Agenda item 5: discussions on substantive issues contained inparagraph 1 of General Assembly resolution 75/240 (continued) – session 3

Progress on ICT Security and Capacity Building Discussed at OEWG Session

During the fourth meeting of the eighth substantive session of the Open-Ended Working Group (OEWG) on Security of and in the Use of Information and Communication Technologies (ICTs), 2021-2025, the Chair called the session to order and continued discussions under agenda item five, focusing on the third annual progress report. The Chair urged delegations to highlight key issues of importance for the drafting of the report, aiming for a clear understanding of each delegation’s priorities.

The Kingdom of the Netherlands began by welcoming the step-by-step approach to developing the Points of Contact (POC) directory, emphasizing the importance of onboarding states and recognizing existing communication channels like the FIRST Network. The Netherlands supported the UK’s proposal to delete a sentence in paragraph 42B and suggested prioritizing operationalizing communication before considering further tools like standardized templates. They also proposed inviting regional organizations to share best practices within the OEWG and highlighted the importance of education and upskilling to create a workforce capable of addressing ICT security risks. The Netherlands suggested adjustments to paragraph 48B to reflect agreed language on technology transfer and proposed language optimization for the global ICT security cooperation and capacity-building portal. Additionally, they called for more discussion on the establishment of a trust fund and its relationship to existing funds and initiatives.

The European Union (EU) stressed the importance of confidence-building measures (CBMs) in building trust and stability in ICT use and highlighted regional efforts to operationalize CBMs. The EU supported a step-by-step approach to implementing global CBMs and cautioned against overloading the POC Directory with new functions at this stage. On capacity building, the EU emphasized the need for a demand-driven approach and welcomed the High-Level Global Capacity Building Roundtable. They suggested finding synergies between global initiatives on capacity building and linking proposed instruments to the Permanent Future Mechanism. The EU also called for voluntary reporting on national implementation efforts and further discussion on the principles of establishing a UN Voluntary Trust Fund on security and the use of ICTs.

South Africa supported the inclusion of Annex B on CBMs and the establishment of the Global POC Directory, noting the importance of trust-building between states. They also supported capacity-building efforts, the development of a dedicated global ICT security cooperation and capacity-building portal, and the establishment of a voluntary trust fund. South Africa emphasized the need for equitable geographical representation in future high-level global roundtables on capacity building.

Colombia highlighted the importance of rules, norms, and principles of responsible state behavior and the applicability of international law in cyberspace. They welcomed the proposal for a thematic group on state responsibility and called for more references to international humanitarian law (IHL) in the report.

Chile emphasized promoting existing norms and the role of the private sector in ICTs, particularly in protecting critical infrastructure. They supported the proposal for an inter-sessional session on international law and the inclusion of IHL in discussions on the use of ICTs in armed conflict.

Italy aligned with the EU statement and welcomed the establishment of the POC Directory, emphasizing the need to focus on its implementation. Italy also highlighted the importance of cyber capacity-building projects and the need for clarity on the establishment of the proposed UN Voluntary Trust Fund.

The Dominican Republic supported the inclusion of working papers on international law and IHL in the report and called for more concrete and action-oriented proposals. They also supported scenario-based discussions and dedicated inter-sessional meetings on international law.

Australia provided detailed comments on CBMs and capacity building, expressing openness to considering new CBMs while emphasizing the importance of implementing existing ones. Australia also proposed textual amendments to link capacity-building efforts to the future mechanism and called for a report to address key questions before establishing a new initiative like the proposed trust fund.

Zimbabwe emphasized the negative impacts of unilateral coercive measures (UCMs) on international cooperation and capacity building, proposing additional language to highlight concerns about the use of ICT offensive capabilities to implement UCMs.

The Republic of Korea welcomed the POC Directory and supported a voluntary approach to communication templates. They also expressed concern about the potential hindrance of discussions on unified terminology definitions for CBMs.

Japan welcomed the POC Directory and emphasized the importance of capacity building in promoting a secure cyberspace. They called for further discussion on the proposed additional global CBMs and the establishment of a UN Voluntary Trust Fund.

The United States supported the draft section on CBMs and proposed changes to reflect the need for better coordination among various capacity-building initiatives. They also called for further dialogue on the proposed UN Voluntary Trust Fund and emphasized the need for multi-stakeholder involvement in capacity-building efforts.

Czechia welcomed the establishment of a single-track, inclusive, permanent, and action-oriented mechanism under the UN upon the conclusion of the OEWG’s mandate. They supported the idea of dedicated thematic groups but called for further discussions on their specific subjects.

Singapore broadly supported the CBM section and the establishment of a dedicated global ICT security cooperation and capacity-building portal. They also welcomed the proposed structure for the future regular institutional dialogue, emphasizing the importance of reaching an agreement on the elements to guide discussions on cybersecurity.

Ecuador highlighted the importance of international cooperation and capacity building, expressing support for the establishment of a UN Voluntary Trust Fund on security and the use of ICTs. They also reiterated the need for meaningful and effective participation of women in cybersecurity consultations.

France supported the establishment of a permanent online portal on ICT security and the idea of a UN Voluntary Trust Fund. They called for further discussions on the function, scope, and structure of the future mechanism and proposed amendments to clarify the functions and mandate of the future mechanism.

Fiji strongly supported the voluntary checklist of practical actions for the implementation of voluntary non-binding norms of responsible state behavior in the use of ICTs. They also supported the establishment of a single-track state-led permanent consensus-driven mechanism under the UN.

Brazil emphasized the importance of state-led participation, consensus-driven decision-making, and multi-stakeholder involvement in discussions on the future platform concerning ICT security. They called for further discussions on the function, scope, and structure of the future mechanism.

Malaysia welcomed the proposed structure for the future mechanism, including substantive plenary sessions, dedicated thematic groups, and stakeholder consultations. They emphasized the importance of international cooperation and capacity building and called for further discussions on the thematic groups’ mandate and the number of meetings.

The Islamic Republic of Iran stressed the need for international cooperation and capacity building, proposing amendments to emphasize respect for states’ sovereignty and the importance of technology transfer. They also called for further discussions on the checklist of practical actions and the establishment of a trust fund.

The Russian Federation emphasized the importance of capacity building and international cooperation, expressing concerns about the vagueness of the proposed functions of the future mechanism. They called for a clear mandate for the future mechanism and opposed attempts to overstate the role of non-governmental stakeholders in negotiations.

The United Kingdom supported many aspects of the capacity-building section, emphasizing the link between capacity building and norms implementation. They proposed amendments to paragraphs 48G and 48H to avoid duplication with similar initiatives and called for further discussions on the function, scope, and structure of the future mechanism.

The Syrian Arab Republic insisted on the importance of international cooperation and capacity building, emphasizing the need to respect states’ sovereignty and provide non-politicized and equitable aid. They also called for further discussions on the future mechanism’s mandate and the role of stakeholders.

The Chair concluded the session by outlining the plan for the next day, which included continuing with the remaining speakers’ list and hearing from stakeholders in a dedicated session. The Chair emphasized the importance of reaching consensus on the third annual progress report and the future mechanism for regular institutional dialogue to ensure a seamless transition.

Chair:
The fourth meeting of the eighth substantive session of the Open-Ended Working Group on Security of and in the Use of Information and Communication Technologies, 2021-2025, is now called to order. Distinguished delegates, we’ll continue our discussion under agenda item five. And as I indicated prior to adjourning the session earlier this morning, we will continue a reading of the third annual progress report covering all the different sections, including the section on regular institutional dialogue. We’ll begin with the speakers’ list remaining from this afternoon, and I would invite all delegations to be as succinct as possible in their interventions, to prioritize in highlighting the key issues of great importance to them in the drafting of the third annual progress report so that I myself, plus others in the room, other delegations, could have a good sense of each delegation’s key priorities in the drafting of the third annual progress report. So with these preliminary comments, let’s get started with the speakers’ list. I have the Kingdom of the Netherlands, to be followed by the European Union, South Africa, and Colombia. And then the list goes on. So starting with the Kingdom of the Netherlands, you have the floor, please.

