![](\"https:\/\/media.wired.com\/photos\/5be630b80eb20a52df543cbe\/master\/pass\/Macron-1052358060.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Louise Matsakis| Date: Tue, 13 Nov 2018 00:37:23 +0000<\/strong><\/p>\n During a speech <\/span>at the annual UNESCO Internet Governance Forum<\/a> in Paris Monday, French President Emmanuel Macron announced the \u201cParis Call for Trust and Security in Cyberspace<\/a>,\u201d a new initiative designed to establish international norms for the internet, including good digital hygiene and the coordinated disclosure of technical vulnerabilities. The document outlines nine goals, like helping to ensure foreign actors don\u2019t interfere with elections and working to prevent private companies from \u201chacking back<\/a>,\u201d or retaliating for a cybercrime. It\u2019s endorsed by more than 50 nations, 90 nonprofits and universities, and 130 private corporations and groups. The United States is not one of them.<\/p>\n The Paris Call ultimately lacks teeth; it doesn\u2019t require governments or corporations legally adhere to any specific principles. It\u2019s mostly a symbol of the need for diplomacy and cooperation in cyberspace, where it\u2019s hard to enforce any single country\u2019s laws. More notable than the accord itself is who signed it. Major American technology corporations including Microsoft, Facebook, Google, IBM, and HP all endorsed the agreement.<\/p>\n The United States, meanwhile, was not alone in taking a pass. Russia, China, Iran, and Israel didn't sign, either.1<\/sup> Some of the abstainers, like China and Iran, have active cyberwar initiatives.<\/p>\n Microsoft<\/a>, on the other hand, says it worked closely with the French government to craft the Paris Call, a sign of how tech corporations are playing a more active role in governing the internet.<\/p>\n \u201cIt\u2019s an opportunity for people to come together around a few of the key principles: around protecting innocent civilians, around protecting elections, around protecting the availability of the internet itself. It\u2019s an opportunity to advance that through a multi-stakeholder process,\u201d says Brad Smith, the president of Microsoft, who also gave a speech in Paris Monday. In some ways, Smith sounds more like a lawmaker than an executive\u2014which shouldn\u2019t come as much of a surprise.<\/p>\n On the internet, corporations like Microsoft are increasingly taking on responsibilities<\/a> once reserved for nation states. \u201cIf you look over the past three or four years, we\u2019ve really seen a groundswell of private leadership,\u201d says Megan Stifel, the cybersecurity policy director at Public Knowledge, a non-profit that endorsed<\/a> the Paris Call. \u201cThe private sector is now willing to say that we can and we will do more.\u201d<\/p>\n "Over the past three or four years, we\u2019ve really seen a groundswell of private leadership."<\/p>\n Megan Stifel, Public Knowledge<\/p>\n In April, Microsoft announced the Cybersecurity Tech Accord<\/a>, an agreement similar to the Paris Call that was signed by more than 60 technology corporations, which it dubbed<\/a> a \u201ca Digital Geneva Convention.\u201d In July, the company publicly advocated<\/a> for the regulation of facial recognition technology and said it was developing its own set of principles for how it should be used. Then in August, Microsoft took action against the hacking group known as Fancy Bear. In an announcement<\/a> that could have just as plausibly come from the FBI, the company went so far as to attribute the series of malicious domains it seized as having originated from Russia.<\/p>\n It\u2019s not just Microsoft: In August, Facebook and Twitter worked with US government authorities to take down<\/a> accounts and pages they believed were part of a coordinated propaganda campaign originating in Iran. Last week, Facebook set up a war room<\/a> to track misinformation during the US midterm elections, in an effort to ensure the voting process wasn\u2019t being disrupted.<\/p>\n Combating cyberattacks and monitoring elections were once tasks reserved for government officials. But now much of the globe\u2019s civic activity occurs not just in cyberspace, but on private platforms owned by companies like Facebook and Microsoft. That means it\u2019s in their business interest to support measures like the Paris Call, which aim to make the internet a more secure and predictable place.<\/p>\n Not every group that supports the Paris Call agrees with all of its tenets. Access Now, an international non-profit that advocates for a free and open internet, criticized two parts of the agreement in a blog post<\/a> published Monday. The agreement calls for stakeholders to cooperate to address the threat of \u201ccyber criminality,\u201d but Access Now worries that could be interpreted to mean companies and governments should share data without a court order, for instance. The Paris Call also advocates for the prevention of intellectual property theft, but the nonprofit thinks that could end up putting freedom of expression at risk if states are overly aggressive.<\/p>\n \u201cThe document is imperfect but it arrives as other governments, that did not endorse the Paris Call, have shown a competing vision for cybersecurity grounded instead in state sovereignty and control,\u201d says Drew Mitnick, policy counsel at Access Now. Mitnick says his organization is looking forward to the next iteration of the Paris Call, which is set to reconvene next year in Germany.<\/p>\n In the meantime, the agreement\u2019s organizers will likely continue to try to get nations like the US on board, while the country\u2019s largest tech companies keep leading the way.<\/p>\n 1<\/sup> CORRECTION 11\/13\/18 9:30 AM<\/strong>: A previous version of this article incorrectly included the United Kingdom among the countries that did not sign the Paris Call for Trust and Security in Cyberspace. The UK is a signatory, and we have updated the story accordingly.<\/em><\/p>\n