Introduction
Firms trade in global markets, making states economically interdependent, but states make war and peace, shaping the partners with whom firms trade. Scholars have examined this dynamic since antiquity (Pollins Reference Pollins1989b). Today, digital interdependence shapes all parts of the global economy (Box and West Reference Box and West2016; High-level Panel on Digital Cooperation 2019; Weymouth Reference Weymouth2023), yet we have a limited understanding of digital interdependence and power politics. National policies influence digital platforms (Goldsmith and Wu Reference Goldsmith and Wu2006; Roberts Reference Roberts2018) and domestic infrastructure (Gohdes Reference Gohdes2015, Reference Gohdes2024; O’Hara and Hall Reference O’Hara and Hall2021), and central states benefit from an interdependent global Internet infrastructure (Farrell and Newman Reference Farrell and Newman2019). But, do states’ security relationships shape how their firms route data outside their borders?
Just like economic interdependence, digital interdependence is created by firms agreeing to mutually beneficial exchange. In the Internet’s case, firms operating networks exchange data traffic with others. Fifty thousand networks (owned by Internet service providers, universities, and businesses) in 190 countries provide Internet access to individual devices, and every network must connect with at least one other. Scaling this up, no country is an island on the Internet. Even North Korea relies on routes through China and Russia to connect with the web.
Digital interdependence – networks across borders moving data through one another – has substantial economic and security implications. Networks refusing to interconnect can make Internet access for entire continents more expensive, slower, and unstable (Chavula et al. Reference Chavula, Phokeer, Formoso and Feamster2017; Czernich et al. Reference Czernich, Falck, Kretschmer and Woessmann2011). Networks’ data routing decisions create asymmetric relationships (Edmundson et al. Reference Edmundson, Ensafi, Feamster and Rexford2018; Karlin et al. Reference Karlin, Forrest and Rexford2009), exposing states to spying and coercion (Clement and Obar Reference Clement, Obar and Geist2015; Farrell and Newman Reference Farrell and Newman2019). Domestic censorship spreads through data routes, so digital interdependence means Internet filtering in Russia limits what users access throughout Central Asia (Ortwein et al. Reference Ortwein, Bock and Levin2023).
Many authors address the ‘trade follows the flag’ theory of interdependence – beyond economic explanations such as factor endowments and comparative advantage, nations’ security policies influence their trade (Anderton and Carter Reference Anderton and Carter2001; Gowa and Mansfield Reference Gowa and Mansfield1993; Long Reference Long2008; Mansfield and Bronson Reference Mansfield and Bronson1997; Polachek Reference Polachek1980; Pollins Reference Pollins1989a, Pollins, Reference Pollins1989b). The conventional wisdom and existing research on data routing focus on efficiency and cost, leaving little room for international security (Baake and Wichmann Reference Baake and Wichmann1999; Economides et al. Reference Economides, Majumdar, Vogelsang and Cave2005; Greenstein Reference Greenstein2020; Holme et al. Reference Holme, Karlin and Forrest2008; Lodhi and Dovrolis Reference Lodhi and Dovrolis2010; Norton Reference Norton2014). Authors diagnose barriers to international interconnection due to poor infrastructure (Rosa Reference Rosa2021), linguistic differences (Fanou et al. Reference Fanou, Francois, Aben, Mirkovic and Liu2015), and regulatory regimes (Schumann and Kende Reference Schumann and Kende2013) – none have looked at how international security shapes the Internet’s structure.
Power politics shapes economic interdependence because conflict creates risks for firms, and states have incentives to limit interdependence with adversaries. However, the feedback mechanisms underpinning the economic interdependence-security linkage, both top-down and bottom-up, translate poorly to digital interdependence and data traffic. Businesses fear conflict-related sanctions, and the low risk of sanctions between allies is one reason why firms prefer allied states’ markets (Askari et al. Reference Askari, Forrer, Teegen and Yang2003; Clark and Reed Reference Clark and Reed2005; de Jonge Oudraat Reference De Jonge Oudraat2000; Mulder Reference Mulder2022). However, states frequently exempt Internet interconnection from sanctions regimes. Wars interfere with contract enforceability, undermining trade, but 99.5 per cent of interconnection agreements do not have contracts. Alliances and conflicts shape how and whether states enact tariffs (Baldwin Reference Baldwin1985; Gowa Reference Gowa1994), but the WTO has placed a moratorium on tariffs for data flows for the past twenty-five years. The public boycotts products from adversaries (Heilmann Reference Heilmann2016; Pollins Reference Pollins1989a; Trentmann Reference Trentmann and Feldman2019), yet Internet interconnection is a business-to-business service. Why should power politics and data routing align if the connections between the two are so tenuous?
Instead, this paper draws on computer science to explain the risk that interdependence presents to firms operating digital networks. Vulnerability to several exploits depends on who networks exchange data with, and networks often drop partners with poor cybersecurity practices. State and non-state actors alike leverage cyberspace to harm adversaries in response to worsening relations, including wars, diplomatic crises, and low-level conflicts. Firms and the networks they operate face significant risks from conflict externalities – they sit directly in the line of fire. In the economic interdependence literature, conflict expectations shape which firms trade with in peacetime (DiGiuseppe and Kleinberg Reference DiGiuseppe and Kleinberg2019; Long Reference Long2008; Morrow Reference Morrow1999; Pollins Reference Pollins1989a, Pollins, Reference Pollins1989b). I theorize that firms align data routes with their conflict expectations to maintain stable access to global digital infrastructure.
My analysis leverages approaches from computer engineering, modelling routing between over 70,000 networks at the monthly level over eight years. This novel dataset charts relationships between Internet service providers across borders over time, providing new opportunities to understand how economic actors navigate risk in global markets. Alliances and formal treaties are associated with new agreements between networks, increasing digital interdependence between states. This result holds across different controls, robustness checks, and sensitivity analyses. Substantively, a treaty is associated with a 58 per cent increase in the number of agreements to route data directly between networks across borders.
An alternative to cybersecurity externalities is direct state intervention – states may encourage networks to route data through countries with which they have positive relations, or firms may fear government intervention during conflict, rather than cybersecurity risks. I carry out two analyses to test the limitations of a state-first story. States intervene in digital interdependence by strategically investing in digital infrastructure and submarine cables. I restrict my analysis to dyads connected through physical infrastructure before the analysis, finding that conflict expectations continue to significantly impact networks’ routing decisions. Furthermore, states effectively politicize trade through state ownership (Davis et al. Reference Davis, Fuchs and Johnson2019). State ownership is relatively common among Internet service providers, so we may expect state-owned networks to align more intensely with security policy. The effect of conflict expectations on digital interdependence limited to state-owned networks is indistinguishable from the global effect. Overall, the paper provides robust evidence that power politics influence the vast decentralized network shaping the global digital economy.
Why should we care about the relationship between digital interdependence and power politics? This paper updates and adapts our existing theories of economic interdependence to the digital age. It explains how states are interdependent through data flows and digital infrastructure, highlighting the private actors driving this phenomenon. We exist in an ‘age of digital interdependence’ as the Internet links societies in a way previously unimaginable (High-level Panel on Digital Cooperation 2019), yet we know little about the politics of this new world.