Netherlands:
Thank you, Chair. In the interest of time, allow me to delve straight into the substance. On CBMs, we welcome the step-by-step approach in further developing the POC directory as mentioned in the paragraph 42C, and consider it important to prioritize the onboarding of as many states as possible in the POC directory. Moreover, on paragraph 42B, there are also other successful initiatives like the FIRST Network and other regional communication channels that facilitate interaction, cooperation, and communication between states in times of ICT incidents. To ensure synergy with other efforts, we would like to see the inclusion of, quote, while acknowledging existing communication channels, end quote. This paragraph would then read, quote, while acknowledging existing communication channels, states highlighted that the POC directory can facilitate secure and direct communications between states to help prevent and address serious ICT incidents, and de-escalate tensions and prevent misunderstanding and misinterpretation that may stem from ICT incidents, end quote. Lastly, on 42B, the Netherlands supports the proposal of the UK to delete the last sentence of this paragraph. Then on paragraph 45, in line with the step-by-step approach, we believe that first we need to operationalize communication between states through the POC directory before we consider whether further tools are needed to support the directory. In particular, we fear that the discussion on standardized templates is a lengthy process that would need to take into account the specificity of national structures and policies. This may take valuable time away from the Open End Working Group’s work. Therefore, we would propose to make best use of existing best practices from regional organizations. So we propose to replace the crest to the UN Secretariat in paragraph 45 to develop a standardized template with the following. Quote, in this regard, regional organizations are invited to share their best practices on optimizing communications within their respective POC directories. within the open-ended working group,” end quote. Then on capacity building, Chair, we believe that the APR would benefit from referring to concrete outcomes that emerged during the global roundtable and that are being underlined in the recently published report by UNIDIR, namely, first, the importance of education and upskilling with a view to creating a workforce that possesses the range of skills required to effectively mitigate the risk to pertain ICT security domestically and internationally, including the technical, legal, and diplomatic communities, and second, the provision of technical and specialized assistance and organizational and institutional support. To reflect this, we would like paragraph 48B to be slightly adjusted to the agreed language on tech transfer, reflected in different resolutions, including the ECOSOC resolution in 2023-4 on science, technology, and innovation for development. So we would propose the sentence to read as follows, quote, which may include technical, legal, and diplomatic aspects, as well as transfer of knowledge, skills, and technology on mutual agreed terms and conditions, end quote. On the portal in paragraph 50, we see merit in the portal, and to ensure we really set up something that is as helpful as a tool, we would welcome language on optimizing synergies and avoiding duplications with related initiatives. To ensure the sustainability of the portal in the future, we would propose to add one sentence at the end of the paragraph that would read, in addition, the study would support further discussions on how the portal could be a useful tool for the future regular institutional dialogue. Then in paragraph 52, the APR refers to the establishment of the trust fund. We believe that more discussion is needed on how such a trust fund would work, what the scope would be. And we would like to thank you for your attention. and how that would relate to existing trust funds and other initiatives to support the participation of experts. In addition, to ensure the effectiveness and the sustainability of a potential trust fund, we propose that it should also be considered in the context of a future action-oriented, regularly institutional mechanism. We would suggest reflecting this in paragraph 52. Then, Chair, let me allow you to move to the regularly institutional dialogue section. The Netherlands continues to be committed to our efforts of ensuring a seamless transition to a single-track future mechanism within the Open-End Working Group. We believe Annex A includes important elements of a future mechanism. We note with appreciation the recognition of the role of regional organisations in paragraph 7. We do believe that there are some opportunities to further enhance the Annex. We attach great importance to finding the right balance in the wording of paragraph 8 and paragraph 9, as we believe these paragraphs are foundational to the mandate we establish for a new mechanism within the Open-End Working Group. We see the elements in paragraph 8 and 9 as closely related and would therefore propose combining two paragraphs into one paragraph. Furthermore, on the language in paragraph 9, we would like to bring the text close to the balance we have achieved on existing law and norms and the potential development of new elements by drawing from consensus text we have on this from the previous APRs. We would therefore propose for the combined paragraph to read, and please bear with me, this is quite long. So paragraph 9, the main functions of the Open-End is action-oriented permanent mechanism are to strengthen the capacity of all states to develop and implement the cumulative and evolving framework for responsible state behaviour in the use of ICTs, to advance implementation of the cumulative and evolving framework for responsible state behaviour in the use of ICTs, to further develop the cumulative and evolving framework for responsible state behaviour in the use of ICTs. And, guided by the functions listed above, the open-ended, action-oriented permanent mechanism will address with a view to facilitating an integrated policy-oriented and cross-cutting approach to discussing the following inter alia existing potential threats, voluntary non-binding norms of responsible state behavior, and the ways of their implementation, noting that additional norms could be developed over time, then how international law applies in the use of ISTs, considering whether any gaps exist in how existing international law applies in the use of ISTs, and further consider the development of additional legally binding obligations if appropriate, then confidence building measures and capacity building. We believe this wording would provide us with the right balance and gives appropriate room development of new norms and binding obligations. We would propose to, we will share this in writing as well. Then second, we would propose to streamline the language in paragraph 14a on the thematic working groups, if it is retained within, with the proposal I just made. Chair, then regarding paragraph 14b, whether it remains a subparagraph on a dedicated thematic group on capacity building or whether we decide to establish a cross-cutting working group, we would like to see reflected that capacity building would be facilitated by a cycle process of exchanging expertise, voluntary reporting, identifying capacity building needs, and matching needs with resources. Such an approach would enable the future magnets to have this needs-driven approach to capacity building and based on the agreed capacity building principles. Then on paragraph 14, we welcome the notion that the thematic working groups would take a cross-cutting approach focusing on policy-oriented discussions. And lastly, Chair, as stated previously, we support having robust stakeholder modalities on a voice, not a vote principle. We therefore support proposals to apply the stakeholder modalities adopted in the Ad Hoc Committee, and we believe that there is additional scope to reflect the specific expertise stakeholders could contribute to in the thematic working groups. I thank you, Chair.

Chair:
Thank you very much, Netherlands, and pleased to share your proposals with us and also with all interested Member States. European Union, to be followed by South Africa. EU, please.

