Microsoft’s call for a Digital Geneva Convention, outlined in Smith’s blog post last week, has attracted the attention of the digital policy community. Only two years ago, it would have been unthinkable for an Internet company to invite governments to adopt a digital convention. Microsoft has crossed this Rubicon in global digital politics by proposing a Digital Geneva Convention which should ‘commit governments to avoiding cyber-attacks.'

The Geneva Convention, signed by war-weary nations in August 1949, now binds 196 countries to protect civilians in war zones. Microsoft’s president, Brad Smith, argues that the U.S. and other countries now need to draw up a digital equivalent to protect civilians and companies caught in the crossfire of constant cyberwar.

[W]e found that the ICRC tends to issue such statements only after a massacre has already taken place. For instance, when we studied the Bosnian civil war, we examined the timing of the use of force and the public diplomacy in the form of “naming and shaming” the disputants. The ICRC voiced its concerns 13 times, 11 times quite mildly. The ICRC reacts to international humanitarian law abuses. But its public condemnations do not reduce the carnage in the weeks that follow.