The use of the word “cyber” to refer to all matters relating to computers and the Internet has become ubiquitous. Hence, the terms “cyberspace”, “cybergovernance”, “cybersecurity”, “cybercrime”, “cyberporn” and many other “cybers-” are commonplace, and feature prominently in current rhetoric about ICTs and governance of the Internet.
This has always made me uneasy for two basic reasons:
- the original meaning of “cybernetics” had little to do with computers; and
- there is a real danger of elision of meaning, when people use one cyber-word to refer to what other people use another cyber-word for.
A blog is no place for a detailed exegesis on these matters, but I have so often been asked about my views on them that I thought I would briefly summarise them here.
The meaning of “Cyber”
The word “cyber-” is usually seen as being taken from the concept of “cybernetics”, which itself is derived from the ancient Greek κυβερνήτης, meaning steersman, pilot, or governor. Hence, “cyber'” is fundamentally to do with governing or steering. It is used in this sense to refer to the governance of peoples in the First Alcibiades, usually ascribed to Plato.
Cybernetics in its modern form came to be used in the first half of the 20th century to refer to control systems in biology, engineering, applied mathematics, electronics and other such fields, and so was always a very much broader concept than just relating to the field of computing. As a discipline, cybernetics emerged in the late-1940s and 1950s, especially in the USA, the UK and France, championed by people such as Norbert Wiener and John von Neumann. The importance of this is to emphasise that in origin, and even until very recently, “cyber-” has been associated with a very broad field of intellectual enquiry, across many disciplines, focusing especially on systems and their control mechanisms.
It therefore seems to me to be inappropriate for the term to have been appropriated quite so aggressively in the field of digital technologies, ICTs and the Internet, first because it causes confusion, and second because in some instances it is tautologous:
- with respect to confusion, why do we need to speak about terms such as cybergoverance, cybersecurity and cybercrime, especially when there are other terminologies already in existence, such as e-governance, Internet governance, computer crime? As discussed further below, the lack of consensus and agreement on terminology is problematic.
- second, though, and of much more concern, it seems to me that the notion of cybergoverance is fundamentally flawed because it is tautologous. If “cyber-” in essence is to do with governing, then all “cybergovernance” means is governing governance.
There have been many detailed critiques of the use of “Cyber-” in other fields, with Mark Graham’s critique of concepts of cyberspace in the Geographical Journal, being particularly useful. However, few people have sufficiently emphasised this tautology in the notion of “Cybergoverance”.
Dangers of Elision
When concepts are used in such a slippery way, with meanings being appropriated and adapted so frequently, there is a considerable danger of misunderstanding, overlap, and ultimately of failure to deliver on practical action. Moreover, behind every use of a concept there is also an interest. This is very well illustrated by confusion over the terms cybergoverance, cybersecurity and cybercrime (or even cyber-goverance, cyber-security and cyber-crime). All too often they seem to be used interchangeably, and there really must be clarity of meaning and understanding of such terms if progress in reaching consensus on these very important issues is to be made. One person’s cybercrime is another’s cybersecurity, and an initiative set up to focus on just one aspect can readily seek to expand into another, thereby causing confusion, duplication of effort, and indeed mistrust.
Although, for the reasons above, I think that the term “Cyber-” should no longer be used at all with respect to work on the Internet, digital security, computer crime and the like, because it is far too broad, I recognise that unfortunately it is now in such common use that this plea will fall on deaf ears. There are powerful interests who like this ambiguity, and wish to use such terms for their own ends! Hence, let me offer a simple structure whereby some clarity might be injected into the discourse. At least for me, there is a nested hierarchy of such terminology:
- “cybergovernance” (ugh, the tautology still hurts me) should be used (if at all!) for the overarching notion of governance of ICT systems, including concepts such as Internet governance and e-governance;
- “cybersecurity” can be seen as a subset of cybergoverance, and should be used to refer to all aspects of security with respect to ICT systems. The concept of “cyber-resilience” can be seen as being closely allied to this, and might actually be a better term, since it is more positive, and takes away the sense of threat around security and the role of the military.
- “cybercrime”, accordingly, is a subset of cybersecurity, focusing just on the aspects of criminality with respect to the use of ICTs.
Of course there is overlap between these terms, because fully to understand cybercrime, one needs to have a knowledge of cybersecurity, and to understand and act on that one needs to consider wider cybergoverance issues.
My preference is to abandon the use of this “Cyber-” terminology altogether and to use clearer more specific words for what we are talking about and seeking to implement. Then, we might actually make some progress in ensuring that the poorest and most marginalised can indeed benefit from the potential of ICTs. However, if these terms continue to be used, let’s first try to reach some better agreement on their bounds and contents. Cybergovernance, cybersecurity and cybercrime are categorically different concepts, and the interests that seek so often to elide them need to be challenged!