[LINK] Paris Call For Trust and Security in Cyberspace

[Stephen Loosley]

> Subject: [LINK] Paris Call For Trust and Security in Cyberspace
>
> PARIS CALL FOR TRUST AND SECURITY IN CYBERSPACE
>
> https://www.diplomatie.gouv.fr/IMG/pdf/paris_call_text_-_en_cle06f918.pdf


During a speech at the annual UNESCO Internet Governance Forum in Paris last Monday, French President Emmanuel Macron announced the “Paris Call for Trust and Security in Cyberspace,” a new initiative designed to establish international norms for the internet, including good digital hygiene and the coordinated disclosure of technical vulnerabilities.

The document outlines nine goals, like helping to ensure foreign actors don’t interfere with elections and working to prevent private companies from “hacking back,” or retaliating for a cybercrime.

It’s endorsed by more than 50 nations, 90 nonprofits and universities, and 130 private corporations and groups.

The United States is not one of them.

The Paris Call ultimately lacks teeth; it doesn’t require governments or corporations legally adhere to any specific principles. It’s mostly a symbol of the need for diplomacy and cooperation in cyberspace, where it’s hard to enforce any single country’s laws.

More notable than the accord itself is who signed it. Major American technology corporations including Microsoft, Facebook, Google, IBM, and HP all endorsed the agreement.

The United States, meanwhile, was not alone in taking a pass. Russia, China, Iran, and Israel didn't sign, either.

Some of the abstainers, like China and Iran, have active cyberwar initiatives.

Microsoft, on the other hand, says it worked closely with the French government to craft the Paris Call, a sign of how tech corporations are playing a more active role in governing the internet.

“It’s an opportunity for people to come together around a few of the key principles: around protecting innocent civilians, around protecting elections, around protecting the availability of the internet itself.

It’s an opportunity to advance that through a multi-stakeholder process,” says Brad Smith, the president of Microsoft, who also gave a speech in Paris Monday. In some ways, Smith sounds more like a lawmaker than an executive—which shouldn’t come as much of a surprise.

On the internet, corporations like Microsoft are increasingly taking on responsibilities once reserved for nation states.

“If you look over the past three or four years, we’ve really seen a groundswell of private leadership,” says Megan Stifel, the cybersecurity policy director at Public Knowledge, a non-profit that endorsed the Paris Call. “The private sector is now willing to say that we can and we will do more.”