“Play the Game or Be Played”: Building Tech into Germany’s National Security Strategy

A computer can now beat humans at diplomacy. Not at the actual practice of complex negotiations between states – but almost: at the board game of the same name, which is modeled on pre-World War I Europe. In November, Meta – the parent-company of Facebook – announced that its AI program Cicero can now play the abstract game, which involves territorial invasion, in a ​“seven player, zero sum and deterministic game of imperfect information” using predictive planning, alliance building, multi-level negotiations, coordinated moves, and tactical reactions to advance. In 10 percent of these games, a human beats Cicero – but the AI system outplays humans in 90 percent of the encounters.

Technology is coming for diplomacy and international relations, whether nations are ready or not – and Germany, with its overwhelmingly domestic focus on tech and digitalization, is not. As the war in Ukraine has proven, national security will increasingly be more than just a question of traditional defense considerations, intelligence and foreign policy around digital and technological stewardship. In the absence of a German national security council, there is no government structure (yet) that can offer integrated, holistic foreign and security policy considerations on the gamut of tech-related issues at speed – topics like risk analysis, early-warning mechanisms, and intel and data diagnostics. Germany’s security cabinet and associated intel briefings do not and cannot amount to a holistic assessment of security challenges if they fail to take the breadth of tech-related challenges and opportunities into consideration. The web of cyber governance structures in Germany is paralyzingly complex, with too many info breakpoints and a lack of an international perspective beyond the cyber structures in Germany’s Federal Foreign Office. The cyber strategies released in 2011, 2016 and 2021 failed to convey the different levels of decision-making fully, and Stiftung Neue Verantwortung – the think tank tracking the cyber strategies – nearly gave up on the mapping exercise last year.

The German Federal Ministry for Digital and Transport’s international arm, which is currently being assembled, hopes to project more clarity but looks to be structurally understaffed for the questions at hand – and late to the game, since the National Security Strategy is to be published early this year. A worthy national security strategy must have technology running through it like a plumb line. To this end, the German government’s coalition agreement made a decent start. The most recent US and Japanese security strategies demonstrate the degree to which a coherent technological perspective on national security matters – from new weapons systems, battling disinformation online and protecting critical infrastructure, to their contributions toward maintaining an open internet for all. The world’s fourth largest economy must be capable of doing the same, and fast. 

Getting Germany Up to Speed

A tech focus and coordination – including ​‘clean’ and cyber-secure networks for critical infrastructure, open data flows in the face of massive disinformation and industrial capacity that sets international standards – will be vital to the domestic economic transformation and prosperity of advanced economies as well as their security. Digital mastery will be needed to sustain and bind allied relationships while addressing issues of the global common goods, which includes vaccine research, green tech, safe and fast undersea cables, satellite linkages, and open data flows. Building the capacities to sustain these systems and advance their development will determine global leadership in the (near) future. Germany’s laggard status across a range of critical technologies (recent massive investments and new models of financing notwithstanding), its inability to bring cutting-edge digital products and services to market at scale and speed, its lack of strategic culture, and its unwieldy bureaucracy all put a break on a foreign policy that is digitally informed and technologically empowered. But technology will define foreign and security policy for the immediate future. 

The US-China competition will mainly be built on the battlegrounds of AI, computing hardware (e.g., advanced chip technology and quantum computing), and 5G/​6G network infrastructure – and will be determined based on how quickly each side can deploy their ​‘branded’ technologies around the world. Where does Germany see itself within this power struggle? In Berlin, other conflicts will emerge between corporate interests and national security – when it comes to China, they are already rife, and technology will continue to be a major part of these tensions. Germany’s Telekom maintains an explicit 2019 agreement with Huawei to continue their partnership on semi-conductors even if the US were to sanction Chinese chip makers – which practically guarantees conflict with Washington. What is more: 59 percent of Germany’s existing 5G RAN tech originate from China. How does that square with the promise – made in the first pages of the current government’s coalition contract – to exclude ​‘dangerous’ providers from its networks?

Allies will also expect Germany to implement decisions negotiated under the EU-US Trade and Technology Council (TTC), and will want to see a clear role for Berlin in the development of the EU-India TTC. In both trade groups, tech policy and traditional foreign economic policy are paired – including on investment controls and I/​P transfers, export monitoring and the ownership of commercial intelligence. Germany’s diffused decision-making structure in these areas – across different bureaucratic structures within and between ministries – creates bottlenecks, where early warnings become ​‘post-fact’ assessments that increase – not decrease – the country’s exposure and vulnerability. The realities of fast-moving commercial decisions with technology and data security implications will set the stage for more battles between Germany’s industrial and security interests, between the center and periphery, and between state, local and national actors across the country. Current examples include Chinese state-owned multinational company COSCO’s move to invest in the port of Hamburg, China’s Sai Microelectronics’ attempt to buy the German-owned ELMOS chip facility, and the uncomfortable revelation that German-made Infineon chips are among the $777 million high-tech goods that – despite sanctions – made it into Russia during the invasion of Ukraine. There may be many more.

