Panel discussion: International law, cyber-norms, CBMs, capacity building,institutional dialogue
6 Jun 2024 10:00h - 11:00h
Table of contents
Disclaimer: This is not an official record of the session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed.
Knowledge Graph of Debate
Session report
Full session report
Panel discussion delves into cybersecurity challenges and international law at OEWG meeting
During a comprehensive panel discussion chaired by Ljupco Gjorgjinski, the conversation centred on dissecting cybersecurity issues in relation to the mandates of the Open-Ended Working Group (OEWG), as detailed in General Assembly Resolution 75-240. The chair initiated a robust dialogue, inviting the secretaries to ready the room for the panel and calling upon the panellists to take their positions at the forefront of the discussion. The objective was to cultivate a nuanced understanding of four substantive issues: developing norms, the application of international law, confidence-building measures, and capacity building.
Dr Katherine Getao, one of the esteemed panellists, highlighted the dual nature of digitalisation, presenting both significant opportunities and risks, particularly for the African region. She emphasised the transformative potential of artificial intelligence in bridging capacity gaps, including the provision of effective education. Dr Getao also illuminated the inclusivity that digitisation could foster, allowing remote populations to access public services electronically, thus overcoming geographical barriers. She cited Kenya’s experience, where digital innovation led to a dramatic increase in financial inclusion from 4% to 96% in a matter of years. However, Dr Getao cautioned against the risks that accompany digital inclusion, such as heightened exposure to cyber risks for all citizens, the evolution of cybercrime into a service, and the challenges of protecting outdated technology. She concluded by stressing the need for capacity building and partnerships to implement cybersecurity norms effectively.
Vladimir Radunovic brought attention to the perils of ransomware, describing it as malware used by criminals to encrypt data and demand ransom. He raised concerns over the increasing use of ransomware by state actors or proxies for political motivations, which has led to the disruption of critical infrastructure, including healthcare facilities. Radunovic also discussed the dangers posed by commercial spyware, which is sold to governments and used to surveil civilians, activists, and media, often under the guise of monitoring criminals and terrorists. He called for a ban on the commercial production and use of spyware and urged governments to ethically disclose and patch vulnerabilities rather than exploit them. Radunovic highlighted the need for a mechanism to hold states accountable for adhering to cyber norms and international law.
Nnenna Ifeanyi-Ajufo spoke about the applicability of existing international law to cyberspace, noting the emerging consensus on this matter. She outlined the principles of use of force, human rights, humanitarian law, due diligence, and attribution as key aspects of international law relevant to cyberspace. Ifeanyi-Ajufo also touched upon the potential for a new legal framework or a digital Geneva Convention to address specific issues such as cyber warfare and sovereignty in cyberspace. She mentioned the African Union’s adoption of a common position on the application of international law in cyberspace and the role of the ECOWAS Court in upholding human rights in the context of internet shutdowns.
Throughout the discussion, the panellists and delegates engaged in a dynamic exchange of ideas, with several delegates seeking clarifications and elaborations on points raised. The chair encouraged delegates to utilise the break to discuss among themselves and find common language for potential resolutions or agreements, highlighting the collaborative nature of addressing cybersecurity challenges on an international scale.
In conclusion, the panel discussion underscored the complexity and urgency of cybersecurity issues in the international arena. The panellists provided valuable insights into the opportunities and challenges presented by digitalisation, the need for responsible state behaviour, the importance of capacity building, and the role of international law in governing cyberspace. The chair’s call for active engagement among delegates emphasised the collaborative effort required to navigate the evolving landscape of cybersecurity and the development of effective international responses.
Session transcript
Chair Ljupco Gjorgjinski:
We will now move to a panel discussion, and the chair asked the secretaries to prepare a room for this panel discussion and for the panelists to approach the front. The chair has invited three renowned panelists to assist as we try to develop a more granular understanding of the issues at hand. Specifically, our focus will be on four of the substantive issues contained in paragraph one of the General Assembly Resolution 75-240, namely, A, on developing norms, B, on how international law applies, F, on confidence-building measures, and G, on capacity building. The chair will start with the first round of questions to our panelists. The delegations are encouraged to develop their own questions and use the time with them for the greatest impact. If you have a question, please raise your nameplate so that it is clearly visible, and the chair will allow the question to go to the panelists. The chair will start with the same question posed to all panelists, which should be as brief and direct as possible, and that question is, what are the existing and potential threats related to the OEWG mandates? Are there other existing and potential threats? So that’s the same question posed to all panelists. If the panelists could approach the front. The first will be, the first panelist is Dr Katherine Getao. The question then is, what are the potential and existing threats related to the OEWG mandate? And are there any existing and potential threats beyond the OEWG mandate? Dr. Getao, you have the floor.
Dr Katherine Getao:
Chair, Vice-Chair, Excellencies, distinguished delegates, ladies and gentlemen. Good morning. It’s a great privilege and pleasure to be with you as we deliberate on matters which are important to all nations. I will extend your question, Chair, with your permission, because I believe that losing the opportunities is as disastrous as falling to the risks in this area. So for the African region, there are great opportunities, and also for the world. I see four for Africa. There are so many, but I would like to just mention four. Artificial intelligence has great potential to fill the capacity gaps that we have on this continent, including providing effective education for the masses. Digitization has great potential to include populations which have been disadvantaged. For example, in some nations who live in remote areas have to travel for days to access public services and stay in extensive accommodation as they wait for service. But when these services are moved to electronic government, those services become instantly available to all. Thirdly, there are great opportunities for youth employment, self-employment, innovation, and the establishment of enterprises in the digital realm for Africans young and old. And lastly, digitization will enable us to leapfrog some of our current challenges. For example, digitization has made it easy to spread financial inclusion. For example, in Kenya, it jumped from 4% to 96% in just a few years by using digital innovation. Therefore, the risks that I will talk about create, lose the opportunities and create new challenges. Once we promote digital inclusion, there will also be high exposure because all citizens will be exposed to cyber risks and we need to prepare for that. Secondly, cybercrime is increasingly becoming a service. Businesses are actually being established to promote cybercrimes. There is the difficulty of protecting aging and obsolete technology, which proliferates in countries that cannot afford better technology. But there are also the exposure of vulnerable population, the illiterate or less educated, the elderly, children being exposed to serious risks during cyber. And then there are new forms of state to state conflict. Cyber may be seen as a low hanging fruit when it comes to conflict. I will now finish my remarks. I had a few others, but this is an example of how cyberspace has both great opportunity, but also emerging risks. Thank you very much.
Chair Ljupco Gjorgjinski:
It’s very informative and substantive contribution. Next, we move on to Mr. Radunovic.
