The SCO Cyber Code refers to the International Code of Conduct for Information Security, a draft voluntary code first submitted to the UN Secretary-General in September 2011 by China, Russia, Tajikistan and Uzbekistan (UN doc A/66/359). A revised version was circulated in January 2015 (A/69/723) after Kazakhstan and Kyrgyzstan joined as co-sponsors, aligning the document with the membership of the Shanghai Cooperation Organisation (SCO).
The Code calls on states to:
- Refrain from using information and communication technologies (ICTs) to carry out hostile activities or acts of aggression against other states.
- Cooperate against the dissemination of information that "incites terrorism, secessionism or extremism" or undermines other countries' "political, economic and social stability."
- Reaffirm the principle of state sovereignty over ICT infrastructure within national territory.
- Promote a greater role for governments, and for the UN, in internet governance.
The Code is widely read as a counter-model to the Western-backed multistakeholder approach championed by the United States, EU member states and the Freedom Online Coalition. Critics, including the US and several European delegations, have argued that its broad language on "information security" (as opposed to the narrower "cybersecurity") could legitimise domestic censorship and restrictions on cross-border information flows. Supporters frame it as a necessary safeguard against foreign interference and as a complement to the work of the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) on ICTs.
The Code has never been adopted as a binding instrument, but its concepts have repeatedly resurfaced in SCO summit declarations, in Russian and Chinese submissions to the OEWG, and in the 2015 SCO Agreement on Cooperation in Ensuring International Information Security. For MUN and policy researchers, it is a key reference point for the normative split between "cyber sovereignty" and "open internet" camps in UN First Committee debates.
Example
In January 2015, China, Russia, Kazakhstan, Kyrgyzstan, Tajikistan and Uzbekistan submitted a revised International Code of Conduct for Information Security (A/69/723) to the UN General Assembly.
Frequently asked questions
No. It is a voluntary draft code of conduct circulated at the UN General Assembly; states are invited to endorse its principles but it creates no treaty obligations.
Keep learning