Cherian Samuel replies: Internet Governance architecture at present can be divided into a technical stream and a policy stream. The technical stream largely follows a networked governance model with bodies such as the Internet Engineering Task Force, the Internet Architecture Board, the Internet Research Task Force and the Internet Engineering Steering Group, working together to resolve technical issues and create standards and protocols to facilitate innovation and progress. Members of these groups include operators, academics, and representatives of government and industry, amongst others.

The policy stream is split between the hierarchical model as exemplified through organisations such as the International Telecommunications Union (ITU) and the network governance model, through the creation of bodies such as the Internet Governance Forum which seeks to follow a multi-stakeholder approach.

Governments have largely found it difficult to navigate the network governance model where they occupy just one of the seats at the table along with other stakeholders. However, due to the varied issues and their increasing complexity with the relentless march of technology, governments will increasingly have to play a more prominent role in internet governance.

The Working Group on Internet Governance set up by the UN secretary general in 2003 described Internet governance as “the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.” Ten years on, governments are still at the stage of building consensus on shared principles, and so there is still a long way to go.

Cherian Samuel replies: Surveillance has always been an essential function of a government, carried out through its intelligence agencies. On balance, it has been seen that people are willing to forego their privacy to a considerable extent in return for security. At the same time, privacy is increasingly seen as an individual right and governments have had to walk a fine line between intruding into the individual’s space in the interest of national security and ensuring that privacy rights are not trampled upon in the process.

Cyberspace has brought a new dimension to this dilemma in that governments, if they so desire, can obtain a veritable deluge of information ranging from communication to location records. There is a legitimate concern that such untrammelled power has the potential to be misused. Checks and balances in the form of minimisation and oversight procedures have not been able to cope with the data deluge. While a global debate is on in the wake of the Snowden revelations about the US and other countries using the current dominant positions of their internet companies to collect intelligence, countermeasures might result in a reduction in external surveillance, not necessarily internal monitoring.

The Central Monitoring Service is currently an open source intelligence gathering service under the National Technical Research Organisation (NTRO). While there have been reports that the CMS has also been tasked with analysing internet content, the establishment of such a system is still in the early stages, and in no way compares with the scale and size of the surveillance capabilities of the US National Security Agency.

Reply: Kindly refer to the IDSA Task Force Report (2012) on “India's Cyber Security Challenges” (free download) and the Keynote Address delivered by India’s National Security Advisor Mr. Shivshankar Menon at the release of the report on May 16, 2012.

Also refer to the following IDSA publications:

Ajey Lele, “Cyber Security Dilemma”, IDSA Comment, June 18, 2013.

Arvind Gupta, “CBMs in Cyber Space: What Should be India’s Approach?”, IDSA Comment, June 27, 2012.

Cherian Samuel, “Emerging Trends in Cyber Security”, IDSA Comment, March 28, 2012.

Amit Sharma, “Cyber Wars: A Paradigm Shift from Means to Ends”, Strategic Analysis, Routledge, 34 (1), January 2010.

Subimal Bhattacharjee, “The Strategic Dimensions of Cyber Security in the Indian Context”, Strategic Analysis, Routledge, 33 (2), March 2009.