Across four iterations of UK strategy (2009, 2011, 2016 and 2022), it has been evident that the UK has increased its investment in the diplomatic and foreign policy elements of cyber strategy. The Foreign, Commonwealth and Development Office (FCDO) is active in global cyber negotiations and discussions, including in forums such as the UN and OSCE. It is engaged in funding and developing the cyber capacities of other states and regional bodies. It is also involved in the UK’s elaboration of the concept of Responsible, Democratic Cyber Power, which serves both as an underlying principle of how the UK approaches the use of cyber power, and as a trope of strategic communication as the UK tries to shape domestic and international debates about how states should organise themselves to exercise cyber power in a precise, proportionate and well-regulated fashion.
The role of foreign ministries in this process is multifaceted. In addition to leading the negotiating effort in diplomatic forums, they provide a window into the thinking of other states about how cyber capabilities should be used and regulated, and act as a source of reporting about foreign AI innovations (both scientific and in policy or regulation). Foreign ministries have long since lost their monopoly on managing relationships with other states – defence ministries, for example, have a clear need to maintain direct contact with their foreign counterparts – but there remains a coordinating role for foreign ministries to ensure that this patchwork of foreign ties is pursued coherently.
Foreign ministries need to be organised for effective performance, for example by creating departments for cyber and emerging technology policy. The FCDO has had a cyber policy department for over a decade, and it has grown significantly in that time, but there is a valid question for the future about whether more coherence could be established by merging the department with its counterpart focused on international technology policy. Similarly, beyond the policy branch, foreign ministries should improve the knowledge baseline for policy decisions by creating and resourcing cadres for research and analysis. For all foreign ministries increasing the size of their policy effort on AI and cyber power, a useful question to ask is what a sensible commensurate increase would look like in supporting functions like research. The risk of pursuing one without the other is that the institution gets less bang for its buck overall. If states are worried about geopolitical competition in AI and cyber power – and they clearly are worried – then there is a need for a systematic net assessment of developments in other states. This should be pursued collaboratively with allies and partners, but it is first necessary to look at domestic arrangements and determine whether they are fit for purpose.
Summit Meetings: Good or Bad?
Finally, a word about the UK’s intended hosting of a global summit for AI safety, announced by the prime minister on his recent visit to the US and scheduled for later this year. It is easy to be cynical or sceptical about such initiatives. Is the cost justified by the likely benefits; could the official bandwidth they consume be devoted to other, more productive things; or will heads of government grandstanding together project the image of substantive engagement, but lead to little in practice?