Google’s motto is “don’t be evil”. In 2006, CEO Eric Schmidt refined this principle to an “evil scale” on which it would be OK to self-censor Google.cn — given the alternative to not offer Google.cn at all. After cyber attacks on Google infrastructure by Chinese hackers, Google now threatens to move out of China.
In a hearing before the Committee on International Relations of the U.S. House of Representatives on February 15, 2006, Google’s Elliot Schrage defended the China move. Schrage explained that the global service Google.com was accessible in China, however, Internet censorship affected Chinese user experience severely. This would damage Google’s competitive position in China. Schrage named three corparate objectives :
(a) Satisfy the interests of users,
(b) Expand access to information, and
(c) Be responsive to local conditions
The third point related to China business and Google’s transition from “don’t be evil” to “evil scale”. Google argued that self-censorship would be less evil than Chinese censorship, promising more transparency and better privacy standards. Google would only store data in China if data privacy and security could be assured. Therefore, Gmail and Blogger were not hosted in China.
Four years later, Google announces to end Google.cn self-censorship . The reason for the strategic change: severe hacker attacks on Gmail accounts of human rights activists which apparently took place as part of concerted cyber attacks. In 2006, Google made clear that data protection was the conditio sine qua non of their business engagement. Now, Google is acting on it. The shut-down of Google.cn seems to be a safe bet. It remains an open question whether the Chinese offices will be closed, though.
Geneva Conventions of Cyber War
The Google-China cyber skrimish is rather harmless, although it might in the end deprive Chinese Internet users from a useful search service. Nevertheless, the story raises a more general issue: How should countries (and organizations) respond to cyber attacks? Right now, anything seems to be allowed. Do we need “Geneva Conventions of Cyber War”?
Neil C. Rowe from the U.S. Naval Postgrad School wrote an interesting book chapter on the ethics of cyber warfare. A key issue addressed by the Geneva Conventions is the moral imperative to avoid collateral damage. Rowe states that “[a]n intriguing possibility for ethical cyber-attacks is to design their damage to be easily repairable” . Other important issues are “damage assessment” and “determining the perpetrators and victims”. How can an attacker be sure to have reached his objective? How can the perpetrator of an attack be identified? Apparently, the second point is relevant for the Google-China discussion.
International laws must address these issues. The use of certain “cyberweapons” should be prohibited and sanctioned. The methods and means of combat cannot be arbitrary, but must follow the rules of civilized society. In a more networked world, cyber warfare will likely become a more urgent problem…