Microsoft, Digital Geneva Convention

The virtual world is reaching a dangerous state. Between cyber aggression that involves state sponsored bodies as often as hackers gone wild, Microsoft has called upon tech companies to join it in forming a “Digital Geneva Convention”. The company also wants the establishment of stringent norms with an eye towards ensuring that cyber attacks are retaliatory rather than first-use and that even then, they take place according to a set of rules with everyone playing fair.

The call for the establishment of a digital convention was made at the RSA conference by Brad Smith. Smith, in case you are unaware of the fact, is Microsoft’s chief legal officer in addition to being its president. Commenting upon the increase in cybercrime as well as cyber attacks — that he described as both new and disconcerting –Smith said that a concerted response to this turn of events was necessary.

Stating that while all companies were attempting to protect their customers from the effects of this rise in cyber crime, a joint effort was needed if the problem was to be effectively countered. Calling for a joint effort by tech companies along with the establishment of a convention, he said:

Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace.  And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies. 

Citing the Sony hack that allegedly had North Korean state-sponsored hackers behind it, as well as the 2016 hacks that were said to be the work of Russian hackers, Smith said that tech companies needed to take things into their own hands and play the role of a digitally neutral Switzerland while also ensuring that war in cyberspace — if it must needs occur — took place according to some pre-agreed norms.

Outlining the vast scope for damage that cyber crime possessed, Smith said that 74 percent of the world’s businesses expect to be hacked each year.  He also projected the estimated economic loss of cybercrime as reaching $3 trillion by 2020. He also said that a lot of these crimes originated from nation-states and were often met by private citizens instead of governments — as opposed to other forms of war where battle is fought over land, air or sea. These battles and preparing form them, can be costly and Microsoft said that it was spending upwards of $1 Billion in the security field.

Talking about the necessity of government’s involvement in ensuring that cyber attacks did not cause undue damage (which is hard, since the aim of an attack is to cause damage), he said:

Such a convention should commit governments to avoiding cyber-attacks that target the private sector or critical infrastructure or the use of hacking to steal intellectual property.  Similarly, it should require that governments assist private sector efforts to detect, contain, respond to and recover from these events, and should mandate that governments report vulnerabilities to vendors rather than stockpile, sell or exploit them.

There has already been talk of something similar in the UN. Let’s hope that the involvement of private enterprises gives a push to the efforts.

Meanwhile, you can read more about the topic, right here.

2 comments
Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.