In a landscape dominated by a handful of Silicon Valley tech giants, controlling everything from core infrastructure to user data, the BRICS nations are facing a critical challenge. With over 50% of the world’s population and vast digital resources, these countries are acutely aware of the risks tied to overreliance on foreign technology. Addressing these […]
11 min.
In a landscape dominated by a handful of Silicon Valley tech giants, controlling everything from core infrastructure to user data, the BRICS nations are facing a critical challenge. With over 50% of the world’s population and vast digital resources, these countries are acutely aware of the risks tied to overreliance on foreign technology.
Addressing these pressing digital issues in the BRICS countries is the focus of significant research initiatives, such as the CyberBRICS project. This project is noted as the first book-length effort to explore the digital sovereignty debate from a Global South perspective by analyzing BRICS countries‘ approaches to digital governance.
This isn’t just about geopolitical ambition; it’s a push driven by concrete concerns. From countering surveillance programs like those exposed by Snowden to protecting national security, fostering local digital economies, and reclaiming control over their most valuable resource – the data of their citizens and industries. The existing system, where data is often extracted from the Global South to generate value mainly in the US, has spurred these nations to act. Discussions around these threats and the potential for BRICS cooperation on cybersecurity and internet governance are also central to international Think Tank like the Valdai Discussion Club, where experts gathered to debate critical global issues like cybersecurity shifting towards media attacks, recruiters, and ransomware, and the use of ICT technologies as a weapon.
The question isn’t just if they need digital independence, but why it must happen now. The window for building alternative digital infrastructure and governance frameworks independent of established Western systems is seen as increasingly urgent. As advocates like Luca Belli, Director of CyberBRICS, highlight, the pursuit of digital sovereignty involves diverse strategies beyond simple state control. Researchers like Stéphane Couture and Sophie Toupin have also been influential in outlining the diverse perspectives on digital sovereignty, moving beyond a single definition.
In this article, you’ll gain insight into the multifaceted nature of digital sovereignty from a Global South perspective, drawing on the work of leading researchers in the field. You’ll understand the motivations, strategies, and diverse initiatives BRICS countries are pursuing, including developing national digital payment systems like India’s UPI and investing in independent internet infrastructure, such as undersea cables like EllaLink.
Discover what this unfolding battle for internet control means for the future of the global digital order and potentially your own online experience. Let’s dive into this story of data and power.
To understand this complex landscape, we first need to grasp what „digital sovereignty“ actually means in the context of BRICS and the Global South. It’s not a single, static concept. Instead, it’s described as the exercise of agency, power, and control over digital infrastructure, data, services, and protocols. This concept is highly contested, with a large variety of connotations and competing practices.
Scholars, building on the work of Stéphane Couture and Sophie Toupin, identify several different perspectives:
-
State Digital Sovereignty: The traditional, often dominant view, focusing on state regulation, defending cyber borders, and achieving digital independence. This perspective has seen a revival since the 2010s, often emphasizing data localization.
-
Network Digital Sovereignty: Focuses on technical aspects like interoperability and neutrality, sometimes critiquing state regulation.
-
Corporate Digital Sovereignty: Refers to the significant power and control wielded by dominant tech giants, often headquartered in the US. Luca Belli is noted as having discussed this form of sovereignty.
-
Personal Digital Sovereignty: Centers on individual autonomy and rights, such as informational self-determination, empowering individuals to control their personal data.
-
Postcolonial Digital Sovereignty: A perspective from the Global South emphasizing freedom from neo-colonialism in the digital realm and the inclusion of marginalized voices, including indigenous populations.
-
Commons Digital Sovereignty: Advocates for collective civil society control over digital resources and infrastructure, offering an alternative to state or corporate dominance.
This understanding is crucial because the pursuit of digital sovereignty by BRICS nations is driven by multiple, often overlapping, motivations.
Firstly, there are profound concerns about surveillance and external influence. Revelations like those by Edward Snowden in 2013 highlighted the potential for extensive surveillance by Western entities. The European Court of Justice’s Schrems II case in 2020 further reinforced these fears by invalidating data transfers from the EU to the US due to concerns about US government access to data held by American corporations. States with jurisdiction over „hub nodes“ can use this influence to obtain information passing through, labeling this the „panopticon effect“. This context drives nations to seek control over their digital infrastructure and data flows. In Russia, measures like the System for Operative Investigative Activities (SORM) are used for lawful interception and metadata storage, although the sources also highlight how this system can be utilized for national surveillance operations. South Africa, too, has expressed concerns at the UN about the stockpiling of ICT-related vulnerabilities by state actors. Brazil’s reaction to the Snowden revelations, for instance, included considering data localization mandates in its Marco Civil da Internet bill.