States have fewer mechanisms to control digital interdependence than economic interdependence and often attempt to depoliticize data routing. However, conflict generates cybersecurity risks, aligning the Internet’s structure with conflict expectations. States do not need to directly influence digital interdependence, or even possess the capacity to do so, for the Internet to align with security policy. Firms and their networks directly experience the consequences of deteriorating interstate relations. Recognizing this dynamic deepens our understanding of the politics of interdependence (Cooper Reference Cooper1986; Deutsch Reference Deutsch1954; Farrell and Newman Reference Farrell and Newman2019; Gartzke et al. Reference Gartzke, Li and Boehmer2001; Keohane and Nye Reference Keohane and Nye1977; Rosecrance and Stein Reference Rosecrance and Stein1973), digital infrastructure (Gohdes Reference Gohdes2015, Reference Gohdes2024; O’Hara and Hall Reference O’Hara and Hall2021), and the effects of international security on the global economy and trade (Anderton and Carter Reference Anderton and Carter2001; Gowa and Mansfield Reference Gowa and Mansfield1993; Long Reference Long2008; Mansfield and Bronson Reference Mansfield and Bronson1997; Polachek Reference Polachek1980; Pollins Reference Pollins1989a, Pollins, Reference Pollins1989b).
Digital Interdependence
Interdependence is a defining feature of the international system (Deutsch Reference Deutsch1954; Rosecrance and Stein Reference Rosecrance and Stein1973), generating policy coordination challenges (Cooper Reference Cooper1986), promoting or undermining stability (Gartzke et al. Reference Gartzke, Li and Boehmer2001), and providing states power to influence others (Farrell and Newman Reference Farrell and Newman2019; Keohane and Nye Reference Keohane and Nye1977). We know a lot about economic interdependence – what is digital interdependence?
Every Internet-connected device within two borders – one physical and one digital. For example, a reader may access this article in the USA and within a university’s network. The Internet is not one network; it is an interdependent system of independent subnetworks called Autonomous Systems (ASes). These networks are operated by Internet service providers, universities, hosting companies, or digital service providers – any organization that wants to manage part of the Internet. The physical border is where the device is located on the map, and the digital border is the Internet subnetwork that services the device.
These networks need to connect with one another to reach devices in other networks – they cannot provide Internet access otherwise. ASes determine the routing rules within their networks – how data gets to each address within their borders. Individual network operators then negotiate routing relationships for how data enters and exits their borders. They directly exchange traffic either peer-to-peer (reciprocal and unpaid) or provider-to-customer (reciprocal and paid). Due to traffic ratios, networks peer when they are a similar size and pay when one network is larger (D’Ignazio and Giovannetti Reference D’Ignazio and Giovannetti2009; Economides et al. Reference Economides, Majumdar, Vogelsang and Cave2005; Huston Reference Huston1998). In both cases, networks carry data for one another, and data flows directly between the two networks.
A useful analogy for Internet networking is a mail system. An AS is like a post office, and a computer is like an individual with an address. Address ZIP codes indicate which post office delivers the mail to the front door. Governments determine how mail transits between post offices, but post offices create local routes to deliver mail to mailboxes. Local post offices do not need to know anything about outgoing mail other than the identity of the other post office that services the address. Large organizations (office buildings, universities, corporations) effectively have their own post office – the government post office does not deliver each letter to each individual. The post office delivers all mail to one address, and the mail room delivers it to the final destination. In the mail system, the government determines how networks connect – on the Internet, the networks negotiate these rules themselves.
Just like firm-level decisions scale up to economic interdependence, individual routing decisions scale up to digital interdependence – how data enters and exits a country’s borders to reach global addresses. For example, Edmundson et al. (Reference Edmundson, Ensafi, Feamster and Rexford2018) found that, to access popular websites, 72 per cent of Indian and 84 per cent of Brazilian user data traversed through the USA, and 33 per cent of Kenyan access was routed through Mauritius. The routes determine this dependence – networks in Brazil rely on routes through US networks, and networks in Kenya rely on routes through Mauritius.
Just as forgoing trade drags a nation’s economy, forgoing digital interdependence creates Internet infrastructure inefficiencies, increasing prices and reducing speeds (Box and West Reference Box and West2016; Chavula et al. Reference Chavula, Phokeer, Formoso and Feamster2017). For example, 66.8 per cent of intra-African Internet traffic has to leave the continent because of low interdependence between African networks (Gupta et al. Reference Gupta, Calder, Feamster, Chetty, Calandro, Katz-Bassett, Faloutsos and Kuzmanovic2014). Networks refusing interconnection can impact entire regions. Most famously, US-based Cogent and Sweden-based Telia, among the largest networks in their respective regions, stopped exchanging traffic in March 2008. Without direct pathways for data, large portions of the Scandinavian and the US Internet could not reach one another, effectively ‘partitioning the Internet’.Footnote 1 Even with other paths, links between Cogent and Telia customers became slower and more expensive. Independent networks determine where, how, and when data moves into and out of their networks, scaling up to the structure of global data flows.
Efficiency and the Internet’s Structure
Research on interdependence and power politics begins with purely economic and structural models, such as the gravity model of trade (Gowa Reference Gowa1994, 43; Keshk et al. Reference Keshk, Pollins and Reuveny2004, 1160; Long Reference Long2008, 83; Polachek Reference Polachek1980, 60; Pollins Reference Pollins1989b, 468; Savage and Deutsch Reference Savage and Deutsch1960, 552). States are interdependent because trade provides efficiency through comparative advantage, and they tend to become more interdependent with states that are geographically close or have complementary product profiles (Linnemann Reference Linnemann1966; Tinbergen Reference Tinbergen1962).
The baseline equivalent for data exchange is that networks seek speed and stability within their price constraints (Holme et al. Reference Holme, Karlin and Forrest2008; Lodhi and Dovrolis Reference Lodhi and Dovrolis2010; Marcos et al. Reference Marcos, Chiesa, Dietzel, Canini and Barcellos2020). Networks choose partners depending on their size (how much data they need to send), transit demands (where their data needs to go), potential partners’ sizes (how much data they can receive), and infrastructural limits (where they can exchange data) (Economides et al. Reference Economides, Majumdar, Vogelsang and Cave2005; Greenstein Reference Greenstein2020; Norton Reference Norton2014; Weller and Woodcock 2013). Barriers exist due to structural constraints familiar to the non-digital economy – insufficient infrastructure (Rosa Reference Rosa2021), linguistic differences (Fanou et al. Reference Fanou, Francois, Aben, Mirkovic and Liu2015), or mismatched licensing regimes (Schumann and Kende Reference Schumann and Kende2013).
The Internet’s design prioritizes individual network decisions over central planning, and routing rules are self-organizing and highly decentralized (Feamster et al. Reference Feamster, Winick and Rexford2004; Hall et al. Reference Hall, Anderson, Clayton, Ouzounis and Trimintzios2011). In most countries, firms negotiate data routes without a regulatory backstop, and policymakers worldwide refrained from interfering in data routing decisions while passing rules on technical issues like net neutrality (Besen and Israel Reference Besen and Israel2013; Clark et al. Reference Clark, Lehr and Bauer2011; Singer Reference Singer2014). Meier-Hahn (Reference Meier-Hahn2016) surveys global Internet regulations, finding that ‘There is no central feature of the Internet that has been subject to as little formal regulation as Internet interconnection’. This is a distinct feature of the Internet’s structure. In the USA, for instance, traffic exchange between telephone companies was always regulated, but regulators quickly found that their usual methods of understanding market size and scope did not translate to Internet interconnection (Maida Reference Maida2013). Both economic and digital interdependence reflect an underlying efficiency – the question is then how power politics shapes firms’ behaviours.
