Making Digital Territory: Cybersecurity,Techno-nationalism,and the Moral Boundaries of the State

Abstract

Drawing on an analysis of German national cybersecurity policy, this paper argues that cybersecurity has become a key site in which states mobilize science and technology to produce state power. Contributing to science and technology studies (STS) work on technoscience and statecraft, I develop the concepts of “territorialization projects” and “digital territory” to capture how the production of state power in the digital age increasingly relies on technoscientific expertise about information infrastructure, shifting tasks of government into the domain of computer scientists and network engineers. The notion of territorialization projects describes states’ ongoing struggle to mobilize science and engineering in order to transform globally distributed information infrastructure into bounded national territory and invest it with patriotic meaning: making digital territory. Digital territory, in other words, is nationalized information infrastructure: it includes building and monopolizing infrastructure as well as normative ideas about nation—who is a digital citizen, and who isn’t; or what constitutes “good” and “bad” digital citizens. Nationalizing information infrastructure and placing statecraft into the hands of scientists and engineers might indicate an emerging form of “techno-nationalism”—a combination of nationalist and technocratic tendencies—raising urgent questions for STS scholarship to investigate the consequences of territorialization projects for justice, democracy, and civic life.

Keywords

cybersecurity infrastructure techno-nationalism national identity territorialization statecraft

The “German Internet”

In February 2011, the Federal Ministry of the Interior issued a press release introducing the German Cybersecurity Program. It quoted former Minister of the Interior Thomas de Maizière with the following statement:

Guaranteeing security in cyberspace requires strong state commitment. Every two seconds we record an attack on the German Internet. Successful attacks on federal agencies occur every week, almost every day we see attacks which likely originate in foreign countries.¹ (emphasis added)

A German Internet! I was puzzled. Although it had become abundantly clear throughout the past decades that the original hopes for the Internet’s democratizing and liberatory effects had remained unfulfilled, I still had thought the Internet was global and local, public and private. Evidently, I was wrong.

How can we make sense of de Maizière’s statement? In this paper, I argue that cybersecurity has become a key site in which states mobilize science and engineering to produce state power in the digital age. This is because the global and distributed nature of Internet infrastructure challenges purely legal-bureaucratic or political approaches to maintaining state sovereignty. Consider the following example. Like many other administrations, the German state depends on US-based technology, software, and services to run its administration; most notably those provided by Microsoft. However, because Microsoft data servers are controlled from US territory and are subject to US law, the German state can never fully control data flows from German to the United States and hence its own bureaucratic apparatus. Microsoft’s anti-piracy technology could also, in theory, remotely revoke its licenses and thereby incapacitate the entire German administration at the push of a button. States’ dependencies on globally distributed information infrastructure thus create uncertainty about state sovereignty—for example, what data belong under German jurisdiction and which belong to the US—as well as a range of vulnerabilities that could be exploited for purposes ranging from election hacking to cyberattacks on critical infrastructure. This is the problem de Maizière refers to in the quote above, and which he thinks requires “strong state commitment”: for the German state, the materiality of information infrastructure has become a key problem for state power. The German state has responded to this problem with sweeping mobilization of science and engineering to extend control over information infrastructure, placing tasks of government into the hands of scientists and engineers. In more general terms, cybersecurity problems—from Germany’s struggle with Microsoft to the US/Huawei dispute—are primarily about problems of state sovereignty.

This paper contributes to science and technology studies (STS) scholarship on the roles of science and technology for the production of state power. Although this body of work has demonstrated that science and engineering have always been an integral part of modern statecraft, much of it is historical and hence has tacitly assumed Weber’s ([1919] 2009) classic understanding of territory as the physical container that secures—and delimits—the power of the modern state. But as the example above shows, territory in networked societies has become uncertain. Contemporary states seem to increasingly require new kinds of expertise—for example, computer science, network engineering—to define and enforce their jurisdictions. STS scholarship on technoscience and the state thus needs some development to conceptualize how information infrastructure unsettles the power of the modern state, and how states mobilize new kinds of experts and expertise for contemporary statecraft.

Drawing on an analysis of the German national Cybersecurity Strategy, I develop the concepts of “territorialization projects” and “digital territory” to theorize how the production of state power in the digital age relies on technoscientific expertise about information infrastructure. The notion of “territorialization projects” captures how states mobilize scientists and engineers in order to transform globally distributed information infrastructure into bounded national territory, and how they invest it with patriotic meaning, thereby making “digital territory.” “Digital territory,” in other words, is nationalized information infrastructure. It is nationalized in both a material and moral sense because it includes extending state control over the physical stuff of information infrastructure and normative ideas about nation—who is a digital citizen, and who isn’t; or what constitutes “good” and “bad” digital citizens. In the German case, a combination of nationalizing information infrastructure and placing statecraft into the hands of scientists and engineers might indicate an emerging form of “techno-nationalism”—it displays both nationalist and technocratic tendencies—raising questions about the consequences of territorialization projects for justice, democracy, and civic life.

Territorialization Projects: Infrastructure, Sovereignty, and National Identity

Mobilizing science and engineering for statecraft has a long history. If state sovereignty is the “monopoly of the legitimate use of force” (Weber [1919] 2009) secured by a given territory, it was technoscience that helped make that territory in the first place, as well as states’ objects and subjects of state governance. Scholarship in STS and cognate fields has demonstrated that science and engineering have played a crucial role in modern state formation by ordering people, land, and the natural environment: statistics transformed people into national populations, cartography transformed land into national territory, and engineering transformed nature into infrastructure and the built environment. Importantly, this scholarship has demonstrated the performativity of technoscientific knowledge and devices: maps, surveys, statistics, filing systems, and other calculative and ordering devices did more than just represent slices of social reality, they actively shaped it (Carroll 2006; Desrosières 1998; Elden 2013; Hannah 2009; Joyce 2013; Mitchell 2002; Mukerji 2010; Porter 1995; Scott 1998; Bowker and Star 2000). STS and cognate theories of the modern state thus understand states not as given but as actively produced through technoscientific, material, and symbolic practices (see, e.g., Carroll 2009; Mitchell 1991). Even though most of this research is historical, the premise of understanding scientific knowledge production and infrastructure engineering as constitutive of state power is useful to conceptualize contemporary power struggles over data and Internet infrastructure.