Secondly, economic dependence and the risk of „data colonialism“ are major drivers. The current system often sees data extracted from the Global South, with the value and profits generated primarily benefiting companies and governments in the Global North. This creates vulnerabilities in digital supply chains and reliance on foreign services. The concept of „weaponized interdependence“ describes how great powers can internationalize state power through their market-dominant firms, exercising jurisdictional authority over them. This can manifest as a „chokepoint effect,“ where states can limit or penalize the use of digital hubs by third parties. Data localization, while not sufficient on its own, is a necessary policy to limit this chokepoint effect by keeping data jurisdiction at home. The WTO moratorium on customs duties on electronic transmissions is also mentioned as a relevant factor in the debate around data flows and trade. The shift towards users paying for services with data, rather than money, is framed as a payment with „individual sovereignty“ or the ability to exercise control over that data. The desire to preserve and expand local digital economies is a key preoccupation.
Thirdly, national security concerns play a significant role, alongside the perception that technology can be weaponized. Within the BRICS framework, the main threat to countries like China and Russia may come from the United States, linked to hegemony. There is a risk of being subject to unilateral decisions by those controlling infrastructure and data. This can manifest as weaponized interdependence, either through gaining information (panopticon effect) or limiting access (chokepoint effect) by controlling hubs. Examples include sanctions on financial networks like MasterCard, Visa, and SWIFT on Russia, which spurred the development of Russia’s Mir payment system. Concerns also exist regarding controlling access to location-based systems, prompting countries like Russia, China, and India to deploy their own GNSS, and leveraging positions over undersea cables. Dependence on foreign technology risks economic dependence and „digital colonization“.
Finally, states are motivated by desires for political stability and cultural control. This involves the perceived right to control the internet following domestic laws, including countering content seen as inciting terrorism, separatism, extremism, or undermining stability or the cultural environment. This connects to the older debate about protecting national cultural identity or „cultural sovereignty„ against the „free flow of information„, originating in the NWICO discussions. Yet, invoking cultural sovereignty can be abused to justify violating human rights like freedom of expression. Russia’s crackdown on critical voices, especially since 2014, illustrates an attempt to exert „data sovereignty,“ emphasizing national security but involving increased control. South Africa’s Films and Publications Amendment Act is also described as potentially infringing rights under the guise of addressing harmful content.
Faced with these threats, BRICS nations are pursuing a range of strategies and initiatives to enhance their digital sovereignty.
A key area is the development of legal and regulatory frameworks. Data localization policies are central to these efforts, designed to assert jurisdictional control over data stored within the country, thereby limiting the extraterritorial reach of foreign states. China’s recent Personal Information Protection Law, Data Security Law, and Blocking Rules demonstrate a move towards increasing extraterritoriality in governing data and data-related activities, integrating geostrategic interests and potentially counterbalancing US and EU regulatory power. Brazil’s Marco Civil da Internet followed the Snowden revelations, and while an initial data localization mandate didn’t gain full support, the subsequent General Data Protection Law (LGPD) established Brazil’s claim to extraterritorial reach over national data stored abroad, even if enforcement power is questionable. India’s approach to data localization is described as upholding sectoral mandates (like those from RBI, SEBI, etc.) despite the new data protection law, differing from Brazil’s LGPD, which subsumed such mandates. Russia has implemented laws like the Yarovaya Law requiring telecom operators to store user data and content, and laws establishing systems for filtering blacklisted websites. South Africa’s draft data policy adopts a Russian approach of requiring a copy of data to be maintained within the country, alongside its Protection of Personal Information (POPIA) Act. The Films and Publications Amendment Act in South Africa allows for content removal requests and places obligations on ISPs, raising concerns about censorship.
Investing in and controlling digital infrastructure is another critical strategy. This includes efforts to build an independent internet infrastructure. Russia has implemented systems like Revizor boxes and Deep Packet Inspection (DPI) equipment for traffic filtering and control, and has conducted tests for disconnecting from the global internet, a process termed „sovereignization“ of the RuNet. Brazil attempted to launch a state cloud service through Serpro, but this initiative did not receive sufficient support and was short-lived. The sources also highlight undersea cables as crucial infrastructure that can be a variable of weaponized interdependence, noting Brazil’s partnership with the EU on the EllaLink cable to connect directly to Portugal and circumvent US surveillance.
Developing national or regional digital platforms is also key. India’s Unified Payments Interface (UPI) is presented as a successful example of a state-backed digital public good hosted and governed within India, seen as providing insulation against denial-of-technology regimes. Brazil has also taken actions, such as suspending WhatsApp’s payment plans, to protect competition and data privacy before the launch of its own payment system (Pix). Discussions within forums like the Civil Forum of BRICS explore the possibility of creating joint technological platforms or packages for „turnkey digital sovereignty,“ which would require significant diplomatic effort.
