Cyber Brief: U.S.-Japan Agreement

The U.S.-Japan Security Consultative Committee convened last April for the first time since August 2017. The two governments agreed that a cyber attack could, in certain circumstances, constitute an armed attack for the purposes of Article V of the U.S.-Japan Security Treaty. A decision as to when a cyber attack would constitute an armed attack would be made on a case-by-case basis.

This announcement is an echo of several other similar agreements. The most well-known of these is NATO’s stance that Article 5 of the North Atlantic Treaty can be applied to attacks in cyberspace, a stance which NATO has held for almost a decade. The U.S. and Australia agreed in 2011 to a similar extension of the Australia, New Zealand, and U.S. Security Treaty (ANZUS Treaty) to consult and determine appropriate collaborative options to address cyber threats. This language is very similar to that of a 2015 agreement between the U.S. and Japan Cyber Defense Policy Working Group to consult and collaboratively address serious cyber incidents.

The following documents include items recently obtained by the Cyber Vault along with additional materials housed in the Cyber Vault Library that provide useful context on the subject.

 

new documents

Previously posted documents

 

NATO Cooperative Cyber Defence Centre of Excellence, National Cyber Security Framework Manual. 2012. Unclassified.

 

Catherine A. Theohary and Anne I. Harrington, Congressional Research Service, Cyber Operations in DOD Policy and Plans: Issues for Congress, January 5, 2015. Unclassified.

 

Ministry of Defense, Government of Japan, "Joint Statement of the U.S.-Japan Cyber Defense Policy Working Group," May 30, 2015. Unclassified.

 

Cooperative Cyber Defence Centre of Excellence, International Cyber Norms: Legal, Policy and Industry Perspectives, Jan 2016.