European Union:
Thank you, Chair. Please allow me to make statements on multiple topics at the same time. First, on CBMs. CBMs endeavor to build trust and contribute to predictability and stability in the use of ICTs. After adoption of regional CBMs, regional organizations made many efforts to operationalize them. For example, through targeted support and capacity building, scenario-based discussions, and by developing virtual capacity building tools such as e-learnings, good practice reports, as well as by conducting workshops, such as the one the EU and Singapore organized in the context of the ARF CBM on the protection of critical information infrastructure. With many other regional organizations and stakeholders also having the experience in operationalizing CBMs, we welcome the fact that this is mentioned in the revised APR paragraph 42G and suggests to add the word regular in that sentence. While we recognize the potential of some of the additional CBM proposals in Annex B, we also note that there’s still a lot of work to do to implement and operationalize the four agreed global CBMs. We therefore strongly support to take the step-by-step approach, making sure we can absorb the global CBMs. In this light, we see seeking agreement on a template, paragraph 45, and the exchanges on terminology, 42F, as exercises that would rather hinder than support our practical progress at this stage. based on the experience we have in regional discussions. We also note that some proposed CBMs in Annex B have overlap with existing regional CBMs, and some seem to have overlap with existing norms or the work stream on the capacity building. In this light, we see a need to continue our discussion on the global and regional CBMs to inform and feed our exchanges on which CBMs could be relevant at the global level and what best practices exist as regards their implementation. Mr. Chair, the EU considers the POC Directory to be a great achievement, and we would like to congratulate you personally on this establishment. The EU’s view is that first and foremost we need to consolidate this important achievement by making it fully operational and increase the participation. In this context, we do have a concern about the risk of overloading the POC Directory with new functions at this early stage of its life, and we caution that we stall progress because states have not been able to internalize and implement what we have recently developed. Mr. Chair, let me turn to capacity building. To advance a demand-driven approach in capacity building and contribute to the implementation of the UN Framework of Responsible State Behavior in Cyberspace, it is important that the Open End Working Group continues to exchange on the needs for cybercapacity building to help create partnerships and define the overall framework for capacity building initiatives. We therefore welcome a strong chapter on capacity building. We would also like to thank you for convening the High-Level Global Capacity Building Roundtable this May, and we thank UNIDIR for their excellent report summarizing the procedures. As the Global Conference on Cybercapacity Building that was convened in Accra, Ghana in 2023 will have another meeting in 2025, it is important to try to find synergies between these global initiatives on capacity building and ensure that the ecosystem matures to be able to deliver upon its task. This applies, for instance… instance, to paragraph 48C and 48D, where we would like to streamline the paragraphs in a way that it emphasizes the importance of coordination, also recognizing the existing efforts by established actors in the ecosystem, including, for instance, the GFCE. The Open-Ended Working Group could, as regional organizations already do through existing hubs, take advantage of existing cybercapacity-building coordination bodies, such as the GFCE. Besides ensuring that the proposals in the capacity-building chapter will well function within the existing ecosystem, we also see a need to link the proposed instruments, including the portal as well as the fund, in the APR to the Permanent Future Mechanism, as to ensure the continuity and sustainability of these proposals. In addition, we see a need that the APR also includes a paragraph on voluntary reporting on national implementation efforts, making use, for instance, of existing tools by UNIDIR’s National Cyber Survey of Implementation. This reporting would serve as a basis to identify priorities in the areas of implementation and map the needs in terms of capacity-building. As regards the proposal for the United Nations Voluntary Trust Fund on security and the use of ICTs in paragraph 52, while we welcome the suggestion, as also presented in the POA proposal last year, we do feel that more discussion is needed to clarify the parameters of these proposals. To do so, we would add the wording that states agree to study further the principle to establish a UN Voluntary Trust Fund on security and the use of ICTs under the Future Permanent Mechanism, with a view towards having all elements ready by July 2025 for member states’ consideration. In addition to the importance of regional organization in paragraph 53, we would also like to have a strong recognition of the essential role of the private sector, civil society and the technical community to shape, develop, uplift and contribute to capacity-building efforts worldwide. worldwide, as they do so already today, and recommend strengthening the engagement with them to advance cybercapacity building. In conclusion, Mr. Chair, we will continue our efforts to foster practical implementation of the framework for responsible state behavior in cyberspace, as well as our efforts to enhance global cyber resilience and address the technical needs in relation to state conduct in cyberspace. At this moment, we implement cybercapacity building projects together with many regions and countries, and look forward to step up that work. We welcome all delegations also to express their views and needs, so to help you and us all, Chair, to make swift progress in this field. Please allow me to turn to the regular institutional dialogue. Thank you, Chair, for convening a dedicated intersessional meeting on the topic last week, and we hope to continue these exchanges in more depth. You mentioned in your opening remarks back then the importance of both ambition and balance when we are determining our path forward, both in relation to the establishment of our future institutional dialogue, but also in relation to the work of this open-ended working group to guide that establishment. We can only agree, and we should assure that we take the right time for our discussions to set the right parameters for the future regular institutional dialogue, and we can only do it once right. We would also like to thank you and those of your team for all the efforts put in this revised paper on the draft elements, and we welcome the clarified timeline and modalities and the degree of conversions. We seem to be moving forward on how the mechanism could function in practice. Through successive annual progress reports, the open-ended working group, and resolutions, states have reached a significant degree of alignment on the elements of the future permanent mechanism, and we think that the current APR should reflect this, using similar language as last year on the progress made. We have made progress, but there is also still a lot of work to do. We are of the view that at this stage the main focus of the future permanent mechanism should be on the implementation of the existing framework, including by strengthening capacities. In a virtuous cyclical approach, strong implementation efforts will turn into identifying possible gaps in the framework that could be addressed through the future permanent mechanism at its review confidences. This order should be reflected in paragraph 8. Also with regard to paragraph 9, as well as 14, we would strongly support the proposal made by the Netherlands to use consensus language from the first and second APR with regard to possible new legally binding obligations. The language, in order to concretely enhance our resilience, we are looking forward to have an action-oriented mechanism. We need to create a mechanism to provide states with the relevant capacities to implement the framework and to ensure peace and stability, in operational terms and at national, regional and global levels. This has been our focus since the introduction of the proposal for a program of action in 2020. Let me highlight one feature that reflects how we can integrate such value-added in the future mechanism, the establishment of cross-cutting dedicated thematic groups. Taking an issue-based approach, such as on the protection of critical infrastructure, it would act as a means to build confidence and set out best practices which would enable states to identify capacity-building priorities alongside the pillars. We should strive for setting up at the first a limited number of financial dedicated thematic groups while giving the option to the plenary of the future mechanism to create additional groups if needed. We also note with appreciation the recognition of the important role of regional and sub-regional organizations in paragraph 7, as well as the policy-oriented and cross-cutting approach to discussions. With regard to the multi-stakeholder community, while we welcome the proposal to hold dedicated stakeholder consultations prior to each session, it is important to clarify that future modalities will enable participation by stakeholders in future substantive meetings of the mechanisms. We would like to reaffirm that such participation should be based on the principle of a voice, but not a vote. And the elements paper should clarify the participation of stakeholders, thinking that the modality of the AHC on cybercrime is a model that we could follow in this regard. Turning to decision-making. We strongly support the clear language on consensus decision-making regarding the substance, and think that for more specific tasks, as for example the role of the chair, we could discuss this over the course of next year rather than rushing into it now. It could therefore be useful to also mention under paragraph 19 that these modalities are to be decided at the future organizational meeting. Mr. Chair, reaching consensus on the annex for the regular institutional dialogue remains a high desirable goal. In addition, we consider it can be useful to continue the approach that we took in previous APRs of incrementally building common ground on the key purposes and objectives for the future regular institutional dialogue. We therefore support the proposal that has been made by France earlier to also cover a set of common elements in this year’s APR. Thank you very much, Chair.

Chair:
Thank you very much, European Union. It was a lengthy statement, but I think you are speaking on behalf of a group of countries, so I think it was good for everyone to understand the position of members of your grouping. And please do make available to my team, but also to other interested delegations, the text of your intervention. Thank you for that.

South Africa:
Thank you very much. South Africa to be followed by Colombia. Chairperson, on confidence building measures and capacity building, we support the inclusion of Annex B to the APR. The OEWG itself is a CBM, and our continued exchange here and in an action-oriented permanent mechanism would be a further CBM. Annex B builds upon the work done to establish the Global Points of Contact Directory. We agree that the new CBMs are important to developing trust between states, and proposals to operationalize them should take into account the discretion of each state to decide how many CBMs they have and the capacity to implement at any one time. Capacity building is also relevant to CBMs, as the international community continues to develop the cumulative and evolving framework of responsible state behavior, as has been stated in Para 46. Implementation of the norms, rules, and principles could themselves be likened to a CBM, and the role of the United Nations in taking stock of states’ needs and facilitating access by states to capacity building programs is central. Chairperson, we are appreciative of Para 48A on the capacity building principles as adopted in the 2021 OEWG report, as well as the recognition of the importance of gender-responsive capacity building. We are also supportive of Para 48D on the development of a needs-based ICT security capacity building catalog. We support the proposal for the development and operationalization of a dedicated global ICT security cooperation and capacity building portal, and the recommendation in Para 50 for the preparation of a report by the Secretariat outlining this further. The proposal for the Secretariat to draft a report on development and operationalization of a voluntary trust fund, as outlined in paragraph 52, is also a welcome recommendation. Future high-level global roundtables on capacity building for ICT security are a substantial part of the dialogue between experts from member states. As outlined in paragraph 51, these discussions would benefit from the participation of various stakeholders, capacity building practitioners, and capacity building practitioners, with due consideration given to equitable geographical representation. Chairperson, with regards to Annex C on regular institutional dialogue, we would like to retain the language in para 2 that refers to states agreeing to finalize the elements of the open-ended action-oriented permanent mechanism, including as contained in this paper, by consensus within the framework of the OEWG, to ensure a seamless transition to the new mechanism. We support the retention of the guiding principles as they are. The participation of stakeholders referred to in para 6 is well set out. We welcome the possibility to review and further develop, within the future permanent mechanism, modalities on stakeholder participation. We support the functions and scope as written in Annex C. We are willing to discuss the structure of the future permanent mechanism further, but in principle, we agree that dedicated thematic group meetings, dedicated intersessional meetings, and dedicated stakeholder consultations are acceptable. The presiding officer of the dedicated sessions should report back to plenary in all of these cases for member states to make a final decision. The details of the focus of thematic groups could be discussed further in subsequent sessions of this working group and elaborated upon in its final report in 2025. We support the modalities and the decision-making process outlined in the paper. As we move towards the final report of the OEWG in 2025, it would be prudent that the working group tries to tie up as many loose ends as possible. I thank you.

Chair:
Thank you very much, South Africa, for your contribution. Colombia to be followed by Chile.

Colombia:
Thank you, Chair. In relation to rules, norms and principles, we highlight 30C in the checklist for implementation of voluntary norms. We think that this checklist can serve as a tool nationally to identify the challenges of each state in implementing each of the norms. In this regard, we should contrast the needs for capacity building with this list. We should include under B the reference to the global directory and in E the contributions of interested parties in order to guarantee fulfillment of human rights in line with this. We also welcome 30E on the need to continue strengthening measures for critical infrastructure as well as exchange of views and best practices on their protection, including sharing information on national policies and protocols for recovery prior to instance for critical infrastructure. This aspect is of the utmost importance for Colombia. In the section on international law, the delegation of Colombia aligns itself with the statement of a group of countries on the applicability of international law in cyberspace. There’s in relation to IHL and the use of ICT in situations of armed conflict. We reiterate our request for areas of convergence and common ground on this. There is space for more references to language on IHL in this section on the report. We support the statement by Switzerland and Estonia on 36E and F, which includes language presented in the aforementioned document. Also we welcome the contribution of Australia in the area of state responsibility. We welcome the proposal for a thematic group as part of the permanent mechanism aimed at action. We welcome also in parts 36D and E of wording on continuing to build capacity. Thank you.

