair of The Elders and former UN High Commissioner for Human Rights).
 

International law applies to cyber operations – but views differ on exactly how. Does state-sponsored interference in another state's affairs using cyber means – for example,  disinformation campaigns in elections, disabling government websites, or disrupting transport systems – breach international law? If so, on what basis and how are the principles of sovereignty and non-intervention relevant? States are increasingly attributing cyber operations to other states and engaging in the debate on how international law applies, including circumstances that would justify countermeasures.

As states meet to debate these issues at the UN, the panel will explore how international law regulates cyberoperations by states, consider the prospects of progress at the UN, and assess the value of other initiatives.

This event coincides with the launch of a Chatham House research paper which analyses how the principles of sovereignty and intervention apply in the context of cyberoperations, and considers a way forward for agreeing a common understanding of cyber norms.

This event will bring together a broad group of actors, including policymakers, the private sector, legal experts and civil society, and will be followed by a drinks reception.

Summary

• The vast majority of state-to-state cyberattacks consist of persistent, low-level intrusions that take place below the threshold of use of force. International law, including the principle of non-intervention in another state’s internal affairs and the principle of sovereignty, applies to these cyber operations.
• It is not clear whether any unauthorized cyber intrusion would violate the target state’s sovereignty, or whether there is a threshold in operation. While some would like to set limits by reference to effects of the cyber activity, at this time such limits are not reflected in customary international law. The assessment of whether sovereignty has been violated therefore has to be made on a case by case basis, if no other more specific rules of international law apply.
• In due course, further state practice and opinio iuris may give rise to an emerging cyber-specific understanding of sovereignty, just as specific rules deriving from the sovereignty principle have crystallized in other areas of international law.
• Before a principle of due diligence can be invoked in the cyber context, further work is needed by states to agree upon rules as to what might be expected of a state in this context.
• The principle of non-intervention applies to a state’s cyber operations as it does to other state activities. It consists of coercive behaviour by one state that deprives the target state of its free will in relation to the exercise of its sovereign functions in order to compel an outcome in, or conduct with respect to, a matter reserved to the target state.
• In practice, activities that contravene the non-intervention principle and activities that violates sovereignty will often overlap.
• In order to reach agreement on how international law applies to states’ cyber operations below the level of use of force, states should put their views on record, where possible giving examples of when they consider that an obligation may be breached, as states such as the UK, Australia, France and the Netherlands have done.
• Further discussion between states should focus on how the rules apply to practical examples of state-sponsored cyber operations. There is likely to be more commonality about specific applications of the law than there is about abstract principles.
• The prospects of a general treaty in this area are still far off. In due course, there may be benefit in considering limited rules, for example on due diligence and a prohibition on attacking critical infrastructure, before tackling broad principles.

In discussions to date about how international law applies in cyberspace, commentators have tended to focus their attention on how the rules on the use of force, or the law of armed conflict, apply to cyber activities conducted by states that give rise to physical damage, injury or death.

But in practice, the vast majority of state cyberattacks fall below this threshold. Far more common are persistent, low-level attacks that may leave no physical trace but that are capable of doing significant damage to a state’s ability to control its systems, often at serious economic cost.

Such cyber incursions might include network disruptions in the operation of another government’s websites; tampering with electoral infrastructure to change or undermine the result; or using cyber means to destabilize another state’s financial sector.

For these kinds of cyber operation, the principle of sovereignty, and the principle of non-intervention in another state’s internal affairs, are the starting point.

A UN Group of Government Experts (GGE) agreed in 2013 and 2015 that the principles in the UN Charter, including sovereignty and the prohibition on intervention in another state’s affairs, apply to states’ activities in cyberspace. The 2015 GGE also recommended eleven (non-binding) norms of responsible state behaviour in cyberspace.

However, states have not yet reached agreement on how to apply these principles. Until recently, there has also been very little knowledge of what states actually do in cyberspace, as they usually conduct cyber operations covertly and have been reluctant to put their views on record.

