Editor's note: this is a guest post contributed by Dr. Konstantinos Komaitis, Senior Director of Policy, Strategy and Development at the Internet Society.)
Europe is marching towards a dangerous and, potentially, irreversible trend that could see the world’s second largest economy alone and alienated.
The trend is: digital sovereignty.
Europe’s obsession with digital sovereignty is not new, but in the last year it has become more prominent and is the driving force behind many of the policy and technology frameworks of the bloc.
In February, 2020, then newly elected President of the European Commission, Ursual von der Leyen, wrote: “I sum up all of what I have set out with the term 'tech sovereignty'. This describes the capability that Europe must have to make its own choices, based on its own values, respecting its own rules”.
Like any other country, Europe should feel free to impose its own rules and laws in the Internet. But, a strict Hobbesian view of a single hierarchy of authority does not work for the Internet because the Internet does not or rather cannot – obey to any such authority.
The Internet is made of independent networks that connect to one another through a voluntary set of of open standards that ensure interoperability. This allows the interconnections to work efficiently without much prior arrangement. As a result of this voluntary interconnection, the Internet does not have a center of control. This lack of central authority means that each and every actor - state or non – can participate in the Internet and reap the benefits of innovation and global connectivity. Any attempt to impose any sort of authority over it would not only affect these benefits, but could also have unintend consequences for governments, and for the Internet.
In the last year alone, Europe has made headway in achieving its goal of digital sovereignty through different ways. GAIA-X, a Franco-German initiative on behalf of Europe seeks to create a “federated cloud architecture.” Similarly, in a recently released communication from the European Commission on the Union’s security strategy, the intention to “[limit] dependency on infrastructures and services located outside of Europe” was reasserted, echoing similar rationales put forth by the Russian sovereign law.
Moreover and, despite some strong criticism on the unintended consequences created by the General Data Protection Regulation (GDPR), Europe continues to act as the de facto global regulator for the Internet.
As part of its digital sovereignty strategy, Europe will release later this year its Digital Services Act (DSA) package, a mammoth piece of legislation meant to tackle the behaviour and business models of online platforms. The DSA, combined with the GDPR, are aimed at ring-fencing data from Europe in an effort to give a competitive advantage to European firms enabling them to compete on the world stage. Through the DSA, Europe has a unique opportunity to address, what are effectively, some of the biggest challenges in the Internet to date.
One of the main reasons for the Internet’s success is that its architecture was not an outcome of politics. The Internet’s original design was never the expression of a hegemon and its order to the people building the Internet. Instead, it was a democratic attempt at consensus amongst a variety of contributors, including the government, the private sector and the technical community. This consensus is reflected in the way the Internet was designed and has performed ever since.
The main question is how far is Europe willing to go and upset this consensus in order to support its vision of technological or digital sovereignty. The Chinese example has demonstrated that if this consensus is stretched far enough, it leads to a version of the Internet that departs significantly from its original incarnation as a free, open and inclusive space.
Europe has certainly a big choice to make and, so far, it appears to be disregarding how its obsession for digital sovereignty may be affecting the Internet. Because, if we want to preserve it, then its architectural values are as equally important as the European ones.
Note: this post originally appeared at https://tech.eu/features/32780/europe-digital-sovereignty/
By Martin Banks
August 25, 2020
The EU’s interest in its Gaia-X infrastructure is just one example of what could become an international rush towards national interest-driven, inward-looking towards parochial centralisation of the Internet, which would fracture as a global entity and become a set of state-bordered and state-governed Wide Area Networks.
Discussions about the growing relevance of data economics to the way businesses re-architect themselves over the next few years may inevitably hinge on the day-to-day cost of moving, processing and storing data anywhere around the globe, but it should not ignore the wider issues of politics, national cultures and attitudes and views on regulation that exist in different countries.
It is an old dilemma - a country may be cheap to operate in, but be overly woefully under-regulated when to comes to the protection of data or, perversely, over-regulated in a biased manner. The cheapness of operating cost may mask the paucity of investment in its infrastructures or its political self-absorption may seriously prejudice its ability to work with international businesses in a sensible way.
A conversation with Dr Konstantinos Komaitis, Senior Director of Policy, Strategy and Development at the Internet Society, an American non-profit organization founded in 1992 to provide leadership in Internet -related standards, education, access, and policy, cast some light on the stumbling blocks data economics may well come up against over the next few year. It is a task that Komaitis sees as important, not least because of the central role that data, its costs and its potential profitability, now plays for every business:
"I am going to use an expression that I really hate, but it's no accident that we have been referring to data as the new oil. It's everything, especially when it comes to the Internet, everything is about data. So to the extent that you are able to control your data, it gives you an advantage, whether that is a competitive advantage, or whether this is an advantage over control. At the same time, if you are a state actor you also want the data, from designing your own government services to actually being able to manipulate the way you interact with your users in the case of non-very democratic countries."
He sees Europe as one of the most advanced areas of the global marketplace when it comes to working with and managing data, citing the driving force behind GDPR - to fix the data privacy issue by providing a framework that would allow users to understand how their data is being used, and at the same time force businesses to alter the way they treat the data of their customers. The result has been that everything that Europe has done since GDPR in terms of either policy or infrastructure has also been centred around data.