Finally, BRICS nations are engaging in global governance discussions to shape international norms. Since the 2013 eThekwini Declaration, BRICS nations have explicitly desired to enhance cooperation on cybersecurity and contribute to norms for a peaceful, secure, and open cyberspace, establishing a working group for this purpose. South Africa, for instance, has been an active participant in UN groups like the GGE and OEWG, raising concerns about issues like stockpiling vulnerabilities and calling for binding international instruments. A parallel UN process is also underway to develop a convention against the misuse of ICTs for criminal purposes.
One significant hurdle is the sheer technical and implementation complexity. Initiatives often lack comprehensive, long-term plans. Implementing state control measures, like Russia’s SORM system, is costly for ISPs and faces technical issues like compatibility problems and encrypted traffic, leading to criticism.
The pervasive dominance of foreign tech corporations remains a major challenge. Many countries are overwhelmingly dependent on a handful of Silicon Valley firms, and increasingly their Chinese counterparts, leading to constraints on digital sovereignty from the extraterritorial projection of foreign digital hegemony. Even on national platforms, like India’s UPI, foreign entities such as PhonePe (Walmart) and Google Pay can dominate transactions, presenting a dynamic challenge to protecting digital sovereignty. The case study of Huawei’s smart city initiatives in South Africa compared to the one in Italy illustrates how corporate digital sovereignty intersects with national and local goals. In South Africa, the foreign-led OpenLab, lacking local stakeholders, risks compromising the country’s digital sovereignty, potentially hindering local development and reinforcing power asymmetries, particularly in the Global South.
A crucial tension arises between state control aimed at security or sovereignty and the safeguarding of citizens‘ rights, particularly freedom of expression and privacy. The Russian case clearly illustrates this juxtaposition, where measures branded as enhancing digital sovereignty are also used to monitor citizens and block content. The implementation of SORM is presented as an example of how digital sovereignty discourse can expand national surveillance. Similarly, South Africa’s Films and Publications Amendment Act is seen by some as an „Internet Censorship Law“ that could infringe on rights.
This tension sparks civil society resistance. In Russia, citizens adapt to state control measures, using tools like VPNs, Tor, mirror sites, and dynamic IP addresses to bypass blocking attempts. „Shadow libraries,“ for instance, disseminate knowledge on circumvention tools, contributing to resistance against the state’s sovereignization project. The unbanning of Telegram was partially attributed to the „technical impossibility“ of effectively blocking it. Despite risks, activists use platforms like VKontakte and Telegram, sometimes creating clones or moving between them. However, there’s also a sense inherited from Soviet times that the state knows everything anyway, leading some to not trust digital services for privacy. In Brazil, Mastodon activism represents a „commons digital sovereignty“ approach, advocating for collective civil society control over digital resources as an alternative to state or corporate power. Yet, this movement faces challenges in gaining critical mass and overcoming the network effects favoring established commercial platforms.
To be clear, what we are discussing here about the BRICS countries, even the most controversial acts, are also happening in the so-called, democratic European Union, the United Kingdom, and Australia, and we are not wrong if we say that they are even more restrictive and dangerous to the rights of their citizens!
Finally, the very concept of digital sovereignty is complex and contested. As the sources demonstrate, it’s not a unified vision and can be implemented in ways that create new paradoxes. The question of who legitimately holds the agency, power, and control is central to the debate. Examining the actual actions and outcomes, rather than just the discursive claims, is crucial because digital sovereignty can be driven by motivations like authoritarian control and protectionism alongside self-determination and empowerment. Power asymmetries can also exist within South-South relations.
The pursuit of digital sovereignty by BRICS nations, driven by legitimate concerns over surveillance, economic dependence, national security, and cultural control, represents a significant force reshaping the global digital order. As researchers like Luca Belli and initiatives like CyberBRICS highlight, this is a multifaceted process involving diverse actors and perspectives, from state-led initiatives to grassroots movements.
While the research “Digital Sovereignty in the BRICS Countries” (by Min Jiang and Luca Belli) shows varying degrees of planning and implementation capability across BRICS countries, their actions signal a clear shift away from unquestioning reliance on Western tech dominance. This isn’t just a problem for some countries; it’s a global issue impacting freedom of expression and access to information everywhere.
The outcome of this „battle for internet control“ could lead to a more fragmented, potentially multipolar internet. The choices made now will determine whether nations become digital sovereigns, capable of making choices based on their own values and rules, or remain digital subjects, vulnerable to the unilateral decisions of powerful external actors.
Understanding this critical shift is essential for anyone navigating our increasingly connected, yet potentially divided, world.
What do you think? Is this push for digital independence the right path? How will it shape our shared digital future?
