A detailed set of guidelines on what cybersecurity measures to take when handling arbitration was released today as part of New York Arbitration Week.
The Cybersecurity Protocol for International Arbitration (2020) is the culmination of two years of work by a working group on cybersecurity consisting of representatives of the International Council for Commercial Arbitration (ICCA), the New York City Bar Association (City Bar), and the International Institute for Conflict Prevention & Resolution (CPR).
The protocol was published with the twin goals of providing a framework for determining reasonable information-security measures for individual arbitration matters and increasing awareness about information security in international arbitration.
Cybersecurity is crucial in arbitration, since the credibility and integrity of any dispute-resolution process depends on maintaining a reasonable degree of protection over the data exchanged during the process.
A City Bar representative said: "We are proud that this important work has had its launch during New York Arbitration Week and at the New York International Arbitration Center. New York is one of the most frequently selected locations for international arbitration in the world and the most popular city for arbitration in the United States."
The protocol reviews the importance of cybersecurity in high-stakes international arbitration, which often involves extensive travel and the use of multiple networks. Recommendations include identifying and classifying all information and controlling access to it as appropriate.
Suggested information security measures for hearings and conferences include implementing procedures for the handling of any transcripts, recordings, or videos that are made and restricting what technology attendees may bring to and use at hearings.
"The Protocol provides a pathway for the arbitration community to maintain a culture of awareness and effective security so that arbitration will continue to meet users’ expectations," said a City Bar representative.
The working group published an initial Consultation Draft in April 2018, together with a request for comments that was sent to more than 240 individual consultees representing arbitral institutions, law firm arbitration practice groups, expert witnesses in arbitration proceedings, and non-governmental organizations such as bar associations.
In the expectation that the protocol will necessarily evolve over time, the working group has appended "2020" to this first edition. Feedback on the Cybersecurity Protocol may be sent to cybersecurity@arbitration-icca.org.