Does President Obama Have to Send the “Cyber Arms Control” Agreement with China to the Senate?

by Julian Ku

U.S. and Chinese negotiators are apparently very close to working out an agreement to limit the use of cyberweapons against each other.  There is talk that this agreement will be concluded before Chinese President Xi Jinping’s state visit to the U.S. next week.  The agreement will be pretty narrow in scope and apparently would not address the acts of cyber-theft and espionage that China allegedly carried out earlier this year. According to the NYT:

The United States and China are negotiating what could become the first arms control accord for cyberspace, embracing a commitment by each country that it will not be the first to use cyberweapons to cripple the other’s critical infrastructure during peacetime, according to officials involved in the talks.

I am skeptical that this kind of agreement could be effective for the reasons that Jack Goldsmith and Paul Rosenzweig have laid out (see also Goldsmith at greater length here).  But putting aside its effectiveness, it is worth asking whether a “cyber arms control agreement” would be the type of an agreement that required approval by two-thirds of the Senate as a treaty.

Much depends on exactly what the agreement purports to do.  If the agreement actually contains a commitment by the U.S. to “not be the first to use cyberweapons to cripple the other’s critical infrastructure”, than it is much closer to the traditional kinds of arms control agreements that have usually been approved under the U.S. system as treaties.  Unlike the Iran Nuclear Deal (which is mostly about lifting economic sanctions), the U.S. would be committing to refraining from using certain weapons or from exercising its military forces.

On the other hand, U.S administration sources caution that this agreement would not lay out specific obligations, but it “would be a more ‘generic embrace’ of a code of conduct adopted recently by a working group at the United Nations.” But even an agreement incorporating that code of conduct might be considered an “arms control” agreement since it requires that a state “should not conduct or knowingly support ICT activity contrary to its obligations under international law that intentionally damages critical infrastructure or otherwise impairs the use and operation of critical infrastructure to provide services to the public;” The rest of the code of conduct also imposes fairly robust obligations on a state.

I will have to think about this some more, but on first cut, it is possible that this cyber control agreement will have to be sent to the Senate as a treaty.  I think Senate approval of such a treaty would be a non-starter given the current political climate, so perhaps the Obama Administration will announce that this will be a sole executive agreement after all.  Whether that is permitted under the Constitution remains unclear though.

8 Responses

  1. Julian — I’d assumed it would be done as a political commitment, and thus be outside either the executive agreement or treaty-making processes?

  2. Perhaps…something to keep an eye on. If it is a “political commitment,” it seems even less significant than it sounds.

  3. But Julian, this subject matter relates rather nicely to Commander-in-chief competencies. Certainly Congress can limit presidential war powers in terms of time, place, manner, status, etc. (e.g., Bas v. Tingy; Brown v. United States; Little v. Barreme (The Flying Fish); etc.). But if they do not act, why can’t the President simply conclude a binding sole Executive Agreement (or even seek a Congressional-Executive agreement without the need for 2/3 Senate approval of presidential ratification)?

  4. Thanks for your comment, Jordan. I am sympathetic to your approach, although wouldn’t that suggest that the President has an independent constitutional authority to launch cyber attacks on foreign nations. Otherwise, he couldn’t promise NOT to launch such attacks in a binding executive agreement? Since this is a “no first use” agreement, wouldn’t that implicate only the President’s power to launch offensive attacks, rather than self-defense attacks?

  5. Well, she does have authority under international law and the U.S. Const., Art. II, Sec. 3 (faithfully execute the “Law”), and the c-I-c power to engage in lawful measures of self- or collective self-defense in response to other forms of armed attack on the U.S., its military, its embassies, or its nationals abroad — which would not be an offensive attack but a first use of the cyber weapon.

  6. Response…Just a bit of history, concerning executive agreements, there was the Avenda memorandum and the legal rulings following the Medellon conviction which is part of Ted Cruz claim to fame.

Trackbacks and Pingbacks

  1. Christy Leigh Home Decor

    Opinio Juris » Blog Archive Does President Obama Have to Send the “Cyber Arms Control” Agreement with China to the Senate? – Opinio Juris

  2. Botas De Ugg

    Opinio Juris » Blog Archive Does President Obama Have to Send the “Cyber Arms Control” Agreement with China to the Senate? – Opinio Juris