Chair:
Thank you very much, Columbia, for your contribution. I have Chile to be followed by Italy. But before I give the floor to the next speaker, I’ve been reminded by the Secretary that delegations are kindly requested to speak at a reasonable speed for the interpreters to do their best to interpret your statements into the different languages. And of course, I would also invite you to make your statements as succinct as possible so that you don’t slow your statements so long or so much that we increase the time needed to make the same intervention. So do be brief. Do speak at a rate where the interpreters can do their job as well. Thank you very much. to the interpreters as well. Chile to be followed by Italy.

Chile:
Thank you. Thank you, Chair. We will do our best to be brief and succinct and to speak at a reasonable pace to the interpreters. In relation to the section on norms and responsible behaviour of states, as we said, a priority for us is promoting existing norms and strengthening capacity building nationally. We think it’s fundamental also that we have contributions from other stakeholders, academia, the private sector, the technical community and other stakeholders. We also think it’s fundamental that we move towards new guidance that allows states to have a shared understanding about the implementation of these norms, and therefore we welcome the checklist of practical actions that can be a valuable tool for states. We agree with what has been said by Australia that these norms are voluntary and non-binding and this should be made explicit as suggested by this delegation. As regards the importance of highlighting further measures for the implementation of norms, the UK highlighted the work of the group of experts in this proposal could be a new paragraph after 30C. 30I and 30J, as mentioned by Switzerland, the US and others, this could be optimised by removing 30J and including this in the second half of 30A after 30H, we welcome the reference to the private sector in ICTs and the role of building PPPs, as mentioned by the delegations. It would be good to have an explicit reference to critical infrastructure and the supply chain of ICTs together with the role of the private sector, which is in the front line, as in many cases, such as my country. These infrastructure are specialist concessions for the provision of services. As regards international law, we welcome the proposal of an inter-sessional session on this subject. Given the restrictions and what has been set by delegations such as Bangladesh, we are prepared to be flexible here about the best way to include this in the calendar and to cover various themes, as you will no doubt propose. It would be useful for other stakeholders to also participate in this so that they can also make their contributions. We welcome tabletop exercises as useful for capacity building in international law and for building common understanding as to how international law is applied in the use of ICTs, especially these exercises can be carried out regionally. We would welcome capacity building in this area and we think we should add conferences to paragraph 37d. Finally, for this section it’s important to take into account that IHL is part of international law and this should be duly reflected in this section. Also, the promotion and protection of human rights, in this regard, we support the proposed language from the EU regarding the inclusion of specific wording on IHL and as Switzerland and other delegations have said, the content of the working document of a multi-regional working group on the subjects. On E, we value the text and we reaffirm the importance of highlighting the bodies working on confidence building measures and also the collection of these CBMs and adding them to other aspects of responsible behaviour of states in cyberspace. We welcome the launch of the global directory of POCs. This should facilitate communication between us and generate spaces for dialogue and understanding. It’s important in this regard to consider also the POCs at a regional level and this can also contribute to building the global directory. It’s also important for states to move towards appointing their points of contact. We also think that the proposal included in this draft to have new CBMs is a welcome innovation given the evolution of CBMs over the course of our work and so we fully support implementation of the first four CBMs and we should work on helping the next four proposals reach maturity in accordance with the statements of other delegations on this subject. I thank you.

Chair:
contribution, Italy, to be followed by the Dominican Republic.

Italy:
Thank you, Chair. Italy aligns itself with the EU statement and I will follow your suggestion, Chair, and I will keep my intervention short. I will touch five points. First, we want to welcome the POC directory and thank you, Chair, for this relevant achievement. In this respect, we believe that the current priorities are the implementation of the POC directory and its consolidation. Second, we want to underline the opportunity to concentrate on the implementation of the agreed four global CBMs before addressing the possibility to introduce additional measures as listed in Annex B. Third, we want to welcome the reference in paragraph 42G to the efforts of regional organizations to operationalize the CBMs. Their contribution is of high value to us. In this respect, let me recall that tomorrow Italy, together with Austria, Belgium, Estonia, Finland, and Sweden, organizes a side event on emerging practices in public-private partnership for ICT security and I hope there will be great attendance. Fourth point, we want to welcome the emphasis of the report on cyber capacity building as it is really at the core of our work. Italy favors efforts to improve coordination and cooperation. In this respect, it is important that the proposed portal be harmonized with existing initiatives as the GFC’s portal. Five and final point about the proposal of the establishment of the UN Voluntary Trust Fund. We believe there is a need to clarify key elements of the proposal before Member States can take an informed decision. In particular, it is essential to avoid additional layers and potential overlaps with other instruments for the sake of the effectiveness of the Fund and its capacity to leverage new contributions. The language of the EU proposal captures well this need. Thank you very much.

Chair:
Thank you very much, Italy, for your contribution. Dominican Republic, to be followed by Australia, please.

Dominican Republic:
Muchas gracias, señor Presidente. Thank you, Chair. As regards to section C, Dominican Republic wishes to make the following remarks. The aspects relating to further develop rules, norms and principles of responsible behaviour of States and the ways in which they are implemented, if necessary, to make changes to them or to develop additional standards of behaviour is, in our view, an essential part of this working group and of the future permanent mechanism that will succeed in this regard. We welcome the emphasis placed by several delegations on deepening implementation of norms including recognising the value of existing consensus standards in addressing emerging cyber threats. In that regard, we support the inclusion. Apologies. In that regard, we welcome a new paragraph 30B proposed by the United States in the same vein. We share the view of the EU in that implementation of the norms agreed so far is necessary in order to determine the relevance of either complementing them or developing alternative norms that respond more adequately to the challenges that we’ve identified. We’d also like to welcome the draft checklist of practical actions for the application of voluntary non-binding standards. of responsible behaviour by states in the use of ICTs. We trust that this will be one of the more tangible results that we can showcase. We agree that this checklist can be a valuable tool for cooperation between states who wish to cooperate and to strengthening capacity of such states in this area with an emphasis on developing countries. We also support the idea that this should be a living document open to adaptation and expansion. In this regard, we support the proposal of the United States in terms of adding to paragraph 32 an invitation for states to share information on their national experience in the application of specific norms with particular attention to norms relating to critical infrastructure. Finally, we wish to express our support for the Swiss proposal regarding deletion of section J of paragraph 13. On section D, we have the following to say. We would like to support those delegations who have advocated for greater integration into this section of references to working papers on international law, IL and international humanitarian law. IHL submitted by an interregional organization. group of states, including the one submitted jointly by Australia, Colombia, El Salvador, Estonia and Uruguay. We support the inclusion of language in this section on concrete and action-oriented proposals in line with those made yesterday by the EU. We also would like to express our support for the reference made by several delegations to specific scenario-based discussions or tabletop exercises and how to apply international law as a practical way of further building consensus and also for arranging dedicated inter-sessional meetings. I thank you.

Chair:
Thank you very much, Dominican Republic. Australia, to be followed by Zimbabwe.