Economic Interdependence and Power Politics
Why do we need a new explanation for why power politics shape digital interdependence? After all, there is robust evidence that power politics shapes economic interdependence. The literature proposes four mechanisms linking power politics to firms’ behaviours – sanctions, tariffs, boycotts, and contracts. Wars and disputes create risks through these channels (Anderton and Carter Reference Anderton and Carter2001; Gowa and Mansfield Reference Gowa and Mansfield1993; Mansfield and Bronson Reference Mansfield and Bronson1997; Polachek Reference Polachek1980). Alliances and formal treaties reduce the likelihood of conflict between signatories (Bearce et al. Reference Bearce, Flanagan and Floros2006; Leeds Reference Leeds2003; Long et al. Reference Long, Nordstrom and Baek2007; Mattes and Vonnahme Reference Mattes and Vonnahme2010; Owsiak and Frazier Reference Owsiak and Frazier2014), promoting bilateral trade by reducing conflict-related risks (DiGiuseppe and Kleinberg Reference DiGiuseppe and Kleinberg2019; Long Reference Long2008; Morrow Reference Morrow1999; Pollins Reference Pollins1989b). States are also encouraged to reduce tariffs on allied states due to positive externalities (Gowa Reference Gowa1989). Yet, none of the existing mechanisms fit data flows as closely as traditional trade, and states make deliberate attempts not to politicize digital interdependence during conflicts.
Sanctions
Sanctions are the primary way states restrict firms from trading (Jentleson Reference Jentleson2022). While sanctions occur outside of conflict to achieve political change through non-violent means, they are also explicit complements to war and accompany military disputes (Clark and Reed Reference Clark and Reed2005; Mulder Reference Mulder2022). Many well-known sanctions began after states became militarily hostile, including UK sanctions during the Falklands War and US sanctions against Iran in 1979. Conflict reduces trade because states force firms to comply with sanctions, and alliances promote trade because they reduce the risk of conflict-related sanctions. Importantly, sanctions have to be clear and credible for firms to comply with them since non-compliance creates significant revenues (Morgan and Bapat Reference Morgan and Bapat2003).
However, states commonly exempt interconnection agreements from sanctions. The US Office of Foreign Asset Control (OFAC) amended the Cuban Assets Control Regulations (CACR) in 2009 to address telecommunications, enabling companies to connect with Cuban providers.Footnote
2
In 2010, OFAC added language to the Sudan and Iranian asset control regulations to ‘enable personal communications over the Internet’.Footnote
3
OFAC issued general license
${\rm{\S}}$
515.542 in 2015, explicitly allowing US companies to peer with ETECSA, the Cuban state-run telecommunications provider, which continues to today.Footnote
4
This license also covers transactions (including payments in US dollars) for establishing connections with ETECSA, such as fibre-optic cable and satellite facilities. In 2024, ETECSA exchanges data with networks in the US, France, and Italy. Networks in other heavily sanctioned states, including Syrian Telecom and CANTV Venezuela, openly exchange data traffic.Footnote
5
The EU Council clarified its Russia sanctions in June 2022, ensuring that sanctions ‘do not apply to funds or economic resources that are strictly necessary for the provision of electronic communications services by Union telecommunication operators’.Footnote
6
Furthermore, many agreements are peer-to-peer, with no financial exchange, and there are no known cases where a government-sanctioned unpaid data exchange.Footnote
7
Tariffs
While the economic statecraft literature focuses on sanctions, states also use tariffs to align firms with security policy (Baldwin Reference Baldwin1985, 50; Gowa Reference Gowa1994, Ch. 4; Polachek Reference Polachek1980, 60). China placed an anti-dumping tariff on Australian wine and barley in 2020 after Australian Prime Minister Scott Morrison called for ‘an objective, independent assessment’ of how the COVID-19 pandemic began.Footnote 8 In 2019, India revoked Pakistan’s most-favoured-nation status after the Pulwama attack that killed over forty members of the Indian Central Reserve Police Force, raising prices for Pakistani goods.Footnote 9 States gain security benefits from allies’ economic growth and use tariffs to shape trade with this in mind (Gowa Reference Gowa1994).
However, data flows and interconnection agreements are not subject to tariffs. The Information Technology Agreement, adopted after the Uruguay Round in 1996, significantly restricts tariffs on several parts of the digital economy (Burri Reference Burri2017). In 1998, the WTO’s Second Ministerial Conference announced the Global Declaration on E-Commerce, which placed a moratorium on customs duties for electronic transmissions.Footnote 10 This moratorium is currently set to continue until at least 2026. States cannot align firms with security policy by placing tariffs on data routes to adversaries or lowering tariffs on data routes to allies. Again, states lack a key policy lever.
Boycotts
In addition to government intervention, consumer preferences and boycotts drive the trade-power politics relationship from the bottom up. This is the logic behind economic nationalism – conflicts reduce consumer demand for goods and services from adversarial nations. Importers experience a drop in demand and adjust their purchasing to non-boycotted countries to preserve market share (Heilmann Reference Heilmann2016; Trentmann Reference Trentmann and Feldman2019). This can occur without an official government policy prohibiting purchases from the other state. As Pollins (Reference Pollins1989a) notes, boycotts are most plausible as a mechanism when consumers can identify products by their country of origin and less plausible in intermediate goods where consumers have fewer opportunities to discriminate (p. 740).
However, interconnection is a business-to-business transaction. The public (Internet-consuming businesses and individuals) does not directly purchase data exchange agreements. The public purchases Internet access from the networks, which then interconnect with one another and drive digital interdependence. Consumer boycotts are a bottom-up mechanism shifting the demand curve for products or services from adversarial states. For boycott risks to explain the digital interdependence-power politics relationship, consumers would need to both (1) know how their provider routes their data and (2) switch to a provider with different routing behaviours. Neither of these assumptions is plausible.
Contracts
Firms rely on contract enforceability to prevent cheating and settle disputes (Dixit Reference Dixit2003). Authors have noted for over a hundred years that wars interfere with contracts between firms through force majeure (Hall Reference Hall1918) and expropriation (Harris Reference Harris1961). Long (Reference Long2008) argues firms rely on allied markets because ‘As the institutional mechanisms for enforcing contracts or arranging compensation when a contract is broken become unreliable, firms will attain no recompense for breaches of contract by a trade partner’ (p. 86).
However, 99.5 per cent of agreements between networks are ‘handshake agreements’ without formal or written contracts (Marcos et al. Reference Marcos, Chiesa, Dietzel, Canini and Barcellos2020; Weller and Woodcock 2013; Woodcock and Frigino Reference Woodcock and Frigino2021).Footnote 11 Agreements do not rely on states enforcing contracts or the threat of legal repercussions. Interconnection either benefits both networks or, when paid, can be withdrawn by either party. If agreements do not rely on mutually enforceable contracts in the first place, then there is no risk from disruptions in enforceability, and the promise of stable contracts with firms in allied states would not push firms to negotiate new agreements.
