Why the EU Is Underperforming its Diplomatic Potential with Big Tech

Written by Nathan van der Heyden

Part 1: From Cybersecurity to Techplomacy

Source: Office of Denmark's Tech Ambassador

i. Changing the Global Strategy

The Global Strategy sets the guidelines for the next few years of EU diplomacy. The last Global Strategy titled « Shared Vision, Common Action: A Stronger Europe - A Global Strategy for the European Union’s Foreign And Security Policy » (“GS”) dates from 2016 and in it, the attentive reader might notice something peculiar: no mention of Big Tech whatsoever.

How can we explain this strange oversight? Surely already in 2016, tech giants such as Apple, Microsoft, Facebook, Amazon and Google were dominating the public debate around democracy, responsibility and the development of technology. However, apart from plans to « deepen our partnerships with civil society and the private sector as key players in a networked world » (GS, p.8), no mention is made of the already urgent work to regulate and cooperate with these economical giants whose user base outnumbers even the most populated countries in the world and, in the case of Apple and Microsoft, are valued above a trillion US$. Placing them, in comparison with entire countries’ GDP, at 17th in the world ahead of Indonesia or Saudi Arabia.

At a glance, it seems the EU only worries about cyberattacks. When the internet is finally mentioned in the Global Strategy, it is only to argue that the EU needs better tools to defend itself against cyberattacks in order to secure access to data and computer systems in case of military conflict. This betrays an understanding of the potential of internet-based foreign policy that is, if you’ll pardon the term, so 2016.

The internet shapes political discourse, cultural and social interactions, economical consumption and, as such, a whole range of threats to democracy has emerged from citizens’ ever-increasing reliance on social media, particularly Facebook.

Indeed, if 2016 showed the democratic free world anything, it is the vulnerabilities in its electoral system. The surprise election of Donald Trump as president can obviously not only be attributed to the ruthless Russian online propaganda or the illegal harvesting and use of data by Cambridge Analytica. But denying the importance of this kind of electoral interference is dangerous. In the 2018 update on the Global Strategy, the EU vowed to adapt its approach of cybersecurity in these terms: « The EU has accelerated its work on Cybersecurity, which is critical to both our prosperity and our security. Malicious cyber activities not only threaten our economies and the Digital Single Market, but also the very functioning of our democracies, our freedoms and our values. Cyber threats come from both non-state and state actors: they are often criminal, motivated by profit, but they can also be political and strategic. » (GS: Year 2, p.15). Further in the document, the EU also vows to fight against deliberate political disinformation. Slow progress, but progress nonetheless.

ii. Cyberattacks are not 1’s and 0’s

The Facebook-Cambridge Analytica scandal of early 2018 hurt the EU by helping both the Trump campaign in the 2016 election and the Leave vote in the Brexit referendum. In both these cases, it was not the digital infrastructure of the EU that was threatened but the very fabric of democracy in such key allies. Through heavily targeted ads on social media, both of these campaigns were able to sway key voters with a barrage of fake news tailored almost-individually based on illegal harvesting of data on Facebook.

The EU expressed solidarity in an official statement with the affected countries and denounced Russia for its attempt to undermine international law. In December 2018, the EU’s diplomatic service was itself the target of a hack-and-leak campaign. This proves that over the past few years, many elections, governments and public agencies in Western countries have been targeted by these obviously political cyberattacks, rarely more spectacularly so than during the Brexit vote or the US presidential campaign. Our very definition of cyberattack has to change, we can’t imagine it being only lines of 1’s and 0’s sent back and forth. Any attempt to use the internet in a manipulative way to further one’s geopolitical goals is a cyberattack and should be considered as such. While the objective is large scale destabilization of democratic processes, the means to do so vary and make these attacks particularly problematic in the context of international law. Affecting the outcome of an election can be done in many different ways, from hack-and-leak operations to vote counting manipulation through a campaign of propaganda and mass-disinformation, and while certain of these activities are strictly prohibited, others find themselves in legal grey areas.

