cyber sovereignty and the governance of global cyberspace · original article cyber sovereignty and...
TRANSCRIPT
ORI GIN AL ARTICLE
Cyber Sovereignty and the Governance of GlobalCyberspace
Yi Shen1
Received: 11 September 2015 / Accepted: 25 December 2015 / Published online: 1 March 2016
� Fudan University and Springer Science+Business Media Singapore 2016
AbstractPurpose The purpose of the paper is to review the competing guiding principle that
govern the global cyberspace. This was achieved through the introduction and com-
parativeness of the different understanding between China and US of how to ensure the
sovereignty in the global cyberspace. This paper also addresses China’s understanding of
cyber sovereignty and its possible effect on the evolution of the governance of global
cyberspace since 2013.
Design/methodology/approach The paper uses historical and policy documents to
compare and analyze the difference of sovereignty principle applied by US and China to
govern the global cyberspace. Policy terms and their significance are addressed in a
manner that will be comprehensible to a non-policy trained readership.
Findings The paper finds that though China and US may have different narrative of
how to apply cyber sovereignty principle to guide the governance of global cyberspace,
both two countries pay special attention on how to ensure the cyber sovereignty in
different ways. US prefer to expand its cyber sovereignty, while China prefer to launch
the cyber sovereignty defensively.
Research limitations/implications The paper got the conclusion based on a relative
limited access to the latest policy files, especially those reflects the positon of Beijing.
The vivid development of practice of the governance of global cyberspace also raise the
requirement of refresh the research in further.
Originality/value The research of the paper is instructive. The research provides the
valuable pointers for policy makers and researchers to understand China’s cyber
sovereignty properly.
Keywords Cyber sovereignty � Cybersecurity � Governance
& Yi Shen
1 Cyberspace Governance Center, School of International Relations and Public Affairs, Fudan
University, Room 739, Wenke Building, No. 220 Handan Road, Shanghai 200433, China
123
Chin. Polit. Sci. Rev. (2016) 1:81–93
DOI 10.1007/s41111-016-0002-6
1 Introduction
In more than 4 years since 2010, issues related with the internet and global
cyberspace rapidly rose in the agenda of governance, and gradually moved from the
comparatively edge to the centered position of the international arena: in 2010,
WikiLeaks official Website revealed the secret cables and war files of the
Department of Defense and the State Department (Kessler 2010). Google is trying to
challenge China’s jurisdiction of the internet based on sovereignty (Gross 2010). In
2011, the storm named ‘‘Arab Spring’’ deeply challenged the traditional geopolitical
structure of the middle east, (Ajami 2012) in the same time, the US introduced a
new version of ‘‘cyberspace international Strategy’’ in which was clearly announced
intention of building a kind of hegemonic order in global cyberspace. From 2012 to
2013, there were a series of news stories about ‘‘Chinese cyber espionage attack’’
rendered as the new threat toward US national security (Krekel et al. 2014). In 2013
there was insider disclosure of ‘‘PRISM Gate’’ by former CIA contractor Snowden
(Greenwald and MacAskill 2013). In 2014 the US Department of Commerce
suddenly announced intent to transition key Internet domain name functions. In
August 2015, it announced the extension of the contract with ICANN for 1 year,
directly making relations of cyberspace with different actors the focus of public
attention.
How to recognize and understand the meaning of the above-mentioned series of
events, especially from the perspective of international relations, to understand the
influence that the above changes bring to national security, inter-state relations as
well as the governance system of global cyberspace closely related with various
actors (including state and non-state actors), obviously has important theoretical
value and practical significance. In this crucial moment of development and
changes, it is obviously very important to understand the principle of sovereignty,
and the meaning of ‘‘Cyber Sovereignty’’ mapping in cyberspace and as the starting
point to build the framework to analyze and understand the problem.
2 Sovereignty and Governance of Cyberspace
With the formation of global cyberspace and more people starting to use the Internet
[according to the data of International Telecommunication Union (ITA), internet users
make up around 30–40 % of global population], some scholars point out
Cyberspace’s specific properties which serve as a double-sided sword to governance:
on one side, they have begun to show the characteristics of both, defined as promoting
cyberspace tenure, governance, and providing convenient conditions. While on the
other side, they also put forward new unprecedented challenges represented by the
eroding of geographic borders of the states. And then the question of how to
understand the role, function and new characteristic of sovereignty in cyberspace and
how to establish sovereignty in cyberspace, is becoming a new field of argument
among different actors worldwide (Barcomb et al. 2012).