Power Politics and the Internet’s Structure
Why should international security shape digital interdependence? States sign treaties and make alliance commitments, shaping firms’ expectations of future conflicts. Rather than the risk of direct intervention, the prospect of conflict brings significant cybersecurity externalities. Over the past two decades, both state and non-state actors have leveraged cyberspace during wars, smaller military disputes, and diplomatic crises. Computer scientists have demonstrated that cybersecurity risks spread through networks’ routing decisions – interdependent networks are mutually vulnerable to attacks. This dynamic shapes how networks interconnect outside of conflict. This is different from the weaponized interdependence literature, which focuses on how states work with domestic firms to monitor global data flows from a central position (Farrell and Newman Reference Farrell and Newman2019). Instead, interdependence is weaponized as data routes carry attacks, and firms’ networks are directly disrupted. Alliances and treaties, by reducing conflict and cybersecurity risk expectations, increase the interdependence between two states’ Internet spaces.
Treaties and Alliances Shape Conflict Expectations
Alliances help states manage competition and avoid war (Bearce et al. Reference Bearce, Flanagan and Floros2006; Leeds Reference Leeds2003; Owsiak and Frazier Reference Owsiak and Frazier2014), and they are viewed by the international community as a credible signal of two states’ intentions to cooperate (Morrow Reference Morrow1994; Smith Reference Smith1995, Reference Smith1998). States even use alliances to manage relationships with potential enemies and reduce the likelihood of conflict (Weitsman Reference Weitsman2004) or apply pressure to allies to maintain restraint against third parties (Pressman Reference Pressman2012). Treaties do not have to contain full alliances with defensive commitments to shape conflict expectations. Non-aggression pacts without concrete defensive obligations reduce the likelihood of conflict between signatories (Long et al. Reference Long, Nordstrom and Baek2007; Lupu and Poast Reference Lupu and Poast2016; Mattes and Vonnahme Reference Mattes and Vonnahme2010; Warren Reference Warren2016).
Firms’ choices on how to route data are determined by their desire for speed and reliability (Holme et al. Reference Holme, Karlin and Forrest2008; Lodhi and Dovrolis Reference Lodhi and Dovrolis2010; Marcos et al. Reference Marcos, Chiesa, Dietzel, Canini and Barcellos2020). Firms’ choices about who to trade with are motivated by a desire to maintain market share and profits, not only at the current moment, but into the future. This is why firms’ conflict expectations, and not only conflict itself, influence trade (Long Reference Long2008). As Pollins (Reference Pollins1989b) points out, ‘a buyer could choose a seller from a friendly nation in order to minimize the possibility of economic disruption’ (p. 741). Firms negotiating data routes must do the same – manage risk among their existing partners to ensure stability and speed while minimizing potential disruptions. The concern in this case is identifying the risk from connections to countries that may be future adversaries. Drawing on computer engineering, I explain that interdependence creates vulnerability to cyberattacks and externalities, and the prospect of future conflicts increases the potential for cyberattacks from both state and non-state actors. Firms’ networks rapidly become part of escalating interstate conflicts.
Conflicts Create Cybersecurity Risks
Worsening relations increase the risk of cyberattacks across borders. The cybersecurity literature is sceptical that cyberattacks alter the balance of power or fundamentally change warfare (Gartzke Reference Gartzke2013; Rid Reference Rid2013; Valeriano and Maness Reference Valeriano and Maness2015). However, cyberattacks, even if they do not change the course of wars, frequently accompany them (Kostyuk and Zhukov Reference Kostyuk and Zhukov2019). Wars and invasions often begin with cyberattacks. Russia launched distributed-denial-of-service (DDoS) attacks against Georgian and Ukrainian networks before land invasions in 2008, 2014, and 2022.Footnote 12 In 2016, the Australian Signals Directorate targeted Islamic State militants to assist the Iraqi Army with retaking Mosul.Footnote 13 While cyberattacks may not be decisive in conflict, they create significant disruptions for states in conflict.
Even if cyberattacks have a weak record of shaping war, experts still anticipate that wars increase cybersecurity risks. Former NSA Director Keith Alexander said in 2009 that ‘If you think about it, phase zero of the next war, I think, is going to be in [the cyber domain]’.Footnote 14 As Russia prepared in December 2021 to invade Ukraine, Angus King (I-ME) told reporters, ‘I don’t think there’s a slightest doubt that if there is an invasion or other kind of incursion into Ukraine, it will start with cyber’.Footnote 15 The 2023 US Department of Defense Cyber Strategy states, ‘In the event of conflict, the PRC likely intends to launch destructive cyber attacks against the US Homeland’.Footnote 16 Actors believe wars create cybersecurity risks even if they have not materially changed war, and wartime attacks have economic consequences even if they do not shift the battlefield.
Militarized threats and disputes short of war increase the likelihood of cyberattacks. In 1999, the US National Infrastructure Protection Center issued an advisory noting ‘multiple reports of hacking and cyber activity directed at US government computer networks, in response to the accidental bombing of the Chinese embassy in Belgrade’ (Lin Reference Lin2012). DDoS attacks, which are particularly damaging through interdependence, are commonplace during interstate disputes below the war threshold (Nazario Reference Nazario, Czosseck and Geers2009). China allegedly carried out DDoS attacks against the USA following a high-profile mid-air collision between US and Chinese military planes in 2001. In 2007, Russia launched attacks against Estonian networks during a dispute over Soviet-era World War II memorials in Tallinn. Estonia blocked all international web traffic to mitigate the attack, effectively cutting all international interconnections. In 2019, the USA carried out cyberattacks on Iran in the wake of its drone attacks on Saudi Arabian oil facilities.Footnote 17 Security crises short of war create cybersecurity risks.
Cybersecurity risks occur alongside traditional risks arising from diplomatic disputes. As discussed earlier, China levied tariffs on Australia after Prime Minister Scott Morrison called for an investigation into the origins of COVID-19. In addition to tariffs, Australia observed a large spike in cyberattacks, which experts attributed to Chinese retaliation.Footnote 18 In 2024, Australia revealed that twenty Australian MPs belonging to the Inter-Parliamentary Alliance on China (IPAC) were targeted in the months after the diplomatic spat.Footnote 19 While dispute-related tariffs did not increase the cost of interconnection with China, the dispute increased cybersecurity risks from China.
Furthermore, even if states refrained from attacking one another through cyberspace during crises and disputes, their citizens often take matters into their own hands. This is linked to the ‘rally around the flag’ – individuals become more nationalistic and patriotic when their nation faces a threat from a foreign enemy (Mueller Reference Mueller1970; Parker Reference Parker1995). This mechanism underpins the economic nationalist argument for the trade-interdependence relationship (Heilmann Reference Heilmann2016; Michaels and Zhi Reference Michaels and Zhi2010; Trentmann Reference Trentmann and Feldman2019). This is one of the unique aspects of conflict in the cyber domain – state and non-state actors interact in the same space. While the public does not directly consume data exchange agreements (and influence digital interdependence through the demand curve), they do have the opportunity to cause harm through digital interdependence.
Attacks from ‘patriotic hackers’ have targeted both government and non-governmental actors in adversarial states for at least twenty years (Denning Reference Denning, Arquilla and Ronfeldt2001). Worsening relations between states prompt nationalist groups to target perceived enemies. In 2003, after Secretary of State Colin Powell addressed the Security Council, the US government issued a warning to American citizens carrying out attacks against Iraq.Footnote 20 Non-state hacker groups in India and Pakistan defaced public websites and carried out DDoS attacks after the 2008 Mumbai terrorist attacks and the 2016 Uri border clashes (Baezner Reference Baezner2018). Vietnamese and Chinese hackers defaced websites during the Spratly Islands dispute in 2011.Footnote 21 Russian-aligned group Killnet launched DDoS attacks against Lithuania in 2022 after Vilnius banned the transit of goods from Russia to Kaliningrad. In 2023, ‘Anonymous Sudan’ claimed responsibility for a DDoS attack against Microsoft in response to news of a potential US invasion. Even if states refrained from escalating conventional conflict and disputes into cyberspace, their citizens could disrupt their adversaries regardless.
