The Pall Mall Process on Cyber Intrusion Tools: Putting Words into Practice

On 6 and 7 February, the UK and France launched the Pall Mall Process (PMP), a dialogue dedicated to tackling the proliferation and irresponsible use of commercial cyber intrusion capabilities. The initiative brought together government representatives and stakeholders from different sectors for the first day of discussions. It also marked the launch of a multi-stakeholder declaration on the topic – the ‘Pall Mall Declaration’ – which, among other things, proposes an initial list of principles that could guide future work on the topic (accountability, precision, oversight and transparency), as well as working definitions that could support a shared vocabulary to address different types of services and technologies. What is more, both governments have already announced that the PMP will formally reconvene in 2025 for its second meeting in Paris.

Despite the applaudable initiative, as governments come together on the road to Paris 2025, the key point will be to observe how the PMP unfolds. Will it speak to a broader pool of countries? Are stakeholders going to be involved in and continue to provide inputs to the discussions? Will companies providing some of the intrusive tools be invited for future – even if private – discussions? Ultimately, what does success look like for this nascent process, and for whom?

In this collaborative piece, we bring together experts who have engaged in the PMP and attended the 6 February meeting. We invited them to reflect on what the PMP needs to consider if it is to be a sustained and action-based dialogue. These reflections are not exhaustive, but highlight some of the pressing concerns facing this agenda.

Where Does the PMP Fit In, and Who Fits into It?

Louise Marie Hurel, RUSI

The PMP is the latest chapter in a series of unfolding initiatives on this topic. In March 2023, during the US-led Summit for Democracy, 11 countries issued a statement recognising the threat posed by the misuse of commercial spyware and the need for domestic and international controls to curb the proliferation of these tools. Individual countries have also been vocal about the use of the technology, such as when the US issued an Executive Order prohibiting the use of commercial spyware that poses a risk to national security. Private-sector groups, such as the Tech Accord, have published a list of industry principles to curb the threat of cyber mercenaries (the developers, sellers and/or resellers of these tools). Civil society organisations have launched campaigns, investigations and joint statements highlighting the disproportionate effects and human rights violations of many of these intrusive tools.

How does the PMP fit into all of this? While the US view has purposefully focused on spyware, the initiative by the UK and France broadens the scope. Instead of focusing on the most intrusive and abusive technology, it seeks to cover a range of lawful, responsible, unlawful and irresponsible uses, answering questions such as: ‘What happens when a malicious actor uses pentesting tools and techniques to illegally enter a system?’ In so doing, the PMP is able to speak politically to a broader range of stakeholders, instead of arriving at the negotiation table with a naming and shaming over ‘infamous’ cases such as Pegasus. It is also able to engage with the whole gamut of businesses engaging in the supply chain of tools that range from legitimate to contested uses.

It is still unclear whether the political strategy of broadening the scope will result in greater engagement in the long run, or whether the debate will become more complex than purposeful. To address these risks, states will need to focus on concrete cases across the developer, supplier, user and targets spectrum of application – and possibly in different regions. Assessing the regulatory mechanisms, risk management procedures, accountability frameworks and prevention strategies that can be implemented for each segment will be crucial, as will the need for regional diversity and dialogue. If states or stakeholders in different regions do not feel represented, this might lead to withdrawal or disengagement. Building regional and/or thematic co-ownership in intersessional dialogues with states and stakeholders that are more willing to discuss the issue will be paramount for progress. Whether there needs to be a track for state responsibility and proliferation as it relates to the role of the private sector is yet to be seen, as the authors below also highlight.

Legitimate Use: Buzzword or Legitimate Concern?

Katharina Sommer, NCC Group

It is stark how often participants mentioned that efforts to tackle the proliferation and irresponsible use of cyber capabilities should not impede their legitimate use. Representatives recognised the need for the cyber security industry and sector to exist, as well as states’ right to protect their citizens. But beyond high-level rhetoric, there was little progress towards defining what legitimate use entailed, or the criteria that should be applied to testing whether any development or use (of offensive capabilities) was, indeed, legitimate.

