An Open and Secure Internet: We Must Have Both
Secretary of State
Seoul, South Korea
May 18, 2015
SECRETARY KERRY: (Applause.) Well, good afternoon, President Yeom. Thank you very much for a generous introduction. Distinguished guests, all, I’m delighted to be here and I want to thank the university, and particularly Park No-young, the Director of the Cyber Law Center, for inviting me to be here today. Thank you very, very much.
I also want to acknowledge somewhere – I don’t see him – but my friend, the ambassador from the United States of America – there he is right in front of me – Mark Lippert, who represents the United States here in Seoul. And he’s a special person. I’ve known him for a long time. He served in the United States Navy. He served in Afghanistan and served for the President, been an advisor to several presidents. But recently, as you all know, he displayed great grace and dignity under duress, and like all of our diplomats, whose jobs carry with them certain risks on the front lines of diplomacy, I will tell you that Mark has never wavered from his determination to do his job and to represent our country to the best of his ability – which, believe me, he does. So I’m grateful for his leadership. And, Mark, thank you for the great example you’re setting.
I’m really happy to be back here in Seoul. This is a beautiful city, and I’m struck every time I come here. I wish I had more time. Time is the enemy of those of us in diplomacy nowadays. But the United States and South Korea share a very special history, obviously, and we also share great hopes for the future. And I am very happy to be here to talk about our shared interests, though it will not just be, President Yeom, about the security; it will be about the internet itself, which is important as we think about security. It’s also, obviously, very critical as we think about the many interests that we share together, ranging from security on the Korean Peninsula, to the success of the Korea-U.S. Free Trade Agreement, to the many connections that exist between the Korean and the American peoples – including, I want you to know, a love for Psy, K-Pop, bibimbap, and Pororo, the little penguin. (Laughter.) I want you to know that my staff recommended that I walk out here this afternoon, dancing to Gangnam Style – but I told them no, that’s too 2012.
Today, it’s really more than appropriate to be here in the most wired city in the country, one of the most wired cities in the world, in order to speak with you about digital technology and about the fears and the possibilities that we associate with digital technology. And let me underscore: It’s the possibilities that should motivate us, and it’s the possibilities that bring me here today.
Now, years ago, South Korea made a conscious choice to become a global IT leader and you have delivered. As a society, you opened the door to investment, you encouraged households to sign up for broadband, you eased the transition to new technology, and you developed programs in universities just like this one to educate young people in digital skills. And I applaud you for the remarkable linkage to the military and the security side of it with the offer that you make to students who will come here, learn, and then go on to serve the country in the military for those seven years.
Today, thanks in part to President Park’s commitment to build a, quote, “creative economy,” the ROK is a virtual synonym for Internet success stories, such as the educational network service ClassTing; or the Kakao, your messenger app which is one of the fastest-growing tech firms in all of Asia; and GRobotics, a company which has revolutionized the robot industry and, incredibly, it was originally conceived by an amazing 11-year-old child. Just two weeks ago, Ambassador Lippert joined President Park at the opening of the Google Campus for startups and entrepreneurs right here in Seoul – an initiative designed to spur the exchange of ideas and digital growth in both of our countries. Now, both of our nations know and view the internet and cyber issues as part of a new frontier for our governments and peoples, and it will be one of the key areas discussed when our two presidents meet in in Washington in June.
The fact is, whichever side of the Pacific Ocean we live on, the internet today is part of almost everything that we do. And just to tell you how amazing it is, I served in the United States Senate on the Commerce Committee in 1996. I was chairman of the Communications Subcommittee when we rewrote the communications law for our country. And guess what? Barely anybody in 1996 was talking about data, and data transformation, and data management. It was all about telephony – the telephone. That’s how far we’ve traveled in 20 years.
