It was hard not to crack a wry smile when reading Tobias Feakin’s post on the Budapest Conference on Cyberspace. Let’s just say that the position of the blocs settling behind a more ‘rules-based’ approach, on one hand, and a ‘norms-based’ approach sit very uneasily with track records, both documented and rumoured.

The incongruities of diplomacy aside, the debate about a more voluntary and organic ‘norms-based’ or an enforceable ‘rules-based’ approach to cybersecurity is an important one to have.

There has already been some movement towards a rule-based approach with regards to some aspects of cybersecurity, with Australia becoming the most recent nation to sign and pass enabling legislation for the convention on cybercrime, a treaty acceded to by most European states, Japan, and the United States, and which covers issues such as computer-based fraud, unauthorised access to systems, child pornography production and distribution, and copyright infringement. Read more