Depleted Trust in the Cyber Commons

"Policymakers increasingly recognize the need for agreements to regulate cyber behaviors at the international level. In 2010, the United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security recommended “dialogue among States to discuss. Since then, the United States, Russia, China, and several other cyber powers have proposed norms for discussion, and in November 2011, the United Kingdom convened an intergovernmental conference to discuss cyber “rules of the road.” These activities are a positive change from the first decade of this century, when the United States and Russia could not agree on what should be discussed and the one existing international agreement for cyberspace—the Budapest Convention on Cybercrime—gained little traction. Nevertheless, the search for agreement has a long way to go. Homeland Security secretary Janet Napolitano noted in summer 2011 that efforts for “a comprehensive international framework” to govern cyber behaviors are still at “a nascent stage.” That search may well be disappointing. Council on Foreign Relations fellows Adam Segal and Matthew Waxman caution that “the idea of ultimately negotiating a worldwide, comprehensive cybersecurity treaty is a pipe dream.” In their views, differences in ideologies and strategic priorities will keep the United States, Russia, and China from reaching meaningful agreements: “With the United States and European democracies at one end and China and Russia at another, states disagree sharply over such issues as whether international laws of war and self-defense should apply to cyber attacks, the right to block information from citizens, and the roles that private or quasi-private actors should play in Internet governance.'"