by Dr. Tim Stevens
China recently rolled out another component of its evolving scheme to control data flows into and across its communications networks. It banned the use of ‘virtual private networks’ (VPNs) that tunnel through the so-called ‘Great Firewall of China’ to allow Chinese users encrypted access to services like Twitter, Facebook and Gmail. VPNs have been targets of Chinese government actions since at least 2011 but the recent actions go beyond interference to outright bans on these tools.
VPNs create private encrypted networks that communicate across public networks, functionality that evades detection and the interdiction of data by the sophisticated tools of the Chinese internet censorship programme, officially termed the Golden Shield. VPNs allow remotely located individuals and companies secure communication across the global internet without fear of their data being compromised by state authorities.
This development was an unusually public admission of state intervention but was consistent with existing Chinese proposals to make national sovereignty the basis for internet governance at home and abroad. In the words of a Chinese government think-tank, the internet had been ‘upgraded for cyberspace sovereignty’. What are these proposals, what motivates them, and how should we understand them in the global context? Importantly, what do they mean for sovereignty and data in the contemporary world?
Internet governance: the Chinese model
China’s domestic and foreign internet policy are united by twin goals of economic growth and desire for domestic stability and harmony. At home, as internet penetration and use have increased, legal and regulatory frameworks have evolved to keep pace. Diplomatically, as issues of internet governance are wrangled at the intergovernmental level, China seeks to shape emerging norms of global internet policy and brings it into direct conflict with the United States and its western allies. Both processes are driven by a conception of sovereignty that, whilst logical, is at risk of undermining that which it seeks to protect.
China’s decision to ban VPNs is informed by an overarching vision that is a matrix of competing concepts of sovereignty, specifically ‘domestic’ and ‘interdependence sovereignty’. Domestic sovereignty concerns the ways in which domestic affairs are conducted, both in terms of authority extended by the state over its citizens and the degree of control exercised over them. Interdependence sovereignty is principally a matter of control, which under conditions of globalisation may be considered the control of information flows across national borders.
In the Chinese case, as elsewhere, these forms of sovereignty are fundamentally intertwined. The transnational flows of information from outside China are considered dangerous to domestic sovereignty on account of their challenges to political unity. Cultural influences from, principally, the West, are viewed as impure and radically destabilising should they take hold amongst the population. Transnational sovereignty must therefore be exerted as a means of ensuring domestic sovereignty and state authority and is regulated by laws and policies that enable the filtering of internet traffic on a national level, just the sorts of technologies that VPNs render irrelevant. Domestic sovereignty is reinforced by a baffling matrix of laws and regulations that aim to filter out certain categories of internet content and criminalise and therefore deter a range of internet activities through self-censorship and behavioural change.
The foreign threat to Chinese sovereignty is further explicable through the lens of ‘Westphalian sovereignty’, which protects the state from external interference by others. China and the US are currently embroiled in a long-standing dispute in which both sides accuse the other of accessing unlawfully one another’s networks for economic and strategic gain. They are arguing about Westphalian sovereignty but this is tied into a more robust challenge by China to the norms of the international system itself. China regularly accuses the US of controlling the internet to its sole benefit and recent submissions to the United Nations challenge both the US right to do so and seek to reassert Westphalian sovereignty in the context of the global internet.
China is a proponent of ‘internet sovereignty’, whereby states decide how to regulate the internet within their national borders with no reference to international law. With its allies in the Shanghai Cooperation Organization, China has lobbied the UN General Assembly for internet governance that enshrines those national rights, as opposed to a global system that consults multiple stakeholders, including the US, business and civil society. In essence, these proposals argue that only national, rather than international, law should have jurisdiction over the internet. China, Russia and the central Asian republics are seeking to shape global norms of internet governance based on conceptions of various forms of sovereignty that support regime maintenance above all. This is intended primarily to allow filtering-out of Western ideas from national networks and the suppression of internal dissent mediated by online means.
Why this matters for China
The problem for China is that these attempts to regulate the internet are at odds with its stated strategic ambition: that the internet becomes a driver for national prosperity and pride. The banning of VPNs throws this issue into relief and shows how asserting sovereignty in this way could be detrimental to China in the long term.
Whilst it has been concerned about VPNs for some time, China has let their use go relatively unhindered, given its commitment to business expansion and the use of the internet for Chinese research and development. Recent developments have reversed this stance and Chinese and non-Chinese have been quick to point this out.
Chinese entrepreneurs and academics have complained that this will prevent their effective international peer collaboration. Western companies are worried about the impact on their Chinese subsidiaries and their ability to conduct business in confidence. Coupled with new rules requiring foreign firms to provide ‘back doors’ into their software and hardware, it is unsurprising that accusations of Chinese protectionism are surfacing once more.
