Cyber treaty not in the cards
The fast-changing nature of cyberspace makes any big-bang international deal on cyber norms infeasible, says the State Department's coordinator for cyber issues.
Christopher Painter, coordinator for cyber issues at the State Department, wants to advance the principle of "self-restraint" in cyberspace.
The rapidity with which cyber technology changes makes any agreement on a broad treaty to establish cyber norms unlikely, according to the State Department’s cyber envoy.
"You often hear people say we need a treaty in cyberspace [and] I've said often I don’t know what a treaty is in cyberspace," Christopher Painter, the State Department’s coordinator for cyber issues, said at Georgetown University's International Conference on Cyber Engagement on April 27. "I don’t know who signs that treaty, I don’t know who the parties of that treaty are."
Painter is instead working on smaller measures to cultivate trust among nation-states in a field not given to transparency. The measures include exchanging points-of-contact and discussing cyber doctrine, Painter told FCW after his conference remarks.
"Let's not try to like rush into a treaty that would take years and we’re not really even sure what that’s about," he added.
Though cyberspace has challenged traditional notions of sovereignty, the Internet has a physical backbone of infrastructure that lies within various nation-states. Even so, developing international norms in cyberspace has been a thorny process, given the myriad issues involved, from intellectual property to human rights. While Painter presented a succinct list of peacetime cyber principles at the conference, the U.S. government's approach to cyberspace is still evolving.
Painter recently returned from a multilateral cyber summit in The Hague, where he said one of the main outcomes was the establishment of the Global Forum on Cyber Expertise, a group created to help fight cyber crime, detect threats and protect privacy.
Following that agreement, Painter said he is looking to advance principles of "self-restraint" that nation-states can agree to during peacetime. Those principles include not conducting online activity that intentionally harms critical infrastructure, not preventing national computer emergency teams from responding to cyber incidents, and cooperating with international cyber investigations, Painter said.
NEXT STORY: Weighing in on drone privacy rules