Alex Grigsby is the assistant director of the Digital and Cyberspace Policy program at the Council on Foreign Relations.
If you walk up to the average American and ask them what they know about the Commonwealth, you're likely to get blank stares. Having violently overthrown the British crown, it is understandable that Americans would pay little attention to an international organization largely designed to maintain ties between London and its former colonies. Even though U.S. television will provide wall-to-wall coverage of the Prince Harry-Meghan Markle wedding, no one on this side of the Atlantic (save for Canada and a few Caribbean nations) likely cares about the organization Prince Harry's grandmother—Queen Elizabeth II—heads.
The United Kingdom views the Commonwealth as an important vehicle to exert influence in over fifty of its former colonies (fifteen of which still recognize the Queen as their head of state). Over the last few years, London has tried to get the organization more involved in shaping international cyber policy as part of the UK's larger efforts to promote norms for state activity in cyberspace, and support related capacity building initiatives.
Last month, Commonwealth heads of government issued a "cyber declaration." The contents would be familiar to anyone who has followed the intricacies of international cyber policy. It commits heads of government to promote the applicability of international law to cyberspace, harmonize legal approaches to facilitate the transfer of digital evidence for cybercrime investigations, and invest in capacity building initiatives. On capacity building, the UK took the lead in announcing that it would invest £15 million (approx. $20 million) to "to help Commonwealth countries strengthen their cyber security capabilities."
The cyber declaration also commits Commonwealth members to "limit the circumstances in which communication networks may be internationally disrupted, consistent with applicable international and domestic law." That's a not-so-veiled reference to the increasingly common practice of governments ordering domestic telecoms providers to shut off specific online applications during times of turmoil. In 2014, Turkey mandated telcos block access to Twitter during the Gezi Park protests. Last year, Togo blocked access to WhatsApp and Facebook during political protests against that country's president. Some go so far as to shut off the entire internet. Some state governments in India, particularly Jammu and Kashmir and Rajasthan, cut internet access as a preventative measure to avoid communal violence. Iraq famously turns off the internet for three hours every year to curtail cheating in the country-wide high school exit exams.
According to data compiled by Access Now, an advocacy organization, seven Commonwealth members have cut periodic access to online applications or the internet entirely since 2016: Bangladesh, Cameroon, the Gambia, India, Pakistan, Sri Lanka, and Uganda.
It would be unreasonable to expect that a political declaration is likely to prevent these countries from curtailing internet access if they feel it necessary to avoid unrest. However, it does attempt to create a norm against the use of internet shutdowns. For example, the next time a Commonwealth country decides to shut down the internet, other Commonwealth governments, particularly those part of the Freedom Online Coalition committed to protecting online freedoms (Australia, Canada, Kenya, New Zealand, and the United Kingdom), will be able to call it out for violating its pledge.
As the home of the Commonwealth and promoter of the no-internet-shutdowns norm, London might not be able to ignore future internet blackouts in its former colonies. According to the Software Freedom Law Centre of India, there were seventy reported instances of internet shutdowns in the country in 2017. So far, the country is on par to beat that number, with forty-three instances in 2018. The UK's commitment to its new norm might be put to the test sooner than it might think.