The US Refusing To Sign 'The Paris Call' Is Not As Big A Deal As Everyone Is Making It Out To Be
from the this-is-a-pointless-document dept
On Monday, a bunch of countries and companies officially announced and signed "The Paris Call," or more officially, "the Paris Call for Trust and Security in Cyberspace." It's getting a fair bit of press coverage, with a lot of that coverage playing up the decision of the US not to sign the agreement, even as all of the EU countries and most of the major tech companies, including Google, Facebook, Microsoft, Cisco and many many more signed on.
But, most of those news stories don't actually explain what's in the agreement, beyond vague hand-waving around "creating international norms" concerning "cyberspace." And the reports have been all over the place. Some talk about preventing election hacking while others talk about fighting both "online censorship and hate speech." Of course, that's fascinating, because most of the ways that countries (especially in the EU) have gone about fighting "hate speech" is through outright censorship. So I'm not quite sure how they propose to fight both of those at the same time...
Indeed, if the Paris Call really did require such silly contradictory things it would be good not to sign it. But, the reality is that it's good not to sign it because it appears to be a mostly meaningless document of fluff. You can read the whole thing here, where it seems to just include a bunch of silly platitudes that most people already agree with and mean next to nothing. For example:
We reaffirm our support to an open, secure, stable, accessible and peaceful cyberspace, which has become an integral component of life in all its social, economic, cultural and political aspects.
We also reaffirm that international law, including the United Nations Charter in its entirety, international humanitarian law and customary international law is applicable to the use of information and communication technologies (ICT) by States.
I mean, great. But so what? The "measures" the agreement seeks to implement are almost equally as meaningless. Here's the entire list:
- Prevent and recover from malicious cyber activities that threaten or cause significant, indiscriminate or systemic harm to individuals and critical infrastructure;
- Prevent activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet;
- Strengthen our capacity to prevent malign interference by foreign actors aimed at undermining electoral processes through malicious cyber activities;
- Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sector;
- Develop ways to prevent the proliferation of malicious ICT tools and practices intended to cause harm;
- Strengthen the security of digital processes, products and services, throughout their lifecycle and supply chain;
- Support efforts to strengthen an advanced cyber hygiene for all actors;
- Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors;
- Promote the widespread acceptance and implementation of international norms of responsible behavior as well as confidence-building measures in cyberspace.
I mean, sure? Some of that is meaningless. Some of that is silly. Some of it is obvious. But none of it actually matters because it's not binding. Could this lead to something that matters? Perhaps. But it seems silly to condemn the US for failing to sign onto a meaningless document of platitudes and meaningless fluff, rather than anything substantial. There's no problem with those who did choose to sign on, but it's hard to see how this is a meaningful document, rather than just an agreement among signatories to make them all feel like they've done something.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybersecurity, eu, france, internet, internet regulation, paris call, security, us
Reader Comments
Subscribe: RSS
View by: Time | Thread
Half and Half
Are any of the nations (signing or not) planning on ignoring "cyber" security?
[ link to this | view in chronology ]
Re: Half and Half
The EU is considering measures (such as the link tax) that would intentionally and substantially damage the general availability or integrity of the public core of the Internet.
Overall, pretty much every signatory is already in violation, and every non-signatory too.
[ link to this | view in chronology ]
That document is just word soup.
[ link to this | view in chronology ]
Re:
One of Techdirt’s regular trolls must have written it, then.
[ link to this | view in chronology ]
Re:
The hyphen is an error; it should have said "hacking back", which does refer to retaliatory hacking. E.g., your company is getting flooded by someone's hacked router, so you hack into that and disable/fix it. There have been serious proposals to make this legal, though it's hard to believe it would end well.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Wow, that's extra crazy and apparently true. Damaging these senators' computers may be the only way to teach them about computer security and the perils of legalizing 'hacking back'.
[ link to this | view in chronology ]
But as it is so vague and meaningless, why not sign it? Because they disagree with some of those measures?
[ link to this | view in chronology ]
So Trump yet again right. You just avoid the name.
