34 tech firms signed “Cybersecurity Tech Accord” agreement that does’nt support government hacking operations

cybersecurity cooperation

The industry consortium of 34 high-tech companies headed by Microsoft has signed a technology agreement that will protect user information security at all costs and will not provide assistance for government attacks against other countries, companies or individuals.

Microsoft, Facebook, Cisco, GitHub, Arm, Cloudflare, LinkedIn, Hewlett-Packard, Dell, SAP, Oracle, and VMWare have signed an agreement called “Cybersecurity Tech Accord”, but this list does not include Apple, Google, Amazon, and Intel.

The agreement is the idea of Brad Smith, Microsoft Chief Legal Officer, who has been talking about the idea of creating a digital Geneva Convention for the past two years. Smith has always advocated that the government should not regard users and the private sector as part of cyber attacks against other countries.

The agreement announced today at the RSA 2018 Security Conference in San Francisco was built around four key principles:

1) Strong defense – Tech companies should do their best to protect users from any type of cyber-attack, regardless of source, or the user’s native country.
2) No offense – Tech companies should never provide material support to government-backed cyber-attacks.
3) Capacity building – Companies should build and provide customers with the necessary tools to protect their data and themselves from state-sponsored attacks.
4) Collective action – Companies will collaborate with each other to share data on attacks and disclose attacks to affected users.

Today, the most difficult part of these agreements is obviously the support of government agencies. All technical agreements in the world are ineffective in the face of court orders or abuse of search warrants that the government may use to pursue dissidents or political opponents.