Microsoft wants 'Digital Geneva Convention' on cyberattacks

The original convention is part of a set of global agreements meant to protect civilians, prisoners and others during war. The tech giant wants to translate that for the digital age.

Sean Hollister Senior Editor / Reviews
When his parents denied him a Super NES, he got mad. When they traded a prize Sega Genesis for a 2400 baud modem, he got even. Years of Internet shareware, eBay'd possessions and video game testing jobs after that, he joined Engadget. He helped found The Verge, and later served as Gizmodo's reviews editor. When he's not madly testing laptops, apps, virtual reality experiences, and whatever new gadget will supposedly change the world, he likes to kick back with some games, a good Nerf blaster, and a bottle of Tejava.
Sean Hollister
2 min read
Enlarge Image

Microsoft's proposal.


Microsoft wants the world to agree: Let's stop hacking innocent civilian targets who can't hack back.

At least, that's the image Microsoft President Brad Smith appeared to be trying to invoke as he called on the world's governments to host a "Digital Geneva Convention."

The pitch, presented in Smith's keynote presentation Tuesday at the RSA cybersecurity conference in San Francisco -- and which you can read in its entirety here -- suggests the world should create a neutral international organization that can officially point out when nation-states are responsible for cyberattacks, presumably because any particular government can't be trusted to blame itself.

"Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace," writes Smith.

That might sound pretty good, but other portions of Microsoft's proposal seem pretty self-serving. In Smith's view, private companies like Microsoft should be counted as civilians (and thus protected) and also seen as the benevolent force that aids civilians.

"The tech sector plays a unique role as the internet's first responders," writes Smith, comparing Microsoft to the Red Cross.

The proposal also doesn't mention whether Microsoft is actively working with any other tech companies or any governments to push such an idea forward. Microsoft declined to comment.

Microsoft is one of many tech companies that railed against government spying programs, after leaks from Edward Snowden revealed how those companies were being forced -- but also paid -- to provide user data. Also see: Apple's fight to avoid unlocking an iPhone for the FBI last year.