The US Refusing To Sign 'The Paris Call' Is Not As Big A Deal As Everyone Is Making It Out To Be

from the this-is-a-pointless-document dept

Tue, Nov 13th 2018 3:46pm — Mike Masnick

On Monday, a bunch of countries and companies officially announced and signed "The Paris Call," or more officially, "the Paris Call for Trust and Security in Cyberspace." It's getting a fair bit of press coverage, with a lot of that coverage playing up the decision of the US not to sign the agreement, even as all of the EU countries and most of the major tech companies, including Google, Facebook, Microsoft, Cisco and many many more signed on.

But, most of those news stories don't actually explain what's in the agreement, beyond vague hand-waving around "creating international norms" concerning "cyberspace." And the reports have been all over the place. Some talk about preventing election hacking while others talk about fighting both "online censorship and hate speech." Of course, that's fascinating, because most of the ways that countries (especially in the EU) have gone about fighting "hate speech" is through outright censorship. So I'm not quite sure how they propose to fight both of those at the same time...

Indeed, if the Paris Call really did require such silly contradictory things it would be good not to sign it. But, the reality is that it's good not to sign it because it appears to be a mostly meaningless document of fluff. You can read the whole thing here, where it seems to just include a bunch of silly platitudes that most people already agree with and mean next to nothing. For example:

We reaffirm our support to an open, secure, stable, accessible and peaceful cyberspace, which has become an integral component of life in all its social, economic, cultural and political aspects.

We also reaffirm that international law, including the United Nations Charter in its entirety, international humanitarian law and customary international law is applicable to the use of information and communication technologies (ICT) by States.

I mean, great. But so what? The "measures" the agreement seeks to implement are almost equally as meaningless. Here's the entire list:

Prevent and recover from malicious cyber activities that threaten or cause significant, indiscriminate or systemic harm to individuals and critical infrastructure;
Prevent activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet;
Strengthen our capacity to prevent malign interference by foreign actors aimed at undermining electoral processes through malicious cyber activities;
Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sector;
Develop ways to prevent the proliferation of malicious ICT tools and practices intended to cause harm;
Strengthen the security of digital processes, products and services, throughout their lifecycle and supply chain;
Support efforts to strengthen an advanced cyber hygiene for all actors;
Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors;
Promote the widespread acceptance and implementation of international norms of responsible behavior as well as confidence-building measures in cyberspace.

I mean, sure? Some of that is meaningless. Some of that is silly. Some of it is obvious. But none of it actually matters because it's not binding. Could this lead to something that matters? Perhaps. But it seems silly to condemn the US for failing to sign onto a meaningless document of platitudes and meaningless fluff, rather than anything substantial. There's no problem with those who did choose to sign on, but it's hard to see how this is a meaningful document, rather than just an agreement among signatories to make them all feel like they've done something.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, eu, france, internet, internet regulation, paris call, security, us

27 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Gary (profile), 13 Nov 2018 @ 3:50pm

Half and Half
So... One half meaningless "Be secure" and the rest "Be Censored."
Are any of the nations (signing or not) planning on ignoring "cyber" security?
[ link to this | view in thread ]
Anonymous Coward, 13 Nov 2018 @ 3:51pm

What exactly is "hacking-back"? Retaliatory hacking? Against whom, "the state"?

That document is just word soup.
[ link to this | view in thread ]
Stephen T. Stone (profile), 13 Nov 2018 @ 3:55pm

Re:

That document is just word soup.

One of Techdirt’s regular trolls must have written it, then.
[ link to this | view in thread ]
Moo (profile), 13 Nov 2018 @ 4:01pm

But as it is so vague and meaningless, why not sign it? Because they disagree with some of those measures?
[ link to this | view in thread ]
This comment has been flagged by the community. Click here to show it

EU Mishimasho, 13 Nov 2018 @ 4:01pm

So Trump yet again right. You just avoid the name.
EU needs its own army, conscripts if necessary, to crack down on the rising "nationalists", and to open its borders to show the US the advantages of unlimited immigration from third world, and especially to fund generous welfare state. I'm all for it. Britain / Scotland shouldn't be allowed to escape, either, just cause everything the conspiracy kooks warned about with the EU has come true.
[ link to this | view in thread ]
Killercool (profile), 13 Nov 2018 @ 4:08pm

