Agenda item 5 : Day 3 Morning session

International law in cyberspace: Consensus and challenges at the OEWG’s fifth meeting

The fifth meeting of the seventh substantive session of the Open-Ended Working Group (OEWG) on Security of and the Use of ICTs, established pursuant to General Assembly Resolution 75-240, served as a platform for in-depth discussions on the application of international law to the realm of ICTs in cyberspace. Delegates from various countries and regional groups, including the African Union and Czechia, presented their national and regional positions, contributing to a diverse array of perspectives on the complex issue of cyber security and the rule of law.

A consensus emerged among the delegates on the applicability of existing international law, including the UN Charter, to cyberspace. The principles of sovereign equality, non-use of force, respect for territorial integrity, peaceful resolution of disputes, non-interference in internal affairs, bona fide compliance with obligations, and interstate cooperation were underscored as fundamental. However, the unique technical and legal characteristics of cyberspace, such as its trans-border nature, the anonymity of users, and the difficulty in identifying sources of malicious activity, were recognized as challenges to the automatic application of these principles.

The Russian Federation highlighted the need for a comprehensive approach to the international legal regulation of cyberspace, advocating for the development of new norms and a universal, legally binding instrument to address the specificity of ICTs. The draft Convention on International Information Security proposed by Russia and other states was presented as a potential basis for future universal agreements.

The session also focused on the application of international humanitarian law (IHL) to cyber operations during armed conflicts. Delegates, including Senegal on behalf of a cross-regional group, emphasized the need to apply IHL principles such as humanity, necessity, proportionality, distinction, and precautions to protect civilians and civilian objects from cyber operations in armed conflicts.

Capacity building in international law as it relates to ICTs was identified as crucial for ensuring meaningful participation by all states in discussions. The OEWG was seen as a key forum for using scenario-based discussions to better understand the application of international law to ICTs. Delegates proposed that these discussions could be integrated into the schedule of OEWG events, including the intersessional meetings in May, and could be conducted in coordination with expert briefings to ensure wide participation.

The session highlighted the importance of inclusivity and the contribution of stakeholders, including regional organisations, in shaping the global discourse on cybersecurity and international law. The African Union’s common position was particularly noted as a significant contribution to the debate.

In conclusion, the session demonstrated a collective commitment to deepening the understanding of how international law applies to ICTs and identifying any gaps. The discussions were marked by a spirit of cooperation and a recognition of the need for ongoing dialogue. The session adjourned with the understanding that discussions would continue, particularly during the intersessional meetings and the upcoming dedicated international law meetings.

Noteworthy observations included the diversity of views presented, the constructive tone of the discussions, and the willingness of delegates to engage with complex legal and technical issues. The session underscored the importance of continued engagement and capacity building to ensure that all states can contribute effectively to the development of norms and principles that will govern state behaviour in cyberspace.

Chair:
Welcome back to the fifth meeting of the seventh substantive session of the Open-Ended Working Group on Security of and the Use of ICTs, established pursuant to General Assembly Resolution 75-240. Listening to delegates, we will now continue our substantive discussions and we will begin today our discussion on the section on how international law applies to ICTs. As I indicated yesterday afternoon, we are slightly behind schedule, but it is important that I give everyone an opportunity to make their statements. But I would encourage each one of you to see if you can look through your interventions and make the key points and circulate your full statement to all delegations. And you can also send it to the Secretariat, which will be able to put it on the website of the Working Group. So that way, everyone is able to see the full positions as articulated in your statement. But we will hear in the committee at least the key points from each of your delegations. So with those preliminary comments, I open the floor now for delegations wishing to make a statement on how international law. And here, too, I would guide your attention to the guiding questions that were circulated. It will be very helpful if you can address that. And I also look forward to hearing very… specific ideas or suggestions you might have with regard to international law. I had also added some new questions for this session in terms of how we in the open-ended working group could use scenario-based discussions to have a better understanding about how international law applies to the use of ICTs. So distinguished delegates, the floor is now open and let me start with the Russian Federation to be followed by Senegal.

Russian Federation:
Mr. Chair, information space has unique technical and legal characteristics that make it impossible to fully or automatically apply existing international law provisions. Specifically, I’m referring to trans-border and all-penetrating character of ICT, the anonymity of their use and the difficulty of verifiably identifying a source of malicious activity, the possibility of integrating hidden malicious functions and targeting vulnerabilities and using ICTs for dual purposes. In this situation, there’s a need for a comprehensive approach to the issue of the international legal regulation of cyberspace. Many years of discussions on this subject so far have identified a common understanding only as to the applicability of the generally recognized international law provisions to ICTs. Above all, this refers to sovereign equality and non-use of force or threat of force, respect for the territorial integrity of states, resolution of international disputes by peaceful means, non-interference in internal affairs, bona fide compliance with obligations under international law, and interstate cooperation. Having said that, there are no clear internationally agreed mechanisms for applying even these fundamental principles to cyberspace. Clearly, international law has many lacunae as far as cyberspace goes. A number of states keep talking about the sufficiency and full applicability of the existing norms to cyberspace, but that is simply not right. The fact that it’s not correct is confirmed by the input of the expert community via UNIDIR-sponsored events. In this context, considering concrete scenarios can have some value added, will demonstrate the impossibility of fully regulating cyberspace using only existing legal norms. We are convinced that the only way to fill the gaps in international law is to progressively develop it through writing new norms, which would take into account the specificity. of ICT. Ideally, it would be agreeing on a universal, legally binding instrument. Only in this way can one ensure the exclusively peaceful use of ICT and prevent conflicts in this domain. In our view, the group could contribute toward those efforts by discussing and agreeing elements of such a future international treaty. To talk about a possible prototype of such a treaty, Russia, with a group of like-minded countries, has submitted a draft convention of the United Nations on ensuring ICT security. We dwelt on it in detail when we were discussing norms, rules, and principles for the conduct of states. The document has been posted on the OEWG website and is open to discussion. Adopting such a universal agreement would make it possible not only to create a legal framework for the rights and obligations of states relating to the activities in cyberspace, but would once and for all regulate the issue of political attribution of computer attacks in international relations. Thank you very much.

Chair:
Thank you very much, Russian Federation, for your statement. Senegal to be followed by Cuba. Senegal, please.

Senegal:
My delegation is taking the floor on behalf of the delegation of Brazil, Canada, Chile, Colombia, the Czech Republic, Estonia, Germany, the Netherlands, Mexico, the Republic of Korea, Sweden, Switzerland, and Senegal. The Annual Progress Report 2022 is recommended to continue to engage in focused discussion at the OEWG on how international law applies in the use of information and communication technologies. Drawing from topics from the non-exhaustive list that include the need for further study on how and when and the principle of international humanitarian law apply. For our delegations, the need for states to engage in discussion on how EHL applies to such operations, acknowledging the particularities of the digital domain, remains a priority. Focused discussions will help to develop common understandings on how we can best protect civilians and civilian objects, as well as what actions are prohibited or requiring during armed conflicts. With a view to contribute to such discussions, as well as capacity-building initiatives, our delegations submitted a working paper on the application of international humanitarian law to the use of information and communication technologies in situations of armed conflicts. In this working paper, we discussed the application of EHL to ICT operations in the context of armed conflicts. In particular, the principles and rules of EHL governing the use of ICTs, notably military necessity, humanity, distinction, proportionality, and precautions, as well as measures to ensure respect for EHL, are discussed. Fifth, while at the same time recognizing that a number of aspects remain to be clarified, and that a continual intergovernmental exchange at the multilateral level remains the case in this regard. Without going into many details, we wish to highlight the following points. First, existing EHL applies to and places important limits on cyber operations executed in the context of and in relation to an armed conflict, particularly its fundamental principles of humanity, necessity, proportionality, distinction, and precautions. EHL addresses the realities of armed conflict without considering the reason for or the legality of the recourse to the use of force. Applying EHL does not encourage or legitimize in any way the possible recourse to the use of force between states in any situation or context, including in cyberspace. Second, the principles of military necessity and humanity underline the whole body of EHL and find expression in other rules and principles, such as the principle of distinction, proportionality, and precaution. The principle of military necessity requires that only measures which are actually necessary to achieve a legitimate military purpose and which are not otherwise prohibited by EHL are taken. The principle of humanity seeks to limit and elevate the suffering and destruction during armed conflicts. A fundamental concern of EHL is to ensure that a balance is struck between military necessity and humanitarian considerations. Third, in addition to the principle of military necessity and humanity, in particular the principle of distinction, proportionality and precaution govern the conducts of hostilities and are also of fundamental principle when cyber means and methods of welfare are employed. Fourth, many of the rules and principles governing the conduct of hostilities are applicable in particular to cyber operations that amount to an attack within the meaning of EHL. For example, acts of violence against the adversary, whether in offense or defense. These uncopacies at the very least cyber operation that are reasonably expected to cause directly or indirectly injury or death to persons or physical damage or destruction of two objects. However, the circumstances in which a loss of functionality could be considered an attack in the sense of EHL need to be. further clarified, including the discussion regarding the definition of a cyber attack in the sense of EHL. In a similar vein, the protection of civilian data and question regarding cyber operation disrupting systems without causing physical harm, but nevertheless with possibility potentially wide ranging effects remain challenging that require further clarification. Fifth, compliance with EHL when conducting cyber operation is not limited to the rules and principles governing the conduct of facilities. Other specific rules and principles of EHL must be respected, including when conducting cyber operation that would not qualify as an attack. Sixth, states and parties to unarmed conflicts must take measures to implement EHL, give orders and instruction to ensure observance of EHL and supervise their execution. We would like to conclude with the suggestion to use this paper and other contribution of application of EHL and international law in this OWG, including the upcoming dedicated international meetings in May for in-depth discussion and reflect them in the third annual progress report. Thank you very much. Chairman, I would also like to say some words in my national capacity. Since this is the first time that Senegal is taking the floor, we would like to express our pleasure at the results the open-ended working group has reached under your leadership, and this based on the constructive approach demonstrated by all delegations. My delegation would like to call all delegations to approach this work in the same constructive way to ensure the success of the work of our group as regards international law. We believe. that this, like the adoption of a new international instrument and positive international law to govern cyberspace, has – this issue has not yet been resolved. We believe it’s necessary to continue the work on this to avoid misunderstanding and ensure a better understanding as to how international law can be applied to activities in cyberspace. Therefore, we echo the African position on this, which international law applies in this area. This was adopted in February 24. We reassert Africa’s commitment to noninterference in the internal affairs of another country, the peaceful resettlement of disputes. Senegal believes that particular attention should be given to two issues, first with regard to the international humanitarian law in this area. Having recalled the fact that international humanitarian law can never be used to legitimize war, we must ensure the comprehensive implementation of international humanitarian law in cyberspace. Therefore, we must respect the basic principles of that law in cyberspace. The working document that we have put forward on international humanitarian law, which I have just read, should be considered. The second considers countermeasures in the face of cyberattacks. It’s imperative to ensure that we reach a consensus that can ensure that we have a balance between recognizing equity between countries that do not have the necessary technology and ensuring that they have resources to make sure that they are not victims to attacks in cyberspace. Therefore, it’s important that the working group is committed on this area so that we have clear discussions on this issue of cyber security. Thank you.

Chair:
Thank you very much, Senegal, for your statement. Cuba to be followed by Colombia.

Cuba:
Gracias. Thank you. Mr. Chairman. On this controversial theme, unfortunately, it’s the area in which we have made less progress in the context of the open-ended working group. In a simplistic manner, the application of international law has been adopted with regard to the ICT domain. In its non-exhaustive questions on this issue, mention is made of approaching a consensus in the debate through considering different scenarios. Nothing more objective than this idea can be found, for the current international scenario has shown very clearly that there is a great credibility crisis with regard to international law at the moment, which is being constantly manipulated and misused. The Secretary General of the United Nations himself has described the state of chaos facing international law, the non-respect for the Charter of the United Nations, and the inability of this body to impose its authority in a world in which multilateralism has been hijacked. Cyberspace does not escape this harsh reality. This must lead us to consider in depth and in a responsible way how to use the tools and mechanisms that have been designed for a context such as cyberspace and which require to be updated because of the complex nature of cyberspace. We could use international law, which has already been established, but this requires a new look. Each disruptive situation situation has generated challenges for international law. We have many treaties, agreements, conventions and other instruments which have arose from the need to adjust norms to make international responsibility operative. Therefore, we must ask ourselves, why do we not do the same now when it comes to the complex and threatened cyberspace? Unfortunately, rather than uniting our efforts to develop international law in this context, we have this tendency to multiply the view that it can be applied in its totality. This has been repeated on many occasions with a political intention in different platforms, meetings and events. Over coming days, Cuba will submit an updated document on our positions in this regard. We have studied with considerable seriousness the documents establishing the positions of a group of countries and regional organizations and we strongly maintain our position, which is that this is a theme that will require tough work to reach consensus, but we will contribute to that effort. We will support it. Thank you very much.