Vladimir Radunovic:
Thank you, Mr. Chair, distinguished delegates, it’s a great pleasure to be with you today and thank you for the opportunity to share the views of civil society as well. Because we are hands-on in the field of cyber, we observe a number of trends which are particularly dangerous for the population, for people. Ultimately, we understand that the goal of your work is to protect the citizens and protect the people. So there are a couple of aspects of the emerging threats that I wanted to raise here. I’ll start with the new. tools that are being used, and I’ll use ransomware as an example. As some of you probably know well, ransomware is a type of virus, like malware, which is used typically by criminals to encrypt data in different systems and render them useless, asking for a ransom, for a payment back. There has been a proliferation of ransomware attacks around the world. Many of them have been driven by cybercriminals. But we have also observed, and in cooperation with some of the private sector partners, that the governments, or at least the proxies, acting on behalf of governments or having political motivations instead of economic, are using ransomware to attack strategic targets around the world. Ultimately, what happens is that we see the disruption of critical infrastructure. We have seen recently a number of hospitals in a couple of countries which were put down because of the ransomware and with alleged political background. Thus, ransomware, even though it’s being discussed within the third committee, the Ad Hoc Committee on Cybercrime, is a relevant concern to be addressed also in this forum. The second topic would be a danger stemming from the commercial spyware. Spyware is another type of a tool which allows penetration by any adversaries or attackers into systems such as mobile phones, computer systems, and so on. The purpose of spyware is that the attacker gains the access to everything we have on our devices, in our storage, any sort of data. Typically, it is used against civilians, by criminals, but we observe a trend where commercial spyware, that means the companies… are officially producing spyware is being sold to governments around the world and largely to be able to monitor the communications of criminals and terrorists. But we have observed a couple of detailed news reports recently and the research, journalistic research that has been used heavily against the civil society, political activists and media to surveil their behavior. And we’ve also observed the use by states against the diplomats. So we believe that this forum should definitely also discuss the role of the state, the responsibility of state in using spyware and possibly banning the commercial use and production of spyware. And lastly, if you allow me, Mr. Chair, it is important to raise the issue of vulnerabilities. As you probably know, and one of the norms that CBMs also relate to vulnerabilities, our digital environment is inherently vulnerable. Software systems are complex. And while we also put a lot of pressure from civil society on the private sector partners to increase their measures to secure software and hardware before it goes to the market and make sure that there are patches, there is a whole system of how vulnerabilities are reported and patched. Now, what we observed in the last recent years is the increasing tendency of governments to try to, when they find the vulnerabilities, that they actually try to exploit them for the weaponry, which ultimately puts in risk everyone who’s using that technology. So that the effect, the counter effect is massive. And this is something that we call on governments to reconsider and make sure that vulnerabilities are coordinated and ethically disclosed and patched rather than abused. And legal systems are put in place with the researchers. which find vulnerabilities can report it to the vendors, and the vendors have the obligation to patch rather than anyone abusing it. There is a part of the emerging threats related to emerging technologies like artificial intelligence, but we’ll probably use another opportunity to reflect on that. Thank you, Mr. Chair.
Chair Ljupco Gjorgjinski:
Thank you very much, Mr. Radunovic. And the Chair, as the Chair takes a look across the room, if there are any delegations, please take the floor and ask the panelists any questions. The Chair will take the prerogative of perhaps posing one more question to give delegations the time to think possible questions. And that is, let’s start with how can the voluntary norms and confidence-building measures best be implemented, in particular through public-private partnerships? Dr. Getao, you come from the private sector, perhaps you can help us with this question first.
Dr Katherine Getao:
Thank you very much, Chair. How can they be implemented? I think the first stage is interpretation. As I was preparing for this panel, I used the artificial intelligence assistance to look at some of these issues. And I was reading their responses, and they actually had misrepresentations and misinterpretations of some of the norms and confidence-building measures. So just publishing these norms and confidence-building measures is not enough. We must work together with the private sector, with civil society, with academia, to make sure that we have a common interpretation and a common understanding of what these norms actually mean. Implementation will also mean designing programs and activities. that actually are designed to implement each of the norms and each of the confidence building measures in the national context. So countries must set up the committees and organs and institutions in order to practically implement in their domains. Thirdly, we need capacity building because these norms require due diligence. These norms require us to take certain measures and actions. And without capacity building, it will be difficult for many states to effectively implement. Fourthly, I’ll mention partnership. This will require the public sector, the private sector and civil society and academia to work together closely to have a holistic implementation of all the norms. So we should not stop with the publication of norms. We must interpret them. We must put in place the structures and programs necessary to implement them. We must build capacity of all the actors and stakeholders so that they can competently implement the norms and finally, we must collaborate and partner together to implement them. Thank you.
Chair Ljupco Gjorgjinski:
I think I’m within my time on this. Thank you very much for that. Mr. Radunovic, perhaps I turn to you with the question more on the capacity building aspect. Your expertise really is in the, what are the needs to begin with and what are the recognized approaches and elements from capacity building that you would like to add?
Vladimir Radunovic:
Thank you, Mr. Chair. Yes, capacity building is something that underpins the implementation of norms and CBMs. possibility to apply international law. We have seen a plethora of capacity building programs around the world related to cyber covering everything from technical capacities of the incident response teams to legal capacities of people dealing with defining applicability of international law to cyber diplomacy. Yet what we often observe is that capacity building is seen or implemented as one-off, as a single training, as a single self-paced course, as a single opportunity. And what we demand or ask for is understanding capacity building as a sustainable continuous process where it has to address the direct needs of the target group, involve local communities and local expertise, and that’s what is by far missing. And it is also very important, and that might be something to put on the table, capacity building costs. And we are always struggling in civil society to ensure, let’s say, funding but also neutral funding because capacity building should be neutral. So we kindly ask the states present in this process to also commit to possibly building capacity building funds which would allow more capacity building work to be implemented. I’ll stop there but I can get, thank you.
Chair Ljupco Gjorgjinski:
Thank you very much. Would there be any questions by the board to our panelists let’s use their wisdom and knowledge gained over years of experience wisely. Yes, I see that Team Orange has a question.
Team Orange:
Thank you, Mr. Chair. Not actually a question but just to ask the panelist, Madame Getao, she outlined four issues. And we were taking notes, but we lost track of one. I heard you talked about interpretation, capacity building, partnership and collaboration. What could be the fourth one?
Dr Katherine Getao:
I do apologize, distinguished delegates, if I was not clear. My fourth one was capacity building, which was then elaborated by Mr. Vlada.
Team Orange:
So if I’m understanding, you talked about interpretation, partnership and collaboration as one, and then capacity building. Could you please elaborate on that, please?
Dr Katherine Getao:
Okay, so I started with interpretation.
Team Orange:
Yeah.
Dr Katherine Getao:
Because there have been international processes which have come up with, for example, the 11 norms of responsible state behavior, which exist in our documents. Now, the reading of each one of them may actually misinterpret what was meant. For example, I don’t know how much time I have, but I was looking at what, say, TATTP was telling me about attribution, and I believe that’s not what was meant by this. So it is necessary for those agencies that came up with the norms to build the capacity of different actors who are going to be involved in implementation to correctly interpret what was meant by the norms. That is the interpretation stage.
Team Orange:
Thank you.
Dr Katherine Getao:
Once interpretation is clear, we design programs and projects to implement the norms, and these will be carried out by institutions or agencies who have been charged. So that’s the second step. The third step, I think, is also the capacity building so that everybody has the skills. And because this is a huge job, it will not be possible without collaboration. and partnership between everyone who is involved.
Team Orange:
Thank you very much.
Chair Ljupco Gjorgjinski:
Thank you very much for the instructive and instructive questioning. The chair recognizes that the delegation of blue has a question. Please go ahead.
