In 2019, the United Nations (UN) restarted
their discussions on international peace and stability in cyberspace. The
Cybersecurity Tech Accord signatories have welcomed this step as critical to
our ability to increase the resilience of our common online environment, and
have sought to constructively contribute whenever possible, whether through the
relevant Group of Governmental Experts (GGE), Open-Ended Working Group (OEWG), or
the High-Level Panel on Digital Cooperation. We were particularly honored to
have been able to participate at the UN Intersessional meeting this past December,
which included numerous participants not just from governments, but from civil
society, and industry as well.
We are, therefore, excited about the next step
in these processes – the consolidation of different views and discussions into a
report that includes a set of concrete recommendations that will allow us to
collectively build a more peaceful online world. In a move that needs to be praised
for its transparency, the OEWG was first out of the gate and published its draft report for consultation with the deadline of 3rd April.
Most of the report serves to summarize the
discussions in the OEWG so far, which might leave some observers feeling
underwhelmed. Upon a closer read however, this summary represents an extremely
helpful contribution to the discourse, as it in one place highlights the
differences in approaches and in interpretation that exists among the UN
members today. Moreover, the report does
conclude with a set of recommendations encouraging governments to continue to
work on different aspects of international security of cyberspace.
Most noteworthy include:
- The International Law
Commission be requested by the General Assembly to undertake a study of
national views and practice on how international law applies in the use of ICTs
by states in the context of international security. - The Secretary-General
be requested to establish a repository of national practices regarding
international rules, norms and principles of responsible behavior of states,
which could be further developed into guidance on implementation. - The Secretary-General
be requested to establish a repository of CBMs adopted at regional and
sub-regional levels to enable the sharing or exchange of information on CBMs
and identify potential capacity and resource gaps. - The Secretary-General
be requested to establish, in coordination with interested regional and
sub-regional bodies, a global registry of national Points of Contacts at the
policy or diplomatic level, bearing in mind coordination with other such
registries, including at the regional and subregional levels. - The Secretary-General
be requested to establish a global mechanism for enhancing coherence in
capacity-building efforts in the use of ICTs, possibly in the form of a
facilitation mechanism, in coordination with existing efforts, including at the
regional and sub-regional levels. - Member States be
encouraged to further cooperate to build capacity to identify and protect
national and transnational critical infrastructure as well as supranational
critical information infrastructure. - The 76th session
of the General Assembly to convene a new open-ended working group of the
General Assembly and request the Secretary-General to establish a new group of governmental
experts.
The Cybersecurity Tech Accord signatories
welcome these recommendations, in particular the recognition that the
conversation in this space needs to continue. Nevertheless, we would like to
see the OEWG go a step further and recognize that while states clearly have a
leading role to play in creating and upholding a normative framework for
behavior, the multistakeholder community must also play a pivotal role in
providing input and helping set direction for these discussions as they relate
to cyberspace. This could be recognized in ensuring that these discussions
going forward define a clear process for consultation and input from the civil
society and private sector. Current references to “other stakeholders” in
Section H (Conclusions and Recommendations) are not sufficient, in our view. Additionally,
and more immediately, the OEWG could recognize in its report the outcomes of widely
accepted multistakeholder efforts, such as the Paris Call for Trust and Security in Cyberspace, which currently has over 1,000 supporters,
including the Cybersecurity Tech Accord. With that in mind, we would recommend
incorporating the following principles agreed in that forum into the UN
dialogues:
- “Prevent malign interference by foreign actors
aimed at undermining electoral processes through malicious cyber activities;”
(Paris Call principle #3) - “Prevent ICT-enabled theft of intellectual
property, including trade secrets or other confidential business information,
with the intent of providing competitive advantages to companies or commercial
sector;” (Paris Call principle #4) and - “Prevent activity that intentionally and
substantially damages the general availability or integrity of the public core
of the Internet.” (Paris Call principle #2)
We hope that this initial response sparks
further thinking on recommendations that could be put forward as part of the
OEWG and help advance our shared objective: achieving a rules-based and
rights-respecting online world for all.
The post Cybersecurity discussions at the United Nations: Let drafting begin! appeared first on Cybersecurity Tech Accord.