Chair:
Thank you very much, Cuba. You are absolutely right that this is going to be tough work, this particular topic, but you are also right that we need to build consensus. Every discussion we have and every effort we make will, I hope, lead in that direction. It is in that spirit that we are having this discussion. I would like to encourage once again everyone to respond to the questions and, if possible, summarize your statements. make your full statement available because this is a topic where all of us need to look very carefully at the discussions especially as it relates to international law, international humanitarian law as well, and see how we can find some common elements and possibly take some steps forward. So I have a very long list of speakers but we will go through them one by one. Colombia to be followed by Republic of Korea. Colombia, please.

Colombia:
Gracias, Senor President. Thank you, Mr. Chairman. I will make this statement on behalf of a group of countries so I will move on to English. Thank you, Mr. Chair. I’m delivering this statement on behalf of Australia, El Salvador, Estonia, Uruguay and my own state of Colombia. In July last year, this same CREL regional group presented a working paper on convergence language on international law, much of which we were pleased to see reflected in the final 2023 annual progress report. Since that time, as has recommended in the 2023 IPR, states have continued to engage in focused discussions and make substantive interventions on international law. We are impressed by the number of member states delivering such detailed statements on how international law applies to cyberspace and believe that this offers further ground for carving out additional areas of emerging convergence. We welcome the increasing number of national and regional positions being put forward which contributes to deepening collective understanding of how international law applies in cyberspace. Building upon these discussions and acknowledging the momentum gained in our recent sessions, guided by the insightful questions raised by you, Mr. Chair, and your team, we aim to address these elements in this joint statement. States have reaffirmed the cumulative and an evolving framework of responsible state behavior in the use of ICTs, including the previous reports of the OEWG and GGEs, which have been endorsed by the General Assembly. As part of the AQIS, states have reiterated that international law, and in particular, the Charter of the United Nations, is applicable and essential to maintaining peace and stability, and promoting an open, secure, stable, accessible, and peaceful ICT environment. And states shall fulfill, in good faith, their obligations under the UN Charter. In the use of ICTs, states have also reaffirmed, in the second IPR, the application of the principles of state sovereignty, sovereign equality, and international norms, and principles that flow from sovereignty. Non-intervention in the internal affairs of another state, the prohibition on the use of force, and the peaceful settlement of disputes. We believe that deepening common understandings of the application of existing international law to states’ behavior in the use of ICTs is of central importance, as it increases the predictability of state behavior, contributes to building confidence, lowers the risk of miscalculation, and clarifies the consequences of unlawful state behavior. Chair, in response to your first guiding question, we would like to highlight some further areas of emerging convergence, which have been frequently reflected by the states in their interventions since the group began its work in 2021. These areas of emerging convergence include the recognition that states must respect and protect human rights and fundamental freedoms, both online and offline, in accordance with their respective obligations. States must meet their international obligations regarding internationally wrongful acts attributable to them under international law, which includes reparation for the injury caused. And international humanitarian law applies to cyber activities in situations of armed conflict, including, where applicable, the established international legal principles of humanity, necessity, proportionality, and distinction. Among other elements presented in our previous working paper, we would like to reaffirm that in addition to Articles 2 and 33, Chapter 6 of the Charter of the United Nations more broadly provides for the Pacific settlement of disputes, which is applicable to states’ conduct in cyberspace. It is important to continue to discuss and exchange ideas to generate a common understanding on how states envision the future. The establishment of a future permanent mechanism to advance the responsible behaviors of states in the use of ICTs in the context of international security could offer a framework to accommodate these informed and structured discussions. Dedicated thematic groups, including on international law issues, could be part of an action-oriented future permanent mechanism and useful for these purposes. We also acknowledge the importance of continuing discussions on how international law applies in cyberspace within the OEWG, as well as the importance of building capacity in the area so that all states can participate meaningfully in these critical discussions that are key to preventing conflicts and maintaining peace and security. Building capacity on the application and implementation of international law may also assist with the achievement of the Sustainable Development Goals, including the promotion of peace, justice, and strong institutions in accordance with SDG 16. Addressing your question on how scenario-based discussions could be conducted within the framework of the OEWG and how this working group could collaborate with and build upon existing initiatives in this regard, we propose that these discussions be integrated into the schedule of the OEWG events for 2024, particularly the intersessional meetings in May, as well as in future POC directory simulation exercises. Now we’re narrowing down the scenario-based discussions to address specific international law topics will help to focus discussions to exchange of views. Also, the discussion may take place in coordination with expert briefings to ensure why participation at hybrid format should be preferred. Furthermore, considering the additional capacity resources that will be available for the states in the future, such as the updated UNODA cyber diplomacy e-learning course and the POC directory capacity building materials. It will be beneficial to integrate a practical model within the POC directory with simulation exercises that enable participants to apply the knowledge acquired. Finally, regarding examples of existing scenario-based exercise that assist with capacity building, we would like to highlight the excellent work conducted by UNIDIR with the event International Law and Behavior of States in the Use of ICTs, held in November 2023, as well as the availability of the cyber law toolkit, which includes 28 scenarios on the application of international law to cyberspace. Also, we acknowledge the importance of several side events to the substantive sessions of the OEWG, that also use hypothetical scenarios to apply international law to cyberspace. We believe that the experience of those involved in developing scenario-based discussions and resources could be shared during the May inter-sessional session. Thank you.

Chair:
Thank you very much, Colombia. Republic of Korea, followed by Islamic Republic of Iran.

Republic of Korea:
Thank you, Chair. The Republic of Korea reaffirms that existing international law, in particular the Charter of the United Nations in its entirety, the principle of sovereign equality, territorial equality, international humanitarian law, international human rights law, is applicable in cyberspace. However, given the characteristics of cyberspace, there may be some ambiguities that require further elaboration and clarification. For instance, when applying the principle of non-use of force in the cyber domain, the outcome, nature, actors, and targets of the cyber action should be considered comprehensively in order to determine which cyber activities constitute the use of force and to identify the actors behind cyber activities. Speaking on the international humanitarian law, IHL aims to best protect civilians and civil objects, and thus cyber operations in the context of armed conflicts are no exception in applying IHL. Cyber operations can even lead to armed conflicts where IHL can also be applied. We welcome more research and discussions in the context of the OECD. for the sophisticated application of IHL into cyberspace. In this context, my delegation is aligned with Senegal’s statement delivered on behalf of the working paper group. We believe that such effort will help reduce the gaps and ambiguities in applying international law in cyberspace by promoting constructive discussions. Turning to the scenario-based discussions, my delegation is of the view that they’re beneficial for facilitating more detailed and in-depth discussions. We could explore holding exercises with discussions on real cases, joined by ICT and legal experts. However, we would like to point out the scenario-based discussions should not serve as a tool to limit the scope and direction of discussions in the OEWG. Thank you.

Chair:
Thank you very much, Republic of Korea, Islamic Republic of Iran, followed by the Philippines.

Islamic Republic of Iran:
Mr. Chair, thank you for giving me the floor. In response to your guiding questions about identifying further convergences on topics contained in the non-exhaustive list in subparagraph 29 A and B in the second APR, I would like to highlight that discussions in the OEWG have clearly demonstrated that significant convergence has already been achieved within the international community concerning the topic outlined in subparagraph 29 B regarding the development of additional legally binding obligations. The rationale behind this assertion is that Non-Aligned Movement, which is a forum of 120 countries in its working paper submitted to the first OEWG, has acknowledged the need to identify legal gaps in international law through the development of an international legal framework specific to the unique attributes of the ICT environment. I wish to recall that NAM includes two-thirds of UN member states, and as highlighted by one colleague in a separate meeting, almost 70% of oxygen in any room within the UN is generated by NAM. Mr. Chair, in the sixth substantive session of the open-ended working group, my country, as a victim of the first well-known cyber weapon called Stuxnet, and as one of the proponents of such legally binding instrument, thoroughly detailed the rationale and addressed the concerns articulated by those in opposition. I take this opportunity to kindly invite other delegations to study this document, which is available on the OEWG website. We would also like to highlight that a proposal presented by the Russian Federation and co-sponsored by a group of countries is reflected in Annex D of the second annual progress report titled Updated Concept of the Convention of the United Nations Ensuring International Information Security. Mr. Chair, we are of the view that the scenario-based discussions mentioned in your guiding. questions constitute a fruitful approach for fostering a deeper understanding of the necessity to develop a legally binding instrument related to information and communication technology. Through the presentation of hypothetical scenarios or real-world examples, states can scrutinize the adequacy of existing legal frameworks and deliberate on whether a more comprehensive and legally binding instrument on ICT security is imperative. Scenario-based exploration allows for an inclusive assessment of the current legal landscape and facilitate informed discussions on the need for enhanced measures in addressing ICT security challenges. Mr. Chair, the application of the purposes and principles of the UN Charter extends to the domain of information and communication technologies. My delegation seeks to share additional insights into the principles of sovereignty, sovereign equality, and non-intervention in the internal affairs of other states to enhance our common understanding and facilitate the identification of additional convergences about those principles contained in the non-exhaustive list in subparagraph 29A in the second APR. However, in the interest of time, I don’t want to read them which are available in our written statement that will be sent to the Secretariat to be uploaded in the group website. Mr. Chair, finally, we assert that the ICT environment encompassing the Internet in its entirety constitutes a common heritage of mankind. As a result, we advocate for the application of principles such as non-appropriation and shared governance, integrity, the intrinsic right of states to access, preservation, and utilization for peaceful purposes, fair distribution of resources, and transfer of technology. Thank you, Mr. Chair.

Chair:
Thank you very much, Islamic Republic of Iran, for summarizing your statement and also indicating that you will send us the full statement or rather to the Secretariat so that it’s available for everyone to see. Thank you very much for that. I give the floor now to the Philippines to be followed by Nigeria. Philippines, please.

Philippines:
Thank you, Mr. Chair, fellow delegates. The Philippines acknowledges and appreciates the Chair’s recognition of the potential effectiveness of scenario-based discussions in deepening our understanding of the application of international law in the realm of cybersecurity. We firmly believe that such an approach offers a practical means for member states to explore and appreciate how existing international law concepts and doctrines operate in varying scenarios, thereby identifying potential gaps in our collective understanding. In line with this commitment, the Philippines, in collaboration with Australia and Uruguay, is pleased to announce the successful conduct of the side event titled International Law as as a successful and effective toolkit during the seventh substantive session of the UN Cyber OEWG. The event took place today, 6 March at the Australian Mission. The workshop facilitated a nuanced discussion on the application of international law in cyberspace. Attendees were engaged in small group discussions, employing a case study format to explore how various bodies of international law could be applied and served as an effective toolkit for victim states responding to malicious cyber conduct. The Philippines sees this as a small but meaningful contribution to the growing call from states for scenario-based training on the application of international law in the use and security of ICTs. As we explore this avenue, we draw attention to the cyber law toolkit developed by NUCCB, ICRC, CCDCOE, University of Exeter, and U.S. Naval War College and Wuhan University that my delegation took notice after reading through the mapping exercise papers circulated by the secretary at last week. This resource presents various scenarios which the OEWG can take into consideration in the future design of cyber capability building workshops in international law. These scenarios include but are not limited to election interference, cyber espionage against government developments, economic cyber espionage, cyber operations against power grids, leak of state-developed hacking tools, cyber countermeasures against an enabling state, legal review of cyber weapons, sale of surveillance tools in defiance of international sanctions, ransomware campaigns, cyber operations against medical facilities, misattribution caused by deception, and cyber attacks against ships on the high seas, among others. In light of the above, the Philippines thanks once again its co-sponsors, Australia and Uruguay, as well as all delegates who attended our interactive side event. Shared insights and collaborative efforts are essential in advancing our collective understanding of the complex intersection between international law and the rapidly evolving landscape of cyber security. Thank you, Mr. Chair.

Chair:
Thank you very much, Philippines, for your contribution. Nigeria to be followed by the European Union.

