The United States, Russia, and China Notably Absent from International Cybersecurity Accord

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

International Cybersecurity Accord

The Geneva Convention was signed in 1949, a reaction of sorts to World War II. The Second Great War was completely devastating to Europe, to combatants and civilians alike, and the Convention called for warring parties to treat prisoners of war humanely, and to protect civilians in or around war zones. It’s actually a series of four treaties, and eventually, nations on all continents signed the accord, and the three amendment protocols that were established in 1977 and 2005.

A new agreement, signed on November 12th of this year, is officially called the Paris Call for Trust and Security in Cyberspace, but it’s being casually referred to as the “Digital Geneva Convention.”

Countries signing the agreement include

  • Albania
  • Armenia
  • Austria
  • Belgium
  • Bosnia and Herzegovina
  • Bulgaria
  • Canada
  • Chile
  • Columbia
  • Congo
  • Croatia
  • Cyprus
  • Czech Republic
  • Denmark
  • Estonia
  • Finland
  • France (I would hope so. It was signed in Paris!)
  • Gabon
  • Germany
  • Greece
  • Hungary
  • Iceland
  • Ireland
  • Italy
  • Japan
  • Latvia
  • Lebanon
  • Lithuania
  • Luxembourg
  • Malta
  • Mexico
  • Montenegro Morocco
  • New Zealand
  • Norway
  • Panama
  • Poland
  • Portugal
  • Qatar
  • South Korea
  • Spain
  • The Netherlands
  • United Arab Emirates
  • Uzbekistan

The agreement was also signed by major tech companies Microsoft, IBM, HP, Google, and Facebook.

What did these countries and companies agree to? They’ve agreed to increase prevention of and resilience to malicious online activity, but without mentioning specifics for execution. There’s also a vague call to protect the accessibility and integrity of the internet, prevent the proliferation of malicious online programs and methodologies, and to improve the security of digital products and services and the “cyber hygiene” of citizens.

Those are good ideas but there’s no mention about the means to those ends. I feel more optimistic that they can achieve other parts of the agreement. The more pragmatic sections cover cooperation preventing interference in electoral processes, collaboration in combatting intellectual property violations via the internet, stopping online mercenary activities and offensive action by non-state actors, and joining forces to strengthen relevant international standards. I like the other parts of the agreement too, but I think they can be interpreted too subjectively to be actionable. Which objective metrics would be used to measure the accessibility and integrity of the internet? Remember that fifty different countries would have to agree upon what those metrics are and how to measure them.

Notably absent countries are the UK, India, Iran, North Korea, Russia, China, and the United States.

China and India are the two most populous countries in the world! It’s widely believed that China didn’t sign to keep their options open for restricting and monitoring Chinese citizens’ internet use à la The Great Firewall of China. But I have hypotheses as to why India didn’t sign. If it’s any comfort to India, Pakistan didn’t sign the agreement either.

Iran, North Korea, and Russia are well known to engage in cyberwarfare, including deploying destructive malware in other countries, a plausible rationale for those countries not signing.

Which leaves the UK and the US. I’m only guessing here, but perhaps Theresa May’s government in the UK and Donald Trump’s in the US fear that parts of the agreement might be used against them, such as to protect the accessibility and integrity of the internet and prevent the proliferation of malicious online programs and methodologies. Protecting the accessibility of the internet likely entails significant spending to improve internet infrastructure! Both governments tend to be reluctant to expend resources on public projects not directly related to their militaries. Preventing proliferation of malicious online programs might run counter to the activities of their armed forces as well. UK commonwealth partner Australia may have avoided signing simply because the US and the UK didn’t sign.

Interestingly, although the US didn’t sign the accord, most of the largest American tech companies did.

So New Zealand and Canada are the only two of the “Five Eyes” countries which signed the Paris Call for Trust and Security in Cyberspace. The “Five Eyes” are the US, the UK, Canada, Australia, and New Zealand, five countries which openly share intelligence with each other.

In my opinion, the Paris Call for Trust and Security in Cyberspace is a nice idea. It would be great if the signatory countries worked to make the internet safer and freer for their citizens. But with many of the world’s most powerful countries absent, and some vague wording that may be difficult to enforce, I don’t suspect that the treaty will much impact on the global cyber threatscape.

Even if the treaty doesn’t accomplish much, there’s lots you can do to improve the security of your own endpoints! The first step is to try a free malware discovery scan from Comodo Cybersecurity.

The post The United States, Russia, and China Notably Absent from International Cybersecurity Accord appeared first on Comodo News and Internet Security Information.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
1 Followers
About Comodo
Comodo Cybersecurity is a global innovator of cybersecurity solutions, and a division of Comodo Security Solutions Inc. For over 20 years, Comodo Cybersecurity has been at the forefront of successfully protecting the most sensitive data; and today, we deliver an innovative cybersecurity platform that renders threats useless across the LAN, Web & Cloud. Comodo Cybersecurity’s ongoing mission is to protect what matters most, while enabling businesses and customers to confidently accept risk in a world where preventing all attacks is impossible.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel