Armed Conflict Cybersecurity & Tech

International Cyber Norms

Paul Rosenzweig
Thursday, March 17, 2016, 3:51 PM

The cyber domain covers the entire globe. Given its breadth the challenge in finding universal norms of behavior is great -- it requires cross-cultural and cross-geographic agreement amongst people with very disparate views on ... well, just about everything. But the challenge doesn't stop folks from trying.

Published by The Lawfare Institute
in Cooperation With
Brookings

The cyber domain covers the entire globe. Given its breadth the challenge in finding universal norms of behavior is great -- it requires cross-cultural and cross-geographic agreement amongst people with very disparate views on ... well, just about everything. But the challenge doesn't stop folks from trying. The latest is this new book on International Cyber Norms: Legal, Policy & Industry Perspectives, published by NATO's Cooperative Cyber Defence Center of Excellence (or CCDCOE!). It is a book not about cyber norms, but rather, it seems, about the idea of defining norms themselves:

Recent cyber security related discussions in international forums indicate ‘cyber norms’ or cyber ‘norms of behaviour’ as the most suitable vehicles for guiding states’ behaviour in cyberspace. However, despite being frequently addressed by policy-makers, academia, non-profit organisations and the private sector, it is often unclear what is meant by the very concept of a ‘norm’. Indeed, a closer look at different actors and venues reveals that various platforms promote different types of norms – for instance, of a legal, political, technical or moral nature – but it is often not evident (sometimes, it seems, even to the discussing parties) which types of norms are the focus of the debate. Inevitably, this lack of a common conceptualisation of a ‘cyber norm’ results in diffi­culties in reaching a consensus within the accompanying policy discourse.

The book International Cyber Norms: Legal, Policy & Industry Perspectives is a result of a series of workshops organised by the NATO CCD COE during 2014-2015. The aim of this collection of articles is to shed light on the different approaches to ‘cyber norms’ in various research domains. The articles outline how different disciplines define, prioritise and promote norms, and suggest approaches for developing cyber norms.

I suppose this makes sense, we can't have cyber norms if we don't know what norms are -- but just saying that gives you a sense of the challenge of the project. Military students of the field will, however, probably want to at least dip into the book.


Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.

Subscribe to Lawfare