Team Blue:
Thank you, Mr. President. This is not exactly a question. Now, I would like to thank Dr. Getao for calling me today. The challenges are those of our populations and the opportunities that digitalization brings. And above all, the fact that this digitalization exposes our populations more and more. And in this, there is a real gap between the capacities of the population and behind
Chair Ljupco Gjorgjinski:
Even though that was, as you say, more of a comment than a question, Dr. Getao, would you wish to jump in?
Dr Katherine Getao:
Okay. Thank you very, very much for appreciating delegation blue. Yes, it is very true. It is amazing how quickly these technologies enter the common domain. Two years ago, many people had not heard of artificial intelligence. Today, many people are using it every day. And it is difficult for the traditional education system. to quickly upgrade or tell them about the risks. So I was very happy yesterday when we visited the cyber security agency because they told us some ways in which they are quickly communicating with the ordinary people and alerting them to the new risks and educating them. So all of us are going to have to be very agile in our approach to awareness creation and capacity building because I think I had a lot of delegations, for example, talking about cryptocurrency. To tell you a joke, two years ago I was involved in training ordinary farmers in Kenya about cyber security and cyber hygiene. And when I asked for questions, only one hand was raised. Please ask your questions, sir. He said, should I invest in cryptocurrency? That was harsh. So our citizens are being exposed to new things which they know very little about and the cyber criminals are ready to exploit them very quickly because they don’t understand what’s going on but they want to benefit from the technology. So thank you for noting that and I hope our continuing discussions are going to help us to really come up with solutions that protect our nations and our citizens.
Chair Ljupco Gjorgjinski:
Thank you very much for this formative exchange. I understand that our third panelist has joined us as well remotely. That is Ms. Nnenna Ifanyu Ajufo who is an expert on international law. So we benefit really by her expertise in bringing in this set of important questions. So the question that I would start off with. the third is how is existing international law applicable to cyberspace as a first question and then a second one, do we need new norms and or a new legally binding treaty? With that the floor is yours Ms. Ifanil Adjufo.
Nnenna Ifeanyi-Ajufo:
Thank you very much distinguished delegates and thank you to Diplo, to Vlada and to GIZ for the opportunity to join this important conversation. Can you hear me?
Chair Ljupco Gjorgjinski:
Indeed we can, please go ahead.
Nnenna Ifeanyi-Ajufo:
Yes, in recent times there have been that sort of consensus that international law is applicable in cyberspace for very important reasons. One of them is because of the fast-paced nature of cyberspace it’s difficult to begin to say you want to create a new legal order, a new set of rules that will be applicable to cyberspace considering that it matters to all countries. Cyberspace is not tied to any geographically proximate location and so starting from various conversations, some that I know Dr. Getao would have pointed out, the UNGGE.
Chair Ljupco Gjorgjinski:
One apologies Ms. Ifanil Adjufo, if I could ask you to speak a little more, a little slower, we have interpretation and I am one usually to go rapidly and I just see that our interpreters are having a little bit of an issue so if I could ask you to speak slower and to limit the intervention to about five minutes. Apologies for the interruptions, please go ahead.
Nnenna Ifeanyi-Ajufo:
I’ll try. So yes, there are specific principles under international law that are very well reflected in cyberspace. For example, use of force, human rights, humanitarian law, due diligence, attribution, these are key issues. And in terms of use of force, for example, why is it important that international law should apply? We are beginning to see dimensions of cyber warfare, cyber attacks, attacks on critical infrastructure. And because we do not have extant rules that bind all countries to the determination of what standards will be applicable to, for example, use of force, then we revert back to international law based on the consensus that rules of international law should apply. So it means that we go back to like article one of the UN Charter that spells out rules for like self-defense. We begin to think about when there is attack on critical infrastructure, to an extent that there is destruction of national grids, for example, or there is loss of life. So imagine a situation where a group of people or a state will shut down the airspace system of another country, and then it leads to loss of lives. We could then relate that to use of force, like where you use traditional instruments. The other one is human rights. International human rights is well couched under international law. And so we see, for example, states which use cyber crime laws to infringe on human rights. For example, shutting down the internet, which in extension means bridging or preventing the expression of freedom of information, freedom of expression, and free speech. You also see, for example, due diligence, which under international law means that a state cannot allow its territory to be used for wrongful acts. And it then means that a state should also have that responsibility under cyberspace laws to prevent their jurisdiction to be used for attacking other people, even through cyber attacks. And so it means- means that in extension it is easier as it is to apply existing international law because of international cooperation and because of how states already understand international law and are bound by international law. Now, there is the key question people have asked, should we have a digital Geneva Convention? Is it possible that existing international law covers all aspects? I say yes and I say no and that is why it’s good to have this kind of platform so that diplomats can also debate on this. I say yes in the extent that we already have guiding principles. All we have been doing, international law professors, for example, have been interpreting cyberspace norms to reflect international law. But then there are also other aspects. For example, critical infrastructure, which Vlada had talked about. Can we look at critical infrastructure in the same way we would look at the borders of a state? How about sovereignty? Do we still define sovereignty in the same way we define sovereignty traditionally, considering that cyberspace does not have borders? Wouldn’t it be better then that we have specific rules? And I think we’re gradually moving up to that. For example, with the norms of responsible state behavior. A key question with that is that it may be voluntary, but if you go back to international law, states practice norms and over time they become pre-emptory norms and they become binding. And so these norms are helping to shape where we are going to as a body. Finally, it is important to think about the UN process on developing a convention on cybercrime. That process is also shaping a normative framework for issues related to international law and responsibility and attribution in terms of cybercriminal issues. And I think that is a pace-setting effort drawing from what the Budapest has done, the Malabo has done. has done the Malabo Convention, which is the African Union Convention on Cybersecurity. So yes, eventually we may need a legal order that spells things clearly, but however, state practice and where we are going in terms of the norms would help to interpret the future of how laws will be applied in cyberspace, particularly for cybersecurity. Thank you.
Chair Ljupco Gjorgjinski:
Thank you very much for your contribution. So now the floor can remain open and we can keep this agenda open as the chair proposes and then come back to the panel discussion at any given moment, as we may require. But for the moment, one more question from the chair. Is there any requests for the floor? If I can just see, that is delegation of purple. Yes.
Team Purple:
Thank you, Mr. President, for giving me the floor. I would like to address the speaker who just spoke a few minutes ago, especially on international norms. Two small questions. At the end of the month, I was able to ask myself about the question of whether at the moment we can talk about a legal vacuum, especially international, on the issue of cybersecurity. Is there a legal vacuum? Can we affirm it without the risk of making a mistake? This is the first question. So, if not, and if at some point we will have to appeal to other norms to conform, isn’t it, to what is currently happening? Has there been a case? Has there been a case that has been known by the government?
Chair Ljupco Gjorgjinski:
It seems that our panelists does not have interpretation. So, can I ask the interpreters, is it possible? Okay, so yes, madam, if you could turn on that interpretation.
Team Purple:
Hello. Can you hear me now?
Nnenna Ifeanyi-Ajufo:
Let me see. I’ve turned it on.
Team Purple:
Hello.
Nnenna Ifeanyi-Ajufo:
Yeah, I can hear you now.
Chair Ljupco Gjorgjinski:
You can hear me now. Now.