Interdependence Transmits Cybersecurity Externalities
Cyberattacks move through the routes networks negotiate, wreaking havoc on a network’s customers (Christin Reference Christin2011). Networks do not want to directly exchange traffic with counterparts hosting malicious actors (Konte et al. Reference Konte, Perdisci and Feamster2015). Mustafa et al. (Reference Mustafa, Dey and Yuksel2022) found that the ability to handle malicious traffic was the most common interconnection requirement among the 1,295 US ASes. Meier-Hahn (Reference Meier-Hahn2017) wrote for RIPE Labs (part of the non-profit Internet registry for Europe, the Middle East, and parts of Central Asia) that ‘A network operator may legitimately shut down a peering session when his network receives malicious traffic (such as a DDoS attack) from its neighbours’. Cybersecurity company Cloudflare noted in a presentation to RIPE NCC that networks often de-peer partners that send significant attack traffic.Footnote 22 Dourado (Reference Dourado2012) describes ‘de-peering’ as the ‘ultimate enforcement mechanism’ against insecure networks, allowing the Internet to promote security practices without formal rules (p. 9).
Networks publicly drop transit clients due to cybersecurity risks and malicious traffic. In 2008, journalists investigated Internet host McColo, which allowed cybercriminal gangs to operate without restrictions. McColo was responsible for 75 per cent of the daily spam emails in the USA and hosted the botnets Rustock, Srizbi, Pushdo/Cutwail, Ozdok/Mega-D, and Gheg.Footnote 23 Immediately after the report, Hurricane Electric and Global Crossing, two of the Internet’s largest data transit networks, cut off McColo from their services. Global Crossing justified the decision based on the risk to their peers and customers.Footnote 24 The effects were profound – de-peering McColo immediately decreased global email spam by 70 per cent. Malicious ISP Atrivo was dropped by its providers the same year due to poor cybersecurity practices.Footnote 25 In 2022, two US-based Internet backbone companies – Cogent and Lumen – referenced cyberattacks when de-peering Russian clients. Cogent stated the company did not want its data transit routes to be ‘used for outbound cyberattack or disinformation’.Footnote 26 Lumen explained to its Russian clients, ‘We have not yet experienced network disruptions, but given the increasingly uncertain environment and the heightened risk of state action, we took this move to ensure the security of our and our customers’ networks’.Footnote 27 Interdependent networks generate significant risk for one another, and providing data transit for a network with significant outbound malicious activities has significant costs.
Networks ‘de-peer’ because malicious traffic interferes with their networks – they are either voluntarily carrying data with no direct benefit or providing data transit to a network that harms their other customers. By de-peering the target network forces traffic through other channels, delaying it or raising the cost for the malicious actor. Importantly, this occurs without direct state intervention or regulatory capacity – interdependence with a network sending malicious traffic creates a direct risk to the network’s stability.
Distributed denial of service attacks (DDoS), where attackers overwhelm target networks through data traffic, are one prominent example where digital interdependence directly determines opportunities to exploit networks (Hui et al. Reference Hui, Kim and Wang2017).Footnote 28 Returning to the mail system analogy, a DDoS attack would be one person sending a thousand letters to another. Faced with so much information, the recipient would have to slow down to identify the good information from the bad, or just stop reading their mail. Additionally, the post office has to deliver each letter, interfering with its ability to get mail to everyone else in the neighbourhood. The malicious mail is coming from another post office’s address area, and it is easier to carry out attacks through nearby post offices.
These attacks are widespread and damaging – Zayo Bandwidth, a large telecommunications company, reported 103,000 DDoS attacks against its customers in 2023 alone.Footnote 29 The ‘Slammer Worm’ was one DDOS-based cyberattack that proliferated via data exchange agreements. In January 2003, the attack affected 75,000 hosts within ten minutes, shutting down Internet services in South Korea for hours and creating Internet outages in Thailand, Japan, Malaysia, the Philippines, and India.Footnote 30 The worm searched for nearby nodes to proliferate, overwhelming routers belonging to networks in adjacent networks. The networks directly exchanging data were the next ones targeted by the vulnerability (Moore et al. Reference Moore, Paxson, Savage, Shannon, Staniford and Weaver2003).
To summarize, firms seeking stable, fast, and efficient access to global Internet resources exchange data traffic with counterparts across the Internet. These individual decisions scale up to digital interdependence – states’ mutual reliance on accessing data across the Internet. Historically, international security shapes interdependence by forcing firms to manage risks from boycotts, sanctions, tariffs, and contracts. However, the public does not consume data exchange agreements, states are reluctant to sanction digital interdependence, data transmissions are exempt from tariffs, and these agreements do not rely on contracts. Despite this, international conflict and disputes increase cybersecurity risks due to both state and non-state activity. Interconnection creates cybersecurity vulnerability between networks, often influencing their data routing decisions. Firms, seeking to minimize the disruption from cyberattacks and maintain robust access to global data flows, should align their routing decisions with conflict expectations to minimize conflict-related cybersecurity risks.
Methods and Data
The analysis uses the gravity model, a common econometric tool in the study of trade, including studies on the effects of security on trade (Gowa Reference Gowa1994; Keshk et al. Reference Keshk, Pollins and Reuveny2004). In the canonical model, imports between countries
$i$
and
$j$
are a function of the size of their economies and a transaction cost term. This cost is often measured as distance but can also be border walls, similarities in regulatory regimes, or rivalry. Instead of trade flows, I model the number of interconnection agreements between networks in two countries as a function of their bilateral security relationship. While the gravity model typically models imports from
$i$
to
$j$
, this analysis relies on the more general model of the total volume between
$i$
and
$j$
.

In the above equation, the expected interdependence between networks in countries
$i$
and
$j$
in month
$t$
(
${y_{ijt}}$
) is modelled through time-varying fixed effect
${\alpha _{it}}$
for country
$i$
and
${\gamma _{jt}}$
for country
$j$
, where
${\eta _{ij}}$
controls the time-invariant dyadic relationship between countries
$i$
and
$j$
.
This high-dimensional fixed effect approach is the ‘three-way gravity model’ common in the literature (Anderson Reference Anderson2011; Baldwin and Taglioni Reference Baldwin and Taglioni2006; Baltagi et al. Reference Baltagi, Egger and Pfaffermayr2003; Baltagi et al. Reference Baltagi, Egger, Pfaffermayr and Baltagi2015; Carter and Poast Reference Carter and Poast2020; Gowa and Hicks Reference Gowa and Hicks2013; Weidner and Zylkin Reference Weidner and Zylkin2021; Yang and Zhang Reference Yang and Zhang2023). This specification controls for all time-variant country-level factors affecting Internet interconnection (infrastructure investment, country-specific business cycles, the number of Internet users), along with time-invariant dyadic factors affecting the two countries (distance, contiguous borders, shared language, colonial relationships). Following best practices, I use two-way clustering standard errors for the dyad and month (Aronow et al. Reference Aronow, Samii and Assenova2015; Carlson et al. Reference Carlson, Incerti and Aronow2024). With this model in place, I measure the number of interconnection agreements between networks in a dyad in the period before and after a treaty, conditional on the fixed effects.