Nigeria:
Chair. Nigeria aligns with the African Union position on the essence of applying international law to the cyberspace. And I would like to make some remarks in our national capacity. The guiding principles of international law is a product of multilateral efforts in ensuring responsible state behavior and should be applicable to cybersecurity. We affirm that to safeguard the present and future generations from nefarious cyber activities, it is vital to develop a global legal framework that ensures that ICT are used for the advancement of humankind. In the interest of peaceful coexistence, the internet must remain open, secure, stable, accessible for peaceful purposes, as well as protect basic human rights and fundamental freedom of people and entities. Nigeria acknowledges that the cyberspace is evolving and has transformed our subsistence and modeled the world into a global village. Hence the necessity to strengthen and apply existing international law to govern the cyberspace. Nigeria would continue to engage other states with contrary opinion to develop additional legal framework where necessary and within the ambit of the global consensus. Mr. Chair, my delegations believe that the application of international law in cyberspace is paramount to territorial subentry. It is pertinent to reiterate that subentry presupposes the rights of states to conduct their internal and external affairs, including their cyberspace without external interference through malicious cyber activities. It’s therefore, the unions therefore falls on states to enforce relevant laws against online criminal activities within their territories. International cooperation amongst states reinforces the objective of combating a common enemy through a consensus-based legal framework, which may be used for peaceful settlements of disputes on ICT-related issues. It is therefore no doubt that the attainments of a common legal position is premised on states’ willingness to compromise divergent view to achieve the ultimate goal of safeguarding the cyberspace. Nigeria validates due diligence as a process that promotes openness, accessibility, safety and security of the cyberspace. Due diligence is crucial in investigating the source of malicious cyber activities to avoid escalation of conflicts between or among perpetrators and victim, bearing in mind that states do not possess the same technical capacity in detecting and subverting criminalities in the cyberspace. The collaboration and information sharing amongst states’ computer emergency response teams and cybersecurity incident response teams should be encouraged, maintained and sustained at global level. States must also uphold high standard against sponsoring cyber attacks, particularly against critical infrastructure and critical information infrastructure in other territories. The preservation of life and provision of busy communities are sacrosanct. Attack against facilities that cater for such provision is inhumane and should be avoided at all costs. The application of international humanitarian law, within the context of cybersecurity, is premised on the principles of distinction, proportionality and necessity when retaliating against a malicious cyber attack in order to avoid negative spiral effects on the territorial sovereignty of another state. Mr. Chair, capacity building in international law as it relates to ICT bridges the gap in the application of international law in cybersecurity. As states on equal footing compromise divergent stance to reach consensus. It also empowers states with requisite knowledge to make well-informed decisions during deliberations on ICT related issues. Nigeria believes that capacity building should be inclusive and transparent. The topics of discussion should be tailored towards bridging the technical and digital gaps and incorporated with local knowledge for sustainability. It should also be mainstreamed and promote gender equality among recipients of relevant training programs. States should also create a mechanism to ensure that participants of capacity building programs share the knowledge with other colleagues and put to practice the acquired information to consolidate their position at international discourse. The technical aspect of cybersecurity is an area of major concern for developing countries in reference to the evolving nature of modern technology. On the other end, we’ll be as a financial cost of training the representatives of developing countries. Nigeria wishes to recommend the incorporation of a private-public partnership, which includes involving ICT companies as sponsors alongside interested countries and. society that are willing to assist in bridging the technical gap in the application of international law within the ambit of cyber security. In conclusion, Mr. Chair, Nigeria will continue to support the ongoing process until the consensus is reached on the application of international law in cyber space. I thank you for your kind attention.

Chair:
Thank you very much, Nigeria. European Union, to be followed by Thailand, EU, please.

European Union:
Thank you, Mr. Chair, for giving me the floor. The candidate countries North Macedonia, Montenegro, Serbia, Albania, Ukraine, the Republic of Moldova, Bosnia-Herzegovina and Georgia, and the EFTA countries Iceland and Norway, members of the European Economic Area, as well as San Marino, aligned themselves with this statement. First I would like to express my gratitude to you, Mr. Chair, and your team for steering the work of the Open-Ended Working Group and providing guiding questions for this session on international law. We note with appreciation that increasing number of statements and national positions on the application of international law delivered by member states during the Open-Ended Working Group sessions. From these statements, we see an appetite to continue and deepen discussions on how international law applies to cyberspace. Several statements have been published recently, which we have studied with great interest. Among them, a very comprehensive position paper of the African Union. I would like to restate that the core to the UN framework for responsible state behavior in cyberspace is the application of international law. International law, including the UN Charter, the law of state responsibility, international human rights law, and international humanitarian law, fully apply in cyberspace. On Monday, as well as yesterday, we heard numerous member states’ concern about the threats stemming from the malicious use of ICT capabilities. We underline that states have an obligation to act in accordance with international law and must refrain from committing internationally wrongful acts. The UNGG reports have affirmed that sovereignty and the international norms and principles that flow from it apply to state conduct of ICT-related activities. States have territorial sovereignty over the ICT infrastructure and persons engaged in cyber activities on their territory. However, it must be underlined that sovereignty includes both rights and obligations. For example, states have the responsibility not to breach the sovereignty of other states and to refrain from intervening directly or indirectly in the internal affairs of another state, including by means of ICTs. We also reaffirm the obligation of states to refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state or in any other manner inconsistent with the purpose of the United Nations, as well as to abide by the principle of non-interventions, as outlined in the annual progress report from 2023. To move along with finding common ground, the European Union encourages further substantial discussions on the international law topics referred to in the annual progress report from 2023, as well as in their area of international humanitarian law, international human rights law, due diligence, and the law of state responsibility. In particular, we support continued study of how the principles of humanity, necessity, proportionality, and distinction noted in the 2015 UNGG report apply to the use of ICTs by states in the context of armed conflict. To be clear, we emphasize that the recognition of the application of international humanitarian law in cyberspace in no way encourages the militarization of or legitimizes the use of force in cyberspace, and by contract seeks to place limits on cyber operations in the context of armed conflict. Mr. Chair, the European Union has been an active promoter of international law discussions within the Open-Ended Working Group, and will continue to contribute to these discussions. We are in particular looking forward to the dedicated discussions and expert briefings during the upcoming intersessional meeting in May, and do hope that all interested parties will be afforded similar opportunities in the future. It is our firm belief that these dedicated discussions would allow to elaborate further on specific issues, and thereby allow for more substantiated exchanges of views. We would propose to have a minimum of two days for further elaboration of specific issues of international law to strengthen common understandings on the application of international law. We will also propose a list of possible experts to be involved at the May intersessional meeting, as requested by the Chair. The development of global capacities in the areas of international law through dedicated capacity building, including scenario-based discussions, would certainly contribute to developing a common understanding on how international law applies in cyber security. space. To date, 12 EU member states have published their national positions on the application of international law to state behavior of cyberspace, and several more are working on their positions. Via workshops and trainings such as organized by UNIDIR, EU member states are happy to share lessons learned and best practices with other countries that are thinking of going through the same process. Building and maintaining such legal capacity is not merely an issue of legal training, but needs to be acknowledged and supported by policymakers. Publishing a national legal position on the application of international law regarding the use of ICTs by state in many cases also requires coordination among various national entities. Streamlining with wider strategic objectives on a domestic level, as well as contributing to the general awareness in the domestic system. Finally, I would like to add that the BOA is intended to provide a flexible mechanism which could serve as a suitable permanent forum for future focused discussions on the application of international law in cyberspace. Following the conclusion of the current Open Ended Working Group in 2025, the BOA format as an action-oriented mechanism in which capacity building and implementation of the framework informed discussions among member states would facilitate states moving forward with further substantial exchanges of views on how international law applies in cyberspace. It would thereby also allow for further discussions that may help identifying any gaps in our common understandings in view of further clarification on the rights and obligations of states. We have a common aim to strengthen the rule of law also with regard to cyber activities. We look forward to proceeding with international law elaborations here today during the upcoming intersessional meetings, as well as in the future discussions. Thank you.

Chair:
Thank you, European Union. Thailand to be followed by Chile.

Thailand:
Thank you, Mr. Chair. Since this is the first time my delegation takes the floor, my delegation would like to extend our sincere gratitude for your and your team dedication putting into this substantive session of OEWG as a platform for an inclusive dialogue, which essentially leads to reducing potential divide between states. During the last substantive session in December, my delegation addressed that Thailand is in the view that existing international law is applicable in the use of the ICT as a tool to promote sustainable use and safeguard security of all states in the cyber domain, including rule-based international order and in respect to international law, human rights, and fundamental freedoms both online and offline. In particular, the principle of sovereignty address states’ independence, sovereign equality, and ensure the ability of states in exercising jurisdiction and exclusive rights within their territories and freely choose their own political, socioeconomic, and cultural system without external coercive intervention. This principle also leads to other principles of international law, including the prohibition of use of force and non-intervention under the UN Charter. Mr. Chair, Thailand considers that malicious cyber operations attributable to a state that results in or presents an imminent threat of death, physical injury, and destruction equivalent to an armed attack may constitute an armed attack, which gives rise to an inherent right to self-defense under the Article 51 of the UN Charter. In certain circumstances where the threats are imminent and inevitable, states may invoke the principle of pre-emptive action. and or anticipatory self-defense emerging from the catalyzed case, which must be necessary and proportionate. It is the duty of states to assess all relevant circumstances to meet thresholds and conditions for invoking such self-defense in good faith according to international law and practices. Turning to the topic of state responsibility, Thailand also knows that an injured state is entitled to have recourse to cultural measures which are consistent with international law. Such cultural measures must be necessary, proportionate, and direct to the purpose of inducing the perpetrating state to cease its international wrongful act and comply with its obligation under international law or undertake reparation where possible. Thailand recognizes that states have an obligation to not knowingly allow their territory to be used for acts contrary to the rights of other states. However, an objective, transparent, evidence-based assessment related for states by means of addressing discovering malicious activities by non-state actors and assessing attribution for state responsibility requires significant technical and investigative capabilities in order to avoid false accusation and this is considered as critical issues and can be challenging for resource-limited states. In this tense, Thailand is in the view that states may react to the use of force and international wrongful act arising from malicious cyber related operation with both cyber and non-cyber appropriate measure under the principle of necessity and proportionality according to international law. It is also consciously noted that infrastructure in cyberspace is often used for both military and civilian purposes. Therefore, states must give special consideration while conducting cyber operation during an armed conflict to ensure compliance with principles of humanity, necessity, proportionality, and distinction regarding to international humanitarian law. Mr. Chair, cyberspace differs from the physical world due to its without-border characteristics and anonymity. Thailand underscored the importance of bridging the legal and ICT disciplinary divide. Better understanding of cyberspace would require advanced technical knowledge. Therefore, capacity-building programs which bridge gaps between legal and technical aspects would help states answering questions whether there are any gaps or applicability exists such as the scope of sovereignty in cyberspace, impacts of attacks in cyberspace and attacks using cyber means, and also the threshold of attribution to state responsibility. In order to advance talks in identifying gaps to resolve a convergence of views and develop a universally accepted common understanding of how international law applies in cyberspace, Thailand is in the mood to encourage the OEWG, among other forums, to engage in the deeper discussion on how international law applies in cyberspace, including but not limited to the dedicated intersessional OEWG meeting in May and scenario-based discussion in which states may consider applying international law in the selected incidents raised during discussion on existing and potential threats as a starting point. Thank you, Mr. Chair.

Chair:
Thank you very much, Thailand. Chile, to be followed by South Africa.

Chile:
Mr. Chairman, thank you very much. As we have pointed out on previous occasions, Chile believes that international law, and in particular the Charter of the United Nations, provides an applicable normative framework work, which should control the behavior of states in cyberspace, including international humanitarian law, human rights, and the laws that control international responsibility of states. And these are vital for maintaining peace and stability that are necessary to promote an open, safe, stable, accessible, and pacific space with regard to ICT. Beyond respecting the Charter, states, when they use ICT, should apply the principles and obligations contained in it, such as the sovereign equality of states, the peaceful resolution of international disputes, so that we don’t endanger international peace, security, and justice. They should abstain in their international relations from the use of force or the threat of the use of force against the territorial integrity or political independence of any state, with regard to human rights and fundamental freedoms, and non-intervention into the internal affairs of other states. This is our starting point, and it will help us to generate common understandings on how we can protect the civilian population and be clear as to which actions are prohibited or unacceptable in a situation of conflict. Once again, we reassert that international humanitarian law does apply to the cyberspace. And explaining how this applies to cyber operations during armed conflicts is a priority for our future debates. In line with what I’ve just said, Chile, along with other countries, has sponsored a working document entitled The Application of International Humanitarian Law to the Use of Information and Communications Technology in Situations of Armed Conflict. conflict. This has been sent to the Secretariat. So we align ourselves with the joint statement, particularly that made a few moments ago by the delegation of Senegal. With regard to the guiding questions and the issue of capacity building, we believe that we must take into account aspects such as sovereignty, the use of force, non-intervention, due diligence attribution, amongst other relevant elements on the application of international law in cyberspace, including the application of the principles of international humanitarian law. Capacity building should include training and education for political decision makers, legal specialists and civil servants who work in technical and operational areas, and which also include governmental institutions and agencies which are directly related to cybersecurity, cyber defense and cyber intelligence. We wish to recognize the fundamental role that is being played in our region by the cybersecurity program of the Inter-American Committee Against Terrorism of the Organization of American States. In 2017, they developed an ongoing work of training and capacity building for government officials on how international law applies to cyberspace. This has allowed us to train more than 550 civil servants in our region. The program has provided 12 different courses, and last year alone we introduced four new courses in areas related to cyber diplomacy and international law. We also would like to highlight the important role that can be played by the stakeholders such as the private sector, academia. civil society, the technical community and others in capacity building related to this issue. As to examples of scenarios that could be used as part of our discussions on how international law applies in cyberspace, we could point out cases in which non-state players undertake malicious operations and also scenarios and situations which allow us to analyze the scope of sovereignty, the use of force, due diligence and the application of the United Nations Charter, such as Articles 51 and 2.4, malicious activities against humanitarian organizations and others. Also, in this regard, it’s also important to take into account scenarios in which states can cooperate amongst themselves to mitigate the effects of malicious activities in cyberspace. We could also include examples and case studies and also tabletop exercises. Now, given this and with the aim of developing and studying the application of international law in cyberspace, we believe it would be necessary to continue to promote cooperation on these issues through an inter-sessional specific meeting, which would also allow us to take account of the regional specific cases, including an exchange of inter-regional visions. Now, in closing, Mr. Chairman, I’d just like to recognize the statement made on behalf of Australia, Philippines and Uruguay. This allowed us to consider all those aspects in quite an interactive manner, so thank you very much.

