Privatized Cybersecurity Law
UC Irvine Law Review (2020 Forthcoming)
51 Pages Posted: 11 Mar 2019 Last revised: 27 Mar 2019
Date Written: February 19, 2019
Tech platforms have gradually and informally assumed the role of international lawmakers on global cybersecurity issues. But while it might seem as if the international community and internet users are the direct beneficiaries from the involvement of the private tech industries in making law, there are many questions about such endeavor that require a thorough examination and assessment. The end-goal and risks associated with such venture are largely obscure and unexplored.
This Article provides the first analysis of how tech platforms are effectively becoming lawmakers for global cybersecurity based on the inability of states to overcome geopolitical divides on how cyberspace ought to be regulated globally. This Article looks primarily at three separate proposals representing a larger trend of the privatization of cybersecurity law: The Digital Geneva Convention, the Cyber Red Cross, and the Cybersecurity Tech Accord. These, as well as other initiatives, reflect the gradual and uncontested assimilation of private tech companies with the machinery of international lawmaking.
This Article argues that state governments, civil society organizations, internet users, and other stakeholders need to step back and carefully evaluate the dangers of ceding too much control and authority in lawmaking to the private tech sector. These private tech sector actors, while not yet on an equal footing as states, are increasingly substituting states in their efforts to create their own privatized and unaccountable version of cybersecurity law.
Keywords: cybersecurity law, international law, cybersecurity, technology law, tech law, law and technology, microsoft, cybersecurity policy
Suggested Citation: Suggested Citation