From foreign and Chinese perspectives, there are contradictions in Chinese policy. How does the commitment to enterprise square with barring a principal means of doing business abroad? How can the prioritisation of academic research and development continue if international collaboration is hindered by the banning of VPNs?
One international news editor of a Chinese state-owned media outlet wondered how he could follow international news if access foreign broadcasters’ Facebook updates was banned. Alluding to the progressive nature of Chinese censorship, he told The New York Times, ‘I feel like we’re frogs being slowly boiled in a pot’. The same article explicitly called out Chinese ‘cybersovereignty’ as ‘Beijing’s euphemism for online filtering’. If national harmony through sovereignty is the aim, small wonder that Chinese internet users treat ‘being harmonised’ as a euphemism for ‘being censored’.
As counterproductive as this appears, there is a logic here, aside from the obvious presumption towards maintaining Party pre-eminence (regime maintenance is hardly the preserve of China alone). In business terms, China and the US are each other’s biggest trading partners and China calculates that the US will continue to exploit that relationship, despite the massive balance of payments deficit in the Chinese favour. Should these new rules be enforced effectively, US business has shown an ability to absorb such changes in the past, figuring that its own self-interest is best served by turning a blind eye to the sometimes pernicious effects of such policies on Chinese citizens.
We should also recall that the Chinese government is not wholly responsible for censoring the Chinese internet. It employs tens of thousands of internet police and, if state figures are correct, more than two million people to routinely monitor the internet and report undesirable material to authorities. Amongst this number are thousands of wumaodang, hired by the Communist Party of China to influence online discussions in their favour and, ultimately, to forestall collective political action. Most filtering and blocking is undertaken by internet service providers as conditions of their trading licences. Large companies employ hundreds of ‘monitoring editors’ to comply with ‘internet safety’ regulations. Doubtless, most would prefer not to conduct in-house censorship, as this has its own chilling effect on the freedom to speak and act.
The emerging political economy of Chinese internet censorship defrays the costs of censorship to the consumer and taxpayer whilst employing a not insignificant fraction of the Chinese workforce. Growth in the Chinese information technology sector may have slowed slightly in 2014 but, as in the West, we should assume that there is profit in products and services marketable as ‘cybersecurity solutions’ but which are censorship and surveillance by any other name. Short-term internal growth in this sector may be stimulated by erecting barriers to external competition but how will this sustain long-term innovation if access to global markets is restricted? This is a gamble that China seems willing to make.
Despite differences in national outlooks, the internet has been the greatest integrative factor in China’s international relations, which it has deepened rather than diluted. China is also the biggest internet market and what happens there matters for everyone else. It is facile to reject Chinese actions and perspectives because they do not accord with one’s own views on these matters. Why should the Chinese not prioritise their own national interests, or seek to change the rules by which global governance is played? It is not as if Western countries have never played a similar game, or Western leaders sought to ban or subvert encryption and internet access on grounds of national ‘security’ or ‘values’.
There is a tension between the Chinese ‘closed’ model of internet sovereignty and the more ‘open’ visions of Western neoliberal capitalism. Reconciliation between the two should focus on being positive-sum rather than zero-sum, which means continuing dialogue rather than melodramatic statements of mutual enmity. Objectively, however, it is very difficult to see how China will thrive by closing down tools like VPNs, which have enabled the very success it so reasonably desires.
Finally, we are left wondering how ‘cybersovereignty’ is different from ‘regular’ sovereignty. The same impulses and strategic calculations apply and the overall aims are politically identical; only the tools differ. This speaks to the long-overdue collapse of ‘cyberspace’ as a concept to define a space somehow apart from the physical reality of everyday life. It is not. It is an additional layer of informational reality deeply imbricated with the rest of our social, economic and political lives. It maps onto local conditions and is shaped by strategic exigencies and political visions.
China is reasserting its sovereignty in the face of changes catalysed by information technologies but which are expressive of longer-term challenges to the state. China will not disappear if it relinquishes control over data within its sovereign borders but it will, ultimately, be forced to change, perhaps to become a ‘networked state’ that admits and capitalises upon its ambiguous sovereignty. Whether that change comes from the state or people is the real issue at stake. This is why current policies take aim at citizens and neoliberal capitalism both, rather than grappling with the nature of the Chinese state.
About the author: Tim Stevens is a Teaching Fellow in the Department of War Studies, King’s College London (KCL), Associate of the Centre for Science and Security Studies at KCL, and Associate Fellow of the International Centre for the Study of Radicalisation. He earned his PhD at KCL and is the co-author with David J. Betz of Cyberspace and the State (Routledge, 2011). His new book, Cyber Security and the Politics of Time, will be published with Cambridge University Press in 2015.
