Moving Beyond Cyber Wars: A Transatlantic Dialogue
Policy Report 68
In January 2018, as the German government was trying to cobble together a coalition, and the U.S. government found itself in a shut down, ten Americans and ten Germans committed to the transatlantic relationship considered how they could make their way to Munich, Germany, to find common ground on cybersecurity policy. The U.S. government opened for business just in time for the U.S. delegation to board their planes and trains, and a pause in the coalition negotiating room allowed Bundestag participation. In the context of three meetings in Munich, Berlin, and Washington, DC, the working group of American and German policymakers from the diplomatic, military, homeland security, legislative, academic, and tech communities met to talk about proposals to address threats posed by cyberwar and digital propaganda.
Current events underscored the urgency of finding a common approach: the foreign espionage and intrusion into the “secure” network of the German Federal Foreign Office; the assessment of the U.S. intelligence and congressional oversight committees that the Russians had indeed targeted eighteen state election systems and gained access to the restricted portions of election infrastructure in several; and that their digital propaganda campaign in the lead up to the 2016 elections was intentional, and Putin-directed. At the same time, drafts of legislation regulating practices in the cyber sphere in both countries had the possibility to drastically impact the citizens, the corporations, the privacy, and the security of the other nation.
Recognizing that both countries are affected by the digital propaganda affecting the democratic process during elections, and that a strong cyber defense is critical for both nations, AICGS’ Transatlantic Cybersecurity Partnership with the Hanns-Seidel-Stiftung (HSS) aimed to find agreement in both areas through proposals to: improve information-sharing between the two countries on key cyber threats; increase understanding between the private sector and government entities on best practices for ensuring cybersecurity; and to move the legislative and policy conversation in both countries to ensure standards and infrastructure are in place to protect national and international security. In addition, the national and international legal grey zone for many aspects of cybersecurity made agreement between policymakers of both countries on cybersecurity norms critical.
This volume is a collection of those conversations of the working group members conducted across roughly a half year of meetings on both sides of the Atlantic. While much of the agreement achieved is not able to be published due to the degree of its classification, we invite you to listen in to the conversations we can reflect in these pages, which dance around the edges of a long and deep partnership between both countries. Forewords by Germany’s Karsten Geier, a diplomat who has played a crucial role in upholding international law in the cyber sphere for years, and the United States’ Kent Logsdon, who has tirelessly advocated for a strong transatlantic relationship, reflect the importance of the bilateral relationship in strengthening cyber norms.
Complementing Mr. Geier’s cyber norms contribution, scholar Matthias Schulze came up with a new heuristic that could be used by both countries to rate cyber activities according to whether they are offensive or defensive, and thus when international law could justify a response to an attack or intrusion. Department of Homeland Security’s Scott Tousley writes about the important ways to protect critical IT infrastructure, and the importance of cooperation with Germany on securing and operating the Internet of systems.
Further outcomes on information-sharing and cooperation on cyber defense are described by AICGS’ Senior Cyber Fellow Dr. Sarah Lohmann, who initiated this partnership and this publication. The legislative debate on both sides of the Atlantic is described in more detail by Hanns-Seidel-Stiftung’s Andrea Rotter, as is the way forward on digital propaganda by HSS’ Maximilian Rückert.
Dr. Andreas Nick, a CDU member of the Bundestag, and his legislative assistant Inger-Luise Heilmann, describe the legislative debate around digital propaganda in Germany, and what remains to be done. Germany’s Interior Ministry’s Gregor Kutzschbach addresses the role of the state in responding to digital propaganda, while Bret Schafer of GMF’s Alliance for Securing Democracy adds the U.S. perspective on how civil society is a key factor in keeping digital propaganda actors accountable.
We are grateful to HSS’ Chairwoman Prof. Ursula Männle, for her engagement in this program and for traveling to Washington to support it; to Prof. Dr. Reinhard Meier-Walser, who directs HSS’ Academy for Politics and Current Affairs, for his partnership in this joint endeavor; to MdB Dr. Reinhard Brandl, for his passionate engagement in every workshop and his support of the transatlantic relationship; to Elizabeth Caruth, for her expert handling of workshop logistics; and to Jessica Hart, for editing this volume. Our thanks also go to the U.S. Department of State, the U.S. Embassy in Berlin, and the U.S. Consulates in Munich and Frankfurt for supporting this Transatlantic Cybersecurity Partnership every step of the way.