Chair:
Thank you very much, Chile, for your contribution. South Africa, to be followed by El Salvador, please.

South Africa:
Thank you, Chairperson. We recall that states have signed in – have agreed in 2021 the report of the Open-Ended Working Group on ICTs and International Security that the UN Charter applies to cyberspace. We have also agreed in the second annual progress report of this Open-Ended Working Group that we could consider further development of legally binding obligations on ICT security. Some principles of the Charter that many delegations have highlighted as applicable include, amongst others, sovereignty and sovereign equality, the settlement of international disputes by peaceful means, refraining in international relations from the threat or use of force against the territorial integrity or political independence of any state, or in any other manner inconsistent with the purposes of the UN, respect for human rights and fundamental freedoms, and non-intervention in the internal affairs of other states. As it relates to breaches of sovereignty, South Africa understands that a cyber operation is deemed an internationally wrongful act when it is attributable to a state under international law and involves a breach of an international obligation of that state. States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs. If a state is notified of harmful activity emanating from its territory, it must take responsible and reasonable steps to address such activity. Chairperson, if a state uses cyberspace operations to cause harm to another state, the parties can attempt to settle their disputes by peaceful means, employing Article 2.3, which provides for the peaceful settlement of disputes in international affairs, as well as Article 33.1 of the UN Charter, which offers various options in resolving these disputes. Furthermore, we acknowledge that certain cyber operations could be harmful to civilian populations, thereby threatening international peace and security. Some ICT capabilities could carry the risk of disrupting the provision of essential services to civilian populations and civilian infrastructure, especially when used in the context of an armed conflict. There are two instances where IHL might apply to cyber operations. First, if they are carried out as part of an ongoing armed conflict, contributing to conventional operations conducted by the parties, and second, if cyber activities themselves cross the threshold of violence to be characterized as an armed conflict. We would like to posit that IHL prohibits the use of cyberspace to attack civilian infrastructure. While we would agree that during both war and peacetime, states are required to take all feasible precautions to protect civilians and civilian objects. Chairperson, South Africa notes the adoption by the Peace and Security Council of the Assembly and the Assembly of the AU of a common African position on the application of international law to the use of information and communication technologies in cyberspace. This is a laudable effort that can serve as a resource to understand both an African perspective of the matters dealt with in the working group, as well as contribution to an ongoing discussion on this matter. We thus agree, as stated in the conclusion in this work, in this paper rather, that they constitute a non-exhaustive articulation of the views of the African Union regarding some salient questions related to the application of international law in cyberspace. These views are also subject to further developments in light of technological developments and the ongoing discussions on these questions, as stated. For South Africa, we stress the importance of the open-ended working group to further discuss the application of international law in the context of ICTs and international security. Chairperson, we’d once again wish to highlight that the International Law Commission is a UN-approved organization. body which is responsible for helping develop and codify international law. Thus we again propose that we could make use of the ILC’s expertise on this matter with the aim of developing a common understanding of the applicability of international law. Having the ILC brief the OEWG would also assist in answering questions as to whether gaps exist and how such gaps could be bridged if they do exist. Chairperson, South Africa reiterates its commitment to the rule of law at national and international levels as it concerns the protection of cyberspace and its citizens against the threats of cybersecurity. It is for this reason that South Africa enacted local legislation named Cybercrimes and Cybersecurity Act of 2020. The aim of the legislation is to regulate and strengthen local processes related to the investigation, prosecution and jurisdiction of the local courts to try cybercrimes. Similarly, South Africa signed the African Union Convention on cybersecurity and personal data protection in February 2023 and is in the process of ratifying it. In conclusion, Chairperson, states are required to comply with international law in their cyberspace operations. They are bound by the UN Charter which compels them to respect the territorial integrity and political independence of other states. We therefore encourage states to forge closer cooperation in developing and applying measures to increase security in the use of ICTs and avoid ICT practices that could endanger the maintenance of international peace and security. Thank you.

Chair:
Thank you very much, South Africa, for your statement. El Salvador to be

El Salvador:
followed by the Netherlands. Thank you very much, Chairman. My delegation wishes to align itself with the statement made by the Republic of Colombia. representing a group of states. And in our national capacity, we wish to say the following. For El Salvador, the discussions on international law are of great importance, since the understanding of how this law applies to the use of ICTs is fundamental for drawing up national positions which both take account of the elaboration of strategies, plans, and actions at the national level in this area. In response to some of the guiding questions, we have made statements which give our focus on international law. Based on the point that we recognize the very changing nature of the digital world, it is possible that we can establish form norms for the future. And this is the progressive development of international law and is normal. In this context, we have worked and we have contributed, on the basis of our own experience, to reach positions on this pillar of international law. Therefore, we are pleased to welcome your guiding questions with regard to the possibility of having discussions based on scenarios which facilitate a practical understanding of international law. I would also like to take this opportunity to echo the words thanking you for the workshop by Uruguay, Philippines, and Australia. We see the May intersessional meeting as an opportunity to undertake discussions that promote this work on scenarios. We can use the experience of organizations like UNIDIR, which have held workshops on this area at the global and regional levels, and which can provide its expertise for this open-ended working group. With regard to possible scenarios that could be used as examples for our discussions, we do have international experience. experiences of actual cyber attacks. If they are properly adapted, they could be used as case studies, and these cases could lead to more in-depth debates on how the principles of sovereignty, sovereign equality, non-intervention, and the internal affairs of states, the peaceful resolution of disputes, apply when we talk about ICT. In this regard, instruments such as the Tallinn Handbook on how international law applies to cyberspace can provide an excellent guide on existing norms in this area. It provides elements for in-depth discussions and provides guidelines also for consultative opinions from relevant structures in international law. For example, the consultative opinion of the International Court of Justice on the legality of the threat or the use of nuclear arms of the 8th of July 1996, where we could see the application of international humanitarian law. We believe that all this is basic to have a basic understanding of the changing nature of digital space, and it also direct action for capacity building, which allow us to overcome the disparities and the differences of opinions which we’ve heard in these discussions. Thank you very much.

Chair:
Thank you very much, El Salvador, for your contribution. Netherlands, to be followed by Portugal. Netherlands, please.

Netherlands:
Good morning, Chair, dear colleagues. The Kingdom of the Netherlands aligns itself with the statement delivered by the European Union and would like to add the following remarks in a national capacity. In relation to your first guiding question, the Netherlands is convinced that our past discussions on this topic have contributed to convergence in states’ perspectives on how international law applies in cyberspace. Building on the consensus understanding that international law does apply in cyberspace, states agreed that core rules such as sovereignty, non-intervention, the prohibition on the use of force… and the obligations to settle disputes peacefully do apply in cyberspace. Our discussions here, as well as workshops as organized by UNIDIR last November, facilitate states in finding further common understandings on how these rules apply. During the UNIDIR workshop, states exchanged their interpretations on whether and why these rules were violated. Not only did this enhance transparency, it also revealed many points of convergence. This is why the Netherlands fully supports the joint statement by Colombia, Australia, El Salvador, Estonia, and Uruguay that reflects specific points of convergence flowing from our discussions so far, namely that states must respect and protect human rights and fundamental freedoms, both online and offline. States must provide for reparation for injury caused as a result of an internationally wrongful act that are attributable to them. And lastly, that international humanitarian law applies to cyber activities in situations of armed conflict. Chair, the Netherlands commends member states that have recently published national positions on the application of international law in cyberspace, such as Czechia. Moreover, the common position of the African Union is a prime example of valuable contributions regional organizations can make in this regard. These positions contribute to better understandings between states, as well as to the identification of areas of convergence. I am certain that many states, including my own, can learn and draw inspiration from it for the purposes of drafting or reviewing their own national positions. Chair, please allow me to continue with some remarks on the application of international humanitarian law and human rights law to cyberspace in order to continue our substantial discussion. First, on the topic of international humanitarian law, or IHL. The Netherlands considers that IHL applies to cyber operations executed in the context of and in relation to armed conflicts. We also firmly believe that engaging in substantive discussions on this topic will further clarify how it applies. It is with this objective in mind that the Netherlands joined a group of states that submitted the working paper on IHL, which was initiated by Switzerland, and the corresponding joint statement as just presented by my colleague from Senegal. The paper elaborates in detail how IHL principles govern the conduct of hostilities. These key principles were also already reflected in previous Open-Ended Working Group and GGE consensus reports, and include the principles of military necessity and humanity, and the principles of distinction, proportionality, and precautions. The Netherlands also stresses that compliance with IHL is not limited to the rules and principles governing the conduct of hostilities. For instance, IHL rules also apply when cyber operations affect specifically protected persons or objects, such as medical, religious, or humanitarian personnel and objects. These must be respected and protected in all circumstances. Second, on the topic of international human rights law. My delegation wishes to underline that the use of ICTs in the context of international security has a direct impact on humans, and in particular, persons in vulnerable situations. It is also important to highlight that because of the rapid development of technologies, the risk of violations of human rights has only increased. In a previous intervention in December, we referred to the negative and positive obligations of states to respect and protect human rights. When states conduct cyber operations, human rights, and especially the freedom of expression and the right to privacy, can be negatively affected. Any restrictions to this right must meet well-established human rights principles. These principles include that restrictions must serve a legitimate aim, have a basis in law, and must be necessary and proportionate. Chair, with respect to your second and third guiding questions, we do indeed believe that cyberspace presents unique features that must be taken into account in our discussion. on international law. The inclusion of these unique features in this process of clarification and interpretation of international law is necessary. Individual states, regional organizations, and the open-ended working group as a whole are going through this process. We believe that this is an essential step to consider whether there are gaps in our common understandings and subsequently how these gaps can be filled. Finally, Chair, please allow me to make some remarks on the importance of capacity building in my attempt to answer your last two guiding questions. In concrete terms, we would welcome dedicated international law workshops during the May intersessional meeting that do further build on previous successful activities as I mentioned before. We believe that participation in these workshops should be possible for all states. In addition, we would also very much welcome the participation by external legal experts. These capacity building activities not only increase knowledge on how specific rules do apply in cyberspace, these workshops do permit states to share best practices, for instance, in relation to the process for the development of national positions, as was the purpose of the workshop organized by UNIDIR last January. I thank you, Chair.

Chair:
Thank you very much, Netherlands. Portugal, please.

Portugal:
Mr. Chairman, Portugal aligns itself with your statement on applicability of international law in cyberspace, but would like to add a very brief recall on the centrality of the binding duty to protect the right to freedom of expression. The applicability in cyberspace of the Universal Declaration of Human Rights and the UN Human Rights Conventions has been politically endorsed by the …of the UN General Assembly several times in this century, it is worth remembering in this regard… …that Article 19 of the Universal Declaration of Human Rights declares the fundamental freedom… …to hold opinions without interference and to seek, receive, and impart information and ideas… …through any media regardless of borders. And that Article 19 of the International Covenant on Civil and Political Rights… …further specifies that this right shall include freedom to seek, receive, and impart information… …and ideas of all kinds regardless of frontiers, either orally, in writing, or in print, in the form of art… …or through any other media of choice. Freedom of expression happens to be at the core of an Internet devised initially by its inventors… …as a means to foster scientific debate across all divides in the best possible conditions… …including full anonymity among the willing parties to the dialogue. When Internet was expanded to encompass almost all dimensions of our private and public lives… …freedom of expression, including anonymous expression, remained an indispensable feature of cyberspace. When we reiterate the applicability of international law in cyberspace… …we therefore mean also the binding state duty to protect freedom of digital expression… …including anonymous expression. Having said that, we are perfectly aware that according to respective international conventions… …human rights and freedoms internationally recognized are not absolute… …and thus can, though only in exceptional circumstances, be suspended by national governments… …in the exercise of their responsibility for the public health or the security of their citizens and territories. Sovereignty and prohibition of the use of force are, of course, pillars of international peace and security… …also in cyberspace. But states, according to precedent and jurisprudence, must also uphold and protect… …the freedom of expression across borders of their citizens, including anonymous expression… …because that is part of their binding obligations according to international law. Portugal would therefore appreciate that our future scenario-based discussions… …on applicability of international law, binding state obligations in cyberspace… …will give due attention to the duty to protect freedom… of expression, including anonymous expression, regardless of borders. Thank you, Mr. Chairman.

Chair:
Thank you very much, Portugal. Switzerland, to be followed by Belgium.

