Convention on Cybercrime

It has also been proposed that the 2001 Council of Europe Convention on Cybercrime can serve as a prohibiting framework for cyber warfare operations.

However, as apparent from its title, this Convention is set to regulate only cybercrimes, such as fraud or child pornography, and by no means can be used to fight large-scale state-sponsored cyber warfare operations.

Nevertheless, the Convention could be used as a starting point for the drafting of an international cyber treaty, as it presents certain mechanisms of international cooperation and mutual assistance that are worth being closely examined.

 

Other European Initiatives

On the other hand, there are some other initiatives of European origin that are worth being taken into consideration during the drafting of an international treaty on cyber attacks.

The first one is a 2009 Communication by the Commission of the European Communities, an initiative on Critical Information Infrastructure Protection, proposing a set of actions ranging from the organisation of regular exercises for large-scale networks security incident response, to the deployment of a European Information Sharing and Alert System.

The second is a 2010 report by the European Union Committee of the United Kingdom House of Lords, entitled ‘Protecting Europe against large-scale cyber-attacks’. The report examines recent cases of cyber attacks, and questions the role of the European Union as a protective power of the European Critical Infrastructures (ECI), making also a large number of proposals, among which is the creation of Computer Emergency Response Teams (CERTs).

 

ENISA

Lastly, the regulatory framework proposed by the not so well-known Crete-based European Network and Information Security Agency (ENISA) should be taken into consideration.