About Thesigers: Thesigers is the trading name of Thesiger & Company Limited, the research and advisory firm. Thesigers provides a range of services for governments, companies, organisations and individuals, built on a foundation of traditional research disciplines and specialising in problems at the juncture of politics, society, business and the environment. Registered office: 27 Old Gloucester Street, London, WC1N 3AX, England. Company registered in England and Wales. Company Reg. No. 07234402. VAT No. GB 135658985. Phone: +44 (0)134 430 6541 | Email: email@example.com
 China further tightens grip on the internet’, The New York Times, 29 January 2015, http://www.nytimes.com/2015/01/30/world/asia/china-clamps-down-still-harder-on-internet-access.html [accessed 15 February 2015].
 Reuters, ‘In China, VPN internet access tools suffer further disruptions’, 23 January 2015, http://www.reuters.com/article/2015/01/23/us-china-internet-vpn-idUSKBN0KW0WS20150123 [accessed 15 February 2015].
 For background, see Tim Stevens, ‘A cyberwar of ideas? Deterrence and norms in cyberspace’, Contemporary Security Policy 33, no. 1 (2012): 148-70.
 Tim Stevens, ‘Sovereign Data in International Relations’, Current Intelligence 5: 4 (Fall 2013). First published online 11 Nov 2013. URL: http://thesigers.com/analysis/2013/11/11/sovereign-data-in-international-relations.html [accessed 15 February 2015].
 For historical background and implications, see Kit Dawnay, “China and Sovereignty of Information,” Current Intelligence 5: 4 (Fall 2013). First published online 15 Nov 2013. URL: http://thesigers.com/analysis/2013/11/15/china-and-sovereignty-of-information.html
 Stevens, ‘Sovereign data in International Relations’.
 Sonia Sceats, ‘China’s cyber diplomacy: a taste of law to come?’, The Diplomat, 14 January 2015, http://thediplomat.com/2015/01/chinas-cyber-diplomacy-a-taste-of-law-to-come/ [accessed 15 February 2015]; see also, http://www.un.org/ga/search/view_doc.asp?symbol=A/69/723.
 Kristen Eichensehr, ‘International cyber governance: Engagement without agreement?’, Just Security, 2 February 2015, http://justsecurity.org/19599/international-cyber-governance-engagement-agreement/ [accessed 15 February 2015].
 ‘China cracks down on VPN use’, The Guardian, 13 May 2011, http://www.theguardian.com/technology/2011/may/13/china-cracks-down-on-vpn-use [accessed 15 February 2015].
 ‘China further tightens grip on the internet’.
 ‘New rules in China upset Western tech companies’, The New York Times, 28 January 2015, http://www.nytimes.com/2015/01/29/technology/in-china-new-cybersecurity-rules-perturb-western-tech-companies.html [accessed 15 February 2015].
 ‘China further tightens grip on the internet’.
 Astrid Nordin and Lisa Richaud, ‘Subverting official language and discourse in China? Type river crab for harmony’, China Information 28, no. 1 (2014): 47-67. For a broader analysis, see, for example, Seva Gunitsky, “Corrupting the Cyber-Commons: Social Media as a Tool of Autocratic Stability,” Perspectives on Politics 13:01 (March 2015): 42-54.
 https://www.census.gov/foreign-trade/balance/c5700.html (accessed 15 February 2015).
 BBC, ‘China employs two million microblog monitors state media say’, 4 October 2013 [accessed 15 February 2015].
 Gary King, Jennifer Pan and Margaret E. Roberts, ‘How censorship in China allows government criticism but silences collective expression’, American Political Science Review 107, no. 2 (2013): 326-43, http://gking.harvard.edu/files/censored.pdf [accessed 15 February 2015].
 ‘Is this what a Chinese internet censor job ad looks like?’, The Wall Street Journal, 21 May 2012, http://blogs.wsj.com/chinarealtime/2012/05/21/is-this-what-a-chinese-internet-censor-job-ad-looks-like/ [accessed 15 February 2015].
 ‘China’s software, IT sector growth slows’, Xinhua, 21 December 2014, http://china.org.cn/business/2014-12/21/content_34376394.htm [accessed 15 February 2015].
 E.g., Morgan Marquis-Boire, ‘For Their Eyes Only: The Commercialization of Digital Spying’, 1 May 2013, Citizen Lab and Canada Centre for Global Security Studies and Munk School of Global Affairs, University of Toronto, https://citizenlab.org/storage/finfisher/final/fortheireyesonly.pdf (accessed 15 February 2015).
 E.g., ‘How has David Cameron caused a storm over encryption?’, The Guardian, 15 January 2015 [accessed 15 February 2015].
 E.g., David Meyer, ‘“Cyberspace” must die. Here’s why’, Gigaom, 7 February 2015, https://gigaom.com/2015/02/07/cyberspace-must-die-heres-why/ [accessed 15 February 2015].
 Manuel Castells, Communication Power (Oxford: Oxford University Press, 2009), 38-42.