The future of cyberspace does not look encouraging. Nation-states are developing increasingly sophisticated cyber capabilities, a source of significant tension given their destructive potential. Some of the powerful cyber actors are already sniping accusations at each other and forming defensive alliances. For example, China and the United States have been accusing each other for years, and China recently signed a cybersecurity agreement with Russia.
We are at a critical juncture. We are developing cyber capabilities faster than policies and doctrines can control them. The Tallinn Manual on the International Law Applicable to Cyber Warfare sponsored by NATO’s Co-operative Cyber Defence Centre of Excellence was an encouraging step forward in the pursuit of international norms and laws regulating the cyber domain. But implementing and enforcing the norms the manual promotes has been poor. The world needs a fluid and frank dialogue among states, the private sector, and civil society in order to guarantee the security of cyberspace. There seems to be a desire for new normative and institutional orders in cyberspace, but what they might be, how they will be established, and how broadly they will be accepted are open questions.
Would it be more desirable to negotiate an international cyber treaty or to extend agreements that cover other issue-areas in the digital sphere? The first option is unlikely to happen. States conceptualize cyberspace in many different ways and their interests are so widespread that finding a common starting point for treaty making is difficult. The second option, the inclusion of cyber issues in the existing regulation that covers international trade or law enforcement seems more promising.
There may be instances, however, where integrating cyber issues into existing rule-making bodies or improving international cooperation is not feasible. Therefore, there is a need for a forum where cyber-related quarrels could be mediated. The International Telecommunication Union has often been suggested as possibility, but its current authority and mandate would need to be changed and that is likely to encounter some stiff resistance.
The creation of international norms for cyberspace is a necessity and the world needs peace negotiators. Someone must take the lead in shaping shared cyber norms. Finland is a perfect candidate. It has a thriving tech sector and an official policy of neutrality. As a middle-power, it may be easier for Finland to help parties find a middle ground on the development of cyber norms given that it lacks great power ambitions. Finland is also recognized as a reliable, constructive and credible partner, and has a track record when it comes to international mediation. Finland played an important role in the peace processes in Northern Ireland, the Western Balkans, the Horn of Africa and the South Caucasus, giving its foreign ministry considerable experience handling delicate negotiations.
Finland already has good relationships with the United States and China, and has a long experience working with Russia, given their shared history and common border. Former Finnish President Martti Ahtisaari won the Nobel Peace Prize for his peacebuilding efforts and his Crisis Management Initiative (CMI) is an important actor in the prevention and resolution of violent conflicts. CMI has experience bringing parties together in the Aceh peace process and is currently trying to do the same in the Middle East. It is also skilled at working with various actors, from foreign ministries to civil society groups, at finding common ground and implementing agreements. These skills are what the world needs to develop and implement the shared cyber norms that will help prevent cyber conflict.
Finland’s reputation, lack of great power ambition, and track record can attract others to come together and discuss shared global cyber norms. If the world wants to grasp the opportunity—and contribute remarkably to international stability—now would be the right time to contact Finland.