UN Framework for Responsible State Behavior in Cyberspace

Overview

• Adopted: 2015
• Components: 11 peacetime norms
• Supported by: All 193 UN member states
• Purpose: Increase stability and security in cyberspace

Positive Steps States Should Take (8 Steps)

1. Cooperating to increase stability and security in cyberspace
2. Considering all relevant information in the case of cyber incidents
3. Preventing criminal and terrorist use of information and communications technologies (ICTs)
4. Respecting human rights, including privacy online
5. Taking appropriate measures to protect critical infrastructure from cyber threats
6. Responding to reasonable requests for assistance from another state
7. Taking steps to protect the integrity of supply chains for ICT products
8. Reporting ICT vulnerabilities in a responsible manner

Actions States Should Avoid (3 Actions)

1. Not knowingly allowing territory to be used to commit internationally wrongful acts using cyber tools
2. Not conducting cyber activities that damage the critical infrastructure of another country
3. Not harming another country's computer emergency response team (CERT) or using a CERT to engage in malicious cyber activity

Endorsement

• Resolution: UN General Assembly Resolution 72/371

Additional Resources

• UN Disarmament Office on ICT Security
• Australian Department of Foreign Affairs and Trade on Cyber Affairs