Australia:
Thank you very much, Chair. I will jump right in once again on confidence-building measures chapter and go through a few proposals paragraph by paragraph. I would like to jump first to paragraph 42D. Like Germany here, Australia would like to see the work of the Secretariat on the CBM front really focus on the CBMs we have already agreed and implementing and operationalising these, particularly our new, shiny point-of-contact directory. We are not convinced that the Secretariat’s resources are best put to developing templates for a function which we are still working on and particularly working out the parameters of. So we wouldn’t support 42D nor its respective recommendation in 45. However, I did find the proposal to invite regional organisations to share their experiences and templates compelling. Australia is always supportive of proposals that recognise that our work is not starting from scratch. So we would be very open to amending Paragraph 45 in line with the proposal of the Netherlands rather than calling for its deletion. Turning to Paragraph E of Paragraph 42, we have reviewed the proposals for new CBMs in Annex B with interest, and we remain very open to considering these, while we do also sympathise with some delegations that would prefer to take more time to discuss these. These proposals are new to us too, but we are very open to building upon the existing work via this avenue. But we would agree also with Germany that the way that the new CBMs have been phrased seem to be a bit unusual, and we would prefer amendments that bring them in line with the action-oriented, verb-led CBMs that we’ve already agreed. So a bit of tweaking of that language, and we look forward to seeing the German text proposals there. Finally on the CBMs chapter, we would note that we would prefer deletion of Paragraph 47. We do not support elevating this proposal to the status of a recommendation, because it hasn’t been discussed in any depth in any of our meetings. We can, in the spirit of finding consensus, go along with the reference to terminology that is already set out in Paragraph 42F, noting that this is a contentious paragraph and has been contentious during our previous progress reports. But we would ask for the deletion of this as a recommendation, though we can accept it as a non-recommendation text. Turning to Chapter F on capacity building, being an incredibly important chapter for us and I think for many countries around the room, regarding Paragraph 48B, we would support the proposal by the Netherlands to include… references to including the transfer of knowledge, skills and technology on voluntary and mutually assured terms in that paragraph as a legal edit from our development team. In paragraph C, we would like to see this global cyber security cooperation portal really linked to our future mechanism. We think it’s incredibly important that this portal has ownership and sustainability if we are going to set this up. So we would propose text to replace the word developed under the auspices of the UN with developed under the auspices of the future mechanism for regular institutional dialogue. In paragraph E, we note the proposal here to list voluntary non-binding norms as part of the portal. We would suggest that the UNIDIR cyber policy portal and its national survey of implementation should also be referenced in this paragraph as having also been suggested during our work to be incorporated in the portal by several delegations this year. Noting of course that this survey already exists as a voluntary self-assessment tool for states to track their implementation of the entire framework including the norms and also as a tool for states to identify the gaps and challenges to implementation of the framework which might benefit from targeted capacity building. So really providing that cross-cutting look at the framework there. Regarding paragraph F, again we would like to see this linked to our next process to guarantee its sustainability and ownership of the Global Roundtable. So at the end of the paragraph we would like to see continue to be convened on a regular basis under the auspices of the future regular institutional mechanism, dialogue mechanism. Turning finally to regular, to the recommended next steps of the capacity building chapter. In paragraph 50, we would like to make sure that we are in the efficiency that we are currently looking at in the UN, really trying to think about where we are spending money. So in paragraph 50 we would like to add the words within existing resources or through voluntary contributions at the beginning of the second sentence. So it would read the portal would within existing resources or through voluntary contributions a be practical and neutral and then continue from there. In paragraph 51 again we would like to see a link to the future mechanism to ensure that ownership and sustainability. So we would suggest that in order we would say that the paragraph reads in order to ensure sustained attention to the urgent issue of ICT security capacity building, states recommend under the auspices of the future regular institutional dialogue to convene a future high-level global roundtable etc. And then finally on this chapter I think it’s really important to look at the very exciting proposal we found in paragraph 52. We think this proposal has considerable merit particularly the focus on supporting participation of experts and relevant representatives to engage in our open-ended working group through a UN trust fund. Along with Canada, New Zealand, the Netherlands, the United Kingdom and the United States, Australia has quite literally put our money where our mouth is to concretely and financially support the meaningful participation of experts and relevant representatives to engage in our open-ended working group through a UN trust fund. participation of women delegates from all over the world to come to New York to represent their states in these crucial discussions, both in our current OEWG and also in our 2019 to 2021 OEWG. I personally consider the Women in Cyber Fellowship as one of the most impactful and effective outcomes from both the 2021 OEWG and our current group. But it has not been easy. There have been many delegates around this room who I am incredibly grateful for your patience as over the years we have made a lot of mistakes. We have come across a lot of issues and problems that we didn’t anticipate. We have been developing and evolving this fellowship constantly to respond to these issues. It is really hard work and even after four and a half years the fellowship is very far from perfect. So we would propose textual amendments to this paragraph that are really based on the lessons we have learnt from the mistakes that we have already made in doing this exact thing. Our overarching priority is that any capacity building mechanism is sustainable and that we approach this recommendation with that priority in mind. So we would propose that we start with a secretariat report that gives us all the information we need to set up a sustainable program. And in addition to achieving the complementarities and avoiding duplication which is set out in the paragraph already, we would really like to see a report that addresses some of the key questions that we would like to have answers to from our rather up-and-down experience before we create this new initiative to really make sure that it is impactful. We’d like to know more about the appropriate agency that would serve as the secretariat and actually be doing this work. We’d really like to understand more about the overheads given that that is something that we have been struggling with ourselves in the Women in Cyber Fellowship and around cost efficiency. I think it’s important for us all to understand. the eligibility of access to this fund, how it would interrelate with existing mechanisms and programs. Very important for Australia to put forward money into these sorts of things is the monitoring and evaluation standards. How are we monitoring and evaluating the impact of these? And also, we would very much like to see how this fund and how this program measures up against our consensus agreed capacity building principles. And I think if we can do all of this, we can make sure that we are creating something that is actually impactful and sustainable and really goes forward in putting something together that actually will work for our future mechanism. Finally, turning to the last chapter on regular institutional dialogue. In paragraph 54A, we would like to add to this paragraph at the end, the headings in our paper in the regular institutional dialogue paper. So it would read future permanent mechanism including into ALEA, its guiding principles, functions and scope, structure, modalities and decision making process. We think it’s really important to set out what we have been discussing in our actual report. While we’re very committed to trying to bank as much agreement on the annex in the paper as we can in this session, Australia considers it important to reflect the topics of our discussion in the text of our report as well, not just in the annex. So we’ve drawn this list from those headings in the regular institutional dialogue annex paper. So that even if some of those topics in the paper under consideration are reserved for additional discussion as I’ve heard some calls for over the last week, we do have a clear reference to the progress that we’re making and the work we’re doing to discuss these very important issues within our report itself. Turning to paragraph 54B, we would like to reflect the consensus that we’ve heard in the room, that a single track process is what we are discussing when we are having these discussions. So we would like to insert the word single before future permanent mechanism. And we’d also like to make clear on the face of this text that the discussions that we are having are about continuing these discussions and about the successor process that follows our open-ended working group. So we would request an amendment that sets that out very clearly. So the paragraph would read that we establishment of a single future permanent mechanism to advance responsible state behavior in the use of information and communication technologies in the context of international security under the auspices of the UN First Committee after the conclusion of the OEWG in 2025. Just to make it incredibly clear on our text what it is we are talking about when we say future mechanism without choosing which one, the single one. Finally, on recommended next steps, we would also try to ask to include the words around future institutional dialogue in paragraph 56. So permanent mechanism for future regular institutional dialogue so that it’s incredibly clear on the face of the text what it is we are discussing. I do want to conclude by talking a little bit on Annex C, the paper itself. I’m not going to repeat the comments and proposals that I made last week in the informal consultation. But I do want to propose a couple of very high priority text proposals and respond to a couple of proposals that have been made by others. First in paragraph 1, we think it is very important that the paper sets out exactly what it is. So we would ask that the beginning of this paragraph read, this paper sets out the recommendations. of the open-ended working group on security and of the use of ICTs on elements for the establishment of a United Nations Future Regular Institutional Dialogue. To be very clear that what we are setting out is recommendations in this paper. Regarding paragraph 9, we can support the proposal just made by the Netherlands to combine paragraphs 8 and 9 and to update that language of what was previously paragraph 9 to better reflect the balance of our previous consensus text. I do note that the original paragraph 9 in the text remains of considerable concern to us and this is something that we would not be in a position to adopt. So we thank the Netherlands for proposing some language that bridges the divergent interests and priorities of many countries there. Regarding paragraph 12 on the structure of the future mechanism, Australia is very hopeful that this structure is something that we can agree over the course of this week. We would ask for a couple of tweaks just to amend it so that we are very clear that the decisions are being made by consensus by the group as the plenary group as a whole or the review conference and we think this is particularly important around how thematic groups are set up, how they might report their work and how they might conclude their work as well. I think it’s important to note that the mechanism itself is permanent. That doesn’t mean that the thematic groups necessarily need to be permanent and we should be open to all the various ways that this might work in future. In regards to paragraph 14, I note the concern raised by some delegations around the detail set out of the thematic groups here and I understand some of those issues. So we would suggest that we reframe so that either this decision of thematic groups is left to the plenary meeting. things themselves when they’re set up, or that this is turned into a recommendation of some possible ideas rather than actually deciding to set up these thematic groups. Regarding stakeholder modalities, Australia supports the EU and the Netherlands’ proposals to base the modalities for stakeholder participation on the gold standard from the UN Ad Hoc Committee that is negotiating a convention on cybercrime. We would propose to add a sub-paragraph after 18D as an 18D BIS, which would read, other interested parties, including the private sector, civil society, the technical community, and academia, should be invited to meaningfully contribute to substantive sessions, dedicated technical thematic groups, and review sessions based on the principle of voice, not a vote, given their unique expertise and the technical reality of cyberspace, or ICTs. These stakeholders should be accredited on a transparent, inclusive basis. The OEWG recommends accreditation to be based upon the gold standard set out in Resolution 75-282 of 26 May 2021. The multi-stakeholder community should be consulted on the design of this element. Regarding something very specific on the modalities, paragraph 18 of this paper would mean that we would not need to set out the modalities in paragraph 5 or set those up for future discussion, and that paragraph could instead be amended to provide some details about why stakeholder input can be quite valuable to this process. Finally, I have heard and been very heartened to hear a unanimous commitment to consensus. There have been a few things that have been unanimous across our two days, and that is definitely the strongest one, and I would like to join Australia’s voice to that commitment. Noting that this is not a commitment to consensus for consensus’s sake, but because of what consensus means both to our group and the wider context, in making sure that what we do here advances peace and security in cyberspace through the responsible behaviour of states, which in turn cements our commitment to a rules-based cyberspace. I’ve had the privilege, Chair, to hear you talk about the importance of strengthening multilateralism during a time of instability and flux several times over the last week, and I hope that under your guidance, our commitment to consensus can contribute to strengthening this small patch of multilateralism and the rules-based order that is under the purview of this group, and that is why we are committed to consensus this week. Thank you.