It has also played an important part in the development of Gaia-X, the Franco-German infrastructure project, which is linked to the wider subject of digital sovereignty that is an on-going hot topic in Europe. The objective here is to provide a services infrastructure that favours data localisation, and he talks about how the GDPR will be able to encourage that.
Why my Internet’s better...
Gaia-X comes from a place where Europe feels the need to be competitive, and in particular to compete with the likes of AWS. The issue with AWS is that it can now be seen as a level of consolidation that demonstrates a failure in the market to self-regulate. Komaitis sees Gaia -X as a partial answer to creating some sort of competition against the context of a hugely consolidated model:
"The problem with Gaia-X, is that it seeks to create a closed system that is hugely federated and based on data localisation, and that is quite top down. Even in the context of interoperability, which is key for the Internet's present and future, that interoperability is also quite questionable. We don't really know the technical specifications of Gaia and the talk about interoperability doesn't appear to conform with the organic way that interoperability works in the Internet. So if we're talking about a centralised system of interoperability, rather than this whole idea of a decentralised system of interoperability where the Internet is based."
This does put Gaia-X at risk of going down the wrong alley for the wrong reasons, potentially becoming very parochial and looking predominantly inwards, not outwards. It is a view that Komaitis has sympathy with:
"The missed detail in all these conversations is that the Internet, for better or worse, is now part of the traditional geopolitics. So the geopolitical shifts that we're seeing happening outside of the Internet, inevitably will move into the Internet because it's so integrated in societies and the way we work and experience everyday life. The problem now is that nobody really is paying very much attention to the impact that all this has on this global network of networks."
His fear is that people will take the Internet for granted, something that should not be allowed to happen. The danger, he argues, is that we start losing the benefits generated by the Internet’s critical properties, such as its global cohesion. An unintentional consequence of Gaia-X may be the beginnings of Internet fragmentation, higher barriers to entry, and less interoperability – all fundamental to making the Internet what it is today.
Brexit is likely to be another contributor, especially as a worked example of a country becoming inward-looking and parochial, something he sees appearing all round the world now, with many Governments questioning globalisation and how far it has already extended.
Unfortunately, the Internet really is at the middle of this because one of the key things about the Internet is this whole idea of global reach. We were all celebrating this for the idea that we're able to exchange information and provide a global platform where everybody can participate.
"I think that the main question in this context is what sort of an Internet do you want, because there can only be one way for the Internet to work and that is to have networks that are able to interoperate with one another throughout the world and able to exchange information."
His unstated corollary, of course, is that if you can’t do that, because you are inward-looking, then the Internet ceases to exist. You just have state-bordered WANs. It is only if it becomes truly global that the full power of data economics will then come into play. There is another discussion to be had on how many nations and major businesses would prefer to see state-bordered WANs as the better solution.
Regulations need regulating
One potentially important suggestion he offers here is that impact assessments are conducted on regulatory actions in much the same way we accept environmental impact assessments or health and safety assessments. We regulate all the time, so he sees a place for it in the development of the Internet. Without it, he fears, there could be continued growth in the trend towards data sovereignties, centralisations and other trends that would be dangerous to the Internet.
There is certainly a danger that the act of regulation could be used by a nation state to exercise its particular political or cultural biases, but he sees an independently-conducted impact assessment as both a possible brake, and as a fall-back position:
It is their prerogative and they are legitimised to do that. But should a wrong decision be made and you have an impact assessment in place, then you can revert back to it and actually say, `okay, why didn't you follow these? Because if you were to follow these recommendations, then some of those things would have been avoided’.
Komaitis feels that the EU has a great opportunity here, not least because the one thing Europe is an expert in is how to regulate. He sees the EU on a long and important journey with its Digital Services Act package, which seeks to create rules for platforms as well as rules for the competition and how the competitive economy is going to work within Europe. This gives Europe the opportunity to set the standards of how this can be done, and done in a way that respects and adheres to the design of the Internet:
"We're talking about what the Internet is. We never thought that we would have this tool and suddenly there it is. It's transformative and it really has had a huge impact on all aspects of society. And we are taking it for granted. And because there is clearly a need for governments to address some of the issues, we need to bring the Internet into the consideration process. So I am hoping that they you will see this as an opportunity. I am hoping that we will learn lessons from GDPR – such as that well-intentioned regulation can also create some unintended consequences."
My takeIt is time for business managers to step outside of the straight-jacket of arguing the toss about which technology to use, and then which technology should be used to manage that technology, and then what technology should be used to monitor the technology managing the technology you are using but are starting to have doubts about – and onward into nano-granularity of technologies. If you feel that the Internet is a `good thing’ and using it to exploit all the data that is available to you is a possible fast track to a bigger profit and more sustainable business then forget about the technology per se: whatever you want to do there is now an off-the-shelf service that can deliver it.
But that opportunity for business – how data economics and the wider aspects of the overall data economy can be the basis for huge and largely beneficial developments across the world – is getting ever-closer to being under serious threat. The Internet is already being eyed up as the next plaything of the geo-politicians and geo-commercialists, and the signs are it may not fit with their increasingly parochial purview. I, for one, feel that would not be a good thing.
Note: This post originally appeared on https://diginomica.com/my-internets-better-your-internet-danger-slide-towards-state-bordered-wans
Views are my own and my own only!