Preventing Cyber Conflicts: Do We Need a Cyber Treaty?

9 Nov 2017
Geneva, Switzerland


Event report/s:
Marco Lotti

The third session of the Geneva Digital Talks (GDT) ‘Preventing Cyber Conflicts: Do We Need a Cyber Treaty?’ was also p

The third session of the Geneva Digital Talks (GDT) ‘Preventing Cyber Conflicts: Do We Need a Cyber Treaty?’ was also part of the Geneva Peace Week  – a collective action initiative facilitated by the United Nations Office at Geneva (UNOG), the Graduate Institute of International and Development Studies (IHEID), and the Geneva Peacebuilding Platform, in collaboration with the Swiss Confederation.

Dr Jovan Kurbalija, Director of DiploFoundation and Head of the Geneva Internet Platform, welcomed the audience by contextualising the discussion: this event built upon Microsoft president Brad Smith’s call for a Digital Geneva Convention ‘to implement international rules to protect the civilian use of the Internet’. 

Dr Eneken Tikk, Senior Advisor at ICT4Peace, launched the panel discussion by stressing that facing existing cybersecurity challenges requires most importantly a mentality shift: technological, legal, and political solutions are ineffective if we fail to keep in mind that such solutions also affect society: ‘peace cannot be indoctrinated but it needs to be discussed as a mentality, as a climate’ – she stated. She further considered that the nature of a possible agreement on cyberconflict needs to be specified. According to her, the discussion should first consider that ‘convention’ as a concept does not simply designate a treaty among states parties, but rather it encompasses a social dimension because after all, it is a social contract. In other words, ‘Do we need a convention? Yes. ‘Do we need a treaty? Not sure’, she affirmed. She further considered that the need for a binding legal agreement depends mostly on whether the existing legal framework is lacking in addressing the issue at stake. The answer to this question requires a cyberconvention feasibility study considering, firstly, the kind of methodology to be chosen (either qualitative or quantitative approach – or both – when current norms are inapplicable) and, secondly, a multidisciplinary approach looking at the different aspects at stake from different points of view (e.g. legal, technical, political) in order to avoid ‘silos-thinking’.

Ms Anne-Marie Buzatu, Deputy Head of the Public-Private Partnerships Division at the Geneva Centre for the Democratic Control of Armed Forces (DCAF) stressed the importance of a multistakeholder approach to the drafting of the convention. As an example, she referred to the Montreaux Document on Private Military and Security Companies signed in 2008 by over 70 countries, upholding the respect of international humanitarian law and human rights law whenever private military and security companies (PMSCs) are present in armed conflicts. Although non-binding, the document is the result of a multistakeholder effort that produced an accountability mechanism through a certification and monitoring process for PMSCs vis-à-vis their relation with governments. She concluded that applied to cyber governance, the ‘Montreaux approach’ would result in ensuring an effective control of all actors involved, i.e. giving governments, information and communications technology (ICT) companies, and users, an equal seat at the discussion table in order to develop codes of conduct and mutual legal assistance agreements.

Dr Richard Hill, independent consultant, concluded the session by considering the vulnerability of the existing computer software used by governments in order to fight terrorism. He warned against the stockpiling of the so-called ‘zero-day exploit’ vulnerabilities by governments, i.e. the time between the discovery of a breach and when it is fixed. For example, the WannaCry ransomware attack originated from leaked NSA stockpile. Hill welcomed Microsoft’s proposal on the grounds that it calls for governments to take action in order to address vulnerabilities and externalities. Joining the previous speakers, Hill praised the need for an agreement but highlighted that this does not necessary entail the need of a new text, because such a convention could be seen as a complement to the existing International Code of Communication of the International Telecommunication Union.

Preventing Cyber Conflicts Geneva Digital Talks GiplatformImage by Freepik




Join us for a session on 'Preventing Cyber Conflicts: Do We Need a Cyber Treaty?', on 9 November 2017, from 09.30 - 11.00 CET, at the Geneva Internet Platform, WMO building, 2nd floor (Kruzel Hall), 7 bis Avenue de la Paix, Geneva.

In early 2017, Microsoft’s president Brad Smith called for a Digital Geneva Convention ‘to implement international rules to protect the civilian use of the Internet’. Microsoft’s proposal has generated extensive discussions: Do we need a convention at all? What clauses should be included? How should it be implemented and enforced? What can we learn from similar processes, and in particular the humanitarian field that inspired Microsoft’s proposal? This session will build on the discussion triggered by Microsoft's proposal, using the expertise, experience, and tradition of Geneva as a place for debates on delicate policy issues.

The event is part of the Geneva Digital Talks series, and it takes place as one of the events of the Geneva Peace Week.

Speakers will include:

  • Dr Eneken Tikk, Senior Advisor, ICT4Peace
  • Ms Anne-Marie Buzatu, Deputy Head, Public-Private Partnerships Division, Geneva Centre for the Democratic Control of Armed Forces (DCAF)
  • Dr Richard Hill, independent consultant
  • Moderator: Dr Jovan Kurbalija, Director of DiploFoundation and Head of the Geneva Internet Platform

Background information:

Registrations are open and are mandatory.

For more information about the logistics of this event, please contact Ms Barbara Rosen Jacobson ( For more general and specific information about the Geneva Digital Talks, contact Dr Tereza Horejsova (


The GIP Digital Watch observatory is provided by



and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top