Drawing on and extending this body of work, I propose the notion of territorialization projects to capture states’ ongoing mobilization of science and engineering to extend control over information infrastructure. Just as cartography determined the boundaries of state territory and civil engineering materially reinforced them, so does network engineering determine state jurisdiction over its digital polity; for example, how much power states have in order to control outsiders’ access to the state apparatus or critical infrastructure. Just as statistics and the census made the population legible to the modern state, computer science and state hacking are now key to how well contemporary states may know the people and things they govern. Just as the technoscientific knowledge and devices that helped create the modern state, territorialization projects are thus constitutive and transformative of the state itself—they make digital territory and define its boundaries—but their core areas of expertise are different: computer science, hacking, network engineering, and cognate fields are today’s iterations of technoscientific expertise that produce the power of the contemporary state.

“Digital territory,” then, is nationalized information infrastructure in a double sense: nationalized as in materially under state control and nationalized as in invested with normative ideas about nation and citizenship. Thus, territorialization projects have material and moral dimensions: Material dimensions (“territorialization”) refer to states’ attempts to turn servers, wires, cables, satellites, and so on, into “digital territory,” producing the power to control flows of desirable and undesirable subjects, objects, and data. These practices comprise techniques of measure, logistics, and control: “measure” refers to technoscientific practices that make people and things legible to the state, for example, state hacking and online surveillance. Measurement techniques address states’ problems of knowing the people and things they govern (cf. Scott 1998). “Logistics” refers to the engineering and design practices that transform the built environment to govern people and things (cf. Mukerji 2010), and that deal with problems of stabilizing political power. For example, as I will show below, the German administration built its own network separate from the Internet backbone, thereby building a physical barrier to potential intruders—the digital age equivalent of a border wall. This is the power of materiality or “doing things with things”: it makes negotiation unnecessary or impossible. Finally, “control” refers to the bureaucratic-legal practices—the way that the modern state has been traditionally theorized—that secure and enforce the integrity of digital territory (e.g., intellectual property rights). They deal with problems of enforcement, sanctions, and punishment (cf. Elden 2013).

Moral dimensions (“nationalization”) refer to normative ideas about a given state’s imagined national identity that are entwined with territorialization of information infrastructure. These ideas are national sociotechnical imaginaries: “visions of desired futures, animated by shared understandings of forms of social life and social order attainable through and supportive of advances in science and technology” (Jasanoff 2015, 4). The moral dimensions of territorialization projects are important because they (a) justify state intervention and guide if, when, and how they intervene; and (b) normalize moral judgments about who counts and who doesn’t, who may be sanctioned or punished, and who may be ignored or forgotten. As Benjamin (2016, 151) notes, sociotechnical imaginaries are uneven: advances in science and technology are imagined to benefit some but not others, and these distinctions often follow familiar axes of domination such as race, gender, and class. She thus suggests we ask questions about “carceral imaginaries,” that is, about who and what need to be contained, “who and what are fixed in place—classified, corralled, and/or coerced” to enable technoscientific progress (however imagined) for others (Benjamin 2016, 150; original emphasis). Focusing on the ways in which digital objects and subjects in the construction of national identity and citizenship are gendered, racialized, and classed then allows us to draw out states’ moral judgments about “good” and “bad” citizens and technology, and “civilized” and “uncivilized” spaces.

Cybersecurity Policy in Germany

My analysis is based on a body of documents produced by government agencies that are chiefly responsible for Germany’s national cybersecurity policy. Although the German state has had a dedicated IT-security agency since 1991 (the Federal Office for Information Security, BSI), cybersecurity divisions at the ministerial level were only institutionalized in the mid-2000s. Since then, the institutional landscape can be roughly divided into protective and repressive bodies or divisions (Pohle, Hösl, and Kniep 2016). For example, the BSI’s main jurisdiction is the protection of IT-systems, for example, by developing security certificates or encryption technology. By contrast, ZITiS (the Central Office for Information Technology in the Security Sphere) was founded in 2017 to hack and monitor people and institutions (including other states) in the name of the German state. The ongoing consolidation and expansion of cybersecurity policy is justified and funded by Germany’s official Cybersecurity Strategy, first consolidated by the Merkel government in 2011 under former Minister of the Interior Thomas de Maizière (quoted in the introduction) and renewed in 2016. The national Cybersecurity Strategy spans a range of government bodies, importantly, the interior ministry, the domestic intelligence agency, the cybersecurity agency, and education and research ministry in charge of science policy.

I focused on the Cybersecurity Strategy and its attempts to consolidate and expand preexisting measures because it is precisely the first articulation of a national approach. I searched for cybersecurity and related terms in government databases, yielding documents from 2007 until 2017. I found 159 documents, including speeches, news interviews, testimony, policy programs, brochures, reports, press releases, articles, legislative drafts, newsletters, surveys, and slides.² All documents are publicly available. When I quote from them, I reference them in endnotes. All translations are mine.

Although I will be quoting at length from speeches by and news interviews with federal ministers and presidents of federal offices, the patterns presented in the analysis are consistent across the entire body of documents. However, two caveats are necessary: first, because they have different purposes and audiences, speeches articulate political problems more vividly and explicitly than official statements, programs, or legislative drafts. Second, speeches are usually given by the heads of ministries and federal offices and are not necessarily shared by the administrative officials involved in the actual nitty-gritty of policy-making. However, political officials do set the political agenda and make broad decisions about what matters and what doesn’t, so they are good sources to understand the broader normative visions that drive policy-making. Still, it is important to keep in mind that what political officials say and what policy ends up being implemented may be two different things.

