SAN FRANCISCO–An executive with Microsoft is proposing that a “Digital Geneva Convention” be held to create acceptable norms of behavior by countries in cyberspace and to help stop the unfair targeting of civilians and companies in cyber-attacks.
Brad Smith, the president and chief legal officer with Microsoft, told the RSA Conference here that the world’s governments should come to an international agreement that seeks to prevent innocent consumers from being caught up in the kinds of cyber-attacks being perpetrated by nation-states. He further proposed that technology companies that run the majority of internet infrastructure play a role in providing defenses.
"We suddenly find ourselves living in a world where nothing seems off limits to nation-state attacks," Smith said in his remarks. "There are increasing risks of governments attempting to exploit or even weaponize software to achieve national security objectives."
His said his proposal would call on governments to implement norms designed to protect civilians on the Internet in times of peace, in something similar in spirit to the Fourth Geneva Convention of 1949. He further called on governments to agree to not conduct cyberattacks against the private sector, specifically stealing intellectual property, or targeting critical infrastructure.
Such a "digital convention" should also set up an independent organization that brings the public and private sectors together to investigate and release detail publicly on nation-state attacks, he added.