So it matters to all of us how the technology is used and how it’s governed. That is precisely why the United States considers the promotion of an open and secure internet to be a key component of our foreign policy. It’s why we want to work with you and with international partners everywhere in order to better understand the choices that we face in managing this extraordinary resource – a resource which does present us with certain challenges even as it presents us with unprecedented opportunities.
Now, what do I mean by that?
Well, to begin with, America believes – as I know you do – that the internet should be open and accessible to everyone. We believe it should be interoperable, so it can connect seamlessly across international borders. We believe people are entitled to the same rights of free expression online as they possess offline. We believe countries should work together to deter and respond effectively to online threats. And we believe digital policy should seek to fulfill the technology’s potential as a vehicle for global stability and sustained economic development; as an innovative way to enhance the transparency of governments and hold governments accountable; and also as a means for social empowerment that is also the most democratic form of public expression ever invented.
At its best, the internet is an equal-opportunity platform from which the voice of a student can have as much reach as that of a billionaire; a chief executive may be able to be out-debated by an entry-level employee – and there’s nothing wrong with that. Most users of the internet agree, on the internet as in any other venue, the human rights of every person – including freedom of expression – should be protected and respected. The United Nations has repeatedly affirmed this view, but as we know, it is still not universally held. That means that we will continue to have important choices to make – important choices to make locally, to make in universities, to make in businesses, to make in countries, and between countries. We will have a lot of choices about technology among and between nations.
Let me tell you something: How we choose begins with what we believe. And what we believe about the internet hinges to a great extent on how we feel, each and every one of us, about freedom.
Freedom. The United States believes strongly in freedom – in freedom of expression, freedom of association, freedom of choice. But particularly, this is important with respect to freedom of expression, and you believe in that freedom of expression here in Korea. We want that right for ourselves and we want that right for others even if we don’t agree always with the views that others express. We understand that freedom of expression is not a license to incite imminent violence. It’s not a license to commit fraud. It’s not a license to indulge in libel, or sexually exploit children. No. But we do know that some governments will use any excuse that they can find to silence their critics and that those governments have responded to the rise of the internet by stepping up their own efforts to control what people read, see, write, and say.
This is truly a point of separation in our era – now, in the 21st century. It’s a point of separation between governments that want the internet to serve their citizens and those who seek to use or restrict access to the internet in order to control their citizens.
Here in the Asia Pacific, we see countries such as the ROK and Japan that are among the world’s leaders in internet access, while North Korea is at the exact opposite end of that spectrum, with the lowest rate of access in the world and the most rigid and centralized control.
No other government is as extreme as the DPRK, but there are more than a few who want to harvest the economic benefits of the internet while nevertheless closing off the avenues of political, social, and religious expression. They impose filters that eliminate broad categories of what their citizens can see and receive and transmit – and with whom ideas may be changed and shared. What’s more, the governments that have pioneered the repressive use of such technologies are quick to export their tools and methods to others, and thereby further diminish individual rights. At the same time, some governments are using the internet to track down activists and journalists who write something that they don’t like, and even reach beyond their borders in order to intimidate their critics.
My friends, this discourages free expression and it clearly seems intended to turn their part of the internet into a graveyard for new ideas – the exact opposite of what it should be, a fertile field where such ideas can blossom and grow.
Let’s be clear: Every government has a responsibility to provide security for its citizens. Yes. We all agree with that. In the United States, our efforts to do so – and the reforms that we have undertaken in the process – have been guided by our concern for individual rights and our commitment to oversight and review. Further, unlike many, we have taken steps to respect and safeguard the privacy of the citizens of other countries and to use the information that we do collect solely to address the very specific threat to the United States and to our allies. We don’t use security concerns as an excuse to suppress criticisms of our policies or to give a competitive advantage to an American company and any commercial interests at all.
Now, regrettably, it is no coincidence that many of the governments that have a poor record on internet freedom also have a questionable commitment to human rights more generally. United States policy has always been to engage with such governments to encourage reforms and to point out the contributions to prosperity that would flow from a more open approach. Regimes that practice repression typically argue that they have no obligation to justify what they do inside their own borders, but that assertion is directly contradicted by the Universal Declaration of Human Rights and by many other multilateral declarations and statements.
