ICCA-NYC Bar-CPR Working Group’s 2020 – Cybersecurity Protocol for International Arbitration

The Cybersecurity Protocol of International Arbitration is the end product of a two year collaboration by a working group on cybersecurity comprising of the representatives of the International Council of Commercial Arbitration (ICCA), the New York City Bar Association (City Bar), and the International Institute for Conflict Prevention & Resolution (CPR).

The purpose of the Protocol is:

  • To provide a framework to determine reasonable information security measures for individual arbitration matters, and
  • To increase awareness about information security in international arbitration, including:
    • Information security risks in the arbitral process;
    • The importance of security in maintaining user confidence;
    • The role of individuals in effective risk mitigation, and
    • Information to improve everyday security practices.

The scope of the Protocol is:

  • Specifically intended for international commercial arbitration (but may be a useful reference for domestic arbitration);
  • Mitigation of information security risks, and
  • Information security and data protection are greatly regulated by data protection law.
    • Adherence to the Protocol may facilitate compliance with data protection legal regimes, such as the European Union General data Protection Regulation (however this is not a main objective of the Protocol).

The Protocol reviews the importance of cybersecurity in arbitration, which has become a principally digital process. There are inherent risks in international arbitration, partly due to the cross-border and multi-jurisdictional nature of the disputes, which often involve extensive traveling and the use of multiple networks and legal teams.

The Protocol is organised into Principles, Commentary, and Schedules. The Principles provide guidance on how to adhere to a high standard of information security during an international arbitration. The Schedules then offer more detailed guidance.

Principles 1 to 4 address the scope and applicability of the Protocol. In particular, they address the role of the arbitral tribunal, the parties, and other administering institutions in ensuring effective information security. Principle 5 establishes the standard of reasonableness. Principles 6 to 8 take into account practical considerations regarding how reasonable action towards better information security can be taken. The recommendations include identifying and classifying all information and controlling access to it. Weight should be given to communication security. Secure means of communicating include exercising caution with attachments and links, using secure share-file services, and avoiding the use of public networks. The Protocol recognises that the necessary security measures vary depending on the type of arbitration. Specifically, consideration should be given to how transmissions of arbitral data during an ongoing arbitration will be made. Principles 9 to 13 further outline the procedural steps to be taken in an individual arbitration and the importance of party autonomy in determining those steps. However, it also recognises the authority of the arbitral tribunal to modify security measures that have been insufficiently agreed upon by the parties. Furthermore, in light of Principle 13, the tribunal may (in the event of a breach) impose sanctions on those parties. Lastly, Principle 14 clarifies that the Protocol does not establish any liability or any liability standard.

Cybersecurity is crucial in arbitration as the credibility and integrity of the dispute resolution process depends on it. The Working Group has deliberately adopted an ‘editing approach’. Consequently, the Protocol will evolve over time in response to ongoing feedback.

2019-12-23T08:42:22+11:00

Upcoming Events

  • Mediation Training - Adelaide
    • Days 1 - 3
      February 26, 2020 - February 28, 2020
      8:30 am - 5:00 pm
    • Days 4 - 5
      March 2, 2020 - March 3, 2020
      8:30 am - 5:00 pm

      Multidisciplinary Participation ADC’s mediation training is suitable for participants from a broad range of professions and sectors including: business; government; law; tertiary academics and…

  • Conflict Resolution & ADR - Adelaide
    • February 26, 2020
      8:30 am - 5:00 pm

    Have you ever thought 'I could have managed that conflict situation better'? Or even better still, avoided it before it began! Conflict can occur in any contractual and personal…

  • Mediation Refresher Training - Adelaide
    • One day Mediation Refresher Training
      March 2, 2020
      8:30 am - 5:00 pm
    • One day Mediation Refresher Training
      March 3, 2020
      8:30 am - 5:00 pm

    This one day programme is intended for candidates preparing for accreditation or re-accreditation, mediators seeking to complete their CPD requirements and those seeking an opportunity…

  • Mediation Accreditation Day - Adelaide
    • March 4, 2020
      8:30 am - 5:00 pm

    Industry Approved Pathway to Australian National Mediation Accreditation Internationally approved by the Chartered Institute of Arbitrators 1-Day Accreditation Program ADC’s 5-day mediation course participants who…

  • Mediation Training - Sydney
    • Days 1 - 3
      March 4, 2020 - March 6, 2020
      8:30 am - 5:00 pm
    • Days 4 - 5
      March 9, 2020 - March 10, 2020
      8:30 am - 5:00 pm

    Your Mediation Training: choose the ADC difference How do you become a nationally accredited mediator, a more effective negotiator, a ‘mediation-skilled’ legal adviser, a more effective…

  • Conflict Resolution & ADR - Sydney
    • March 4, 2020
      8:30 am - 5:00 pm

    Have you ever thought 'I could have managed that conflict situation better'? Or even better still, avoided it before it began! Conflict can occur in any contractual and personal…

  • Mediation Refresher Training - Sydney
    • One day Mediation Refresher Training
      March 9, 2020
      8:30 am - 5:00 pm
    • One day Mediation Refresher Training
      March 10, 2020
      8:30 am - 5:00 pm

    This one day programme is intended for candidates preparing for accreditation or re-accreditation, mediators seeking to complete their CPD requirements and those seeking an opportunity…

  • Mediation Accreditation Day - Sydney
    • March 11, 2020
      8:30 am - 5:00 pm

    Industry Approved Pathway to Australian National Mediation Accreditation Internationally approved by the Chartered Institute of Arbitrators 1-Day Accreditation Program ADC’s 5-day mediation course participants who…

  • Dispute Resolution and the Abrahamic Faiths
    • Commencing 5.45pm AEDT - State & Territory Time Zones Apply
      March 19, 2020
      5:45 pm - 7:00 pm
  • Mediating in the Headlights of Litigation and Arbitration
    • 1 Day - Commercial Mediation Masterclass & Networking Cocktail Party (Eligible for 8+ CPD Points)
      March 25, 2020
      8:30 am - 5:00 pm
    • All 3 Days - Advanced Commercial Mediation Accreditation (Eligible for 25+ CPD Points)
      March 25, 2020 - March 27, 2020
      8:30 am - 5:00 pm
Do NOT follow this link or you will be banned from the site!