A new fear is engulfing Switzerland and this time its about cyberspace.
True, the threat of ‘cyberwar’ and cyber-attacks is real and sometimes very difficult to prepare for. Recent events, like the hacking of political parties’ websites or the recent distributed denial-of-service attack (DDoS) on Postfinance, the bank hosting Julian Assange’s account, point to a future where sometimes crippling cyber-attacks are an all-too common occurrence.
The Swiss parliament recently passed a motion asking the government to develop the legal framework for responding to and defending against cyber-attacks. The government, however, is not really convinced that a legal basis to fight ‘cyberwars’ should be the priority and I agree with them.
A solid legal framework is certainly needed for cybercrime. But when it comes to cyber-attacks, having a legal framework is of no help. What legal measures could you take if someone launches a cyber-attack on your country, key industries or public figures? This also links up to the equally tricky debate about attribution in the case of such attacks. Who attacked and from where? Who is behind the attack and who should be held resonsible? Moreover, we still lack a clear definition of what a cyber-attack even is. Experts still disagree on this and I don’t think that the Swiss government will be able to break this definitional deadlock.
The legalization of cyberspace is generally speaking a dangerous trend. So far, no international treaties exist on the subject, and attempts to “nationalize” part of it by promulgating a national legal framework for hostile acts on the internet is creating borders and limits on a ‘global good’. The internet cannot be structured on the basis of national borders and it should remain so: common, shared, unlimited and open. Indeed, legalizing cyberspace from a national standpoint is not only inefficient; it also sets a dangerous trend for the fragmentation of cyberspace.