82 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
Although some scholars have pointed out, the real ‘‘cyberspace’’ is the logical
space which is actually difficult to be accurately perceived and managed,
‘‘cyberspace’’ is unable to exist without supporting from the physical world. One
of the difficulties of cyberspace governance is how to highlight the presence of
administration authority in cyberspace. This presence must be perceived and
approved by as many different actors as possible. This perception could be about a
provision system, it can also be about some kind of presence in cyberspace; this
perception is necessarily combined by subjectivity and objectivity, and the result is
made by actors based on objective framework and subjective judgments (Lyons
1995).
Whether sovereignty can adapt to the challenges of cyber security is one of the
key questions during discussing of the issues since 2009 (Czosseck and Geers
2009). And it also becomes one of the most difficult issues in dealing with cyber
conflict (Jensen 2012). The main challenge to abiding sovereignty in the broad
issues of governance including cyber security is that rising of non-state actors
produced tough conflict with the deploying of traditional international law based on
rule of sovereignty in these new areas (Krasner 2001). But it is quite clear that the
sovereignty must have a proper position in handling with cyber security issues when
more and more multi-source attacks have appeared in cyberspace (Herzog 2011). In
short, though at the very beginning the term governance referred to governing
without the government, the government, or the sovereignty state must be brought
back in (Drezner 2004).
In practical dimensions, taking the ‘‘Tallinn Manual’’ as an example, some
European and American researchers make a systematic summary and review of the
application of important principles in traditional international law representing by
the principle of sovereignty, in cyberspace, whose main point is: the principle of
sovereignty applies to network space, the claim expressed as ‘‘a state within its
sovereign territory can implement control on the information infrastructures and
activities,’’ where the definition of sovereignty, based on 1928 Island of Palmas
international law ruling, stressed that a country’s internal affairs is independent
without interference from other countries; and on this basis, the sovereignty related
with cyberspace is expressed as referent with the information infrastructures in a
state’s territory, airspace, territorial waters and territorial sea (including the seabed
and subsoil); the direct consequence is that information infrastructures, regardless of
their specific owners or users, are under the sovereignty of a country’s judicial and
administrative jurisdiction, which is protected by sovereignty (Schmitt 2013). In
June 2015, for the development of information and telecommunications from the
perspective of international security, a group of governmental experts submitted a
consensus report to the UN General Assembly, this report clearly pointed out the
importance of ‘‘‘the United Nations Charter’’ and the principle of sovereignty,
which is the basis to strengthen the use of ICT security, stating, ‘‘While recognizing
the need for further study, the Group noted the inherent right of States to take
measures consistent with international law and as recognized in the Charter’’
(Assembly UN General 2010).
To accurately know the use of the sovereignty principle in the governance of
global cyberspace, first you need to deeply understand the basic characteristics of
Chin. Polit. Sci. Rev. (2016) 1:81–93 83
123
cyberspace, because this feature determines the specific mechanisms of the principle
of sovereignty in cyberspace governance.
3 Asymmetry in Global Cyberspace
Since the 1990s, global cyberspace has achieved rapid development, which,
however, causes asymmetry of resources and capabilities in global cyberspace:
instead of achieving leaping forward due to progress of network technology,
developing countries in the real world are further marginalized in cyberspace, and
such marginalization may further weaken the countries’ status in the real world; on
the contrary, developed countries in real space, especially those with remarkable
advantages in industries and technologies, are also at the core of cyberspace, and as
a result of their superiorities in technology, R&D, and innovation, the gap between
developed and developing countries in the real world is further widened.
Specifically, the asymmetry of resources and capabilities is reflected in the
following aspects:
The first aspect is the geographical distribution of Internet users. Though the total
amount of Internet user groups rises dramatically, relative proportions of user
groups within countries and the distribution among different classifications of
countries differ significantly. Overall, user structure in global cyberspace has an
expansion process from developed countries to developing countries. According to
statistics of relative research institutes, including International Telecommunication
Union (ITU), the total amount of global Internet users is more than 2.5 billion,
which is nearly 40 % of global populations. Since 2006, the amount of Internet
users from developing countries has gradually approached that in developed
countries, and the former one finally accounts for more than 50 % of global Internet
users. The advantage on user number, however, does not mean that the reality of
low Internet penetration in developing countries can be ignored: while total amount
of users increases, a huge disparity among different regions still exists. Statistics of
ITU show that compared with America and Europe where Internet penetration has
reached 60 %, African Internet users account for less than 10 % of total population.