The answer is obvious...
I'm not quite sure how they propose to fight {censorship and hate speech} at the same time

It's easy: It's not censorship to suppress speech I don't like, and it's not hate speech if it's speech I do like.
[ link to this | view in thread ]
Stephen T. Stone (profile), 13 Nov 2018 @ 4:21pm

See? Word soup.
[ link to this | view in thread ]
Jordan Chandler, 13 Nov 2018 @ 4:25pm

Melania
He's waiting for Melania to tell him to make policy. Just like she's telling him who to fire.

But I'm sure checks and balances'll fix that right up
[ link to this | view in thread ]
Anonymous Coward, 13 Nov 2018 @ 4:38pm

US could not sign in good faith
Several of those bullet points directly affirm principles that the NSA has violated on numerous occasions. It would be silly for the US to sign on without first committing to substantial reforms within the NSA.
- Prevent activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet;
Compromising encryption standards and actively promoting bad encryption can compromise the integrity of the Internet.
- Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sector;
If I recall correctly, the Snowden documents made a good case that the NSA was involved in violating this one.
- Develop ways to prevent the proliferation of malicious ICT tools and practices intended to cause harm;
The NSA actively develops malicious ICT tools, and routinely practices conduct that runs counter to this bullet point.
- Strengthen the security of digital processes, products and services, throughout their lifecycle and supply chain;
Anti-encryption pushes, and pushes for compromised encryption, run counter to this.
- Support efforts to strengthen an advanced cyber hygiene for all actors;
This is a core part of NSA's stated mission, at least for actors the U.S. should want strengthened. However, per Techdirt's reporting, the NSA routinely neglects this mission because it interferes with the ability to be an offensive agency.
- Promote the widespread acceptance and implementation of international norms of responsible behavior as well as confidence-building measures in cyberspace.
NSA malfeasance certainly hurts confidence.
[ link to this | view in thread ]
Anonymous Coward, 13 Nov 2018 @ 5:12pm

Re: So Trump yet again right. You just avoid the name.
The NSA backlash was a thing before Trump, dumbass.

That your savior chose to double down on demanding backdoors in encryption is on his head. But glad to see that you'll tilt at windmills even when there literally aren't any.

out_of_the_blue just hates it when due process is enforced.
[ link to this | view in thread ]
Anonymous Coward, 13 Nov 2018 @ 5:45pm

Re: US could not sign in good faith
I'm afraid to ask - when has the US ever signed a treaty in actual good faith as opposed to ignoring it whenever it suits them?
[ link to this | view in thread ]
Jordan Chandler, 13 Nov 2018 @ 6:03pm

Re: US could not sign in good faith
Of the 400 treaties signed with the Native Americans, the USA kept 0.

Word is shit.
[ link to this | view in thread ]
Glenn, 13 Nov 2018 @ 6:35pm

I hate "hate speech" so much that I think it should be censored... no, I don't.
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 1:22am

More Newspeak
"...just an agreement among signatories to make them all feel like they've done something."

I think they all know better. They're conniving to make their voting constituencies and corporate overlords feel like something is being done. Rank this with "right to be forgotten," TSA (US side of the pond), anything labelled "hate crime" (hint - they were all ranked as top-shelf, heinous crime before adding the "hate" qualifier). Go'ment grandstanding to appease the very fears they have ginned up is simply increasingly par for the course in contemporary politics.

Anyone accepting this as "real action" listens in newspeak mode.
[ link to this | view in thread ]
Coyne Tibbets (profile), 14 Nov 2018 @ 1:23am

Vision killer
I don't agree. The "Paris Call" is a vision statement. Human aspirations and human successes often begin with vision statements: visions define horizons, horizons become strategies, strategies become plans, and plans become reality.

