A World Without Borders: Cyberspace, Crime and State Authority

This week, more developments were released concerning Russian interference in the U.S. election and further evidence suggests that the intent exists to do so in this year’s midterms.  These headlines are incredibly relevant as we work through our discussions this week, including Phil Williams’ article on transnational crime.  In this post, I will examine how the Internet and other technologies serve to undermine the state and produces spaces where state authority become less relevant.  Furthermore, I’ll consider the Russian-backed hacking operations and attempt to determine whether this constitutes an “attack” on the United States by Russia, or if this falls into the ambiguous realm of transnational crime. Finally, I’ll touch briefly on recommendations for how states might work toward countering this threat to their sovereign legitimacy.

In his piece, titled “Transnational Organized Crime and the State”, Phil Williams argues, “Many observers agree that globalization is challenging the dominance of states in international relations from above, while substantial forces are eroding it from below” (p.162).  The eroding forces Williams mentions come in many forms and cybercrime is certainly no exception.  Indeed, Williams spends a good amount of time discussing the importance of technology, writing that it “threatens to undo the intersection of sovereignty and territory not least because electronic space, for the most part, is outside territorial jurisdiction”.

In a world that is structured around the concept of sovereign borders, the scourge of cybercrime does an excellent job of highlighting the clash between sovereignty and globalization/technological advancements.  With regard to cybercrime, the question of how states should go about addressing it arises.  When a criminal in Russia carries out an attack on an American system, how should this be perceived?  Does this represent a Russian attack on the United States (state on state) or is it simply a Russian criminal individually committing a crime against an American “asset” (private on private)?  How should this crime be punished?  What avenues exist for prosecution? 

Today, the U.S. congress is regarding it as a coordinated Russian attack against the United States government and is using diplomatic “sticks” (such as sanctions) to punish the behavior.  But does this really address the problem at hand?  Do sanctions deprive Russia (or the actors carrying out the will of the Russian state) from being able to continue their cyber assault?

States are traditionally seen as the only power to have “legitimate” use of force and should theoretically hold a monopoly on its use.  In cyberspace, we see that not only does the government not have a monopoly on the use of force, but appears to be almost completely “outgunned”.   As Williams articulates, this calls into question the ability of the state to maintain control of affairs within its own borders, producing doubt about the relevance of the state itself.

In my opinion, to counter this, states must invest significantly more resources into improving their cybersecurity infrastructure and will need to build an army of “cyberwarriors” to be able to aid in protecting activities within their sovereign borders.  I agree with Williams in arguing that this activity does undermine state authority, but it seems inevitable that states will learn to leverage this technology more to their advantage than to their disadvantage. 

Whether the action is considered to be a “state on state” action or a “private on private” action comes down to authority.  If the Russian government calls for and sanctions the attack, it is essentially lending or delegating its authority down to the private organization (criminal or otherwise).  If this is the case, the target state must see this as a direct attack from the Russian government and respond in kind.  This essentially leads to the identification of cyberspace as simply another “domain” (like air, sea, and land), which must be defended.  When seen this way, digital “borders” can be established.

Without diving too deep into the specifics of how states might go about countering this threat (it is outside the scope of this post), the point to reiterate is that cybercrime is presently undermining state authority.  The state can counter this, however, by increasing its focus on cybersecurity and treating attacks in cyberspace the same way it would treat attacks in any other domain.

Phil Williams, “Transnational Organized Crime and the State,” in The Emergence of Private Authority in Global Governance, ed. Tom Biersteker and Rodney Bruce Hall (Cambridge, 2002).