We wouldn’t recognize cyberpeace if we saw it

A call to frame cyberpeace

by Verena Diersch

Matthias Schulze argues that what some perceive as cyberwar is not actually war but rather cyber conflict. The question therefore arises if this conflict will ever be solved. Ben Kamis on the other hand identifies motives in the use of language. He argues that talking about cyberpeace reinforces the impression that we are right in the middle of a cyberwar. I would not agree with that. As Johan Galtung puts it: “The use of the term ‘peace’ may in itself be peace-productive” (Galtung 1969: 167). But how do we define cyberpeace? Who should define it and how do we pursue it?

Galtung describes the dichotomy of war and peace by negative peace being the absence of the use of force. So if we are with him and Matthias Schulze, than what we see right now is negative peace. What Galtung sees as positive peace is the absence of every type of structural violence. In his notion, structural violence exists when some groups, classes, genders, nationalities, etc. are assumed to have, and in fact do have, more access to goods, resources, and opportunities than other groups, classes, genders, nationalities, etc., and that this unequal advantage is built into the very social, political and economic systems that govern societies, states and the world. If we agree to this definition, is the cyberpower of the United States and other countries a form of structural violence towards us? How do we assess that GCHQ is “assisting and enabling” the economic well-being of the UK, as Ciaran Martin, Director-General, Government & Industry Cyber Security, GCHQ, put it at the 3^rd Cyber Security Summit of Deutsche Telekom and Munich Security Conference in Bonn? If we look at Galtungs definition it seems possible that Germany – or at least some groups in Germany, e.g. small and medium-sized enterprises which are dependent on the world market and on the success of their innovations – perceive dragnet surveillance and cyber espionage as structural violence. So we may see the absence of war and by that negative peace in the understanding of Johan Galtung. But we do not see cyberpeace. And what does cyberpeace even look like?

The sociologist Erving Goffman found out that humans use social frameworks in order to have background knowledge for the understanding of events. These primary frameworks help us in recognizing phenomena so we would not have to judge whether we understand what we see every time we see something. For the issue of cyperpeace those assumptions would mean that we would recognize it if we see it but only if we had seen it before. Have we ever seen actual cyberpeace? And what does it look like?

Are frames all the same throughout society? This is not the case. So one can be sure that cyberwar, cyber conflict and cyberpeace would be defined differently by different groups of people. The only question is: which group is most capable of framing a concept that comes close to cyberpeace (whatever the heck that means!)? And how would these people define threats to cyberpeace? There are people who believe that anonymity in the online world is a threat to cyber security. But is it also a contradicting cyberpeace? Should the right to privacy be applicable in cyberspace? We are all aware of the attribution problem. But at the same time we understand that anonymity is not privacy. We leave enough data trails to be identifiable. And the argument of Jaron Lanier – who was awarded the Peace Award of the German book industry, so he should be cyberpeace expert, right? – to post online using your real name in in order to achieve the goal of stopping application providers and other organizations from covertly sniffing around in your private online stuff and being suspicious of you being a terrorist doesn’t convince me. He is concerned about people becoming this blurred digital mass of data instead of being a group of individuals. But there are people at Google who think that exactly this is the gain of the Internet society: the power of the mass, the crowd intelligence. And there are other individuals that think anonymity online provides you with the opportunity of “raw, unfiltered” conversation. But how does this relate to trolling? So I guess we have – once again – a framing problem here. One can ask a lot of questions:

1. If the Internet became popular because of the idea of anonymity and that caused organizations to be interested in finding out who these users really were and the group of anonymous people on the other hand perceived those actions as being threatening, have we ever had cyberpeace?
2. Was the Internet designed to become a weapon? Are the (ideological) origins of the internet in Darpanet and Milnet or in the World Wide Web of Tim Berners-Lee?
3. Who will define or promote what peaceful behavior online looks like? Can we achieve cyberpeace by communicating with real names and attaching our personal signature to every piece of code we write?
4. If non-anonymity does make the Internet more secure because black hat hackers might be deterred from launching attacks does that equal peace?

We already answered the last question by using Galtung as a reference. So the abolition of anonymity online might make the internet more secure. And it might – as Jaron Lanier puts it in his book “Gadget” – help us be a person in digital life. It might even provide us with better cybersecurity, but we might not have cyberpeace. The problem is that security always gives advantage to some people while leaving others aside. It is – once again – a framing problem.

If we assume that the hosts of the Cyber Security Summit invited all important people who are concerned with the topic of cyber security one might ask why nobody ever mention the term cyberpeace or peace.Language is a powerful tool. The only word the delegates of the Cyber Security Summit used all day was: trust. Actually, I’ve heard it so much the word lost its meaning. The IT security industry tells us to trust their products and the next thing we hear is that RSA is broken. We hear that one can trust in our economic system but what top level managers from Siemens tell you is that they’ll better be paranoid and expect that there are backdoors in their systems but there will be mitigation processes in order to gain more time and secure as many data as possible from getting stolen by the adversary (another war category, great!). The only person at the summit who mentioned a word that at least in German is close to “Frieden” was ACLU’s Ben Wizner. He mentioned the goal of “Kundenzufriedenheit”, customer satisfaction. Is that as close as we get to cyberpeace? I hope not. Because most of the people just use software, applications and services because they are free, convenient, popular and fun.

Can the discussion about a code of conduct in cyberspace help us to define cyberpeace? Will it give us a positive peace by the absence of structural violence? Are the existing institutions and forums of global governance working at all? If you analyze the discussions at the World Conferences on International Telecommunications (WCIT), you get the impression that we will never be globally on the same page but there will always be different perceptions and interests per group. But if we do not find a code of conduct for cyberspace, how can we establish cyberpeace?

Jaron Lanier wants us to become persons again online by once in a while writing a blog entry. Well, that’s what I’ve done. And I guess there are people out there that have never done it or do it all the time and want to reply to my thoughts – well, you should. Because this is how we create a frame for cyberpeace. This will be the opportunity for us to construct a background understanding, helping us to recognize cyberpeace when we see it. And we hopefully might see it. Think out loud. Spread the word.

Literature references:

Galtung, Johan (1969): “Violence, Peace, and Peace Research”, Journal of Peace Research Vol. 6, No. 3, pp. 167-191.
Goffman, Eving (1974): “Frame Analysis. An Essay on the Organization of Experience”, Northeastern University Press.
Lanier, Jaron (2014): “Gadget. Warum die Zukunft uns noch braucht”, Suhrkamp Verlag.

Verena Diersch is an assistant professor at the Chair of International Politics and Foreign Policy at the University of Cologne, Germany. She holds a diploma in Political Science from the Ludwig-Maximilian’s University in Munich, Germany. Her fields of research are cyber security and intelligence. In her PhD thesis she analyzes the cyber intelligence methods of the Five Eyes from an neoinstitutional perspective.