Chair:
Thank you very much, Australia, for your contribution and also for your commitment to attaining consensus. I think all of us share that commitment, I have no doubt, I feel it in my interactions with all of you and each one of you, and that is why I’m feeling quite encouraged after a day and a half of discussions. So thank you for the statement. We’ll continue to press on with our speakers’ list. Zimbabwe, to be followed by Republic of Korea.

Zimbabwe:
Thank you, Chair. Chair, as this is the first time my delegation is taking the floor, let me convey our sincere gratitude to you for the Rev. 1 draft of the third annual progress report of this open-ended working group on ICT security. We thank you for providing this thorough and comprehensive basis for us to take stock of progress achieved during the period under review. It is therefore important for us to achieve a consensus on this report as we did with the first and second annual progress reports. This OAWG has recorded significant progress, including the recent launch of the Points of Contact Directory. As we reflect on the issue of regular institutional dialogue, Zimbabwe reaffirms the overarching need for an open-ended, consensus-based, state-driven, multilateral platform to continue to address the important issues of international ICT security. Ultimately, this process should see us adopting internationally binding norms, rules and principles. Chair, on paragraph 14 of the draft report on Existing and Potential Threats, Zimbabwe concurs with the need to address malicious ICT activities impacting critical information infrastructure. These malicious activities have serious negative impacts on the health, security and economic well-being and the efficient functioning of the government of a target country. Through this OAWG process, it should be an agreed norm that any such attacks, when orchestrated by a state actor, are against international law and against the rules, norms and principles of responsible state behavior. Chair, the imposition of unilateral coercive measures, so UCMs, and their implementation through ICT offensive actions is against the rules, norms and principles of the responsible behavior of states. ICTs, as a means of implementing UCMs, have been deployed to attack financial systems of target states, to promote disinformation, to launch coordinated social media attacks, to encourage insurgency, to weaken a targeted government, and to deny humanitarian assistance and international financial support. Also of serious concern are cybercrime paraphernalia, including ransomware, malware, Trojans. and distributed denial of service, which require our collective resolve to tackle. These threats have intensified in view of developments in the field of artificial intelligence, which may fall into the hands of malicious actors. Chair, my delegation strongly feels that this report should underscore that the imposition of UCMs, including through ICT mechanisms, should not be encouraged in the family of nations. UCMs violate the principles of multilateralism, the same principles that underpin this OEWG. Chair, in view of the foregoing, Zimbabwe proposes that paragraph 17 be strengthened to highlight that UCMs are part of the issues of concern as they are aimed at interfering in the internal affairs of states. We propose the addition of the following sentence at the end of paragraph 17, quote, states further expressed concern about the use of ICT offensive capabilities to implement unilateral coercive measures to destabilize targeted states, unquote. Chair, it is established that the imposition of UCMs is a violation of international law. In that regard, confidence-building measures can only have a sustainable effect when states do not resort to the use of UCMs to target other states and their populations, including through the use of ICTs. My delegation hopes that the issue of UCMs and their illegality, negative and undesirable effects are fully taken into account in this OEWG process. I thank you, Chair.

Chair:
Thank you very much, Zimbabwe, for your contribution. I give the floor now to the Republic of Korea to be followed by Japan.

Republic of Korea:
Thank you, Chair. On confidence-building measures, my delegation welcomes the launch of the Global POC Directory and hopes to see the operationalization of the POC through the nomination of POCs from all Member States. With that said, we believe that the essence of the POC is communication itself, and communication through the POC should not be hindered by the format or type of message. In this sense, as mentioned in paragraphs 42D and 45, the use of the template should be voluntary. Furthermore, we are concerned that discussions on the components and format during the development of a new template may hinder other CBM-related discussions. Regarding Annex B, we commend the Chair’s effort in proposing additional voluntary CBMs to promote the peace and safety of cyberspace, and we would like to support the proposal of Germany on this section. In paragraph 42F, we acknowledge that sharing national views on technical ICT terms and terminologies could enhance transparency and understanding between States. However, we oppose future discussions becoming fixated on establishing unified terminology definitions, as this could hinder opportunities to discuss practical confidence-building measures. On capacity-building, we note that the Global ICT Security Cooperation and Capacity-Building Portal could indeed be a useful tool in enhancing confidence-building and capacity-building measures. However, since we have already launched the portal for the POC Directory, we should incorporate the functions mentioned in paragraph 50, as well as the function, to support self-tracking national implementation of the voluntary, non-binding norms of responsible State behavior in the use of ICTs into the existing portal to minimize the financial burden on the UN. Considering that the current OEWG term ends in 2025, deciding when to hold global roundtables on capacity-building should not be included in this year’s APR. We believe that such technical issues should be discussed during the future regular institutional dialogues. In the same context, a decision to develop a new voluntary trust fund should also take place after the group has concluded discussions on the future regular institutional dialogue. My delegation welcomes paragraph 48I and 53 for incorporating a multi-stakeholder approach in capacity building. As we acknowledge that business, non-governmental organizations, and academia can play an important role in cybersecurity capacity building. Thank you.

Chair:
Thank you very much, Republic of Korea. Japan to be followed by the United States.

Japan:
Thank you, Mr. Chair, for giving the floor again. I’ll comment on sections E, F, and G. With regard to section E, Japan welcomes the operationalization and utilization of the global POC directory as an important step forward in the efforts to build confidence between states at the global level and also as one of the most important developments over the past year in this working group. Among additional voluntary global CBMs, Japan welcomes the exchange of information and best practices on the protection of critical infrastructure and the critical information infrastructure in particular, which is duly included in annex B of the current draft. On section F, Japan reiterates its belief that capacity building is essential for promoting a free, fair, and secure cyberspace in order to maintain international peace and security. Japan has been engaged in various capacity building programs and initiatives. bilaterally or in multilateral settings including through utilizing the ASEAN Japan Cyber Security Capacity Building Center and contributing to the World Bank Cyber Security Multi-Donor Trust Fund for instance. That said, with regard to paragraph 52, I would point out that the idea of establishing the United Nations Voluntary Trust Fund has not been sufficiently discussed in this working group, thus requires further discussion. Coming back to paragraph 48G, currently various initiatives undertaken bilaterally or by international organizations such as Unideal, ITU and World Bank are available for governments to utilize. Regional and sub-regional organization including ASEAN as well as other relevant stakeholders such as GFCE also plays important roles. Therefore Japan concurs on the importance of mapping exercise to utilize these programs and initiatives effectively and we are ready to contribute to such efforts. Turning to section G, the program of action is one of the topics that were most actively discussed in the past year in this working group. The fact that a number of states submitted working papers on POA as part of the discussions on the regular institutional dialogue since last December is a clear proof of efforts to make progress in RID discussion. Therefore, Japan believes those discussions and efforts in the past year should be mentioned in the annual progress report, I stress progress. Regarding the Annex C, Japan would like to express its appreciation for the Chair’s initiative and efforts in presenting a good basis for discussion, yet it still needs some modification in our view. On paragraph 9, reference to the development of additional legally binding obligation needs to be deleted or demodified so as to appropriately reflect the positions stated by many States in this regard. As stated in last year’s APR, this year, too, States discussed the need to consider whether any gaps exist in how existing international law applies in the use of ICTs, and to further consider the development of additional legally binding obligations. Japan therefore thinks it is still premature to conclude that Member States have accepted the development of additional legally binding obligations to be addressed in the future mechanism. On paragraph 12D, the current suggested structure of dedicated stakeholder consultation is insufficient and needs to be amended to reflect the views expressed by many Member States in the past year regarding the involvement of non-State stakeholders. Views suggesting broad participation of non-State stakeholders in the future mechanism need to be duly reflected in the structure of the future mechanism. to incorporate and profit from their rich knowledge and wisdom by enabling their active participation to discussions in the UN arena. Lastly, on Paragraph 14A, as I stated earlier, Japan reiterates the value of formal or informal scenario-based discussions as a productive means of facilitating deeper discussions on international law. This would help continue to voluntarily share national views on how international law applies in the use of ICTs, enhance common understanding in how international law applies in practice, and ensure that discussions on international law will be focused on practical, action-oriented outcomes. Thank you very much, Mr. Chair.

