2019 Conference on Cyber Norms: Dealing with Uncertainty
5-6 Nov 2019 / The Hague

2019 Conference on Cyber Norms: Dealing with Uncertainty


Registration is now closed. Sign up to our mailing list to stay updated on the conference and other program updates.

Keynote speakers

Lucas Kello

Lucas Kello is Associate Professor of International Relations, serves as Director of the Centre for Technology and Global Affairs, and is also co-Director of the interdisciplinary Centre for Doctoral Training in Cyber Security at the Department of Computer Science at University of Oxford.

Keynote: Cyber Norms: Why They Fail Us and What to Do About It

Susan Landau

Susan Landau is Bridge Professor of Cyber Security and Policy at the Fletcher School of Law and Diplomacy and the School of Engineering, Department of Computer Science, Tufts University and Senior Fellow at the Fletcher SchoolCenter for International Law and Governance and Visiting Professor, Department of Computer Science, University College London.

Keynote: Flipping the Discourse

Duncan Hollis

Duncan Hollis is the Laura H. Carnell Professor of Law at Temple Law School, Temple University. He is an elected member of the American Law Institute.

Keynote: Beyond Naming and Shaming: Accusations and International Law in Global Cybersecurity

Bibi van den Berg

Bibi van den Berg is Professor of Cybersecurity Governance within the Faculty of Governance and Global Affairs at the Institute of Security and Global Affairs.

Keynote: Dealing with Uncertainty in Cyberspace: Five Coping Mechanisms

In addition to the keynote speakers, we will be welcoming a diverse set of researchers who will present on topics such as data protection & security, non-state and public-private norms, uncertainty in 5G, concepts in research, cyber insurance, regional perspectives, attribution, and international relations & international law.

Practical information

Location: Het Spaansche Hof, Westeinde 12, 2512 HD, The Hague, the Netherlands

Dates: 5-6 November 2019 (two full days)

More information about fees and registration: here

Conference Program

Day 1: Tuesday 5 November 2019

08:30 – Registration

09:15 – Welcome

09:30 – Keynote by Bibi van den Berg, Dealing with Uncertainty in Cyberspace: Five Coping Mechanisms

10:30 – Coffee break

11:00 – Parallel sessions:

  • Law and Politics of Attribution
    Moderator: James Shires
    – Florian J. Egloff & Myriam Dunn Cavelty, "Uncertainty, Attribution, and the Making of Biased Truths in Cybersecurity Politics"
    – Els De Busser, "Three Tales of Attribution: Legal, Policy and Political Perspectives"
  • The Geopolitics of 5G
    Moderator: Dennis Broeders
    – Alexi Drew, "Technologically Empowered Norm Entrepreneurship: How Chinese Provision of the Physical Layer Could Grant Normative Power"
    – Ramesh Balakrishnan, "Explaining the Strategic Effects of Time Horizon and Uncertainty in Cyberspace: U.S-China Rivalry and 5G Politics"
    – Cedric Amon, "Mitigating Uncertainty in the 5G Roll-out: Emerging Security Arguments and Regulatory Approaches"

12:30 – Lunch

13:30 – Parallel sessions:

  • International Relations and International Law
    Moderator: Russell Buchan
    – Ivo Emanuilov, "“Our Cyberspace Will Remain Closed For All”: Are Unilateral Cyberspace Closures Compatible with International Law?"
    – Shaun Riordan, "Managing Uncertainty in Cyberspace: A Diplomatic Approach"
    – Oleg Shakirov, "Leashing the Codes of War: Russian–U.S. Incident Prevention Agreements and Lessons for Cyberspace"
  • Conceptual Approaches to Uncertainty and Cybersecurity
    Moderator: Bibi van den Berg
    – Julia Slupska, "War, Health & Ecosystem: Conceptual Metaphors in International Cybersecurity Policy"
    – Taylor Grossman, "Camouflage, Mimicry, and Cyberattacks: The Prohibition Against Perfidy Re-examined in Cyberspace"
    – Jaclyn A. Kerr, ""Information Security" versus "Cybersecurity": Conceptual Challenges and the Role of Norms in Addressing Disinformation Threats"

15:00 – Coffee break

15:30 – Keynote by Duncan Hollis, Beyond Naming and Shaming: Accusations and International Law in Global Cybersecurity

16:30 – Drinks

  • Speech by Carmen Gonsalves, Head Task Force International Cyber Policies, Dutch Ministry of Foreign Affairs

18:30 – Conference dinner

21:00 – End of day 1

Day 2: Wednesday 6 November 2019

08:45 – Coffee/tea

09:30 – Keynote by Lucas Kello, Cyber Norms: Why They Fail Us and What to Do About It

10:30 – Coffee break

11:00 – Parallel sessions:

  • Data Protection and Cybersecurity
    Moderator: Ilina Georgieva
    – Els De Busser, "The Uncertainty of Digital Evidence and Justice"
    – Eleni Kosta, "The Draft eEvidence Regulation: Analysis From a Data Protection Lens"
    – Tom Dobber, Ronan Ó Fathaigh and Frederik Zuiderveen Borgesius, "European Norms for Online Political Microtargeting"
  • Cybersecurity and Public-Private Interactions
    Moderator: Rogier Creemers
    – Jacqueline Eggenschwiler, "Tackling Uncertainty: An Analysis of Norms-based Cybersecurity Uncertainty Mitigation Processes of Leading Technology Companies"
    – Dennis Broeders, "Speaking Hack Back to Power: Sovereignty and the Debate about Private Cyber Active Defence in the US"
    – Russell Buchan, "Where the ‘Public’ and ‘Private’ Meet: Industrial Cyber Espionage and the Principle of Due Diligence"

