On January 30th 2021, I ended a fantastic 2,5 year adventure working in the European Union institutions. I spent this time at the EU Institute of Security Studies, the EUISS, where I worked on the EU Cyber Direct project, providing research support to the European External Actions Service in its cyberdiplomacy endeavours. I have decided to dedicate my full time on my PhD research at the Vrije Universiteit Brussels at IMEC-SMIT and the Brussels School of Governance, where I will be part-time affiliated with the Hannah-Arendt Institute. My doctoral research titled “Prevention of securitization of contentious content through architectural interventions on online platform” will focus on platform governance, the organic spread of misinformation and online radicalisation.
My time at the EU left me with many impressions and some accomplishments. At the start it felt like I had been living in Rome all these years and was suddenly summoned to work in Vatican City. The impressive architecture of institutional buildings in Brussels, which I had so often walked past, now felt like cathedrals for democracy (and bureaucracy…), the centrality of Brussels in the European empire, even more epitomised by the inner Brussels bubble and hierarchies, its jargon and odd customs,… at times working for the EU felt similar to working for the Holy Roman Empire, especially when I would go on “missions” to spread the gospel of the EU’s cybersecurity and cyberdiplomacy. These cynical feelings eventually evaporated as I started understanding more about the inner workings of the greatest peace project (and experiment?) ever set up. I started developing a deep respect for the work of the European Union, despite all its defects.
Providing research support for the EU’s cyberdiplomacy efforts felt quite meaningful, like we were contributing something useful. Every country in the world is navigating its way through the digital revolution. Mass societal connection to the information highway brings many benefits, but also exposes society to many vulnerabilities. It’s no secret that some countries like Russia, China and the US have been taking advantage of these vulnerabilities. There’s strategic benefits in exploiting the digital holes that are left behind when we’re all building this digital infrastructure at a breakneck speed. The EU’s vision on this global occurrence is one of collective progress. Such a strategy previously paid off after the European continent was ravaged by internal war. Cooperation works from the EU’s perspective! This may seem a bit naive from the outside, but in the few years that I was working on the EU Cyber Direct project, I saw an EU trying to understand other countries and regions’ cybersecurity positions in order to collaborate better and really try to adapt its cooperation ideas to everyone participating in the global digital space. I saw how the EU and its member states have tried to broker conversations at the United Nations for peace and stability (sometimes clumsily, I’ll admit) and support other countries in developing cybersecurity strategies.
I participated in a few of these support opportunities, speaking about EU cybersecurity cooperation in Costa Rica, Chile, Singapore and Ethiopia, the “missions”. Traveling for these conferences gave me new insights on how we think about security of the internet from different perspectives. I bundled these insights in 3 regional engagement mappings for the European External Action Services, one on Latin-America, perspectives which I condensed in a blog post for the Elcano Royal Institute, one on Africa, and one on Southeast Asia. Turns out, we’re all just… winging it?
During my time working with the EU Cyber Direct project, we connected hundreds of experts, academics and digital rights activists to EU policymakers, putting them in the same room to exchange perspectives. The COVID-19 pandemic made that aspect harder, but working on cyberdiplomacy really made me understand the value of human-to-human contact. I mentioned this importance in my opening statement that I was honoured to make at the 2019 UN multistakeholder intersessional of the Open Ended Working Group on Developments in the Field of ICTs in the Context of International Security. My own little Greta Thunberg moment, only without it being seen by many people of course because who cares about some dry UN sessions on cybersecurity? I had to convince the VRT to let me write about what these UN meetings are about so people would be aware about the importance of this process.
In the statement I made an analogy of human interaction to the DNS system. People are just as much connected through routing points that are of significant importance in their community as computers. These human routing points too have a role to play in connecting everyone in their directory to other parts of the world. This is for me what multistakeholderism is about. Now that I’m no longer working for the EU, it hopefully sounds more sincere when I say; the EU seems to really want to stimulate multistakeholder interactions to develop collaborative solutions for internet security. Perhaps the union doesn’t always come up with the best results or draws the right conclusions, but the intentions are valid. For this UN OEWG session, it funded the participation of 40 civil society actors out of 200-something participants. These people were all routing points in their civil society community. They need to be in this room. Their presence is key to making sure a broad variety of actors has a say in the security and stability of the internet, so a robust human DNS must be built between them.
The point I wanted to make in that statement, was the need to get a variety of actors involved in the cyberdiplomacy conversation. After all these years I still can’t really point my finger on what cyberdiplomacy is. ‘The use of diplomatic tools to further national interests in cyberspace and foster cyberstability’ is how I’ve come to describe it. I am aware that it remains a vague concept for many. I supported the European Security and Defense College in the creation of an e-learning module on cyberdiplomacy to demystify it for European diplomats, an endeavour I actually enjoyed embarking on. Cyberdiplomacy intersects on so many fields, most of which I have dabbled in during my not-so-junior-but-still-not-senior career. It was a joy to bring it all together and make it understandable for the broad community of actors that are needed to engage in this field. The e-learning is openly accessible to anyone since we don’t just need diplomats doing cyberdiplomacy.