Secondly, the gap in key data-related facilities between developed and
developing countries is obvious. For instance, submarine cable system is a key
infrastructure that supports global cyberspace. The world’s first transoceanic
submarine cable (TAT-8) went into commercial service in December 1988. Since
then, until 2008, companies from America and Europe monopolized the global
optical fiber cable market. America and Europe served as starting points or central
bridging points for all submarine cables that companies had constructed. Even
though from 2008, some companies shifted their investment focus to districts with
poor infrastructure like Africa, the reality of American and European companies’
monopoly in the field of submarine cable has not been changed. Statistics show that
in the 5 years between 2008 and 2012, new submarine cable systems valuing $10
billion as a whole had went into service, with $2 billion or 53000 km per year, and
70 % of the systems were arranged in Sub-Saharan Africa. Regarding sources of
investors, proportion of investments from large-sized operators and consortiums in
84 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
America and Europe was further raised, reaching 80 % of the whole investments.
By contrast, private investments from non-telecommunication organizations
accounted for 14 %, and the proportion was only 5 % for investments from
governments and development banks. Transnational companies of developed
countries have an overwhelming advantage in the market of high-end servers.
Statistics show that five companies from the US and Japan, including HP, IBM,
Dale, Oracle and Fuji, occupied 84.7 % of market shares in 2012, reflecting their
overwhelming superiority in the market.
Thirdly, the overwhelming advantage of developed countries can also be
reflected in distribution and management mechanism of physical facilities of key
infrastructures that ensure operation of global cyberspace. Domain name resolution
system is an example: 13 top-level root name servers are governed by 3 companies,
3 government-related organizations, 3 universities and 1 non-profit private
institution in the United States, 1 company and 1 private institution in Europe,
and 1 Japanese organization respectively; and the ‘‘hidden distribution server’’ that
sends root zone files to the 13 root name servers is owned and managed by VeriSign
Inc. from the United States (SSAC ICANN 2014). Such distribution of key
information infrastructure often have been taken as evidence to prove the existence
of so called hegemonic orders in global cyberspace (Sonbuchner 2008).
In short, in today’s global cyberspace, developing countries mainly serve as users
while developed countries mainly provide infrastructures and key applications. Such
a new ‘‘center—periphery’’ structure has already emerged, and it is a structure with
significant asymmetry, thus exacerbating the disparity of capabilities that has
already existed between developed and developing countries as well as among
developed countries. All the countries in the world, whether developed countries or
developing countries, have gained corresponding awareness and comparatively
systematic practices, consciously or unconsciously, on how to apply the principle of
sovereignty in cyberspace. Through systematic practice on cyber security strategy,
the United States shows how hegemony can extend sovereignty of a single country
in global cyberspace in the name of weakening and eliminating sovereignty.
Correspondingly, through ‘‘internationalization’’ and reinterpreting ‘‘multi-stake-
holder model,’’ countries with power at a disadvantage try their best to weaken and
hedge the expansion under the principle of sovereignty equality.
4 The American Cyber Security Strategy Highlights the Expandingof a Single Sovereignty into Global Cyberspace
Since June 2013, practices of expansion of US sovereignty in global cyberspace are
mainly reflected in the following areas:
Firstly, proof on legality of network monitoring action on grounds of national
security needs under the framework of sovereignty, which is greatly supported by
the PRISM program. The disclosure of PRISM originated from information
provided by former Central Intelligence Agency (CIA) employee Edward Snowden
to European and American media. On June 6, 2013, The Washington Post published
an article entitled ‘‘US, British intelligence mining data from nine US Internet
Chin. Polit. Sci. Rev. (2016) 1:81–93 85
123
companies in broad secret program’’, revealing that the National Security Agency
(NSA) has started to implement a signals intelligence collection activity called
‘‘PRISM’’. The SIGINT Activity Designator (abbreviated to SIGAD) is US-984XN.
Among the daily intelligence briefings read by the US president during 2012, 1447
of which appear with sources referred to as US-984XN. The media reports therefore
regard ‘‘PRISM’’ as the most important intelligence source of the NSA. After
‘‘PRISM’’ was disclosed, the former Director of the NSA Michael Hayden created
an argument that it is necessary to collect intelligence for the purpose of national
security, including monitoring data within global cyberspace (Hayden et al. 2013).
Secondly, seeking to maximize the freedom of cyber operations in order to
ensure national security, including the adoption of cyber deterrence as part of
national defense strategy. The US also makes clear proclaims of its ‘‘right to self-
defense’’ to be used freely in cyberspace, which implies that the US has the right to
attack the source of threat when the US considers itself under threat. In April 2015,
the US Department of Defense approved ‘‘The Department of Defense Cyber
Strategy’’, declaring explicitly the capability to block or control the escalation of all
kinds of conflict through network methods as a strategic objective (The DOD Cyber
Strategy 2015).