The fact is, an individual’s aspiration to be free may be the most single powerful force on Earth. It’s an aspiration that may be able to be slowed sometimes, maybe intimidated sometimes, it may even be eliminated temporarily by violence in certain cases. But I’m telling you its power within the human soul is so infectious that it will always resurface in one form or another, even in the most extraordinary circumstances.
And history – history has proven that again and again and again. Throughout history, we have seen that men and women will do whatever it takes to find a way to make their desire for freedom known. We saw that with the authors of the pamphlets that helped to spark the revolution that gave birth to my home country in the 1700s. We saw it with the dissidents writing newsletters and producing radio broadcasts behind the Iron Curtain during the Cold War. And we see it today, in places all over the world, where young people are challenging injustice – armed only with their smart phones.
The internet is, among many other things, an instrument of freedom. It’s a tool people resort to in response to the absence and failure or abuse of government. So of course, some leaders are afraid of it. They’re afraid of the internet in the same way that their predecessors were afraid of newspapers, books, and the radio, but even more so because in this case, because of the interactivity that allows for a free-flowing discussion and the exchange of views – activities that can, and often do, lead to change.
I say to you today, here at Korea University, that fear is misplaced, and that response is, in the end, futile. Anyone who blames the internet for the disorder or turmoil in today’s world is just not using their head to connect the dots correctly. And banning the internet in a misguided attempt to impose order will never succeed in quashing the universal desire for freedom.
Ladies and gentlemen, repression does not eliminate the speech we hate. It just forces it into other avenues – avenues that often can become more dangerous than the speech itself that people are fighting. The remedy for the speech that we do not like is more speech. It’s the credible voices of real people that must not only be enabled, but they need to be amplified.
The good news is that much of the world understands this. More and more of the world understands this. And the advocates of internet freedom and openness are speaking up. The United States is part of the Freedom Online Coalition, a 26-country group that we are actively seeking to expand. The coalition argues that narrow and distorted visions of the internet cannot be allowed to prevail. Freedom must win out over censorship. That is an important principle, but it is also a practical imperative. After all, from the dawn of history to the present day, repression hasn’t invented a thing. Freedom is how jobs are created, diseases are cured, alternative energy is harnessed, and new ways are found to feed a global population that has quadrupled in the past century and that will rise to some 9 billion people in the next 40 to 50 years. Without freedom, civilization can’t advance; it’s like a bicycle without pedals.
Remember that the internet is not just another sector of our economy. Like electricity, it is a general purpose technology that is used in thousands of different ways, streamlining everything from buying a cup of coffee to building a skyscraper. Consider what would happen if someone tried to block the flow of electricity – the lights would go out and everything would stop. In fact, when I was a lot younger, Hollywood made a movie about exactly that; it was called “The Day the Earth Stood Still.” And thank heavens they made a couple more of them so you can’t tell exactly which one I’m referring to. (Laughter.) Now, you might want to watch it, because policies that restrict online data streams have a similar effect, if perhaps not quite so dramatic.
Think, for example, of what would take place if every country imposed data localization requirements, causing information to halt and to undergo inspection whenever it reached a national border. Imagine what would happen to commerce and to the flow of information, to the simple effort to get an answer to a question at a dinner table when you’re talking with people and you want to Google something. The delays would create huge obstacles to multinational business at a time when speed is of the essence and cross-border enterprises are major engines of growth. That’s not a formula for progress; it’s a way to stop progress in its tracks.
The internet provides broadly-shared connections that are essential for modern economies to be able to grow. It’s that simple. It can help people even in remote areas take advantage of government services and make a better business decision, for example. Let me give you an example. It could make a difference to people about when you bring your crops to the market or how do you find international customers for local projects.