Team Purple:
Thank you. Okay. Okay, I’ll try to summarize the first question. Can we talk about a legal void, especially when it comes to international law relating to cyber crime. That’s the first question. The second question, if no, I assume, is the International Court of Justice, which is competent to know about these attacks, especially in two states. Is this international jurisdiction facing some issues that involve two states? Thank you.
Chair Ljupco Gjorgjinski:
You have the floor.
Nnenna Ifeanyi-Ajufo:
Thank you very much. Can I go on?
Chair Ljupco Gjorgjinski:
Yes, you may. Please go ahead.
Nnenna Ifeanyi-Ajufo:
And thank you for that very important question, distinguished delegate. Yes, I would say I tend to play the devil’s advocate that, yes, there is actually a certain level of void. And this is because of the fast paced nature. And there are various angles to look at it. Every day there is a new or an emerging kind of crime. Previously, we were all talking about hacking, hacking into systems. Now, the international community. is dealing with ransomware. Two years ago, nobody was talking so much about ransomware as we are talking about it now. And there are so many questions. What would international law say about that? So yes, in terms of those voids, what is the international community doing? And that is where the challenge is. While it is easy to say international law applies, is international law truly implementable? Again, we’re looking for cyber diplomats to help channel that conversation. And that is why you have, for example, the open-ended working group trying to interpret this. And this month, for the first time, the UN Security Council will be deliberating on cyber security. And I hope we can begin to move forward that way. In terms of, is there an international court of justice? As it is present, no. Now, there are two levels to think about cyber security in the legal domain. domain. First of all, crimes committed by individuals. And secondly, when these crimes are committed by states, and that is where we look at it under international law. In terms of individuals, national jurisdiction will take place. But then you must also remember that even under international law, we have international criminal law, where individuals can also be responsible. So we’ve asked the question, should we divide into two segments to the level of skill and threshold? For example, attack on critical infrastructure, should it then be under a jurisdiction where we say international cyber criminality? And that is why I said it’s a very important question, because then it means that there is a void. So the International Criminal Court has been having conversations about whether the jurisdiction of the Rome Statute can extend to cyber crimes. And if you have the time, you can look at articles five to eight of the Rome Statute of the International Criminal Court. Should we define cyber crime to cases where, let’s say there is a large attack, that means war crimes, can it go to the International Criminal Court? But the question has been that no matter how international cyber crime is, part of these networks run through states, unlike the high seas or Antarctica or outer space, that has no involvement with states, computer systems still run through states. So if you look at, for example, the Budapest Convention, the first place is state jurisdiction. And it says that where it involves one or more states, states can then agree to whose jurisdiction should apply. And that is why double criminality is important. And that is why we are seeking for harmonization in Africa, for countries to come together, ratify the Malabo Convention, the ECOWAS region, for example, be harmonized, so that if countries… in a particular region make similar rules. That way it is easier to prosecute people for these crimes. So in the first place, there is no particular court internationally, but we are looking at what the process will be with the Cybercrime Convention. Indeed, there is international jurisdiction, just that it is not spelled out categorically. And that is what the Cybercrime Convention will help us in terms of determining. But at the end of the day, it still goes back to national jurisdiction. And I foresee that a state in the near future will go to the International Court of Justice and institute an action. Perhaps maybe the aftermath of the war we see in Gaza may be another country instituting an action against another country for cyber warfare. Perhaps it will come before the International Court of Justice very soon, just like other issues between states where a state attacks another state through cyber activities. Thank you.
Chair Ljupco Gjorgjinski:
Thank you very much. Chair recognizes the distinguished delegate of yellow with a kind reminder to all speak in a tempo that allows our interpreters to be able to understand each other better. This probably be a round tempo that is best for them. Distinguished delegates of yellow, you have the floor.
Team Yellow:
Yeah, thank you, Mr. Chair. My delegation is quite happy with when there is a statement on the need for Cybercrime Convention. We took note that the strength of international law has been provided, the principle providing the international law with regard to cyber security. Which principle includes something like the use of force, human rights. attribution, due diligence, and so on and so forth, to some extent enough to be able to give a bite to the enforcement of itself. However, when we come to the norms, norms are more of voluntary, norms are more of, if you wish to do, in my country and in my city, my village, it is a norm to greet, good morning, sir, good morning, ma’am. But if you don’t greet, nobody queries you. You will be taken note of as being one of those irresponsible people, and that is all. There is no sanction attached. And so when we look at the level norms, it is just like greetings in my community, where nobody takes any active attention to, but only we mark out, this young boy is irresponsible. This young girl is irresponsible. Then beyond that, there is nothing. And so my delegation is happy that a cyber-camp convention is being thought of. It will go a long way for us to be able to see that there is the enforcement of the menu, or the provisions or obligation on states, in international law, with regard to cyberspace, the use of cyberspace. My delegation will conclude by saying that as much, as fast as these norms are co-joined to the principles of international law, we may be waiting to eternity to see that the norms are respected, as to give force to the enforcements of the obligation related to the use of cyberspace. Thank you very much.
Chair Ljupco Gjorgjinski:
Thank you very much, distinguished delegates of Yellow. The chair now proposes that we start filing it out, and we can do so with two, perhaps, five minutes. reflections by our two panellists. Yes, we have three panellists all available to us and then allow for a bit of time for delegations to perhaps digest what they’ve heard and meet amongst each other and whatever and use the time to the best of their abilities which will be followed by coffee break planned right now for 11.30 and reconvening at 12 o’clock. But before we get to that, a final round of interventions. Let’s start in another order that we started before. Mr. Radunovic, we’ll start with you with a few final reflections, about two, three minutes if you would please, to be followed by Dr. Getao and finally with Ms. Ifeanyi-Ajufo, Dr. Radunovic.
Vladimir Radunovic:
Thank you, Mr. Chair. I wanted to emphasise particularly this aspect of voluntary norms and implementation. Civil society believes that the implementation of cyber norms, even though they’re voluntary, is crucial and very important and there are a couple processes where we, the civil society private sector, discuss how we can help and contribute to the implementation of the norms because the states cannot do it alone and I draw your attention to a process called Geneva Dialogue on Responsible Behaviour in Cyberspace where other stakeholders discuss open source civil society, researchers, private sector, what we can do to strengthen critical infrastructure, reduce vulnerabilities and so on. But I do want to share a concern that we have, is how to make sure that the states are held responsible for breaking the norms, the cyber norms and the international law, which we see happening every day and yet there is no enforcement mechanism or a mechanism amongst States to ensure the implementation of the norms. One of the biggest problems in that is the complexity of attribution. Attribution at a technical level, a legal level, and a political level. On a technical level, our partners in the tech sector confirmed that they’re able to conduct investigation and assist countries, but still they’re not able to be fully reliant on technical attribution, who’s actually behind. On a legal level, we’re seeing countries which are prosecuting individuals for cyber attacks, obviously, upon an investigation, but there is still too few countries which have capacities to do that. On a political level, finally, where a decision to attribute an attack to a certain country can happen, there is a huge risk of misattribution and a possible escalation. And we underline that risk to all distinguished delegates. When you approach attribution, please be very cautious and make sure that you cooperate with the private sector, with civil society, to get as many information as possible and restrain from possible escalation. So to underline and close, what I kindly invite the delegates to also discuss is how to make sure to establish a mechanism to ensure that the states are adhering to cyber norms and international law. Thank you, Mr. Chair.