In terms of using the right of self-defense, the US makes it clear that other
sovereign nations’ network facilities may become its legitimate targets. A typical
case in 2015 shows that, by way of anonymous sources, the United States publicly
declared to implement network attacks against threat sources identified by the US:
on July 31, 2015, a US senior reporter David Sanger wrote in The Wall Street
Journal and The New York Times, citing a White House source, that the US has
decided to retaliate against the China network to punish the hacking that ‘‘steals 20
million US government employees’ information’’. According to the article, it
remains controversial as to how to implement the retaliation. The options vary from
more mild diplomatic negotiation to ‘‘more important (and meaningful) actions that
may lead to continuous upgrade of hacker attacks between the United States and
China’’. In addition, ‘‘such actions will be done in a partially public way in order to
achieve a deterrent effect’’. ‘‘Action plans to be chosen from that have been
identified covering the most mild diplomatic protest to more complex operations’’
including ‘‘breaching China’s firewall’’ (Sanger 2015).
Thirdly, maintaining sovereignty control over the process of handover of IANA’s
regulatory authority. On August 17, 2015, the director of National Telecommuni-
cations and Information Administration (NTIA) of US Department of Commerce
announced plans to extend the contract with ICANN for 1 year on its official blog,
and for the first time mentioned the most crucial part of the transition procedure in a
relatively clear way. According to the announcement, the transition of management
over the root zone file and root zone file server will be executed by NTIA and
VeriSign in a relatively independent way under a separate process. As shown by the
proposal that conceives the transition procedure, there is an experimental process
for a period of 3 months, which can always be returned to zero and restarted, as long
as the experiment operators including NTIA discovers that the ‘‘experimental data is
in question’’ (NTIA Department of Commerce 2015).
86 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
For the characteristics described above, although little or almost nothing is
mentioned in relation to sovereignty in US policy discourse and oath, and the United
States has always refused to recognize the policy position, system design and
strategy of other countries based on the principles of sovereignty, in fact, the United
States’ preference is to extend the scope of its sovereignty.
5 Challenges in Process of Rebuilding Cyberspace Governance Basedon Sovereign Equality
In 2005, report of the working group on internet governance produced by the United
Nations, pointed out that DNS root zone files and systems, actually, are under
‘‘unilateral control by the United States Government’’ (de Bossey 2005). Since then,
a reform of governance principals of global cyberspace has been pushed based on
sovereign equality to transform governance modes of key resources represented by
DNS root zone files and systems.
However, the reform mentioned above barely went forward from its very start.
Only until March, 2014, when existence of the PRISM Program was leaked, the
American government, obviously feeling great pressure, declared that it will give up
regulatory permissions on IANA and transfer it to a private sector organized by
‘‘multi-stakeholder institutions’’ (Office of Public Affairs, NTIA, Department of
Commerce 2014). Thanks to the authority transfer series of work on the reform
stepped forward.
In progress of transfer the argument about governance principals was mainly
reflected on the understanding of the mode of ‘‘multi-stakeholder institutions’’.
Multi-stakeholder is an operation mode applied by the US in the 1990s in the
process of Internet commercialization, which includes companies, individuals,
NGO’s and sovereignties. Final decisions are made by a Board of Directors
composed of a few professionals. Related companies, individuals and NGO’s
practice their own work in subordinate regions or professional committees. Policies
are adopted according to a top-down model, which means supporting committees
submit suggestions or drafts to a Board of Directors and this Board of Directors
approves them or not. The representatives of sovereignties are included in
Government Advisory Committee and they only have the right to make suggestions
on public policies and activities related to public policy and international law, while
they don’t have policy-making power, nor do their suggestions have compulsory
force (Kruger 2013).
The principal of sovereignty in the argument of multi-stakeholder is reflected on
the status of Government Advisory Committee and the definition of the whole
supervision mechanism.
American’s opinion, as mentioned above, is to establish a private governance
mechanism, which was embodied in the file of DNS policy set by the DOC of the
US, as well as in Internet communities at that time.
On January 28, 1998, before NTIA of the DOC published the new purely
privatized DNS supervision program, American scholar Jon Postel, who made a
great contribution to DNS, carried out the only test of transferring DNS root servers
Chin. Polit. Sci. Rev. (2016) 1:81–93 87
123
in the history of Internet development, which made the existence of ‘‘paralleled
roots’’ (Gittlen 1998b) of global DNS (i.e. two parallel main root zones exist)
possible, but under the greatest pressure of American government, the attempt was
defined as a test, and 1 week later root zone was restored as before. Then NTIA of
DOC determined rules of the game in Green Paper: the purely privatized resolution
program will be replaced by a hybrid multi-stakeholder ICANN, and domain name
registration, root file configuration and modification will be distinguished at the
same time, which means ICANN is responsible for program approval and written
assignments, a special agency is responsible for the configuration and modification
of main root servers and the super root server later, while ICANN and the special
agency obtain authorization through signing contracts with NTIA of DOC, and
NTIA obtains the approval authority in nature. After all these jobs, professor Postel,
who is well-known as ‘‘the godfather of DNS’’, passed away aged 55 in Los Angeles
due to heart problems (BBC 1998; Chandrasekaran 1998; Gittlen 1998a, b; Gerwig
1998; Damien 2002; Farber 2002).