12:30 – Lunch

13:30 – Parallel sessions:

  • Local and Regional Perspectives on Cybersecurity
    Moderator: Bibi van den Berg
    – James Shires & Bassant Hassib, "Cybersecurity Uncertainties During Rapid Political Change: The Case of Egypt"
    – André Barrinha, "European Cybersecurity and the Uncertainty of Brexit"
    – Tuba Eldem, "Managing Uncertainty in Cyberspace: The Turkish Approach"
  • Uncertainty and Cyber Insurance
    Moderator: Dennis Broeders
    – Monica Kaminska, "Restraint Under Conditions of Uncertainty: Why the West Tolerates Cyber Attacks"
    – Daniel W. Woods, "Market Definitions of Cyber War and Hostility"
    – Jan Lemnitzer, "Why Cyber Security Insurance Should be Regulated and (Ultimately) Compulsory"

15:00 – Coffee break

15:30 – Keynote by Susan Landau, Flipping the Discourse

16:30 – Closing & presentation best paper awards

17:00 – End of conference

About the conference theme

One way of looking at cyber norms for responsible behaviour is to see them as tools to deal with the uncertainties engrained in the fact that the internet now underpins our societies, economies, vital infrastructures and vital state processes such as elections. This uncertainty can result from the unpredictability of state behaviour – hence the focus on norms for responsible state behaviour – but it can also be traced to the impact of technological developments and/or (new) business models, un- and under-prepared organizations and individuals and a persistent lack of reliable data on the threats and risks to our digital societies. If uncertainty is a central characteristic of (digital) life, then how can states, companies and citizens deal with that uncertainty? How can public instruments such as (international) law, norms and confidence building measures (CBMs) but also private instruments such as insurance, liabilities and (technical) standards contribute to reducing and/or dealing with uncertainty? Also, if the frame of uncertainty and risk applies to international cyber security, then there should be room for categories of acceptable and residual risk in some categories of uncertainty, although we often lack a sense of what that might be. If the frame of (national) security applies, often triggering zero-sum thinking, there is arguably less tolerance for unaddressed uncertainties.

In 2019, we hope to widen the conversation about cyber norms by taking ‘uncertainty’ as the general theme for the annual academic conference of The Hague Program for Cyber Norms. As before we aim to bring together scholars from a diverse range of disciplines including – but not limited to – international relations, international law, economics, political economy, security studies, political sociology, philosophy, political science, science and technology studies and engineering. The key to understanding the development of norms in cyberspace in light of the uncertainties that characterize cyberspace lies in bringing together the various disciplines that it relates to. This call for papers was therefore open to extended abstracts from a wide range of academic disciplines.

More specifically, we welcome papers under the following headers, but the call was open for abstracts outside the scope of these clusters:

- Sources of uncertainty. Uncertainty can derive from many sources. Geopolitical developments and their translation to the cyber domain may increase uncertainty, technological innovations may be game changers for state-to-state conflict, economic models and for the way societies function(disinformation, for example). Adding to the uncertainty is an unusual degree of obfuscation about threats and risks in cyberspace. There are many forms of secrecy in play because of the actors involved (such as intelligence agencies)and fear of tarnished reputations (for companies and other actors) contributing to a lack of reliable data and analysis.    

- Ways of dealing with uncertainty. There are many ways to deal with uncertainty and not all of them have been tried and tested in the cyber domain. At the global and regional level international law and norms have been key strategies to seek to increase predictable state behaviour. At the (inter)national level resilience and capacity building are key, as are strategies of regulating emerging technologies by trying to strike a balance between safeguarding and promoting innovation, responsible use of technology and avoiding international escalation. Various risk management strategies should play a role in mitigating uncertainty at various levels (company, industry, national) and insurance schemes should – eventually – be able to take some low-level risks off the table. There is however much uncertainty about the usefulness of various strategies.  

- Goals of reducing uncertainty. To what end do we aim to reduce or ‘eradicate’ uncertainty and to what extent is that possible or even desirable, given the inevitable trade-offs with other goals and values? Does uncertainty also serve a productive function?

The conference is the second in an annual series organised by The Hague Program for Cyber Norms and aspires to become a key multidisciplinary venue for peer-reviewed research in the study of cyber security and international stability. See our website for the program and an impression of the 2018 edition of the conference.  

We welcome extended abstracts of maximum 800 words on questions related to international cyber security and cyber norms. We explicitly welcome contributions from early career scholars. The conference will take place in The Hague on 5 and 6 November 2019. Authors of accepted extended abstracts should prepare their final paper by 16 October 2019. A best paper award will be awarded.

Accepted contributors are eligible for funding for travel and lodging.  

Important dates

  • Submission of extended abstracts: 20 May 2019
  • Notification of acceptance: 12 June 2019
  • Submission of full paper (max. 6000 words excl. footnotes and literature – for references, please use Chicago Manual of Style (preferred citation format being author-date)): 15 August 2019
  • Feedback by review committee by 17 September 2019