A group of 34 tech companies have signed an agreement to refrain from helping world governments wage cyberwar on each other.
Microsoft, Facebook, Cisco, Cloudflare, Github, and Oracle are among the top tech and security companies that have signed on to the Cybersecurity Tech Accord. In the agreement, the companies pledge to “empower civilians online and to improve the security, stability and resilience of cyberspace.”
“We will not help governments launch cyberattacks against innocent citizens and enterprises from anywhere, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution,” the accord states.
Microsoft president Brad Smith, who spearheaded the effort to organize this alliance, says that tech companies can be a powerful force if they work together to strengthen cybersecurity protection.
“This tech sector accord will help us take a principled path towards more effective steps to work together and defend customers around the world,” Smith said in a statement. He added that he sees the cybersecurity accord as a precursor to some sort of “digital Geneva Convention.”
"It aligns the resources, expertise and thinking of some of the world's most important technology companies to help to build a trusted foundation for technology users who will benefit immensely from a more security connected world,” Smith said.
Four main commitments
The agreement centers around four key principles:
Strong defense. The companies are committed to building a stronger defense against malicious code. To achieve this goal, the companies will launch new security practices and new features for companies.
No offense. The companies pledge not help governments launch cyber attacks against “innocent citizens and enterprises.” They will also protect their products and services from tampering and exploitation.
Capacity building. The companies vow to do more to empower developers, as well as the people and business who use their technology.
Collective action. The companies aim to strengthen their existing relationships and build new partnerships with the goal of improving technical collaboration, coordinating vulnerability disclosures, sharing threats, and minimizing the threat of malicious code.
Follows a string of cyberattacks
“The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together,” Smith said.
Apple, Amazon, Twitter, and Google have not yet signed the Tech Accord. However, the agreement remains open to membership requests from “new private sector signatories, large or small and regardless of sector.”