A new Chatham House research paper analyses the application of the principles of sovereignty and non-intervention to state cyberattacks that fall below the principle of use of force. As well as analysing the application of the law in this area, the paper also makes recommendations to governments on how they might best make progress in reaching agreement in this area.

Existing rules or new rules?

As the research paper makes clear, there is currently some debate, principally between countries in the West, about the extent to which sovereignty is a legally binding rule in the context of cyberspace and, if so, how it and the principle of non-intervention might apply in practice.

In the last few years, certain states have put on record how they consider international law to apply to states’ activities in cyberspace, namely the UK, Australia, France and the Netherlands. While there may be some differences in their approaches, which are discussed in the paper, there also remains important common ground: namely, that existing international law already provides a solid framework for regulating states’ cyber activities, as it regulates every other domain of state-to-state activity.

There is also an emerging trend for states to work together when attributing cyberattacks to hostile states, enabling them to call out malign cyber activity when it violates international law. (See, for example, the joint statements made in relation to the NotPetya cyber attack and malicious cyber activity attributed to the Russian government).

However, other countries have questioned whether existing international law as it stands is capable of regulating states’ cyber interactions and have called for ‘new legal instruments’ in this area.

This includes a proposal by the Shanghai Cooperation Organization (led by Russia and China) for an International Code of Conduct on Information Security, a draft of which was submitted to the UN in 2011 and 2015, without success. The UN has also formed a new Open-Ended Working Group (OEWG) under a resolution proposed by Russia to consider how international law applies to states’ activities in cyberspace.

The resolution establishing the OEWG, which began work earlier this year, includes the possibility of the group ‘introducing changes to the rules, norms and principles of responsible behaviour of States’ agreed in the 2013 and 2015 GGE reports. In the OEWG discussions at the UN in September, several countries claimed that a new legal instrument was needed to fill the ‘legal vacuum’ (Cuba) or ‘the gap of ungoverned areas’ (Indonesia).

It would be concerning if the hard-won consensus on the application of international law to cyberspace that has been reached at past GGEs started to unravel. In contrast to 2013 and 2015, the 2017 meeting failed to reach an agreement.

On 9 December, a renewed GGE will meet in New York, but the existence of the OEWG exploring the same issues in a separate process reflects the fact that cyber norms have become an area of geopolitical rivalry.

Aside from the application of international law, states are also adopting divergent approaches to the domestic regulation of cyberspace within their own territory. The emerging trend towards a ‘splinternet’ – i.e. between states that believe the internet should be global and open on the hand, and those that favour a ‘sovereignty and control’ model on the other  – is also likely to make discussions at the GGE more challenging.

Distinct from the international law concept of sovereignty is the notion of ‘cybersovereignty’, a term coined by China to describe the wide-ranging powers it assumes under domestic law to regulate its citizens’ access to the internet and personal data within its territory. This approach is catching on (as reflected in Russia’s recently enacted ‘Sovereign Internet Law’), with other authoritarian states likely to follow suit.

The importance of non-state actors

In parallel with regional and UN discussions on how international law applies, a number of initiatives by non-state actors have also sought to establish voluntary principles about responsible state behaviour in cyberspace.

The Global Commission on the Stability of Cyberspace, a multi-stakeholder body that has proposed principles, norms and recommendations to guide responsible behaviour by all parties in cyberspace, recently published its final report. The Cybersecurity Tech Accord  aims to promote collaboration between tech companies on stability and resilience in cyberspace. President Macron’s ‘Paris Call for Trust and Security in Cyberspace’ has to date received the backing of 67 states, 139 international and civil society organizations, and 358 private-sector organizations.

It remains to be seen in the long term whether the parallel processes at the UN will work constructively together or be competitive. But notwithstanding the challenging geopolitical backdrop, the UN GGE meeting next week at the least offers states the opportunity to consolidate and build on the results of past meetings; to increase knowledge and discussion about how international law might apply; and to encourage more states to put their own views of these issues on the record.

