On March 12, 2021, the United Nations adopted a UN Open-Ended Working Group (OEWG) report on the Developments in the Field of Information and Telecommunications in the Context of International Security. We asked Dr. Daniel Stauffacher, Founder and President of ICT4Peace, to tell us about the current UN-led work on cyber security issues, ICT4Peace engagement in the OEWG proceedings and the ways to improve UN negotiation processes.
Could you please tell us a few words about ICT4Peace?
ICT4Peace Foundation is an independent think tank based in Geneva, Switzerland. I established it in 2003, following the first phase of the World Summit on the Information Society (WSIS), with the support of the Swiss Government. Our main mission is to promote peace and security in cyberspace and to champion the use of ICTs for peacebuilding, upholding human rights and embarking on humanitarian operations. We work closely with the UN, national governments, business community and civil society through policy research, advocacy and capacity building.
What is your assessment of the current UN-led work on cyber security issues?
Progress in advancing peace and security in cyberspace within the framework of the UN is really slow. Lack of any tangible mechanism to hold states accountable for their breaches of international law and agreed norms as well as failure to accept that International Humanitarian Law is also applicable to cyberspace is especially disappointing. Still, we should recognize that the recent agreement through negotiations of the UN Open Ended Working Group is a positive step forward, in spite of the global trend towards escalating tensions, especially those between Russia, China and the U.S.
We have two negotiating platforms, the GGE and the OEWG. What do you think about such co-existence?
We appreciate the history and the genesis of these two parallel processes, however, I should say it is now time that we combined the two formats to create a single negotiating forum under the UN General Assembly First Committee. Such an inter-governmental platform should include all states and be open for insights from industry and civil society. We should no longer tolerate the inefficiencies and injustices of the two-tier negotiating system, entitling different governments with different rights, which, in fact, poses the risk of arriving at contradictory results in the two fora.
What can you say about ICT4Peace Engagement in the OEWG?
ICT4Peace is an NGO that enjoys ECOSOC status and is fully accredited to the UN. In that capacity, we have participated in the OEWG’s proceedings from day one, including informal and multi-stakeholder meetings. Our submissions, proposals and comments made during the plenary sessions and those on various draft reports at the stage of negotiations are accessible on the official UN ODA website. Besides, in cooperation with the OAS, UN ODA and Kenya, ICT4Peace organized a series of cybersecurity policy and diplomacy training workshops for Latin American and African diplomats.
On Friday, March 12, 2021, after one and half years of proceedings, the UN Open Ended Working Group (OEWG) on Information and Telecommunications (ICT) in the context of international security adopted a report. What is your assessment of this document?
We are glad that a consensus report was adopted, though we recognize that agreement on the final report was only achieved by dividing the text, which was developed over several months, into two parts: the Final Substantive Report, being a consensus section, and the Chairman’s Summary. We regret that the report fails to acknowledge and condemn the growing militarization of cyberspace and refrains from stipulating new restraint measures on state cyber operations beyond their borders. No progress regarding the adoption and implementation of the Rules, Norms and Principles of Responsible State Behavior was achieved, nor was there progress regarding the contentious issue as to how exactly international law applies to state activities. Recognizing that International Humanitarian Law also applies to the cyber-realm failed to produce agreement, which is regrettable. Finally, while there is much praise for the positive role that Confidence Building Measures (CBMs) could play, no new measures have been put forward and agreed on.
Do you welcome the launch of a new OEWG (2021–2025)?
While we appreciate that all UN member states are again allowed to participate in the UN negotiations on Peace and Security in Cyberspace, we would have preferred that the proposed Program of Action supported by some 50 states be adopted, as it would have consolidated the future work of the UN into a single, permanent body.
What are your expectations about the GGE report to come out soon?
We hope that the ongoing UN GGE will make progress on the difficult question on how exactly the international law applies in cyberspace and gives practical guidance on how to implement and abide by the agreed norms. We also hope that the GGE adopts and calls for a clear commitment by states to implement some of the norms, in particular, that concerning bans on attacks on critical infrastructure of any kind, a restraint that should be observed at all times. ICT4Peace will continue to promote its idea for a Cyber Peer Review mechanism, which would enable states to discuss harmful incidents and the scope of offensive cyber operations, with a view to foster more accountability among states.
How to improve UN negotiation processes on cyber and informational security issue?
Let me turn your attention back to the Program of Action, which is lightly modeled after the 2001 UN Program of Action on Small Arms and Light Weapons. This Program has, as one of its principal features, the consolidation of the UN’s work on international cyber security into a single permanent forum which would hold regular meetings as well as review and ad hoc thematic sessions and which would enjoy certain Secretariat support. This proposal was the most practical and results-oriented option submitted to the OEWG. It was in line with ICT4Peace’s long-standing call to institutionalize the UN cybersecurity work by establishing a Committee on Cyber Security under the General Assembly and provide such a committee with dedicated Secretariat support via a UN Office of Cyber Affairs.