Territorialization: Reclaiming Digital Sovereignty

For the German state, the materiality of information infrastructure has become a key problem for state power in the digital age. What is at stake for the government is reclaiming what they see as lost sovereignty from American hegemony. This becomes especially clear in the following quote from the former head of domestic intelligence Georg Maaßen’s testimony in a hearing on NSA surveillance of German institutions, politicians, and citizens. It is worth quoting it at length:

…even without the Snowden documents, it was obvious for everyone that the US were striving for absolute hegemony in cyberspace. In his book “World Wide War,” Bill Clinton’s National Coordinator for Security, Richard A. Clarke, had already years ago made clear: the US are claiming absolute hegemony on land, water, air, space, and cyberspace. In my view, the US have pursued a straightforward strategy to achieve this goal. Through clever economic policy, significant technological lead, and by linking the security services with the economy, for us, central areas of IT technology [sic!] and cyberspace are American: The mere hardware, router technology, smartphones (even the Korean Samsung works with Google Android), tablets, search engines, social media, Internet warehouses, auction houses, apps, etc. And if a company for security reasons had to be American, like for example the former European company Skype, they just bought it. On top of this, large parts of internet traffic are routed through US territory, location satellites are American, and many server farms are in the US. The US have large parts of our data at their disposal. That the Americans are so strong in this area is not really something for which we can blame them. They have almost reached their goal, without political conflict. On the contrary, we Europeans have to ask ourselves if we shouldn’t have pursued a different economic policy for IT technology [sic!]. The Americans have sacrificed their car industry; but in return they have dominance in cyberspace. Compared to the US, we Europeans are standing there pretty naked. I mean that above all with respect to our data.³

Note how he ties national sovereignty to the materiality of information infrastructure. From routers to satellites to servers, information infrastructure is owned by the United States—either as state property or as company property. The problem is what this makes the German state: a “guest or a client in this US dominated cyberspace.”⁴ This situation, according to the government, raises the question how the German state can “win back a little bit of digital sovereignty or sovereignty in cyberspace.”⁵ At the heart of this problem are relations between materiality, ownership, and territorial location. As the former Minister of the Interior points out,

We are all talking about the Internet’s borderlessness. There’s a lot which is true about that. But there also is a physical German network and IT systems which are run in Germany.⁶

And this material infrastructure, as he emphasizes elsewhere, is “subject to German law and therefore we can establish rules for these systems.”⁷ This understanding of sovereignty as tied to materiality and location drives the government’s cybersecurity policy. I want to highlight three instantiations that exemplify the material dimensions of territorialization projects conceptualized above: measure, logistics, and control.

Government investment in cybersecurity research and development (R&D) is an example of “measure”: state power based on knowledge. To dismantle the government’s dependency on “American firewalls, Chinese routers, and other things,” former Federal Minister for Education and Research Johanna Wanka has dedicated federal funds to “concentrate IT security core competencies and technologies in Germany and Europe.”⁸ She proposes to do so by expanding and nationalizing technoscientific R&D, which would also indirectly subsidize German security technology markets. Since 2011, the German government has founded three national cybersecurity R&D institutes, and more are in the making. Importantly, this nationalization and expansion of expertise responds to the problem of cultivating a technoscientific labor force for state administration (cf. Mukerji 1990). As Weber ([1922] 1978, 225) wrote a long time ago about modern, bureaucratic rule: “Bureaucratic administration means fundamentally domination through knowledge.” But this knowledge, perhaps now more than ever, is importantly technoscientific in nature (cf. Scott 1998), and it requires developing new technologies of the state to make the people, things, and processes populating cyberspace calculable and legible to the state apparatus.

Building new telecommunications infrastructure is an example of “logistics”: state power based on infrastructure. Understanding information infrastructure as a problem of national sovereignty has given rise to infrastructure-building projects that literally materialize the boundaries of the state. As the Minister of the Interior put it:

Many don’t know this: With the Federal Networks [Netze des Bundes], the federal government, the federal administration, runs a physically separated network. There, too, we have made the decision to part ways with a certain provider. With considerable funds we’re making sure that the network from now on will only be run by German manufacturers and providers. The shield which the federal government and the federal administration have drawn around themselves works, and it works pretty well.⁹

So there is a German Internet after all. This is what Mukerji (2010) calls “logistical power”: power derived from manipulating the natural environment for the indirect governance of people and things. Stabilizing national boundaries in digital geographies has become more complicated than putting up a wall at the border. It requires design and engineering: digging up the ground in Berlin’s government district to rewire federal buildings, splicing cables in the Internet backbone, and making secure buildings for data centers.

New legislation and policy to expand infrastructural territoriality is an example of “control”: state power based on bureaucracy and the law. One piece of legislation I want to highlight is a 2017 executive order that allows the state to veto foreign acquisitions of German firms linked to vital systems—telecommunications networks, power plants, water infrastructure, the banking system, hospitals, or transportation infrastructure.¹⁰ This new legislation expands the state’s legal rights, effectively nationalizing segments of technology markets that the German state deems critical to maintaining political sovereignty. What is interesting is that it collapses boundaries between market and state jurisdictions: because infrastructure is tied up in a system of private property, the state must mobilize economic policy to produce state power.

