 Thank you very much for joining us today. My name is Timor. I co-direct the Cyber Policy Initiative here at the Carnegie Endowment for National Peace. Most of our work here at the Carnegie Endowment focuses on cyber norms, so I'm very pleased to host this event today and for all of you joining us today. I'm particularly delighted to welcome our panelists today. You all have short biographies of our panelists today, so I'm not going to spend a lot of time going through the impressive biographies. Michelle Markov, who's the deputy coordinator at the Department of State and the main architect of the cyber norm strategy for the U.S. government, doesn't really need much of an introduction. I would like to point out that, Michelle, you used to work here at Carnegie for a while some years ago. Well, it was my first job in Washington. I was a junior at Reed College and I got a fellowship to work here. Worked for Tony Lake, Roger Morris, and Don McKenry on countering Kissinger's South Asia strategy. So that was many years ago. Well, the Junior Fellow Program actually still exists today. In fact, we have several of the Junior Fellows helping with the event today. So it's great to welcome alumni back and I think also for the Junior Fellows who are here today, an inspiration for the path that you can take once you've been at Carnegie. To Michelle's left, we have Duncan Hollis, who's the associate dean and professor at Temple Law School. Duncan, together with Martha Finnemore, wrote the article that we had copies of outside constructing norms for global cybersecurity. And Duncan in 2016 was appointed, was elected by the General Assembly of the Organization of American States for four-year term to serve on the OAS's Inter-American Juridicial Committee. So that's a very recent appointment and maybe we can talk about that in a little bit. And then we have Professor Marty Finnemore, who's a university professor at George Washington University and has written and thought about norms many years before. It was in the front page news and is now obviously one of the world leading experts on this. So I look forward to also talking about norms from more of the academic perspective and what we can learn from that. And then Paul Nicholas from Microsoft, who leads Microsoft's global security and diplomacy team, which for those of you who are familiar with the cyber norms discussion has taken on a very active and very prominent role in this discussion. So also looking forward to hearing from the private sector and specifically Microsoft's engagement in this. So the reason why we are hosting this event today is for several reasons. First, there's several issues on the agenda for this year that we can discuss. Some of you might have seen that the new talent manual 2.0 came out last year. We have the new group of governmental experts that will release its new report in the summer. But beyond the immediate issues of, for those of you who work on these issues, there are broader issues, which is why we decided to host this event today. One of them is that we now have a new administration and the rich race question about the next steps and future for the strategy. But then more importantly, cyber norms is now everywhere. Cyber norms is in the media and many articles and reports. So we also wanted to host this event to take a step back and to revisit where did the strategy come from? What was the original rationale for it? And just shed a little bit of light on the background, which I, in my view, was a very non-partisan strategy, I think for the last 10 to 15 years. And just what were the major developments? So with that, I thought I'd start with Michel. We will do 45 minutes of a panel discussion and then we'll open it up for Q&A afterward. We will have mics and mic runners to help you. So throughout the discussion, please take notes of your questions and we will take those toward the end. To kick us off, I wanted to ask you, Michel, as the person who's been thinking about the strategy, developing it, tell us again what was the origin for the strategy? Why did the U.S. government develop this norms-focused strategy about 10 years ago now and what was the rationale underlying? My mic on? Can you hear me? Thank you, Tim. And good morning to all of you. I'm happy to talk about this and I'm sure Tim will stop me if I run on because it's not a short story. But to try to be as concise as possible, in 1999, the Russian Federation, giving them some credit for being prescient on this issue, proposed a resolution in the UN General Assembly First Committee that is the arms control and military affairs committee. And what they proposed in its first draft was essentially a ban on the development by states of information weapons. The development use and deployment by states of information weapons and they defined this as actually the U.S. government had defined information operations for many years before, which was the spectrum of electronic countermeasures that could be used, including propaganda and influence operations. And so when Russians say information security, they are talking about everything from electronic means and methods to content as well. And that's one of the key differences in how the two states approach these issues. I was deployed by the State Department at the time because of a long-term fascination with computers, although my background was in nuclear arms control, to try to how shall I say, mediate the Russian resolution and to oppose it basically and water it down. And we succeeded in doing that. It became after our negotiation a very benign resolution and we joined consensus on that resolution until 2005. At that point, the Russians had asked for a first group of governmental experts, which people are now familiar with as the entity, which is in fact discussing these things on the global stage. The Russians, despite our objections, tabled what was essentially a treaty instrument that would have carried through on this ban and we were unable to achieve any type of consensus in that GGE. We fast-forward to 2007 and 2008. 2007, something happened which really changed the complexion of the U.S. ability to discuss cyber, offensive cyber activities and that was the Russian attacks on Estonia, the DDoS against Estonia. Because until that point, the U.S. government and the military in particular was really investigating what the weaponization of information technology really meant and there were whether it's a lot of analysis and a lot of development going on, but there was, I believe, my perception was that there was a fear that if the American public really knew that we were trying to somehow weaponize computers that there would be a backlash. What became clear after the attack by Russia and Estonia was that the American public was not shocked or alarmed or anything else which gave me an opportunity to think about how we changed the conversation on this technology and its use in the military sphere. At the same time, the Bush administration tasked an interesting project to all of the national security agencies called Solarium. This was harkening back to the 1945 set of studies where wise men were brought together to try to figure out how to cabin Russian or Soviet power at the time. And so each of the key agencies was supposed to bring in a group of wise men and discuss how one deters cyber attacks. I was the one who shepherded that process and ultimately wrote the State Department portion of the report. And what became clear to me during that entire process was that as we had learned over the development of both strategy as well as technological development with respect to weapons of mass destruction and nuclear weapons in particular that the technology and as it developed as we went from counter value targeting of large Titan missiles to counter force targeting and finally to a triad of survivable submarine based missile systems so did strategy and doctrine and deterrence and all of that change as well. But what was key to all of that development was the mutual inculcation of those concepts and those strategies to our adversaries and to the world at large. What created bipolar deterrence was partially the fact of the attributes of the technology of nuclear weapons but was also the promulgation of concepts and strategy primarily by the U.S. to Russia which Russia absorbed. So that being my background it became clear to me that we needed some sort of set of concepts which would manage