By Cheng Lai Ki
The Internet-of-Things (I0T) refers to the dense nexus of sensors and computers built on the hyper-connectivity of the Internet essential for economic development, national security and intelligence collection. While dominated by technical solutions, we are seeing an increase in policy-based interventions designed to tackle human vulnerabilities. During closing discussions between a panel of industry experts, Jeff Moss at Blackhat Asia 2017 revealed an interesting concern about the emergence of ‘Digital Nations’, i.e. enterprises that have accumulated considerable international presence which translates into political power— otherwise usually reserved for governments. While the concept remains a friendly discussion between industry experts, the realities behind Digital Nations and its impressions on global geopolitics, intelligence and security are not entirely implausible or restricted merely to works of fiction.
Asymmetric Power of Data
The IoT is constructed around the notion of enhancing data operations through leveraging the masses of computers networks connected via the Internet. Today, more than a zettabyte of data flows through the internet alone. At the Blackhat Asia 2017, one of the panellists, Halvar Flake noted at the closing keynote that contemporary power resides in data. Therefore, big-data and analytics have become the core operations essential to competitive industry expansion and operational streamlining.
Within corporate domains, one can easily identify multiple Cloud Computing-orientated solutions to improve business operations and efficiency. Narrower within cybersecurity domains, Machine Learning solutions are progressively dominating the field, evident from trade halls hosted at the IP Expo Europe (2016) and Blackhat Asia (2017). All these solutions emphasize data management and information security, increasingly demanded universally in all sectors.
Digital Nations’ are well-embedded technology companies that expanded alongside such internet-based models and subsequently monopolised the asymmetric power of data. Our increasing digital integration empowered through IoT has allowed these entities to expand aggressively, thus cultivating political power through extensive integration into critical infrastructure and commercial markets across all sectors. The best example of a Digital Nation with such scales of market reach is the renowned multi-service provider Google.
Google and the IoT
As one of the largest global enterprises, Google possesses multiple services intricately integrated within commercial and governmental entities. Aside from the enterprise’s core internet-related services, Google has aggrandized into Telecommunications (Fiber), Cloud Computing (Spanner), Robotics (X), and Artificial Intelligence (DeepMind). While Google’s expansion in its business development is eye-catching, such widespread reach has raised several key political and security concerns.
Google’s expansion is also closely related to their powerful political networks. In the United Kingdom, former civil servants such as Sarah Hunter or Verity Harding were hired to strategically support of key projects targeting various critical services. As early as 2010, Marc Rotenberg raised his concern ‘about Google’s role in the political system because they learned how to lobby very effectively’, and the remarkable levels of influence the company holds. While undoubtedly an effective business expansion strategy, this political entrenchment creates complicated legal and jurisdictional situations and raises further concern over the security applications of its internet-related services.
For instance, the PRISM program was a 2013 American electronic surveillance operation utilising information obtained from several internet giants. Regardless of the industry’s scale of compliance, the existence of the program underlined a significant security risk imposed by powerful internet companies. Although Google claimed that it ‘does not have a backdoor for the government to access private user data’, such a position needs to be reviewed within the context of emerging political-technology relationships.
A Hybrid Challenge
Today, most of the world’s leading technology giants with significant investments within the IoT are located and headquartered in the United States. Other Digital Nations’ like Google, invariably position themselves as a political proxy or intelligence resources. With the revelation of more cyber-espionage operations, policy communities will face two main challenges to maintain order where commercial organisations are accumulating enough political powers to influence geopolitics. Driving global digitisation through providing essential services allows key enterprises to influence political decision-making and potentially support cyber intelligence operations, thus muddying the geopolitical and jurisdictional relationships between nations as political proxies. However, various solutions can be proposed to rebalance skills across cybersecurity communities to empower international regulatory and oversight bodies.
First is the need for balanced technical, policy and social science expertise. Cybersecurity remains a technically dominated field, and will always be required to combat adaptive and ingenuous threats. However, as society becomes increasingly digitised, all agencies should increase their investment into researching cyber-social behaviours. A possible solution is to cultivate an understanding of the contemporary socio-technological landscape, which can assist governments to develop effective policies capable of maintaining pace with a rapidly modernising world. This enables greater oversight and limits enterprises from becoming political proxies.
Second, greater empowerment of international oversight bodies and legislation is a must. As society progressively moves ‘online’, there have been increasing concerns about how human-right issues can translate to the digital realm. Since the opening of the Internet to the public (and the world), there have been many organizations established to achieve such objectives. However, existing institutions still operate primarily as liaisons and think-tanks. Digital Nations are only going to grow alongside the IoT. Ergo, a solution is the establishment of specialised cyber working groups within existing international oversight bodies to confront, and manage cross-national jurisdictional issues in digital space.
Rebalancing Cybersecurity
As we continue to depend on data and interface globally via the Internet-of-Things, Digital Nations will only culminate more political power. While not necessarily a globalised threat, Digital Nations carry potential to upset the traditional balances between nations and are capable of significant security compromises. Bolstering current oversight capabilities and empowering other non-technical sectors to balance our digital dependency is thus a collective resolution that needs to be adopted.
Cheng Lai Ki is a Freelance Intelligence Analyst in Singapore and works in the field of cybersecurity, geopolitical risk and international security. He has an MA in Intelligence and International Security from King’s College London and was a former Managing Editor at StrifeBlog.
Image source: http://www.digitaltrends.com/computing/open-source-parsey-mcparseface/