Nationalization: Germany’s Others, Infrastructure, and Citizenship

States’ extension of material control over infrastructure has to be justified and legitimized, not only by telecommunications providers and Internet companies that own and operate infrastructure but also by citizens and organizations of everyday life. Hence, material control is coproduced with normative ideas about national identity and citizenship. Consider this quote from a speech on national cybersecurity, in which former Minster of the Interior de Maizière associates technological capabilities with love for one’s homeland:

This much is true: Our political scope is decisively defined by our technological capabilities. This is why, with key technologies and IT core competencies, we have to do everything in our power to keep our own technology platforms and production lines within Germany and Europe. If we want more, we have to know more. In any case, the federal government will develop a common strategy to secure national technological competitiveness and capacity to act. I have already said about this elsewhere: This is also a modern form of patriotism. (emphases mine)¹¹

National identity is important for states to the extent that it provides an underlying moral order to legitimize and justify state power and intervention. What is the meaning of “Germany” in the age of Google, WikiLeaks, and state hacking? How to create affective attachments to “boring things” like infrastructure in order to make citizens care about it? In the process of answering these questions, political officials invariably draw on preexisting cultural registers to rearticulate national identity for the digital age.

Germany’s Others: Making Moral Geographies

The government imagines German society as caught in a great transformation where “old certainties evaporate, and the future world order is a great unknown.”¹² Consider the following characterization from a 2017 speech by the former head of domestic intelligence:

We are connecting all relevant areas of society with a place which is difficult to grasp, in which we are very vulnerable, over which we have no real control, and in which oftentimes unknown persons can operate unrecognized. We stand on an invisible scene together with invisible adversaries in mostly invisible alliances who overrun each other with unexplained cyber-attacks. (original emphasis)¹³

Officials then mobilize colonial language and imagery to make moral geographies that place Germany in relation to the rest of the world. Imagined “Western” superiority is established by contrasting “civilized” German society with the barbaric “Wild West” of cyberspace. Germany’s role in this imaginary is framed as shaping the future digital “world order” by bringing civility into cyberspace.

Race, culture, and nationality are central to articulating the German state’s imaginary of this “new world order.” This “new” world order, however, follows somewhat “old” and predictable geopolitical lines, schematically matching threats, institutions, and geopolitical blocks. Although there are some overlaps, “Chinese hackers” are mostly associated with economic espionage; “Russian hackers” are associated with political espionage, manipulation, and disinformation campaigns; and “Islamic terrorists” are associated with sabotage of vital systems. In other words, China is predominantly framed as a threat to the national economy, Russia is framed as a threat to German political institutions, and Islamic terrorists are framed as threats to vital systems and life itself.

For German officials, the German economy has a “larger-than-life significance” on a global stage, which “arouses desires” among foreign intelligence services and companies—especially from China.¹⁴ In an economic version of the “yellow peril” trope, China is portrayed in terms of its overwhelming “technological and financial capacities” for economic espionage: with highly professionalized armies of hackers that routinely take advantage of the “digital carelessness” of German companies and their employees. It is perhaps unsurprising that, given China’s significance, it is framed so prominently as an economic threat. However, it is noteworthy that the source for China’s global economic role is periodically framed as morally questionable theft of intellectual property by armies of nifty hackers rather than the outcome of smart economic and technological policy. As I have shown above, this is a concession only granted to the United States, and so this portrayal of China perpetuates familiar stereotypes of Asian thieves of intellectual property (cf. Philip 2014).

Russia, on the other hand, up until 2015 was accused of engaging in both economic and political espionage (note that this was well before the public learned about Russian meddling in the 2016 US elections). According to the government, Germany’s “geo-strategic position in the heart of Europe, [its] influence in the EU, NATO membership, great economic power with many innovative companies, and worldwide recognition of German achievements in science and research” make Germany a desirable target of economic and political espionage.¹⁵ However, when the German government suspected Russian hackers behind an attack on the German parliament in 2015, Russia decisively shifted in the government’s imaginary from a threat to the national economy to a threat to German political order. On the one hand, Russia is framed as a threat to the integrity of German political institutions—parties, public administration, legislative bodies, and so on—through political espionage, including the theft of sensitive political information or more direct manipulation of political elections that could be used to further Russia’s interests in security policy and energy exports.¹⁶ On the other hand, Russia is framed as a threat to the public sphere and democracy itself. Tropes of incivility loom large here:

One doesn’t only consume leading media outlets anymore, but can actively produce information and messages which in turn can be directly fed into the Internet. It is obvious that this situation is a gateway to professional exertion of influence and manipulation. It is well-known that so-called Internet trolls massively agitate the comment sections of online journalism or social networking sites—for example with pro-Russian propaganda.¹⁷

“Russian trolls” are framed as taking advantage of the “uncivilized” nature of cyberspace, either by disseminating pro-Russian propaganda or by intentionally exacerbating existing conflicts. Russian aggressors are typically framed as devious and aggressive but professional, that is, characterized by “high technological competence” and “guile,” and backed by “strong financial resources and analytic capabilities.”¹⁸

Considering that the United States also have spied on Germany—including on chancellor Merkel—it is telling that the same activity is subject to quite different interpretations. Where Russian and Chinese political and economic espionage is figured as moral transgressions, American espionage is not. Instead, it is Germany’s fault: “Criticizing our friends in Washington and London is the last thing which is going to help us: We have to put our own house in order. If we are open with our data like an open door, we can’t be surprised that not only our friends, but also others go in and out of our house.”¹⁹ The United States are typically not framed as morally inferior Other to the German state, rather, officials—to varying degrees—blame the “digital carelessness” of German politicians: their “laziness and idleness” in not encrypting their phones is the problem; thus, “one is not allowed to complain if one is wiretapped.”²⁰

Whereas the government’s imaginary of the “new world order” in terms of threats to the national economy and political institutions follows familiar geopolitical lines stretching back into the Cold War era, the figuration of threats to life itself is more complicated. Life itself, for the German state, is about vital systems like communications, electricity, or transportation infrastructure: “our entire social life is dependent on functioning and reliable IT infrastructure,” and they thus fundamentally “guarantee the vitality”²¹ of the population. So who does the German government imagine to be the threat to life itself? Islamic terrorists. In a perfectly symmetrical fashion, the government frames Islamic terrorists as fundamentally antithetical to life itself. At this point, the outside of the nation-state imaginary follows lines that cannot be mapped as neatly onto existing political geographies; producing troubling effects when slippages occur between “Islamic terrorists” and “Muslims”:

