Dilution of a Free Worldwide Web: A Step Towards Digital Sovereignty or Away From Net Neutrality?

Divyansh Singh


On Thursday, 6th August 2020, US President Donald Trump signed an executive order announcing sanctions on China’s ByteDance, owner of the TikTok App and Messaging App WeChat, effective 45 days from the date of signature of the order i.e. 6th August 2020. The sanctions effectively seek to remove WeChat and TikTok from Google’s Play Store and Apple’s App Store, by blocking the App at Network Level. This is the approach which is followed by China’s Great Firewall, and much more recently and locally by India, through the invocation of Section 69A of Information Technology Act, 2000.

The International Community’s Differentia towards Overseas Applications

The International Telecommunications Union (I.T.U.), in its Constitution, has Article 35 on Stoppage of Telecommunications which gives a free hand to the I.T.U. member nations “the Right to Suspend International Telecommunication Services”. This is commensurate with similar corresponding provisions in Municipal Law, be its provisions of the Telegraph Act and IT Act in India, Data Localization Policies or the Great Firewall of China or National Emergencies Act and International Emergencies Economic Powers Act of the United States.

National Security has been the most evident apprehension visible in the postures of Nations enforcing blockades to such Applications and has been visible in the statements made by the Administrations of the nations. The Trump Administration, for example, justifying its decision, stated that unabated spread of malicious Chinese Apps “threaten National Security, Foreign Policy and Economy” of the United States.

The Indian Ministry of Electronics and Information Technology cited “the emergent nature of threats” posed by the apps and “information available” that they are engaged in activities “prejudicial to sovereignty and integrity of India, defence of India, the security of the state and public order”.

However, what is worth mentioning is that the concept of Data Sovereignty has been observed to have its most widespread application not in the US or South Asia but in Europe, in the form of Technological Sovereignty.[1]

As per Empirical Research, the nations are notoriously known for being surveillance states, namely China, Russia and Turkey occupy top spots in terms of Cross Border Data Transfer Restrictions. However, an interesting trend to note in this regard is the high rankings of European Union countries like France, Germany and Denmark.

Restriction in Trade Policies, by Countries(2017)[2]

This is essentially what connects me to the first point in regards to Cyber Blockades by Countries- Geo Politics. It has been observed that 92% of Western World’s Data is stored in the United States itself. This gives rise to apprehension and such apprehension materialises into steps like General Data Protection Regime and the Franco-German initiative of Gaia-X.

However, one big reason why Data Localisation has been blurring the lines between Data Sovereignty and Net Neutrality, or lack of it, is Politics. This was visible when the use of TikTok proved to be an irritant for Donald Trump, wherein some of his adolescent detractors virtually took over his rally to secure dummy passes for ensuring a low turnout amidst the pandemic [3].

But the question which ails the reader is whether the mere critique of incumbent government warrants such high handed measures of selectively banning a hugely popular Social Media Application, not to mention bringing collateral damage to a relatively innocent victim in the form of WeChat as well, causing an immediate loss to the tune of $35 billion to its parent company, Tencent. This brings us to the second issue at hand, which is the hypocrisy of such Applications in giving the same democratic space at home as overseas.

For instance, the much popular #HongKongProtests hashtag on Twitter yields either one or no video when searched on TikTok. The hashtag for #TianamenSquare yields a limited number of videos, with most of them stating the event to be a concocted reality of the West. ByteDance, the company which is the proprietor of TikTok has denied of any omissions of content relating to protests, either in China or abroad, however, have refused to sit down for a one-on-one interview on record with any media outlets.

The Issue of Cyber Security and Response

But is TikTok the first app accused to be complicit of parlay of User Data? The answer to that is obviously no; which brings us towards a bigger issue at stake, that is Cyber Attacks. The International Arbitration relating to Cyber Attacks also becomes a major hurdle to the Affected State, due to the Doctrine of “Effective Control” postulated by The International Court of Justice. This doctrine holds that a State must be shown to have had “Effective Control” over the State Actor that the Affected Party attributes the attack to.[4] In the expanding sphere of Data Terrorism, it is very difficult to identify the origin of Cyber Attack. One of the biggest and perhaps the best weapon to counter this problem is preventing it from happening in the first place, which brings us to Data Localisation.

To understand the importance of Data Localisation, one needs to look at the first major reform in this regard, which takes us back to Europe. In 2018, Europe brought in a sweeping reform in the form of GDPR to protect its Digital Space from Encroachment, which led to some benefits. For instance, as per a recent study from CompariTech, a British based Tech firm, countries like Pakistan, India and United States were highly susceptible to Biometric attacks, while the European Nations fared as highly secure nations, owing to the GDPR. Since the regime necessitated all websites, European or Non-European, to store Data at source, it weeded out a large magnitude of malware having the capability of enforcing cyberattacks of the likes of WannaCry, Petya and Y2K.

The response followed domestically as well, with the introduction of Data Protection Bill,2018 in the Indian Parliament, which interestingly is much mature legislation on Data Privacy than available under American Laws till now[5].

Shortcomings of The European Model

However, for all the praises showered upon Europe for introducing GDPR, its Web Model has largely failed in the face of lack of domestic players capitalising on an increasingly protected and incorruptible regime. On the contrary, US Tech Companies, be it Amazon, Google, Facebook etc. have taken advantage of the newly introduced privacy rules. Any effort in direction to have European alternatives has not yielded results. A good example of this was the alternative to Google named “Quaero”. That one had to google Quaero to know what Quaero has only highlighted the shortcomings of a heavily restricted Data Protection Regime and Firewall.

Indian Model: A Possible Solution with Case in Point of Jio

Then what exactly is the answer to a Laissez-Faire Cyber Market, with reasonable and necessary restrictions in place to guard their autonomy? The best example to that is India, which through the recent measures taken by Telecom Giant Jio, seeks to bring its 4G Networks in the same marginal areas which TikTok aimed to reach, albeit couldn’t due to being banned on National Security grounds. Jio has achieved this without having to compromise on either User Privacy or distortion of Market owing to its nominal prices, as of now, wh