A healthy civic space is vital for an enabling business environment. In recognition of this, a growing number of private sector actors are challenging, publicly or otherwise, the deteriorating environment for civic freedoms.

However, this corporate activism is often limited and largely ad hoc. It remains confined to a small cluster of multinationals leaving potential routes for effective coordination and collaboration with other actors underexplored.

This roundtable will bring together a diverse and international group of business actors, civil society actors and foreign policy experts to exchange perspectives and experiences on how the private sector can be involved in issues around civic space. The meeting will provide an opportunity to explore the drivers of – and barriers to – corporate activism, develop a better understanding of existing initiatives, identify good practice and discuss practical strategies for the business community.

This meeting will be the first of a series of roundtables at Chatham House in support of initiatives to build broad alliances for the protection of civic space. 

Attendance at this event is by invitation only. 

PLEASE NOTE THIS EVENT IS POSTPONED UNTIL FURTHER NOTICE. 

Capacity to contain and respond to biological threats varies considerably across the world. Yet such preparedness is vital for prevention, impact-reduction and resilience in the face of biological events, whether they be natural or deliberate outbreaks.

Chatham House is conducting a series of meetings to strengthen urban preparedness for, and resilience against, biological threats in African countries. This meeting will examine the preparedness and prevention mechanisms in Accra, reviewing the comprehensiveness of city-level preparedness.  

This meeting will focus on the formation and implementation of city-level action plans in the context of preparedness for managing biological threats. It will also explore how local authorities are contributing to this effort with their knowledge and expertise.

Attendance at this event is by invitation only.

With increased use of military drones in recent years there have also been many calls for greater transparency and accountability with regards to drone operations.

This would allow for greater public understanding, particularly as the complex nature of military operations today intensifies difficulties in sustaining perceptions of the legitimate use of force.

For example, in Europe, leading states rely on the US for drone platforms and for the infrastructure - such as military communication networks - that enable those operations, while the US also relies on airbases in European states to operate its drone programme.

In addition, with reports that the US is loosening the rules on the use of drones, it is important to understand how European approaches to transparency and accountability may be affected by these developments.

This workshop focuses on how European states can facilitate transparency to ensure accountability for drone use, as well as what the limits might be, considering both the complexity of military operations today and the need for achieving operational goals.

With the US easing restrictions on export controls, the discussion also considers the role of regulation in ensuring accountability and prospects for developing common standards.

Attendance at this event is by invitation only.

With continuing instability at Europe's borders, along with uncertainty on future US support for NATO, many European countries are increasing their allocations to defence budgets and to collective European strategic defence. In addition, with non-state armed groups creating instability and threatening civilian lives and livelihoods in proximity to the EU’s borders, various operations have been carried out in conflict theatres in the Middle East, North Africa and the Sahel under the auspices of NATO, the UN, the EU or by single EU member states.

Although European military personnel have been deployed in many regions, with countries becoming more reluctant to deploy ‘boots on the ground’, warfare has been increasingly conducted through remote means. This has led to criticism on the limited transparency and accountability mechanisms at work in these operations, while some have questioned the military effectiveness of such tactics or the capacity and willingness of states to ensure that targets are struck accurately and without impact on civilian populations.

Against this background, the EU has started allocating resources to military research and development projects with a focus on unmanned systems and related technologies. Under the auspices of the European Defence Fund such funding is set to increase, while potential bilateral programmes between some states have also been explored. Despite concerns raised by the European Parliament, the development of these policies and technologies has taken place without significant consideration of what the legal, ethical and military-strategic impact of these instruments might be.    

This event will bring together a range of experts, policymakers and civil society organizations to discuss the technology horizon of European defence investments and policy developments around remote warfare. Participants will discuss the implications of the new EU defence fund, legal, ethical, and transparency issues in military research and development and the position of the EU as a global actor. 

