EAI Middle Power Diplomacy Initiative Policy Recommendation 7

Author

Sangbae Kim is a professor of international relations at the Department of Political Science and International Relations, Seoul National University. His major research concerns are with information, communication, and networks in international relations. His selected works include Standards Competition in the Information Age: Wintelism and the Japanese Computer Industry (in Korean), (Paju: Hanul Academy, 2007); Information Revolution and Power Transformation: A Perspective of Network Politics (in Korean), (Paju: Hanul Academy, 2010); International Relations of Arachne: Challenge of the Network Theory of World Politics (in Korean), (Paju: Hanul Academy, 2014).

Cyber security issues have recently become considered as some of the most pertinent emerging agenda items that South Korea is likely to play a meaningful role as a middle power. These issues have largely been the domain of computer experts and specialists since the Internet began as a small community where an authentication layer of code was unnecessary and the development of norms was simple. But as it grew, everything changed and although cyberspace offered an arena for business and social activities, it also became an environment for crime, hacking, and terror. Governments, private companies and non-state actors are making efforts to develop stronger capabilities for securing their resources and activities in cyberspace. Foreign policy makers and International Relations scholars are struggling to understand cyberspace’s basic structures and dynamics, which are different from traditional security sectors. It is obvious that cyber security issues are becoming a major concern of International Relations in various senses.

Amid the fast spread of hacking technologies, many countries and international organizations focus more on crafting security measures and enhancing multilateral cooperation to fend off cyber threats, which could be as devastating as physical military strikes. For example, they are making efforts to build a global framework for Internet governance, of which cyber security is one of the contentious sub-fields; but their consensus has not been framed yet. In particular, the United States and China, two world powers in the 21st century, have recently been in conflict with each other over hackings and espionage. The issue of cyber security is becoming an ever larger presence in U.S.-China relations and is seriously affecting threat perceptions on both sides. Indeed, despite it being such a new issue, the cyber realm is proving to be as challenging as the more traditional concerns that have long dominated the U.S.-China agenda.

South Korea, which has a high reputation as an “Internet Strong Nation,” is expected to play a contributive role in the cyber security sector. South Korea boasts cutting-edge digital technology, efficient computer networks and the world’s top high-speed Internet penetration rate. But behind these feats is an unpleasant truth: its vulnerability to cyber threats, suspected as the work of North Korea. There is a concern that the on-line attacks are likely to be coupled with off-line nuclear attacks. It is urgent and crucial for South Korea to build capabilities enough to fend off any attacks through cyberspace. However, securing cyberspace is not solely based on fostering material capabilities, but also figuring out diplomatic solutions among committed actors.

In recent years, South Korea as an Internet power is likely to play diplomatic roles in easing cyber conflict between world powers, and to building a new global mechanism for cyber security governance. To achieve these tasks of middle power diplomacy in the sector, it is essential that South Korea properly identify the structural conditions in which it currently operates, and determine adoptable options for the future to aid in its success. In other words, a major task here is to comprehend the overall configuration of the technological and political structures, and define the coordinating or conflicting interests of the actors who are engaging the game. In this context, it is essential for South Korea to identify the structural condition that could be epitomized at three levels.

• First of all, cyber security issues have a number of particular technological and structural characteristics, which are different from traditional security issues. Among them, the key to understanding the potential magnitude of cyber threats is the complex character of the Internet as a network of networks. Cyber threats are continuously evolving, as well as increasingly blurring distinctions between civil and military domains, non-state and state actors, and even human and non-human actors.

• Second, two groups of countries are competing for global cyber security governance. The existing model of cyber security, in a broader sense global internet governance, has been driven by Western countries that believe the Internet should be more open and free. In recent years, however, the challenges, driven by a coalition of states—including Russia, China and other developing countries, are organized and have a clear, more state-controlled vision for the Internet.

• Finally, the United States and China—two world powers in the 21st century—are competing over cyber security. For the last few years, the issue of cyber security (or IT and the Internet in general) as a leading sector has been elevated to a top priority within the overall U.S.-China relationship. Different approaches to cyber security in technical standards, regulatory policies, and security discourses are contrasting between the two world powers and such differences are likely to spill over into a broader tension between them.

Cyber security issues do not belong to the realm of “international politics” between nation-states competing over traditional security issues; but do belong in the realm of asymmetric “inter-network politics” between complex actors. Moving beyond the traditional framework of inter-governmental organization, various state and non-state actors are recently participating to the new global frameworks for cyber security; at some point in the future, it may be possible to reinforce these global frameworks with certain fundamental norms, but the world is at an early stage in such a process. The next decade is going to be filled with various clashes as those complex actors in world politics are competing for their own political needs and desires.

