← Back to Hub Next: Module 04 →
Week 1 • Part III

THE RUPTURE

Snowden and the Death of the Global Commons (2013)

Scroll to Explore
The End of Innocence

June 2013:
The Definitive Funeral

The Snowden revelations of June 2013 marked what scholars have called the "definitive funeral of cyber-utopianism." The foundational myth—that the internet was inherently democratic, borderless, and free from state control—was irrevocably shattered.

"The internet as we knew it died in June 2013. What emerged was a fractured landscape where trust became the scarcest commodity." — Internet Governance Scholars, 2014

The transformation was seismic: from an era of "Stewardship" to an era of "Hegemony." The United States, once positioned as the benevolent guardian of the global internet, was revealed as its most aggressive surveillor.

PRE-2013
Trust: 100%

Open Internet • Global Commons • Multistakeholder Governance

POST-2013
Trust: 15%

Fragmented Internet • Data Sovereignty • National Controls

The Revelations

What Snowden Revealed

The scope of NSA surveillance was far beyond what anyone had imagined

PRISM

Provider-Side Collection

Direct access to servers of major tech companies including Google, Facebook, Apple, Microsoft, and Yahoo. "Collection directly from the servers."

9 Major Providers

UPSTREAM

Network-Side Collection

Wire-speed packet inspection at fiber optic cable landing stations. Copying entire data flows as they traverse the internet backbone.

Wire-Speed Interception

XKEYSCORE

The Search Engine

A system allowing analysts to search virtually all internet activity. "Could watch anyone, anywhere, anytime—including the President."

Universal Search Capability
The Upstream Shock

Tapping the Fiber Backbone

The most shocking revelation was Upstream—the NSA's ability to intercept data directly from the internet's physical infrastructure. At cable landing stations across the globe, the agency installed splitters that copied all traffic passing through.

1

Fiber optic cables tapped at landing stations

2

Data copied at wire speed without provider knowledge

3

Foreign and domestic traffic both captured

TAP NSA COLLECTION UNDERSEA CABLE CONTINUES... !

Diagram: Fiber optic tapping at cable landing station

The Westphalianization

Democracies Turn Sovereign

The revelations triggered a wave of digital sovereignty movements across democratic nations, fundamentally reshaping the global internet landscape.

🇧🇷

Brazil's Response

The EllaLink Cable

"Brazil will adopt legislation and technology to protect us from the illegal interception of communications." — President Dilma Rousseff, UN General Assembly, 2013

5,900 km Direct Link

Brazil ↔ Portugal, bypassing US territory

Marco Civil da Internet

Brazil's internet "bill of rights"

🇩🇪

Germany's Revolt

The Schengen Cloud

"Spying on friends is not acceptable. We are no longer in the Cold War." — Chancellor Angela Merkel, 2013

Schengen Cloud Proposal

EU-only data routing, keeping data within Europe

GDPR (2018) & Gaia-X (2019)

Data protection and European cloud infrastructure

Timeline of Sovereignty Responses

1
2013

Immediate Political Fallout

Rousseff and Merkel statements; diplomatic tensions peak

2
2014-2015

Infrastructure Projects Launch

EllaLink cable announced; Gaia-X planning begins

3
2018

GDPR Takes Effect

Landmark EU data protection regulation becomes law

4
2019

Gaia-X Foundation

European initiative for federated, sovereign cloud infrastructure

NETmundial 2014

The Diplomatic Revolt

The global internet governance order faced its greatest challenge at the NETmundial summit in São Paulo.

Cyber-Realists

US & Allies

  • Preserve multistakeholder model
  • Maintain ICANN/IANA control
  • Resist UN ITU oversight

Sovereignists

Russia, China, Iran

  • State-centric internet governance
  • UN/ITU institutional control
  • National data sovereignty

Non-Aligned

Brazil, India, South Africa

  • Reform multistakeholderism
  • More inclusive governance
  • IANA transition to global community
The IANA Transition (2016)

The Root Changes Hands

In response to global pressure, the U.S. government agreed to transfer control of IANA—the system that manages the internet's root zone—from the Department of Commerce to the global multistakeholder community.

October 1, 2016 Completed
US IANA Before 2016 TRANSITION GLOBAL COMMUNITY After 2016
Network Topology

The Hub-and-Spoke Vulnerability

The internet's star topology created a single point of surveillance—geographic efficiency became a strategic vulnerability.

