In this contribution, Alisa Wadsworth takes a closer look at an often-overlooked issue: the undemocratic legislation pushed through by governments in the name of cybersecurity.
Populism on the Main Stage
In recent years, populism has emerged as a strong challenge to the liberal democracies, or so it seems. The rise of populism has been linked to authoritarianism , likely because of the commonalities and shared tactics between populist and authoritarian regimes. As a number of populist leaders have used authoritarian tactics and rhetoric—such as undermining free speech and media—to gain popularity, the two are frequently intertwined . Yet, the field of cybersecurity shows that this assumed relationship between the populist rise, on the one hand, and authoritarian policies, on the other, is not clear-cut. In fact, it has been centrist, non-populist governments that have introduced legislation hinting at authoritarianism. However, public focus is often on populism; it is an easy target to pin blame on with its typically loud rhetoric and polarising nature. As a result, the undemocratic legislation by centrists occurring right under our noses winds up overlooked.
Threats to Cybersecurity
Governments are increasingly acknowledging cyberterrorism as a threat to national security. This is noticeable in the rise of legislation passed by the European Union , increased spending on cybersecurity , and pre-emptive measures  taken by numerous countries before national elections to prevent interference. Yet, in attempting to tackle cyberterrorism, democratic governments across the West have responded in ways that are, ironically, undemocratic. A number of EU member states have passed legislation that grants governmental agencies and private companies broad and ill-defined powers to access data and conduct surveillance on citizens that trump citizens’ rights. Very little of this legislation, which has been condemned by human rights advocacy groups , the United Nations  and European Court of Justice  (CJEU), has been driven by populism.
Consequently, focusing so heavily on populism has overshadowed the actions of centrist governments and cross-party coalitions. Paying attention to populist politicians is certainly necessary, but the mass-market label of populism that is put on politicians, parties, and authoritarian behaviour results in a lack of scrutiny placed on undemocratic and arguably authoritarian legislation passed by non-populist governments.
The Politics of Cyberterrorism
A key example of tightening security measures as a response to cyberattacks is the move towards decreasing internet freedom . Across Europe, governments have increased levels of surveillance, undermining citizens’ rights to privacy and freedom of expression. A number of these policies have been justified with reference to cyberterrorism and increasing cybersecurity protection measures. For example, in 2017 Italy passed a law, which “requires telecommunications operators to store telephone and internet data for up to six years ”, although the ECJ had previously ruled that such legislation violates citizens’ privacy rights. Governments of France , the United Kingdom , Germany , Hungary , and other EU member states have passed similar legislation to ramp up surveillance powers, on the grounds of protection against terrorist- and cyber-threats. Such legislation has largely not been retracted, despite the above-mentioned condemnation.
Another example of centrist governments pushing forward interfering legislation is the UK’s Investigatory Powers Act. There was no indication that the legislation was pushed through primarily by parties like UKIP, or politicians associated with populism . Further, once it was passed, Tory MP David Davis, a staunch supporter of Brexit , and later Brexit secretary—the populist project par excellence—, was part of a cross-party coalition that criticised the legislation and brought a case before the CJEU. The bill was ultimately supported through parliament by a centrist government, while the firmest challenge to the bill came from a coalition of politicians led by a populist Brexiteer .
An Uncomfortable Reality
Yet, efforts by centrist governments to combat cyberterrorism, with their problematic consequences for citizens’ freedoms, have arguably been overlooked in favour of a focus on the loud rhetoric of populist leaders across Europe. Despite the attention populism attracts, it is European governments, who increased levels of surveillance to counter such cyberattacks and disinformation campaigns. Regardless of whether one believes such efforts to be justified, the key point is that the emphasis on populism draws necessary attention away from issues such as this one. Because cybersecurity legislation potentially threatens citizens’ rights and freedoms, this continent-wide legislative response to cyberterrorism is in itself a nod to authoritarian behaviour —and it is not being noticed.
This ignorance is reinforced by a general lack of public awareness or concern about surveillance. For example, 38 percent of respondents to YouGov’s survey  asking whether the UK government has enough oversight over its online surveillance activities responded with ‘I don’t know’. This makes it relatively easy for governments to increase surveillance and data collection capabilities without significantly public backlash.
Focusing more on how national governments across the continent have increased their surveillance powers, in ways that could have harmful effects on citizens, allows for a better understanding of how to effectively and collaboratively move forward with effective cybersecurity legislation in an age where cybersecurity is paramount. This discussion, like many others, is sounded out by the pervasive focus on populist rhetoric, rather than government actions. The focus on populism should not occur at the expense of scrutiny of the actions of numerous democratic governments—often with cross-party support—in the name of security. Ultimately, if we want to talk about authoritarian tendencies, we need to keep the centre in our sights as much as the populists.
Alisa Wadsworth is a student at the University of Pennsylvania and a former intern at LSE IDEAS.