the use of this technology which had a variety of attributes when it was not simply dual use it was multiple use it was used by everybody and any particular computer if you wanted to could be quote weaponized that you were not going to be able to limit the technology per se without fundamentally disrupting what was in fact a very beneficial technology. So the question was how do you manage behavior of states? And the conclusion I came to and the conclusion of the deterrence study was that we needed a variety of interleaving strategies which included good defense declaratory policies alliance activity and this notion of norms of behavior that is a set of principles that states would look to with respect to this technology because it was usable across the spectrum of violence. And that conversation became very intense as we rolled into what would be the next group of governmental experts in 2009. What became clear to me then was something I'd always known was that the US government in the Department of Defense in particular had always said that they would abide by international law that is the law of armed conflict international humanitarian law was a basic principle of the United States behavior in the military realm and it seemed to me that I could try to change the conversation in the GGE from being one about arms control to one about management of behavior based on predicated at least initially on the notion of the affirmation of the applicability of international law. One more minute. So concomitant with that was something very important which should not be lost sight of was that the second pillar of this management strategy had to be something that we call confidence building measures that is measures that allowed states to be able to communicate about this technology in real time or about incidents in real time to manage their effects because it is not an observable technology like tanks, missiles or anything else you needed to be able to understand what a state's intentions were because through its statements through what we call transparency measures published doctrine and things like this so that brought us to the table in 2009 to begin to change the subject up there because I could go on for a long time unfortunately but this was probably the most concise word I've heard of with the strategy okay I did my best no thank you and I think it's a great way to Duncan because you just mentioned international law is as what changed the conversation then in 2009 and with a report in 2010 and Duncan as an international lawyer I'd love to hear a little bit more and for the audience as well international law has been a lot of has been the centerpiece of the discussion the last five to six years now and one I'd love to hear your thoughts on one disagreement at the GGE and if you could just briefly walk us through what happened in those last five years and how does the talent manual fit in in terms of what it's its purpose especially with the second one that just came out last week and Google them but great well thank you also Tim for organizing this I think at least when I started writing about international on cyberspace I think I viewed it as a descriptive project right there was this question of what does the law say what is the law for cyberspace and one of the things you see is the question then becomes one of what I might call tailor-made rules versus kind of law by analogy and if you look around cybersecurity or cyberspace more generally there's a real lack of rules made specifically to govern behavior you have the Council of Europe convention you have a nascent AU convention you have a Russia China treaty but that's about it and so what we've actually seen is the vast majority of discussion has been in what I call a law by analogy sort of framework which is we have pre-existing rules of international law like the use of force or international humanitarian law and the question then becomes do those rules apply in cyberspace and then to what extent how did the analogies work how does do those rules analogize into this environment with its sometimes novel technical capacities and so I think one of the things you saw at the GGE and I think Michelle can speak to this was the first part of that question of does international law apply ended up being a real as much a political stumbling block as a legal one most lawyers would have said the answer is yes but it took the diplomats a little longer to get there and what the Tallinn manual at least in its first iteration was was this kind of same sort of law by analogy project and to be clear the Tallinn manual you may hear about it was an independent group of experts non-governmental funded by NATO but not formally a NATO project who came out and basically said yes international law applies and then proceeded to lay out a series of rules on the two prongs kind of of the cyber war scenario which is the use add-bellum when is force when does a cyber operation constitute a use of force when are you allowed to respond in self-defense and the so-called use in bellow or international humanitarian law or laws of armed conflict which they took a lot of existing principles like distinction proportionality and they tried to say we think this is how they'll operate I think in one sense Tallinn manual was very successful it was a first statement it is not in itself law it's just an opinion of a bunch of academics which as an academic of course I think is important but it's not a treaty it's not custom it's not some general principles that states have to pay attention to but it did I think advance the conversation it was however criticized just as I think some people criticized the GGE for how far it went so there's a lot of substantive questions about how they characterize Stuxnet what's the line for use of force whether just disabling functionality as opposed to having to replace physical components does that trigger the laws of what constitutes an attack or can you target data as a military objective and so there was a lot of those issues but there were also issues with the process and maybe we can also talk about that with the GGE as well because people said look largely Tallinn manuals experts were Western they were largely people who were in uniform or had been in uniform and they were not hugely transparent they went off to Tallinn they negotiated and out came the document and perhaps most importantly it was only on cyber war right it was only on this piece of behavior that while very serious we haven't really seen manifested all that often if at all missing the question of how do you regulate state behavior at all these kind of maybe we call them lower levels which brings us I think to Tallinn 2.0 which I think became at least you can now buy it I don't know if it's going to be freely available like Tallinn 1 I hope so this past week I actually think it was just a couple of days ago they tried to correct for some of the process issues they did try and get a broader swath of participants they tried to be more transparent and they actually kind of had a listening tour and substantively Tallinn 2.0 takes one and combines it with a whole discussion of all the other international law rules that might be applicable to states in cyberspace so I haven't had a chance to read all of it yet but they are covering everything from diplomatic and consular immunities to sovereignty to due diligence to a you know a duty of non-intervention and so it is in that sense like one a starting point I think they like it to be a one-stop shop where you can get all the answers but and here's where I think it relates to today's panel I think it's important to understand that as much as lawyers want to convey to you that they're just describing what the law is that they're just projecting on you just some objective truth the reality is the Tallinn manual is a normative project right it is a project trying to take some existing principles and convince some audiences states that this is what the behavior should be and to clarify or maybe even invent some new behavioral standards and that's not to say that it's a bad thing I think a lot of these efforts are well-intentioned and it stands alongside I think some of the GGE efforts also more avowedly normative right more open in that we want these voluntary norms for responsible state behavior but you know Tallinn as a normative project we should expect that others may have different views and I think as a