Monday, 19 November 2018

U.S. Declines to Sign Declaration Discouraging Use of Cyberattacks

WASHINGTON — Reflecting reluctance by the Trump administration to limit its options for using offensive and defensive cyberweapons, the United States declined on Monday to sign a vaguely worded international call to protect civilians against cyberattacks and discourage digital meddling in elections.

The United States was one of only a few Western nations that chose not to sign on to the nonbinding declaration, which was released by France’s president, Emmanuel Macron, during the Paris Peace Forum, timed to the 100th anniversary of the end of World War I.

The declaration, the “Paris Call for Trust and Security in Cyberspace,” was signed by 51 countries, more than 130 companies and 90 universities and nongovernmental groups, and was the latest in a series of efforts to move toward what some call a “digital Geneva Convention.”

Just as the original Geneva Convention prohibits aiming attacks at civilians, the Paris statement would prohibit “indiscriminate or systemic harm to individuals and critical infrastructure,” such as shutting down an electric grid.

It also included a call to “prevent malign interference by foreign actors aimed at undermining electoral processes though malicious cyberactivities.”

All members of the European Union signed the agreement. Australia and Turkey joined the United States in declining.

Mr. Macron aimed the accord largely at democracies, which meant that the countries most often accused of conducting state-sponsored attacks — Russia, China, North Korea and Iran — did not participate in the process.

Israel, which along with the United States conducted the most sophisticated cyberattack in history, the Stuxnet attack on Iran’s nuclear enrichment program, also declined to sign.


But if past debates over setting norms of behavior for cyberspace are a guide, American officials are leery of any kind of agreement that might make illegal the types of activity — like espionage, data manipulation or attacks on infrastructure — that the United States may want to use in a future conflict.

Elections are an interesting example. Congress and many others have condemned the 2016 Russian attacks on the Democratic National Committee and the private email accounts of senior officials in Hillary Clinton’s presidential campaign. But the United States has interfered in foreign elections before, including Italy in the 1940s and Iran and Latin America in the 1950s and 1960s, and some officials say that no American president should be forced to give up that tool if it could prevent a war.



  1. Isn't it a bit irrational to try and legislate non-catastrophic wartime actions? Sure, you may want to outlaw chemical weapons, planting minefields, or use or the abuse of POWs, but "cyber" activities? Then why not outlaw bayonettes, or lead bullets?

  2. Why would cyber-warfare be limited to "non-catastrophic wartime actions"? In the future such attacks may be capable of destroying entire armies, thus preparing the ground for 'boots on the ground'.

    1. A catastrophic wartime action, like a pre-emptive nuclear strike, is never outlawed because only a fool would trust other parties to abide by it. You really don't think I'm going to take down your air defense network w/cyber right before I launch my stealth bombers?

      I'd rather always be on the alert for cyber meddling than pretend no one's doing it and have to "prove" their meddling to a bunch of UN treaty monitors.

    2. I guess we could try to increase the value of L. I guess the 'leader of the free world' isn't interested in doing that.

    3. No, virtue signalling isn't his thing.

  3. "No, virtue signalling isn't his thing."

    That simple, is it?

    Considering his fawning over Bush the Elder, I'd say he's more than capable of VS when it suits him...