My time at the EUISS was also not exclusively spent on cyberdiplomacy and the EU Cyber Direct project. I was grateful to also be able to contribute to Deputy Director Florence Gaub’s strategic foresight efforts. These allowed me to develop my insights on the security threats that stem from social media, which are not a topic of debate in cyberdiplomacy. There are good reasons to keep social media, misinformation and other content issues out of security debates, which are at the centre of cyberdiplomacy. For one, it remains problematic to securitize content, and it plays in the hands of global actors who would prefer to gain greater sovereign control over information that circulates within their borders and reaches their citizens. It does however also negate the fact that there are security threats stemming from content that circulates on the internet. On January 6th 2021, a mix of extremists, Trump supporters en conspiracists stormed the US capitol building, supposedly to ‘take back the steal’ and protest the election loss of Donald Trump. Five people died in this riot. One year earlier, we predicted a scenario of civil unrest in the US fuelled by online misinformation and extremists organising in online groups. Our scenario was supposed to take place in 2024, but the global pandemic fermented many underlying rotting issues and stank up the place faster than I expected.
Calling the January 6th incident the start of a civil war is perhaps hyperbolic, but it was symptomatic to the very real security issue stemming from the social web. The artificial wall held up in the international discussion between harmful code – harmful content also leaves a vacuum for those countries that are dealing with the growing pains of societal digital connection. There are many countries seeing the waves of instability stemming from the internet, but see no clear solution to avoid it from turning into conflict. Without global discussions on this issue, countries cannot support each other in finding viable, human rights-respecting solutions to this problem. This vacuum is easily filled by actors supporting more online repression and surveillance to guarantee stability. If I had more time and space at the EUISS, I would have still written a brief about the need for global capacity building and best practice exchanges on dealing with disinformation in a rights-and-rules-respecting way. I honestly believe this is an important next challenge where the EU can lead. I might however be too early in pushing for these efforts. The EU and other countries making policy decisions on this issue first needs to find their own balance, and gather more evidence for its policy making on this issue itself. We’re still figuring out how to navigate this delicate issue and there hasn’t been a perfect modus operandus found anywhere. At some point it would be good for the EU to support other countries experimenting with rights-respecting interventions, to acquire evidence together, adapt to local contexts and investigate the effectiveness and impact of certain platform regulations and interventions.
These issues of misinformation and online hatred fester all around the world on social platforms that are ran by companies that seem unbound by any national legislation, and unbothered by their societal responsibility or lack of democratic input. In my view, most of these platforms are inherently problematic because of the business model and architectures that guide their social interactions. That is why, as part of the What If series, I wrote out my utopian ideal of a social media platform in 2024 where users could get their news as well as engage socially.
The key importance of such an interest-based social platform are: trained moderators who are part of the community and understand the norms, context and tone; and a subscription/wallet based monetization. I sometimes jokingly referring to “the Novaweb” as a solution platform, but I know it takes way more than “a good idea” to solve the issues of our social media ecosystem.
I see many challenges ahead for the open internet, as geopolitical interests are seeping into internet governance issues increasingly more often. One such example was the discussion on a potential ban of the Chinese social media app TikTok. I wrote a piece on our Directionsblog how the concerns with TikTok are framed as cybersecurity concerns, but they are actually more a matter of national security where states such as the US don’t want data of their citizens to fall into the hands of a country like China. If states truly want to tackle the security problems with platforms like TikTok, the solution is not to ban the platform and harm user rights that have formed communities on these platforms. The solution is to create a rights-and-rules based social media, for ALL social media platforms.
When the mindset of a free and open internet starts taking a backseat in security discussions, the internet will start fragmenting on several layers. A lot has been written about how the internet will not fragment, especially on the DNS layer, but geopolitics can intervene in several other layers of the internet. For the last What If scenario that I made at the EUISS, I hypothesized what a fragmented internet would really look like on a Physical, Data and Application layers of the internet (loosely based on OSI & TCP/IP model).
The global network of information has always been balancing between decentralisation and centralisation. As the balance seems to be tipping more to decentralisation, it is important to keep regions from fragmenting their internet space and cutting off or inhibiting the flows of communication.
I am sure the EU can have an important role to play in stimulating cooperation and ensuring other countries from keeping the lines open. I look forward to keep working towards these goals in the future, even outside of the European Institutions.