This event is being organized in partnership with PAX Netherlands.

THIS EVENT IS NOW FULL AND REGISTRATION HAS CLOSED.

• Civil nuclear facilities and organizations hold sensitive information on security clearances, national security, health and safety, nuclear regulatory issues and international inspection obligations. The sensitivity and variety of such data mean that products tailored for insuring the civil nuclear industry have evolved independently and are likely to continue to do so.
• ‘Air-gaps’ – measures designed to isolate computer systems from the internet – need to be continually maintained for industrial systems. Yet years of evidence indicate that proper maintenance of such protections is often lacking (mainly because very real economic drivers exist that push users towards keeping infrastructure connected). Indeed, even when air-gaps are maintained, security breaches can still occur.
• Even if a particular organization has staff that are highly trained, ready and capable of handling a technological accident, hacking attack or incidence of insider sabotage, it still has to do business and/or communicate with other organizations that may not have the essentials of cybersecurity in place.
• Regardless of whether the choice is made to buy external insurance or put aside revenues in preparation for costly incidents, the approach to cyber risk calculation should be the same. Prevention is one part of the equation, but an organization will also need to consider the resources and contingency measures available to it should prevention strategies fail. Can it balance the likelihood of a hacker’s success against the maximum cost to the organization, and put aside enough capital and manpower to get it through a crisis?
• All civil nuclear facilities should consider the establishment of computer security incident response (CSIR) teams as a relevant concern, if such arrangements are not already in place. The existence of a CSIR team will be a prerequisite for any facility seeking to obtain civil nuclear cyber insurance.
• Preventing attacks such as those involving phishing and ransomware requires good cyber hygiene practices throughout the workforce. Reducing an organization’s ‘time to recovery’ takes training and dedication. Practising the necessary tasks in crisis simulations greatly reduces the likelihood of friction and the potential for error in a crisis.

The development of governance in a wide range of digital spheres – from cyberspace to internet infrastructure to emerging technologies such as artificial intelligence (AI) – is failing to match rapid advances in technical capabilities or the rise in security threats. This is leaving serious regulatory gaps, which means that instruments and mechanisms essential for protecting privacy and data, tackling cybercrime or establishing common ethical standards for AI, among many other imperatives, remain largely inadequate.

A starting point for effective policy formation is to recognize the essential complexity of the digital landscape, and the consequent importance of creating a ‘common language’ for multiple stakeholders (including under-represented actors such as smaller and/or developing countries, civil society and non-for-profit organizations).

The world’s evolving technological infrastructure is not a monolithic creation. In practice, it encompasses a highly diverse mix of elements – so-called ‘high-tech domains’,[1] hardware, systems, algorithms, protocols and standards – designed by a plethora of private companies, public bodies and non-profit organizations.[2] Varying cultural, economic and political assumptions have shaped where and which technologies have been deployed so far, and how they have been implemented.

Perhaps the most notable trend is the proliferation of techno-national regimes and private-sector policy initiatives, reflecting often-incompatible doctrines in respect of privacy, openness, inclusion and state control. Beyond governments, the interests and ambitions of prominent multinationals (notably the so-called ‘GAFAM’ tech giants in the West, and their ‘BATX’ counterparts in China)[3] are significant factors feeding into this debate.

Cyberspace and AI – two case studies

Two particular case studies highlight the essential challenges that this evolving – and, in some respects, still largely unformed – policy landscape presents. The first relates to cyberspace. Since 1998, Russia has established itself as a strong voice in the cyberspace governance debate – calling for a better understanding, at the UN level, of ICT developments and their impact on international security.

The country’s efforts were a precursor to the establishment in 2004 of a series of UN Groups of Governmental Experts (GGEs), aimed at strengthening the security of global information and telecommunications systems. These groups initially succeeded in developing common rules, norms and principles around some key issues. For example, the 2013 GGE meeting recognized that international law applies to the digital space and that its enforcement is essential for a secure, peaceful and accessible ICT environment.