National Security Through a Tech Lens

In terms of tech, Germany’s national security strategy must pick up where the coalition agreement left off. Where the coalition agreement scatters technology priorities throughout the document, the upcoming National Security Strategy should be focused. And as lead author, the German Federal Foreign Office needs to use this opportunity to assume a larger coordinating, convening and agenda-setting role. To do so, it must make a convincing case around three basic elements.

At a minimum and at the outset, the national security strategy – and its lead author, the German Federal Foreign Office – must (1) map the current strengths and weaknesses around technology and digitalization, and demonstrate how Germany’s investments (see the recent KRITIS draft legislation) and the interplay and sequencing of security agency and foreign policy intelligence gathering (including digitally) will serve to defend the country’s infrastructure. Further, it should show how such efforts will protect Germany from cyber and ransomware attacks and shield the population against the harmful effects of disinformation, while also ensuring that human-centered technological advantages are enabled in a European context.

Germany’s new National Security Strategy should also (2) highlight how Berlin will deploy technology going forward to increase the country’s global competitive advantage in tech, including its objectives toward economic and political development – pulling together its ambitions outlined across existing strategies on cyber, nano-technology and more. The National Security Strategy should also (3) outline how technology will inform Germany’s relations with allies and partners – including China, India, Japan (and the Quad), and the United States. Further, it must show how Berlin will pair traditional foreign and economic policy instruments with technology and data concerns across a range of transnational policy areas, and how Germany plans to focus its development policy to prevent advancing nations from falling prey to ​‘digital colonialism’ by presenting a coherent agenda on how it wants to deploy digital tools that achieve foreign and development goals, toward a more holistic approach to security (for which December 2022’s digital.global was a start.)

Reframing Tech Policy and Security

But Germany’s National Security Strategy could be bolder still. Taking the US National Security Commission on AI’s example, Berlin should (backward) map toward specific goals where Germany has clear strategic advantages – such as championing digital green tech or building up deep technology – using an integrated, whole-of-society approach that makes explicit their global implications. That would necessitate a foreign policy look at existing strategies – cyber, nano and others – and reframing them in the language and scope of national interest and influence. 

Without the capacity to coordinate and implement priorities, Germany’s National Security Strategy risks remaining an ineffective ​“collection of ideas,” as the German Federal Ministry for Economic Affairs and Climate Action publicly criticized in the first draft. To this end, Germany’s Federal Ministry for Digital and Transport – currently charged with developing an international strategy on digital policy – could serve as a ​‘metrics marker’ for tracking and measuring how tech and data transformations are accomplished across sectors in the medium term. Still, much of Germany’s technology decision-coordination (between ministries, with leading-edge tech and telecommunications companies, etc.) should be taken up by the German Federal Foreign Office. It has – or should have – the necessary international intel and authority in Berlin to lay the groundwork for a regular ​‘tech-diplomatic situational assessment’ that takes domestic realities (including state-based and corporate) into account.

This role would necessitate a series of near-term changes, which would signal to allies that Germany fully understands how the intersection of technology and foreign policy will accelerate international relations going forward. Which is to say: Play the game – or be played.

Here are some recommendations that could help:

Institutional Scope:

• Expand ​“Techplomacy” capacities to rival Denmark – with outposts in Singapore, San Francisco, Mumbai, Tokyo, and Taipei, as well as a mission-specific expansion of these capacities within the European External Action Service. Accelerate the hiring of data analysts and build technological capacities of data usage, learning from mistakes made on AI incorporation in Canada and the UK. 
• Introduce a Special Envoy for Emerging and Critical Technology. This should follow the US example: Announced on January 3, 2023, the office in the US State Department will be headed not by a so-called ​‘techie’ but by a historian of strategy. In the German case, this body should be dual-headed by an expert on emerging tech and senior foreign policy staff (at state secretary levels, similar to the hiring of Jennifer Morgan on the climate brief).

Tools:

• Convene a strategic technology council. In Germany, a strategic technology council should be multi-stakeholder, national-interest oriented, cross-ministerial, and cross-industry, and act as a consolidated advisory and implementation body around the impacts of EU-US TTC decisions as they relate to foreign and security policy. It should also lay the groundwork (with a geopolitical lens) for the expansion and internationalization of Germany’s digital strategy. 
• Expand VR/​gaming and data-gathering tools for diplomats in the field. Expanding the use of data labs in key embassy posts and linking them with data- and evidence-based policy analysis capacities in Berlin could imbue strategic and interest-based policy formulation with the means to ​‘game out’ actionable paths. 
• Deliver a proof of concept. Germany should mainstream the use of data analytics to plan, implement and post-facto assess foreign policy interventions. To do so, Berlin should stand up or spearhead institutionally independent special (research) initiatives, akin to Swiss and US projects, to map out threats/​vulnerabilities and opportunities emerging from strategic tech.