The Country That Could Reshape Cyber Law

A member of Operation Trident Warrior shows sailors aboard the USS Peleliu how to use a Malicious Activity Security Tool.

U.S. Navy photo by Mass Communication Specialist Seaman Christopher Farrington

AA Font size + Print

A member of Operation Trident Warrior shows sailors aboard the USS Peleliu how to use a Malicious Activity Security Tool.

Finland is the perfect middle-power to help the world forge much-needed online norms.

The future of cyberspace does not look encouraging. Nation-states are developing increasingly sophisticated cyber capabilities, a source of significant tension given their destructive potential. Some of the powerful cyber actors are already sniping accusations at each other and forming defensive alliances. For example, China and the United States have been accusing each other for years, and China recently signed a cybersecurity agreement with Russia.

We are at a critical juncture. We are developing cyber capabilities faster than policies and doctrines can control them. The Tallinn Manual on the International Law Applicable to Cyber Warfare sponsored by NATO’s Co-operative Cyber Defence Centre of Excellence was an encouraging step forward in the pursuit of international norms and laws regulating the cyber domain. But implementing and enforcing the norms the manual promotes has been poor. The world needs a fluid and frank dialogue among states, the private sector, and civil society in order to guarantee the security of cyberspace. There seems to be a desire for new normative and institutional orders in cyberspace, but what they might be, how they will be established, and how broadly they will be accepted are open questions.

Would it be more desirable to negotiate an international cyber treaty or to extend agreements that cover other issue-areas in the digital sphere? The first option is unlikely to happen. States conceptualize cyberspace in many different ways and their interests are so widespread that finding a common starting point for treaty making is difficult. The second option, the inclusion of cyber issues in the existing regulation that covers international trade or law enforcement seems more promising.

There may be instances, however, where integrating cyber issues into existing rule-making bodies or improving international cooperation is not feasible. Therefore, there is a need for a forum where cyber-related quarrels could be mediated. The International Telecommunication Union has often been suggested as possibility, but its current authority and mandate would need to be changed and that is likely to encounter some stiff resistance.

The creation of international norms for cyberspace is a necessity and the world needs peace negotiators. Someone must take the lead in shaping shared cyber norms. Finland is a perfect candidate. It has a thriving tech sector and an official policy of neutrality. As a middle-power, it may be easier for Finland to help parties find a middle ground on the development of cyber norms given that it lacks great power ambitions. Finland is also recognized as a reliable, constructive and credible partner, and has a track record when it comes to international mediation. Finland played an important role in the peace processes in Northern Ireland, the Western Balkans, the Horn of Africa and the South Caucasus, giving its foreign ministry considerable experience handling delicate negotiations.

Finland already has good relationships with the United States and China, and has a long experience working with Russia, given their shared history and common border. Former Finnish President Martti Ahtisaari won the Nobel Peace Prize for his peacebuilding efforts and his Crisis Management Initiative (CMI) is an important actor in the prevention and resolution of violent conflicts. CMI has experience bringing parties together in the Aceh peace process and is currently trying to do the same in the Middle East. It is also skilled at working with various actors, from foreign ministries to civil society groups, at finding common ground and implementing agreements. These skills are what the world needs to develop and implement the shared cyber norms that will help prevent cyber conflict.

Finland’s reputation, lack of great power ambition, and track record can attract others to come together and discuss shared global cyber norms. If the world wants to grasp the opportunity—and contribute remarkably to international stability—now would be the right time to contact Finland.

This post appears courtesy of

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.