Against the background of continuing confrontation with the West and growing domestic authoritarianism, the Kremlin is continuing on a path of increased state control of the Russian Internet and a significantly expanded view of information security.

The Kremlin has been deploying a number of tactics to control online discourse. Photo: Kommersant

The new Russia Direct report titled “Digital Sovereignty: The Kremlin's Tangled Web of Internet Security” examines to what extent state regulation of the Internet is taking place in Russia. It also analyzes where Russian information security policy fits into the wider context of global cybersecurity.

As the report points out, the evolution of Russian information security policy has important implications for geopolitics and the cyber dimension of global military conflicts. The unresolved crisis in Russia’s relations with the West over Ukraine and now Syria has put the leadership in the Kremlin in an interesting position that could have important implications for the country’s information security policy.

As long as Russian policymakers caution about a new Cold War with the West and encourage the Russian public’s suspicion toward the Internet as a potentially dangerous source of anti-social, extremist and morally corrupt information for fostering social protests (similar to the ones that took place in 2011-2012), there is a risk that the government will tighten its control over the Internet in the name of information security.

The Bloggers Law and the Blacklist Law, among other initiatives put in place in recent years, signify the growing state involvement in the Internet. Moreover, just this week, Russian media reported that a new law was in the making that could allow the authorities to regulate Internet traffic in the country. This information, however, was denied by the Russian Minister of Communications and Mass Media Nikolay Nikiforov on March 1.

Previously, the Russian President’s press secretary Dmitry Peskov also stated that the government does not aim to control the nation’s Internet traffic. He pointed out, though, that cyberspace might potentially be the source of threats for national security and thus Russia should have the capability to face such risks and compensate for the possible unfriendly steps aiming to bring down the whole segment of the Russian Internet.

The authors of the report are Stanislav Budnitsky, Ph.D. candidate at Carleton University in Ottawa (Canada), and Alexandra Kulikova, global stakeholder engagement management for Eastern Europe and Central Asia at the Internet Corporation for Assigned Names and Numbers (ICANN).

The analysis opens with a detailed explanation by Budnitsky of how Moscow’s attitude toward cyberspace has changed over the past decade. He defines the Kremlin’s strategy as “digital sovereignty” and argues that the pivotal point that determined the shift of Russia’s information security philosophy from being reasonably protectionist toward a more reactionary may be found in 2012 when opposition rallies and restrictive laws changed the face of the Russian Internet.

Assessing the reasons behind Russian public’s approval of state’s initiatives to restrict the discourse on the Web and analyzing the implications of such policies for the future, the expert states the importance of wider geopolitical developments.

Domestic and international politics, even if not directly related to the Internet, will increasingly influence Russia’s cybersecurity philosophy,” he says.

This argument is proved to an extent by the further analysis of the cyber dimension of conflicts between different international actors. Building on the recent reports of cyberattacks involving Ukraine, Russia and Turkey, Alexandra Kulikova draws parallels between military conflicts and the growing role of cyber capabilities in current and future wars.

“Military cybercapacity is becoming a trump card many nations would like to obtain for any possible future conflict and this spiral of weaponization can hardly be stopped at the moment,” she says. The threats of external attacks on a national segment of the Web are something that the government in Russia seems anxious to avoid.

What is dangerous, however, is that the growing cyber deterrence game poses serious challenges for critical infrastructure at the national level and in order to minimize these risks and the amount of potential incidents in cyberspace, actors should come up with principles of conduct and establish viable platforms for dialogue, states Kulikova.

How many Russians approve of regulation of the Internet? Which countries have the most cyber capabilities? Find out in our new report.