[ link to this | view in chronology ]
See? Word soup.
[ link to this | view in chronology ]
Re: So Trump yet again right. You just avoid the name.
That your savior chose to double down on demanding backdoors in encryption is on his head. But glad to see that you'll tilt at windmills even when there literally aren't any.
out_of_the_blue just hates it when due process is enforced.
[ link to this | view in chronology ]
The answer is obvious...
I'm not quite sure how they propose to fight {censorship and hate speech} at the same time
It's easy: It's not censorship to suppress speech I don't like, and it's not hate speech if it's speech I do like.
[ link to this | view in chronology ]
Re: The answer is obvious...
[ link to this | view in chronology ]
Melania
But I'm sure checks and balances'll fix that right up
[ link to this | view in chronology ]
US could not sign in good faith
Several of those bullet points directly affirm principles that the NSA has violated on numerous occasions. It would be silly for the US to sign on without first committing to substantial reforms within the NSA.
Compromising encryption standards and actively promoting bad encryption can compromise the integrity of the Internet.
If I recall correctly, the Snowden documents made a good case that the NSA was involved in violating this one.
The NSA actively develops malicious ICT tools, and routinely practices conduct that runs counter to this bullet point.
Anti-encryption pushes, and pushes for compromised encryption, run counter to this.
This is a core part of NSA's stated mission, at least for actors the U.S. should want strengthened. However, per Techdirt's reporting, the NSA routinely neglects this mission because it interferes with the ability to be an offensive agency.
NSA malfeasance certainly hurts confidence.
[ link to this | view in chronology ]
Re: US could not sign in good faith
[ link to this | view in chronology ]
Re: US could not sign in good faith
Word is shit.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
More Newspeak
I think they all know better. They're conniving to make their voting constituencies and corporate overlords feel like something is being done. Rank this with "right to be forgotten," TSA (US side of the pond), anything labelled "hate crime" (hint - they were all ranked as top-shelf, heinous crime before adding the "hate" qualifier). Go'ment grandstanding to appease the very fears they have ginned up is simply increasingly par for the course in contemporary politics.
Anyone accepting this as "real action" listens in newspeak mode.
[ link to this | view in chronology ]
Vision killer
Yes, there is not much reality yet, but it is an aspiration for a better future...and as usual, here is USA, trying to drive a stake through its heart.
[ link to this | view in chronology ]
When the signatories have demonstrated by their actions their actual opposition, it is not a "vision statement", it is an attempt to lie about their true intentions.
[ link to this | view in chronology ]
Contract for the Web
https://www.theguardian.com/technology/2018/nov/05/tim-berners-lee-launches-campaign-t o-save-the-web-from-abuse
[ link to this | view in chronology ]
Remember common sense was that the earth is flat and mercury is a cure-all.
[ link to this | view in chronology ]
Response to: Annonymouse on Nov 14th, 2018 @ 10:07am
[ link to this | view in chronology ]
But apparently it is okay for State actors to have a full-on cyber war and completely destroy all but "the public core of the Internet" (2nd point).
Is Google part of "the pubic core"? It isn't for me but what about those who signed?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
how much of this is Stupid...
We also reaffirm that international law, including the United Nations Charter in its entirety, international humanitarian law and customary international law is applicable to the use of information and communication technologies (ICT) by States."
accessible and peaceful cyberspace,
Accessible...NOT in the USA..
Peaceful??? in what way?? Lots of censorship??
life in all its social, economic, cultural and political aspects.
Social, is good, but understanding helps..
Cultural?? the USA/EU/Brits all have problems here, with OTHERS suggesting "THEIR OLD WAYS WERE BETTER"
Political---NO NO NO NO..Shoot them all let god figure it out.
international law,
Ummm NO..
The representation of 200 nations teling you what to do, with interpretations FROM EACH????
AS WELL AS...China, the middle east, india, and others, wanting to RESTRICT IT??
I still consider the internet a NEW country, and for Some reason we want to CREATE the laws for that New Country..
You will never get Every country to Live by any rules for the internet..
[ link to this | view in chronology ]