Yes, there is not much reality yet, but it is an aspiration for a better future...and as usual, here is USA, trying to drive a stake through its heart.
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 6:49am

"Yes, there is not much reality yet, but it is an aspiration for a better future...and as usual, here is USA, trying to drive a stake through its heart."

When the signatories have demonstrated by their actions their actual opposition, it is not a "vision statement", it is an attempt to lie about their true intentions.
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 6:57am

Re:
The hyphen is an error; it should have said "hacking back", which does refer to retaliatory hacking. E.g., your company is getting flooded by someone's hacked router, so you hack into that and disable/fix it. There have been serious proposals to make this legal, though it's hard to believe it would end well.
[ link to this | view in thread ]
Orrin Hatch impersonator, 14 Nov 2018 @ 7:48am

Re: Re:
Hatch said damaging someone's computer "may be the only way you can teach somebody about copyrights."
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 8:59am

Re: Re: Re:
Wow, that's extra crazy and apparently true. Damaging these senators' computers may be the only way to teach them about computer security and the perils of legalizing 'hacking back'.
[ link to this | view in thread ]
danderbandit, 14 Nov 2018 @ 9:27am

Contract for the Web
This sounds similar to Tim Berners-Lee "Contract for the Web". Common sense good idea, but totally unenforceable.

https://www.theguardian.com/technology/2018/nov/05/tim-berners-lee-launches-campaign-t o-save-the-web-from-abuse
[ link to this | view in thread ]
Annonymouse, 14 Nov 2018 @ 10:07am

Common sense is not the same as hood sense.
Remember common sense was that the earth is flat and mercury is a cure-all.
[ link to this | view in thread ]
Annonymouse, 14 Nov 2018 @ 10:13am

Response to: Annonymouse on Nov 14th, 2018 @ 10:07am
Autocorrect why do you vex me so?
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 10:34am

"Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors;"

But apparently it is okay for State actors to have a full-on cyber war and completely destroy all but "the public core of the Internet" (2nd point).

Is Google part of "the pubic core"? It isn't for me but what about those who signed?
[ link to this | view in thread ]
Bergman (profile), 14 Nov 2018 @ 12:21pm

Re: Half and Half
The US plans to ignore cyber security by means of the NSA and the 'going dark' narrative the DoJ is pushing.

The EU is considering measures (such as the link tax) that would intentionally and substantially damage the general availability or integrity of the public core of the Internet.

Overall, pretty much every signatory is already in violation, and every non-signatory too.
[ link to this | view in thread ]
Anonymous Coward, 14 Nov 2018 @ 2:06pm

Re: The answer is obvious...
All depends on who has the power at the time if it effects you or not. Maybe not now, but a few years later, maybe so. By then it's too late to do anything.
[ link to this | view in thread ]
Loki, 14 Nov 2018 @ 3:50pm

It seems to me rather odd that the US government wouldn't be the first to jump on a document of platitudes and fluff, given that this is largely how they have governed the past several decades.
[ link to this | view in thread ]
ECA (profile), 14 Nov 2018 @ 4:56pm

how much of this is Stupid...
" We reaffirm our support to an open, secure, stable, accessible and peaceful cyberspace, which has become an integral component of life in all its social, economic, cultural and political aspects.

We also reaffirm that international law, including the United Nations Charter in its entirety, international humanitarian law and customary international law is applicable to the use of information and communication technologies (ICT) by States."

accessible and peaceful cyberspace,
Accessible...NOT in the USA..
Peaceful??? in what way?? Lots of censorship??

life in all its social, economic, cultural and political aspects.
Social, is good, but understanding helps..
Cultural?? the USA/EU/Brits all have problems here, with OTHERS suggesting "THEIR OLD WAYS WERE BETTER"
Political---NO NO NO NO..Shoot them all let god figure it out.

international law,
Ummm NO..
The representation of 200 nations teling you what to do, with interpretations FROM EACH????
AS WELL AS...China, the middle east, india, and others, wanting to RESTRICT IT??

I still consider the internet a NEW country, and for Some reason we want to CREATE the laws for that New Country..
You will never get Every country to Live by any rules for the internet..
[ link to this | view in thread ]