As security service, we have to ask ourselves how the many faces of terror can be understood in their concurrence. We have to determine what keeps this senseless violence alive. To answer these fundamental questions, we have to direct our attention to an important issue: Cyberspace! Ladies and gentlemen, for the international jihad, cyberspace and modern means of communications are natural allies. The imagined denomination of Islamists nothing short of lives in cyberspace. Their global community is purely digital! Via the Internet, this digital ummah can be present and articulate its claim to global assertion translocally—so, virtually everywhere.²² (emphasis mine)

As we can see, the former head of domestic intelligence understands cyberspace as a condition of possibility of Islamic terrorism, drawing a connection between the networked structure of the Internet and the networked organizational form of the Islamic State (ISIS). But there is also a slippage from “Islamic terrorists” to the entirety of all Muslims (“digital ummah”). Slippages like these are not “glitches”; they are an expression of a persistent understandings of Germanness as white and Christian (cf. Amrute 2016; Goldberg 2006). For example, de Maizière in 2017 rekindled a long-standing (and widely criticized) debate on a German “dominant culture” (Leitkultur), as he describes it, the values “which bind us together deep-down, beyond the binding charter of rights” of the constitution (emphasis mine).²³ The “us” here—Germans “deep-down”—is importantly defined in distinction to Islam, an understanding that subtly but persistently links debates around national identity, immigration, and terrorism. German politicians periodically call for Muslim immigrants to be schooled on “European values,” for German football players “with Turkish migration background” to sing the national anthem, for Muslims in Germany to take responsibility for fighting radicalization among “themselves.” This constitution of German identity through the persistent othering of Muslims is a dimension of what Goldberg (2006, 345) calls “racial Europeanization,” defining European racial identity against a range of Others; among them the figure of the Muslim, who is imagined as

a collection of lacks: of freedom; of a disposition of scientific inquiry; of civility and manners; of love of life; of human worth; of equal respect for women and gay people. This renunciation of the values of life is thought to become by extension the renunciation of the value of life…itself.

Consider the following question: Can there be German Islamists? Like other European countries, German citizens joining ISIS has been a major concern of the government. However, although my entire body of documents was brimming with references to Islamic terrorism’s threat to vital systems, there was only one single mention of “German Islamists.”²⁴ Instead, when referencing German citizens fighting for ISIS, public officials and institutions go out of their way to describe them using bulky terms like “German-speaking fighters”²⁵ or “Islamists coming from Germany.”²⁶ They can speak German, they can come from Germany, they may have German citizenship—but they cannot be German. Thus, race here serves to make the more complicated distinction of “the people” (as a moral community) from “the population” (those who inhabit a territory; cf. Rose 2017, 10). Constructing “the people” as a moral community bound together by common values and a shared history and identity articulates normative ideas about nation and belonging in a networked world that is based on old, ethno-nationalist understandings of Germanness.

Racialization also serves to delineate imagined digital spaces, making distinctions between “safe” and “dangerous” spaces; the “digital homeland” and its Other side. Here, similar slippages occur from “cyber-caliphates” to “digital mosques,” extending suspicion from possible terrorists to all Muslims:

Despite military defeat, IS ideology will endure in the real world in the form of a cyber-caliphate. Cyberspace here functions as a kind of digital mosque of IS with worldwide reach, so that messages of terror can be sent across countries to squillions of “users” and “followers.” (emphasis mine)²⁷

The purpose of a mosque is its function as a religious, social, and political place of encounter. You can therefore imagine cyberspace as its congenial extension—but this digital mosque isn’t subject to spatial or temporal restrictions and speaks with many voices. By now, there are religious pop stars who aggressively proselytize and gather followers around themselves both online and in the real world.²⁸

These slippages from spaces associated with terrorists to spaces associated with Muslims frame all “digital mosques” as political breeding grounds for terrorists. Suspicion is not exclusive to ISIS’ use of social media; all religious communication is framed as potential threat. This mapping of terrorism on Muslim religious spaces is one of the most overt ways in which legacies of anti-Muslim racism shape constructions of “barbaric digital spaces.”

After 2015—the height of the so-called refugee crisis—we can see convergences emerge between cybersecurity and nationalist anti-immigration sentiments though causal connections are rarely overtly established between Islamic terrorism, immigration, and refugees. More often than not, they are just presented as a family of problems of contemporary government without specifying their connections. The following quote is one of the few instances where public officials clarify how the carceral imaginary of cyberspace translates into the material containment of brown and black Muslim bodies:

Just now, with every military defeat in the real world, the IS caliphate is being rebuilt into a purely virtual cyber-caliphate. It will continue to unfold a dangerous charisma, because its virtuality immunizes Islamist ideology and propaganda from earthly failures. Exactly the instrumental character of cyberspace facilitates the permanence of the message, the stabilization of the Islamist narrative—potentially any place and any time in any random version. Disinformation and fanatism are twins which are nursed by the same dream reality [Traumrealität]. It is not least for this reason that the high numbers of refugees in the country are keeping the Federal Office for the Protection of the Constitution so busy, because we were aware from the beginning that beyond potentially smuggled or returning IS supporters, the radicalization of refugees, too, constitutes a problem.²⁹

“Muslims” as Germany’s fundamental, risky Others are mapped in troubling ways onto refugees and asylum seekers. Germany received the highest per capita number of applications for asylum among all EU member states (approximately 1.6 million since 2015³⁰). Asylum seekers come to Germany for a variety of reasons, from escaping war to seeking a more secure economic future. Cynically, then, those refugees who are fleeing from Islamic terrorism find themselves in Germany placed under general suspicion of being or becoming Islamic terrorists. They are legally, electronically, and materially framed and captured as fundamentally risky bodies by a dense assemblage of legal regulations, border regimes, and electronic and bureaucratic surveillance; and often materially contained and separated in refugee homes and deportation facilities.

