Any reference to co-evolution involves matters of growth, development, security, stability, profit, control, governance, crime, and a wide range of related issues surrounding connectivity, conduits, and content, as well as emergent views of alternative futures. All elements are as central to international relations as they are to cyberspace.
Meta-Analysis
If the reality of cyberspace is changing the character of international relations, so the concerns of various states are changing the character of cyberspace. It is already apparent that political pressures impinge upon the current Internet in various parts of the world in order to render its architecture “in line” with power and politics. Recognizing this reality, Explorations sought to sensitize computer scientists to the inherent but sometimes hidden influence of power and politics that bear on new architectures, new constructions of the Internet, and new frontiers of cyberspace. It also serves to improve the awareness of computer scientists of the potential for influence and leverage enabled, or even created by, the architecture of the Internet and all the attendant and operational features that sustain the core of cyberspace.
To some extent, there is a general tendency among analysts of international relations to make simplified assumptions about the character of cyberspace by pushing toward similarity with the known “real” domain that, in and of itself, may be problematic. To the extent that the state decides it must shape the character of cyberspace – irrespective of the wisdom of so proceeding – there are few guideposts or theories as to how to proceed in order to achieve this objective.
The Old & The New
Early in the twenty-first century, it was already apparent that the cyber domain would shape new parameters of international relations and new dimensions of international politics. Among the most salient features is the previously-noted creation of new actors – some with formal identities and others without – and their cyber empowerment, which is altering the traditional international decision landscape in potentially significant ways. Concurrently, we see the growing use of cyber venues by nonstate groups whose objectives are to undermine the state or to alter its foundations.
In addition, growth in the number of cyber-centered actors increases the density of decision entities – each with new interests and new capabilities to pursue their interests – and thus increases the potential for intersections in spheres of influence, with possibilities for new and different types of contentions and conflicts.
With the benefit of hindsight, it is often noted how seemingly transparent and relatively “simple” was the world of the nineteenth century into the twentieth century. Gradually, it became more “complicated” as the victors’ design for the postwar period required major innovations in the management of international activities. In retrospect, once more, what we had understood as “complicated” is now more accurately described as “complex.” With increasing cross-border interactions, entanglements that were viewed as “interdependence” in the twentieth century took on dynamics of their own, shaping what we refer to as "globalization."
As cyberspace shifted to the realm of “high politics,” it altered the international policy ecology, topography, and demography in profound ways. Interactions in cyberspace have shifted the balance of power among different actors, including the traditional state power, and enabled weaker actors to influence or even threaten stronger actors (such as press reports of anonymous penetration incidences of U.S. government computer systems). This sort of shift has little precedence in world politics. We might view this situation – the players and their capabilities – as emergent symmetry.
Co-Evolution Dilemma
However framed, we are witnessing a potentially powerful shift in the nature of the game. The increased influence of nonstate entities may well undermine the sanctity of sovereignty as the defining principle for the international system. The forgoing calls into question the effectiveness of traditional policy tools and responses crafted to deal with state-to-state interactions in a geopolitical world – with known threat actors and an arsenal of expected diplomatic or military responses.
All of this creates an added and inescapable problem for the state, the state system, and international relations, that is, the emergence of unprecedented forms of threat to security. These threats carry a new label (cyber threats) to signal new vulnerabilities (cybersecurity) and – most vexing of all – can emanate from unknown sources (attribution problem). Invariably these trends further reinforce the politicization of cyberspace and its salience in emergent policy discourses.
The basic, underlying premise is that the two domains are evolving into a system of interlocking and mutual influence that continues to shape each of these arenas while creating added, joint effects on society, the economy, politics, and all aspects of the human experience. The dilemma is rooted in the fact that the two systems are changing at different rates, and elements of each are also changing at different rates, thereby creating realities and uncertainties that are particularly difficult to anticipate or manage – let alone regulate.
If cyberspace and international relations evolve as a joint system, then differences must be addressed. Already, we appreciate that they are “held together” by very different concepts and practices of organization and order.
Daunting Questions
The co-evolution dilemma raises some daunting questions, for example: why is it, and how is it, that the sovereign state, which supported the construction of cyberspace with a vision of openness and freedom, is also engaged in various “denial of service” practices? How do different countries attempt to control data and information flows, and monitor content or server connections? How is it (and why is it) that the “illegitimate” or damaging uses of the Internet are growing much faster than our ability to identify, control, or prevent them? Why is it that the power of the state – with its monopoly over the use of force, in theory at least – seems inadequate for responding to threats from the cyber domain?
The co-evolution dilemma invariable touches upon -– and may even become dominated by – the activities of nonstate actors and their management of the Internet so far. Overall, states recognize the dominance of the private sector in shaping the Internet, but few states are ready to accept or accommodate this reality.
All are confronted with the uncertainties regarding control of the cyber domain – how, when, and why? Who controls, and where are the control points?
Order & Authority
In social science parlance, what keeps a system together is a form of order supported by authority. Authority involves a claim of trust in social relationships in order to induce conformity and support for governing principles. So too, there is a special relationship between authority or source and subject, a relationship that is located in a particular, definable domain. This relationship is based on some form of consensus and is supported by prevailing norms, rules, and practices. This directionality – on matters of substance as well as context – forges a set of obligations. All of this is social order.
The international system is a system of states. The state can rely on the obedience of its citizens by establishing legal codes and punishing those who transgress. This, in conjunction with the inability of individuals to protect themselves from each other, forges the special relationship between the state and individuals. Generally, public authority dominates and social recognition of authority is expressed publicly.
In the cyber domain, the entire arena was constructed by private sector actors (albeit with support and funding from the dominant state). So far, authority over the operation of the Internet is based on performance and capability. More specifically, authority in the cyber domain is derived from innovation of the system we call the Internet and the operational capacity demonstrated by effective control of essential activities.
In this context, private authority is self-generated by the construction of the new domain. These entities pursue their own interests, and not necessarily those of the state or those of the market. They are strong enough to establish the rules of interaction over an issue-area and even to control the agenda for policy deliberation. Today, private authority is strong and salient in many parts of the world and for many issues of interest.
Conflict & War
Modes of conflict and of cooperation are well recognized in the “real” domain of international relations, as are matters of their scale and scope. The “virtual” arena also harbors various forms of conflict and cooperation. The former has led to a completely new vocabulary to represent various manifestations, such as “cyber threat,” “cybersecurity,” “cyber warfare,” or “cyber arms race” – to note the most obvious.
Given that the “new normal” in world politics in the cyber age is one that transcends state actors and actions, the conduct of conflict, violence, and warfare in the cyber domain is significantly different from tradition in international relations. A wide range of nonstate entities – known and unknown – operate in a highly dynamic and volatile international context. The conduct of war in the “real” domain is inevitably adapting to, or changed by, the features of the “virtual” arena. The challenge is to recognize various modalities and the ways in which different actors seek to exert influence and shape their environment to support their goals.
Cybersecurity & Sustainability
Seemingly distinct, cybersecurity and sustainability are two different features of the human condition, connected through the pervasiveness of cyberspace. At the most general level, cybersecurity may well reflect a concern for system threats to viability. Sustainability is about retaining system viability, performance, and survival.
In CyberIR@MIT, we situate cybersecurity and sustainability as the fourth of the system-wide domains. When we consider the various interconnections between these two features, it is not difficult to find various combinations and iterations, such as the sustainability of system cybersecurity, or cybersecurity for system sustainability.