Chair:
Thank you very much, Japan, for your contribution. United States, to be followed by Czechia. U.S., please.

United States:
Thank you, Chair, for your work reflecting the progress that has been made this year in the OAWG on the topic of CBMs. We are supportive of the draft section and have only one comment on the text. In paragraphs 42B and 44, the report should reflect the continued desire expressed by states for the UN POC network to be complementary to and coordinated with regional POC networks. This will help ensure that the UN POC network can build upon the success of regional POC networks, rather than causing duplicative and conflicting efforts. Moving on to the capacity building section, Chair, the OAWG has rightly dedicated much attention this year to the importance of capacity building assistance for states. as they work to implement the framework. To best reflect states’ discussions on this important topic in this year’s APR, we request the following changes. States have emphasized the need for better coordination among various capacity building initiatives. In this vein, we believe it’s important for paragraph 48D to reflect that the proposed catalog to help states identify capacity building needs could be integrated with the proposal for a global cybersecurity cooperation portal and other existing and related online portals. This is consistent with paragraph 48C, which notes that the portal could be harmonized with existing and related online portals. We believe that paragraph 48G on the mapping exercise should also better reflect the need for coordination with existing regional efforts. The role and vision for the UN in this paragraph to take stock of states’ capacity building needs, identify gaps, and facilitate states’ access to capacity building programs is already undertaken by various regional organizations and other UN entities. Accordingly, the report should reflect the need to coordinate with such existing mechanisms to avoid duplication. With respect to paragraph 50, we request that any report from the Secretariat be guided by inputs by states. The proposed portal is intended to provide capacity building opportunities that respond to the needs of member states and will be essential to have member state input and regular feedback to ensure it does so. Moving on, the Voluntary Trust Fund on Security and the Use of ICTs proposed in paragraph 52 is an interesting idea that could support states’ efforts to implement the framework. However, we note that states have not yet substantively discussed this proposal in much detail. Therefore, moving to establish this fund would be premature. While the United States is certainly in favor of multi-donor. our cyber capacity-building programming and funding mechanisms, such as the limited cyber program and the World Bank Fund. We need further dialogue on this proposal to better understand its functionality and mandate. The paragraph should be edited to reflect states’ intent to further discuss the proposed fund, edited to say, to start, quote, states intend to consider the proposal for a UN voluntary trust fund on security in the use of ICTs, end quote. Finally, with regard to the proposals in this section on the portal, the fund, and continuing the roundtable on capacity-building, we strongly recommend linking those proposals to the future mechanism to ensure their sustainability if established. All of these could be useful tools for the future POA. Moving on to the RID section, Chair, we welcome the opportunity to discuss RID, which we and many others view as a critical topic for the OEWG to make progress on this year. In our view, the APR needs to accomplish two things in this area. First is to capture the current consensus on the future mechanism, and second, to provide a clear roadmap for discussions on outstanding issues over the coming year. Recognizing that you hosted an intersessional meeting on RID just last week, I will not repeat my comments from that session, and will instead highlight a few key issues. First, regarding the RID section of the APR itself, we understand the Chair’s desire to keep the section short to focus our attention on the annex. But we feel strongly that the body of the APR should acknowledge the conclusion of last year’s successful POA resolution that a permanent mechanism will be established following the conclusion of our OEWG, with the consensus framework, including consensus GG and OEWG reports as its foundation. Turning to the annex, the section on function and scope requires improvements. In particular, we view the text on functions in paragraph 8 to silo implementation, capacity building, and further development of the framework in a way that is unhelpful, given that these efforts all overlap and build upon each other. Discussions on the framework’s potential further development would need to stem from discussions on its implementation, a continued assessment of the threat environment, and other factors. Discussions on capacity building are directly related to the framework’s implementation. Furthermore, the language in paragraph 9 contains controversial formulations on norms development and needs to be updated. To address these issues, we suggest reframing the content of paragraph 8 and 9 by using language from UN Resolution 7816 OP3, paragraphs A and B, the text of which is based almost entirely on consensus language. We believe this language provides the best example to date on the framework itself, the need to further implement it, and the need for capacity building in that regard, and the recognition that the framework could develop and evolve over time. The new paragraph would read as follows, quote, the main function of the future permanent mechanism is to support states, including through capacity building, in the implementation of the framework for responsible state behavior, which includes international law, norms, rules and principles for responsible state behavior, and confidence building measures. The permanent mechanism would also enable discussions on the further development of the framework, including by deepening common understandings on the norms and how existing international law applies in the use of ICTs, identifying any gaps in those understandings, and if appropriate, considering the need for additional voluntary nonbinding norms or additional legally binding obligations. All of the states in this room have accepted the UN Framework’s 11 norms and affirmed the applicability of international law to state use of ICTs. We do not understand the rationale of some states that resist a mechanism that prioritizes work to uphold and implement that framework. we have all labored to develop. Next, I want to underscore that the essence of the POA and what distinguishes it from the working groups that have preceded it, including this OEWG, is its action orientation. That should manifest itself in its issue-focused working methods. To that end, we have strongly supported the establishment of cross-cutting technical working groups. This action-oriented, cross-silo approach is the essence of the POA and will benefit states as they seek to uphold their commitments to the framework. In our view, we should approach all the thematic groups with a cross-cutting approach, where the POA could identify priority issues or challenges, like critical infrastructure protection and responding to requests for assistance, and tackle those issues in separate, dedicated groups by looking at how all aspects of the framework, including law, norms, and capacity building, could be leveraged to deal with the concern. Therefore, we cannot support the subparagraphs of paragraph 14 that marginalize the cross-cutting approach and reinforce the continued siloing of the framework’s elements. We would prefer to see parts of 14d used as chapeau text with subparagraphs that identify a few key cross-cutting issues we want the POA to dig into. Critical infrastructure protection and responding to requests for assistance seem of universal interest to states and would be good candidates for dedicated work. Moving on, Chair, I would like to reemphasize the critical role of interested stakeholders in these conversations. We appreciate the recognition in the draft paper of the need to incorporate stakeholders from the private sector, NGOs, civil society, and academia, among others, and want to ensure that stakeholders can participate in all aspects of the POA, not just dedicated sessions, and feel the paper needs to state that explicitly. In addition, we also need to ensure stakeholder modalities in the future mechanism promote more inclusive participation than what we have experienced in this. OEWG. Our delegation strongly believes that the new mechanism, the POA, have gold standard modalities for stakeholder participation. Through this modality, state objections to a stakeholder’s participation are subject to transparency and a subsequent vote of all member states to determine whether the prospective stakeholder should be excluded. This will ensure that relevant stakeholder expertise will be available to the POA as it works to help states implement the framework. Finally, regarding the issue of the future mechanism’s consensus decision making, we strongly believe that substantive issues must be decided by consensus, but take note of comments made by some states on leaving specifics to be decided in our next sessions, particularly procedural issues, and with support language in this report that gives us that flexibility. Thank you, Chair.

Chair:
Thank you, United States. Czechia to be followed by Singapore. Okay.

