A Microsoft executive is calling for rules to police cyberattacks carried out by governments.
On the Microsoft blog, company president Brad Smith outlines a potential treaty of rules against cyber threats. He believes a treaty and a neutral officiating body would hold governments of the world responsible when cyberattacks are committed:
We need a Digital Geneva Convention that will commit governments to implement the norms needed to protect civilians on the internet in times of peace.
The Geneva Conventions are treaties created after World War II to establish rules barring extremes of armed conflict. Violating the treaties is classified as a war crime.
Smith specifically called for Donald Trump and Vladimir Putin to create an agreement “to ban the nation-state hacking of all the civilian aspects of our economic and political infrastructures.”
He also points out the need for an independent neutral organization — a “Digital Switzerland,” — that can address cyber threats. This organization would have investigative power across all the public and private sectors, offer public records on known cyberattacks, and force governments to report security vulnerabilities.
There are currently few rules governing international cyberattacks. According to Reuters, the US and China pledged in 2015 to “refrain from hacking companies in order to steal intellectual property.” The Group of 20, an international economic forum, signed a similar pledge the same year. Other than that, laws governing cyberattacks are rare.
Smith also said that tech companies should pledge neutrality in cyber conflicts. The tech sector, he posits, would protect internet users by not aiding governments in cyber offensives.