The American government’s preference for the privatization plan of DNS
governance comes from its administration and jurisdiction over American private
sectors based on sovereign principal. It is funny that NTIA has flexibility in signing
or varying supervision contracts with private companies. In the period of October,
1998–May 9, 2001, the DOC of the US signed 14 Amendments with NSI
(Amendment No. 10–24) (NTIA Department of Commerce 2010); on May 25,
2001, NTIA of DOC and Verisign jointly declared in Amendment No. 24 that the
‘‘non-government party’’ in the agreement between NTIA of the DOC and NSI has
been replaced by Verisign because Verisign purchased NSI and NSI has become a
wholly owned subsidiary of Verisign (NTIA Department of Commerce 2001).
Additionally, based on their different interpretations of ‘‘sovereign equality’’,
parties seeking to carry out reforms of this surveillance mode put forward several
representative approaches:
Among these approaches, a notable example is the NetMundial Initiative, a
mildly evolutionary plan proposed by Brazil and some other countries under the
framework of ICANN. This plan was launched at the NetMundail meeting held in
Sao Paulo, in April 2014. Its core principles include three aspects: First, a mild
adjustment to the framework of ICANN should be made and standpoints of the
Governmental Advisory Committee, ICANN, should be accelerated gradually; The
second aspect aims to separate ICANN’s policymaking of cyberspace governance
from both its management and purview setting of root name servers; The last aspect
clarifies that it should narrow ICANN’s oversights of root name servers down to the
three ultimate root name servers managed by Verisign and ICANN, instead of
involving in those root name servers under the jurisdiction of US government
sectors and higher-education institutes. This plan truly reflects the preference of
Brazil and other interest parties. However, these interest parties are not confident
enough to restructure a brand-new cyberspace order. They would rather reach a very
limited compromise with the US government through restricted improvements of
the multi-stakeholder model. That is to say, they ensure ICANN’s independent
surveillance over a limited number of root name servers. And as for this comprise
88 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
itself; it is no more than a hope to require dominated countries to adopt better self-
discipline.
In contract to the NetMundial Initiative, the Indian proposal at the ICANN
conference held in Busan, in 2014, seems much more aggressive. It mainly proposes
that International Telecommunication Union (ITU) should take over the governance
of global cyberspace. To achieve this target, at the ITU Plenipotentiary Conference
held in Busan, the same year, India first proposed that ICANN is supposed to
transfer the relevant key technologies and its jurisdiction to the ITU; thereby putting
the conclusion of the Busan Conference in peril. Besides, Indian suggestions on
reconstructing key resources of global cyberspace are also aggressive. India
suggests that it should refer to the management pattern and operational mechanism
of international direct dialing. Specifically, each country could keep data resources
under its own jurisdiction, and then when one accesses the relevant Internet
resources, nationality codes will be used and thereby the Internet resources can be
connected.
Since this proposal seems audacious and many procedural problems occur at the
submission phase, the Indian plan met strong oppositions from the US government
immediately and the US side clearly reflected that they refused to accept the Indian
proposal at any price. After the Busan Conference, American scholars at different
occasions mentioned that ‘‘Because of India’s actions in Pusan meeting, India has
lost the prestige which is necessary to continually push forward the establishment of
a new order of cyberspace.’’ Similarly, at the Berlin Conference, Indian officials
from the ITU sought to argue that ITU is supposed to assume the main role in
Internet management and governance; but their statements triggered flat refusals
from the representatives of the US Department of Commerce. The US represen-
tatives argue that they will not transfer the jurisdiction of ICANN to any
management institutions operated by any one or more sovereign states. Given the
US side had given four relevant conditions for the transfer of jurisdiction, the US are
in a good position to announce that they could suspend the transfer until a new
proposal comes out once the Indian proposal is the final solution.
Regardless of Brazilian initiative and Indian proposal, as time goes, both of them
might be end without a reason; therefore, it reflects the difficulty in imposing the
principle of sovereign equality to cyberspace governance. Without thorough
settlements and thereafter systemic reforms, it would be extremely hard to change
and discipline the sole sovereign act imposed by the dominated country in virtue of
morality and rules and regulations. Following the principle of sovereign equality
under the governance of global cyberspace, one trying to construct a new set of rules
of governance seems impossible to achieve its target in a foreseeable future. Thus,
what people can do at this stage is that we should be more patient to see the balance
of power and await a potential dominating body coming out, who is willing to
follow the principle of sovereign equality in both belief and action and make
effective self-discipline.
