Towards Pollution-Control in Cyberspace: Problem Structure and Institutional Design in International Cybersecurity

Summary In their contest for domination in cyberspace states engage powers of technology, money, persuasion and norms. Clashes between two competing approaches resulted in the creation of two parallel working groups in the UN that address issues of international cybersecurity, including principles, norms and laws. Although there are very few treaties that deal expressly with cyber activities, normative aspirations and frequent use of imported rules and principles from other realms to cyberspace suggest the emergence of a new cyber normative regime – though, in the short term probably short of a global treaty. The substantive content of existing and potentially applicable norms to cyberspace has been examined to a great extent, but less scholarly attention has been paid to mechanisms that can produce cooperation and compliant behavior with international norms in cyberspace. This study draws inspiration from environmental agreements from procedural aspects and we identified two environmental regimes, which address problems sufficiently similar to the challenges of international cyber security and which have been the most successful in terms of cooperation. Selection of the Montreal Protocol and REDD+ mechanism was based on the following main factors: incentives in terms of game theory, capacities of actors, information and scientific uncertainty, the time of institution creation in normative lifecycle, number of actors, and asymmetry in power and positions taken among actors. Further analysis focuses on institutional design elements in the chosen cases, and examines if or under what conditions could these be used for international normative frameworks on cyberspace.