Measuring Digital Interdependence
The Center for Applied Internet Data Analysis (CAIDA) gathers detailed Internet routing data. This paper leverages two CAIDA datasets, AS Relationships with agreements between networks (The CAIDA UCSD AS Relationships Dataset, 2010-2018, 2013), and AS Organizations mapping autonomous system numbers to organizations (The CAIDA UCSD Inferred AS to Organization Mapping Dataset, 2010-2018, 2014). CAIDA collects Internet routing data by working with partners to contact hosts and record how the Internet routes connections (Dimitropoulos et al. Reference Dimitropoulos, Krioukov, Fomenkov, Huffaker, Hyun, Claffy and Riley2007; Dimitropoulos et al. Reference Dimitropoulos, Krioukov, Huffaker, Claffy and Riley2005; Luckie et al. Reference Luckie, Huffaker, Dhamdhere, Giotsas and Claffy2013). This data are monthly lists of networks directly exchanging data traffic.
To measure interdependence, I match AS numbers to states. However, AS ownership and location change over time. CAIDA publishes information about AS ownership using data from Internet registries dating to 2004 in four-month intervals. Each entry includes the autonomous system number, a self-reported country, organization identification, and some basic information about network owners. I combine the four-month snapshots of AS ownership into one dataset with owners of AS numbers for the entire period. I am primarily interested in where the network is operating rather than where the organization owning the network is registered or located. I compare the network IP delegation file (which says which IP addresses the AS routes to) to an IP geolocation dataset (which says where those IP address blocks are) to confirm the primary physical location of IP addresses for each AS.
I merge and clean the CAIDA datasets to construct the number of agreements between networks in two countries (
$i,j$
) in each month (
$t$
). I combine both peer-to-peer and customer-to-provider agreements in this analysis. There are several important reasons for this. All agreements, regardless of type, involve direct data exchange across networks. Cybersecurity externalities pass through agreements of either type – these agreements are, at the technical level, the same as part of the Border Gateway Protocol. We have no theoretical justification for why international security would affect one of these types of agreements but not the other. Furthermore, researchers at CAIDA know agreements exist but infer the type from each agreement’s place in the larger network. There are also paid peering relationships in addition to unpaid peering relationships. We cannot be entirely confident whether the tag of provider-to-customer or peer-to-peer is correct, only that the two networks have a direct relationship. Certainly, the world of Internet measurement is more complex than I consider here. However, given the fixed effects specification, we can control for the number of networks in each country and other factors, isolating how dyad-level political factors affect the density of Internet interconnection between states’ Internet spaces.
This data has limitations. While CAIDA has the most comprehensive Internet topography measurements dataset, there may be portions of the Internet space where CAIDA has less visibility. However, there is no reason to believe that a measurement error, such as missing agreements, is correlated with conflict expectations. The data source would be biased if CAIDA had less visibility or monitoring capabilities in countries signing treaties.Footnote 31 CAIDA does not provide information about data exchange prices, data flow capacity within agreements, or actual data flows. This data at scale has never been available for academic research and does not exist at the global level (Nguyen and Paczos Reference Nguyen and Paczos2020; Nicholson and McHenry Reference Nicholson and McHenry2016). An agreement indicates that data is flowing between two networks, and the absence of an agreement means that data is not flowing directly between two networks.
The measures in this paper improve significantly on previous measures of digital interdependence. Freund and Weinhold (Reference Freund and Weinhold2002) and Lopez Gonzalez and Ferencz (Reference Lopez and Ferencz2018) measure interdependence by interacting with dyadic Internet penetration rates and IP-address space size. This indicates that countries depend on the Internet, but not that they are interdependent. Blum and Goldfarb (Reference Blum and Goldfarb2006) and Cowgill and Dorobantu (2014) measure cross-border data flows through Google transaction patterns and click streams. However, this is platform-dependent – Google patterns differ from Facebook patterns, and platform usage varies widely cross-nationally. Data exchange remains a fundamental part of the Internet despite the rise of cloud platforms and content delivery networks (CDNs) because local providers must still get their data to local cache servers (Huston Reference Huston2016; Kolkman et al. Reference Kolkman, Robachevsky, Gahnberg and Badran2022). CAIDA’s datasets are standard within the networking literature and have been used to understand the effects of data privacy laws on the Internet’s structure in Europe (Zhuo et al. Reference Zhuo, Huffaker, Claffy and Greenstein2021).
There are 173 countries in this analysis, resulting in 29,070 unique directed dyads over ninety-six months from January 2010 through December 2017. In January 2010, there were 61,632 agreements between networks in these dyads. By December 2017, the number of agreements increased by 253.1 per cent to 217,618.Footnote 32 Figure 1 contains the number of dyads with at least one direct agreement and the total number of international agreements. In January 2010, 8.7 per cent of dyads had at least one connection. By December 2017, 17.1 per cent of dyads had at least one connection. This is a non-stationary process where cross-border agreements increase an average of 1.37 per cent per month.

Figure 1. Trends in Digital Interdependence (January 2010–December 2017).
Between 2010 and 2017, 21,730 of the 29,070 dyads never had a direct agreement. Among dyads with at least one agreement, 48.3 per cent of the individual observations are zero. This is a widely recognized challenge for gravity and fixed effects models. The gravity approach models logarithmic trade values, which are undefined for zero, and drops all zero values. There are significant drawbacks to adopting this approach for digital interdependence – both zero and changes from zero have substantive importance. In trade data, zeros are often assumed to be positive but undetectable flows. In digital interdependence, zero is a substantive value, indicating that no networks directly exchange traffic. A change from zero to one is critical since it indicates that data can directly flow between networks operating in the two Internet spaces.
I adopt Santos Silva and Tenreyro’s (Reference Santos Silva and Tenreyro2006) solution, modelling raw agreement values as count data with a Poisson distribution. While Santos Silva and Tenreyro (Reference Santos Silva and Tenreyro2006) model continuous data, interconnection is measured as a count variable. The average number of dyadic connections is 4.39 with a range between 0 and 4898 (BR-US in December 2017) and a standard deviation of 59.6. I account for this distribution and overdispersion with a quasipoisson approach.Footnote 33
Alliances and Treaty Obligations
I use the Alliance Treaty Obligations and Provisions Project (ATOP) data on military agreements to measure conflict expectations (Leeds et al. Reference Leeds, Ritter, Mitchell and Long2002). Version 5.0 covers all agreements between 1815 and December 2018, containing ‘formal agreements among independent states to cooperate militarily in the face of potential or realized military conflict’. This includes non-aggression pacts, but not arms sales or military aid agreements unless they include military cooperation obligations. Trade and alliances studies often use ATOP to identify treated dyads (Fordham Reference Fordham2010; Haim Reference Haim2016). Between January 2010 and December 2017, 43 alliance entries into 30 unique treaties affected 640 directed dyads (2.2 per cent). I use the precise date each agreement was signed or when a new signatory entered into an agreement, and code all months after the new event as treated until the agreement ends. The appendix includes a plot containing the distribution of the treatment over time. There are new alliances affecting dyads distributed throughout the eight years in this analysis.
