‘Private’ Cybersecurity Standards? Cyberspace Governance, Multistakeholderism, and the (Ir)relevance of the TBT Regime
26 Pages Posted: 16 Apr 2020 Last revised: 6 Jul 2021
Date Written: 2018
Abstract
The business sector has actively taken on the standardization initiative. More and more jurisdictions have been settling on a bottom-up approach to cybersecurity policymaking, which aims to minimize mandatory governmental regulation and to favor a voluntary private-sector standard to enhance cybersecurity. To analyze the privatization of governance in a systematic way, this article placed the “top-down” and “bottom-up” approaches in such a context that allows us to identify the features of different types of cybersecurity standard-setting and to recognize the challenges to international economic order. How can the WTO become a forum for trade disputes concerning “private, voluntary” cybersecurity standards created through a multistakeholder process? Cyberspace governance is a complex problem. The fact that certain informal norms have the potential to become de facto international standards creates a renewed sense of urgency for the WTO to take action in order to avoid the fate of being eclipsed into irrelevance in the domain of cyberspace governance.
Suggested Citation: Suggested Citation