Switzerland:
Good morning, Chair, colleagues. Switzerland has been advocating the development and publication of national and regional positions on the application of international law in cyberspace as an important element in order to gain better understanding on how international law is applicable and for developing common understandings. It is with this in mind that we would like to congratulate the African Union and all of its member states for adopting the Common African position on the application of international law to the use of information and communication technologies in cyberspace. We highlight our special support for their important chapters on IHL and due diligence. We would also like to take this opportunity to congratulate the Czech Republic on the publication of its national position on international law. Secondly, and with regard to IHL, Switzerland is proud to refer to the joint statement of international humanitarian law delivered by Senegal, which introduced the working paper jointly prepared and submitted by 13 states from the different regions on 1st of March. The working paper takes up the recommendation from the Annual Progress Report 2023 to continue to engage in focused discussions at the OEWG on how international law applies. The use of ICTs in conflicts in various regions is mentioned for the first time in the second APR. As the broad number of states who submitted the working paper and numerous statements during this and past sessions show, there is an urgent need to engage in discussions on how IHL applies to ICT operations in situations of armed conflict. We have to develop common understandings on how we can best protect civilians and civilian objects from ICT operations during armed conflicts, as well as what actions are prohibited or required. The working paper aims to contribute to such discussions as well as capacity building initiatives while acknowledging the particularities, or with regard to the chair’s question, the unique features of the digital domain and recognizing that a number of aspects remain to be clarified and that a continued intergovernmental exchange at multilateral level remains key in this regard. The working paper shows also further important and growing convergence in terms of states’ perspectives of how international law applies with regards to the chair’s first guiding question. Without quoting the entire working paper, we would like to emphasize the following three points. First, IHL applies to cyber operations in the same way as for other forms of warfare. Applying IHL does not encourage or legitimize in any way the possible recourse to the use of force between states in any situation or context, including in cyberspace. It addresses the realities of armed conflicts without considering the reasons for or the legality of the recourse to the use of force. Second, the principles of military necessity and humanity underlie the whole body of IHL and find expression in other rules and principles such as the principles of of distinction, proportionality, and precaution. In particular, the principles of distinction, proportionality, and precautions govern the conduct of hostilities and are of fundamental importance when cyber means and methods of warfare are employed. Many of these rules and principles govern cyber operations that amount to an attack within the meaning of IHL. This is just one example, albeit a prominent one, that highlights the need for national and regional positions and for having further in-depth discussions on how IHL applies to the use of ICTs during armed conflict. This IHL term raises several questions that need to be clarified. In which circumstances would a loss of functionality be considered an attack in the sense of IHL? Would cyber operations disrupting systems without causing physical harm be covered? And how are civilian data protected? Third, states and parties to an armed conflict must take measures to implement IHL, give orders and instructions to ensure observance of IHL and supervise their execution. Such measures are also important in relation to cyber operations that are conducted in the context of an armed conflict. Knowledge of the content of IHL, notably also by cyber operators, is an important measure to ensure compliance and to protect victims of armed conflict, such as the wounded and sick and civilian infrastructure. Chair, to further build convergence, Switzerland supports the joint statement on international law by Australia, Colombia, El Salvador, Estonia, and Uruguay that proposes specific points of convergence. My delegation wishes to underline, in particular, the need for states to respect and protect human rights and fundamental freedoms, both. online and offline. It is with important, it is important to highlight that because of the rapid development of technologies, the risk of violations of human rights has only increased. That is why we believe discussions on how human rights apply in cyberspace are essential. Finally, Switzerland wants to refer to the chair’s guiding questions with regard to scenario-based discussions and workshops. As the development of national positions can be an important element in order to engage in substantive discussions on international law, Switzerland was very pleased to join UNIDIR’s workshop in Geneva on the development of national positions earlier this year in January. In general, we would like to positively emphasize the past but also the upcoming activities and especially scenario-based workshops of UNIDIR and point out that scenario-based discussions are an excellent opportunity for in-depth discussions on the concrete applicability of international law based on specific examples. Most importantly, these discussions encourage transparency and understanding, thereby lowering the risk of misinterpretation, miscalculation or overreaction. As already mentioned, the submitted working paper on IHL can serve as a basis for a next workshop or a dedicated session. With a view to the upcoming informal and formal sessions, we would like to point out that sufficient time should be planned for further scenario-based discussions. In addition to the need to provide sufficient time, all states must have the opportunity to participate. It is with this in mind that we ask to make a hybrid participation possible, what has also been asked by several other states. To this end, it could be helpful to set up various subgroups, similar to what UNIDIR did in Geneva last November, in which different scenarios can be discussed. These could each be kicked off by short input presentations from legal experts. Thank you very much.

Chair:
Thank you, Switzerland, for your statement. Belgium, to be followed by Bangladesh.

Belgium:
Mr. Chair, my country aligns with the statement delivered by the UN which is to make the following remarks in our national capacity. Belgium reaffirms its commitment to upholding international law in cyberspace, recognizing that existing legal frameworks must be upheld to prevent and respond to malicious cyber activities. The adherence to international law, including the UN Charter and established norms, is essential to promote peace, stability, security, and trust in cyberspace. We congratulate the African Union for producing a regional position, as well as other countries, among which Czechia, for finalizing their national position. Belgium is currently preparing its national position on the application of an international law to cyberspace, we have set up an interdepartmental task force to work on the national position. Belgium will be happy to participate in the workshop on international law organized by the EU on March 12th, which will help member states to exchange views. We hope to release our national position soon thereafter. We firmly restate our position that international law, human rights law, but also international humanitarian law, IHL, are applicable to state conduct in cyberspace. In this respect, my country supports a statement made by Senegal and the papers circulated by Switzerland and others on the application of IHL to the use of ICTs in situations of armed conflict. This important paper reaffirms the fundamentals of IHL such as its principles and rules, distinction, precaution, proportionality, and military necessity that apply to the conduct of cyber operation in armed conflict. It also stresses some key points which my delegation wishes to second. A, that knowledge of the content of IHL also by cyber operators is an important measure to ensure compliance and to protect victim of armed conflict, and B, that the presence of legal advisors is key when evaluating cyber operation in armed conflicts. In short, legal assessments and review, even when conducted cyber operation, are key aspects to ensure that civilians’ population and civilian objects are not disproportionately and is indiscriminately targeted in armed conflict. My country looks forward to deepening our understanding on the application of international law at the intersessional in May and supports scenario-based discussion as suggested by some delegations. By simulating realistic scenarios, this group can test legal frameworks in real-life situations, enhance its understanding of the application of international law, identify potential gaps, and inform the possible development of new norms or framework. Such scenario-based discussion could take the form of tabletop exercise organized by UNIDIR. Many actors are present in this area. We can count on UNIDIR as well as the Center of Excellence in Tallinn. I will finish by this. Thank you very much. Chair.

Chair:
Thank you very much, Belgium, for your statement. Bangladesh to be followed by Pakistan.

Bangladesh:
Thank you, Mr. Chair. As highlighted in previous sessions, Bangladesh reaffirms that international law, and particularly the Charter of the United Nations in its entirety, international human rights law. and international humanitarian law are applicable to maintain peace, stability, and promote an open, secure, stable, accessible, and peaceful ICT environment. We also emphasize that principles of international law, including respect for sovereign equality, non-aggression, the peaceful settlement of international disputes, the prohibition of the threat or use of force inconsistent with the purpose of the UN, respect for human rights and fundamental freedoms, as well as non-intervention and non-interference in the internal affairs of states apply in the cyber domain. Chair, my delegation was one of the proponents of scenario based discussion within the open-ended working group, simulating real-world scenarios to test the effectiveness of the existing legal frameworks and response protocols. This approach could help us better understand the applicability of international law and identify potential gaps. For example, the group can invite international legal experts from both the West and the global South to discuss various aspects of the applicability of international law based on a real-world scenario where delegations will be given the opportunity to interact with them. This would provide practical context on how international law functions in real-world cyber scenarios. The group may also leverage the expertise of International Law Commission on how and when international law, including IHL, applies to cyber operations. Such discussions would strengthen the legal landscape by testing existing frameworks offering a practical way to analyze real-world challenges such as the lack of clear understanding of the attribution of cyber attacks, a state responsibility threshold, the use of force in cyberspace, proportionality, due diligence, ambiguity of definitions, among others. Additionally, they would help identify potential gaps. gaps in existing international law. For example, how do attribution challenges affect the right to self-defense in cyberspace? Therefore, the possibility of developing a dedicated international legal framework tailored to the distinct characteristics of the ICT environment may not be ruled out. It is imperative that such framework addressing ICT-related issues be universal, inclusive, and non-discriminatory in nature. Finally, Chair, we reiterate our call for creating a readily accessible online repository of legal resources translated into multiple languages, providing a comprehensive knowledge base for all states. That could also be useful in achieving consensus that we all aspire to achieve. I thank you.

Chair:
Thank you very much, Bangladesh, for your contribution. Pakistan to be followed by Austria.

Pakistan:
Thank you, Chair. I’ll be making a brief statement containing our views on agenda item two and three, with your permission. At the outset, let me express our appreciation to you for preparing and sharing the draft element paper on checklist of practical actions for the implementation of voluntary non-binding norms responsible state behavior in the use of ICTs, which is still under consideration in Islamabad. We’ll share our views in due course. Pakistan attaches immense significance on formulation of rules, norms, and principles to ensure responsible state behavior in digital realm. Regarding the question of possible additional norm that could potentially complement existing norms, given the evolving nature of cyberspace and emergence of new threats and technologies, Pakistan stresses the importance of developing additional norms. In this regard, we in trial year underscore the significance of enhancing cooperation to reach an agreement on prohibiting the creation of harmful hidden functions and accumulation of vulnerabilities in ICT products, as well as to commit to responsible and timely reporting of ICT vulnerabilities, facilitating cooperation in context of supply chain security of ICT products, ensuring data security, including safe cross-border data exchange, and taking measures against that. theft, refraining from allowing the ICT infrastructure to be used for malicious activities that threaten international peace and security, and avoiding interference internal affairs of other states through means such as fact news and disinformation. While we acknowledge the significance of formulating non-binding voluntary norms to foster secure and stable cyberspace, it is crucial to emphasize that such norms cannot serve as substitute for legally binding instrument. Chair, on agenda item 3, application of international law in cyberspace, Pakistan asserts the stability of the global internet is contingent upon unimpeded application of international law in cyberspace. The UN Charter is clear in upholding the principle of sovereignty, territorial integrity, and non-interference in internal affairs of other states. These principles should serve as a guiding framework as we navigate the complexities of cyber governance. On guiding question whether unique feature in the use of ICTs require a distinction in terms of how international law applies, as compared to other domains, we believe that the applicability of existing international law to cyberspace is not sufficient to address the multifaceted legal challenges arising from ICTs. The extent, scope, and nature of applicability of international law, its interpretation in the context of actual conduct of states, and the use of ICTs in a specific context, acts, and problems, all must be considered in determining their specific legal implications and applications. Pakistan therefore shares the view that essential to develop legally binding international instrument is specifically tailored to the unique attribute of ICTs to provide regulatory framework that creates stability and safety in cyberspace. Such a legal framework should address the concerns in interest of all states, be based on consensus, and be promoted within this United Nations with equal participation. We also recognize the distinct feature of cyberspace, its transnational nature, anonymity, and utilization by both the states and non-sector. Therefore, it’s imperative to acknowledge the certain gaps in international humanitarian law. On the question what can be done to bridge the gaps in international law applies, we believe continued focus discussions, exchange of views in this group, could be helpful in in-depth understanding, and we also propose development of shared clear definitions for various cyber security related terminologies. We re-emphasize the necessity to address capacity building needs in cyber policymaking and regulatory mechanism among member states. In this regard, we welcome dedicated global roundtable on cyber policy. ICT security and capacity building is scheduled in May this year. We also appreciate various initiatives, including by the European Union, Singapore, and UNIDIA. Lastly, Pakistan underscored the imperative of the OIG, OIWG to tackle challenges of cyber attribution. We advocate for comprehensive discussion within this group to explore and devise effective solutions to the complexities associated with cyber attribution. I thank you.

Chair:
Thank you, Pakistan. Austria, to be followed by Belarus. Thank you.