result it's going to be starting point for a conversation and you know we could imagine some states the Shanghai Cooperation Organization Russia China and the others to push back on it so let me just close with one last thought which as I think and Michelle may have heard me say this before is oftentimes in this space because of the history of this treaty-like proposal followed by like a norms proposal there's this tendency to think of treaties and norms as kind of mutually exclusive categories and you know the reality is is that international law is if nothing an attempt to establish norms right so that if if you're going to if you're going to put these two together international law is kind of within the larger ambit of norms it's kind of a you know a Venn diagram it's a little circle within the circle maybe with some stuff outside because not all laws normative but there are other ways to get norms outside of law but international law is a piece of the project of how do you adjust the behavior of a community like nation states in a new environment where they're facing new problems and so laws one one way to do it and I think some of the things the GGE in terms of using confidence building measures to push voluntary norms is another that's really interesting what I've always found interesting looking at the GGE language the way the norms is the term your norms is used in this policy discussion is very different from I think how norms is used in the broader academic literature and it's important I think to distinguish the two and building on your comment earlier about that the GGE language around international law applying for a while was a very political topic and you had certain states for example China that actively opposed having that consensus language which ties to what you and Marty wrote about in the article that a lot of this conversation has been about norms as products but that norms are as much about the process as they are about the actual language that you get states to agree to so Marty I'd love to hear a little bit in your scholarship and I'm sure you've write about the norm cascade and when actors actually internalize norms and who are the key norm entrepreneurs so I'd love to hear a little bit your thoughts on having looked at this from an academic from the outside and having experience also in the norm how norms emerge in other fields what did you unearth in your in the article and what led you to the conclusion then also that process of highlighting process as something that the community should be focusing on Well thanks Tim and thanks to all of you I'm a latecomer to the cyber piece of this conversation so I'm the norms lady up here that's my gig but so I have studied normativity and norm construction and norm dissemination in a whole variety of policy spaces cybers only the most recent one I've started to look at and there are some striking features about this and I think some interesting lessons that can be learned and we talk about this a little bit in the piece we wrote one thing we haven't talked about but I think Michelle and Duncan's remarks both allude to this one common confusion I see in the especially the Washington conversation about this is a notion that you can simply decide what the norms are here's a norm I'm telling you what it is that's not how it works these are shared expectations so all that good work all that slogging all those endless meetings that Michelle has had to do this is about the sharedness of the expectation simply announcing to people that's the norm we're not in norm land when that happens my one of the things I noticed about this issue and that really hasn't come up yet is that this is not just one conversation and we talk about cybersecurity like it's one problem this is a whole lot of problems and there are a whole lot of conversations putting on my amateur anthropologist hat when I started poking around about this there are at least three big buckets of conversations going on the conversation we're having here what I would call the Washington conversation which is about governments and states it even talks about treaties and stuff like that if we were in Seattle or we were in the valley that's not what we would be talking about that's a very different conversation about what they think cybersecurity is what they think the problems are what they think some of the solutions are their concerns are not exactly the same concerns as the Washington conversation and as subset of that is the Pentagon conversation a lot of which I don't get to be privy to because I don't know what these people are talking about sometimes but there are a lot a different kind of cybersecurity problems you want different people at the table for different kinds of problems and that makes it both very hard it also creates a vast array of opportunities there's a lot of low-hanging fruit out there so if you were strategic in your norm construction there are some things that are easier to get to yes on than other things and one of the cornerstones of the confidence building measures logic is trying to identify what's the low-hanging fruit what's the like-minded group we can get to work together on the low-hanging fruit we're going to build collective expectations we're going to build some trust here we could even codify it in a tolling manual or do something else the idea that you have a process and you have bailed people in they are now stakeholders the fact that it's stakeholder language here I think is more than just smoke and mirrors the idea is it's a way of bailing people into process you have a stake in this there's a lot of conversations you can have about who gets a how big a stake do you have to have to be a stakeholder and get a seat at the table but thinking strategically about where do you lead and where are your best bets I think is a lot of what Michelle has had to do over the years but also the array of instruments that Duncan just alluded to what do you actually want codified into hard treaty law what's best left in this big realm of software instruments are they norms norms are to put on my academic hat these are statements these are a collective expectations of appropriate behavior for specific actors you can have that means you're distributing responsibility you're saying this group of actors they got to do this thing or they should do this thing this is our belief our expectation is that states good states will do X principles are a little different then you're arguing you're articulating the vision thing which is not trivial what's the happy cyber place we want to be can be highly contentious so simply articulating the vision is important you might leave the who should do what to stage two we do that a lot in the policy world because it's hard enough to just articulate a shared vision without the distributive problem of who should do what but these strategic problems of how do you sequence where do you cut in strike me is really important one of the concerns I often heard voiced when I started going to these meetings was precisely that the pug wash experience and the nuclear experience was shaping a lot of the Washington conversation about this and that cyber is really quite different from nuclear probably because it's so distributed the number of people who have a stake who have a say who this affects like as Michelle said it's not just dual use it's multi use and where multi is has many many values that makes this a very hard conversation but again creates a lot of opportunities for movement on a lot of different fronts I started working on norms that people said they don't exist they don't matter suddenly in this arena like everybody wants norms this is new in my academic life and I'm old so I'm actually quite heartened that people are willing to think this creatively about how do we shape behavior and get to the yes and the happy place but there's a lot of lessons to be learned the human rights community has learned a lot about this and Tim will know from his previous work the human rights online community they've been doing norms dissemination for years they got this their expectation the way they think about strategy looks different than governments who are often the targets at some of those environmental groups think about this differently so there are different ways to think about this and the very kind of efforts are something the multi-pronged efforts beyond the Beltway I think are part of what's