Chin. Polit. Sci. Rev. (2016) 1:81–93 89
123
6 The Rising of China and the Enhanced Voice of Adapting Sovereigntyin Global Cyberspace
Since 2013, cyber security has become one of the most important issues of the
agenda of Grand National security strategy, especially after the founding of a new
Working Group on Cyber Security and ICT which directly led President Xi Jinping
to meet the challenges and threats rising within cyberspace (Shen 2014). President
Xi and his decision making team set the significant goal of China in cyberspace as
building China into a cyber power (wang luo qian guo) (Xinhua Net a 2014). The
goal refers that the main strategy is to ensure that China develops from an important
actor to a great power in cyberspace which means China should not only effectively
defend possible threats from/by cyberspace, but also become more influential in the
building of the rules that govern global cyberspace (Cyberspace Administration of
China 2015). Cyber sovereignty occupies the central position of China’s cyber
security strategy: protection of sovereignty in cyberspace is one of the tasks to
ensuring national security listed by National Security Law of China (National
Security Law of China 2015). It’s also the main goal of the Law of Cyber security of
China ((National Security Law of China 2015) which states that to protect
sovereignty in cyberspace and national security is the main reason to produce the
law (National Security Law of China 2015).
Though there is still a single official document to explain what does cyber
sovereignty means and how to ensure sovereignty in cyberspace from Beijing,
President Xi Jinping already mentioned the term several times in which a few of the
key components of the definition of cyber sovereignty can be understood: the first
key parts of cyber sovereignty refers to the sovereignty of the state to manage the
information flow inside the territory; the second is that every single state has the
power to make cyber related policy independently; the third is that every state
should have roughly equalized rights to participate in the decision making process
of the rules, norms, or code of conduct that governs global cyberspace; and the
respect of sovereignty should be one of the most important guiding principles to
deal with cyber related issues internationally (Xinhua Net b 2014; Xi Jinping 2014).
One of the main reasons why Beijing prefers sovereignty in cyberspace is
stimulation from the actions launched by the States in which the Internet served as
the tools of US diplomacy, especially after 2009 when the term Internet Freedom
has been produced to encourage NGO’s to launch peaceful regime change all
around the world (Liebman 2010; Swett 1995). Just like the two sides of the same
coin, when the US prefers to develop its cyber offensive capacity which includes the
manipulation of the information flow in cyberspace, i.e., refers to ‘‘control or change
the adversary’s information, information systems, and/or networks in a manner that
supports the commander’s objectives’’ (Joint Chiefs of Staff 2013), or, to ‘‘build and
maintain viable cyber options and plan to use those options to control conflict
escalation and to shape the conflict environment at all states’’ (The DOD CYBER
STRATEGY, The Department of Defense 2015). China will increasingly put special
attention on ensuring sovereignty in cyberspace which is the main legal basement to
90 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
ensure national security while China is the weaker side in the game of cyber security
globally.
The same logic can also be applied to discussion on the production of new norms,
or codes of conduct in the governance of global cyberspace. It also resulted that
China prefers more on the ‘‘multilateral model’’ than the ‘‘multi-stake-holder
model’’ during the negation on how to govern the key information infrastructure that
supports global cyberspace represented by the Root DNS Sever, the root file and the
root file system. Frankly speaking, Beijing doesn’t trust the multi-stake-holder
approach which is specially favored by the States since China is concerned that the
US will abuse its advantages in the ICT field to expend the sovereignty of the state
into the global space while at the same time the model has become kind of an excuse
to avoid other states like China protecting their interests in cyberspace. Such kind of
suspect activity has been encouraged by the releasing of the Report of the Working
Group on Internet Governance (WGIG) in 2005 which confirmed that the
‘administration of the root zone files and system’ of the Domain Name Server
(DNS) was unilaterally controlled ‘by the United States Government’ (de Bossey
2005).
Since 2013, outside stimulation composed by the releasing of APT1 report,
PRISM Project, and American’s suing of five PLA officials for commercial cyber
espionage activities dramatically reminds Beijing that ensuring cyber security
mainly by finding a proper way to protect its sovereignty in cyberspace should
become the number one priority of the national security to do list.
In the future, the main challenge of China is to provide a more precisely defined
cyber sovereignty and develop a sophisticated national strategy on cyber security so
that it would be taken as a workable guiding principle when China becomes more
and more actively participatory in a creating process of code of conduct in the
global cyberspace. This may lead to a more constructive contribution to both of the
theory and practice of International relations and International law in which the
traditional principle of sovereignty will have its rebirth in a networked world.