Other Covariates
The fixed effects specification in this design controls for the time-variant country effects and the time-invariant dyadic effects. However, I also control for potential time-variant dyadic covariates to minimize the potential that the effects of alliances are driven by another underlying positive change in states’ political relationships. First, I control for joint WTO membership – during the study period, 11 countries joined the World Trade Organization. Second, I control for bilateral and multilateral trade agreements using the Design of Trade Agreements (DESTA) dataset Version 2.0 (Dür et al. Reference Dür, Baccini and Elsig2014).
Data Follows the Flag
Table 1 reports the main results of the analysis. The first model does not include any other controls, but the fixed effects
${\alpha _{it}}$
,
${\gamma _{jt}}$
, and
${\eta _{ij}}$
capture many typical controls in other analyses. Models 2-4 include different variables capturing the evolving economic relationship across dyads. The results confirm the theory - conflict expectations significantly influence digital interdependence. Coefficients are from a quasipoisson model and substantively interpreted as
$exp(\beta )$
.
Table 1. Effects of Treaties on Digital Interdependence

Model with Sender*Month, Receiver*Month, & Dyad Fixed Effects
Clustered (Dyad & Month) standard errors in parentheses
Signif. Codes: ***: 0.01, **: 0.05, *: 0.1
A treaty is associated with a 58.5 per cent increase in the number of agreements between networks in a dyad, and this effect is statistically significant at the 0.99 level. Models 2–4 add controls for states’ economic relationships. The effect of treaties remains stable across these controls, with the coefficients ranging from 0.4601 to 0.4615. It also remains statistically robust at the 0.99 confidence level. In the appendix, I include a sensitivity analysis dropping treated dyads (with replacement), and this effect does not change substantively and remains statistically robust at the 0.00 confidence level.
State Preferences?
How can we rule out direct state intervention to increase digital interdependence with allies and align networks with security policy, or that the risk from conflict is due to preferences, rather than externalities? There are two ways that states might politicize digital interdependence directly – through investments in infrastructure and state ownership.
States can shape digital interdependence by investing in and interfering with digital infrastructure. For example, in 2017, Facebook and Google proposed investing $300 million to build a fibre-optic cable between Los Angeles and Hong Kong with twelve times the capacity of the existing infrastructure.Footnote 34 In June 2020, the Federal Communications Commission blocked the Chinese portion of the license over Justice Department concerns it would ‘increase the share of US Internet, data, and telecommunications traffic to the Asia Pacific region traversing PRC territory and PRC-owned or -controlled infrastructure before reaching its ultimate destinations in other parts of Asia’ (Office of Public Affairs 2020).
The effect of alliances on interdependence might be driven by firms’ expectations about their state’s future investments in digital infrastructure. I reduce this risk by restricting the analysis to dyads already linked through digital infrastructure before 2010. I measure this link in two ways. First, through fibre-optic cables, which carry approximately 99 per cent of transcontinental data traffic (Starosielski Reference Starosielski2015). These cables are a related but distinct part of digital interdependence. Second, through Internet exchange points, where networks physically meet to exchange traffic.
I gather data on current submarine cables from Telegeography and data on unused or ‘dark’ cables from the Submarine Cable Almanac.Footnote 35 Countries are ‘selected’ if they are partners in a submarine cable meeting at a shared landing point. All contiguous countries are selected due to unmapped terrestrial fibre networks. I also include the three largest terrestrial fibre networks – the European Backbone, the TEA Cable, and the TKK Eurasia Highway.
Internet exchange point data comes from Packet Clearing House (PCH), an international organization that provides support for Internet infrastructure. The PCH ‘IXP Directory’ helps networks identify locations where they can exchange data. I collect this data and manually verify each starting date. In January 2010, there were 319 IXPs in eighty countries. Both of these infrastructures are necessary for the analysis. Without considering IXPs, one could assume landlocked European countries are digital islands, and without submarine cables, it would be unclear whether smaller island nations were connected to anyone. I detail how I collect both the cable and IXP data in Appendix Section 3.
I use this data to select dyads based on the first month (January 2010). I select dyads that are either connected through physical cables (or contiguous) or both have an Internet exchange point. This selection reduces the number of dyads by 67.6 per cent from 29,070 to 9,422. Additionally, the percentage of dyads affected by changes in treaty status increases from 2.2 per cent to 4.7 per cent. The excluded dyads with the greatest digital interdependence are the UK-Zimbabwe and Bulgaria-USA. Table 2 contains the results for the main analysis, limited to dyads with fixed infrastructure costs in January 2010.
Table 2. Effects of Treaties on Digital Interdependence for Dyads Linked in 2010

Model with Sender*Month, Receiver*Month, & Dyad Fixed Effects
Clustered (Dyad & Month) standard errors in parentheses
Signif. Codes: ***: 0.01, **: 0.05, *: 0.1
Similar to the unrestricted sample results in Table 1, the relationship between alliances and peer-to-peer data exchange remains positive and significant. The difference in the effects, controlling for existing infrastructure, is minuscule. The coefficient for the effects of alliances on digital interdependence is 0.0074 smaller. As a simple way of comparing these coefficients, we can conduct a Z test between the full analysis and the constrained analysis (Cohen et al. Reference Cohen, Cohen, West and Aiken2003).Footnote 36 For Model 1, the Z-score is 0.06, indicating that there is no statistically significant difference for the effect of conflict expectations on digital interdependence when limited to dyads connected through physical infrastructure. Future research can examine how states choose to invest or intervene in infrastructure to raise or lower the costs of interdependence with allies and adversaries.
Davis et al. (Reference Davis, Fuchs and Johnson2019) demonstrate that states effectively politicize trade through state-owned enterprises. I restrict my analysis to networks operated by state-owned enterprises to examine whether the effect of conflict expectations is state-driven, rather than externality-driven. If states direct firms to exchange traffic through allies, or if firms anticipate that conflicts lead to direct state intervention, the effect of conflict expectations on interconnection should be greatest for state-owned networks and Internet service providers. Conversely, if cybersecurity risks and conflict externalities drive the relationship, we would expect no difference between the global effect and the effect restricted to state-owned networks.
Carisimo et al. (Reference Carisimo, Gamero-Garrido, Snoeren and Dainotti2021) identified 989 networks operated by 467 state-owned enterprises. State ownership is common – there is at least one network operated by a state-owned enterprise in 125 countries, with China and Russia leading the way. I use this data to create a new dependent variable – the number of agreements where a state-owned enterprise operates at least one of the networks.
Table 3 contains the effects of treaties on digital interdependence through networks operated by a state-owned enterprise. Similar to the analysis for all countries (Table 1) and all countries linked through existing infrastructure (Table 2), alliances and treaties have a positive and significant relationship to digital interdependence. A treaty is associated with a 48.4 per cent increase in the number of agreements between Internet service providers in two states. These effects are smaller than the results for interdependence across all networks. Carrying out the same basic Z test across the estimates, we get a Z-score of 0.49. There is no statistically significant difference in the effect of conflict expectations on digital interdependence due to state-owned enterprises and digital interdependence overall. We would have expected the effect to be stronger if the effect of international security on interdependence was due to state preferences rather than externalities and cybersecurity risk.
