As leading global powers seek to have a hand in influencing Internet
governance, India is slowly emerging as a potential key player and ally.
As early as 2002,
India has engaged with the United States on cyber security issues and
cooperation under the auspices of the U.S. – India Cyber Security Forum.
In 2011, both governments signed a Memorandum of Understanding
to promote closer cooperation and the timely exchange of information
between the organizations of their respective governments responsible
for cyber security. The MOU established best practices for information
exchange and key cyber security organizations on a wide range of cyber
issues. In 2015, the first U.S.-India Strategic and Commercial Dialogue was held, focusing on priority issues of defense and commerce. During this period, India’s position appeared in line with the United States, favoring an open, inclusive, transparent system of Internet governance.
The need to get likeminded allies is important as leading cyber
powers seek to influence how the Internet is run and governed. There are
two primary camps engaged in promoting their solutions. Generally
speaking, the United States and largely Western nations favor a multi-stakeholder driven approach where
Internet policy is not determined by member states, but by the broader
society. Governments like China and Russia (and a few others) endorse states’ sovereignty
in cyber space with the right to establish and implement public policy
and international policy on matters of Internet governance. Led by both
of these governments, a proposal and its update were submitted to the UN
General assembly in 2011 and 2015, respectively, supporting this position. Both sides continue to lobby for their interests among the global community.
India is in a unique position of being a major information technology
manufacturing center. The Indian government has taken initiatives to
support the country’s digital emergence through projects like Digital India.
But also, and perhaps more importantly, India is a potential ally for
both Western and Eastern interests in their respective quests to
influence how the world uses the Internet. While India has already
established a dialogue with the United States on cyber security, it is
also part of the “BRICS” – the five nation association (Brazil, Russia,
India, China, South Africa) of emerging economies that have a strong
influence on regional and international issues. For states like China
and Russia, BRICS can be used as a counterweight to U.S.-centric commercial and political interests.
India has walked a deft line between U.S. and Russian interests. During the June 2015 53rd meeting of the Internet Corporation for Assigned Names and Numbers (ICANN), India’s statements
alluded to its continued support of the U.S.’ vision of a
multi-stakeholder approach to Internet governance. However, U.S. and
Indian cyber engagements have been unsteady at best, with little to show
for their efforts despite ongoing dialogues. Consequently, India may be
looking to emerge from under the United States shadow to help shape
global cyber initiatives.
At the December 2015 World Summit on Information Society (WSIS), India played a critical role
in negotiations as a swing state in support of a multistakeholder
approach to Internet governance. They were involved in the drafting of
the final declaration, which was ultimately adopted by the UN General
Assembly. In addition, India is set to become a full member state of the
Shanghai Cooperation Organization (SCO) with accession
expected to occur in a June 2016 meeting. The meeting will prominently
feature cyber security issues, along with the release of a joint
declaration to which India has been making significant contributions.
As a result, India may be looking for other potential partners that
enable this goal. India and Russia have been in discussions on a
“Memorandum of Understanding on Information Security” that could sway
Indian backing to Russian and BRICS interests. The fact that the MOU
uses the term “information security” rather than “cyber security” is an
important distinction particularly because Russia (as well as China)
sees information as much, if not more, of a threat than the technology
it rides across, while the U.S. focuses solely on the technology aspect
of security. Such a distinction is not lost on those following global
efforts to come to consensus on these issues.
Should this MOU come to fruition, it would come on the heels of a September 2015 agreement for India and Russia to set up an expert group on cyber security, as well as a December 2015 landmark engagement
that saw both governments sign 16 agreements on defense, nuclear
energy, and other key areas of cooperation. In short, Russia may be
assuming more of a special partnership role with India, which would
position the second largest democracy behind their Internet governance
efforts.
It appears that India is seeking a larger role as an impact player in
the global Internet governance discussion, and is not interested in
following another government’s lead. Establishing an India cyber
security-related agreements with other governments and organizations
both inside and outside the region has been top of mind for the country.
In early 2016 India signed several bilaterals with the United Arab Emirates
bolstering ties in cyber security, infrastructure, and other strategic
areas. Additionally, in late 2015, India’s Computer Emergency Response
Team (CERT-In)
signed cooperative arrangements with counterparts in Japan, Malaysia,
and Singapore to promote the exchange of threat information, best
security practices, and more efficient resolution of computer incidents
between India and these countries. Supporting a multi-stakeholder
arrangement means understanding that all participants make viable
contributions to the larger, common goal. Most importantly, it means
knowing when to lead, and when to let others lead. The U.S. risks losing
a stalwart partner by not letting it be more of an active contributor
in its larger governance strategy.