Cybersecurity Agreement

10 PRoCEEdings oF a woRkSHoP on deEtERRing CYBERAttACkS its observation. But as the Committee said, conventional deterrence measures are difficult to use against cyberattacks and exploitation.3 States, groups and even individuals can easily launch or attempt attacks on cybersyneurs. Sources of attack and exploitation are difficult to identify within time frames that allow victims to avoid damage, and any defensive measures may fail at some point, given the vulnerabilities of most cyber systems and the inability of users. These considerations led the NRC committee to conclude that “regardless of the useful leeway for deterrence, there may be a complementary and useful role for international legal regimes and codes of conduct, which aim to reduce the likelihood of destructive cyberattacks and minimize the consequences of cyberattacks. In other words, participation in international agreements can be an important aspect of U.S. policy. 4 Different forms of international cooperation currently exist, and international agencies and private institutions play or attempt to play important roles in the cybersecurity sector. However, for more than a decade, while complaining about cyberattacks, espionage and exploitation by other states and non-state actors, the US government has avoided international agreements that go far beyond the duty of a predominantly European group to criminalize and cooperate on certain behaviors. This policy changes accordingly. Both the executive branch and Congress are currently exploring ways to improve cybersecurity between cooperation and international agreements. The potential benefits of international cybersecurity agreements deserve careful consideration.

International agreements on other transnational activities, including armed conflict, communications, air and sea transport, health, agriculture and trade, have been widely adopted by states to improve security and efficiency through processes that could be useful in regulating cyber activity. However, transnational agreements that contribute to cyber security will only be possible if they take into account the considerable differences between reflective activities regulated by well-established international regimes and cyber-relationships. Many states will not be prepared at this stage to agree to limit their control over cyber activities that they consider essential to their national security interests. International agreements will also be impossible where there are irreconcilable policy differences between states, including the political use of the Internet, privacy and human rights. However, while these factors limit the potential scope and use of international cybersecurity agreements, they allow for international cooperation on many issues that could prove beneficial.

Comments are closed.