How far will societies pursue security along paths paved by dictators?
Chinese telecom giant ZTE is exporting surveillance technology to Venezuela, according to a recent Reuters investigation. Venezuelan officials allegedly visited Shenzhen, the Chinese technology hub, to learn about the country’s national identity card technology. “Using vast databases to store information gathered with the card’s use,” Angus Berwick wrote for Reuters, “a government could monitor everything from a citizen’s personal finances to medical history and voting activity.” It’s an insidious tool for population control, and its export—along with the export of other digital surveillance systems—is lending to the diffusion of an increasingly consolidated authoritarian model for internet governance and control.
This ZTE incident is the most recent in a long line, where surveillance technology from authoritarian countries—facial recognition software, internet monitoring tools, biometric sensors, and more—is exported elsewhere. Within the last year, Chinese companies have been involved in exports of facial recognition tech to regimes in Singapore, the United Arab Emirates, Zimbabwe, and Malaysia.
For surveillance tech in general, Chinese companies export to governments in Ethiopia, Ecuador, South Africa, Bolivia, Egypt, Rwanda, and Saudi Arabia. Russian firms have similarly exported surveillance technology to Kazakhstan, Tajikistan, Turkmenistan, and Uzbekistan. To be clear, surveillance tools—or at the very least dual-use items that can be used for surveillance—that are developed in the United States and other liberal-democratic markets get exported too. But since the 2013 Wassenaar Arrangement, many of these liberal-democratic economies have sought to limit the flow of digital surveillance tools to human rights-abusing regimes.
Authoritarian nation-states like Russia and China view the internet as a threat to their domestic security that must be controlled within their borders, whether because of its potential for domestic coalition-building or its ability to give populations access to censored information. In other words, these countries support an internet model that is sovereign and controlled. Heavy content censorship, pervasive surveillance, and traffic throttling (e.g., slower and pricier access to foreign or undesirable websites) are all characteristics of this approach to the global internet.
Liberal-democracies, on the other hand, tend to think differently—that a global and open internet is best for the world. It accelerates economic growth, supports free speech, and progressively spurs global interconnectivity, the logic goes. Principles like “freedom,” “openness,” and “interoperability” are critical to this liberal-democratic approach.
Along with our colleague Jocelyn Woolbright, we empirically surveyed the landscape of internet governance around the world—using data points on everything from internet penetration to social media use to assorted freedom scores—and found that a third camp exists. These countries have yet to make key decisions about the control of the internet within their borders, and, as a result, have yet to gravitate towards either the global and open or sovereign and controlled ends of the spectrum. We call this group the digital deciders.
Argentina, Brazil, Indonesia, Mexico, India, and Singapore are just some of the often-overlooked countries in this camp. Because they have yet to take decisive action one way or another (e.g., censoring content or promoting free speech), their decisions about cybersecurity and internet regulation hold important sway over the future of the global network and the formation of international norms. Rising global emphasis on great power conflict is precisely why countries like China and Russia are likely attempting to influence these digital deciders in their direction.
Exporting surveillance technology (and know-how) to other countries is a way to reinforce the sovereign and controlled vision for the internet—one where governments control the network within their borders, in an effort to control their citizens’ social, political, and economic behavior. When nation-states like Venezuela adopt technology like a national identity card, they have to build their own domestic infrastructure to manage the information. When nation-states like the UAE implement Chinese facial recognition software to surveil citizens, they similarly must construct networks—unique to their own country—to fully implement the system: cables, servers, special software, and more.
In doing so, these countries are laying the groundwork for their own domestic, internally-managed internets—fueling the “fragmentation” risk so many warn about, by which the global internet becomes less a place for open, global trade and communication and more a series of isolated networks controlled by sovereign states. Surveillance technology exports to countries already prone to human rights abuses and authoritarianism further consolidates and upholds a sovereign and controlled vision for the internet within these countries. Of course, authoritarian countries are not the only ones who spy on the internet, as the Snowden revelations showed. But when a nation may already be disinclined to support liberal-democratic principles like freedom of speech, or lacks legal frameworks to codify such principles, this technology further pushes them away from a global and open internet.
It’s worth noting that many of the countries receiving Chinese surveillance tech rank as “not free” on Freedom House’s Freedom in the World index, and are therefore not in the digital deciders. However, some of them—like Ecuador, South Africa and Singapore—are. If China and Russia seek to export their authoritarian model, expect more exports to these countries in the near future. It is imperative, therefore, that liberal-democracies recognize that the export of surveillance technology is about far more than dollars and cents or human rights abuses. It’s also about promoting an authoritarian model for the internet.
This piece, first published by the Council on Foreign Relations, is used with permission.