With digital technology, fishermen in Mozambique can keep their catch fresh in the water until they have a buyer, somewhere in another continent maybe, thus eliminating spoilage and waste.
Shopkeepers in sub-Saharan Africa have seen their incomes actually grow by using mobile banking technology to avoid local loan sharks and go directly to reputable financial institutions for emergency credit and loans.
The system becomes more accountable and more transparent and more accessible. Women entrepreneurs in Southeast Asia have formed cooperatives online that enable them to take advantage of economies of scale.
Children from Angola to India are learning more and faster through education that comes to them over the internet.
And a couple of years ago, a young engineer from Cameroon developed a computer tablet called “Cardiopad” that enables Africans to be able to have a heart examination at home and receive the diagnosis from doctors who may be hundreds of miles away. Think about that.
The examples are endless, but you get the point. I know. The internet fuels innovation that can lead to improved efficiency, improved productivity in every sector of a developing economy.
But in thinking about the internet’s promise, you have to recognize how far that potential is from being fulfilled today. Roughly three out of every five people in the world today remain without internet access – and in the poorest countries that figure can top 95 percent.
A big part of the reason is simply cost. Ask yourself: How much of your family’s income do you pay for internet access? In America, the average is 1 or 2 percent. But a typical family in some countries have to pay 10 percent for entry-level mobile broadband and roughly four times that for fixed broadband. In other words, people with low incomes can’t afford digital access. They need to earn more money. To break that circle of despair, we need to bring the costs down by getting public policies right – because money isn’t the only barrier.
There’s a reason why access is relatively high in Colombia but low in Venezuela. There’s a reason why it’s high in Malaysia but low in Cambodia; a reason why it’s high in Rwanda but low in Ethiopia. Some governments do much more than others to facilitate access for people in poor or remote areas. And the starting point is for every country to have a clear and comprehensive national broadband plan that allows for private investment, encourages competition, removes bureaucratic obstacles, and takes full advantage of shared internet services at schools, libraries, community centers, and cafes.
That’s why two years ago the United States helped create the Alliance for Affordable Internet. This broad coalition draws on expertise from governments, the private sector, and civil society to assist policy makers in expanding access while keeping prices low. It’s the right goal, and I’ll tell you, it’s also a smart goal. According to one recent European study, tripling mobile broadband penetration levels across the developing world would provide a return of as much as $17 for every $1 spent.
About 10 days ago, when I was in Kenya, I Skyped, using the internet, with a group of young Somali refugees. Most of these refugees were high school or college age kids, and yet – and yet, extraordinarily, many of them had never, ever been outside that refugee camp – ever. This, in an era of incredible globalization – they had only lived in one refugee camp. The students I spoke to wanted desperately to be able to complete their schooling. They wanted to find a job. They wanted to go on to university. They wanted to begin a career. One young woman, who is studying chemistry and biology, told me she hoped to become a doctor. Now, I’m willing to bet you that she’s never been inside a hospital. But that’s what she wanted to do – become a doctor. The irony is that, at the refugee camp, they have internet connections. Now, I can’t help but wonder whether that will be the case when they return to Somalia.
If there is any message that is going to be sent to governments by young people in the world today, it is the desire – the universal desire – for jobs, for opportunity, for education, for a future. That’s what people want. It’s what every family in the world really wants. No one is asking to be censored. No one is yearning to be told what to think and how to live. The same desires that helped South Korea embrace democracy are what sparked the beginnings of the Arab Spring; they’re what kept the pro-democracy movement alive through two decades of dictatorship in Burma; and they’re what prompted the voters of Sri Lanka and Nigeria to flock to the polls in recent months and cast their ballots for change.
So looking to the future, we have to respond to this demand for openness and opportunity by making steady progress toward closing the digital divide. And with that goal in mind, the United States State Department will soon launch a new diplomatic initiative – in combination with partner countries, development banks, engineers, and industry leaders – and we’re going to do just that: try to make it more available. You may be sure that we will be inviting your government and other representatives from this highly-connected country to help us lead and guide this effort. Because this will define the future. And this is the way we’ll address violent extremism, and failing states.
