Source: Getty
commentary

The Great Power Race in GCC Cyberspace

GCC countries are caught up in Chinese-U.S. competition over tech infrastructure. A failure to appease both powers risks endangering critical relationships.

Published on December 14, 2020

Secure and uninterrupted cyber cooperation is central to successfully fighting conventional wars, defending against hybrid threats, ensuring the security of stationed personnel, monitoring financial transactions and terrorist movements, and enforcing sanctions. As China and the United States have found new venues for conflict over the last decade, cyberspace is no exception. China has sought to counter the United States’ Clean Network Initiative (CNI), a digital trade zone that excludes Chinese companies, by introducing its own Global Data Security Initiative.1 Amid this escalating interplay of techno-politics, geopolitics, and the looming prospect of splinternet,2 Beijing and Washington are in a race to attract as many states as possible into their respective orbits.

Gulf Cooperation Council (GCC) countries are working closely with Chinese companies to develop their 5G networks, putting these countries in the middle of Chinese-U.S cyber competition. With GCC member states, China has the upper hand on the normative side of this competition. China’s closed political system and top-down approach to governance, as well as its disregard for individual rights and freedoms, are mirrored across the Middle East’s political landscapes. Meanwhile, Washington’s role as the main security guarantor remains its most potent asset in the region. How the two sides will play their hands and how the GCC states respond to their efforts will have significant implications not only for the region and Beijing and Washington’s respective roles in it, but also for the broader issue of global internet governance.

As GCC states may no longer be able to keep both sides happy by slicing up their digital infrastructure between Chinese and CNI member companies, the issue becomes more pressing. GCC states have developed a diversified portfolio of vendors and partners in technology development representing a carefully crafted mix of Chinese and Western firms. This tried and tested balancing act is prevalent in GCC states’ energy and transport sectors—major contracts are nearly evenly awarded to companies from partner countries from Asia, Europe, and the United States. The objective is to keep allies satisfied and, more importantly, secure their commitments to their sociopolitical stability and the ruling families’ continued holds on power.

Today, Chinese companies play an integral role in affordable 5G network development. In the UAE, Huawei is involved in the establishment and growth of 5G networks by both Etisalat and DU. Oman Tel has teamed up with Huawei as have VIVA Bahrain, VIVA Kuwait, and both Saudi’s Zain and Saudi Telecom Company. For its part, Qatar’s main operator, Ooredoo, has enlisted ZTE’s, Huawei’s main Chinese competitor, know-how in developing its 5G network. Ericsson, IBM, Microsoft, NEC, Nokia, and Orange, on the other hand, are the Western companies with commanding roles in the digital infrastructure of the GCC.

As it stands, the CNI will leave GCC states with no option but to pick a side in this unfolding competition between China and the United States. However, doing so will not come as easily for them as for the United States’ European allies, who nominally share more liberal norms and values. Failing to abandon their partnerships with Chinese tech companies could limit U.S. security guarantees for GCC states, making them more vulnerable to outside threats at a time of rising tensions in the region.

If GCC states remain outside of the CNI, they could soon be seen as security risks— if not outright threats—by the U.S. government.

If GCC states remain outside of the CNI, because of their partnerships with Chinese entities and use of Chinese software and equipment in their 5G networks, they could soon be seen as security risks— if not outright threats—by the U.S. government. Conversely, cutting their commercial ties with Chinese firms and opting for CNI companies in building and maintaining 5G infrastructure could jeopardize their burgeoning relations with their largest energy customer. Given the complementary nature of China’s Digital Silk Road initiatives and these countries’ own national developmental priorities, as well as Beijing’s thirst for oil, all of the GCC states—in particular Saudi Arabia and the UAE—have spent considerable financial and human resources to expand their ties with China and lock in its commitment to their sociopolitical stability.

Siding with the United States, moreover, could push Beijing closer to Tehran at a time when the two are finalizing the signing of a long term strategic pact. So far, Beijing has sought to strike a balance in its relations with Iran and the GCC. It will have less reason to do so if the GCC states succumb to U.S. pressures and abandon ties with Chinese firms. Compounding this strategic dilemma is the considerably smaller normative values gap between these states and China, especially when compared to Washington. As Iranian authorities are reportedly highly impressed by Beijing’s use of technology in responding to Hong Kong’s protests, it is not unreasonable to assume that GCC officials are equally impressed by the efficacy of Chinese tech and China’s modus operandi in cyber surveillance. What is at stake here is less about the quality of surveillance tech and more about the conditions around their sell and potential use by the purchasing parties. China does not condition its tech sales upon states’ adherence to human rights and freedom of expression. What is more, Beijing has begun following in U.S. footsteps by providing training to the security forces of countries where its surveillance technologies are used.

The U.S. government, on the other hand, faces two problems. Members of Congress care about the end usage of U.S. technologies, and could ban their sales to certain states due to their concerns over human rights violations. The problem is that this action would only increase China’s market share. Unable to purchase U.S. tech, these states can easily turn to other providers including Beijing. More importantly, if the United States were to turn a blind eye, as it occasionally does, it will end up shooting itself in the foot. If authoritarian regimes are seen to use American technologies to spy on their citizens and suppress their freedom, Washington’s criticism of China’s role in enabling digital authoritarianism will have no credibility in the court of the global public opinion.  The CNI in its current format is an inflexible, exclusionary initiative, which does not allow for preferential treatment of geopolitically significant states. This presents a dilemma for policymakers in the United States. Excluding GCC states from the CNI would jeopardize the United States’ ability to cooperate with these countries on key security matters, including counterterrorism.

If U.S. pressure forces regimes to choose between competing poles, GCC states will have a hard time cutting their ties with Beijing. This could undermine U.S. regional standing and prove detrimental to U.S. efforts in establishing the normative framework for global internet governance.

With GCC states already alarmed by Biden’s eagerness to rejoin a nuclear agreement with Iran, these tensions would only gain momentum if President-elect Biden insists on a total termination of digital ties between these states and China. Given his picks for top foreign and security policy posts, it seems that Biden, while eager to champion the causes of democracy and human rights, will be guided by pragmatic thinking and seek both to avoid turning China into an adversary and to welcome GCC states to the CNI.

Nima Khorrami is a research associate at The Arctic Institute’s Center for Circumpolar Security Studies.

1 The U.S. government expresses grave concerns about China’s increased presence in the digital infrastructures of its allies and partners around the globe—including the GCC states. To this end, it introduced the CNI; a political framework intended to secure the United States and its partners’ digital assets and infrastructure from “malign actors such as the Chinese Communist Party.” So far 53 countries and 180 companies have joined the initiative. While membership is voluntary, failure to join could lead to either substantially reduced U.S. defense and security assistance or, even worse, a total halt. 

2 Splinternet refers to the presence of more than one worldwide web. More precisely, it refers to the idea of a cyberspace divided along national or regional lines whereby different sets of norms and values govern behavior and actions in the digital domain.

Carnegie does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.