Amidst the barrage of cyber announcements made during the annual RSA conference, you might have missed the release of the United States International Cyberspace & Digital Policy Strategy.

Building off of the Office of the National Cyber Director’s foundational National Cybersecurity Strategy, the U.S. Department of State’s international strategy underscores the importance of building digital solidarity with international partners. This means creating and governing a digital ecosystem that defends against malicious cyber actors, while reliably delivering assistance and building resilience among partners. These principles of an innovative, secure, and rights-respecting digital economy stand in sharp contrast to the increasing number of autocratic states and actors that use digital tools to threaten international stability and undermine human rights.

Solidarity vs. Sovereignty

It is no coincidence that “digital solidarity” is the underlying, driving philosophy of this strategy, setting the tone for how the U.S. will approach diplomatic engagements with allied nations, as well as those embracing narratives of “digital sovereignty.”

Digital sovereignty is characterized by protectionist tendencies, including blocking access to economic markets, preferring domestic manufacturers and service providers, and restricting cross-border data flows. These actions have the potential to undermine key digital economic and cybersecurity objectives and stand as the clear antithesis to the U.S.’s stance against data localization provisions, network usage fees, digital services taxes, and other market access barriers that may give the illusion of increased control but actually pose security threats.

Therefore, to build greater digital solidarity, the international strategy lays our four key areas of action:

  1. Promote, build, and maintain an open, inclusive, secure, and resilient digital ecosystem.
  2. Align rights-respecting approaches to digital and data governance with international partners.
  3. Advance responsible state behavior in cyberspace, and counter threats to cyberspace and critical infrastructure by building coalitions and engaging partners.
  4. Strengthen and build international partner digital and cyber capacity.

Short-Term Initiatives

While these overarching action areas will guide the State Department’s work over the next three to five years, the strategy does make note of a few shorter-term initiatives that we can keep our eye on.

The strategy states the U.S., allies, and partners will:

  • Build on the positive outcomes of several recent actions on artificial intelligence, including G7-Hiroshima Code of Conduct, the Biden-Harris Executive Order on AI, and the UK’s AI Safety Summit. The focus is on coming to consensus on guiding principles that foster the responsible, innovative use of AI, while investing in the infrastructure needed to evaluate advanced AI systems. The U.S. will also be launching its AI Safety Institute, housed in the National Institute of Standards and Technology (NIST).
  • Develop shared principles for security and trustworthiness in subsea cable, cloud services, and data centers, and will increase support for cloud service implementation in emerging economies.
  • Pursue action-oriented discussions at the United Nations on international security issues in cyberspace, with a focus on how member states can work collaboratively to implement key elements of the framework for responsible state behavior and build the necessary capabilities to manage cyber incidents. (A previous blog breaks down the current state of the UN’s cybercrime convention, a vehicle through which autocratic nations like Russia, and China seek to undermine human rights, free speech, and ethical security research.)
  • Utilize the Cyberspace, Digital Connectivity, and Related Technologies Fund to provide incident response, and cyber aid, in addition to longer-term capacity and resilience building to foreign governments and organizations in need.

As the State Department continues its work to advance the security, inclusion, and resiliency of our shared, global cyberspace, they face increasing headwinds from geopolitical instability. If they can bring allies and partners along with their vision of digital solidarity, they will be better positioned to confront the cyber activities of increasingly emboldened authoritarian regimes.

 

Alexis Steffaro

Read Next

The U.S. and UN Cybercrime Convention: Progress, Concerns, and Uncertain Commitments

The U.S. issued an updated position seeking to move forward the UN Convention Against Cybercrime, a treaty intended to improve the global community’s ability to combat evolving cybercrime threats.

The Counter Ransomware Initiative with Hamish Hansford (DCP S2 E8)

In the latest Distilling Cyber Policy, Alex Botting and Jen Ellis are joined by our second-ever Australian guest: Hamish Hansford, the Deputy Secretary of Cyber and Infrastructure Security Group at the Australian Department of Home Affairs.

Counter Ransomware Initiative Adds Private Sector Members

Earlier this month, more than 68 countries and organization members met for the fourth annual International Counter Ransomware Initiative (CRI), which included the addition of a public-private advisory panel.