Microsoft CLO Calls for 'Digital Geneva Convention' to Combat Cyberthreats
"This is so clearly a solution that the world needs," Microsoft's Brad Smith told an audience at a UN event in Geneva.
November 10, 2017 at 03:29 PM
7 minute read
Brad Smith of Microsoft. Free handout.
In a speech at a United Nations event in Geneva on Thursday, Brad Smith, president and chief legal officer of Microsoft Corp. sounded the alarm on cybersecurity and called for the global community, including tech companies, to come together to create a new accord that would help protect civilians and their data.
He said that much like the nations that came together at the 1949 Geneva Conventions following the Second World War to produce international law standards for the treatment of civilians in the context of war, governments and companies need to agree on principles that will keep civilians safe who are caught in the crossfire of cyberattacks.
“The world needs a new digital Geneva Convention, it needs new rules of the road,” Smith said at the Geneva Lecture Series. “What we need, we believe, is an approach that governments will adopt that says they will not attack civilians in times of peace. They will not attack hospitals, they will not attack the electrical grid, they will not attack the political processes of other countries, they will not use cyberweapons to steal the intellectual property of private companies, that they instead will work together to help each other and the private sector respond when there are cyberattacks.”
Smith, who previously pitched this idea at a conference in San Francisco, spoke extensively Thursday on the similarities between cyber warfare and conventional warfare, emphasizing that both are arms races, and involve weapons, though those weapons used by hackers might be “invisible.”
He pointed to the WannaCry ransomware attack on May 12 of this year as a big inflection point for cybersecurity. During that attack, hundreds of thousands of computers were affected in more than 150 countries, according to a report from Europol.
“Think about this,” Smith told the audience, “in the history of our planet, in the course of humanity, has there ever been a single attack by any nation that affected as many other nations simultaneously as that attack did on the 12th of May? I don't think one can find one.”
Smith said that WannaCry proves attacks often have concrete effects on people as well as machines. He pointed to an audit report from the British government that showed that in the U.K. alone, 6,912 people could not get to medical appointments or procedures on May 12 because WannaCry had taken such a toll on the networks at the country's hospitals.
The Microsoft CLO underscored the idea that tech companies have a huge role to play in protecting individuals, as “first responders,” noting that Microsoft spends $1 billion per year on security innovation. But companies, he said, also need governments and advocacy groups to act.
As for what a digital Geneva Convention might look like, Smith said the world “does not have to build off of a blank piece of paper.” He pointed to a section of the UN Charter as well as other bodies of international law, in addition to national cybersecurity policies, as potential sources of inspiration.
“This is so clearly a solution that the world needs,” Smith said of the new digital convention. “It is so clearly a solution that has so many important nuances, that requires that people from government, from the diplomatic community, and academic community, from NGOs and from private businesses address [it] together. We all have opportunities to learn from each other.”
Brad Smith of
In a speech at a United Nations event in Geneva on Thursday, Brad Smith, president and chief legal officer of
He said that much like the nations that came together at the 1949 Geneva Conventions following the Second World War to produce international law standards for the treatment of civilians in the context of war, governments and companies need to agree on principles that will keep civilians safe who are caught in the crossfire of cyberattacks.
“The world needs a new digital Geneva Convention, it needs new rules of the road,” Smith said at the Geneva Lecture Series. “What we need, we believe, is an approach that governments will adopt that says they will not attack civilians in times of peace. They will not attack hospitals, they will not attack the electrical grid, they will not attack the political processes of other countries, they will not use cyberweapons to steal the intellectual property of private companies, that they instead will work together to help each other and the private sector respond when there are cyberattacks.”
Smith, who previously pitched this idea at a conference in San Francisco, spoke extensively Thursday on the similarities between cyber warfare and conventional warfare, emphasizing that both are arms races, and involve weapons, though those weapons used by hackers might be “invisible.”
He pointed to the WannaCry ransomware attack on May 12 of this year as a big inflection point for cybersecurity. During that attack, hundreds of thousands of computers were affected in more than 150 countries, according to a report from Europol.
“Think about this,” Smith told the audience, “in the history of our planet, in the course of humanity, has there ever been a single attack by any nation that affected as many other nations simultaneously as that attack did on the 12th of May? I don't think one can find one.”
Smith said that WannaCry proves attacks often have concrete effects on people as well as machines. He pointed to an audit report from the British government that showed that in the U.K. alone, 6,912 people could not get to medical appointments or procedures on May 12 because WannaCry had taken such a toll on the networks at the country's hospitals.
The
As for what a digital Geneva Convention might look like, Smith said the world “does not have to build off of a blank piece of paper.” He pointed to a section of the UN Charter as well as other bodies of international law, in addition to national cybersecurity policies, as potential sources of inspiration.
“This is so clearly a solution that the world needs,” Smith said of the new digital convention. “It is so clearly a solution that has so many important nuances, that requires that people from government, from the diplomatic community, and academic community, from NGOs and from private businesses address [it] together. We all have opportunities to learn from each other.”
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Contract Software Unicorn Ironclad Hires Former Pinterest Lawyer as GC
2 minute read
How Amy Harris Leverages Diversity to Give UMB Financial a Competitive Edge
5 minute read
Auditor Finds 'Significant Deficiency' in FTC Accounting to Tune of $7M
4 minute read
Dog Gone It, Target: Provider of Retailer's Mascot Dog Sues Over Contract Cancellation
4 minute readTrending Stories
- 1Gibson Dunn Sued By Crypto Client After Lateral Hire Causes Conflict of Interest
- 2Trump's Solicitor General Expected to 'Flip' Prelogar's Positions at Supreme Court
- 3Pharmacy Lawyers See Promise in NY Regulator's Curbs on PBM Industry
- 4Outgoing USPTO Director Kathi Vidal: ‘We All Want the Country to Be in a Better Place’
- 5Supreme Court Will Review Constitutionality Of FCC's Universal Service Fund
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
