Nov 13, 2018

U.S. hasn't signed cyber principles — yet

French President Emmanuel Macron appears with President Trump before a lunch at the Elysee Palace in Paris on Nov. 11. Photo: Jacques Demarthon/AFP via Getty Images

The United States has not signed the Paris Call for Trust and Security in Cyberspace, a pact between 51 countries and hundreds of the important companies in tech, nonprofits and universities. At least, not yet.

The big picture: Signatories tell Axios that the U.S. hasn't shut the door on the agreement of general principles for internet security. The agreement, a first-of-its-kind document involving both the public and private sector, could be a significant step toward a global understanding of what countries are and aren't permitted to do online — but that's likely only if the U.S. lends its heft.

What they're saying: "It is a missed opportunity for the U.S., especially because the agreement is nonbinding," Peter Singer, a strategist and senior fellow at the New America Foundation, told Codebook via email.

The Paris Call is a handshake establishing principles, including:

  • Human rights should extend to online spaces.
  • Countries should work together to prevent the theft of intellectual property (as China is accused of doing), election tampering (as Russia is accused of orchestrating) and destabilizing the core of the internet (as China may have done through BGP hijacking).
  • Countries should never release malware causing indiscriminate harm to the public (as Russia and North Korea are accused of doing with NotPetya and WannaCry).
  • The private sector will not risk collateral damage by "hacking back" their hackers.

Other odds and ends: It also stipulates:

  • Disclosure programs and other basic cybersecurity measures are generally good.
  • The private sector must play a role in comprehensive security plans.

Who didn't sign: The U.S. is not the only nation that didn't sign the Paris Call. But many of the other nonsignatories skew in an unflattering direction: They include North Korea, Russia, Iran and China.

  • 3 out of 5 of the nations in the powerful Five Eyes alliance signed the accord. (The U.K., Canada and New Zealand did. The U.S. and Australia did not.) Israel didn't sign, either.

The intrigue: The United States appears to have two motivations not to sign.

1. Trump hates these things. President Trump likes deals, not agreements. He likes bilateral, transactional things where he feels like the U.S. comes out ahead. This is more of a zero-sum affair, where everyone in the world benefits because everyone gives something up.

  • "The problem is that so many threats to U.S. security simply can't be solved in that way. Whether it is cybersecurity or environmental or nuclear nonproliferation issues, they are multilateral and multilayered," said Singer.

2. Big dogs don't like fences. And nearly all the major cyber powers (U.S., North Korea, China, Iran, Russia and Israel) stayed out of the agreement, likely hesitant to place even nonbinding restrictions on how they act. One exception is the United Kingdom, who signed the agreement.

  • "While the goal of the Call is laudable, and the list of industry signatories in particular is impressive, without the U.S. and other offensive-minded states as signatories, it feels a bit like the players on the sidelines telling the ones in the game to stop playing," said Betsy Cooper, a one-time attorney and adviser at the Department of Homeland Security who was just named director of the new Aspen Tech Policy Hub.

Go deeper

Bernie's juggernaut

Sen. Bernie Sanders speaks in San Antonio last night with his wife, Jane. Photo: Eric Gay/AP

Sen. Bernie Sanders won so big in the Nevada caucuses that Democrats are hard-pressed to sketch a way he's not their nominee.

Driving the news: With 60% of precincts counted (slow, but better than Iowa!), Sanders is running away with 46% of delegates — crushing Joe Biden's 20%, Pete Buttigieg's 15%, Sen. Elizabeth Warren's 10% and Sen. Amy Klobuchar's 5%.

Go deeperArrowUpdated 1 hour ago - Politics & Policy

Buttigieg campaign claims Nevada caucuses were "plagued with errors"

Photo: Win McNamee/Getty Images

Pete Buttigieg's campaign wrote a letter on Sunday asking the Nevada State Democratic Party to release early vote and in-person vote totals by precinct and address certain caucus errors identified by campaigns, The Nevada Independent reports.

The big picture: The campaign alleges that the process of integrating early votes on caucus day was “plagued with errors and inconsistencies,” and says it received more than 200 incident reports from precincts around the state.

Go deeperArrowUpdated 2 hours ago - Politics & Policy

Coronavirus threat grows, threatening some drug supplies

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

As the novel coronavirus continues spreading globally and China grapples with a limited production capability, there's a growing risk to about 150 prescription drugs in the U.S., sources tell Axios.

The big picture: The coronavirus has spread to more countries, with both South Korea and Italy stepping up emergency measures amid rising case numbers on Sunday. COVID-19 has killed at least 2,467 people and infected almost 79,000 others, mostly in mainland China.

Go deeperArrowUpdated 2 hours ago - Health