Austria:
Mr. Chair, at the outset, my delegation would like to thank you for your efforts, especially for again providing us with guiding questions to help focus our discussions on how international law applies in the cyber context and the level of convergence with regard to international law. Austria fully aligns with the statement on behalf of the EU and would like to make the further remarks in its national capacity. Firstly, Austria would like to reaffirm our view that international law as a whole applies to state cyber activities, as has also been affirmed repeatedly within previous GGE meetings and this open-ended working group and endorsed by the entire UN membership in the UNGA. In previous UN reports, most recently the second annual progress report adopted last year, as well as in numerous position papers, states reaffirmed central rules and principles of international law, including the principles of the UN Charter, to be applicable in the cyber context. Equally, the protection of human rights and fundamental freedoms in the cyber context is of pivotal importance. Furthermore, as has been reaffirmed in previous GGE and open-ended working group meetings, the rules of international humanitarian law apply to cyber activities and particularly relevant in times of armed conflict. In this context, we acknowledge the efforts made by Switzerland, supported by 13 other states, in drafting a working paper on the application of international humanitarian law to cyber activities. We share the view that this is an area of international law that would merit further discussions within this working group. As to your second question, Whether there are unique features relating to the use of ICTs that require a distinction in terms of how international law applies as compared to other domains, we would like to reiterate that we firmly believe that cyber activities do not take place in a separate virtual space, but in the real world. Thus, cyber activities do not constitute a new domain that requires its own new rules or a distinct application of international law, nor are there any gaps in the application of international law to cyber operations. Rather, international law in its entirety is applicable to cyber activities, and every cyber operation must be assessed on the basis of existing international law. This is why, particularly in our legal papers and statements on cyber issues, we avoid using the quite popular term cyberspace, but refer to cyber context or cyber activities instead. We think that discussions as to how international law applies in the cyber context need to be deepened, for instance, regarding the principle of sovereignty, non-intervention, or due diligence. Austria welcomes the various position papers on international law and cyber activities that several states have already published. In this context, we want to congratulate the African Union as well as the Czech Republic on the recent publication of their position paper, which we have studied with great interest. The position paper of the African Union presents the consolidated legal view of 55 countries on how international law is to be applied to cyber activities. As such, especially the inclusion of sovereignty, the prohibition of the threat or use of force, international humanitarian law, and human rights law, as well as capacity building and international cooperation contribute significantly to identifying further convergences in the use of ICTs. I am pleased to report that Austria is about to finalize its own national position paper on the application. of international law to cyber activities shortly. The position paper includes a detailed analysis on how we consider international law to apply to cyber activities, including the due diligence obligation and various aspects of international humanitarian law and human rights law. We also shed some light on some new areas of international law that have not yet been at the center of our discussions, such as the laws of neutrality or the rules governing diplomatic and consular missions, international organizations, and so-called data embassies. We plan to present and publish our position paper in due time and are looking forward to a fruitful exchange on opinions of these matters. Concerning the proposal of scenario-based discussions mentioned in your last question, Austria is of the view that such discussions could be helpful in providing more clarity and enabling in-depth discussions within the Open-Ended Working Group. We are aware of the fact that the question of how international law applies to cyber activities often requires a case-by-case analysis. It is also for this reason that Austria took an example-based approach in drafting its national position paper. Mr. Chair, finally, with respect to the next steps in the Open-Ended Working Group process, we would like to reiterate that more time for in-depth discussions of international law issues is needed. This was stressed by many delegations throughout the previous years. Austria therefore welcomes the envisaged discussions on international law during the intersessional meeting in May. We strongly support the inclusion of legal advisors as well as legal experts in that discussion, and we have already nominated an expert to participate therein. However, for such a discussion to contribute to the deepening of our common understanding, the currently proposed timeframe seems by far insufficient. We therefore call for a minimum period of two to three days dedicated to discussions on international law, which would enable legal advisors from capitals to come to know York and to actively participate in such meetings, preferably on the basis of an expert paper on specific questions distributed in advance. I thank you.

Chair:
Thank you very much, Austria, for your statement. Belarus, to be followed by Italy.

Belarus:
Thank you, Mr. Chair. In view of the precipitous rise of new information technologies and telecommunication means in the world, it is clearly necessary to identify the issue of information security as a subject unto itself. Today, the relationship among states, legal and natural persons in this area, goes beyond national jurisdiction and has become an object of new international legal studies. The existing norms of international law enshrined in the UN Charter may be applicable to the ICT domain, but they do not contain specific conditions for such applicability. In this context, we believe that the practical aspects of the use of ICTs must be regulated by a special universal international legal document, which would separately identify the criteria for applying existing international law norms to ICT and directly indicate where new provisions need to be developed. The Republic of Belarus consistently works for developing new legally binding documents in this sphere. We support the concept document put forward by Russia and other states on information security, which could become the basis for a future universal instrument. Thank you.

Chair:
Thank you. Belarus, Italy, followed by Slovakia.

Italy:
Thank you, Mr. Chair, for giving me the floor. The UN Charter fully aligns with the Statement of the European Union. On a national capacity, we want to underline how important it is to deepen our common understanding on how international law applies in cyberspace, which includes the UN Charter, the Law of State Responsibility, international humanitarian law, as well as international human rights law. This has been achieved in recent years, but we still need a better knowledge of how states intend to apply international law in cyberspace and subsequent rights and obligations arising from it in order to strengthen the rule of law. Italy has already made public its position in 2021. We encourage other states or regional groups, as it has been the case recently with the position published by the African Union, to continue to do the same. It is our collective interest to avoid uncertainty and favor predictability. We highly value the work of UNIDIR. We need more structured discussions and bring together state representatives and legal experts. We look forward to additional workshops, such as the one that took place last November, and new opportunities of exchanges, exchanging views on crucial issues. Collaborative dialogues between international legal experts may be instrumental to progress. There is a lot to learn from this kind of exercise. The development of capacities in the IELTS application should continue to be the objective of dedicated initiatives of capacity building. The general recognition of the applicability of international humanitarian law to cyberspace becomes more and more urgent and relevant. In particular, we support further work on how the principles of humanity, necessity, proportionality, distinction apply in the context of armed conflicts. We welcome the working paper presented by Senegal on behalf of a group of states which provides further analysis on this topic. Chair, our priority must be to progress in convergence among states and improve the common understanding of the application of international law and identify gaps in its interpretation. We want to welcome Colombia for its intervention together with Australia, El Salvador, Estonia and Uruguay on the application of international law. It is clear for our debate the strong desire to continue to elaborate on how international law applies to cyberspace and identify additional elements of convergence and interpretation. Dedicated discussions at the intersessional session in May will offer a good opportunity to progress in this direction. Thank you.

Chair:
Thank you. Italy. Slovakia, to be followed by Brazil.

Slovakia:
Mr. Chair, Slovak Republic supports the statement delivered by the European Union and wishes to address a couple of points in its national capacity. In an era where the internet has effectively erased borders, the implication for national and international security, particularly in the context of cyber resilience, cannot be overstated. The interesting interconnectedness of the digital domain means that an attack on a single entity always emanates from an effect of multiple entities around the world and can be indirect as an attack on an entity that is deeply connected to the internet target. This interconnectedness extends beyond mere digital interaction and deeply affects the core aspect of our economy. Every enterprise, notably those integral to our critical infrastructure, is inseparably linked to a complex web of suppliers and partners. These relationships are foundational to their operational integrity, thereby rendering our conversation on the protection of the critical infrastructure only is somewhat obsolete if we fail to consider the broader ecosystem within which these entities operate. Acknowledging this reality, it became clear that the discourse on safeguarding critical infrastructure cannot be isolated from the broader dialogue on enhancing the cyber resilience of all companies, irrespective of size or sector. Dependencies that exist between the public and private sectors further underline this. The seamless operation of the former is often predicated on the uninterrupted functionality of the latter. It is in this light that Slovakia advocates the imperative of bolstering the comprehensive cyber resilience of all nations, along with every organization and businesses therein, through the universal application of confidence-building measures. However, our collective attempt to fortify cyber resilience extends beyond the implementation of CBM alone. Throughout the open-ended workgroup discussions, the debate on establishing clear and legally defined security governance within individual countries was notably absent. The existence of well-defined cyber security governance not only facilitates enhanced security protocols within nations, but also paves the way for strengthening trust between countries. Slovakia firmly believes that for us to advocate in our shared pursuit for a secure and resilient digital world, there must be a concerted effort to not only engage in confidence-building, activities, but to also ensure that these actions are supported by solid security governance structures well-defined in national legislation. Such frameworks should be characterized by transparency, accountability, and inclusivity, thereby adopting an environment where mutual confidence can thrive and where collaborative efforts are not hindered by uncertainty or mistrust. In alignment with these principles, Slovak Republic calls upon all member states and stakeholders present to reaffirm their commitment to enhancing the cyber resilience of our global community. By embracing a holistic approach that accompanies both the rigorous application of CBM and the establishment of robust security governance frameworks, we can collectively navigate the complexities of the digital age with greater assurance and collective security. Mr. Chair, to conclude my contribution, allow me to make a brief comment on the POC topic as well. Slovak Republic strongly supports the consideration of the development of the different types of POC into the database. We believe that a single contact can complicate the situation if it is necessary to solve an urgent problem. We see need of contacts for diplomacy, problems of national cooperation at the legislative level, and technical contacts of various types, et cetera. Thank you, Mr. Chair.

Chair:
Thank you, Slovakia. Brazil, to be followed by Japan.

Brazil:
Thank you, Mr. Chair. Brazil aligns itself with the statement read earlier this morning by the delegation of Senegal on behalf of a number of countries and would like to add some remarks in its national capacity. International law is a pillar to an open, secure, stable, peaceful, accessible, and interoperable ICT environment. The General Assembly… recognition that international law, including the United Nations Charter, international human rights law, and international humanitarian law, is fully applicable to states’ use of information and communications technologies, is at the very foundation of our work. We welcome the continued publication of an ever-increasing number of national positions on how international law applies to cyberspace, and note with particular appreciation the adoption of a common African position. A diverse range of views on the subject, from a large number of states from different regions, including the Global South, is essential to the much-needed progress we still need to make on the subject, particularly when considering the eventual development of customary law. Silence is not necessarily legally significant, and therefore does not necessarily amount to the requisite evidence of state practice and our opinion duties to the emergence of new binding norms under customary international law. We are aware of how challenging it can be to develop those national positions, and commend efforts in place that seek to support states in that regard. We would like to take particular note of the role UNIDIR has been playing in this, through many seminars and workshops on different aspects of international law, including one specifically on the development of countries’ national positions, in which we were happy to take part to share our experience in the elaboration of ours. One issue which requires further debate is how diplomatic law can be applied in the context of cyber operations. As presented in our national position, Brazil considers an internationally wrongful act the intrusion of the cyber infrastructure of a state for the purpose of intelligence gathering. Thus, we consider the unauthorized interception of telecommunications a violation of state sovereignty, whether or not it crossed the threshold of our intervention in the internal affairs of another state. Brazil is one of the co-sponsors of the working paper on international humanitarian law published last week, and was also pleased to co-sponsor a side event yesterday with the ICRC in Switzerland on the protection of civilians against digital threats. As we affirmed in our national position, IHL applies to situations amounting to armed conflict independently of its classification as such by the parties. It does not matter whether the armed conflict is lawful or not, because its objective is to minimize human suffering and provide a minimum level of protection to civilians in any scenario of hostilities. Therefore, the recognition that international humanitarian law applies to cyberspace does not in any way endorse its militarization or legitimize cyber warfare. The increasing digitalization of both our daily lives and of armed conflicts brings new threats and risks for civilians. Cyber operations disrupting civilian infrastructure in certain information operations inciting violence against civilian populations and digital operations undermining humanitarian relief efforts are only a few examples of those impacts. Few principles carry as much weight and consensus as the cardinal principle of the extinction in international humanitarian law. During our conflicts, the deliberate targeting of civilians and civilian objects is strictly prohibited, be through conventional weaponry or cyber operations. But the more civilians take part in digital operations, the more difficult it becomes to distinguish who is a civilian and who is a combatant. Likewise, there is still no agreed definition on what threshold of violence cyber activities will need to cross to be characterized in and of themselves as equivalent to armed conflict. The goal of promoting human understandings on these and other issues in international law must be a permanent one, given the new challenges states will face as technology develops at an ever more rapid pace. A dedicated discussion within the interstitial period of the OEWG, as proposed by Chile, could be very useful in this regard and some of these still unclear issues could be part of discussion scenarios. Finally, the many questions we still have on how international law applies show that there is no contradiction between the fact that existing rules of international law fully apply to ICTs and a specific legally binding instrument to be eventually negotiated once the international debate on this issue is further developed. Greater clarity would reduce room for misunderstandings and bring greater security and stability to cyberspace. I thank you Mr. Chair.

Chair:
Thank you very much Brazil for your statement. Japan to be followed by Mexico.

Japan:
Thank you Mr. Chairman for giving me the floor. Japan would like to reiterate its position that existing international law, including the United Nations Charter in its entirety, applies to cyberspace. We should deepen the understanding of how existing international law applies in cyberspace, including focusing on the application of specific issues, rather than trying to create new legally binding obligations. Japan believes that the announcement of the basic positions on international law applicable to cyber operations by the government of many states, as well as the application of international law in international and domestic courts and tribunals will deepen shared international understanding on how international law applies to cyber operations. In this regard, Japan welcomes the recent publication of position paper by Czechia and the African Union. Japan also believes that the deepening of shared understanding, particularly on which activities in cyberspace constitute a violation of international law, as well as which tools would be available under international law for states whose legal interests have been infringed by cyber operations, will deter malicious activities in cyberspace. Japan believes that scenario-based discussions could provide a productive means of facilitating deeper discussions on international law. These can be developed based on the discussions in the existing initiatives, such as the workshop by the UNIDO. Mr. Chair, capacity-building in international law applicable to cyberspace is also important. To this end, Japan continues to offer relevant training courses through the Japan International Cooperation Agency. Japan will continue to support the enhancement of capabilities of states to formulate the basic position and to implement existing international law for the pursuit of a free, fair, and secure cyberspace. Finally, Japan would like to advance the discussion to establish a productive POA. We believe the POA offers added flexibility to the organization of work and could incorporate various elements, such as continued discussions on international law, expert briefings, scenario-based discussions, and capacity-building on international law, in an inclusive and and action-oriented manner. Thank you, Mr. Chair.

Chair:
Thank you, Japan. Mexico, to be followed by Uganda.