interesting about this conversation and we run some risks in Washington if we ignore that broader set of efforts and Paul Microsoft is on the one hand the stakeholder but also very active norm entrepreneur in that your team has put out two reports specific to two cyber norms one more focused on states on state behavior the other one more on industry norms and looking at the IT industry more generally and other Microsoft stands out in that regard so it'd be great to hear a little bit why did Microsoft decide to become involved in this you work at the White House in 2002-2004 so you also have a government background so it's very interesting to hear why Microsoft decided to become involved and where you think Microsoft's added value is to these ongoing discussions at the UN around the state behavior part of this sure and thanks very much for the opportunity to join the discussion today our interest in norms really springs from from three very simple things one the emergence of new forms of systemic cyber risk two governments over investment in offense and three the dangers of unintended consequences so what do I mean by that you know circa sort of 2008-2009 Microsoft began to make big shifts as a company getting away from box products moving to software moving to services in a way that was really different and as we look down the road we saw a world in the future that was fundamentally different than the world we live in now you hear this a lot sometimes with the bumper sticker of digital transformation or this concept that every company is a software company you know you look at Goldman Sachs they probably have as much or more of their own written software code than we do they employ as many engineers as Facebook they're really not a bank they're a they're a software company that does really complicated banking functions and you see this more and more if I think if you actually took a hard look at some government functions you'd find out that's probably the same as well so there was this shift happening when you start to look at the world as wow the world is changing the risks are changing so how do we start to think about this the second part was government investments in offensive cyber capabilities so Michelle noted you know the world changed for them and thinking about norms after Estonia well a funny thing happened on the west coast where everyone's hanging out in in you know things made out of recycled plastic bottles we used to be able to go out to a hacking conference and your best black t-shirt and buy some beers and come back with zero day vulnerabilities on our products or new things people were working on to to blow up a product and suddenly those conversations stopped and they began to get smaller and smaller because there were new entrants in the market who were buying vulnerabilities and you know we began to suddenly experience a lot more sort of sudden zero day events because we no longer had visibility into what security researchers were starting to look at so again there was that concern what's actually happening here and I think you know today Microsoft spends about a billion dollars in security technologies for the company new research new advancements our R&D budget is like nine billion but if you go around and you start adding up what governments are spending for offensive capabilities wow that is not a lot of money compared to what governments are investing in and the other awkward I think conversation to have in this space and another reason we entered it is what is a cyber weapon how is it delivered well unfortunately you know it's different when a government builds a missile they design a missile they hire someone to build a missile they build a launch platform but in cyber oftentimes governments basically exploit commercial private sector products many of which have a globally distributed customer base wow that's kind of interesting so I'm out here building something and to deliver commercially through a threat model that I think is reasonable and yet there's somebody in Moscow or Beijing or Maryland or somewhere working on something that is designed to blow up my product so that sort of blows your threat model up from a private sector there's no way to sort of anticipate that I think a great example of this I recently read Dead Hand and the comparison of you know you have people out in the world trying to eliminate things like smallpox and in other government laboratories you have people trying to create incurable viruses and that is that's a fear it sounds it sounds dramatic but maybe not so much so we have to think about that that was one of the concerns the last one was the unintended consequences you know we talk about a cloud-based world you know if any of you have ever been to Ireland or seen satellite photos of Ireland but now you should look at the amount of data centers just in that one tiny country huge chunks of the world's data and operations are going to live in data centers small sets of data very powerful capabilities if you started to look at a generation of weapons that started to exploit that or artificial intelligence machine learning there's a lot of unintended consequences that I don't think we have a good way of putting in the box and those are some of the things that number one concern Microsoft and the private sector and the reasons why we think it's important that normative discussions actually also include the people who make the products I often tell people you know when you come to the Microsoft campus you're not going to find the department of vulnerabilities there's not a building on campus because you know if you're a software designer and a hipster and tech you don't want to be a sustained engineer that's the person who looks after things like Windows 7 we shipped that product years ago or you know that's just not where you make your career and so when a vulnerability comes along and gets exploited as a weapon we have to immediately try to find that figure out what code base it's in how many products you can't instantly just create a fix to it and that's the concern is that if governments really start to ratchet up conflict I don't know that the private sector can patch our way out of it and I think there's a real under-investment in defensive capabilities and that's actually a great example where your last paper specifically also talks about industry responsibilities in that space and there's an overlap to some of the language from the GGE norm where it also talks about vulnerability discussion but before we go into that or also what the audience is interested in Marty I wanted to get back to you and now that we've kind of set the scene for where we came from dive a little more into what has happened in the last three to five years and one particular incident that happened was in December of 2015 when the electric upgrade to Ukraine was taken out and there is an analogy well there's not an analogy there is the body of work in the scholarship on norm regression and what that means for the enterprise of norm development are we at a point where we can talk about norm regression yet or are we still at a point where norms haven't actually been internalized yet so how do you as an academic think about this and make sense of the GGE process but then you also have these occasional incidents where people ask how did this happen did we have an agreement in place where this shouldn't have happened so I'll be curious actually to hear Michelle's take on this right so but but as an academic what I would say is this there's always norm contestation there are no norm vacuums right so it's not clear to me that there was a norm before right in the sense of shared expectations and how well my guess is the people who shared expectations that Ukraine was a bad thing continued to share that expectation that Ukraine December 2015 was a bad thing it's not clear to me that the perpetrators who ever shared that expectation right they were never part of they never bought into this normative world view so you're always going to get pushed back you're always going to get violators so it's not clear to me that if you well we'll we'll see what the we'll see how this rolls over time where there are collective expectations how it shapes the larger articulation of these things I also have not read the new talent for example but I'm concerned about this notion that every time there's a violation it's gone right the norm is irrelevant the norm