Focusing on race, culture, and nation reveals convergences between cybersecurity and concerns around immigration, political order, and the national economy, constituting a form of techno-nationalism that is intimately bound up in a complicated political project of working out national identity. This project is shaped by legacies of anti-Muslim racism, the German silence around race, and an ongoing “refugee crisis.” These normative ideas of German national identity in a networked world are perhaps most concisely articulated when public officials draw on colonial tropes that imagine cyberspace as uncivilized space, populated by racialized, uncivilized people and peoples:

Cyberspace is, so to speak, still in a pre-civilized, largely lawless Wild West state in which the law of the jungle reigns…. And it is a battlefield which is getting aggressively colonized, and which consists of many levels and actors who can selectively and situationally enter coalitions of interests.³¹

The imagery of colonial conquest is striking here. Cyberspace is imagined as an uncivilized, barbaric space, which, if Germany is not fast enough, is going to fall in the hands of others. There are striking similarities to a persistent historical narrative in which Germany is imagined as the “shameful loser” of Europe’s colonial competition (rather than as perpetrator of the Herero and Namaqua genocide). What does this tell us about what national identity is imagined and worked out by German officials? It is not so different from the modernist narratives of technological and scientific progress that were sown deep into the heart of European colonial expansion (Adas 1989). As the former Minister of the Interior explained 2014 in an extraordinary bout of historical amnesia, Germany is on a civilizing mission:

I believe it wouldn’t be the worst thing for the Internet if, in the digital world of tomorrow, impulses for human progress and safe developments came from the “old” continent of Europe with its old, proven cultural and legal traditions.³²

The Softness, Purity, and Openness of Infrastructure: Gender, Nation, and Life Itself

What place does information infrastructure occupy as an element of national identity? If the materiality of information infrastructure poses problems to power to which states have to respond, how can citizens be made to care about it? Here, officials use cybersecurity to turn information infrastructure into an element of the common good and an object of affective attachment. In the government’s imaginary, information infrastructure is about biopolitics, that is, life itself (cf. Collier and Lakoff 2015): officials highlight that vital systems, from power plants over hospitals to the banking system, are increasingly networked, meaning strategic attacks on information infrastructure could have crippling consequences for German society. Government brochures meant to inform citizens explain the biopolitical significance of cybersecurity like this:

…national critical infrastructures are institutions on which we are dependent in an elementary way, institutions which guarantee the vitality [Lebensfähigkeit] of our modern society. We do not even want to imagine what kind of chaos could be created in case of an emergency, for example through long-term paralysis of power plants and hospitals, train stations or airports.³³

Preventing such possible damages to the population, then, constitutes “the innermost rationale and the goal” of the IT-security legislation the government proposed and the parliament passed in 2015.³⁴ Officials mobilize gendered imagery to highlight the vulnerability of vital systems and the significance of cybersecurity to the population’s vitality. Infrastructure is framed in terms typically used to describe gendered reproductive labor and care work: infrastructure guarantees the “vitality of our modern society”;³⁵ it is “part of existential care”;³⁶ a crucial aspect of “public service in the 21st century”;³⁷ what is at stake here is “public welfare.”³⁸ The gendered characterization of the care work infrastructure does to secure the vitality of the population is further emphasized by feminizing infrastructure itself:

The openness and extension of cyberspace allow for covert attacks, taking advantage of vulnerable victim-systems [Opfersysteme] as tools for their attacks.…criminals, terrorists and intelligence use cyberspace for their activities and do not stop at national borders. Military operations may be behind such attacks, too.³⁹

The government imagines national information infrastructure as soft, open, and inclusive—but this makes it vulnerable and exploitable. The very same qualities that “make live” also make it prone to being victimized by subjects who do not mean well. Who are these subjects? They come from the Other side of “national borders”; they are morally suspect, hyperaggressive, and/or militarized subjects. Feminized, soft, open infrastructure here is juxtaposed with masculinized, aggressive, foreign perpetrators.

In other places, heterosexual imagery of more explicit sexual violence combines with immunological and biological vocabulary, emphasizing a purity under attack from foreign Others. For example, attackers are thought to “anchor themselves deep within the system of the victim”⁴⁰—sometimes likened to a fragile and delicate “central nervous system”⁴¹—where they do everything in their power to stay and do damage. What needs to be done? Of course, the soiled purity needs to be restored: systems and networks have to be “purified” from their “infections”;⁴² as well as “fortified,”⁴³ “hardened,” and “isolated” to better resist future attacks.⁴⁴

Information infrastructure as element of German national identity is thus constructed as feminized vitality, purity, and vulnerability of infrastructure on the one hand, and masculinized, hypersexualized, and othered aggressors on the other. Resonating with Helmreich’s (2000) analysis of cybersecurity professionals’ imaginaries, I found striking similarities between how officials describe infrastructure on the one hand and German society on the other. Just like the Internet is routinely characterized “open and free”⁴⁵ so is Germany routinely described as a free, “open and pluralist society”: ⁴⁶

It is simply plausible that the low hurdles to sabotage and espionage that we have to see every day in cyberspace will be used to impose foreign countries’ interests. Especially liberal democratic societies offer by virtue of their open culture of debate and their intentional pluralism of opinions an open flank for disinformation….⁴⁷