Mexico:
Thank you, Mr. Chairman. Mexico aligns itself with the statement made by Senegal on behalf of a group of countries. We also take note of the comments made by Colombia on behalf of a further group of countries, and we will study those in detail. We believe that the growing publication of national and regional positions regarding how international law applies to cyberspace is a specific form which allows us to identify agreements with regard to the themes contained in the non-exhaustive list of paragraphs 29A and B of the second APR. We agree with Colombia that the intersessional meetings are an excellent opportunity to continue to exchange points of views with regard to some of the proposals which have been submitted during the substantive sessions. For example, it would be useful to have an exchange of ideas on the possible support that the International Law Commission of the United Nations could offer in the scope of its competency through an additional and informative analysis. Also, we believe that in the intersessional meetings, we could listen to the voices of experts from various stakeholders, including service providers, such as was pointed out by the delegation of Nigeria. They could make important contributions through initiatives such as working groups, the publication of substantive documents, as well as through practical exercises based on these scenarios. We recognize the importance of this open-ended working group. group in its deliberations on this theme. And this is reflected in the number of parallel activities and in diverse formats regarding the application of international law in cyberspace. In the opinion of Mexico, current gaps with regard to the application of international law are to be found in terms of the interpretation, and not necessarily with regard to the application that each country has to the application of international law on the use of information and communications technology. So in this regard, I’d like to make the following specific comments. The application of the principles of international law in cyberspace should ensure that the actions of states and non-state players respect the sovereignty of other countries, the non-intervention in internal affairs, and the peaceful settlement of disputes. In the context of cyberspace, this means that states should abstain from undertaking cyberattacks which violate the territorial integrity or political independence of other states. So we should ensure that the growing consensus supports that we should avoid actions which could be considered as interference in the domestic affairs of another country, such as election manipulation or destabilization of governmental institutions through cyber methods. With regard to the application of international humanitarian law to the cyberspace, we should base our consideration on the need to ensure that malicious actions in this area should not violate the protection of civilians and must respect proper conduct in terms of armed conflicts. We are aware that international humanitarian law were developed in the context of conventional war. However, for Mexico. In Mexico, its fundamental principles, such as the distinction between civilians and combatants, proportionality, and prohibiting unnecessary suffering, are equally appropriate and applicable in cyberspace. During the meetings of this group, we have listened to a number of examples of why cyber attacks which target critical infrastructure, such as hospitals or systems for provision of water, and which could harm the civilian population, should be considered under the norms of international humanitarian law. Also, we support the idea that the protection of personal data and privacy of civilians in cyberspace should be considered in line with the principles of humanity and the prohibition of unnecessary damage. Taking into account that the proper observance of the principles of international law relating to friendly relations and cooperation between states and applying good faith in obligations assumed by states in line with the Charter of the United Nations is of great importance for the maintenance of international peace and security and for implementing the other purposes of the United Nations, it is therefore essential to recognize that actions undertaken in cyberspace do have a direct impact on real life in this regard. We support the idea that the progress that has been made so far should be continued to be built upon, and we should be flexible, and we should reach broader understandings in the longer term. We would like to thank once again all the stakeholders who have participated in the Compendium of Opportunities and Responsibilities for a Peaceful Society. cyberspace, which was submitted yesterday in our parallel event. This document, which will be submitted to the Secretariat for distribution to all countries. Thank you very much.

Chair:
Thank you very much. Mexico, Uganda, to be followed by the United Kingdom.

Uganda:
Thank you, Mr. Chair. This is the first time I’m taking the floor, so I take this opportunity to thank you and your team for your excellent work. And we continue to give you A plus in excellent leadership. Chair, Uganda aligned itself with a common African position on the application of international law to the use of information and communication technologies in cyberspace. This common position was adopted by the African Union Heads of State Summit this year in February, and it represents the collective voice and contribution of the 55 African states to this debate. It’s our sincere hope that other regions of the world can also replicate this achievement. Chair, in response to your guiding questions on the scenario-based discussion and gaps existing in international law, we as a country, during our national consultation, in trying to develop our policy on ICT security, we identified three basic challenges, which we hope that we can hear from other delegations on how they cannot be addressed. Number one, if international law is predominant and relates to relationship between states, how do we hold non-state actors responsible and accountable for their acts in cyberspace, given the fact that non-state actors are key players in cyberspace today? For instance, if a person in a basement in another country develops and commits a cyber attack on the critical infrastructure of Uganda, can we charge this person under existing law? Second challenge. Is there an aggregate minimum level of evidence required to define a cyber attack, especially given the diverse spectrum of the cyberspace activities? Are there international rules of procedure for collecting evidence in a third country or where the source of attack is unknown or anonymous, as normally is the case? In such a scenario, who do you hold liable? Number three, chair. How are the victims of cyber attacks supported, helped, or compensated? For instance, if a cyber attack wipes up bank accounts of individuals or leads to death of patients, who pays the price? So these were the key challenges, chair, that our national consultation identified. And we are hoping that during these deliberations, we can be guided on how to handle those challenges. Chair, our government spent considerable resources to restore services affected by cyber attacks. And for developing countries, this is a huge burden, which affects our socioeconomic development process. So in this regard, chair, Uganda is proposing the creation of a fund within the UN, supported by voluntary contributions from member states and the private and civil society, to offer financial support and expertise to member states, especially developing countries, which may not have enough financial resources to deal with the aftermath of cyber attacks on critical infrastructure, to be able to restore. critical services, in real time, and as soon as possible. On capacity building, Chair, we realize that most of our policy makers are not aware at all what the cyber security means to them, to the country, and to the world. So we are hoping that as one of the pillars of capacity building, we need to target policy makers. We need to target members of parliament. We need to target the local and national authorities so that they are well aware of the dangers and the consequences of cyber attacks. We are having challenges on trying to convince them of the importance of developing a national policy framework because they are not aware of the dangers happening around the world. So, Chair, we are looking forward that during, by the end of this session, maybe we can get some useful insight on how telepaths develop our national capacity in developing our national position on cyber security. In conclusion, Chair, I wish to take this opportunity to thank our sponsors of the Women Fellowship who have continued to enable us participate in these engagements. Thank you so much, Chair.

Chair:
Thank you very much, Uganda, for your statement and for your many questions as well as your suggestions. I think you raised the point about how do we get policy makers engaged in the discussion on capacity building. I mean, capacity building, we are going to come to that discussion as a separate section. We are discussing international law now, and that, too, relates to capacity building. So, in a sense, capacity building cuts across all the sections, as we’ve recognized. And I want to underscore again the importance of the Global Policy Roundtable as a place precisely where we can bring together some of the senior policy makers from each of our country, where we can have that conversation, not just talk about what you can do to help me, but where we can engage in a conversation about what I am doing and how we can be partners so that not only nationally but collectively we have that resilience and create an open, secure, and stable ICT environment. I think that’s an enterprise. And I would also say that this is not going to be done overnight. Each one of us have our own responsibility at the national level, regional level, and, of course, at the global level. But the good news is that the conversation and discussion we are having now has come quite far, has made progress. So we are not starting from a blank slate of what do we need to do, whether it’s international law or threats or norms. or capacity building, there are very good steps that have been made. And I also draw your attention to the secretariat’s mapping report, which is a very useful survey of what is already being done. And we will come to that. So you can see that capacity building keeps coming in every section. So it is really foundational, and we will come to that. But it’s worth reflecting, each one of us, what more we can do with regard to capacity building and how that can become a very powerful way to strengthen not only national efforts but also regional and global efforts. So thank you very much, Uganda, for your statement. I give the floor now to United Kingdom, to be followed by Malaysia. UK, please. Thank you, Chair.

United Kingdom:
The United Kingdom welcomes this discussion on how international law applies in cyberspace. The UK underscores that it’s through focused and detailed discussions on this important issue that we are able to deepen our common understanding. We’re grateful for your guiding questions, and indeed your guidance throughout this process, which has allowed areas of convergence in our common understanding to materialize. The UK is also grateful to those delegations who have dedicated time outside of this room to further develop our detailed understanding of particular topics of international law. We listen with interest to the statement of the distinguished delegate from Senegal, given on behalf of a cross-regional group of 13 states, on the application of international humanitarian law. The UK recalls that IHL applies to operations in cyberspace conducted in the furtherance of hostilities in armed conflict. A cyber operation is capable of being an attack under IHL, where it has the same or similar effects to kinetic action that would constitute an attack. As explained by Senegal, The key principles of IHL – distinction, proportionality, humanity and military necessity – apply to attacks by cyber means in the same way as they do to an attack by any other means. IHL seeks to limit the effects of armed conflict. Its application to cyber operations in armed conflict does not encourage the militarisation of cyberspace. The UK also echoes the intervention made by the Distinguished Delegate from Colombia on behalf of another cross-regional group of states, which identifies further areas of convergence in our common understanding of how international law applies. The UK highlights in particular the applicability of international human rights law as well as the law on state responsibility. Chair, we must build upon these efforts as we move forward in this process. International law discussions will be at their most effective when all states have a strong voice. We continue to encourage states to share their interpretations of how international law applies and we commend the recent common position adopted by the African Union as a critically important contribution. We continue to underline the value of dedicated sessions in the OEWG and elsewhere for such focused discussions. The UK agrees with the Distinguished Delegate from the Philippines on the usefulness of scenario-based discussions as a mechanism to enable us to turn statements of legal principles into the practical application of the law. Chair, the usefulness of the workshops hosted by UNIDEAR demonstrate that scenario-based discussions are one of the best mechanisms that we have to take forward our discussions. In response to your guiding questions, the UK would suggest that a focus on sectors that states are most concerned to protect could be a fruitful way to build upon our discussions. For example, scenarios built around the healthcare sector and the provision of essential medical services or critical energy infrastructure, or the conduct of free and fair elections. Expert training and education also has a critical role to play in furthering our discussions and allowing broad participation in scenario-based discussions. A number of independent, non-governmental organisations are active in this area. The UK continues to support such training initiatives, often in partnership with regional organisations, and we welcome the continued work of UNIDEAR in this area. Chair, as we look to the future, the Programme of Action presents an exciting opportunity. Expert briefings and training from academics, civil society… or international organizations will enhance our collective international law capacity. This will provide the opportunity for a richer and more detailed exchange of views on the core doctrinal legal principles as well as the application of those principles in practice through scenario based discussions. The UK looks forward to progressing those discussions. Thank you

Chair:
Chair. Thank you. UK, Malaysia to be followed by China.

Malaysia:
Mr. Chair, Malaysia reaffirms that international law including the UN Charter applies in cyberspace. Continued exchanges of view at the global level will allow us to assess inter alia how the principle of the UN Charter including state sovereignty, the prohibition of the threat or use of force against the territorial integrity or political independence any state or in any other manner inconsistent with the purposes of the United Nations. And the peaceful settlement of international disputes apply in the cyber domain. Given increased reliance on ICT across a range of sectors, this is crucial in maintaining international peace and security and promoting accountability and transparency. Targeted capacity building including at the regional level is vital in deepening state’s knowledge and expertise on the applications of international law in cyberspace. These will allow experts and officials from different fields, legal, policy, diplomatic and technical, to better comprehend prevailing challenges in terms of both legal principle and practicality. Malaysia concurs with previous speakers who have highlighted the utility of scenario-based exercises which will foster better appreciation of salient issue among states. The involvement of stakeholders including international law academics and experts could further enrich state’s deliberations. Malaysia welcomes the site event on international law as a toolkit organized by Australia the Philippines and Uruguay earlier today as an example how interactive scenario based discussions could potentially be carried out during upcoming OEWG intersessional meetings. We also join on others in suggesting that these discussion be held in hybrid manner to allow greater participations by capital-based delegates particularly from developing countries. Malaysia further supports calls for UNIDIR to continue building on the valuable work it had already done with regards to international law in the cyber context. We should ensure that the voices of developing countries are adequately heard in the evolving global discourse. Indeed our experience in this OEWG demonstrate the progress we are able to make collectively when deliberations are open and inclusive and all states are invested in the process. In this regard we welcome the chair’s invitations for states to nominate experts and potential panelists and speakers for the upcoming intersessional discussions on the OEWG with the view to ensure quality and diversity of views represented. Thank you chair.

Chair:
Thank you Malaysia. China to be followed by Australia.

