China is seeking to jointly build a community of shared future in cyberspace based on peace, sovereignty, shared governance, and shared benefits, and the country’s efforts to reassert sovereignty over cyberspace is to ensure the security and order of cyberspace—and not to impede the free flow of information.
The so-called “VPN ban” targeting unregistered businesses and Apple’s decision to remove some VPN apps from the China App Store are nothing more than parts of an effort to better regulate cyberspace. Though a small firestorm erupted after Apple removed the apps, China has made it clear foreign companies must abide by domestic laws and the country’s internet management policies. “We would obviously rather not remove the apps, but like we do in other countries we follow the law wherever we do business,” Apple CEO Tim Cook said.
While there are obviously mixed feelings on the VPN issue, there is a real need for countries to take steps to bring order to their end of cyberspace. The growing list of ever-complicated cybersecurity problems highlights the need for cyber sovereignty—a principle China elaborates on in its International Strategy of Cooperation on Cyberspace, stressing that national governments are entitled to administer cyberspace in accordance with law.
In 2010, the U.S. launched a sophisticated cyberattack against Iran, damaging some 1,000 centrifuges in a uranium enrichment facility. The malicious computer worm known as “Stuxnet,” reportedly a joint U.S.-Israel project, served as a wake-up call to the international community about the need to protect critical infrastructure systems.
Years later, it was discovered the U.S National Security Agency formed a Cold War-style cyber partnership with its international partners in an attempt to gain cyberspace dominance. The unraveling of PRISM and other global spying programs showed how cyberspace can used to shift the balance of cyber power to the West at the expense of the rest.
The U.S. has long entertained the idea of cyber domination. During his service as U.S. Air Force secretary in 2007, Michael Wynne argued that the U.S. should try to “dominate cyberspace” like we “dominate air and space.” This zero-sum mentality continues to play an important role in some Western thinking. In an article published in the Military Law Review in 2013, it was argued that cyber sovereignty “extends exactly as far as each country can make it,” suggesting that cyber is a space for competition and the U.S. should try to maximize its relative cyber power.
There is also the very real problem of countries losing control over their most sophisticated cyber weapons. In May, for example, the NSA-powered cyberattack known as “WannaCry” wreaked havoc worldwide. Brad Smith, Microsoft’s president and chief legal officer, responded to the crippling attack by calling for enhanced state control over cyberspace, saying governments “need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.”
All this should serve as a motivator for countries to reassert their cyber sovereignty and work together in partnership for the benefit of all countries. It is in this sense of keeping people safe online that Chinese President Xi Jinping said: “You can’t have national security without cybersecurity.”