Under these circumstances, it is critical for South Korea as a middle power to understand the structure and dynamics of the cyber security sector, and to figure out what kinds of specific roles are expected of its middle power diplomacy. Here, it is most important for South Korea to have the ability of contextual and positional intelligence, which reads constantly evolving contexts and identifies its moving positions in cyber security. The discussion about structure and position offers the directions of diplomatic strategies that a middle power has to pursue. Based on these notions, this paper suggests three strategic pillars of middle power diplomacy—brokerage diplomacy, collective diplomacy, and complementary diplomacy.

Policy Recommendations

1. Brokerage Diplomacy in Cyber Security: South Korea should learn how to coordinate the asymmetric relationship in the inter-network politics of cyber security, but must not forget to pursue compatibilities between world powers.

Identifying overall structural conditions of the cyber security sector, South Korea has to contextualize its position within the structure of cyber security politics. In other words, required for South Korea would be the strategies of adjusting itself to the structural conditions of the sector. With regard to the adjustment strategies, this paper pays special attention to the middle power’s strategic roles of “brokerage,” which means the role of a broker and more than a mere connector, providing a mode of transition, switching, transforming and translation between different actors in the system. The unique forms of cleavages found in the sector are likely to provide middle powers with structural opportunities of brokerage. But, the structural conditions are also likely to create a situation threatening South Korea’s attempts for brokerage on the following three aspects.

a. Pursuing Compatibilities between Different Standards: Brokerage issues in the cyber security sector would be concerned with choosing a technical standard between the United States and China. In the case that China takes a technological offensive with its cyber security standards, what would be the decision for South Korea, which has heavily relied on U.S. technical standards, such as Microsoft’s Windows operating systems and Internet Explorer, and Cisco’s network equipment? This sort of choice must be very tough because it is not only related to technologies, but also involved in diplomatic issues: will South Korea stick to the U.S.-Korea alliance or will it broaden the existing Sino-Korea cooperation? Indeed, the choice means a process of “asymmetric coordination of relationships” that might build new relationships on the one hand, and break existing ties on the other hand. This process of integrating or destroying ties lies at the heart of brokerage. Recognizing the roles of brokerage diplomacy, South Korea has to be familiar with managing the asymmetric coordination game among network partners, but must not forget to pursue compatibilities between two networks.

 

b. Developing a “Meta-model” of Policies and Institutions: In building the Internet policy and governance models, South Korea’s choice is placed between the private-sector-driven model of multistakeholderism, pursued by the United States and the state-interventionist model of Internet control supported by China. Is South Korea likely to play a brokerage role between these two seemingly incompatible models of Internet policies and institutions? Here, we note that a middle power’s role as a broker has an affinity with the strategies of combining or mixing existing models and developing the so-called “meta-model,” rather than creating entirely new models. South Korea’s experiences in politico-economic development provide good examples for the meta-model, in the sense that the South Korean model of political economy, which is called the “Seoul Consensus,” is likely to combine the concerns of developing countries as well as those of advanced countries. It is a plausible scenario to develop a model of a “Seoul Consensus for cyber security” in the sense that South Korea has achieved prosperity in the Internet economy, initiated by the private sector, although it is still regarded as a country that has state initiatives against social activities in cyberspace.

 

c. Implementing Complex Strategies of Global Governance: South Korea has difficulties in positioning itself between two different visions for global Internet governance. One vision has been driven by Western countries that believe the Internet should be more open and free; the other driven by developing countries' support for the inter-governmental approach and state sovereignty over cyberspace. South Korea’s official position is now known to support the open and flexible approach to global Internet governance initiated by various international entities such as United Nations (UN), International Telecommunication Union (ITU), Organization for Economic Cooperation and Development (OECD), and Internet Corporation for Assigned Names and Numbers (ICANN). The approach could be called the complex strategy of Internet governance, combining the two competing visions. However, it is expected that South Korea would have difficulties in structural positioning in the sector. For example, South Korea was crammed between advanced countries and developing countries in the vote for updating the International Telecommunication Regulations (ITRs) at World Conference on International Telecommunications (WCIT) in 2012. Right after South Korea’s vote, a South Korean newspaper denounced that the South Korean government when it revealed its intention to control the Internet...(Continued)