Is Data The New Ammunition?

Samyak Rai Leekha
The Futurian
Published in
5 min readMar 25, 2022



Photo by Mika Baumeister on Unsplash

Technology has had a tumultuous relationship with the human condition. It has propelled our species beyond the barriers of biological possibilities, resulting in numerous marvels often indistinguishable from magic. Since its inception, technology has also led to developments in the ways in which wars are waged. From the advent of the longbow to modern arms and ammunition, technology has altered human relations in the political sphere from time immemorial.

The rise of the digital realm in the contemporary era has been a source of numerous boons. Connectivity today is not merely limited to those in one’s vicinity. From spurring new industries to empowering with information the most deprived, the digital revolution has altered the very quality of the human experience. From the outset, the internet was conceived as a force for democracy and liberalism by its very character. However, with states blocking apps, restricting entities from network infrastructure and restricting data flows, it seems prudent to examine the evolution of the interplay between the digital sphere and interstate political relations.

In the domestic realm, scholars, academics and policy analysts highlight the Privacy-Security dilemma as a central consideration driving state action. According to the dilemma, a state is in charge of guaranteeing the privacy of its citizens, while also ensuring the security of its citizenry and itself. Some argue that privacy and security are always in conflict with one another, as any attempt by a state to enhance the privacy of its citizenry would inevitably lead to a reduction in the security a state can provide. The inverse is also highlighted, i.e., any attempt by a state to enhance its security would inevitably lead to a reduction in the privacy protections bestowed upon its citizenry. In essence, this dilemma establishes a bilateral relationship between the citizenry and its government.

In recent years the world has witnessed a rise in mass user data collection by private companies. Academics point to a new economic system emerging as a result, named Surveillance Capitalism. Under this system, touted to be the dominant system of economic logic globally, services are offered for free to consumers, in return for their user data. This user data is subsequently processed in order to reveal key behavioural traits, which assist companies in predicting and manipulating user behaviour. Driven primarily with the vision to serve advertisements to users, the effects of this system can now be felt far beyond the marketing space. The same tools and techniques are utilised by political parties to win elections. Further, and perhaps more eerily, foreign states can — and do — leverage this system to interfere in the domestic political systems of opponents.

Governments have not been aloof to these developments. The US government for instance has a long history of leveraging the massive amounts of user data in the custody of its tech giants to conduct surveillance at a global scale, as revealed by the Snowden disclosures. However, in recent times, this user data has become more than just a tool of surveillance, but now is a national security asset in its own right. This is because countries like the People’s Republic of China (PRC) have demonstrated that this user data could be processed and used to conduct foreign influence operations, both in the digital sphere, as well as the physical realm such as through blackmail and enticements. Such operations are aimed at delegitimising a government or sowing social discord with the intent to influence the leadership or the citizenry of the target nation to act in the initiator’s design and to alter the target’s belief and worldview.

In national security parlance, terms such as Cognitive Warfare, 6th Generation Warfare and Psychological Warfare have begun gaining favour, with some states according greater recognition through including them in their respective national security doctrines. User data and attached metadata (data describing data) have therefore gained the status equivalent to ammunition.

While cyberattacks and the likes can provide a country with limited access to foreign user data, the control of digital services, systems and infrastructure provides a country with a much greater quantum of user data. States and their companies have been endeavouring beyond their borders to provide such facilities in order to harness user data. This has subsequently led to states enacting measures such as app bans, infrastructure expulsions and data protection laws.

With respect to the Privacy-Security dilemma, unlike one’s own state from whom one can demand a sense of privacy, a foreign state has no obligation to protect the privacy of the citizens of another. The situation gets further complicated through laws and programs aimed at either co-opting or compelling the tech companies of one’s country to assist in the pursuit of national security objectives through sharing user data. Examples of these include the US’ PRISM program under which big tech companies voluntarily share foreign user data with the US government, and the PRC’s National Intelligence Law, which compels companies to assist in intelligence work. While some argue that private companies also have a responsibility to safeguard user privacy when a company’s home government is compelling or co-opting them to share foreign user data, the logical assumption would be that the company’s loyalty lies with their home government’s directive as any violation may lead to impediments in conducting business.

The alleged contradiction in governments citing citizen privacy concerns to block access to foreign digital technology while also evading citizen privacy on their own volition can also be explained through this perspective. In both cases, the security logic is what prevails. A foreign state conducting surveillance would mean that that state would have the ability to interfere in one’s domestic political process, thereby eroding one of the key elements of statehood, i.e., sovereignty or the ability to govern oneself without external interference. When the very core of a state is threatened, a state will act to defend itself, therefore, acts aimed at expelling foreign states can be seen as defensive actions.

Likewise, a government will also endeavour to extract as much user data as it can from its own citizenry as this user data can be used to launch counter influence campaigns and thus save a state’s legitimacy. Au contraire, states promoting or defending indigenous technology firms abroad, can be seen as offensive manoeuvres, aimed at increasing one’s own access to foreign user data which can be exploited at a later stage.

Unlike previous iterations, contemporary cross border data-driven surveillance is not merely a source of defence. Recent incidents have demonstrated the ways in which strategic leveraging of user data facilitates the imposition of one’s political will on one’s adversaries. Contests over data, and, the control over companies extracting it, have manifested the path to a new arena for interstate competition. With technologies advancements in 5G/6G, the IoT and satellite broadband services among others, the quantum of extractable data would reach unprecedented levels. Therefore, the foreseeable future involves continued interstate competition over data and technological services. Future wars, as seen in the current Ukrainian conflict, would increasingly leverage digital tools to achieve strategic objectives. Data is therefore set to play a critical role in the future of interstate security as a source of ammunition.

© Samyak Rai Leekha 2022