Cybersecurity Ranks No. 1 in Microsoft’s Top 10 Tech Issues for 2018
The number of nation-state cyberattacks will grow in 2018 and will demand collective action among global governments to fend off bad actors, Microsoft President Brad Smith said in a report released Tuesday, co-authored by Carol Ann Browne, director-executive communications. Recent WannaCry and Not-Petya attacks were “akin to military assaults” that demand a “new generation of arms control discussions to address them,” the executives wrote. Microsoft praised the White House for joining with other countries publicly blaming North Korea for WannaCry (see 1712190043) as a “step in the right direction towards addressing growing nation-state cyberattacks.” Global technology leaders should adopt a cybersecurity tech sector accord to enable tech companies to act as “internet first responders,” the report said: “Look for progress over the next six months.” Microsoft also hopes governments will clarify international law in the digital space, an issue of particular significance as the company prepares for oral argument Feb. 27 in the U.S. v. Microsoft case (see 1710160009) on warrants issued for data stored overseas. The case has significant international implications as companies increasingly store data overseas so it’s closer to customers, Microsoft said. “Rather than rely on or improve existing treaties to obtain information located in other countries, the DOJ prefers to exercise jurisdiction over cloud service providers and compel them unilaterally to fetch emails in other countries and bring them to the U.S.,” the report said, arguing the government is trying to “stretch the statute in ways that Congress didn’t anticipate.” Microsoft holds out some hope that DOJ and the tech sector could craft a “late compromise” for new legislation that would “bring agreement on a more modern and international approach.” Barring that, the Supreme Court will need to decide by June on the basis of a law “not written with the 21st century in mind,” the report said. Microsoft flagged privacy and surveillance as related priority 2018 issues, citing the May 25 implementation of the European Union’s General Data Protection Regulation, which will add new requirements for companies that store personal information of European consumers no matter where the company is located. It will be up to the tech sector largely to manage the new requirements, which are still subject to “continuing deliberations” that will continue through 2018 and beyond, the report said. Net neutrality also made Microsoft's top 10 list, with the company praising ISP pledges to avoid discrimination in the absence of binding net neutrality rules. If those promises prove false, it could be the impetus for Congress to create "lasting and bipartisan" regulation that has "so far proved elusive," Microsoft said.