Microsoft’s Smith adds ‘cyber Red Cross’ to his ‘digital Geneva Convention’ call

Microsoft President Brad Smith renewed his call for a "digital Geneva convention," adding a new wrinkle: the suggestion that the world's IT companies and their cyber first responders should be recognized as kind of "tech Red Cross" — neutral players who should remain unmolested by combatants on the cyber-battlefield.
Brad Smith (Brookings Institution / Flickr)

Microsoft President Brad Smith this week renewed his call for a “digital Geneva Convention,” adding a new wrinkle: the suggestion that the world’s IT companies and their tech first responders should be recognized as kind of “cyber Red Cross” — neutral players who should remain unmolested by combatants on the online battlefield.

In a speech at the U.N. in Geneva, Smith recalled the origins of the International Committee of the Red Cross — the brainchild of Geneva businessman Henri Dunant, who witnessed the slaughter at the battle of Solferino, in Italy in 1859, the deadliest single day of battle in Europe since Waterloo nearly a half-century earlier.  

“He recognized that humanity needed to catch up with [new weapons] technology … he advocated, he persuaded, he succeeded in convincing the leaders of governments in Europe that despite the fact that the medics were uniformed soldiers of a specific army, they should be treated as neutrals … protected so they could treat those whose lives were at stake,” Smith told an audience at the Palais des Nations Thursday, referring to the Geneva International Conference of 1863 at which the Red Cross was founded.

“As neutrals,” he continued, “they would take on a new obligation, an obligation to treat the injured of all armies, even those they had been battling against. And this neutrality would extend not just to the medics, but to the volunteers who worked with them,” he said.


Smith, who is also Microsoft’s chief legal officer, first issued the call for a digital Geneva Convention — a global treaty to outlaw or limit cyberweapons — in February, provoking a lively debate. But the situation has become more urgent since then, he said.

Just as the battle of Solferino was a wake-up call to European nations at the time, Smith argued, the WannaCry cyberattack last May provided a wake-up call to the tech world today. The malware was launched by one country, North Korea, using online weapons stolen from a second, the U.S., and it was publicly dumped quite possibly by a third.

Before the attack had run its course,”it impacted, it damaged, it impaired over 200,000 computers in 150 countries,” Smith noted.  

In response, he proposed a “tech sector accord,” in which companies in the IT sector would “work together, in effect, as a neutral digital Switzerland, to protect people around the world.”

Microsoft, he said, was calling for IT companies to “in effect, adopt the same principles that the medics did of armies after the battle of Solferino, to recognize that we should come together and pledge to work together and to live up to a set of principles … that would commit us to say that we will not help any government attack anyone anywhere.  


“To the contrary, we will assist anyone who is injured anywhere. Just like the medics and volunteers were called upon to do,” he said.

Shaun Waterman

Written by Shaun Waterman

Contact the reporter on this story via email, or follow him on Twitter @WatermanReports. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at

Latest Podcasts