is useless that's not I think the right way to think about this these are understandings of what constitute good behavior there are always people who like to engage in bad behavior they're just out there right this is the murder doesn't stop being a law or a norm just because there are lots of murders right this is and we can think of it so I'm not sure that you would get norm regression I would think about it this way as norm replacement you can have contestation where there's somebody who thinks know that norm against critical infrastructure intrusions bad norm we want that norm to go away and we want a new norm now is the new norm they're going to articulate fair game sure go for the critical infrastructure why not that would I don't see efforts along those lines which makes me think no this was just a violation and people broadly understand it that way that suggests that the kind of resilience defensive postures that Paul's talking about are a really good thing to invest in but it's not clear to me that it's a violation of the norm every violation doesn't mean it's getting it is regressing it can mean this though that it can tell you something about the extent of agreement about the norm like you know we don't have as many people bought into this as we thought we did or we haven't clearly enough articulated where the red lines are in this normative understanding conditions under which this is okay or degree to which this is okay but there's it's not like norms go away they get replaced by some other set of understandings in this case it's not clear to me that you've actually had a complete eclipse the one I can sense that Michelle wants to jump in good good so first of all I should clarify because we didn't tell people that in 2015 we did something different than simply working on how international law applies to cyberspace what we did at us instigation after a very long internal analytical process was to promulgate three norms which we believe should apply in peacetime so not above the threshold of use of force but every day and this came about because my Russian and Chinese counterparts were continually saying it's all very well and good to talk about warfare but we're not seeing a lot of warfare what we are seeing is a lot of malicious activity that's very destabilizing so the goal here is international cyber stability as we have defined it the means here are promulgating types of norms of responsible state behavior so we did this long-term process and came up with three norms you're not going to attack critical infrastructures that provide public services you don't attack C-Certs that provide remediation and reconstitution unless of course the C-Certs are engaged in offensive activities on behalf of the state and three which kind of stems from the Estonian example which is if you're being if a state is victimized by malicious activity emanating from your territory you should be a good guy and help the victim state these were were accepted and there were several others in this 2015 GG report that we didn't initiate so we liked the three that we did initiate and they were couched as quote peace time norms they apply in peace time and two they are non-binding and voluntary there's no compliance here this is not a treaty this is a group of governmental experts making a recommendation to the UN Secretary General so when you talk about Ukraine the relationship between Russia and Ukraine in the view of the United States is open conflict in warfare it is not peace time so the norm doesn't apply number one so they didn't violate it per se I mean you can say that Russia violated a whole lot of other things and they're killing people but they are not violating this norm and Russia actually thinks that this norm is extremely important and have complained to us about the existence of perceived advance persistent threats on their critical infrastructures that they claim could only have been done by a couple of countries in the world and one of them is not China so I don't think the norms were impugned by this but again you can certainly imagine that there's a lot of ways to explain your way out of abiding by a norm one of them being not believing the attribution which is Russia's hallmark so even if they are accused of something I mean take the Ukrainian crisis that the open conflict where there are photographs of Russian tanks going into Ukraine Russia simply says it's not them you know so you know attribution in cyberspace becomes you know a perfectly ridiculous task if you can't believe a tank that's crossing the street in front of you and so seems to me that's a bigger problem not just and there might be other explanations in terms of I thought it was interesting that three weeks prior to the incident happening the electricity in Crimea was actually went offline as well because you had an attack against some of the pylons and the electricity was cut in a physical way and to what extent this was a consideration that this was no longer first use and to what extent so I think there are interesting other pieces to this where even if the Russian government if would assume that it's not in a war time what could have explained the behavior but let me just say one thing about norms at all and particularly these peacetime norms which so the the current argument that's given to me now is what possible use of these norms look at all the stuff that's happening in cyberspace it's not stopping anybody from doing anything remember always norms are for the good guys the framework of expected responsible state behavior is for responsible states who then understand how states ought to behave because you need that fundament you need that foundation for good states to understand when they might want to do something about bad state behavior so you have to understand that my waving an agreement in front of Russia China is not a deterrent it's our ability to decide at what point we think that the transgressions have been of significant national security implications that we and other responsible states may want to come together and do something about it the great segue to a question I wanted to ask Duncan in terms of some international lawyers don't have a particular high regard about the soft law and kind of like UN General Assembly resolutions and voluntary norms and yet that's where in terms of the cyber norms that we've built that's the agreement that we currently have apart from the international law applies about the threshold abuse of force and armed attack so what do you think looking at this now we've had the 2013 agreement international law applies we have the 2015 GGE report with a set of norms what do you think comes next where do we move building on this and this will then be the segue for Michelle to talk a little bit about what's ahead on in 2017 before I go back so sure so let me challenge a little bit the assumption in the question because I think we certainly have seen a shift away from treaty making in the post-Cold War we had a massive movement of what we might call major multilateral kind of managerial agreements where we're going to regulate global governance was going to come through these hard treaty institutions with treaty bodies that kind of direct things and I do think we've seen a shift in recent years to recognize if not away from that or to recognize that that's not the only option and that may be because of domestic politics you can't get treaties through the Senate anymore or it may be kind of globally this recognition that treaties are they have a lot of credibility but they're pretty fixed and they take a lot of time and energy and what happens when you get them in place and then it turns out the problem has shifted or the context has shifted and they're not well suited. So I do think we're in a world where international lawyers do care about all these other forms of regulatory options when you're trying to regulate a problem and that includes things like the GGE's work to date it includes best practices and it includes international organization declarations or things like the telling manual your question I think is then so where do we go now that we've got some some things on paper how do how do we go forward what comes next and I think I divide my answer depends on your perspective so if you're just sitting at the GGE or you're sitting in tolling with your new manual or you're at the newly constituted ICANN and you're like how do we further