References
Ajami, Fouad. 2012. The Arab spring at one. Foreign Affairs 91(2): 56–65.
Assembly, UN General. 2010. Report of the group of Governmental experts on developments in the field
of information and telecommunications in the context of international security. A/65/201. http://
www.unidir.org/pdf/activites/pdf5-act483.pdf. (last visit: July 30th, 2010).
Barcomb, K. D., R. Krill, R. Mills and M. Saville (2012). Establishing cyberspace sovereignty.
Proceedings of the 7th International Conference on Information Warfare and Security, Academic
Conferences Limited.
BBC. (1998). God of the Internet is dead, October 19. http://news.bbc.co.uk/2/hi/science/nature/196487.
stm.
Cave, Damien. (2002). It’s time for ICANN to go, Salon.com, July 2, 2002.
Chandrasekaran, Rajiv. (1998). Internet reconfiguration concerns federal officials, The Washington Post,
January 31, 1998.
Cyberspace Administration of China. 2015. The Cyber Perception of President Xi Jinping: To build a
cyber power, and let the development benefit the people. http://www.cac.gov.cn/2015-12/10/c_
1117414086.htm. (last visit: Dec. 10th, 2015).
Chin. Polit. Sci. Rev. (2016) 1:81–93 91
123
Czosseck, C., and K. Geers. 2009. Borders in cyberspace: can sovereignty adapt to the challenges of cyber
security? The Virtual Battlefield: Perspectives on Cyber Warfare 3: 88.
de Bossey, Cgateay. (2005). Report of the Working Group on Internet Governance, Source: http://www.
wgig.org/docs/WGIGREPORT.pdf. (last visit: Dec. 10th, 2015).
Drezner, Daniel W. (2004). The global governance of the Internet: bringing the state back in. Political
Science Quarterly, 119(3): 477–498. doi:10.2307/20202392.
Farber, Dave. (2002). A comment on Gilmore: ICANN Must Go (good insights), Interesting-people
mailing list, July 2, 2002.
Gerwig, Kate. (1998). One man’s attempt to reroute internet traffic, Internet Week.com, February 9, 1998.
Gittlen, Sandra. (1998). Taking the wrong root? Network World.com, February 4, 1998.
Gittlen, Sandra, (1998). Surprise IP address system test creates a stir, Network World, Vol. 15, No. 6,
1998.
Greenwald and MacAskill. (2013). NSA Prism program taps in to user data of Apple, Google and Others,
Source: http://www.peacepalacelibrary.nl/ebooks/files/356296245.pdf. (last visit: Aug. 20th, 2015).
Gross, Doug. (2010). Google quits censoring search in China, CNN, Mar. 23rd, 2010, Source: http://
www.cnn.com/2010/TECH/03/22/google.china/. (last visit: Dec. 7th, 2015).
Hayden, Michael. (2013). CNN Contributor, Ex-NSA chief: safeguards exist to protect Americans’
privacy, http://edition.cnn.com/2013/08/01/opinion/hayden-nsa-surveillance/, (last visit: Aug. 20th,
2015).
Herzog, Stephen. 2011. Revisiting the Estonian cyber attacks: digital threats and multinational responses.
Journal of Strategic Security 4(2): 4.
Jensen, Eric Talbot. (2012). Sovereignty and neutrality in cyber conflict. Fordham International Law
Journal 35(3):815–841.
Joint Chiefs of Staff. 2013. Cyberspace operations. Joint Publication 3-12(R). http://www.dtic.mil/
doctrine/new_pubs/jp3_12R.pdf. (last visit: Feb. 5th, 2013).
Kessler, Glenn. (2010). Wikileaks’s unveiling of secret State Department cables exposes US diplomacy,
The Washington Post, Nov. 29th, 2010, Source: http://www.washingtonpost.com/wp-dyn/content/
article/2010/11/28/AR2010112802395.html. (last visit: Dec. 7th, 2015).
Krasner, Stephen D. 2001. Abiding sovereignty. International Political Science Review 22(3): 229–251.
Krekel, Bryan, Patton Adams, and George Bakos. 2014. Occupying the information high ground: Chinese
capabilities for computer network operations and cyber espionage. International Journal of
Computer Research 21(4): 333.
Kruger, L.G. 2013. Internet Governance and the Domain Name System: issues for congress. Library of
Congress: Congressional Research Service.
Liebman, Jason. (2010). Facebook, Twitter and Youtube are tools for diplomacy, Source: http://www.
huffingtonpost.com/jason-liebman/perspective-on-digital-di_b_416876.html, (last visit: Dec. 10th,
2015).