In this speech, the head of German domestic intelligence speaks about cybersecurity in relation to political disinformation campaigns, terrorism, and economic espionage. Both the Internet and German society are characterized in terms of their openness, softness, and inclusiveness that perpetually put them at risk of being violated and victimized. For example, the head of domestic intelligence suggests that “In the past, peoples [Völker] were often ‘black boxes’ to each other”;⁴⁸ constructing a narrative of the past that implies a people who was culturally homogeneous, pure, and harmonious, and which is threatened from dangerous subjects coming from the outside of the nation-state:

In a world where every message and every atrocity is only a mouse click away, this hotchpotch directly threatens societal peace in Germany. Previously distant conflicts and ideologies now live in theories, tweets, and deeds directly among us.⁴⁹

Convergence between cybersecurity and nativist-nationalist sentiments places the significance of information infrastructure at an order of magnitude paralleling the nation-state. Drawing on gendered and racialized tropes constructs both information infrastructure and German society as an open, pure, free, nurturing, and inclusive one that must be defended against aggressors from the outside of the nation-state. Information infrastructure is moralized such that an attack on infrastructure then becomes an attack on Germany as a nation.

Bad Digital Citizens: Promiscuity as Source of Vulnerability

When German citizens are framed as threats to the integrity of information infrastructure, officials often use terms marking social class. Mobilizing imagery related to sexuality, taste, and education makes moral distinctions between “good” and “bad” digital citizens. For example, a popular term employed by officials and official documents to describe “bad digital citizens” is “digital carelessness” that has to be remedied through educating citizens and containing damages caused by incompetence.⁵⁰ Here, German citizens are overwhelmed by the Internet’s possibilities but lack the competence to see through its opaqueness. Government officials also see citizens exacerbating the vulnerability of information infrastructure with reckless behavior. Excessive, disinhibited social promiscuity is framed as an added source of vulnerability:

How vulnerable does this digital penetration make us?…Digital vulnerability in many places meets with digital carelessness. The baseline is on the one hand our general behavior on the internet. I’m thinking for example about the excessive and nothing short of viral dissemination of private pictures on the internet as public space. Our understanding of human connection is changing. To put this in slightly exaggerated (and perhaps a bit old-fashioned) terms: Where in the past a “friendship” required trusting conversations, where maintaining a friendship necessitated face-to-face conversation, today, a click on facebook is enough.⁵¹

The case seems to be clear for the former Minister of the Interior: we need digital condoms to guard us against the perils of digital penetration; or better yet, practice restraint and moderation. “Digital carelessness” combines “safe sex” imagery with familiar middle-class distaste for behavior that is not characterized by restraint, moderation, and authenticity (cf. Bourdieu 1984). These moral judgments draw class-based moral boundaries between “good” and “bad” digital citizens: “good digital citizens” engage in monogamous, authentic, “real” relationships; “bad digital citizens” engage in cheap, fake, fast, promiscuous digital sociality.

This “social promiscuity” is seen as an additional source of vulnerability for infrastructure and for German society at large. The moral corruption expressed in citizens’ excessive, disinhibited behavior opens the door not only to cyberattacks but to political corruption:

In particular in the area of political extremism, we are seeing a shift from websites to social media. Compared to the once middle-class [bürgerlich] value of temperance in conversation and appearance, social media are obviously encouraging an atmosphere of disinhibition.⁵²

The head of domestic intelligence connects promiscuous sociality and political extremism, both of which he sees facilitated by networked technologies. Social media, in his view, has led to a general moral decline of the citizenry, while at the same time affording political extremists opportunities for dissemination. He laments that “especially in Western societies, the gate-keeper role of traditional media is massively eroding”;⁵³ and that social media now often function as “verbal stimulants for subsequent physical violence.”⁵⁴ The consequence is “the brutalization of political space, where alongside defamation and insults of so-called elites and public figures we see calls for resistance, civil disobedience, or even criminal offences.”⁵⁵ He suggests uneducated citizens are unable to distinguish between quality information from politicians and traditional media, and “fake news” from extremists and other antidemocratic demagogues. However, by mapping “real” and “fake” politics to the boundary between political institutions and society, he conveniently elides the fact that public officials periodically are the source of, for example, openly racist tweets and social media campaigns (e.g., the far-right party AfD that since the last general election is third-strongest party in the parliament). Thus, references to markers of social class usually serve to map value and worth onto different kinds of citizens’ online behavior, drawing moral boundaries between “good” and “bad” digital citizens.

Cybersecurity as Statecraft: Territory and National Identity in the Digital Age

My goal in this paper has been to show that cybersecurity has become a key site for contemporary statecraft, both in terms of the material production of state power and in terms of remaking national identity. I have developed the notions of “territorialization projects” and “digital territory” to analyze how science and engineering are mobilized to produce state power in the digital age, and how this is bound up with normative ideas about nation and citizenship. In the German case, the state responds to infrastructural challenges to sovereignty by extending control over infrastructure backed by large-scale federal investments in infrastructure and cybersecurity R&D. In the process of legitimizing and justifying cybersecurity policy, German political officials also produce an imaginary of national identity where the German state is figured as a white, bourgeois, Christian power securing the vitality of “the people,” the integrity of the national economy, and political order against a range of imagined Others. This imaginary is constituted by convergences with nationalist and nativist discourses and shaped by the legacies of anti-Muslim racism.