Chair Ljupco Gjorgjinski:
Thank you very much, Mr.Radunovic and Mr. Getao.
Dr Katherine Getao:
OK. Thank you very much. I don’t want to belabor the point, but I cannot help defending norms. I was one of the people who was drafting norms, and that issue has always come up, that these are toothless principles. Wherever human beings interact, or there’s more than one human being in a place, you need norms, you need confidence building measures, you need law, and you need capacity building. Capacity building is the base because without it, we don’t even know what the norms, the confidence building measures or the laws are. I want to say that this is a norm, uh, giving you some water. I don’t think there’s a law, but everywhere we go now there’s water because it has just become a basic thing that it is important. This is a confidence building measure that I have, uh, this, um, headphones, uh, and the mic because it would be useless for me to be speaking if people cannot hear and understand what I’m saying. So this had to be provided. It’s not a law that it was provided, but it created confidence among us. If I hit Mr. Flada or, um, the chair over the head, then this would become an issue of law because, uh, you know, I have the possibility to injure them and this is now a very serious issue in society and it cannot be left to chance. Uh, I want to say that I would not like, I think 95% of life is about norms and confidence building measures and only a smaller percentage is law because law is, uh, difficult to create, extensive and difficult to implement. And, um, it has its limitations and also becomes at times obsolete and it becomes a problem to society and it has to be reviewed. So I would say, let us carefully choose those matters that are so serious that they must become subject of law. and trying to confine our lawmaking to those areas where it is really, really important and where the expense and the seriousness and formality of law must apply. That would be my closing comment. Thank you.
Chair Ljupco Gjorgjinski:
Thank you very much. Thanks a lot. Hi. Very well. You have one minute, please. Please go ahead. This thing is gonna get a yellow. I did, Dawn. Suspect so, because it was freezing, you know, it was just frozen, raka. They are here, they are here, they are here. Discussion we should have in this final discussion, an open-ended deliberation on all the key issues where we really pick apart the main atheists. The more deliberative aspect of our negotiation, we will go into the next panel, of which I will speak of a bit more. But before that, I will give the final floor, the final word to Ms. Ifeanyi-Ajufo, and after that propose the next items on our agenda. Ms. Ifanyu Adjufo, you have the floor.
Nnenna Ifeanyi-Ajufo:
Thank you so much, Chair. I just wanted to touch upon the essence of the norms as well. Just to point out that under international law, you make laws not only by treaties. You can also make laws, international law is also formed through state practice. So if states continue to practice the norms in a particular way, they become binding. It’s just like abolition of slavery over time, states begin to practice, it is so. Again, these norms were developed in 2015, when the rates of consensus for application of international law to cyberspace was not as concrete as it is now. But what I think is very important, particularly for the African region, is implementation. And I think rather than just whether they are voluntary, how do we encourage implementation in the African region? I just want to remind us, if it is possible to speak slower, just to make sure that there is a good interpretation and that’s exactly the points that you’re trying to convey are well conveyed and understood by all. So, I would recommend this tempo of speaking that I’m using at the moment. Please go ahead. So, earlier this year, the African Union adopted the Common African position on application of international law in cyberspace. So, that shows that there is an effort for implementation. There is also the African Union Cyber Security Experts Group that has been working to implement the Malabo Convention. There’s also the ECOWAS Directive. In terms of implementation, the ECOWAS Court has taken center stage in ensuring that the norms are respected in the African context. For example, the rules by the ECOWAS Court in terms of internet shutdowns, in terms of human rights, the ECOWAS Court is the only court that has taken those positions in Africa. So, I just wanted to end by saying it is more of implementation, not just that the norms are there and the efforts we make as a continent. It is a question of responsibility and accountability. The problems with the norms are not far-fetched from the reality of international law, and we know that certain states do not respect international law. So, it is not just about the norms of responsible state behavior. And finally, in terms of ensuring that the norms are reflected, it goes back to international cooperation, confidence-building measures, and the essence of capacity building. And what we make of that, that will help us reflect the reality. of the norms in the ECOWAS region. Thank you.
Chair Ljupco Gjorgjinski:
Thank you very much. The chair does not see any other requests for the floor. With that in mind, perhaps it is best to use this time to break. The chair encourages delegations to approach other delegations to see what are points of convergence, to address possible points of divergence. And specifically, if possible, to look at specific language that could work. I see that the delegation of pink, which is pink before, is it on this approach that the chair is proposing right now, or is it on international law and norms as we discussed before?
Team Pink:
It has to do with international laws and norms. And also get me into what she’s supposed to be discussing. After taking the considerations, norms and laws are now meant to harm, that wouldn’t mean to put things in order and some restricts them. But could we take into considerations those factors that are managing our cyberspace, like for the ICANN, the American institution that control our cyberspace. Would it also be fall to internet discussion? Those company who produces the hardware devices to prevent intrusion, protection, or machinism. Could we also consider other level web server institution that manage it? But internet is not just vulnerable. We have an authority, like the cyberspace, like the fiber optic. We have institutions that manage them. Now, the question is, what mechanisms are put in place when those software, those applications are produced, what system is put in place to prevent future embarrassment that will not humble those end users? But those are questions that should be asked before certifying those software developers, because software are meant to ease and to facilitate and implement our plans. But taking into consideration, security matters, because you cannot certify, for example, Microsoft. I mean, end users do not understand the deep security measure we need. So those authority, have they taken into consideration, have they also checked very well the security and the impact in the future before even certifying Microsoft to even publish and allow end users across the world to even use that system? Thank you.
Chair Ljupco Gjorgjinski:
Thank you very much, Distinguished Delegate. This kind of enthusiasm is music to the chair’s ears and really a depth of gratitude to all delegations who have taken the floor during this panel discussion. Let’s send off our panelists to the round of applause and gratitude for their participation. Thank you very much. Thank you. We now encourage delegations to discuss amongst each other, try to find those convergences, try to find common language and propose it directly to the chair. With the help of the vice chair and all of the team, we can try to put together something that works. But it is easiest when that language comes from you and that language can come directly to contact with your colleagues from other delegations to try to find a compromised language that works well. With that, we will have now a break that will be until 12 o’clock. So an hour and 15 minutes with a call to be served at 11.30, perhaps before now, but 11.30 for sure. And at 12 o’clock, come back with exactly this issue has been just discussed. We will be going into international law and norms and we will try to find that common language so come ready with that. We will have a lunch which will be from one to two o’clock and then back at it for the final plenary session of the day on CBM’s complex building measures and capacity building. With that the chair declares the meeting suspended.
Speakers
CL
Chair Ljupco Gjorgjinski
Speech speed
146 words per minute
Speech length
1637 words
Speech time
671 secs
Report
The panel discussion aimed to deepen the dialogue on General Assembly Resolution 75-240, uniting experts to address key issues in international cybersecurity. It revolved around four primary areas: the development of cyber norms (A), the role of international law in cyberspace (B), the creation of confidence-building measures (F), and the enhancement of capacity building (G).
Dr. Katherine Getao from the private sector commenced the discourse with a response to the chair’s query on threats pertinent to the OEWG’s mandate and external cybersecurity threats, offering insight into the nexus of industry norms and the threats challenging the OEWG’s goals of establishing responsible cyber behaviour for states.
Mr. Radunovic, dealing with capacity building, likely shed light on essential needs for states and organisations to build competence in executing cyber norms and shielding themselves against cyber threats. His contribution would have highlighted best practices and effective frameworks for capacity building.
Ms. Nnenna Ifeanyi-Ajufo, an authority on international law, participated remotely, focusing on the adaptation of existing legal frameworks to cyberspace. She was asked about the relevance of current international laws to cyberspace and the potential need for new norms or a binding treaty to govern cyberspace more aptly.
Her expertise would have been invaluable in discerning the applicability of international legal principles to cybersecurity governance. During the discussion, the chair encouraged delegate engagement with the panelists and called for slow, clear communication to aid interpreters. Emphasising public-private partnerships for voluntary norms and confidence-building, the chair underscored the significance of multidisciplinary cooperation in cybersecurity efforts.
With an open-ended approach, the meeting allowed revisiting discussions with the panel and promoted informal conversations amongst delegations to reconcile differing viewpoints on controversial issues. As the session concluded, the chair advocated for a dialogue to bridge understanding gaps and achieve consensus among delegations.
Applause greeted the panelists’ final reflections, expressing appreciation for their contributions. The meeting ended with an agenda briefing, indicating a coffee break, a session for dialogue on international law and cyber norms, a lunch break, and a final plenary focussing on confidence-building measures and capacity building.
The session exemplified the need for consistent communication and diplomatic negotiation to establish a unified response to cybersecurity challenges while highlighting the vital role collaborative efforts play in this global initiative. The panel’s erudition and guidance offered a foundation for advancing cybersecurity governance and strategy.
DK
Dr Katherine Getao
Speech speed
134 words per minute
Speech length
1670 words
Speech time
750 secs
Arguments
Interpretation of norms is crucial for implementation
Supporting facts:
- Misinterpretations identified using artificial intelligence assistance
- Common understanding needed among stakeholders
Topics: Public-Private Partnerships, Confidence-Building Measures
Setting up committees and institutions for practical implementation
Supporting facts:
- Design programs and activities for practical application of norms
Topics: National Implementation, Institutional Framework
Capacity building is essential for effective implementation
Supporting facts:
- Norms require due diligence and actions
- Many states need capacity building for effective implementation
Topics: Capacity Building, Due Diligence
Partnership among all sectors is vital for holistic implementation
Supporting facts:
- Necessitates working together of public and private sectors, civil society, and academia
Topics: Multi-stakeholder Collaboration, Holistic Implementation
Report
The implementation of norms is perceived positively, emphasising the crucial importance of shared understanding among stakeholders. A primary principle highlighted is the interpretation of norms, which is critical for their enactment. This alignment of expectations amongst stakeholders prevents misinterpretations, a challenge that artificial intelligence assistance has helped identify.
Such a collective understanding leads to confidence-building measures, vital in fostering Public-Private Partnerships, and echoes the ambition of Sustainable Development Goal (SDG) 16 to promote peace, justice, and strong institutions. Equally vital is the establishment of a structural framework for the implementation of norms.
Programmes and activities tailored for practical application necessitate the creation of committees and institutions. This national implementation framework not only embeds norms structurally but also assures their adaptability and pertinence within specific contexts. Capacity building is another key component for effective norm adoption.
Norms demand due diligence and a commitment to action. For many states, capacity building—particularly where mechanisms for implementation are lacking—is essential to achieving proficient norm application. This is in line with SDG 16 and also with SDG 4, which advocates for quality education, as capacity building is intrinsically an educational endeavour.
The concept of multi-stakeholder collaboration for a holistic implementation strategy receives endorsement, stressing the essentiality of partnerships between the public and private sectors, along with civil society and academia. Such widespread involvement is crucial for the thorough application of norms, aligning with SDG 17, which highlights the role of partnerships in attaining goals.
An overarching stance combines these aspects—interpretation, structural setup, capacity development, and partnership—as fundamental to the norm implementation process. Interpretation ensures clear communication to prevent misrepresentations; structural implementation comprises the creation and administration of national programmes and initiatives; capacity development equips stakeholders with necessary skills and knowledge; and partnerships ensure a cross-sectoral approach for inclusive application of norms.
In summary, these interlinked elements form a cohesive framework essential for the effective implementation of norms. Attaining the associated Sustainable Development Goals, especially SDG 16 and SDG 17, relies on this multifaceted, integrative approach. The sentiment throughout this analysis is unequivocally optimistic, highlighting the potential impact of norm implementation on fostering a more equal, just, and inclusive world.
NI
Nnenna Ifeanyi-Ajufo
Speech speed
162 words per minute
Speech length
2127 words
Speech time
788 secs
Report
The summary opens by acknowledging a widespread agreement on the need for international law to govern the cyber realm, due to its borderless nature and the complexities it introduces in forming a new legal framework. It emphasises the application of current international law principles—such as the use of force, human rights, humanitarian law, state due diligence, and the complex issue of attribution—to cyber incidents.
The rise of cyber warfare and attacks on critical infrastructure underline the importance of defining the rules of cyber engagement. In the absence of specific guidelines, the international community resorts to the United Nations Charter and the established right to self-defence against traditional armed attacks.
The speaker highlights human rights concerns, illustrating how states misuse cybercrime laws to curtail freedoms, like expression and information access. State due diligence, a principle which requires states to prevent the use of their territory for hostile acts, is extended to cyberspace, suggesting state responsibility in preventing cyberattack launches from within their borders.
Despite the relevance of existing laws, challenges in cyberspace, such as ensuring critical infrastructure protection and redefining sovereignty, have triggered debate on the need for a “digital Geneva Convention” and whether new, specific regulations are required. The evolution of international law through the gradual establishment of non-binding and binding norms is touched upon.
Initiatives like the UN’s prospective cybercrime convention and the African Union’s Malabo Convention on Cybersecurity are instrumental in developing a normative framework for cyber law. The speaker acknowledges emerging cybercrimes, such as ransomware, present significant challenges to international law, underscoring the role of international and cyber diplomacy in addressing these rapidly evolving threats.
Jurisdictional issues arise on both national and international levels. Nationally, states typically govern crimes within their own borders, while internationally, state-level cybercrimes raise the stakes, potentially involving the International Criminal Court, particularly with serious offences equivalent to war crimes. There’s a possibility that states may look to the International Court of Justice to resolve disputes related to state-sponsored cyber activities.
Additionally, harmonised state practices through regional conventions and directives, such as those within ECOWAS, were noted as enhancing the enforcement against cybercrimes. The speech stresses that in regions like Africa, the focus should be on implementing existing norms as opposed to creating new ones, with reference to entities such as the African Union Cyber Security Experts Group and the ECOWAS Court that encourage adherence to digital space norms and human rights standards.
The summary concludes by reiterating the crucial role of state practice in the creation of international law, alongside capacity building, confidence-building measures, and cooperation—particularly within the African context—as key to the effective realisation of these norms. State behaviour and accountability in cyberspace remain central points of concern.
This summary predominantly adheres to UK spelling and grammar. It encapsulates the primary analysis with precision and maintains quality while utilising relevant long-tail keywords such as “cyber warfare,” “critical infrastructure,” “international law governing cyberspace,” “digital Geneva Convention,” “African Union Cyber Security Experts Group,” and “use of force in cyber context.”
TB
Team Blue
Speech speed
154 words per minute
Speech length
75 words
Speech time
29 secs
Report
In an address expressing gratitude, the speaker acknowledged Dr. Getao’s role in initiating a pertinent discussion on the effects of digitalisation globally. The conversation centred on the dual themes of challenges and opportunities arising from digitalisation. The key point was that while digitalisation offers transformative benefits and advancements, it also increases public vulnerability to new risks and threats.
The address highlighted that the digital revolution facilitates innovation and efficiency but also exposes individuals to privacy infringements, cybersecurity threats, and potential socio-economic inequalities. The increasing gap between the general population’s digital literacy and the pace of digital advances is of particular concern.
The speaker implied an urgent need to bridge the skills gap through education and training programs. These programs are essential for enabling individuals to navigate the digital world safely and effectively. Public policy and governance likely appeared in the conversation as well, with suggestions that effective regulatory frameworks, inclusive digital education policies, and robust cybersecurity measures are essential to protect citizens from the risks of digital exposure.
In conclusion, while acknowledging digitalisation’s transformative power, the speaker called for concerted efforts to improve digital competence across the populace. This approach would position societies to seize the opportunities of digital technologies while protecting against their risks. This summary has integrated long-tail keywords such as “digital education policies”, “cybersecurity measures”, and “digital competence” to enhance detail without compromising the quality of the summarisation.
UK spelling and grammar conventions have been verified throughout the text for consistency. If additional details or a complete analysis are provided, a more precise summary can be crafted.
TO
Team Orange
Speech speed
146 words per minute
Speech length
92 words
Speech time
38 secs
Arguments
Team Orange is seeking clarification on a fourth point made by Madame Getao
Supporting facts:
- Team Orange was taking notes and lost track of one issue from a set of four mentioned by Madame Getao
Topics: Panel Discussion, Communication, Capacity Building, Partnership and Collaboration, Interpretation
Dr. Katherine Getao suggested capacity building as a key aspect
Supporting facts:
- Capacity building is crucial for enhancing abilities to execute ICT projects
Topics: Capacity Building, ICT Development
Report
Team Orange is actively seeking clarification following a panel discussion in which Madame Getao was a key speaker. The team encountered a minor setback in their documentation process; they captured three significant issues mentioned by Madame Getao—interpretation, capacity building, and partnership and collaboration—but missed noting down a fourth crucial point.
This omission has resulted in a pursuit of further information. Their determination to obtain clarification not only addresses a lapse in note-taking but also demonstrates Team Orange’s dedication to ensuring the accuracy of the collective knowledge. This attention to detail underscores their commitment to maintaining the integrity of the discourse and their project’s goals.
Evidently, for Team Orange, capturing Madame Getao’s insights fully is crucial to informed project execution. Dr. Katherine Getao highlighted capacity building as a vital factor in the empowerment needed to effectively execute ICT projects. Such skill enhancement is directly associated with the realisation of Sustainable Development Goals 4 and 9, which focus on securing quality education and bolstering industry, innovation, and infrastructure.
This clarification request by Team Orange also sheds light on the nuances of conference communication and the importance of achieving a shared understanding. Accurate interpretation of concepts and intentions is essential for effective collaborations and the success of partnerships, especially within the context of educational or technological frameworks.
By striving to complete their notes, Team Orange exemplifies rigorous attention to detail that is commendable. Their endeavour acknowledges the importance of thorough groundwork in developmental projects and partnerships. Such diligence in preparing the foundation is indicative of a proactive approach towards obtaining clarity, which is pivotal for successful project outcomes.
In summary, the comprehensive reflection emphasises the paramount importance of precise and thorough information collection during conferences and discussions. Team Orange’s adherence to professionalism and their drive to communicate effectively mirror the cyclical nature of information exchange, crucial for collaborative effectiveness.
Thus, their quest for clarity is a key step in addressing potential disconnects between dialogue and action, arming them with the knowledge essential for advancing their project. The current summary is a reflection of the original analysis, with UK spelling and grammar maintained throughout, along with the integration of long-tail keywords to enhance SEO without compromising the summary’s quality.
TP
Team Pink
Speech speed
146 words per minute
Speech length
292 words
Speech time
120 secs
Report
The discourse scrutinised international regulatory frameworks and norms steering the digital domain, drawing attention to the pivotal functions of entities like the Internet Corporation for Assigned Names and Numbers (ICANN), cybersecurity-focused hardware manufacturers, and web server management organisations. The spotlight was on the web’s inherent susceptibilities and the collective resolve needed to shield this integral network from threats.
A critical area of concern is the robustness of measures to safeguard software and apps from breaches. The dialogue probes the vetting and authorisation processes for such digital products, pondering the sufficiency of regulatory oversight in protecting users. Microsoft was cited as exemplary, symbolising broader trust and reliability issues in software provision to global users.
An articulated argument is the misalignment between software development and end-user security awareness. It’s advised that certification bodies and regulatory authorities rigorously assess security protocols within software before green-lighting their widespread distribution. The discussion underlines the importance of producing not just accessible and functional software but also integrating stringent security standards to shield users from future vulnerabilities.
It calls for a more detailed scrutiny of software by certifiers, considering potential security repercussions and the impacts of software rollouts. Such vigilance is deemed crucial to uphold cyberspace integrity and safeguard users’ digital engagements. In summation, a more thorough and painstaking evaluation by certifying authorities is advocated, delving into likely security implications and effects of deploying software.
A powerful tool for innovation and communication, the internet’s governance demands a delicate balance between its utility and user security, underscoring the need for responsible oversight by recognised institutions to defend stakeholder interests.
TP
Team Purple
Speech speed
111 words per minute
Speech length
232 words
Speech time
126 secs
Arguments
Legal void in international law relating to cyber crime
Supporting facts:
- International law currently has gaps in addressing the complexity and anonymity of cyber crimes
- Lack of universally accepted definitions and standards for what constitutes a cyber crime
Topics: Cyber Crime, International Law, Legal Void
Report
The extended analysis highlights critical concerns regarding the efficacy of international law in addressing cybercrime, a complex and anonymous threat. The legal gap, marked by the absence of universally recognised definitions and consistent standards defining cybercrime, undermines SDG 16’s goal of promoting peace, justice, and strong institutions.
The lack of clear guidelines renders nations and organisations ill-equipped to counter the growing menace of cyber threats, underscoring the imperative need for a cohesive international strategy and the development of comprehensive legal frameworks. Further to this, the analysis expresses reservations about the capability of the International Court of Justice (ICJ) to adjudicate disputes pertaining to state-sponsored cyber attacks effectively.
Despite its role as a primary juridical body for resolving state-to-state legal contentions, the ICJ’s adaptability to the cyber realm seems tentative. This is due to the inherent challenges in identifying the origin of cyber attacks and defining the parameters of state liability in such incidents.