However, the GGE process stalled in 2017, primarily due to fundamental disagreements between countries on the right to self-defence and on the applicability of international humanitarian law to cyber conflicts. The breakdown in talks reflected, in particular, the divide between two principal techno-ideological blocs: one, led by the US, the EU and like-minded states, advocating a global and open approach to the digital space; the other, led mainly by Russia and China, emphasizing a sovereignty-and-control model.

The divide was arguably entrenched in December 2018, with the passage of two resolutions at the UN General Assembly. A resolution sponsored by Russia created a working group to identify new norms and look into establishing regular institutional dialogue.

At the same time, a US-sponsored resolution established a GGE tasked, in part, with identifying ways to promote compliance with existing cyber norms. Each resolution was in line with its respective promoter’s stance on cyberspace. While some observers considered these resolutions potentially complementary, others saw in them competing campaigns to cement a preferred model as the global norm. Outside the UN, there have also been dozens of multilateral and bilateral accords with similar objectives, led by diverse stakeholders.[4]

The second case study concerns AI. Emerging policy in this sector suffers from an absence of global standards and a proliferation of proposed regulatory models. The potential ability of AI to deliver unprecedented capabilities in so many areas of human activity – from automation and language applications to warfare – means that it has become an area of intense rivalry between governments seeking technical and ideological leadership of this field.

China has by far the most ambitious programme. In 2017, its government released a three-step strategy for achieving global dominance in AI by 2030. Beijing aims to create an AI industry worth about RMB 1 trillion ($150 billion)[5] and is pushing for greater use of AI in areas ranging from military applications to the development of smart cities. Elsewhere, the US administration has issued an executive order on ‘maintaining American leadership on AI’.

On the other side of the Atlantic, at least 15 European countries (including France, Germany and the UK) have set up national AI plans. Although these strategies are essential for the development of policy infrastructure, they are country-specific and offer little in terms of global coordination. Ominously, greater inclusion and cooperation are scarcely mentioned, and remain the least prioritized policy areas.[6]

Competing multilateral frameworks on AI have also emerged. In April 2019, the European Commission published its ethics guidelines for trustworthy AI. Ministers from Nordic countries[7] recently issued their own declaration on collaboration in ‘AI in the Nordic-Baltic region’. And leaders of the G7 have committed to the ‘Charlevoix Common Vision for the Future of Artificial Intelligence’, which includes 12 guiding principles to ensure ‘human-centric AI’.

More recently, OECD member countries adopted a set of joint recommendations on AI. While nations outside the OECD were welcomed into the coalition – with Argentina, Brazil and Colombia adhering to the OECD’s newly established principles – China, India and Russia have yet to join the discussion. Despite their global aspirations, these emerging groups remain largely G7-led or EU-centric, and again highlight the divide between parallel models. 

The importance of ‘swing states’

No clear winner has emerged from among the competing visions for cyberspace and AI governance, nor indeed from the similar contests for doctrinal control in other digital domains. Concerns are rising that a so-called ‘splinternet’ may be inevitable – in which the internet fragments into separate open and closed spheres and cyber governance is similarly divided.

Each ideological camp is trying to build a critical mass of support by recruiting undecided states to its cause. Often referred to as ‘swing states’, the targets of these overtures are still in the process of developing their digital infrastructure and determining which regulatory and ethical frameworks they will apply. Yet the policy choices made by these countries could have a major influence on the direction of international digital governance in the future.

India offers a case in point. For now, the country seems to have chosen a versatile approach, engaging with actors on various sides of the policy debate, depending on the technology governance domain. On the one hand, its draft Personal Data Protection Bill mirrors principles in the EU’s General Data Protection Regulation (GDPR), suggesting a potential preference for the Western approach to data security.