Lyons, P. A. (1995). Cyberspace and the law: your rights and duties in the on-line world. In Information
Processing and Management, ed. Cavazos, E.A., Morin, G. 31(6), 910–910.
National Security Law of China. 2015. http://news.mod.gov.cn/headlines/2015-07/01/content_4592594.
htm. (last visit: July 1st, 2015).
NTIA, Department of Commerce. (2015). Verisign/ICANN proposal in response to NTIA request root
zone administrator proposal related to the IANA Functions Stewardship Transition. https://www.
ntia.doc.gov/files/ntia/publications/root_zone_administrator_proposal-relatedtoiana_functionsste-
final.pdf. (last visit: Aug. 17th, 2015).
NTIA, Department of Commerce. (2010). Domain names: management of internet names and addresses.
https://www.ntia.doc.gov/legacy/ntiahome/domainname/nsi.htm. (last visit: July 6th, 2010).
NTIA, Department of Commerce. (2001). Special Award Conditions amendment number twenty-four
(24). NCR-92-18742. https://www.ntia.doc.gov/files/ntia/publications/amend24.pdf. (last visit: May
25th, 2001).
Office of Public Affairs, NTIA, Department of Commerce. 2014. NTIA announces intent to transition key
internet domain name functions. https://www.ntia.doc.gov/press-release/2014/ntia-announces-
intent-transition-key-internet-domain-name-functions. (last visit: Mar. 14th, 2014).
Sanger, David. (2015). US decides to retaliate against China’s hacking, http://www.nytimes.com/2015/
08/01/world/asia/us-decides-to-retaliate-against-chinas-hacking.html. (last visit: Aug. 20th, 2015).
Schmitt, Michael N. ed. (2013). Tallinn manual on the international law applicable to cyber warfare,
15–16. Source: http://www.peacepalacelibrary.nl/ebooks/files/356296245.pdf. (last visit: Aug. 20th,
2015).
92 Chin. Polit. Sci. Rev. (2016) 1:81–93
123
Sonbuchner, Scott P. (2008). Master of your domain: should the US Government Maintain Control over
the Internet’s Root. Minn. J. Int’l L 17: 183.
Shen, Yi. (2014). Transform and construction: the design of national cybersecurity strategy and the
capacity build in a post-Snowden age. China Information Security 5: 41–43.
SSAC, ICANN. 2014. Overview and history of the IANA functions. SAC067. https://www.icann.org/en/
system/files/files/sac-067-en.pdf. (last visit: Aug. 15th, 2014).
Strickling, Lawrence E. (2015). An update on the IANA transition, http://www.ntia.doc.gov/blog/2015/
update-iana-transition. (last visit: Aug 20th, 2015).
Swett, Charles. (1995). Strategic assessment: the Internet, Office of the Assistance Secretary of Defense
for Special Operations and Low-Intensity Conflict (policy planning), Jul. 17th, 1995, Source: http://
fas.org/cp/swett.html. (last visit: Dec. 10th, 2015).
The DOD Cyber Strategy, http://www.defense.gov/News/Special-Reports/0415_Cyber-Strategy. (last
visit: Aug. 20th, 2015).
The DOD CYBER STRATEGY, The Department of Defense. (2015). Source: http://www.defense.gov/
Portals/1/features/2015/0415_cyber-strategy/Final_2015_DoD_CYBER_STRATEGY_for_web.
pdf. (last visit: Dec. 10th, 2015).
Xi Jinping. 2014. Letter of congratulations to the first world internet conference. http://news.sina.com.cn/
o/2014-11-20/021931172249.shtml. (last visit: Nov. 20th, 2014).
Xinhua Net. 2014. ‘‘Address of President Xi Jinping in the Brazil Congress’’. http://news.xinhuanet.com/
world/2014-07/17/c_1111665403.htm. (last visit: July 17th, 2014).
Xinhua Net. 2014. ‘‘Xi Jinping leads Internet security group’’. http://news.xinhuanet.com/english/china/
2014-02/27/c_133148273.htm. (last visit: Feb. 27th, 2014).
Yi Shen graduated with Ph.d degree in International Relations from Fudan University in 2005 and served
as faculty in the Department of International Politics from then on. His main research focuses on
cybersecurity, cyber diplomacy and the governance of cyberspace. From 2008 to 2009, Prof. Shen visited
the Georgetown University as the post doctoral research fellow. Prof. Shen published his first book
National Cybersecurity Strategy of the United States in 2013 and now he serves as the Deputy Director of
the Cyberspace Governance Studying Center in Fudan.
Chin. Polit. Sci. Rev. (2016) 1:81–93 93
123