In a rapidly changing world, developing, operating and governing new technologies through shared interests and values is indispensable for states to attain broader objectives. There was a 125% rise in global cyberattacks in 2021, and the percentage continued to increase in 2022. As per Cybersecurity Ventures, global cybercrime cost is expected to grow from USD 3 trillion in 2015 to USD 10.5 trillion annually by 2025. There is a huge gap between the annual rate of cybercrime and the response of countries in terms of repression. Because of the asymmetries of cyberspace and complexities of cyber threats —the anonymity of perpetrators and transnational and virtual nature —the posed threats can be precluded through the combined efforts of all the states, including non-state actors. Whilst global states create new avenues for cooperation, Pakistan’s bilateral, multilateral, or international participation remains on the back burner. The state also lags in partaking across the forums for cyber norms building.
The Global Risks Report 2023 released by the World Economic Forum highlighted that among the top five risks most likely to pose the biggest threat to world economies in the next two years, “digital power concentration” and “failure of cybersecurity measures” are the top two to be faced by Pakistan. The digital power concentration stems from but is not limited to, the inadequate investment in the innovation ecosystem and state control over key technologies. Instead of pursuing a digital monopoly, Pakistan must build its capacities by connecting its needs, expertise and resources with the global community.
Whilst global states create new avenues for cooperation, Pakistan’s bilateral, multilateral, or international participation remains on the back burner.
It is certainly unimaginable to formulate international cyber law. However, states can develop a cooperative norm through bilateral and multilateral cyber ties. A few driving factors exist for states to develop interoperability with other states, mainly concerning domestic growth and tackling an outside challenge. India is one of the states which pursues cyber collaboration and participation to achieve both objectives. To serve its former objective, India has elevated and expanded its strategic partnership with the United States (US) through the initiative on critical and emerging technology (iCET). The two states have committed to fostering an accessible, open and secure technology ecosystem based on confidence and mutual trust. The main agendas of their cooperation surround co-production and co-development, enhancing long-term research and development, and resolving issues related to regulatory barriers and talent mobility in both countries. India and the European Union (EU) have also strengthened their relationship by establishing a new Trade and Technology Council (TTC). Their shared interest in ensuring sustainable development, security and prosperity has paved the way to unlock potential in this sector. The Council will provide the political steer and necessary structure to advance technical work.
Advanced technologies have become a tool for exerting global control. Another reason driving India towards cooperation is its growing concern regarding China’s tech advancements. As per the QUAD group, comprising the US, Australia, Japan, and India, China’s rise undermines the security interests of the QUAD countries. This shared outlook on China has transformed and shaped QUAD states’ relations across the cyber domain. Such a common narrative can push towards standard-setting by organisations like International Organisation for Standardisation (ISO), International Telecommunications Union (ITU), and International Electrotechnical Commission (IEC). Recently, QUAD partners have launched a public campaign to enhance cyber security and pledged to practice responsible cyber habits.
Besides bilateral and multilateral partnerships, participation on international platforms is a preferable solution to counter cyber threats. While norms are essential for cyber stability, there is a lack of good information on the extent to which states have taken action to implement those norms. Pakistan has rarely shown its compliance or presence in the United Nations Group of Governmental Experts (UN GGE), ISO/IEC JTC, Global Forum on Cyber Expertise, ITU Standardisation Study Groups and Internet Governance Forum etc. In a United Nations (UN) General Assembly meeting on “Action for Struggle against Threats to Cybersecurity”, Pakistan’s input was to establish norms and create laws to maintain peace and security. After several years, in 2015, Pakistan participated in the UN GGE meeting on the development of information and telecommunication with respect to international security.
With its increasing steps towards digitisation, Pakistan needs to expand its areas of collaboration and partake in international cyber norms building, to address issues pertaining to emerging technologies, data governance, and cyber security.
Among the 11 UN norms of responsible state behaviour in cyberspace, “interstate cooperation on security” is one aspect which states must comply with. States are recommended to formulate or strengthen existing structures, mechanisms and procedures at the national level, such as; relevant legislation, policy and corresponding review processes; government partnership and cooperative arrangements; dialogue arrangement with the academia, private sector, technical community and civil society. If Pakistan complies with this model, it can build partnerships and prompt norms building.
In this hyper-connected world, it is incumbent upon states to strengthen their cyber resilience, capacity and expertise through international cooperation and collaboration. Pakistan must also enhance its cyber diplomacy through bilateral and multilateral ties and proceed towards participation at forums focused on developing cyber norms. For sustained and effective regional and international collaboration, non-state actors must also contribute. The proliferation of cyber norms that are driven by non-state actors and are state-oriented gives states a different and unique opportunity to engage. Lastly, like India, a state from which Pakistan has always sensed a security dilemma and an existential threat, the latter must specify its common interests with other states, coordinate with the regional and global community, and share knowledge and expertise to pave the way for better technological development and safe cyber environment.