Microsoft wants a 'Digital Geneva Convention' to rein in state-sponsored cyber threats

As the public conversation continues to heat up around the threat of state-sponsored hacking, Microsoft is calling for what it calls a "Digital Geneva Convention." In a post on Microsoft's On The Issues blog (opens in new tab) (via Reuters), Microsoft president and chief legal officer Brad Smith presses the need for an international agreement on rules to protect civilians from nation-state cyber attacks.

Says Smith:

Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace. And just as the Fourth Geneva Convention recognized that the protection of civilians required the active involvement of the Red Cross, protection against nation-state cyberattacks requires the active assistance of technology companies.

On that last point, Smith's plan advocates for a "Digital Switzerland" — a neutral third party trusted to assist customers everywhere. Such an organization would be trusted with carrying out independent investigations and sharing evidence of specific nation-state attacks with the public.

As part of his plan, Smith envisions the Unites States and Russia in particular working together in a similar manner to talks that led to a deal between the U.S. and China over intellectual property cyber-theft in 2015:

All of this points the way to potential new steps ahead. First, there is a new opportunity for vital bilateral action. Just as the United States and China overcame mutual challenges and made important progress in 2015 to ban intellectual property cyber-theft, the United States and Russia can hammer out a future agreement to ban the nation-state hacking of all the civilian aspects of our economic and political infrastructures.

Ultimately, Smith advocates for for governments around the world to pursue a multilateral agreement on global cybersecurity norms that hold nations around the world accountable.

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl

  • Funny, but Russia runs on Windows 10
  • Negative. W7 and XP
  • so Microsoft wants to stop US internet survailance and close their own fbi hotmail backdoors and make windows 10 safe for privacy again ?? thank you MS
  • Nothing wrong with MS not wanting people to remove their house doors and let everyone march right in either whenever they feel like it. You may not be opposed to allowing anyone to view cameras in every single room of your house, 24/7 or wiping out your economy, but at least someone is thinking ahead.
  • No, they're not. Now we're firmly in the grip of the post-truth global political paradigm, such agreements are clearly worthless. This is either wishful thinking or PR.
  • I got HACKED!!! The other day, I was at my computer for about 2-3hrs. Then my google browser went mad,new tab/windows opening some have 'error message' + click download to 'fix errors' & the other few new tab/windows were, well looked like a Microsoft main home screen. I did think it ood as at top left & right of the screen it had blue background with white writing saying ring this number for help. So i rang up first person wanted to take over my computer screen, i only let them coz it was a new computer & it didn't have my card info as i didn't setup using it yet so they only would've got is game crap as that's all i did on it. Anyway this is when i was put onto someone else who went into cmd & typing some thing it that said i had 13 computers linked into my WiFi box then said it's £389 for 1 thing & something else for 2 & 3 things that need fixing so close to £1000 & i said no i don't have that money he said i can do it in small amounts i closed the take over screen & did a full scan & no problems took it bk the shop for them to check it they didn't find anything & its working as it should
  • You should not do money transactions in your PC if you don't have two way authentication, both Microsoft and Apple implement this security mechanism to make sure you are the person that is paying for goods, there shouldn't be any person using passwords these days for doing money transactions, as we know that SSL is insecure and even Google's chairman Erich Schmidt admitted few years ago that what Edward Snowden said was true and Google was intercepting SSL traffic and sending it to uncle Sam.
  • Sorry for the semantics but that's social engineering and not really being hacked.
    I've been lucky to be at homes where this has happened. Once for my mother, and an elderly friend of the family. They'll get you to look in the System log and scroll down until you see something that validates a reason to ask for help then the remote access to your computer.
    I've had fun with them.. Played stupid, recorded the call, kept them on the phone for ever, when they pretend to be from Microsoft, question why they want me to Google something and not use Bing, asked them why they were making sexual advances on me, then pretend the phone is cutting out and about to die then ask for their number so I can call back fix it. Once they give you the number, forward it to the local police or ask your ISP how to move forward with blocking or who to contact.
    * This is a compelling reason to use free services such as OpenDNS on your router. They filter a lot of malicious sites.
  • That is nice! Much better than what I do. I just ask them how they know I run windows when I just run Linux and they usually just hang up... :) PS - I don't run Linux ;).
  • lol.. I'll be sure to try that next time! Another thing, get them to repeat themselves a lot. Frustrate the heck out of them.
  • The Industry 4.0 security standards are far way from finished and soon our kids will use RFID chips in their uniform clothes when they go to school so parents can monitor if his child gets out of school in a not expected hour,  but who tells you that your child isn't been tracked by government so they know how many kids you have and to what school they go and what kind of education they receive.  Our cars also are connected to Internet to share GPS data and in return get Traffic thanks to Ubiquitous computing (Ambient intelligence) built by car companies which is good, but who tells you that your car isn't tracked by government so they know where you are all the time. This is just a small # of examples where Industry 4.0 and Ambient Intelligence may fall into totalitarian governments, so I think it's a great idea that Microsoft is pushing against better security for RFID, Wireless Sensor Networks, Ubiquitous computing (Ambient Intelligence) and other Internet of Things tecnologies where Microsoft is participating.
  • Sigh...this is what the comments section has come to.
  • It's nice to Miccrosoft still taking the lead on this as they did with spam. Apple and Android should take note.
  • Apple and Android took spam to the next level. Google search just leads you to where "they" want you to go and they know where you've been. It's getting so spam is news. There is 10 apps you need and it just happens today they are free. Thanks Apple but do I need a dongle for that? Top news story, what will the Samsung galaxy 8 look like. Will the new iPhone have two cameras that are still not as good as the one on the two year old Microsoft Lumia 950? We'll never know because Apple knows it's better to just pay some journalist to lie about it than to actually make a good camera!
  • Pay no attention to the man behind the curtain!
  • Happy to having it
  • Brad Smith seems like such an interesting guy, would love to be able to sit down and chat with him. He seems like someone who understands/values certain "big picture"/visionary-type concepts. In terms of this Internet "Geneva Convention," I think he's totally right.