Table 3. Effects of Treaties on Digital Interdependence for State-Owned Networks

Model with Sender*Month, Receiver*Month, & Dyad Fixed Effects
Clustered (Dyad & Month) standard errors in parentheses
Signif. Codes: ***: 0.01, **: 0.05, *: 0.1
Contributions
Digital interdependence – countries’ mutual reliance on moving data through the Internet – is not merely a symbolic element of globalization. Fast and stable international data flows are the backbone of the modern global economy (Weymouth Reference Weymouth2023). Networks that forgo interdependence create inefficient infrastructures that undermine access for entire continents (Chavula et al. Reference Chavula, Phokeer, Formoso and Feamster2017; Czernich et al. Reference Czernich, Falck, Kretschmer and Woessmann2011). Asymmetric interdependence creates opportunities for countries to spy and coerce others (Clement and Obar Reference Clement, Obar and Geist2015; Edmundson et al. Reference Edmundson, Ensafi, Feamster and Rexford2018; Farrell and Newman Reference Farrell and Newman2019). How data flows between countries has economic and security implications, yet we have a limited understanding of the politics of digital interdependence.
Power politics shape economic interdependence because of specific risks to firms. Firms seeking to maintain their market share and minimize risk prefer to engage in states where the likelihood of conflict is low (DiGiuseppe and Kleinberg Reference DiGiuseppe and Kleinberg2019; Long Reference Long2008; Morrow Reference Morrow1999; Pollins Reference Pollins1989a, Pollins, Reference Pollins1989b). After all, states determine tariff regimes, driving up prices on goods from adversaries and lowering prices on goods from allies (Baldwin Reference Baldwin1985; Gowa Reference Gowa1994; Polachek Reference Polachek1980). Sanctions restrict trade with adversaries during conflict, punishing domestic firms failing to comply (Clark and Reed Reference Clark and Reed2005; Jentleson Reference Jentleson2022; Mulder Reference Mulder2022). States may not force domestic firms to follow through with commitments they make to firms in warring states (Long Reference Long2008). Consumer preferences and boycotts undermine economic interdependence even without state intervention (Heilmann Reference Heilmann2016; Trentmann Reference Trentmann and Feldman2019).
Firms operating digital networks must exchange data traffic to access the greater Internet. Their routing decisions reflect a need for stable, fast, and affordable access, just as firms trade in international markets to acquire goods and services cheaply and efficiently. States commonly exclude interconnection agreements from sanctions, international rules significantly restrict their ability to tariff them, agreements do not rely on traditional contracts, and they remain obscure to the public.
Yet, firms exchanging data traffic sit along the front line of potential international disputes. I developed a theory that clearly links international security and digital interdependence. Worsening bilateral relations create cybersecurity externalities from both state and non-state actors. This includes states using cyberattacks to prepare ground invasions or respond to diplomatic provocation, and nationalistic groups lashing out at their adversaries through an available medium. Interdependence creates cybersecurity risks as attacks leverage data routes to launch and command attacks. Cybersecurity risks shape how networks exchange data and which partners they drop outside of conflict. Firms, seeking to maintain stable and secure Internet access for their customers, align their external data routes with conflict expectations.
This paper demonstrates how digital interdependence is different from traditional economic interdependence. States retain less direct control over the direction of data flows and digital interdependence than the traditional commodities, goods, and services that create economic interdependence. However, digital interdependence is directly weaponized during conflict, creating cybersecurity risks for the networks negotiating data routes. States do not need to directly prohibit firms from interacting with counterparts across borders – or even possess the capacity to do so – for international security to shape digital interdependence.
To test my theory, I draw on computer network engineering and leverage Internet routing data. The analysis provides robust evidence for the interactions between digital interdependence and power politics. Lowered conflict expectations significantly increase states’ digital interdependence through network operators. This effect survives several sensitivity analyses, including dropping treated dyads and controlling for states’ economic relationships. I carry out two analyses to show that conflict externalities, rather than state preferences, align digital interdependence and power politics. States can influence digital interdependence through infrastructure investments – I limit the analysis to dyads with existing infrastructure links. States also politicize trade through state-owned enterprises – I limit the analysis to only state-owned networks. The effects of conflict expectations on digital interdependence are not significantly different from the overall effect in either case.
This paper does not address several lines of research. If treaties and alliances increase interdependence, and dense data exchanges benefit the digital economy, Internet-dependent firms may lobby for cooperation consistent with the commercial peace. Hurel and Lobato (Reference Hurel and Lobato2018) discuss technology firms as norm entrepreneurs, focusing on efforts to influence cybersecurity policies and international cybercrime cooperation. The Cybersecurity Tech Accord, which includes some of the largest Internet service providers (BT, Orange, NTT, Telefonica), publishes international guidance on peacemaking in cyberspace and invests in multilateral efforts to ensure cyber stability.
Why test the connection between international security and digital interdependence via potential externalities, rather than actual externalities? Future work should address the effects of cyber externalities (cyberattacks) on digital interdependence. One current challenge is bias in existing cybersecurity incident data (Oppenheimer Reference Oppenheimer2024). A study testing the effects of cyberattacks on digital interdependence would have to assume a high level of reporting by private actors. In the absence of reliable cyberattack data, this paper tests whether conflict expectations influence data routing. Experts clearly believe that worsening relations between states create cyber risks, and security and diplomatic disputes often provoke cyberattacks. However, we currently lack the data to connect cyberattacks and digital interdependence.
The Internet is a vast and complex network. This paper addresses one form of digital interdependence – networks exchanging data traffic – but there are other forms of digital interdependence in different layers of the Internet. For example, companies and users in one country use digital services and platforms from other countries. International security may influence whether platforms allow users to access their services. There is evidence that this occurs through geo-blocking, where websites block all user requests originating from a country’s Internet space. For instance, many US-based companies block Cuban users from their platforms (Ablove et al. Reference Ablove, Chandrashekaran, Le, Raman, Ramesh, Oppenheimer and Ensafi2024; Oppenheimer et al. Reference Oppenheimer, Ablove and Ensafi2024). Alternatively, in line with economic nationalism, users may boycott or avoid top-level domains associated with countries at war. For instance, Georgian Internet users may have avoided ‘.ru’ domains after Russia’s invasion in 2008. Future research can theorize and evaluate whether digital interdependence in the Internet’s other layers responds to international security.
Power politics shape digital interdependence. Digital interdependence has several distinct features, and states have fewer ways to align firms negotiating data routing with national security policy. However, cybersecurity risks spread through digital interdependence and common attacks are facilitated by data routing. Firms shaping the Internet’s structure sit along the front lines of conflict as actors exploit data routes for coercive ends.
Supplementary material
To view supplementary material for this article, please visit https://doi.org/10.1017/S0007123425000328
Data Availability Statement
Replication data and code can be found in Harvard Dataverse: https://doi.org/10.7910/DVN/3NDSF4.
Acknowledgments
I am grateful to Avishay Ben Sasson-Gordis, Adam Breuer, Christina Davis, Rachel Hulvey, Iain Johnston, Joshua Kertzer, Gary King, Abraham Newman, Bruce Schneier, Beth Simmons, Dustin Tingley, and Kevin Troy for their feedback. I also thank the anonymous reviewers and editors for their suggestions. Earlier versions of this paper benefited from the Harvard Government Department International Relations Workshop, the Graduate Students in International Political Economy (GSIPE) series, and the 2022 International Political Economy Society Conference. I would also like to thank the Center for Applied Internet Data Analysis (CAIDA) and KC Claffy for making Internet measurements accessible to researchers.
Financial Support
This research was supported by grants from the Harvard Weatherhead Center for International Affairs.
Competing Interests
None.