The need for a Digital Geneva Convention and a cloud for global good

Today i want to pick up the conversation around cybersecurity and cybercrime. below are some conversations started by Brad Smith

After World war II,  All the governments  of the world got together and took a legal obligation that they would protect civilians in times of war. but look at the headlines for the last few years we find news of attacks on  civilians in times of peaces. that is what happens when there are hacking and attacking candidates running for office or civilian infrastructure.

The past year has witnessed not just the growth of cybercrime, but a proliferation in cyberattacks that is both new and disconcerting.  This has included not only cyber-attacks mounted for financial gain, but new nation-state attacks as well.

Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace.  And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies.  The tech sector plays a unique role as the internet’s first responders, and we therefore should commit ourselves to collective action that will make the internet a safer place, affirming a role as a neutral Digital Switzerland that assists customers everywhere and retains the world’s trust.

Image result for digital Geneva convention

Just two years ago, experts from 20 nations came together and put forward a new set of norms, principles that governments could consider. It represented a big step forward in terms of international agreement. 10 And more encouraging in many ways still was what happened a few months later when the United States and China sat down across the negotiating table, talked directly and frankly about an issue that was important to both of them, and came up with a new pledge and plan to put the cyber theft of intellectual property out of bounds. That was then endorsed by the G20 two months after that.

The time has come to call on the world’s governments to come together, affirm international cybersecurity norms that have emerged in recent years, adopt new and binding rules and get to work implementing them. In short, the time has come for governments to adopt a Digital Geneva Convention to protect civilians on the internet.

There is strong progress on which we can build.  For example, Microsoft has been collaborating with other leading cloud companies like Amazon and Google to combat cloud abuse such as spam and phishing sites.  microsoft is working together on a common abuse reporting schema to accelerate the reporting of abuses  may see on each other’s networks.  On issues such as customer notification of potential nation-state attacks, we should all learn from important work where Google and Facebook have been early and impressive leaders.  More broadly, there is good work and common collaboration springing up everywhere, from new startups to the industry’s largest companies.

Advanced analytics, mobile devices, artificial intelligence, machine learning, robotics, and genomics are transforming every aspect of how people live, communicate, work, and learn. We’re in a period of rapid transformation that offers huge potential to not just help business but to also help tackle some of the world’s most pressing issues in areas such as health, education and the environment. At the heart of these advances is cloud computing.

Finally, those of us in the tech sector need to act collectively to better protect the internet and customers everywhere from nation-state attacks.  As the first responders to threats that in part target our own infrastructure, it’s important for global technology companies to adopt concrete commitments to help deter and respond to nation-state cyberattacks.

I Urge you as you think of these have a look at what is happening in the world around GDPR  and A Digital Geneva Convention 





[4], at paragraph 26.  The G-20 provision affirmed the same provision agreed to by the U.S. and China, stating “that no country should conduct or support ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”

[5] For a more complete discussion of these principles, see

[6] A Cloud for Global Good  See