The dual-use aspect of cyber security tools and practice is a perennial challenge, one that has not thus far found a satisfactory solution. Attempts in cybercrime legislation to distinguish legitimate and illegitimate activities by virtue of ‘authorisation/permission’ are hardly fit for purpose in the 21st century, and looking at intent or motivation as a key differentiator comes with its own set of challenges. What will be important in the dialogue that follows over the coming months is to ensure that efforts to define legitimate use truly involve multiple stakeholders, including those from the private sector and the cyber security industry, whose (legitimate) security research and identification of software vulnerabilities, as well as their use of offensive cyber security tools – from penetration testing frameworks to de-fanged exploits as part of red team engagements – serve the purpose of improving organisations’ cyber resilience, and should not be negatively impacted by the PMP.

Additionally, one of the most meaningful contributions during the discussions described what was needed to tackle the challenges as a mosaic. There is no silver-bullet solution, much as we all would like one. It is crucial to accept that the solution will ultimately be a patchwork of different, smaller solutions undertaken by different actors across the ecosystem, all of which will make an incremental contribution to solving the cyber capabilities conundrum. The challenge for the French and British governments leading this process will be to come up with the umbrella that brings together and coordinates these different solutions into something that makes sense and looks coherent – and not just for the PR purpose of claiming success at the end of the process in Paris next year.

State Responsibility in Developing and Using Commercial Cyber Capabilities

Aude Géry, GEODE

Regardless of states' ambitions to restrict the development, use and transfer of commercial cyber intrusion capabilities, there are already a number of international obligations that can serve as a basis for tackling the proliferation and irresponsible use of these capabilities. As such, the PMP does not operate in a legal vacuum. And because international law in itself provides a framework for accountability – in particular general international law, international human rights law and even cybercrime law – we can already identify guidelines for the establishment of such an accountability system. These may differ depending on whether the state acts as a client or regulator.

Where the state acts as a client, existing international law could provide insight on how to develop procurement or use policies. For example, one could imagine the introduction of procedures to assess the impact of the use of certain capabilities on the target and its environment, as well as on the stability of cyberspace. Where the state acts as a regulator, the implementation of the right to a fair trial seems to be one of the most pressing concerns in order to provide victims with adequate remedies. When companies under the jurisdiction of a state are involved in cases of apparent violation of international law, states should systematically initiate administrative and criminal investigations to identify potential violations by the state as a regulator and the company and its subcontractors. Following the practice of the UK courts, further consideration should also be given to states’ sovereign immunity. If we focus on end-use as the subject of regulation, we quickly realise that the foundations for an accountability framework are already in place. So, it is time to build on it.

Connecting the Dots? UN Norms and the PMP

Allison Pytlak, Stimson Center

In two places, the Pall Mall Declaration refers to the ‘framework for responsible state behaviour in cyberspace’. This is an evolving framework that has been developed through the decisions and outputs of successive UN groups of governmental experts (GGEs), notably the agreement that international law applies to the conduct of states in cyberspace and the complementary articulation of 11 voluntary, peacetime norms. These norms and the GGE’s determination about the applicability of international law have subsequently been repeatedly endorsed by all member states at the UN General Assembly. In 2021, the most recent GGE provided guidance on norms implementation. Both the norms and the applicability of international law are important areas of discussion within the current UN forum for international cyber issues, the Open-ended Working Group.

The Declaration draws particular attention to three of the norms: norm (e), on respecting human rights and relevant resolutions of the UN Human Rights Council; norm (i), on ensuring the integrity of supply chain security and preventing the proliferation of malicious ICT tools and techniques and the use of harmful hidden functions; and norm (j), on responsibility reporting of vulnerabilities and associated information sharing. It is not hard to see the connection between these norms and the types of commercial cyber intrusion capabilities that the PMP will focus on. The framework is also referenced later in the Declaration, in the paragraph which identifies accountability as one of four pillars of the process.