operationalize these things we've laid out how do we get them internalized because the one thing I'd say Michelle I might push back is I agree with you when norms are contested you really do want to press the other state and say this is what responsible states are expected to do you're not behaving responsibility and you have that that fight but Marty actually is the one who taught me that like at the other end when you get to full internalization we don't even think about why we're doing the norm anymore right we we eat our soup with a spoon and our fork we eat other things and we don't sit down every day and say what implement am I going to use you just do it because it's expected and one of the things I think that norms have that potential for is if you could get full internalization you don't need verification because people will do it without anybody watching because they've fully bought in we are not there yet on a lot of cyber security but that's part of what I think has the attraction to this project and just because there are contestation and bumps along the way and probably failure in some areas doesn't mean it's it's not a project worth having so if I'm in one of these organizations and I'm trying to push my normative agenda I think one of the things are we kind of worked through was what are the what are the tools you have you know you have incentives if you're powerful maybe you can bribe people into doing what you what you want the norm to be or maybe you can sanction them in some way we might actually have an interesting conversation about whether the sanctions in cyber are suited to the problem set you can persuade I mean there's a you know a famous story of the landmines convention and how Princess Diana and others got the world most of the world anyway to agree that landmines were a bad thing we should get rid of them and you can socialize right those confidence building measures there's a reason they're paired with the norms because they will build trust over time and build a sense of community where you identify with the community you say oh I'm being recognized as a responsible state so I'm going to do the things that are expected of responsible states it's like professional training right we we put doctors we put lawyers through training so at the end of the day there are certain norms of the profession that they're going to abide by and others can expect them to abide by you know that's why what malpractice is all about the doctor didn't follow the norms of the the community and so all of these tools I think are then kind of in the in the kit as the tiling manuals editors or the gge starts to say okay we've got these nice words what are we going to do to get that internalization to happen and are we going to use them one of them are we going to use some combination and how do we avoid you know them running against each other how do we get them to be most effective then we can have an interesting conversation about that but I think the other thing that you have to then be thinking about where do we go next is the point Marty started off with we're not in norms vacuum we're in a really heterogene an environment characterized by heterogeneity where we have all these different communities from the technical community to the governments to different subgroups of governments to civil society to anonymous each of which has its own set of norms that they're pushing and pulling and you've got the IGF and you've got the GGE and part of what I think you need to occasionally do is kind of step up and look and say which norms can work autonomously which ones aren't going to collide and I think there are different problem sets and we shouldn't say it all they all mush together there are going to be some we can separate out but there will be others where there's overlap and so I think one of the challenges for the next few years is the internet governance forum which kind of is an offshoot of the ICANN community and the like has discovered global cyber security and they are interested in a multi stakeholder approach and are concerned about the GGE first committee national security approach and so you know I think there's going to be a need to have some conversation of are these two antithetical the GGE approach and the IGF approach or are there ways for them to compromise or bridge the divide and that may happen in other times freedom online coalition versus the Shanghai cooperation organization you may just have to duke it out and somebody's going to win and somebody's going to lose but it is at least to my mind at least a two level game where you've got to try and figure out how do you push your own particular agenda but self-aware that there are all these other agendas out there that are going to affect that should affect your calculus as you go forward you can't just kind of count on your one norm and kind of have that tunnel tunnel vision Michelle if you could talk a little bit about building on this what is on the agenda for this year in terms of the GGE report and also because it's been broadened to include five new members which partly ties into the process discussion and then Paul after that I'd love to hear from you what you think should happen this year and also in terms of some of the thinking in the second report on industry norms of what you think will happen on that front in the report too well I guess I would build a little bit about on what Duncan said about the need to have states internalize what we've done so far there's been a lot of lip service and recognition but it's not clear that the majority of a UN member states have really internalized and affirm that and partially it's because there's no really good vehicle by which to do that so what the U.S. has done over the last couple of years is in leaders meetings in the G20, G7 and other fora we have tried to get in NATO ministerials we've tried to get affirmation of the outcomes the products of these GGE reports and what they've represented and we've been very successful in doing that but I still think that you know at most we've got 50 or 60 states that have really done that and it and still even within those it's not clear how much that has really operationalized their activities within the military sphere with respect to information technology so in this particular GGE especially because we've gone from 15 to 25 states in the last five years and of the 2013 the 2015 agreement was extremely difficult it went down to the wire it's my view that the government the governmental experts really need to work on this particular problem how do we what do we tell to UN member states on how to affirm adopt and operationalize what we've done so far you know I'm of the view right now is we don't need a continual norms machine ramping out a lot of norms what we need to do is consolidate what we've done and get states to implement both in the internalization of the norms but also in the operationalization of the CBMs which will help the norms and help those that are supportive of the norms actually communicate and cooperate so that's certainly my view of what needs to be done however there are others who believe that the GGE report also needs to have a vision of how we go forward and there were several states including the former head of UN office of disarmament affairs who believe that the GGE has run its course and we need to find a new structure and venue in which to continue this conversation his concern was primarily that after it having been a very sleepy activity for many years now all states want to be members and just as a room to do that by the same token I'm very ambivalent about doing away with the GGE without having a very good idea about one how we would go forward and two what has made the GGE successful to date has been the fact that it requires consensus to promulgate anything and there are very few other structures within the UN system which require consensus and also that require that the participants be experts that is we have experts that come from capital that are appointed by governments and mostly are in fact diplomats but we are all supported by a lot of expertise in developing this and so it's been rather serious activity and not a very highly politicized activity and so this is very difficult how we will come out and I don't want to make any projections in terms of my particular view about how the framework ought to go forward once for example we have an internalized it's