Checking in on the Digital Geneva Convention

Around 5 years ago, I wrote an article asking folks to stop treating digital weapons like biological weapons. In that article, I mentioned efforts by Microsoft to create a Digital Geneva Convention. I’d like to take a few moments to follow up on those efforts.

Multiple organizations have sprung up in the time since Microsoft made its original announcement. We’re going to take a quick glance at a few of them in this article.

Cybersecurity Tech Accord

In April 2018, a group of 34 companies, including Microsoft, announced the Cybersecurity Tech Accord with a pledge to “[protect] users and customers everywhere”. There are now over 100 companies that have signed on to the accord. This is a great first step. Getting companies, both large and small, to pledge that they are going to protect people from the abusive use of technology systems is an important milestone towards getting governments to agree not to weaponize such systems.

The Cybersecurity Tech Accord appears to be very active in its efforts to educate and bring awareness to the problems faced by our digital landscape. Their website is an excellent resource for those who want to stay on top of future developments.

Corgibytes has reached out to the Cybersecurity Tech Accord to get information on becoming a signatory.

Digital Peace Now

Digital Peace Now is a Microsoft-led effort to increase awareness and provide a platform for digital citizens to become part of the global conversation around the use of digital systems as weapons. In addition to an active blog, Digital Peace Now is hosting an online mini-lecture series called DPNU (Digital Peace Now University), and they run social media engagement campaigns.

I recently added my name to their petition, and I encourage everyone to do so.

The Paris Call

November 2018 saw the launch of the Paris Call for Trust and Security in Cyberspace. It’s a pretty simple call for limits on the use of digital systems as weapons against individuals, organizations, or governments. The call is further supported by 9 principles for governing the protection of our technological landscape and the people who interact with it.

The most recent social media campaign that’s being run by Digital Peace Now is focused on asking folks to support the Paris Call.

Corgibytes has applied to be listed as a supporter of the call, but we’re not listed on the website yet. As part of the submission process, we were asked to share a tweet-sized message describing why we were doing so.

Corgibytes is dedicated to helping organizations improve their software systems and practices. This includes improvements that address known security vulnerabilities. The need for these improvements needs to be more visible so they can receive the attention they deserve.

CyberPeace Institute

The CyberPeace Institute got started in September 2019. They are a non-governmental organization (NGO) that is dedicated to helping protect digital rights, primarily by providing services to other NGOs. As part of their advocacy work, they maintain a blog and publish analysis reports.

It’s not clear to me how people can get involved in the CyberPeace Institute outside of sending them a donation or engaging in the content that they produce.

United Nations Cybercrime Treaty

While not directly related to digital weapons, the United Nations has started negotiating a treaty to protect global citizens from cybercrime. The resolution that started this process was passed in December 2019, and negotiations are ongoing with representatives from member nations, with the first negotiating session held in February 2022.

It’s worth noting that there are some legitimate concerns about the creation of an international cybercrime treaty. The Electronic Frontier Foundation has rightly pointed out that some governments have used cybercrime as an excuse to introduce additional limitations on privacy and human rights. I’m glad that they are monitoring the development of the treaty and advocating for a narrow focus that has a reduced risk of being abused in such ways.

While not a strong rejection of the use of digital weapons by nations, getting international governments to agree that the abuse of digital systems is criminal can be seen as a step in the right direction. To say that it’s illegal for an individual, organization, or company to engage in abusive behavior can be a foundation for demanding the same of governments themselves.

I’m not familiar with the processes that govern these negotiations, so I’m not sure what to expect in terms of how long it’s going to take to get an agreement that nations are comfortable signing on to.

Others?

I’m sure there are efforts that I missed when I was researching this article. If there’s something important that you’d like to share, please do so in the comments section below.

I’m also encouraged that there has been so much movement and the creation of so many different organizations that continue to be active today. Seeing this much change in just 5 years gives me a lot of hope for what the next 5 years can bring.