In June 2015, India made waves in the Internet governance world by finally formally announcing that it would support multistakeholderism. What received less attention is that the government at the same time continued to bat for a pre-eminent role for States in some aspects, most notably those related to security. In fact, early indications are that its support for multistakeholderism have already started to pay it rich dividends in the global arena precisely where India’s cybersecurity interests and demands are concerned. Was India’s embrace of multistakeholderism a purely opportunistic move, or is something more substantive indeed going on?
On 22 June 2015, Minister Ravi Shankar Prasad made a video address to the ICANN53 meeting in Buenos Aires, Argentina, that was noted for good reason. For the first time, the statement seemed to lay out a comprehensive Indian policy on Internet governance. A strong yet nuanced address, Prasad’s speech got lauded widely for its endorsement of multistakeholderism as the Minister said: ‘India recognises that all the stakeholders are key and multistakeholderism is perhaps the only way to keep the system integrated, growing and expanding through new innovations and investments’. For those who believe in the potential of multistakeholderism to contribute to more open and participatory forms of government, this was music to their ears indeed.
What received less attention, however, is the fact that Prasad’s address was not merely an embrace of the status quo in multistakeholderism. The Minister formulated a vision for the future – and this vision firmly included an enhanced role for the State in certain aspects of Internet governance, most notably in the area of security. It is important that Prasad batted in his address for a ‘multi-layered system’ and for the need to ‘build and maintain plural and diverse governance models’. It is equally important that he also emphasised at several points in his statement the centrality of the State. Though acknowledging that governments cannot do this on their own, he noted that governments continue ‘to shoulder the central responsibility to secure the networks, the economic interests, lives and property of people’. He further added:
While [the] role of the State in cyberspace is being defined, the burden of responsibility remains as severe on the State, if not more. New partnerships with new stakeholders need to be crafted so that the agencies of the State can be commensurate to the expectations from it.
What Prasad was expressing support for was, thus, not merely multistakeholderism-as-we-know it in particularly in ICANN, but a more complex system, where different stakeholders take up different roles, and with varying prominence, depending on the issue under discussion. Though this received far less attention following the Minister’s address, the nuance Prasad was bringing to his message was as important as its broad-strokes.
This should not come as a surprise: as I have argued elsewhere, cybersecurity issues have been an important driver of India’s global Internet governance policy in general for at least five years now, and it is unlikely that this will change any time soon. While India might have reassessed how to best achieve its objectives in this area, they have by no means become any less of a priority.
This was made clear by India’s subsequent statements and positions in international fora, most notably in the context of the 2015 Review of the World Summit on the Information Society (WSIS) process. Shortly after Prasad’s address, on 1 July 2015, India for the first time shed light on its priorities for the Review. While stating that ‘India would like to reaffirm and renew its commitment to the multi-stakeholder processes’, the government in its remarks also asked for special consideration for the process of enhanced cooperation mandated by the WSIS Tunis Agenda, in particular where issues with a direct impact on national security are concerned.
India had earlier used the cover of the enhanced cooperation mandate to bat for a multilateral approach to Internet governance, even going so far as to propose, in 2011, a new UN body to take charge of international Internet-related public policy issues, though with little success. India’s new, more narrow definition of the enhanced cooperation agenda sits well with its support for a multi-layered, multistakeholder system of Internet governance while not losing sight of its strategic concerns.
This dual emphasis – on multistakeholderism on the one hand, and on the fact that the final responsibility for security issues lies with the government, on the other – continues in India’s first written submission for the WSIS+10 Review process in July 2015, in which it additionally argued in favour of ‘a global framework, such as an International Convention for Legal Cooperation on Cyber Crime, which would harmonise effective international cooperation between member states in tackling cyber crime’.
In India’s second written submission for the WSIS+10 Review process, in September 2015, this dual emphasis was maintained as well, though the reference to a global framework was no longer there. Instead, India asked that the outcome document of the WSIS+10 Review process include a paragraph stating that the ‘sovereign jurisdiction of all states should be ensured on the information infrastructure and systems within the respective boundaries to ensure national security of respective countries’. It also asked for the inclusion of text that notes: ‘[c]ybersecurity is an increasing challenge to all stakeholders. All stakeholders must work together to cooperate and collaborate in securing the information assets, devices and information contained therein’.
Will India’s bet on a policy that embraces multistakeholderism while at the same time increasingly pushing for solutions for cybersecurity concerns at the global level, and for the pre-eminence of governments’ role in these solutions, pay off? Early indications seems positive. If cooperation on cyber issues between India and the US has officially resumed since August 2015, India’s embrace of multistakeholderism has figured explicitly in the statements coming out of official dialogues on this issue.
Seeing that the US, due to imbalances in the existing Internet governance landscape, holds some of the important keys to resolving at least some of India’s cybersecurity concerns, the embrace of multistakeholderism thus seems to have created goodwill of a kind that will help to address India’s cybersecurity concerns far more quickly than a purely multilateral approach would ever have been able to do – the centrality of governments in addressing these concerns notwithstanding.
