The New State Department Cyberspace Bureau: from Multilateral Diplomacy to Bilateral Cyber-Bullying

By Anthony Rutkowski
Anthony Rutkowski

These days in Washington, even the most absurd proposals become the new normal. The announcement yesterday of a new U.S. State Department Cyberspace Bureau — with far-flung responsibilities and authority over anything relating to cybersecurity — is yet another example of setting the nation up as an isolated, belligerent actor on the world stage.

In some ways, the reorganization almost seems like a companion to last week's proposal to take over the nation's 5G infrastructure. Most disturbingly, it transforms U.S. diplomacy assets from multilateral cooperation to becoming the world's bilateral cyber-bully nation.

The State Department role has long had a very limited role in dealing with cybersecurity over the decades. The small substantive cybersecurity expertise resided in the century-old office devoted to evolving and implementing ITU treaties and occasionally facilitating major initiatives by other agencies and industry in expanding the means of international cooperation for new cyber technologies during periods of technology change. Notably, this included the U.S. assisting in 1988 in bringing about the world's existing cybersecurity instrument for datagram internets.

So what exactly is the Trump Administration proposing as the remit for the Bureau of Cyberspace and the Digital Economy?

If you peek at the org chart, the office titles are equally alarming as the remit.

Although a few of those responsibilities have long existed within the State Department, most are new. And, for those that have existed, State has deferred to the many other agencies with the substantive expertise to undertake the international cybersecurity activities — limiting the State role only to coordinating representation in a few specialized venues. The Tillerson reorganization is an assertion of claim over Washington international cybersecurity turf. However, the good news is that absent massively staffing up to replace the few people who have the slightest clue about the subject matter; there is no capacity to accomplish any of the remits.

The really dismaying aspect of this reorganization is that none of the functions or office designations speak to multilateral cooperation with other nations on common interests, but rather a messaging of bilateral belligerence, e.g., "Office of Four Key Adversaries and Cyber Operations" or "Cyber Stability and Deterrence." The functions and titles are aimed at cyberwar, not cyber diplomacy. It is an affront to the past hundred years during which the State Department staff and its extended community of agencies and industry participants have led the cyber initiatives in multilateral forums.

If the Administration really wants to cooperate globally toward increased cyber defense and infrastructure protection, it should consider abiding by the treaty instruments it has already signed for that purpose and cooperating with the other signatories in the venues it helped create.

What is proposed now is more suitable for a Bureau of Cyberwar. It is embarrassing for the nation, unlikely to further meaningful cybersecurity, and will encourage other nations to impose significant constraints and costs on U.S. business pursuing markets overseas.

By Anthony Rutkowski, Principal, Netmagic Associates LLC

Related topics: Cybersecurity, Internet Governance, Policy & Regulation, Telecom