Nationalizing information infrastructure and placing statecraft into the hands of scientists and engineers might indicate an emerging form of “techno-nationalism”—a combination of nationalist and technocratic tendencies—raising urgent questions for STS scholarship to investigate the consequences of territorialization projects for justice, democracy, and civic life. On the one hand, infrastructural challenges to state sovereignty are a serious problem. In times of Cambridge Analytica, political disinformation, and large-scale commodification of behavioral data, tech giants are creating serious problems for states, democratic institutions, and citizens. It has become common sense to demand that states protect political institutions and citizens from these companies in some shape or form. However, because much of Internet infrastructure is private property owned by tech giants and tied up in a burgeoning digital economy of which states themselves are clients, and because some of these companies have grown immensely large and influential, it is unclear whether states are powerful enough to do so. On the other hand, many states have histories of mobilizing information technology (ICTs) for state surveillance and violence—the history of the German state as total surveillance state under National Socialism and in the East Germany (GDR) is a case in point—so we should remain vigilant about state attempts to monopolize information infrastructure. Furthermore, what would it mean if statecraft were increasingly placed into the hands of scientists and engineers who are not trained to think about civic life? Attempts to solve social and political problems with technical fixes is a long-standing concern in STS scholarship about how the scientists’ and engineers’ quest for calculative rationality and efficiency might too easily push aside questions of ethics and justice. Current struggles over information infrastructure raise profound questions about technoscience and state power, and I hope the approach presented here will be useful for further empirical analyses of how and with what consequences states respond to these challenges in practice and in/across different national contexts.

Footnotes

Acknowledgments

I would like to extend my thanks to Lena Ulbricht, Thorsten Thiel, Rena Schwarting, Stefanie Büchner, Göde Both, Karina Rider, and Onurhan Ak for taking the time to read and comment on earlier drafts of this paper. Two anonymous reviewers and the editors of this journal provided thoughtful suggestions for developing my argument, and I am grateful to them as well.

Declaration of Conflicting Interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research and/or authorship of this article: This research is supported by the Social Sciences and Humanities Research Council of Canada.

ORCID iD

Norma Möllers

Notes

References

Adas

Michael

. 1989. Machines as the Measure of Men: Science, Technology, and Ideologies of Western Dominance. Ithaca, NY: Cornell University Press.

Amrute

Sareeta Bipin

. 2016. Encoding Race, Encoding Class: Indian IT Workers in Berlin. Durham, NC: Duke University Press.

Benjamin

Ruha

. 2016. “Catching Our Breath: Critical Race STS and the Carceral Imagination.” Engaging Science, Technology, and Society 2 (2016): 145–56.

Bourdieu

Pierre

. 1984. Distinction: A Social Critique of the Judgement of Taste. Cambridge, MA: Harvard University Press.

Bowker

Geoffrey C.

Star

Susan Leigh

. 2000. Sorting Things Out: Classification and Its Consequences. Cambridge, MA: MIT Press.

Carroll

Patrick

. 2006. Science, Culture, and Modern State Formation. Berkeley: University of California Press.

Carroll

Patrick

. 2009. “Articulating Theories of States and State Formation.” Journal of Historical Sociology 22 (4): 553–603.

Collier

Stephen J.

Lakoff

Andrew

. 2015. “Vital Systems Security: Reflexive Biopolitics and the Government of Emergency.” Theory, Culture & Society 32 (2): 19–51.

Desrosières

Alain

. 1998. The Politics of Large Numbers: A History of Statistical Reasoning. Cambridge, MA: Harvard University Press.

10.

Elden

Stuart

. 2013. The Birth of Territory. Chicago: University of Chicago Press.

11.

Goldberg

David Theo

. 2006. “Racial Europeanization.” Ethnic and Racial Studies 29 (2): 331–64.

12.

Hannah

Matthew G.

2009. “Calculable Territory and the West German Census Boycott Movements of the 1980s.” Political Geography 28 (1): 66–75.

13.

Helmreich

2000. “Flexible Infections: Computer Viruses, Human Bodies, Nation-states, Evolutionary Capitalism.” Science, Technology, & Human Values 25 (4): 472–91.

14.

Jasanoff

Sheila

. 2015. “Future Imperfect: Science, Technology, and the Imaginations of Modernity.” In Dreamscapes of Modernity: Sociotechnical Imaginaries and the Fabrication of Power, edited by Jasanoff

Sheila

Kim

Sang-Hyun

, 1–33. Chicago: The University of Chicago Press.

15.

Joyce

Patrick

. 2013. The State of Freedom: A Social History of the British State since 1800. Cambridge, MA: Cambridge University Press.

16.

Mitchell

Timothy

. 1991. “The Limits of the State: Beyond Statist Approaches and Their Critics.” The American Political Science Review 85 (1): 77.

17.

Mitchell

Timothy

. 2002. Rule of Experts: Egypt, Techno-politics, Modernity. Berkeley: University of California Press.

18.

Mukerji

Chandra

. 1990. A Fragile Power: Scientists and the State. Princeton, NJ: Princeton University Pres.

19.

Mukerji

Chandra

. 2010. “The Territorial State as a Figured World of Power: Strategics, Logistics, and Impersonal Rule.” Sociological Theory 28 (4): 402–24.

20.

Philip

Kavita

. 2014. “Keep on Copyin’ in the Free World? Genealogies of the Postcolonial Pirate Figure.” In Postcolonial Piracy: Media Distribution and Cultural Production in the Global South, edited by Eckstein

Lars

Schwarz

Anja

, 149–177.

21.

Pohle

Julia

Hösl

Maximilian

Kniep

Ronja

. 2016. “Analysing Internet Policy as a Field of Struggle.” Internet Policy Review 5 (3): 1–21.

22.

Porter

Theodore M.

1995. Trust in Numbers: The Pursuit of Objectivity in Science and Public Life. Princeton, NJ: Princeton University Press.

23.

Rose

Nikolas

. 2017. “Still ‘Like Birds on the Wire’? Freedom after Neoliberalism.” Economy and Society 23 (1): 1–21.

24.

Scott

James C.

1998. Seeing Like a State: How Certain Schemes to Improve the Human Condition Have Failed. New Haven, CT: Yale University Press.

25.

Weber

Max

. (1922) 1978. Economy and Society: An Outline of Interpretive Sociology. Berkeley: University of California Press.

26.

Weber

Max

. (1919) 2009. “Politics as a Vocation.” In From Max Weber: Essays in Sociology, edited by Gerth

H. H.

Wright Mills

, 77–128. New York: Routledge.