In Myanmar, as Lighthouse Reports note, “being tracked can be a matter of life and death.” Since the military junta took power in a coup on Feb. 1, 2021, it has used military-grade surveillance technology, such as surveillance drones, phone cracking, and computer hacking software, to track citizens and steal data. Some of these technologies came from Western companies, despite restrictions on their export and use. The result has not only been the curbing of basic freedoms, but an enhanced architecture for state violence. In the post-coup crackdown, hundreds of protesters have been killed. The regime has been accused of terrorizing the population through premeditated and systematic attacks—including the use of heavy weaponry—against civilian demonstrators. All of this comes on the back of a campaign of violence against the Rohingya minority that is alleged to include the most serious crimes under international law.
Efforts to counter the harmful spread of surveillance technology are complicated by its “dual-use” features. While the tech can have legitimate civilian uses, it can also have alternative, military applications, allowing regimes to direct it against their own people. One of the most common proposals to deal with the negative use of surveillance tech is the regulation of export licenses, which can help to stem its flow across borders, especially to regimes that abuse human rights. However, right now, countries and trading blocs are essentially free to grant export licenses based on standards of their own choosing. And while the EU is taking important steps to improve how member states deal in dual-use technologies, in general, countries are not bound by dedicated international rules to stop domestic companies from selling this kind of tech to repressive regimes.
The lack of international regulations on surveillance technology is a serious problem, as without clear rules—and international coordination on their implementation—it is likely that abusive governments will continue to acquire the technology. Myanmar is just one case that shows how surveillance tech can enhance state capacities for mass violence. The threat of similar tragedies is very real. China, whose extensive system of domestic surveillance has been implicated in grievous abuses in its Xinjiang region, has accelerated its export of the technology. It has been reported that Chinese tech companies are exporting artificial intelligence surveillance tech to dozens of countries, fueling digital authoritarianism.
However, the trend is more complex than pinning China as the only culprit. For decades, China has brought in surveillance tech from abroad. Its growth within this sector is, in part, related to the global tech market and trade ties with Europe and North America. And Myanmar’s devastating surveillance infrastructure includes technology purchased from U.S., European, and Israeli companies. Again, this is not an isolated story, as Western suppliers have helped to bolster the surveillance capacities of abusive governments for years.
A key backdrop to all this is the global competition for tech dominance, mainly between the United States and China. CIA Director William Burns has dubbed tech the “main arena for competition and rivalry” between the two powers. In recent years, U.S.-China relations have been widely viewed through the prism of “great power competition,” a term that gained prominence during the Cold War. However, this approach risks treating increased tensions and policy clashes as unavoidable. That could prove disastrous to efforts to manage the spread of harmful surveillance technologies for a number of reasons. One is that any ethical concerns surrounding the export of technologies to third-party states may be superseded by concerns to outdo a geopolitical adversary. Another is that those same third-party states may feel less constrained in their own domestic applications of tech, as the world’s two great powers prioritize allies and interests over ethics.
To make meaningful inroads into the problem, we need cooperation, including between the U.S. and China. The truth is that U.S.-China relations involve major trade and business partnerships, defying ill-founded and unhelpful comparisons to the Cold War era. In coming years, a key policy priority should be to manage and de-escalate the U.S.-China rivalry and for the international community to find ways to combat negative applications of surveillance tech, in particular its use in large-scale state violence. If hostile competition is the norm, it is difficult to see how meaningful steps to curb the spread of harmful technology can happen.
What might those steps look like? A growing policy strategy, favored by the EU among others, is to impose trade controls on cybersurveillance items that would allow governments to monitor, extract, and analyze data from private citizens. For instance, one technology that may be affected by these moves is Pegasus Spyware, created by the Israel-based company NSO Group. In many ways, Pegasus encapsulates the perils of dual-use tech. While it has been used around the world by intelligence agencies to combat terrorism and criminality, it has also been widely implicated in the hacking of devices owned by human rights activists and political dissidents. In late 2021, the U.S. government, which itself has purchased Pegasus, decided to “blacklist” the NSO Group for knowingly providing spyware to repressive governments to target journalists, dissidents, and other civil society figures. Dozens of human rights organizations have urged the EU to take action against the company, which has supplied a number of EU member states.
At the Summit for Democracy in December, President Joe Biden reiterated his support for stricter controls, advancing an “Export Controls and Human Rights Initiative.” However, the proposals were tentative, including a voluntary code of conduct “to guide” states in creating their own export licensing rules.
Previous efforts at regulating technology in this way have had limited success. And even where some legal mechanisms were in place, the results have been mixed. In Myanmar, dual-use tech from Western companies has been reportedly in use there despite bans on exports to Myanmar being imposed by the originating countries. Lighthouse Reports identified 40 Western companies involved in surveillance and digital forensic tech whose products were listed in leaked government budget documents. In fact, debates over the necessity for more stringent export controls have been long-standing.
One positive step would therefore be to create more robust export controls. A “voluntary” and “nonbinding” code of conduct—while it may be a step forward—is simply inadequate. In reality, what this means is that, before the code of conduct is even created, participants are effectively being told they can ignore it if they wish. For a start, the U.S. and its partners should swap these voluntary guidelines for legal regulations—as we are seeing within the EU—with tangible consequences for breaches, such as financial penalties. This must involve alignment on legal regulations across countries, as well as methods of oversight and punishment for those acting illegally under a new, unified agreement. Put simply, transfers of dual-use technologies to regimes where they are likely to be used to violate human rights should be prohibited globally. Crucially, governments also need to look at the re-exporting and transit of tech. This is where a country may purchase and sell on a technology to a third-party state or allow passage of tech through its territory to a state that is likely to abuse it. Policymakers must therefore cast an eye not only to the state importing surveillance tech directly, but to where the tech may ultimately end up. One model to look to—both in terms of international agreement and domestic legislative changes—could be the export control systems in the landmark 2014 arms trade treaty, which contains specific provisions against the sale of weapons when they may be used in the commission of atrocities.
While export controls are important, they can tend to be reactive. We need more proactive and ambitious measures, too. The proliferation of surveillance technology and the threat of mass violence are global problems, so the countermeasures must also be global in scale. That is why managing global competition, especially the U.S.-China rivalry, is of key importance. Collaboration between the world powers on an international regulation regime, one that also monitors the development phase of surveillance tech—including screening for the potential harms of artificial intelligence in targeting vulnerable groups—would make a huge difference. An added benefit of this cooperation—as difficult as it might be to secure—would be the building of unified norms around the appropriate domains for, and ethical use of, surveillance tech. Changed international standards, and developing systems of accountability, will be vital to halting the spread of violent digital authoritarianism.
Of course, to credibly build these norms, we need to see a significant adjustment in the domestic and international practices of the world’s tech superpowers. Right now, there are few incentives to make these adjustments unilaterally. Choosing cooperation on surveillance, over increased tensions in the tech space, could prove vital to tackling the kind of mass violence we have witnessed in Myanmar. Absent that, the threat of tech-enabled atrocities in the future remains very real.