This is significant because the norms, and the framework more broadly, often come under criticism for being too vague or too poorly understood and applied outside of the cyber diplomacy community. By drawing a line between the framework and this emerging process, with its focus on specific cyber threats and its engagement with a broad range of stakeholders, the Declaration underscores the relevance of the norms while also demonstrating how they can be applied in practice. Also significant is the encouragement given to PMP participants to take appropriate action to hold states to account when their activity is inconsistent with international human rights law, and to hold non-state actors accountable in domestic legal systems as appropriate. The PMP has the potential to give a boost to broader cyber governance efforts, especially if it can formulate detailed and specific objectives and actions; however, it will be important to maintain complementarity and synergy with relevant UN processes. Moreover, given the challenges non-governmental stakeholders face with participating in UN processes, the PMP should prioritise active engagement with the private sector, academia and civil society.

Designing Ethical Boundaries for Cyber Intrusion

Anne-Marie Buzatu, ICT4Peace

The Montreux Document and the International Code of Conduct for Private Security Service Providers (IcoC) – along with its oversight mechanism, the International Code of Conduct Association (IcoCA) – have been pivotal in translating international humanitarian and human rights law obligations into practical, actionable standards for private security companies. This approach provides a valuable multi-stakeholder template for managing cyber intrusion capabilities. Similar to the way these documents delineate ethical guidelines for private security operations, a parallel framework could be established for cyber intrusion activities, distinguishing between those that respect human rights (such as legitimate law enforcement and anti-terrorism measures by governments) and those that do not.

In a similar fashion to the Montreux Document and IcoC/IcoCA processes, a multi-stakeholder governance framework for cyber intrusion capabilities would require a clear set of standards and principles specifically tailored to the realm of cyber security. It would articulate the boundaries of ethical cyber intrusions, ensuring that they are in line with international law, especially concerning human rights. Just as the Montreux Document addresses state responsibilities and IcoC provides guidelines for private security companies, this cyber framework would address both state and non-state actors engaged in cyber operations.

Moreover, the framework could establish robust mechanisms for accountability and oversight, similar to IcoCA’s role in monitoring compliance with the IcoC. This would not only ensure adherence to the established standards but also foster trust among international actors and the public, enhancing the legitimacy of state actions in cyberspace. By establishing clear standards and oversight mechanisms, a governance framework for the responsible use of cyber intrusion capabilities would clearly define and promote ethical cyber operations that respect human rights, differentiating them from those that do not and thereby promoting a more responsible, rights-respecting and stable cyberspace environment.

What Role(s) Do Security Researchers Play?

Jen Ellis, NextJenSecurity

The proliferation and abuse of cyber security tools and spyware is not new. As the problem grows in scope, scale and negative impact, so too does the complexity of potential responses. So, I am heartened to see the UK and France taking an approach with the PMP that not only brings more than 30 governments together, but also includes the private sector, civil society and academia. The recent meeting in London represented an important stake in the ground, gathering voices from all these communities together to advance a nuanced understanding of the problem and to start discussions around potential responses.

As the name suggests, this will be a process, and I doubt that a resolution will be reached quickly or easily given the different dynamics and priorities at play for various stakeholders. Yet, I am encouraged by a few factors in the conversation so far. Firstly, there is an important emphasis on the realities of the harms being perpetrated and the human factors driving this discussion. We must not lose sight of this aspect as we move forward through the process.

Secondly, there has been a solid acknowledgement of the importance and value of security research and legitimate cyber security tools. It is critical that the process avoids over-simplified, knee-jerk responses to abuses of these activities and calls for prohibiting them. Such a move would leave society far more exposed to cyber threats and could even strengthen the black market for vulnerabilities and exploits as researchers seek a payday they would otherwise get from more respectable avenues.

Finally, there is an appreciation that there are vendors who want to be part of the solution, not part of the problem. I worked for one such vendor for many years, and we strove to find ways to create greater accountability, oversight and transparency around our relevant sales, research and product development practices. I believe other vendors will do likewise if provided with a clear set of activities that can be undertaken without crippling the business. I hope this will form part of the work that comes out of the PMP in the future.