Cyberattacks have long been understood by public and politicians as viruses sent to weaken, spy or destroy other computer programs and the image of a nerdy Russian sitting behind his computer typing 1’s and 0’s jumps to mind when we think about hackers. Obviously, this is the vision the EU had in mind when drafting the 2016 Global Strategy. The failed state-backed Russian hack attempt of the Organisation for the Prohibition of Chemical Weapons in The Hague was very mediatized at the time. This also had the beneficial effect of providing the Dutch and English intelligence about several other attacks on international targets such as the World Anti-Doping Agency. (Missiroli, p.136)

However, the Brexit Referendum or the 2016 US Presidential Elections were not victims of this older vision of cyberattacks as much as they were victims of propaganda, disinformation campaigns and « hack-and-leak » operations, which should be called cyberattacks all the same as they represent ways in which geopolitical actors fight for power. The internet has changed everything about the flow of information and in turn, has become the most important battlefield for the conflict of ideas. The internet shapes political discourse, cultural and social interactions, economical consumption and, as such, a whole range of threats to democracy has emerged from citizens’ ever-increasing reliance on social media, particularly Facebook.

iii. Techplomacy, or How I Learned To Live With the Tech Giants

Westphalia, 1648. The world, or at least the parts that matter to the people in that room, has decided. It will be nation-states. And between these powerful nation-states, there will be diplomatic interactions to solve problems.

Brussels, 2018. After 370 years of Westphalia-era diplomacy, the writing is on the wall.

«The state system itself with its formalised diplomacy, dominant since the Treaty of Westphalia in 1648, may no longer be sufficient to resolve today’s global challenges » argue Donaldson and Younane, two British diplomats (Donaldson & Younane, 2018). How do we fix it then? What can we add that might increase our diplomatic system’s relevance and usefulness in the future? The answer might lie in bringing new actors to the table.

« The multinational tech companies driving this technological innovation have become extremely influential; to the extent that their economic and political power match — or even surpass — that of our traditional partners, the nation-state» writes Casper Klynge, the world’s first tech diplomat.

It seems so obvious that it’s almost unexplainable why nation-states took so long to decide that diplomatically ignoring Big Tech amongst other private actors was not a luxury they could afford. While Denmark has now named Casper Klynge, a career diplomat, as its first Tech-Ambassador, most other countries (France recently appointed an Ambassador for Cyberdiplomacy) and most importantly the EU itself has yet to follow suit. Denmark and France do not have the reach to change the game all by themselves, and as such it has to be the EU which initiates this primordial shift at the global level.

The importance of a constant diplomatic channel between the EU and Big Tech can’t be understated. At the same time, the EU must foster the incredible potential for development that these companies harbour by steering the direction of innovation towards a model that doesn’t threaten the values the EU is so eager on upholding. This important balance has been demonstrated recently by the comments and actions of European competition commissioner Margrethe Vestager. She offered a very optimistic view of the potential impact of AI on society: “there’s no limit to how AI can support what we do as humans.” (Business Insider, 2019). Meanwhile, this same commissioner has built a reputation for being the harshest regulator of Big Tech after imposing a hefty €4.3 billion fine on Google in 2018 and recuperating €13 billion illegal tax benefits from Apple in 2016.

Certainly, the potential impact of the technology developed by Big Tech cannot be underestimated but, if left alone, there’s no guarantee Big Tech will use these technologies for reasons in line with Europe’s vision for the future. The only way for the EU to have its cake and eat it too is to foster a constant constructive and frank dialogue between itself and Big Tech through Techplomacy.

This is the first part of a two-piece series. The next part will focus on the challenges the EU will face in implementing techplomacy.

Bibliography:

-Donaldson, A., & Younane, I. (2018, February). A diplomatic deficit? The rise of non-state actors.

- EU competition commissioner Margrethe Vestager says there's 'no limit' to how AI can benefit humans. (2019, November 8).

- European External Action Service. (2016). Shared Vision, Common Action: A Stronger Europe - A Global Strategy for the European Union’s Foreign And Security Policy.

- Klynge, C., Ekman, M., & Waedegaard, N. J. (2020). Diplomacy in the digital age: Lessons from Denmark’s TechPlomacy initiative. The Hague Journal of Diplomacy, 15(1-2), 185-195.

- Missiroli, A. (2019). The Dark Side of the Web: Cyber as a Threat. European Foreign Affairs Review, 2019(2), 135-152.