By Marco Pizzorno.
Conflict methodologies have changed and new theatres of war such as cyberspace are the battlefield of state and non-state actors. What is considered a new type of cyberattack affects the safety and protection of the civilian population. The involvement of private technology industry takes on important issues in the international context on human rights and humanitarian protection issues in the digital age.
The issues related to the instability of cyberspace as a safe place, refer to the willingness of some states to arm themselves with hackers, recruiting them as real cyber fighters. These figures are capable of breaching critical infrastructure, personal data, committing identity theft and misinformation. To protect the civilian population from possible indiscriminate attacks, IT companies are trying to analyze the ideal points and environments for the protection of human life and dignity even in the digital world.
In this regard, Microsoft Chief and President of Legal Affairs Brandon Smith, at an RSA security conference in San Francisco , presented a new Digital Geneva Convention. Many efforts are being made in this direction especially the work of the Global Commission which is trying to guarantee the protection of the civilian population in the cyber environment.
“Stability of cyberspace means everyone can be reasonably confident in their ability to use cyberspace safely and securely, where the availability and integrity of services and information provided in and through cyberspace are generally assured, where change is managed in relative peace, and where tensions are resolved in a non-escalatory manner.”
Four fundamental principles have been identified to ensure this stability
I. Responsibility: Everyone is responsible for ensuring the stability of cyberspace.
II. Restraint: No state or non-state actor should take actions that impair the stability of cyberspace.
III. Requirement to Act: State or non-state actors should take reasonable and appropriate steps to ensure the stability of cyberspace.
IV. Respect for Human Rights: Efforts to ensure the stability of cyberspace must respect
At the recent forum in Paris, these four principles inspired the proposed eight new rules that protect life and safeguard human dignity in the cyber environment:
I.State and non-state actors should neither conduct nor knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.
II.State and non-state actors must not pursue, support or allow cyber operations intended to disrupt the technical infrastructure essential to elections, referenda or plebiscites
III.State and non-state actors should not tamper with products and services in development and production, nor allow them to be tampered with, if doing so may substantially impair the stability of cyberspace
IV.State and non-state actors should not commandeer the general public’s ICT resources for use as botnets or for similar purposes.
V.States should create procedurally transparent frameworks to assess whether and when to disclose not publicly known vulnerabilities or flaws they are aware of in information systems and technologies. The default presumption should be in favor of disclosure.
VI.Developers and producers of products and services on which the stability of cyberspace depends should prioritize security and stability, take reasonable steps to ensure that their products or services are free from significant vulnerabilities, and take measures to timely mitigate vulnerabilities that are later discovered and to be transparent about their process. All actors have a duty to share information on vulnerabilities in order to help prevent or mitigate malicious cyber activity
VII.States should enact appropriate measures, including laws and regulations, to ensure basic cyber hygiene
VIII. Non-state actors should not engage in offensive cyber operations and state actors should prevent such activities and respond if they occur.
The United Nations’ attention to cyber security is considerable. In fact, in the recent Paris forum, efforts are concentrated on uniting two groups of categories enabled to face issues on the subject.
The Governmental Expert Group and the Open Ended Working Group
The attempt is to guarantee the protection of all the parties that could be affected under these new types of attacks. An important battle over cybercrime maneuvers is taking place in these new challenges of the digital age. Protection of people within international humanitarian law is aimed above all at the definition of “attack” referring to data, considering the principle of distinction, proportionality and necessity.
In addition , other initiatives are focused on the due diligence, which involves holding a state liable for transboundary harms caused by malicious cyber activities originating in its territory. New IT Disarmament policies for these new digital challenges. It is time for the technological future to knock on the door of human rights to ask for permission