Taming cyber warfare: lessons from preventive arms control

Abstract

ABSTRACTPreventive arms control, narrowly defined, is about restrictions on weapons development. From this traditional understanding follows that cyber warfare will be hard, if not impossible, to regulate. In this article, we start from a less circumscribed definition of preventive arms control that would also encompass limitations on the use of emerging technological capacities, both formal and informal. Based upon a comparison with the historical case of Anti-Ballistic Missile (ABM) arms control, we offer a fresh look into the prospects of taming cyber warfare via arms control measures and similar forms of security cooperation. The case of the ABM Treaty is instructive because it shows that neither definitional vagueness nor unequal relative gains proved to be insurmountable obstacles for cooperation. Rather, the transformation of strategic interests through complex learning was key to the achievement of the ABM Treaty. Recent developments in cybersecurity negotiations show that similar learning processes are underway. This is not to say that definitional and verification problems can be solved easily and that a treaty prohibiting cyber weapons is possible. But there is reason to believe that complex learning can transform perceived interest, just like it did during the Cold War, and that international norms against certain cyberattacks can be established.