solana139_gwengoatGetty Images_ukrainecyberattack gwengoat/Getty Images

Security in Ukraine and Digital Europe

Geopolitical interdependence and rapid technological advances have transformed the nature of global conflict in recent decades. As both the Ukraine crisis and the debate regarding the European Union's digital agenda have shown, security in the twenty-first century requires a new definition of geopolitical power.

MADRID – European security has again risen to the top of the world’s geopolitical agenda. Despite continued diplomatic efforts to defuse the Ukraine crisis, tension and suspicion between Russia and the West has escalated to levels not seen since the Cold War. This is forcing a rethink of the current regional security framework, which is based on three fundamental pillars: the United States, Russia, and Europe.

Addressing the challenge of European security will no doubt dominate the discussions among political leaders and international relations experts from both sides of the Atlantic at this weekend’s Munich Security Conference (MSC). But, in addition to Ukraine’s plight, the impact of technological and digital innovation on security will also feature prominently.

The ongoing geopolitical tensions over Ukraine reflect a conventional, predominantly geographic, conception of security – reflected in the frequent use of terms such as “spheres of influence,” “NATO expansion,” “territorial integrity,” and “post-Soviet security space.” But although this vocabulary is indispensable to understanding the current NATO-Russia confrontation, the enormous geopolitical changes wrought by globalization and technological advances over the past 25 years will increasingly eclipse it.

That is because geopolitical interdependence and seemingly ceaseless technological innovation have transformed the nature of global conflict. As Connectivity Wars, a collection of essays published by the European Council on Foreign Relations, makes clear, the global system’s hyperconnectivity enables actors – without resorting to open warfare – to cause grave damage in other geopolitical domains, such as the internet, on which our economies have come to depend.

The cybernetic dimension of the confrontation over Ukraine thus should not be underestimated. In January, cybercriminals disabled several Ukrainian government websites for hours and published messages threatening Ukrainian citizens and the confidentiality of their personal data.

Previously, the US government estimated that the 2017 “NotPetya” cyberattack targeting Ukraine caused global damage totaling $10 billion, making it the most destructive ever. The malware infected 10% of Ukraine’s computer systems before spreading throughout the world.

Secure your copy of PS Quarterly: Age of Extremes

Secure your copy of PS Quarterly: Age of Extremes

The newest issue of our magazine, PS Quarterly: Age of Extremes, is here. To gain digital access to all of the magazine’s content, and receive your print copy, subscribe to PS Premium now.

Subscribe Now

Nor, as then-US Secretary of Defense Leon Panetta warned in 2012, can we exclude the seemingly remote possibility of a “cyber Pearl Harbor” that paralyzes critical US infrastructure. In any case, cyberattacks and their consequences are becoming dangerously frequent, and we still lack institutions or infrastructure strong enough to confront the threat.

In his book The Future of Power, Harvard University’s Joseph S. Nye, Jr. argues that one of the main trends of the twenty-first century is states’ loss of geopolitical influence. Cyberspace is a clear example of this. Leading powers may have an unrivaled ability to control the sea, airspace, and outer space, but they do not enjoy comparable predominance in the digital world.

Moreover, the nature of cyberspace greatly lowers the cost of offensive action. For example, the costs of contracting a cybercriminal are minimal compared to the almost $80 million price of an F-35 fighter jet (not to mention the additional cost of maintenance, munitions, and personnel).

Discussions at the MSC regarding the cybernetic aspect of security will take place within the framework of the transatlantic digital agenda, which took an important step forward last year when the US and the European Union established the Trade and Technology Council. The fundamental issue is how to regulate the digital domain in a way that allows us to benefit from its enormous economic possibilities while, at the same time, protecting ourselves from the potential risks it poses to our democracies.

The EU bases its approach to cyberspace regulation on two fundamental principles: competition in the internal market and user privacy. Because of the EU’s large, affluent market and regulatory strength, its competition and data-protection rules have given rise to the so-called “Brussels effect.” Large multinational technology firms not only comply with EU rules in order to do business in Europe, but also, to avoid having to deal with multiple regulatory regimes, often integrate them into their global operations – including in countries with less strict regulatory standards.

But a viable digital Europe must include a third pillar: security. As Wolfgang Ischinger, the chairman of the MSC, has argued, the principle of “security by design” should be applied not only to technology products, but also to the development of public policies. In building a digital Europe, safeguarding competition in the internal market should complement considerations regarding EU security and the bloc’s global status. Digital policy should thus not only promote economic growth, but also – crucially – safeguard our fundamental rights as citizens and protect us from hostile actors.

Digital security is not just a whim of European legislators. According to a recent survey, 38% of Europeans regard security as their top digital priority. In the EU, citizens and companies are, rightly, the starting point for legislation regarding digital matters. As the EU Commissioner for Competition, Margrethe Vestager, recently reminded us, we should have the same rights in the digital world as we do in the physical world. The Commission’s proposed Digital Markets Act and Digital Services Act therefore aim to guarantee that Europe’s online environment is governed by the competition principles that underpin the internal market, while also safeguarding the privacy of users and their personal data.

Here, constructive dialogue between public institutions, civil society, and the private sector will be vital. Above all, forging a digital Europe requires the political will that ultimately is the true driver of European integration.

But these discussions must keep in mind the changing nature of conflict in today’s world. As the Ukraine crisis has shown, security in the twenty-first century has many dimensions.