Around the time that Galileo Galilei faced the Inquisition, the English established their first American settlement in Virginia, and the Taj Mahal was built by the Mughal Empire, the Peace of Westphalia ended warring between the fragmented states of the Holy Roman Empire by establishing the principle of territorial sovereignty. At this point in the 17th century, pendulum clocks were considered advanced technology.
The Westphalian model continues to serve as the basis for our modern international system, and its 17th-century principles of territoriality struggle to cope with the digital realities of the 21st century. Historically, interactions across borders were rare, expensive, and inconvenient; now they can be carried out by anyone with an internet connection—and conflicts of jurisdiction happen behind everyday actions online.
A legal arms race to apply national sovereignty online is currently taking place. If nothing is done, states around the world could progressively nationalize the internet, which would fundamentally alter the character of the internet as we know it. The application of national jurisdiction in cyberspace is already a thread running through major news stories around the world regarding conflicts about data, content and domains. Government requests for user data are complicated when users, companies, and public authorities are in different countries; For instance, the United States wants access to Microsoft’s Irish servers, and WhatsApp was briefly blocked in Brazil when the Facebook-owned company refused to hand over information. Different speech laws across borders also create challenges, as when France wants Google to apply the right to be de-indexed globally. As connectivity and internet penetration increase, so will these conflicts between jurisdictions.
Technically speaking, the network architecture of the internet is jurisdiction-neutral: Protocols such as TCP/IP and HTML standardize communication across devices, while the World Wide Web permits, by default, access to any hyperlink regardless of physical location. It is this technical interoperability that has allowed the internet to connect knowledge, people, and resources on a global scale, generating unprecedented benefits for humankind.
Yet ubiquity hasn’t come without tension. Online spaces span a patchwork of fragmented jurisdictions, along with all the different cultures, values, and legal frameworks they contain. At present, we haven’t developed a legal equivalent to the technical interoperability that enables the continued function of the global internet. The traditional tools for legal cooperation, such as Mutual Legal Assistance treaties, are overburdened by the quantity and scope of interactions between different jurisdictions. They were designed for exceptions, not for a situation in which transnational is the new normal. Tensions are increasing in both number and magnitude because of the inability of our international system to address and resolve jurisdictional challenges on the internet.
Whereas territoriality in the traditional Westphalian model was relatively easy to determine (on whose soil did the action occur?), at least four variables can play a role in determining applicable law on the internet:
- the location of users;
- the locations of servers hosting data;
- the locus of incorporation of the internet companies running the services in question; and
- the registrars or registries through which a domain name was registered.
When confronted with illegal content or actions online, states resort to the tools available to them and project their sovereignty in the digital sphere based on one or more of the variables above.
We are facing a classic prisoner’s dilemma: Unilateral actions from states or other actors can result in fragmentation when applied on a global scale. For example, if an internet platform in one country refuses to comply with a mandate or court order from another, new national laws may be passed requiring that online service providers have a physical office in their territory, store data on local servers, or register under the country-specific top-level domains, from .ar for Argentina to .zm for Zambia. Enforcement of territorial sovereignty online can erect national boundaries on the global internet, jeopardizing its myriad benefits for humanity and creating unintended consequences for the future in terms of human rights, the digital economy, infrastructure, and global security.
Preserving the internet as we know it and finding ways to deal with multiple, overlapping jurisdictions is a common challenge for all stakeholders—states, internet companies, technical operators, civil society, academia, and international organizations. To address new global challenges of the 21st century and to ensure due process across borders, we need new solutions that are as transnational as the internet itself. (For more on the need for new mechanisms, policy standards, and procedural interoperability to avoid the legal arms race threatening to fragment the global internet, you can read a recent report written for the Global Commission on internet Governance by the Internet & Jurisdiction Project, the global multistakeholder policy network where we work.)
Like climate change or financial regulation, internet governance is a global policy challenge that will only become more complicated if left unattended. Without cooperation between stakeholders around the world, we risk having a less global internet. Transnational frameworks are needed that go beyond the traditional notions of territorial sovereignty. As former U.N. Secretary-General Kofi Annan said, “in managing, promoting and protecting [the internet’s] presence in our lives, we need to be no less creative than those who invented it.”