Making the PMP a Success

Jérôme Barbier, Paris Peace Forum

The launch of the PMP can be welcomed as a diplomatic success. With 25 states and regional organisations signaling their willingness to work on defining clearer rules for the legitimate use of cyber intrusive capabilities and to tackle their proliferation on the commercial market, the UK and France managed to deliver two important diplomatic outcomes. First, confirming the interest of a diverse group of states, including those beyond the usual group of ‘like-minded countries’ – in focusing on this difficult but important issue in a dedicated process. Second, they extended the topic from commercial spyware – already dealt with in other initiatives such as the US-led joint statement of March 2023 – to the larger market empowering the irresponsible use of cyber intrusive capabilities.

Both achievements are a good start. But the danger would be to keep navigating in comfortable processual waters instead of actually solving the problems the initial declaration has laid out. At a time when the proliferation of international summits, processes and initiatives is in and of itself threatening the efficiency of states’ efforts to secure a free, peaceful and stable cyberspace, it is even more important to identify clear intermediary goals if the PMP is to become a true success. Some baseline suggestions can be made in this regard, building on the experience of other processes:

Define a clear roadmap towards the French-hosted Pall Mall meeting in early 2025. This should especially include intermediary meetings throughout 2024 to identify possible consensual outcomes in early 2025, as well as key challenges to be addressed in detail.

Focus on clarifying legitimate uses with concrete use cases in mind. Before discussing any non-proliferation guideline or framework, participating states should focus on clarifying the uses of cyber intrusive capabilities that they consider legitimate.

Leverage existing multistakeholder platforms and instruments. Building on existing frameworks and platforms such as the Cybersecurity Tech Accord or the Paris Call for Trust and Security in Cyberspace will ensure widespread and meaningful participation of the stakeholder community, while avoiding reinventing the wheel in Pall Mall meetings.

Why Does this Matter – and What Next?

Gareth Mott, RUSI

There is no single ‘killswitch’ solution to the overarching dilemma of offensive cyber tools. In a world where we cannot ‘airgap’ our societies, solutions must necessarily be international.

The proliferation of intrusive and disruptive commercial cyber tools is arguably a microcosm of a broader ‘clash of governance’ that has come to be a defining feature of the 21st century. If domestic and international legislatures were computer programmes, one could say that their source code has been written over the course of centuries through the formation of laws and norms. From the late 20th century onwards, however, this system of governance has overlapped – and contended – with a new form of governance: computer code authored predominantly by researchers and the private sector.

At least 80 states are believed to have drawn on the wares of the growing offensive cyber industry to bolster their intrusion and surveillance capabilities. In 2017, rogue entities repurposed a leaked US National Security Agency exploit – EternalBlue – and launched the WannaCry and NotPetya ransomware attacks. In the case of WannaCry, the international community – including a potentially disoriented British government – were given a reprieve by Marcus Hutchins’ identification of a killswitch. Will we be so lucky next time?

The proliferation of offensive cyber capabilities is fraught with risk. The PMP is a distinct opportunity for the international community to learn from the past and prepare for the future. The road may be rocky, and we should expect difficult, earnest and forthright discussions. But these should be welcomed, not feared. There are times when agreeing to disagree can be a fruitful endeavour. In the meantime, like-minded states must use their existing domestic levers to apply pressure and create the foundation for new norms – including, for instance, export controls, blacklists and codes of conduct. Additionally, like-minded states must empower civil society organisations, the media and researchers to shed light on malpractice and unchecked proliferation. Recent pushback against international reporting on some malpractice in this sector highlights a trend among some members of the industry to penalise those who help to inform checks and balances. The ‘whole of society’ adage in cyber security can seem cliché, but the endeavour to mitigate the excesses of cyber proliferation must be exactly that. Future generations are watching us.

The views expressed in this Commentary are the authors’, and do not represent those of RUSI or any other institution.

Have an idea for a Commentary you’d like to write for us? Send a short pitch to commentaries@rusi.org and we’ll get back to you if it fits into our research interests. Full guidelines for contributors can be found here.