So this brings me to another issue that should concern us all, and that is governance – because even a technology founded on freedom needs rules to be able to flourish and work properly. We understand that. Unlike many models of government that are basically top-down, the internet allows all stakeholders – the private sector, civil society, academics, engineers, and governments – to all have seats at the table. And this multi-stakeholder approach is embodied in a myriad of institutions that each day address internet issues and help digital technology to be able to function.
The versatility of the current approach enables it to move both with deliberation and care on complex issues and, frankly, much more rapidly on situations that demand a rapid response. For example, we saw the community respond to the 2007 cyberattacks in Estonia in a matter of hours. And as recently as last week, it responded literally in minutes to an unexpected outage of the Amsterdam exchange, which is the second-largest internet exchange point in the world.
That’s why we have to be wary of those who claim that the system is broken or who advocate replacing it with a more centralized arrangement – where governments would have a monopoly on the decision-making. That’s dangerous. Now, I don’t know what you think, but I am confident that if we were to ask any large group of internet users anywhere in the world what their preferences are, the option “leave everything to the government” would be at the absolute bottom of the list. Because of the dynamic nature of this technology, new issues are constantly on the horizon – but the multi-stakeholder approach remains the fairest and the best, most effective way to be able to resolve those challenges.
Now, as everyone knows, it’s impossible to talk about cyber policy without talking about international peace and security. You live this truth right here in South Korea, just as we do in the United States. Both of our countries have been hit by serious cyber-attacks from state and non-state actors. Worldwide, the risk and frequency of such attacks is on the increase.
America’s policy is to promote international cyber stability. The goal is to create a climate in which all states are able to enjoy the benefits of cyberspace; all have incentives to cooperate and avoid conflict; and all have good reason not to disrupt or attack one another. To achieve this, we are seeking a broad consensus on where to draw the line between responsible and irresponsible behavior.
As I’ve mentioned, the basic rules of international law apply in cyberspace. Acts of aggression are not permissible. And countries that are hurt by an attack have a right to respond in ways that are appropriate, proportional, and that minimize harm to innocent parties. We also support a set of additional principles that, if observed, can contribute substantially to conflict prevention and stability in time of peace. We view these as universal concepts that should be appealing to all responsible states, and they are already gaining traction.
First, no country should conduct or knowingly support online activity that intentionally damages or impedes the use of another country’s critical infrastructure. Second, no country should seek either to prevent emergency teams from responding to a cybersecurity incident, or allow its own teams to cause harm. Third, no country should conduct or support cyber-enabled theft of intellectual property, trade secrets, or other confidential business information for commercial gain. Fourth, every country should mitigate malicious cyber activity emanating from its soil, and they should do so in a transparent, accountable and cooperative way. And fifth, every country should do what it can to help states that are victimized by a cyberattack.
I guarantee you if those five principles were genuinely and fully adopted and implemented by countries, we would be living in a far safer and far more confident cyberworld.
But even with these principles, ensuring international cyber stability will remain a work in progress. We still have a lot of work to do to develop a truly reliable framework – based on international law – that will effectively deter violations and minimize the danger of conflict.
To build trust, the UN Group of Governmental Experts has stressed the importance of high-level communication, transparency about national policies, dispute settlement mechanisms, and the timely sharing of information – all of them, very sound and important thoughts. The bottom line is that we who seek stability and peace in cyberspace should be clear about what we expect and intend, and those who may be tempted to cause trouble should be forewarned: they will be held accountable for their actions. The United States reserves the right to use all necessary means, including economic, trade and diplomatic tools, as appropriate in order to defend our nation and our partners, our friends, our allies. The sanctions against North Korean officials earlier this year are one example of the use of such a tool in response to DPRK's provocative, destabilizing and repressive actions, including the cyber-attack on Sony Pictures. Now, as the international community moves towards consensus about what exactly constitutes unacceptable behavior in cyberspace, more and more responsible nations need to join together to act against disruptors and rogue actors.
