New global cybersecurity process begins: APC presents statement at UN Open Ended Working Group

Photo: Deborah Brown

By APCNews

From 9 to 13 September 2019, the United Nations Open Ended Working Group (OEWG) on developments in the field of information and telecommunications in the context of international security held its first substantive session in New York. The OEWG has a broad mandate, covering existing and potential threats in cyberspace; the applicability of international law; rules, norms and principles for responsible state behaviour in cyberspace; the possibility of regular institutional dialogue; confidence-building measures; and capacity building.

Created in late 2018 by the UN General Assembly’s First Committee, the OEWG aims to broaden the dialogue on cybersecurity among member states, and to a certain extent, other stakeholders. It is the first time all governments have convened to discuss this topic at the UN, marking the beginning of one of two UN processes on the topic, which is set to conclude in July 2020.

People’s increased reliance on information and communications technologies (ICTs) for many aspects of their daily lives means that threats to cybersecurity have direct impact on their safety, well-being and enjoyment of human rights. Those who are in marginalised or vulnerable positions due to gender, religion, ethnicity or sexual orientation are at an even greater risk, particularly as we know that online threats inevitably tend to spill over into offline lives. Promoting responsible state behaviour and reigning in cyber conflict is critical.

It is unsurprising that a range of civil society actors, from human rights organisations, academia and the technical community, expressed interest in participating in the September OEWG session. While a few civil society members were granted limited participation at the "informal multistakeholder segment" of the OEWG, the process excluded NGOs without ECOSOC accreditation. This effectively ensured that key representatives from civil society organisations, academia and the technical community who did not have ECOSOC consultative status with the UN were left out of the process.

The Association for Progressive Communications delivered a statement with the support of member and partner organisations Access Now, Derechos Digitales and Research ICT Africa. The statement highlighted how the UN’s three pillars – peace and security, human rights, and sustainable development – are integral to security and stability in cyberspace. However, it noted that without responsible multistakeholder internet governance and accountability from the public and private sectors, development and management of the internet as a public good become threatened. A truly holistic approach is essential for upholding human rights and minimising the militarisation of cyberspace.

To that end, APC made a number of recommendations to members of the OEWG. These included reinforcing the centrality of both international human rights law and international humanitarian law in the development of a secure and stable cyberspace. Security is a fundamental human right, and cybersecurity is a natural extension of that right. Insofar as they coexist and depend on each other, they should be pursued in parallel.

Given this interdependent nature of cybersecurity and human rights issues, the OEWG should draw on the considerable human rights work already done by the UN and build on it, without attempting to set human rights standards or interpret international human rights law.

Furthermore, to monitor the voluntary, non-binding norms that were established in 2015 by the report of the Group of Governmental Experts on developments in the field of information and telecommunications in the context of international security (GGE), we propose that the OEWG should consider developing a peer-review mechanism that includes the input and full participation of non-state actors. These could be further strengthened by considering norms developed since 2015, including those from the Global Commission on the Stability of Cyberspace (GCSC). The eight norms developed by the GCSC, complementary to the GGE norms, are intended to help foster responsible state and non-state behaviour in cyberspace, including by calling for the protection of the public core of the internet.

There are two more substantive sessions ahead for the OEWG, and in future, the OEWG could accredit non-ECOSOC NGOs. Given that non-state actors are crucial in the research and prevention of cyberattacks, the support of cyberattack victims and the implementation of cybersecurity norms, APC strongly encourages the OEWG to open its proceedings to civil society participants.

Read the complete APC statement to the first session of the OEWG here.

Find out more on how to engage in the OEWG process in the explainer prepared by Global Partners Digital and APC available here.

Read about the background on the establishment of the OEWG here.



« Go back