Star Topology (Vulnerable)

USA 🇨🇦 Canada 🇪🇺 Europe 🇧🇷 Brazil 🇦🇷 Argentina 🇯🇵 Japan 🇦🇺 Australia

All traffic routes through US → Single surveillance point

Mesh Topology (Resilient)

🇨🇦 CA 🇪🇺 EU 🇧🇷 BR 🇦🇷 AR 🇯🇵 JP 🇦🇺 AU

Direct peer-to-peer links → No single control point

Geography of Efficiency Becomes Vulnerability

70%

of global internet traffic passed through US infrastructure pre-2013

$10B+

estimated cost of building alternative cable routes post-Snowden

40+

new submarine cables built bypassing US territory (2014-2020)

Industry Response

Tech Fights Back

Silicon Valley moved from passive compliance to active resistance—encrypting the backbone and challenging government overreach in court.

The Encryption Revolution

Post-Snowden, major tech companies raced to encrypt all internal traffic. What was once optional became mandatory—data centers, backbone links, and user connections all received encryption upgrades.

HTTPS by Default

Google, Facebook, Twitter encrypt all connections

Data Center Encryption

Internal traffic between facilities encrypted

Transparency Reports

Regular disclosure of government data requests

HTTPS Adoption Growth

0% 25% 50% 75% 100% 2013 2015 2017 2019 2021 ~5% ~50% ~95%

Source: Google Transparency Report

Major Legal Battles

2016

Apple vs. FBI

Apple refused to create a backdoor to unlock the San Bernardino shooter's iPhone, citing the dangerous precedent it would set for all users' privacy.

Apple prevailed; case dropped
2016

Microsoft vs. USA

Microsoft challenged a US warrant for emails stored in Ireland, arguing that US law doesn't extend to data stored on foreign servers.

Led to CLOUD Act (2018)
2018

CLOUD Act Passed

Clarified that US law enforcement can compel providers to produce data regardless of where it's stored, while establishing frameworks for international agreements.

Legal Rupture

Safe Harbor to Schrems II

European courts systematically dismantled the legal frameworks enabling transatlantic data flows.

2000-2015

Safe Harbor Framework

Self-certification program allowing US companies to transfer EU personal data

October 6, 2015

Schrems I

Safe Harbor Struck Down

The European Court of Justice invalidated Safe Harbor, ruling that US surveillance practices violated EU fundamental rights. Max Schrems' complaint against Facebook changed the landscape of data transfers.

ECJ Ruling Invalidated
2016-2020

Privacy Shield

Replacement framework with stronger US commitments

July 16, 2020

Schrems II

Privacy Shield Collapsed

The ECJ struck down Privacy Shield, finding that US surveillance laws (FISA 702, EO 12333) still failed to provide adequate protection. Standard Contractual Clauses also faced new scrutiny.

Landmark Ruling Global Impact

Birth of Data Fortresses

Sovereign Cloud Regions

AWS, Azure, GCP create EU-only data centers with local control

Data Localization

Laws requiring citizen data remain within national borders

National Champions

Government-backed domestic cloud providers emerge

Data Sovereignty

Data as the New Oil

The Snowden revelations transformed how nations view data—from a commercial resource to a strategic national asset.

From Personal to National Resource

Before 2013, data was primarily viewed through an economic lens—something to be mined, monetized, and moved freely. After Snowden, nations began treating data as a strategic resource requiring sovereign control.

Data Localization Laws

Russia, China, Vietnam, Indonesia, and others mandate local data storage

Precursor to AI Sovereignty

Training data becomes a national AI advantage; borders extend to digital realm

Splinternet Acceleration

The unified global internet fragments into national or regional segments

The Data Sovereignty Shift

PRE-2013 Global Commons
Free Flow of Data
POST-2013 National Control
🇨🇳
China
🇪🇺
EU
🇺🇸
US
🇷🇺
Russia

Data now flows within borders, not across them

100+

Data localization measures worldwide

$200B+

Estimated economic impact of data restrictions

75%

of countries have data protection laws

2013

The year everything changed

The Aftermath

The Commons Is Dead, Long Live the Commons

The Snowden revelations of June 2013 didn't just expose surveillance programs—they shattered the foundational myth of the internet as a borderless, global commons. What emerged was a fragmented landscape where data flows follow political borders, where trust is the scarcest commodity, and where the dream of a unified digital world gave way to the reality of digital sovereignty.

"We are no longer in the era of internet governance. We are in the era of internet geopolitics."

— Milton Mueller, Will the Internet Fragment? (2017)
GDPR Schrems II Data Sovereignty IANA Transition Splinternet

Sources & References

Greenwald, G. (2014). No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State. Metropolitan Books.

Mueller, M. (2017). Will the Internet Fragment? Sovereignty, Globalization and Cyberspace. Polity Press.

Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W. W. Norton.

European Court of Justice. (2015, 2020). Schrems I & II rulings on data transfers.

NETmundial. (2014). NETmundial Multistakeholder Statement. São Paulo, Brazil.

ICANN. (2016). IANA Stewardship Transition. Completion Report.