However, in 2018, India was the leading country in terms of internet shutdowns, with over 100 reported incidents.[8] India has also chosen to collaborate outside the principal ideological blocs, as evidenced by an AI partnership it has entered into with the UAE. At the UN level, India has taken positions that support both blocs, although more often favouring the sovereignty-and-control approach.

Principles for rule-making

Sovereign nations have asserted aspirations for technological dominance with little heed to the cross-border implications of their policies. This drift towards a digital infrastructure fragmented by national regulation has potentially far-reaching societal and political consequences – and implies an urgent need for coordinated rule-making at the international level.

The lack of standards and enforcement mechanisms has created instability and increased vulnerabilities in democratic systems. In recent years, liberal democracies have been targeted by malevolent intrusions in their election systems and media sectors, and their critical infrastructure has come under increased threat. If Western nations cannot align around, and enforce, a normative framework that seeks to preserve individual privacy, openness and accountability through regulation, a growing number of governments may be drawn towards repressive forms of governance.

To mitigate those risks, efforts to negotiate a rules-based international order for the digital space should keep several guiding principles in mind. One is the importance of developing joint standards, as well as the need for consistent messaging towards the emerging cohort of engaged ‘swing states’. Another is the need for persistence in ensuring that the political, civic and economic benefits associated with a more open and well-regulated digital sphere are made clear to governments and citizens everywhere.

Countries advocating an open, free and secure model should take the lead in embracing and promoting a common affirmative model – one that draws on human rights principles (such as the rights to freedom of opinion, freedom of expression and privacy) and expands their applications to the digital space.  

Specific rules on cyberspace and technology use need to include pragmatic policy ideas and models of implementation. As this regulatory corpus develops, rules should be adapted to reflect informed consideration of economic and social priorities and attitudes, and to keep pace with what is possible technologically.[9]

Notes

[1] Including but not limited to AI and an associated group of digital technologies, such as the Internet of Things, big data, blockchain, quantum computing, advanced robotics, self-driving cars and other autonomous systems, additive manufacturing (i.e. 3D printing), social networks, the new generation of biotechnology, and genetic engineering.

[2] O’Hara, K. and Hall, W. (2018), Four Internets: The Geopolitics of Digital Governance, Centre for International Governance Innovation, CIGI Paper No. 206, https://www.cigionline.org/publications/four-internets-geopolitics-digital-governance.

[3] GAFAM = Google, Amazon, Facebook, Apple and Microsoft; BATX = Baidu, Alibaba, Tencent and Xiaomi.

[4] Carnegie Endowment for International Peace (undated), ‘Cyber Norms Index’, https://carnegieendowment.org/publications/interactive/cybernorms (accessed 30 May 2019).

[5] Future of Life Institute (undated), ‘AI Policy – China’, https://futureoflife.org/ai-policy-china?cn-reloaded=1.

[6] Dutton, T. (2018), ‘Building an AI World: Report on National and Regional AI Strategies’, 6 December 2018, CIFAR, https://www.cifar.ca/cifarnews/2018/12/06/building-an-ai-world-report-on-national-and-regional-ai-strategies.

[7] Including Denmark, Estonia, Finland, the Faroe Islands, Iceland, Latvia, Lithuania, Norway, Sweden and the Åland Islands.

[8] Shahbaz, A. (2018), Freedom on the Net 2018: The Rise of Digital Authoritarianism, Freedom House, October 2018, https://freedomhouse.org/report/freedom-net/freedom-net-2018/rise-digital-authoritarianism.

[9] Google White Paper (2018), Perspectives on Issues in AI Governance, https://www.blog.google/outreach-initiatives/public-policy/engaging-policy-stakeholders-issues-ai-governance/.

This essay was produced for the 2019 edition of Chatham House Expert Perspectives – our annual survey of risks and opportunities in global affairs – in which our researchers identify areas where the current sets of rules, institutions and mechanisms for peaceful international cooperation are falling short, and present ideas for reform and modernization.