As we know, malicious governments are only part of the cybersecurity problem. Organized crime is active in cyberspace. So are individual con artists, unscrupulous hackers, and persons engaged in fraud. Unfortunately, the relative anonymity of the internet makes it an ideal vehicle for criminal activity – but not an excuse for working through the principles I described to finding rules of the road and working so that the internet works for everybody else. The resulting financial cost of those bad actors, the cost of cybercrime, is already enormous, but so is the loss of trust in the internet that every successful fraud or theft engenders.
And that’s precisely why the United States is working with partners on every continent to strengthen the capacity of governments to prevent cyber-crime through improved training, the right legal frameworks, information sharing, and public involvement.
The best vehicle for international cooperation in this field is the Budapest Convention on Cybercrime, which my government urges every nation to consider joining. There is no better legal framework for working across borders to define what cybercrime is and how breaches of the law should be prevented and prosecuted. We also support the G-7 24/7 Network – in which South Korea is an active participant – and that enables police and prosecutors from more than 70 countries to request rapid assistance on their investigations.
The United States is also working with partners to improve network defenses and in cooperation with other countries to respond to cyber incidents. All of this is crucial, because in an interconnected system like the internet, poor cybersecurity has the potential to increase the danger for all of us. So we have to help each other. We have to maintain direct contact between our incident response teams, invest heavily in that capacity, and build that capacity so that weak spots are turned into stronger blockages against the vulnerabilities, and ultimately, they disappear.
So to sum up, I think it is clear to all of us that the internet is not like most inventions that affect a single industry, require just a few tweaks – a little adjustment here and there – and then we can all move on. That’s not what it requires. Digital technology has led us into a whole new frontier in which we have to find our way – and there are many different dimensions to it. When I was still in the United States Senate, I introduced legislation to protect the privacy rights of individuals and I still feel very strongly about that principle. And we are working to make sure we protect the privacy of people, not just in our country but in others.
As Secretary of State, I am in charge of an organization that is the target of hacking attempts every single day – and we have to defend against those. As a diplomat, I’m constantly engaged in discussions with counterparts about how to best enhance access and how to design and enforce the right rules to protect all of us.
My meetings with the private sector, the scientific community, the civil society, all bring home to me how important it is that all stakeholders have a voice in internet governance. The very essence of this technology is its freedom and its openness, and unless we bring all the stakeholders to the table, that will be lost. And something more important than all of us will be lost with it.
We cannot let that happen. Now, as I said before, obviously, the internet is not without risk – but at the end of the day, if we restricted all technology that could possibly be used for bad purposes, we’d have to revert to the Stone Age. Throughout the global community, we need to come together around principles that will establish a solid foundation for our freedoms – principles that will protect the rights of individuals, the privacy of our citizenry, and the security of our nations – all at the same time.
So I leave you with a somewhat unusual request: Keep doing what so many of you are already doing. Speak up for an open and secure internet. Defend freedom of expression. Add to South Korea’s great reputation as a leader in digital technology. In doing so, we can be absolutely confident about the future that we will shape.
And how will we know when we finally have succeeded? When an open, secure internet is as widespread as electricity or cellphone coverage itself. When it is fully integrated into everyday life in every corner of the globe. When it is no longer contested but accepted and even taken for granted. When we reach that point – believe me: Your successors will look back at all of this debate and they will wonder how could anyone have argued the other way.
My friends, if we do all of these things, if we stick by our guns, the internet revolution that we are living today will literally define the kinds of opportunities that young people all over the world are hoping for today – help strengthen governments; provide opportunity; make us safer; bring us together; and in effect, define the future of this century. That’s the goal we’re fighting for, and we look forward to working with all of you to achieve it.