6 May 2019

Time to Pursue an International Cyber Treaty?

By James Carden

You will receive occasional promotional offers for programs that support The Nation’s journalism. You can read our Privacy Policy here.

Despite the chorus of recrimination directed at the current president over his alleged “coddling” of Putin’s Russia, relations between the world’s sole nuclear superpowers are at their lowest point in many decades.

The Trump administration’s record, far from confirming its critics’ fears that the president himself is in the pocket of the Kremlin, would seem to indicate precisely the opposite: during Trump’s two plus years in office the US has sent lethal arms to Ukraine; has twice attacked (in the absence of UN Security Council authorization) Russia’s ally Syria; has withdrawn from the landmark 1987 Intermediate-Range Nuclear Forces Treaty; has continued the policy of NATO expansion in the Balkans with the addition of Montenegro; and has continued to rattle the saber at Venezuela against the explicit objections of Russia and other UN Security Council members.


With the fog of Russiagate still hovering over the administration—as well as clouding the judgment of Congress and the media, one might be forgiven for seeing the likelihood of a diplomatic breakthrough between the US and Russia as delusional, at best.

This is particularly true in light of the recent release of the Mueller report, which laid out in detail how US investigators believe officers of Russian military intelligence (GRU) accessed the servers of the Democratic National Committee.

Russian intelligence officers allegedly stole “thousands of documents from the DCCC and DNC networks” including 300 gigabytes of data from a DNC cloud server.

Counterintuitive as it may seem given the allegations laid out by the special counsel’s report, perhaps now is the time to pursue a international cyber treaty that would prohibit similar intrusions in the future. As Dr. Robert G. Papp, a former director of the Center for Cyber Intelligence at the Central Intelligence Agency, has recently pointed out, “It is in our national interest to negotiate some limits to this activity to reduce these threats and the human and financial resources needed to address them.”

Other countries, particularly our main cyber-rivals, Russia and China, would seem to agree. Yet the Bush and Obama administrations rejected multiple Russian proposals for an international cyber code of conduct. As one anonymous Obama official put it in 2009, “They [Russia] want to constrain offense. We needed to be able to criminalize these horrible (50,000 attacks) we were getting a day.”

The US approach emphasized cooperation between law enforcement agencies in cracking down on cyber crime, while the Russian-Chinese approach has focused more on a treaty that emphasizes sovereignty and stability, leading to legitimate American concerns over censorship issues.

For example, a 2011 proposal endorsed by the UN representatives of China, Russia, Tajikistan, and Uzbekistan sought to establish an international code of conduct for information security that would “identify the rights and responsibilities of States in information space, promote their constructive and responsible behaviors and enhance their cooperation in addressing the common threats and challenges in information space, so as to ensure that information and communications technologies, including networks, are to be solely used to benefit social and economic development and people’s well-being, with the objective of maintaining international stability and security.” Language of this kind almost certainly raised concerns among Western powers that such a protocol might lend international legitimacy to efforts by the Chinese and Russians to crack down on dissent and free speech.

And while the 2011 proposal failed to win over the UN General Assembly, it did lay the groundwork for cooperation between Russia and China. And by 2015, Russia and China had signed a bilateral cyber-security treaty in which the two countries pledged not to conduct cyber attacks against one another. In the years since, Russia has repeatedly sought to reach an agreement on cyber-security with the US. While US officials are understandably wary of Russian’s intentions, the first Cold War provides ample precedents for mutually beneficial cooperation between the two countries.

“A cyber treaty,” writes Papp, “with the establishment of formal deconfliction, verification, and inspection mechanisms, could take very clear cues from previous arms control treaties,” including the 1987 Intermediate Nuclear Forces Treaty and the 1990 Conventional Forces in Europe Treaty which “established protocols and venues for dialogue among genuine experts when things inevitably went awry.” The treaties, writes Papp, “fostered constant communication among U.S. and Russian counterparts.”

Harvard University political scientist Joseph Nye cites the precedent set by the 1972 Incidents at Sea Agreement that sought to limit behavior on the high seas that might lead to escalation and war. Says Nye, “Skeptics object that such an arrangement is impossible, owing to the differences between American and Russian values. But even greater ideological differences did not prevent agreements related to prudence during the Cold War.”

That is only too true. With the 2020 election now in sight, perhaps now is time for the administration to act in the US national interest and pursue a cyber agreement that would limit cyber-warfare between sovereign states.

No comments: