Main session: Enabling safety, security and accountability
1 Dec 2022 08:15h - 09:45h
Event report
The session looked into the guiding framework and the principles of Cyber Capacity Building (CCB) developed by the Global Forum on Cyber Expertise (GFCE) in Delhi Communiqué on a Global Agenda for CCB, as a result of the EU’s detailed set of cybersecurity capacity building principles augmented by the EU cyber diplomacy principles. Against this backdrop, the UN’s Open-Ended Working Group (OEWG) has proposed its own set of principles, thus broadening the number of states committing to the principles of the CCB to all UN members.
At the 2017 IGF in Geneva, session with the human rights-based approach to cybersecurity was organised only as a pre-event. At the time, governments felt pressured to consider human rights, transparency, and accountability. Now in 2022, these topics are part of IGF main sessions, and they have gone a long way from cybersecurity specialists having conversations about cybersecurity and human rights in closed rooms to public and human centred conversations.
Some of the main milestones achieved since then are: three rounds of the group of governmental experts (GGE), the UN First Committee process where governments come together to talk about international cybersecurity to reach a consensus, and the OEWG which resulted in a report and principles on cyber capacity building, now in its second round.
While the level of awareness globally has gone up dramatically, the level of understanding of the importance of cybersecurity in terms of human rights still has a long way to go, despite the progress made. Capacity building efforts around cybersecurity remain essential. The capacity building is ‘a two-way street’, where it is not just about developed rich countries providing expertise to less developed nations, but also peer-to-peer learning on the needs and ways to facilitate and build needed capacities.
It was noted that Africa needs cyber diplomats to engage in global conversations and develop norms and confidence building measures – which have to be based on the evolution of requisite capacity building. The Global South in general, needs to adopt common democratic positions on things such as internet freedoms. Decision-makers need to get better insights on these issues.
One of the challenges on the UN level is true, inclusive, and multistakeholder participation and more transparent processes. Potential parallel processes will probably result in more challenging meaningful contributions.
On the national level, challenges include a lack of clear institutional and legal processes and the overall lack of impetus of government institutions on cyber capacity building.
From a human rights perspective, real societal challenges need to be discussed. Cybersecurity and cybercrime are areas that are ‘double-edged swords’ for human rights defenders, journalists, and others. These groups need protection in terms of cybersecurity and capacity building concerning effective digital security tools. Risks concerning digital spaces also affect vulnerable groups and women. Therefore, it is important to keep all these differences in mind when creating cyber capacity building frameworks and programmes.
The panel called for a moratorium on the domestic and transnational sale and use of surveillance systems. States are urged to use spyware only as a measure of last resort for specific acts and serious threats related to national security, in targeted ways, with strong safeguards in place.
Multiple speakers agreed that the relation between cybersecurity and ethics needs to be explored more in depth. Discussions should include the private sector, states, and non-state actors, in spaces such as the UN and similar multistakeholder initiatives.
While all major social media companies stated that they want to tailor their practices inline with the UN guiding principles to respect human rights; governments also have an obligation under the same principles to regulate companies and ensure they fulfil their responsibilities.
By Aida Mahmutovic