my view that what we really need to do is decide how states will act collectively when threatened by malicious activity that rises to the level of a national security concern any of us and there are many pitfalls to this but I think we have to look at a very large tent collective activity again not a treaty based activity but one that is again voluntary non-binding there are models of this that the U.S. has been a party to with respect to other types of threats like fissile material there's something called the proliferation security initiative which has a a voluntary structure of a variety of states who so abhor the proliferation of fissile material they share information they interdict fissile material on the high seas so you could imagine a structure that is fluid and agile and that agrees on the basis of pre-agreed principles and behaviors how they would either provide consequences to a disruptive state or otherwise act to defend those that are being attacked maliciously one member of the GGE put it on the substance to me recently that there's a wind of conservatism when it comes to the expanding some of the substance and the fact that I think cyberpollack israelism part of the GGE points to some of the process question I think of moving forward but Paul in the last report Microsoft specifically focuses also on the verification of the existing norms and some of the challenges in terms of moving forward from your perspective what do you what would be your wish list for what should happen this year and what do you think in terms of the discussion of where this process should move forward what is what is your vision for what you think ought to happen so a couple of things one we're really trying to increase the dialogue and understanding within the tech community about why they need to be involved next week at the rsa security conference in california which brings together like 35,000 people from across the sector our president brad smith is actually going to talk about some of these issues in a way of trying to kind of galvanize more industry participation some of the things that we've started to look more at is the challenge of attribution and there's a lot growing technically in attribution there are at least eight companies at this point who notify customers when they have been targeted by what we believe is a nation state and you know it starts to bring this idea of is there some sort of entity or non-profit function or is there some place that you do this because you think when you think about it when you first hear that you think oh well that's like five five six people no it's actually more like sometimes 16,000 and if one company has that many and another company has that many and you suddenly start to get to different types of things where and how do you talk about that and to michelle's point about that's technical you know there's not the the picture of somebody you know in front of a computer you're basing this on malware analysis and signatures and other types of things so how do we start to have this this sort of sunshine in this space that starts to enforce it more that's a discussion I'd like to see mature a lot more I'd like to also help us get a more rational approach to this sort of cybersecurity regulatory foundation that's unfurling around the world you know today we have 80 plus countries that are passing laws in cyberspace you know sometimes it's the authorizing your law enforcement to use malware for surveillance sometimes it's authorizing the loss of a limb for cyber crime I mean it's just there's some wacky and frightening stuff out there but all through it is again this notion of critical infrastructure controls some of which are good but then there are also authorizations of new military capabilities within states you know I saw recently where Zimbabwe has come out to announce that they're now going to invest in offensive capabilities which is fantastic you know you look at this and you think wow this is there are so many things that I would think Zimbabwe might be investing in before this but that's where we are so I guess you know I'd like to see a greater industry understanding of the norms process where they can provide technical support where we can help provide potentially insight into enforcement or those types of things that's my big hope for 2017 that took away also more sunshine as like the well you have to say that when you're from Seattle so thank you very much I would like to open it up now to Q&A you've already I think heard more about norms than you've probably ever heard so I hope you have lots of questions that we wanted to one norm that we always try to internalize among our audience here at Carnegie is when we have the Q&A please identify yourself with your name your affiliation and please ask a question and then hopefully in a year from now everybody I don't have to ask this anymore if you have a question please raise your hand we have mics in the background and one question for my staff I have if you could just let me know five minutes before the end of the event because we don't have a clock and that way I can make sure we end on time so why don't we start right up here the front I assume that much of first of all I'm Helen's on a my affiliation has been with Old Dominion University and more recently with some of the programs at American University I have to applaud that the way you handled of a multi-headed Hydra headed I guess topic that has so many aspects to it but one the question that keeps revolving in my mind is given the change of administrations now and the attack on globalization where is American leadership or where do you foresee American leadership and the issue of cybersecurity going forward particularly in light of the attacks on our own voting processes I'll just say one view from the trenches you'll find that U.S. industry is very supportive of something called the NIST cybersecurity framework which if you talk to experts in capitals around the world they'll all tell you this thing is terrific there's only one problem with it the first page says the U.S. and it's like wow I'd love to adopt this if I could just tear off the cover some of them have like they quietly so you find that there is still a great proclivity to adopt these procedures and I think NIST has started to realize they can be more to be international and people can agree on certain technical related issues so I do think there's an opportunity to preserve that there on the political side I think there are new complications that'll defer to my other colleagues to chat about their views on that I can maybe just jump in and I'm very curious to see what what will happen I think it's an area where it's fascinating to see that I would argue it's been fairly I wouldn't use bipartisan but rather non-partisan of what has happened in the last 10 to 15 years simply because I think where the strategy came from are like Michelle and other civil servants who are in the bureaucracy who developed this and if you compare the think tank reports just in the last year that came out with like a cyber strategy for the new administration and you compare the sections on the international strategy it's really striking that 98% of those are exactly the same be it from the American Enterprise Institute next door to CSIS so it'll be really interesting to see how that I think will play out the next few months but I think it's a very interesting it's one of the few areas where you haven't really seen that that emerge so that'll be maybe the not the next event but maybe second or third event for this one Harry Ann Bard from the Organization of American States the question is for Michelle and Paul given that norms is for governing state behavior and Paul what you said about industry now trying to help companies identify with states who use the word states the attacks may be coming from is there a space that private sector and the norms discussion is actually happening because attribution even though they've identified a state it may not be a state actor it could just be someone with the IP address I'm just wondering where is that discussion happening in terms of merging those two trends together thank you well I think there are two things here one I think technical attribution is improving significantly and I think while it still takes some time the ability of to distinguish between a plain IP address and the atmosphere and one that might be associated with