Global agreement on internet security premature: Bishop

An international agreement on internet security would be premature despite the need for a trans-border agreement to help minimise the potential damage done by state-sponsored online activity, according to Australian Foreign Minister Julie Bishop.

It would be premature to establish an international agreement on internet security, according to Australian Foreign Minister Julie Bishop.

This is despite the need for trans-border agreement on which sectors should remain "off-limits" to online activity by states that could damage or impair critical infrastructure, said Bishop at the Global Conference on Cyberspace in The Hague, the Netherlands.

"On taking forward international security within the overall cyberspace regime complex, it is often asserted that we need to conclude an international agreement of some kind on international security in cyberspace," said Bishop. "Australia argues that an international agreement is premature; even the work of codifying key principles is in its infancy -- the conversation has only just started, and the technology is evolving rapidly. It is a challenge for policy makers just to keep up."

Bishop made the comments in a statement during a panel discussion at the conference on Friday that also included United States Coordinator for State Department Christopher Painter, China's Ministry of Foreign Affairs Ambassador Chen Xu, and India Deputy National Security Advisor Arvind Gupta.

Bishop argued that although it is too early to come to an international agreement on internet security, it is in the interest of all states to help develop the internet as a platform for economic activity.

Without naming specific countries, Bishop said that some states do not share the international community's view that a country's behaviour on the internet should reflect the framework and principles of international law -- a necessary first step to a discussion of "norm building" in relation to international online security.

Bishop said that the Australian government has identified three priorities for "peacetime norms" of state internet behaviour aimed at helping foster online peace and security: To facilitate official computer emergency response teams in their efforts to protect the online environment; to investigate and crack down on online crime; and to refrain from online activity that could undermine other states' infrastructure.

"The effective functioning of critical infrastructure underpins the global economy," said Bishop. "States should prevent and refrain from online activity which damages or impairs critical infrastructure, whether it be in banking, telcos, energy structures.

"While states define their critical infrastructure sectors differently and harmonisation is important, agreeing that key sectors should be off limits is a priority for the international community," she said.

Chen -- China's ambassador to the Netherlands -- said at the conference that state sovereignty imposes obligations on countries to respect the sovereignty of other states.

"All states have the equal rights to participate in the global governance and rules-making process," said Chen. "At the same time, when a state exercises its own sovereignty, it should respect the sovereignty of other states, refraining from intervening their domestic affairs, or allow its territory to be used for acts which will jeopardise the rights and interests of other states.

"We are duty bound to work together to build a peaceful, safe, open, and cooperative cyberspace, so as to promote international peace and security in this unique and important perspective," he said.

The comments by Bishop and Chen come as tension continues to mount between the US and China, with both countries eyeing the other with increasing suspicion in the wake of online spying revelations from documents leaked by former National Security Agency (NSA) contractor Edward Snowden.

In March, China finally admitted to the existence of special online warfare units, after continual denials of the existence of military-linked hackers believed to have conducted attacks on US-based private and public-sector organisations.

Meanwhile, in June last year, Chinese state media warned that Google, Apple, Yahoo, and Microsoft, along with a host of other US technology companies, had the potential to become "cybersecurity threats" to Chinese users.

However, after moving to introduce new regulations for foreign technology companies that sell computer equipment to banks in the country, the Chinese government has reportedly suspended the planned regulatory changes after protests from US businesses and government officials.