The global Internet—a vast matrix of telecommunications, fiber optics, and satellite networks—is largely a creation of the United States. The technologies that underpin the Internet grew out of federal research projects, and US companies innovated, commercialized, and distributed the technology around the world. The basic structure of the Internet—reliance on the private sector and the technology community, relatively easy oversight, and the protection of speech and promotion of the free flow of information—reflects American values.
In addition, US strategic, economic, political and foreign policy interests were served by an open global Internet. Washington has long believed that its Internet vision will succeed and that other countries will be forced to adapt or miss out on the benefits of a global and open Internet.
The United States now faces a very different reality. The overall vision of an open, reliable, and secure global network has not been achieved and will likely never be realized. Today, the Internet is less free, more fragmented, and less secure.
Countries around the world now use a large degree of control over the Internet, to process geographic data, block and moderate content, and launch political influence campaigns. States are conducting massive cyber campaigns, and the number of disruptive attacks is increasing. Adversaries are making it more difficult for the United States to operate online. Parts of the Internet are black markets for vandalism, crime, theft, and fraud.
Malicious actors have exploited social media, spread misinformation and lies, encouraged different forms of political participation that can influence elections, fuel radical violence, and promote toxic forms of social division.
At the same time, the modern Internet remains the backbone of critical infrastructure for people around the world. It is the main artery of global digital commerce. It has broken down barriers to information sharing, supported grassroots organizations and marginalized communities, and can still serve as a form of resistance under repressive regimes.
As the Internet of Things (IoT) grows in the coming years, the next iteration of the network will connect tens of billions of devices, digitizing every aspect of daily life, from heart monitors and refrigerators to robots and agricultural methane. carbon emissions.
The United States, however, cannot capture the benefits of innovation by continuing to pursue failed policies based on an unrealistic and outdated vision of the Internet.
The United States needs a new strategy that responds to what is now a fragmented and dangerous Internet. The Task Force believes it is time for a new cyberspace foreign policy.
The main findings of the Task Force are as follows:
- The era of the global internet is over.
- US policies promoting an open, global Internet have failed, and Washington will not be able to stop or reverse the trend toward fragmentation.
- Data is a source of geopolitical power and competitiveness and is seen as central to economic and national security.
- The United States has taken itself out of the digital trade game, and the continued failure to adopt comprehensive privacy and data protection laws at home is undermining Washington’s ability to lead abroad.
- Increasing digitization increases vulnerability, given that almost every aspect of business and statecraft is exposed to disruption, theft, or fraud.
- Most cyberattacks that violate sovereignty remain below the threshold for the use of force or armed attacks. This violation of the law is often used for espionage, political gains, and international statecraft, and is a very damaging attack that undermines trust and confidence in social, political, and economic institutions.
- Cybercrime is a national security threat, and ransomware attacks on hospitals, schools, businesses, and local governments should be viewed as such.
- The United States can no longer treat Internet operations and information as two separate domains.
- Artificial intelligence (AI) and other new technologies will increase strategic volatility.
- The United States failed to impose sufficient costs on the attackers.
- Principles are more useful in binding friends together than forcing enemies.
- Prosecutions and punishments have not been effective in stopping government-backed hackers.
The Task Force proposes three pillars of foreign policy that should guide Washington’s adaptation to today’s complex, diverse, and dangerous cyberspace.
First, Washington must face reality and assemble a coalition of allies and friends in an Internet vision that maintains—to the greatest extent possible—a reliable, secure international communications platform.
Second, the United States should balance the diplomatic and economic pressure that is more directed at its adversaries, as well as disruptive cyber operations, with clear statements about self-imposed restraint on certain types of targets agreed upon among US allies.
Third, the United States needs to put its proverbial house in order. That requirement requires Washington to coordinate its digital competition policy with the broader enterprise of national security strategy.
The main recommendations of the Task Force are as follows:
- Create a digital trade agreement between trusted partners.
- Resolve outstanding issues with US-European Union (EU) data transfer.
- Create an international cybercrime center.
- Introduce a focused program of online assistance and infrastructure development.
- Work collaboratively across partners to maintain technical excellence.
- Promulgate policies against malicious attacks on elections and financial systems.
- Negotiate with adversaries to establish restrictions on cyber operations directed at nuclear command, control, and communications systems (NC3).
- Develop comprehensive Vulnerabilities Equities Process (VEP) collaborative processes.
- Adopt greater clarity about protecting actions going forward.
- Make states accountable for hazardous work that occurs in their jurisdictions.
- Make digital competitiveness a pillar of the national defense strategy.
- Clean up US cyberspace by providing incentives to internet service providers (ISPs) and cloud providers to reduce malicious activity within their infrastructure.
- Address the domestic intelligence gap.
- Promote exchange and collaboration between talents from trusted partners.
- Develop expertise in cyber foreign policy.
A free, global, and open Internet was a valid aspiration that helped guide US policymakers in the Internet’s first three decades. The Internet as it exists today, however, calls for a rethinking of US and foreign Internet policies to address these realities. The Task Force believes that US goals going forward will be more limited and thus more achievable, but the United States needs to act quickly to design strategies and tactics that can address the immediate threat.