China:
The ICT security process under the auspices of the UN including the OEWG have come to important agreements on the application of international law, especially the applicability to cyberspace of the UN Charter and the principles of sovereign equality, prohibition of the use of force, peaceful settlement of disputes, and noninterference in internal affairs, which is the cornerstone for a fair and reasonable internal order in cyberspace. In connection with Guiding Question 1, China supports the focus on examining ways to implement the principle of sovereignty. Respect for cybersovereignty is an embodiment of the respect for the purposes and principles of the Charter in cyberspace and the Sino-Kuanon for maintaining peace, security, and stability in cyberspace. Currently, a certain country and its actors either provide critical information infrastructure services to areas under the jurisdiction of another sovereign state without the permission of its government, or meddle in other countries’ critical information infrastructure industry, attack and sabotage their CII. China is of the view that such acts seriously violate the principle of sovereignty and call for the vigilance and attention of all. Regarding Question 2, closely linked to the physical world as cyberspace is, it has its uniqueness. All parties should proceed from the maintenance of international peace and security, taking into account the distinct properties of cyberspace, and focus on the elaboration of new laws in line with the features of ICT and the development in the field. In this regard, the draft Convention on International Information Security proposed by Russia and relevant parties provides a good basis for relevant discussions. With regard to Guiding Question 5, China actively participated in the UNIDIR workshop on international law at the end of last year. At the same time, China advocates the need to properly handle the relationship between intergovernmental efforts and academic exploration, proactively maintaining peace and stability in cyberspace, and opposing foreign aggression. Supposing cyber conflicts and warfare should be the starting point and the end goal of the UNICT security process. In intergovernmental process, we can never be too cautious about transposing the law of armed conflict in cyberspace in a generalized manner and about any proposal that might encourage or legitimize cyber conflicts so as to avoid sending the wrong signal to the international community. At the same time, China supports UNIDIR and other institutions in conducting research prudently, objectively, and without prejudice on the legal and technical obstacles in the application of IHL that reflects developments in the cyberspace and the latest cases so as to provide more theoretical support for developing international law governing cyberspace. For example, it pertains to such questions as whether the announcement of a certain country of offensive cyber operations against another nuclear weapon state constitute armed conflict or the use of force, how to address the difficulties in tracing and identifying hackers in the Malay resulting from regional conflicts, and how the principles of distinction, necessity, and proportionality are applied. Thank you, Mr. Chairman.

Chair:
Thank you, China, for your statement. Australia to be followed by Singapore.

Australia:
Thank you very much, Chair. Australia would like to join the statement made earlier this morning by Colombia on behalf of a small group, Australia, Colombia, El Salvador, Estonia, and Uruguay, and I’ll now make some brief additional remarks in my national capacity. This OEWG has passed our halfway point, and we’ve made a lot of progress identifying convergences on several key issues at quite a granular level through our substantive discussions, and we should be continuing to elaborate additional areas of emerging convergence between states on how international law applies in cyberspace. International law’s pivotal role in maintaining peace and stability in cyberspace can only be fully realized when states implement and adhere to their international legal obligations. The customary international law on state responsibility provides a framework through which victim states can attribute unlawful acts to another state and consider options for seeking redress. Victim states’ options for redress include seeking peaceful resolution of the dispute, seeking remedy. and where appropriate taking lawful measures in response. The increasing calls by states in this room for accountability and cyberspace have not gone unheard and Australia considers that this could be an area of further convergence amongst states for inclusion in our next annual progress report. International humanitarian law is a second area of emerging convergence. The application of IHL was detailed in the joint statement delivered by Senegal on behalf of a large cross-regional group and we applaud the efforts of this group in providing further elaboration on the IHL principles that apply during an armed conflict in that working paper. The work of this cross-regional group along with the statements of many others today about international humanitarian law demonstrate considerable and detailed convergence amongst a wide range of states on the application of IHL in cyberspace during armed conflict. Third we’ve heard many states acknowledged that if used irresponsibly new and emerging technologies can pose serious threats to individual rights and freedoms. Just like other existing bodies of international law Australia considers that the same human rights and freedoms that apply offline must also be respected and protected online. In particular as mentioned already today by the Netherlands, Portugal and Austria the rights to privacy, freedom of expression, non-discrimination and freedom of association are all relevant rights and freedoms that states owe to individuals under their jurisdiction when those rights are exercised or realized through cyberspace and also through new and emerging digital technologies. Each of these three areas identified the law of state responsibility, the application of international humanitarian law and the application of human rights to new technologies have been drawn from the 2023 APR roadmap and the areas where we can build on the considerable momentum that we’ve already collectively generated ahead of this OEWG’s third APR in July. I’d like to refer now to your guiding questions on capacity building and scenario based discussions. Last July Australia, Uruguay and the Philippines co-hosted a side event that enabled legal and policy delegates to apply international law to a hypothetical scenario and as the distinguished delegate of the Philippines mentioned earlier we held this group again another similar event this morning with a very diverse group of participants. The small group discussions in this format were very frank, they were substantive and they were nuanced and there are a number of convergences among those groups on how international law applied to a very specific scenario and even where views differed, the participants all agreed that it’s a very valuable exercise to exchange views and to try to apply the tools that are provided by international law to address particular cyber threats in the context of a particular scenario. We found hypothetical scenarios to be a really valuable tool to consider how different rules and principles of international law apply in cyberspace, both in these international discussions but also in developing our own national positions. three hypothetical case studies which can be found annexed to the 2021 GGE report. And the internal development of these case studies represented a really strong capacity building exercise within our own government and between the very different interested agencies in our government to understand better the interests across those agencies and to make progress on elaborating a more detailed national position. Because like norms implementation, national statements on international law are not a once-and-done thing. It’s an iterative process and states can add to their positions over time to add further granularity and depth. I think Australia has published four positions over the last five years. We want to emphasize the value again of more states developing and sharing their national positions on how international law applies in cyberspace, which engages more states in the OEWG’s substantive work and ensure more diverse voices are heard in this debate. And in this regard we very much want to congratulate the African Union on the release of the common African position, which is a significant milestone as the first regional organization to issue such a position representing the views of all its states. I’m rather jealous. We commend the ongoing capacity building work of UNIDIR also in collecting guidance and resources and running workshops to assist states in developing national positions and we continue to support this and other very important endeavors to help us all continue this conversation. Thank you Chair.

Chair:
Thank you very much Australia. Singapore to be followed by Kenya.

Singapore:
Thank you very much Mr. Chairman for your guiding questions which provide all delegations with extremely helpful points of focus. In the interest of time, for the Chair’s guiding questions, as set out on the first three bullet points, we briefly recall Singapore’s position in the sixth substantive session, which can be found on the OEWG website and which we continue to fully affirm. First, the law and state response applies to internationally wrongful cyber acts. Second, international law should, in principle, apply to the cyber realm as to the physical realm. Third, it will be useful for this working group to continue to discuss the question of how international law applies to the use of ICTs in order to identify any gaps which may appear. Moving on to the chair’s new guiding questions. On the issue of scenario-based discussions, Singapore agrees that these are useful means for encouraging deeper exchanges on how international law applies to state’s use of ICTs. Recent similar initiatives, such as the workshop organized by UNIDIRR on the application of international law to the behavior of states and use of ICTs, held in November 2023, have proved the meaningful way for states to exchange views in a more granular detail on how rules and principles of international law may apply to specific factual situations. These discussions also allow states to consider the operational and policy implications of the application of international law to cyberspace. Within the framework of the OEWG, more of these scenario-based discussions on international law could be carried out as side events or at stand-alone informal or intersessional meetings, such as the upcoming intersessional in May. The format of these discussions could also follow that employed at the UNIDIRR workshop, centering on hypothetical scenarios and held under the Chatham House rule to enable full and frank exchanges. UNIDIRR or even stakeholders with expertise in international law could be requested to organize these discussions. In terms of the substantive scenarios, these should be designed as a priority to allow states to consider issues of international law that have previously been discussed in the OEWG, such as as sovereignty, sovereign equality, non-intervention in the internal affairs of other states, and state responsibility. And finally, we welcome and look forward to the intersessional meeting in May for further substantive discussions on the application of international law in cyberspace. Thank you, Mr. Chairman.

Chair:
Thank you, Singapore. Kenya to be followed by Ireland. Kenya, please.

Kenya:
Thank you, Chair. Kenya associates itself with the common African position on the application of international law to the use of information and communication technologies in cyberspace, as endorsed by the 37th Ordinary Summit of the African Union in February, 2024. My delegation makes the following additional comments in national capacity. The formulation of an answer to the question of how international law applies to the use of ICTs by states could be complicated by several factors. First is the capability of a state to identify and technically attribute a wrongful act to a state or to a state-sponsored actor. Second is the speed at which attacks are executed and the manner in which they are executed. Third is the interconnected nature of cyber that defies traditional borders. And fourth is the nature of actors in cyber, state and non-state actors. Capacity building in the area of international law, therefore, remains crucial. Such efforts should be aimed at building the technical capacity of ICTs and the threats they pose, as well as legal capacity to understand and evaluate the legal issue these threats raise. This can effectively be driven at the regional level through collaboration between the UN and regional organization. Nevertheless, a judicious approach is imperative to ensure that capacity building assistance is deployed decently with a focus on providing guidance rather than exerting a new influence. The aim is to optimize the impact of capacity building efforts, fostering sustainable outcomes that align with specific needs and development priorities of member states. Onto the question of gaps in how international laws applies to ICTs, we opinion that we must crawl before we can walk. Member states need an adequate understanding of how to interpret and apply existing international law to ICTs to identify gaps. We, however, want to underscore that the interpretation and application of international law necessitate a consistent approach that refrains from discriminatory practices based on the digital divide. Ensuring uniformity in application of legal principle across spectrum of technology access is paramount to upholding the principle of fairness, equity, and non-discrimination. A viable legal framework must accommodate the diverse technology capacities of member states and promote inclusivity in the digital era. Thank you, Chair.

Chair:
Thank you, Kenya, for your statement. Ireland, please.

Ireland:
Chair, Ireland aligns with the statement delivered on behalf of the European Union and wants to make a number of additional remarks in our national capacity. Chair, to begin, Ireland wishes to stress the importance that we attach to the OEDWG’s work in international law. As was reaffirmed in the most recent APR, international law is applicable and essential to maintaining peace, security and stability, and promoting an open, secure, stable, accessible and peaceful ICT environment. With regard to the first four guiding questions, Ireland has already provided comments in these at our last session in December, and we do not intend to repeat ourselves on much detail here. In our view, considerable progress has been made in the past few years in advancing our collective understanding of how international law applies in cyberspace. It is particularly notable that approximately 13 national position papers have now been published. We offer our sincere congratulations to the African Union for their recently published paper, which as a common position reflecting the views of 55 states constitutes a very significant contribution to this process. We also congratulate Czechia on their recent publication of their paper, and we further welcome two other notable contributions, namely today’s cross-regional joint statement by Colombia and others, as well as the cross-regional working paper submitted by Senegal and a number of other states on the application of IHL to the use of ICTs in situations of armed conflict. It is clear from the statements and position papers of states and regional groups that substantial areas of convergence can be identified as regards to how international law applies in cyberspace, including in relation to international humanitarian law, which is an area we feel would particularly benefit from focused consideration by the OEWG. The due diligence obligation in international law and the parameters of this obligation in the cyber context is another area of considerable convergence that would benefit from dedicated discussion in our view. How existing international law and mechanisms can provide for attribution and accountability for malicious cyber operations, in particular through the application of the law and state responsibility and the peaceful settlement of disputes, is another important issue that merits further attention. Chair, as we have said previously, Ireland is not convinced that any unique features relating to the use of ICTs cannot be accommodated by the existing body of international law. There are clearly gaps in our collective understanding, however it is not evident at this stage there are significant gaps in existing international law. law, and we consider any proposals for new legally binding rules to be premature. Looking ahead to the May intersessional meeting, we feel this could be a valuable opportunity to devote a substantial amount of time to international law issues. To get the most value out of these exchanges, it is important that experts from capitals are in attendance, and securing such attendance from many states is only likely to be feasible when there is a substantial international law component to the programme of work. We are open-minded as to the format and would agree that there may be some value in a scenario-based discussion, and that the methodologies of last November’s UNIDEAR workshop could be drawn upon as appropriate. We would also be open to contributions by expert panellists and speakers. Moreover, we consider that dedicated sessions on individual topics of international law, such as IHL, might result in richer exchanges. Looking ahead to the medium and longer term, Ireland believes that the POA could provide an effective, permanent and dynamic mechanism to further progress our discussions on international law and cyberspace. Finally, Chair, we recognise the need to continue to expand capacity-building efforts in international law, and in this regard we wish to reiterate our invitation to other states interested in speaking to us and learning from our experience in preparing a national position paper. Thank you very much.

Chair:
Thank you very much, Ireland. I’m conscious that we are getting closer to 1pm and we still have about 12 remaining speakers, so we certainly will have to continue this afternoon. I wanted to say that this has been an excellent discussion so far. We are certainly getting much deeper into the discussion. This is a discussion that has a long history, but it is good to see what I would regard as glimmers of convergence on different areas. But still, this is an issue that will require further discussion. Now the session this week is not going to be the end of the discussion. I think we still would need to continue to go deeper during the intersessionals and then also in July, of course. So we’ll continue in that spirit, but I welcome very much the tone and substance of the discussion we have had this morning. This afternoon, we will start with the dedicated stakeholder session at 3pm sharp, I would add. As I indicated earlier, we will give the stakeholders a chance to make their interventions and that’s very much important for us. But I would also appeal to the stakeholders to make their contributions within a time limit this afternoon and immediately after the stakeholder session, we will continue with the discussions of the working group on international law. So I’m not going to give you a time to say we will start at 3.35 or 3.45. Immediately after the stakeholder session, we will continue with the remaining speakers on international law. Secondly, for the stakeholder session. That is not a session for stakeholders to make their statements to me. It is also a session for stakeholders to talk to you. So I encourage all of you to be here at 3 p.m. sharp. Please be good to the stakeholders. I will be taking attendance at 3 p.m. And I will take note in my black book, especially those who are seated in front, and also right at the back. See you all, and everyone in between, of course. See you all at 3 p.m. Enjoy your lunch. The meeting is now adjourned. Thank you.