a state or even a state proxy is getting better secondly I think Microsoft and I have a truce now and and and I've been particularly I have to admit that I I was less happy with when they promulgated a paper on norms of things governments could do that when they came back later and and I talked to Scarce Harney and I said well what about what industry should do and they came up with a great a great norms paper on that so I was very very happy but what I and therefore in response what I have tried to do is use government resources to sponsor UN based conferences I did three last year which to which I invited a variety of non-governmental entities including the private sector where we discussed issues of norms creation or applicability of international law and others and we had a whole bunch of miscreants show up at these things that we did in Geneva that was I thought very helpful and it was helpful for us to hear what they had to say but I think it was even more eye-opening for some of the outsiders to see what I have to deal with and not to be so critical of the language that we come up with in UN documents an institution that calls itself Carnegie Endowment for International Peace we always like to hear about truces especially in the same place here but and Michelle it it really has been helpful to have that sort of open dialogue and get more exposed to what the diplomatic trenches look like you know it's very easy to think that myself and colleagues from the tech sector can roll in with a couple of power points and this will just all be you know hashtag done is much more painful to watch a room of 60 plus people churning over things you're just wondering wow we spent an hour on this topic you're not getting anywhere and so it is it is incredibly hard and I think the introduction of private sector into that has been helpful both in bringing us along but then hopefully also in us being able to share specific concerns that may not always be seen or top of mind in a sort of a mill to mill discussion Rebecca Hey thank you Joe Marks from Nextgov for Michelle or other people on the panel want to answer this administration has pivoted more toward Russian try to have a friendlier relation what effect do you think that will have on the upcoming GGE and on norms and CBMs in general and then second do you have any sense of what the future of the cyber coordinators office is under the Trump administration well you know I have to say that despite the the decline in us Russian relations over the last several years us Russia cyber relations have been in fact a bright spot and I say that with all sincerity since including the GGE agreements two OSCE agreements and a bilateral cyber agreement we have done and the G20 we have done seven eight consensus activities with Russia on establishing norms establishing CBMs multilaterally and OSCE among 57 states bilaterally with Russia so what I am hoping is that our ability to easily have bilateral conversations among experts will become easier now as a long time arms controller and I started with the INF treaty and start one and you know I've done this since 1982 I find that talking to them is much better than not talking to them at the same time we have to recognize as in all things that we may have ultimate goals which differ and so while we can be fellow travelers on a road which is designed to prevent conflict from escalating into open warfare and other things we have potentially different ultimate goals and we need to keep that in mind so I think there is recognition of that in this administration I'm hoping that we will be able to effectively tamp down larger Russian excursions and create our stable environment again Hi first I'd like to thank the panelists for a very interesting morning I'm Teresa Hitchens with the Center for International Security Studies at the University of Maryland and I have a question about the relationship between the GGE efforts at the UN writ big and some of the different regional efforts and how do we see those regional efforts are they designed to clarify the GGE or you know how do you how do they fit together that's my question well initially when you do something in the UN like in the GGE as Teresa you well know these are not you can set up principles come up with consensus texts but they're not usually implementable in the context of the United Nations what you have to find is a coterie of state it's a group that is willing to take these on after the first kind of affirmation of the utility of confidence building measures and CBMs in the first consensus UN agreement in 2010 I went to the organization of security cooperation in Europe which is by its very nature a CBMs and CSBMs organization and said and I've been going there for years before they're trying to interest them in something on this area and said you know here is a problem how do we communicate keep the peace prevent crisis and all of that so it was the GGE report that spurred what we did in the OSCE and that's led to an agreement on 16 different CBM measures including ones that try to mediate conflict I did a similar effort in the ASEAN regional forum and I've been twiddling my thumbs there since 2009 primarily because while the notion of CBMs has gotten affirmation and credence Russia has been a little bit disruptive I think primarily because they don't want to put the effort into doing something in that region as well and two because ASEAN regional forum and ASEAN itself is a very different entity than OSCE OSCE has a bureaucracy once they adopt measures they go about fulfilling them and enforcing them the ARF has nothing like that states themselves have got to actually accept and operationalize these either a state's got to take it on and become the secretariat for something or it just doesn't happen so right now we're kind of treading water in Asia in OAS in this hemisphere a lot has been done on cyber security CCT has done a great deal on the establishment of certs and everything else the attempt to promulgate norms and CBMs in the hemisphere has been a lot slower we've tried to incorporate more OAS members into the GGE we have Mexico we had Colombia in any event the problem with confidence building measures in OAS is you talk to to member states and they say we don't have any enemies down there we don't need confidence building measures but there's now I think I think either Mexico or somebody's taken up Chile has taken up a CBMs activity which I hope again will self promulgate can I just jump I mean one thing I think this goes is the two things about the regional organizations Sri says strike me as interesting one is that you can get beyond the first committee caveat I mean one of the things that I think bounds the GGE processes it's in the first committee and so anytime anybody says what are we going to do about cyber crime everybody has to look the other way and say we don't have any remit over cyber crime so one of the things is you can get to the regional organizations and you can kind of restyle the agenda with a broader lens not to say that there aren't different problems in context and you need to be precise but to not be only about you know global cybersecurity and I also think second they are a nice place to do that operation operationalization so CBMs is maybe one example of potentially multiple examples where you have an opportunity at the regional level to touch on the same points that have occurred in the GGE and to get the buy-in to try and push things forward unfortunately I think we're out of time but I want to give Marty and Paul a chance for final remarks if you oh actually I'm wishing Michelle well same same here and with that I want to thank all of you and point out that if you would like to follow this discussion a little bit more one you'll have a chance tomorrow Paul is actually giving a you know at the Wilson Center tomorrow and then the talent manual will be officially released in DC at the Atlantic Council I believe on Wednesday but you can see the website one last comment for those of you who are interested more on the cybersecurity from an international relations perspective I co-authored the article for Oxford Bibliographies which is usually behind the paywall but as of today it's available for free for one month so if you are interested just make sure to go on the website in the next month then download the resource before it goes back up behind the paywall thank you very much enjoy lunch thank you