By the early 1980s, already many were questioning the viability of the nuclear non-proliferation arrangements that had been put in place by Non-Proliferation Treaty of 1968. A Non-Proliferation Treaty (NPT) Review Conference was set up. The models used in the past for non-proliferation were weakening. Simpson(1) argued that if the international community continued with the arrangements in place, it would amount to little more than a type of "slow proliferation".
To what extent were the assumptions made about nuclear weapons in the non-proliferation treaty similar to today's proliferation of cyber weapons? The nuclear non-proliferation arrangements had been built on the political assumption that should additional countries develop nuclear weapons, it would be destabilizing to international relations. In addition, this would cause the growth of "proliferation chains" as one nation after another responded to the nuclearization of its neighbors. In addition, it was argued that a multi-nuclear world would be inherently more dangerous. The proliferation of nuclear weapons would make nuclear war more likely or would result in increased casualties (or both).
At the time, China, France and India did not favor the nuclear non-proliferation system. It was their view that it kept in place great power dominance. Agreement would mean a type of unilateral disarmament and therefore maintenance of the existing power structure in international affairs.
In the early period of nuclear power, the U.S. had favored a system of strict international control over nuclear energy. The Baruch-Lilienthal Plan of 1946 and the International Atomic Energy Authority would ensure control. Later regional reprocessing of nuclear fuel was proposed, again under international authority. Efforts were made to establish an international fuel and technology supply regime. U.S. policy to unilaterally control nuclear energy melted away, although efforts were made to set up a nuclear suppliers group in cooperation with Canada.
As of the early 1980s, Argentina, Brazil, Chile, Colombia and North Korea were accepting IAEA safeguards but without formal acknowledgement of any obligation. A number of states were engaged in un-safeguarded nuclear activities, including India, Israel, Pakistan, Spain and South Africa. In spite of this, the technical knowledge of how to make a bomb already had leaked out. Therefore, using technology control to prevent proliferation no longer was viable.
Application to Cyber Weapons and Cyber Proliferation
It no longer is possible to prevent the proliferation of cyber weapons using exclusive control over technology because no nation has a monopoly. The technology for development of cyber weapons has leaked into the Dark Web. It is available to hackers and state actors everywhere. Additionally, there is a large cyber security industry that has an interest in providing sophisticated services to assist civil society and governments in preventing cyber attacks. The spread and deployment of these defensive services imply by necessity a corresponding diffusion of technological know-how.
Efforts at the international level could be made in the following ways:
(A) Cooperation at Stopping Spread of Weapons through the Dark Web
It would be useful if nations set up an international authority to police the Dark Web specifically for the purpose of stopping illegal weapons-related activities that take place through the Dark Web. This would require improvements in cooperation across law-enforcement authorities world-wide.
There are many actions that nations could take to discourage traffickers in cyber weapons. For example, if each state adopted a policy to seize the passports and stop international travel for all cyber weapon traffickers, it would help as a deterrent. A strengthened system of extradition arrangements also would help.
(B) Licensing of Cyber Security Services
All companies that engage in sales of cyber security services should be registered internationally and a system of review should be put in place to control the spread of cyber know-how. Although this would help to control the illicit leakage of dangerous cyber security information, we can predict it would be difficult to obtain agreement on this type of arrangement unless it was put into place universally.
Notes
(1) John Simpson, Global non-proliferation policies: retrospect and prospect, 8 Rev. of Int. Studies, 84, 69-88 (1982) "[E]ither the nuclear states can demonstrate by example that nuclear weapons do not confer benefits upon them by disarming; or they must accept that the current non-proliferation strategy is actually a slow proliferation strategy".