National Security & The New Web

China on 10th July announced new internet rules adding to the already massive set of norms the Great Firewall is all about. The new rules require any internet company working in China and with more than a million registered users to undergo an additional cyber security review if offering an IPO in a foreign country. As per the Cyberspace Administration of China, companies listed in foreign countries can have their data “affected, controlled, and maliciously exploited by foreign governments”. Well, this is clearly a clever way by the CCP to control financial resources in China. Most companies will now prefer to list themselves in Hong Kong and not other large stock exchanges like the New York Exchange. This would mean that the companies will not have large foreign assets and yet have large foreign investments.

China - Wikipedia
Chinese government announced new regulations for the companies trying to list in other countries

But there is a greater observation associated with this the pace at which countries all over the world have initiated security protocols regarding big tech giants. In May, the government of India, the largest internet demographic in the world open to foreign investments – initiated a set of very strong rules changing the way in which many important aspects of the companies’ services functioned. Many internet freedom groups and NGOs accused the government of creating an authoritarian IT policy where the government has over-ridden the Right to Privacy. And the government has defended the same citing social and national interests at helm. The US and the EU with its GDPR – have themselves been torn between privacy activists and an age of increasing control of tech giants over the information of people from their connections to their interests.

All this drama can be understood in two chief points – one, the data privacy myth no longer exists. Most users are not even aware of the privacy policies in place. The Cambridge Analytica scam that rocked the US and created considerable difficulties for Facebook is a classic example where people themselves gave away their data. Even if one is aware of the privacy laws, the scandals involving Google tracking Incognito data on Chrome has led to serious questions about regulations and policies. Two, Countries have governments that are increasingly being assertive in not only ensuring that the globalisation of the data of its nationals is contained, but also that the tech enterprises respect the sovereignty and authority of the state in its matters. This is both good and bad. Good being that there is indeed an increasing trend of exploitation of data and social engineering attacks that can undermine the functioning of the state. Bad, because the states are also moving along and often on the other end of the boundary between a healthy interference and politically motivated censorships and extra judicial control.

Cambridge Analytica - Wikipedia
Cambridge Analytica was probably one of the most publicised cases of social engineering fraud

Who is responsible? Who is accountable? It’s the internet. Everyone is supposed to be responsible for everything here. And that is the new age of internet we are into. Right from ordering groceries and talking to friends to alleged recruitments into extra state organisations like the ISIS, every thing can happen here. The process of social engineering attacks led to large scale government interventions which in turn has led to growth of more private technologies like VPNs and secret or peer reviewed social networks like the Mastodon network. But, the tussle continues. And this is the web we shall live with for long now.