The initial “pre-draft” of the report of the United Nations Open-Ended Working Group (OEWG) on developments in the field of information and telecommunications in the context of international security, circulated by the Chair Mr.J.Lauber, is, according to our evaluation, negotiable. There is an attempt to preserve relative balance of interests and opinions of all the negotiating Parties, which determined a relatively vague nature of the draft. Thus, a good foundation has been created for a final OEWG report that may be consensually approved in future.
We, nevertheless, assume that alongside with a range of positive traits (the report highlights the special role of the OEWG in establishing regular institutional dialogue on international information security (IIS) under the UN auspices, the need to strictly observe the UN Charter, the danger of development of offensive ICT capabilities and militarization of the digital space, etc.) the document promotes many unacceptable approaches both to substantive issues of maintaining IIS and to organizational matters of the respective negotiation process under the UN auspices.
The Russian side is concerned about substantial distortions in key aspects of IIS that the draft contains:
1) The document exaggeratedly emphasizes the principle of applicability of universally recognized norms and principles of international law set forth in the UN Charter and in the Declaration on principles of international law friendly relations and cooperation among States in accordance with the Charter of the United Nations, dated 1970, to the use of ICTs. At the same time, this principle is not linked to specific modalities of its applicability, namely, who, how and in which circumstances can apply it. These practical aspects demand to be regulated by a specialized international legal instrument that would provide for the modalities of applicability of the existing norms of international law to the use of ICTs, as well as, if necessary, include new norms.
In the initial pre-draft of the report the appropriate “formula” set out in the GGE reports of 2013 and 2015 lacks its essential part about the possibility of developing, if necessary, new international legal norms to regulate the behaviour of States in information space. In the current situation of de facto “legal vacuum” in regulating the use of ICTs the time is ripe for such steps.
2) Overwhelming emphasis is placed on certain branches of international law including international humanitarian law (IHL), international criminal law, as well as international human rights law. We regard as potentially dangerous the attempts to impose the principle of full and automatic applicability of IHL to the ICT environment in peacetime. This statement itself is illogical and contradictory, because IHL is applied only in the context of a military conflict while currently the ICTs do not fit the definition of a weapon.
3) It is unacceptable to include in the text the concept of political “attribution” of cyber attacks which runs counter to the agreements reached within the framework of the 2015 GGE which clearly indicate the need to support any accusations against States with appropriate technical evidence.
4) Considerable number of questions, which are not directly related to the problem of ensuring international peace and security (issues of the UN First Committee) are unreasonably included in the “pre-draft” of the report. Redundant references to the problems of sustainable development, including its social aspects, human rights and gender equality, which, as mentioned in the text, fall within the competence of other UN bodies look, especially inappropriate.
5) The importance of “multi-stakeholder approach” with emphasis on the contribution of non-governmental sector, business and academia to ensuring responsible behaviour in the information space is artificially exaggerated.
At the same time the problem of insufficient regulation of private sector activities in the ICT sphere and increasingly urgent issue of monopolization of this area is omitted as one of the key threats to the development of peaceful and competitive ICT environment.
6) The pre-draft blurs the central role of the UN in ensuring IIS by delegating excessive authority in this area to regional structures and organizations.
7) We find utterly unacceptable the attempt to link the work of the OEWG to that of the GGE, which makes a comprehensive negotiation mechanism within the UN dependent on a narrow and ‘elitist’ expert platform. Undermining the OEWG status this way is insulting to the 119 UN Member States that supported its establishment.
The proposal to resume the work of the OEWG only during the 76th session of the UN General Assembly seems dangerous; it practically means suspending the format’s work for a year and a half. In this case, all negotiations on IIS will be de facto outsourced to the GGE. Moreover, the draft also includes a proposal to extend the GGE’s mandate at the 76th session of the UNGA, which goes beyond the scope of the OEWG’s competences.
8) The draft switches focus from real activities on ensuring IIS to adopting a wide range of half-measures. The section on recommendations is replete with idea of establishing “repositories” (data bases) on all aspects of the OEWG mandate. We consider this as an attempt to duplicate and “spray” the efforts of the international community, as well as to use these “repositories” in future as a leverage against States in order to expose their positions on sensitive issues related to their national security.
In our view, the primary task for all countries at this stage, while reaching consensus on the elaboration of a universal legal basis in IIS field is impeded, is to concentrate their efforts on joint work on norms, rules and principles of responsible behaviour of States in information space. The current language of the draft does not give priority to the respective section. It also lacks references to the 2018 UN General Assembly resolution 73/27 adopted upon Russian initiative by the majority of votes, in which the initial list of such rules was officially set forth for the first time. Instead, the draft insistently promotes the 11 norms from the 2015 GGE report.
We consider appropriate to enhance the draft with, at least, those norms, contained in the 2018 UN General Assembly resolution 73/27 (items 1.1.-1.13.), that have already been approved by the majority of the UN Member States. Furthermore, it would be useful to consider incorporating into the OEWG report proposals of individual States on strengthening national sovereignty in information space (China), use of ICTs exclusively for peaceful purposes (Iran), ensuring integrity of supply chains (China, Iran) and the need to prevent militarization of information space (Cuba). If consensus agreement on these or other proposals is not reached, it is critical, nevertheless, to reflect them in the report (and not in the annex) as a position of a group of States (“some States expressed the view that…”, while “other States noted that…”).
Regarding the continuation of the negotiation process on IIS within the UN, we suppose it is necessary that the report recommends the extension, for instance until 2025, of the mandate of the OEWG, acting on a consensus basis, charging it with the same aims and objectives for which it was founded and, thus, ensuring continuous work of the Group in a medium term perspective.
At the same time, we consider inappropriate the idea mentioned in the report to request the International Law Commission to clarify how international law applies in the use of ICTs. In our opinion, national views and practice which could serve as a ground for the Commission are limited.