Moreover, while India’s relationship with earlier allies in the Internet governance arena, such as Russia and China, might increasingly entail a delicate balance act for the Indian government, it seems to by no means have been hurt by India’s new pro-multistakeholder policy. Evidence of that balancing act can be found, for example, in the Ufa Declaration of the recently concluded 7th BRICS Summit in Ufa, in July 2015. The text says among other things:
We consider that the Internet is a global resource and that states should participate on an equal footing in its evolution and functioning, taking into account the need to involve relevant stakeholders in their respective roles and responsibilities.
We acknowledge the need to promote, among others, the principles of multilateralism, democracy, transparency and mutual trust, and stand for the development of universally agreed rules of conduct with regard to the network. It is necessary to ensure that UN plays a facilitating role in setting up international public policies pertaining to the Internet.
For a casual observer, the sections on the need for states to participate on an equal footing in Internet governance and for the UN to play a role in it, as well as those reconfirming the principles of multilateralism, might seem like clear endorsements of a multilateral system of Internet governance. But the nuances are important, as they weaken that message considerably: multilateralism is among the principles to be endorsed, not the only one; the UN’s role is to be a facilitating one, not necessarily a decision-making one; and the need to involve other stakeholders is recognised in language that has been taken from the 2005 WSIS Tunis Agenda and has been interpreted in a wide range of ways since then, including to promote multistakeholderism.
Indeed, in a draft circulated by Russia ahead of the summit, explicit references to a multilateral Internet governance system were reportedly included. By finding compromise language that can be interpreted in diplomatic circles in a wide variety of ways, this language was successfully toned down, as India had set out to do.
It is also noteworthy that India’s recent embrace of multistakeholderism has not come in the least in the way of the country’s accession to the Shanghai Cooperation Organisation (SCO): the start of the accession process was formally announced in the most recent annual SCO Summit, also in Ufa, Russia, 9 – 10 July 2015.
Cybersecurity issues have notably figured on the SCO agenda for long. Most well-known among its initiatives, the SCO Member States submitted an updated version of the International Code of Conduct for Information Security to the United Nations in January 2015, with a request to circulate it as a document of the 69th session of the UN General Assembly. A first draft of the proposed code had earlier been submitted to the 66th session of the UN General Assembly, in 2011. Both the earlier and current version have been controversial for a number of reasons, including that they clearly aim to carve out a greater role for States in Internet governance and seek to explicitly promote multilateral international Internet governance mechanisms. They also aim to extend the notion of cybersecurity to include a need for content control. Though the proposed code may thus seem to be at odds with India’s embrace of multistakeholderism, at least at first sight, this does not seem to have been a barrier for the acceptance of its application for full membership of the SCO.
While it remains to be seen what position India will take vis-à-vis these controversial SCO initiatives once it becomes a full member, one thing is clear: India’s efforts to secure its cybersecurity related interests at the global level are on track. What is less clear, however, from the country’s pronouncements and actions over the past few months is what the highlight of Prasad’s video address at ICANN53, India’s support for multistakeholderism, will mean in practice. Was it a purely strategic statement, meant to create a certain goodwill vis-à-vis other Indian demands and interests, but not much else?
It deserves to be pointed out in this context that, while both India and the US might have spoken about multistakeholderism in the context of their bilateral dialogues, bilateral negotiations rarely display the kind of openness that is generally a hallmark of multistakeholder discussions in Internet governance. Indeed, it is not a surprise that while (some) industry might have been invited to be a part of the August 2015 dialogue, civil society was absent from the discussion, the important human rights implications of many cybersecurity discussions notwithstanding. Around the world, those non-government stakeholders involved in bilateral discussions have generally been carefully handpicked by the governments involved.
This is not to say, however, that there have not been any positive evolutions where India and multistakeholderism are concerned over the past few months. In particular, within India, the Department of Electronics and Information Technology (DeitY) within Prasad’s Ministry of Communications and Information Technology has organised a range of roundtables to elicit stakeholder views on current Internet governance topics over the past few months, ranging from debates around WHOIS related issues in ICANN to the WSIS+10 Review. Similarly, the Department of Telecommunications (DoT) has organised consultations with an array of stakeholders to elicit views on net neutrality. Though there is little clarity on the ways in which the government processes these inputs and subsequently takes them into account, or not, in its policies and stances, such initiatives constitute an important and welcome effort to build the beginning of a multistakeholder system within India.
To what extent India’s embrace of multistakeholderism will lead to its championing of more open, transparent and inclusive governance systems will remain to be seen, however. Will input from all stakeholders be sought on a broad range of issues, or will certain topics, such as cybersecurity, be out of bounds for some stakeholders, such as human rights organisations? Will input be taken into account, or merely solicited, and then ignored? And finally, will such laudable efforts to consult widely remain limited to the national level, or will India exhibit a similar openness at the global level, and thus contribute to a drastic but arguably much-needed reworking of the UN system, as well? Only time will tell. For now, a certain glasnost does seem to have set in in India’s Internet governance policy. Perhaps it is up to all of us to make the most of it.