Policy paper

UK-Poland cyber co-operation commitment

Published 21 December 2017

The relationship between Poland and the UK is deep and broad, marked by co-operation across all sectors of our societies and governments. The UK and Poland enjoy a shared history that dates back many generations. Our troops fought alongside one another during World War II and today security continues to be a key pillar of our co-operation. Our common history, our shared values, and our partnership on global issues is what binds us together. Our partnership immeasurably enhances our mutual security and prosperity including in cyberspace.

We recognise that the pace and development of new technologies and applications, in conjunction with greater access, is delivering significant opportunities for both economic and social development. While bringing great advantages, the reliance on increasingly interconnected networks also exposes states to new vulnerabilities. Irresponsible or illegal exploitation of those vulnerabilities can have both profound impact on the victim, our economic well-being and, in the most egregious cases, risk international stability. Cybercrime is a global phenomenon affecting all states. Over the last year, we have seen a significant increase in the scale and severity of malicious cyber activity, including hack and leak operations and further use of ransomware. We underline the declarations adopted by Allies at the Wales and Warsaw summits that cyber defence is part of NATO’s core task of collective defence. We believe in taking a holistic response to these challenges which includes short and longer term solutions such as working with allies to respond to cyber-incidents and impose costs on malicious actors, increasing our deterrence through NATO and the EU as well as improving the capability of our partners in Eastern Europe and the Western Balkans with cyber capacity building programmes.

We confirm our joint commitment to promoting an international stability framework for cyberspace based on the application of existing international law, agreed voluntary norms of responsible state behaviour and confidence building measures, and supported by co-ordinated capacity building programmes.

We reaffirm our commitment to a free, open, peaceful and secure cyberspace. The foundation for state behaviour in cyberspace is our mutual commitment to existing international law, including the respect for human rights and fundamental freedoms, and the application of international humanitarian law to cyber operations in armed conflict. We reaffirm that the UN Charter applies in its entirety to state actions in cyberspace. The law of state responsibility applies to cyber operations in peacetime, including the availability of the doctrine of countermeasures in response to internationally wrongful acts.

We affirm states’ legitimate right to develop both offensive and defensive cyber capabilities, and emphasise their obligation to ensure their use is governed in accordance with international law. Acknowledgement of these capabilities does not encourage aggression, or contradict our common commitment to maintaining a peaceful ICT environment. Rather, acknowledging the existence of these capabilities fosters the understanding that, just like in the physical domain, Poland and the UK will co-operate to deter, mitigate and attribute malicious cyber attacks by criminals, state actors and their proxies, including those that seek to interfere in the democratic processes of states.