The emergence of digital warfare and the ambiguity surrounding acts of cyber aggression accentuate the difficulties in wielding existing international laws to manage these modern challenges. The consequent debate over the ICJ’s adequacy in arbitrating cases of cyber conflict is driven by the necessity for unequivocal attribution and responsibility to hold states accountable for their involvement in cyber offences.
In summation, it is critically evident that there is an essential demand for the international community to bolster the legal instruments governing cyberspace. Reinforcing these provisions is vital to effectively combat cybercrimes and align with SDG 16’s aspiration to strengthen international peace and legal compliance.
The refinement of these legal measures will not only enhance global cybersecurity but will also advance the pursuit of a more harmonious and law-abiding world order. The text adheres to UK English, maintaining spellings and grammar in line with the requirement.
No grammatical errors, sentence formation issues, or typos are detected. The summary remains focused on accuracy and quality, incorporating long-tail keywords such as ‘state-sponsored cyber attacks’, ‘international law and cybercrime’, and ‘ICJ’s adaptability to the cyber realm’, ensuring relevance to the key themes without compromising the integrity of the content.
TY
Team Yellow
Speech speed
175 words per minute
Speech length
349 words
Speech time
119 secs
Report
The delegate has asserted a supportive opinion regarding the introduction of a comprehensive Cybercrime framework, endorsing its role in the standardisation of international digital law. They emphasised the importance of upholding core principles such as the rejection of exploitation, the safeguarding of human rights, and adherence to due diligence within the cybersecurity legal structure.
A keen distinction was made between the binding nature of hard law and the current softer, voluntary guidelines that govern cyberspace state conduct. The delegate compared these guidelines to the customs within a community, like exchanging pleasantries in the morning, which, although customary, are not obligatory and lack formal consequences if ignored.
This analogy served to illustrate the limitations of norms without enforcement mechanisms, suggesting that the absence of penalties reduces the efficacy of these norms in encouraging responsible state behaviours in the digital space. The delegation expressed approval for plans to establish a Cybercrime Convention, which they believe will greatly aid in creating a regulated cyber environment with enforceable state obligations.
In wrapping up, the delegate warned against over-reliance on voluntary norms, hinting that without integrating norms with binding international law, there is a threat of neglecting expected cyber conduct, hindering progress. Consequently, the UK delegation called for the prompt formation of the Cybercrime Convention, advocating for the turn of principles into effective action and regulated cyberspace under global law.
In sum, the delegate’s address underscores the vital difference between non-compulsory norms and binding legal agreements, advocating for transitioning from the former to the latter to efficiently regulate state actions in cyberspace. The recommendations and reasoning offered stress the urgency for crafting a structured legal framework that enforces international cyber regulations beyond mere suggestions.
VR
Vladimir Radunovic
Speech speed
153 words per minute
Speech length
1405 words
Speech time
552 secs
Arguments
Ransomware is a proliferating global threat.
Supporting facts:
- Ransomware encrypts data and renders systems useless.
- Attacks have disrupted critical infrastructure, including hospitals.
Topics: Cybersecurity, Ransomware
Governmental or political use of ransomware is concerning.
Supporting facts:
- Cybercriminals are typically behind ransomware attacks.
- There is evidence of governmental or politically motivated ransomware usage.
Topics: Cybercrime, Government, Ransomware
Commercial spyware is used to monitor individuals beyond criminals and terrorists.
Supporting facts:
- Spyware penetrates systems and accesses all device data.
- Reports show spyware is used against civil society, activists, media, and diplomats.
Topics: Privacy, Spyware, Human Rights
There’s an increase in governments exploiting vulnerabilities for weaponry.
Supporting facts:
- Digital environment vulnerabilities can be massively exploited.
- Governments are not ethically disclosing and patching vulnerabilities.
Topics: Cybersecurity, Government, Digital Vulnerabilities
Capacity building should be a sustainable and continuous process.
Supporting facts:
- Capacity building is often implemented as a one-off event.
- There is a need for a process that addresses the direct needs of the target group, involves local communities and expertise.
Topics: Capacity Building, Sustainable Development
Capacity building programs should involve local expertise and communities.
Supporting facts:
- Involving local communities and expertise is currently lacking in capacity building initiatives.
- Local involvement ensures that the programs are catered to the specific needs and context of the area.
Topics: Local Communities Involvement, Expertise Utilization
Funding for capacity building should be both sufficient and neutral.
Supporting facts:
- Civil society struggles to ensure funding for capacity building.
- Neutral funding is crucial to avoid bias in capacity building.
Topics: Funding, Neutrality in Capacity Building
Report
The rising threat of cybersecurity, especially the proliferation of ransomware, constitutes a significant threat to global security and stability. These malicious attacks, capable of encrypting data and disabling crucial systems, have severely impacted critical sectors such as healthcare, with potential risks to human lives.
Such breaches of security directly relate to SDG 9, which emphasises the importance of building resilient infrastructure, fostering innovation, and promoting industry. Moreover, the disturbing use of ransomware by governments or politically motivated entities exacerbates the cybersecurity threat landscape, challenging the ideals set by SDGs 11 and 16, dedicated to fostering sustainable cities and communities, and establishing peace, justice, and robust institutions, respectively.
Equally alarming is the widespread use of commercial spyware, which poses grave risks to privacy and human rights. This form of cyber-surveillance, often employed by government agencies, has been used to target civil society, activists, journalists, and diplomats, undermining the principles of SDG 16 that call for the protection of peace, justice, and strong institutions.
The negative sentiment underscored by these developments spotlights the detrimental impact of cyber threats on individual freedoms and societal cohesion. Additionally, the unethical exploitation of digital vulnerabilities by governments threatens the security of the digital environment. The practise of hoarding information about these vulnerabilities without responsibly disclosing or addressing them is tantamount to creating a stockpile of digital weapons, contravening the spirit of SDG 16.
In light of this, there have been strong calls for the establishment of ethical guidelines in cybersecurity, including a ban on the commercial production and use of spyware and a coordinated approach for the disclosure and patching of vulnerabilities, reinforcing SDG 9’s goal for resilient infrastructure.
The discourse extends to the field of sustainable development, with an emphasis on the transformative impact of continuous and community-engaged capacity building. Current capacity building measures are often criticised for their lack of sustainability and failure to meet the persistent needs of the target groups.
This perspective aligns with SDGs 4 and 17, which highlight the need for quality education and the establishment of partnerships to achieve global goals. Effective capacity development requires integrating local communities and leveraging expert knowledge to ensure that initiatives are contextually relevant, supporting SDGs 11 and 17.
A critical area of concern is the funding for capacity building initiatives. Non-governmental organisations frequently face challenges in acquiring sufficient and unbiased funding, pivotal for maintaining the impartiality of capacity building efforts. This brings attention to the necessity for increased and dedicated funding from states, in accordance with SDG 17, indicating the urgency for a collective and enduring commitment from the global community.
In conclusion, the complex issues surrounding cybersecurity threats, human rights violations through spyware, and the need for enhanced capacity building are converging into a clarion call for greater international cooperation and the adoption of transparent, ethical, and inclusive practices. These concerns resonate with the Sustainable Development Goals, serving as a guiding framework to navigate these multi-faceted challenges and advance towards a more secure, equitable, and sustainable global society.