Czechia:
Thank you for giving me the floor, and I would like to comment on all the three sections that we have for today, so E, F, and G, and related annexes. Regarding section E, CBM section, I would like to highlight that the recent launch of the global points of contact directory and the first meeting of the points of contacts together with the first pink text represent a significant development in the CBM section. Regarding the POC directory, Czechia concurs that the focus should now be on its practical functionality. We believe that sharing information would further enhance the effective functioning of the POC directory and improve the directory’s ability to facilitate communication between states. Furthermore, we would like to express our support for the suggestion made in paragraph 42C that a step-by-step approach should be taken to improve and enhance the functioning of the POC directory. We believe that the step-by-step approach should also address the topic of standardized templates. In this context, we have dubs of several countries speaking before me about paragraph 45. We are of the opinion that it requires more profound discussion. We propose to deal with it later in the context of the future mechanism. It was suggested, for example, by Ghana already. In relation to Annex B, I would like to note that Czechia generally agrees with the addition of the new CBMs. In fact, we have previously proposed, for example, CVD as a potential new CBM. However, we would prefer to have a more in-depth discussion on the proposed additional global CBMs in upcoming OEWG sessions or alternatively to transfer this discussion to one of the dedicated thematic group of the future mechanism. Turning to section F, here I will be very brief. I just want to comment on paragraph 52 on the United Nations Voluntary Trust Fund on security in the use of ICTs and support rewarding this paragraph. along the lines suggested in the statement of the European Union. Now regarding Section G, regarding future mechanism, I would like to begin by stating that Czechia supports the establishment of a single-track, inclusive, permanent and action-oriented mechanism under the auspices of the UN upon the conclusion of the current OEWG in 2025. And in our view, this future mechanism should clearly be the program of action which Czechia has supported since the POA was first proposed in 2020. We believe that POA is currently the most developed, the most discussed and the most supported proposal for a future mechanism. We also feel that the long-standing discussion on the POA within the OEWG has helped to shape the POA in the right direction and so far has clarified a number of potential controversial points. In this context, we appreciate that the Annex C on elements for future regular mechanism explicitly mention General Assembly Resolution 78-16 on POA and reflects a number of important points discussed in the OEWG in relation to POA. For instance, we welcome Paragraph 11 and also Paragraph 7, which confirms the importance of stakeholders as well as regional and sub-regional organizations’ participation. Furthermore, I would like to comment on thematic groups of the future mechanism, in particular on Paragraphs 14 and 15. In our view, Paragraph 14 establishes thematic groups in a form that de facto mirrors the current OEWG, Czechia would prefer the thematic groups focus on more specific topics such as the protection of critical infrastructure, cyber incidents response, the applicability of concrete provisions of specific issue under international law in cyberspace and so forth. Regarding paragraph 15, we welcome it in a way that it would allow the establishment of new thematic groups as needed. However, we feel it is important to clarify that the decision about establishing new thematic groups should be made by states at the plenary session, not by HR. And finally, we would like to echo the concerns expressed by some colleagues regarding paragraphs 8 and 9. In light of these concerns, we support the merging of these paragraphs and the rephrasing of their content using the consensus language from the first and second APR as earlier suggested by our Dutch colleagues. I thank you, Mr. Chair.

Singapore:
Thank you, Mr. Chair. I will be making remarks on section E, F and G and related annexes. Mr. Chair, Singapore broadly supports the CBM section, including the additional list of voluntary global CBMs to enhance mutual trust and predictability between states and in reducing misunderstanding and miscalculations. However, we note that many states have little prior experience with CBMs. and therefore it is important to have greater discussion and details on the implementation of these CBMs. The operationalisation and utilisation of the Global POC Directory is an important next step, as mentioned in Paragraph 42C, 44 and CBM 1. It would be useful to also recognise in the APR that the onboarding of POCs is critical to this process. In this regard, Singapore is supportive of building upon existing regional efforts to inform this onboarding process and the further implementation of the POCs Directory. In terms of capacity building, action-oriented capacity building remains key in supporting States across all pillars of the OEWG’s work and future mechanisms. Singapore will continue to contribute actively, recognising the importance of enhancing capacity building programmes, such as on leadership in ICT security, as noted in Paragraph 48B. Singapore also continues to welcome collaborations with interested multi-stakeholders and organisations as key to enhancing capacity building, as noted in Paragraph 53. As a useful resource to facilitating global capacity building, Singapore supports the proposed Global ICT Security Cooperation and Capacity Building Portal as a practical initiative, a one-stop-shop that is harmonised with existing platforms to minimise duplicative efforts, as noted in Paragraph 50. It is also important for this portal to be plug-and-play to allow future platforms to be added and secure to facilitate access. We welcome the request for the Secretariat to prepare a proposal for the development and operationalisation of this portal for the OEWG. further deliberation. We also look forward to the Secretariat’s preparation of a detailed proposal on the Voluntary Trust Fund, as requested in PARA 52. Turning to Regular Institutional Dialogue, Mr Chair, Singapore welcomes the Draft Elements Paper proposed by the Chair. These elements are important to form the sound basis and foundation for the future Regular Institutional Dialogue on ICT Security. The elements proposed in the paper, in our assessment, provide a useful balance between implementing the cumulative and evolving consensus framework, and at the same time provides the necessary mechanism to explore the development of new norms, rules and principles, and responses to future threats as they emerge. We especially think that the paper’s proposal to establish thematic groups, as outlined in PARA 14a to d of the Elements Paper, is important. Structured as they are, such thematic groups will allow States to deep dive into specific cybersecurity topics of interest that require the attention of the international community. However, while welcoming the usefulness of these thematic groups, we note that PARA 15 has also provision for additional dedicated thematic groups to be included as necessary. As a small State with limited resources, we would urge that we should be prudent when considering the establishment of additional thematic groups. We should not overly increase the number of thematic groups, and do so only after careful consideration, given that meetings of each thematic group would place a significant demand on the time and resources of each State, and be unsustainable in the long run. In the same regard, we would also urge the consideration of hybrid formats for part of all of the thematic group meetings where feasible, to reduce the strain of delegations having to travel to New York too many times in the year. Mr Chair, as we have seen, the impact of cybersecurity discussions taking place in the UN is crucial, given that it is the only platform where all States, big and small, have been given a voice to contribute their perspectives. Singapore believes that it is important for us to reach an agreement as soon as possible on the elements to guide our future discussion on cybersecurity to ensure a seamless transition from this OEWG to the future regular institutional dialogue. Thank you.

Chair:
Thank you very much, Singapore, for your contribution. Ecuador to be followed by France.

Ecuador:
Thank you, Chair. I will refer to sections E and F in my intervention. As mentioned yesterday, Ecuador welcomes the technology transfer as mentioned in the report. Speaker, please speak into the microphone. We should mention the operationalization of the global directory points of contact is of great value, and we look forward to a lot of participation in this CBM. We support the recommendation in paragraph 50 on the possible development and operationalization of a portal devoted to cooperation and capacity building on global ICT security cooperation that will allow optimizing existing synergies so that we can avoid duplicating efforts on the subject. This should serve as a substantive tool for all those countries, especially developing countries, and we urgently need to build and strengthen capacity and learn from the use of technology for peaceful ends and its contribution to sustainable development. On the proposal contained in the report, thank you. Paragraph 51, we echo the proposal from Anne Salvador as regards avoiding overburdening the high-level week, we should seek other spaces for the roundtable on capacity building. We also welcome the possibility of creating a fund, as referred to in Paragraph 52, which should allow us to make initiatives for CBM a reality and should welcome experts, especially from developing countries, in our debates and discussions of the working group and the future permanent mechanism. We understand that its governance and its establishment should be broadly discussed, however, for our delegation, it is plausible for it to be understood and for us to discuss the urgent necessity that exists surrounding this. Chair, at each session of this plenary session, we have reiterated the need to ensure full and meaningful and effective participation of women in equal terms on consultations on cybersecurity and also other aspects, including cyberspace, amongst their components. In this regard, my delegation welcomes and highlights the substantive participation of women from all regions in this forum. This has been largely supported by the Women in Cyber programme and I am a willing participant to it, and my delegation wishes to express its thanks for this initiative. Thank you, Chair.

Chair:
Thank you very much, Ecuador, for your contribution. France to be followed by Fiji.

France:
Mr. President, Chair, my delegation aligns itself with the statement made by the European Union and would like to make the following comments in its national capacity. I will try to make them as brief as possible in order to be concise. With regards to confidence-building measures, France is ready to support the Chair and the future mechanism in order to maximize the benefits of the point-of-contact directory. This tool must not be overloaded, which could render it inoperative. In particular, in paragraph 42, we will be vigilant in order to ensure that the scope of the POC network is not extended without due coherence. For example, we would like to point out in paragraph 42B the strong resemblance with certain existing national CSIRT networks, which also have a directory with a contact procedure in the event of an incident, in particular, FIRST. We should prioritize precise wording. For example, using the terms tools or network would seem preferable to the term platform for the acceleration of CBM implementation, as stated in paragraph 42B. In paragraph 42H, we welcome the spirit of innovation and would like to add a mention of the future mechanism, which will also have to tackle CBM implementation in an innovative way to continue building trust. In paragraph 45, we would like to emphasize the complexity of developing communication models, including at the regional level, as the Jal Erman delegation has pointed out. While such models could be useful in principle, their format needs to be agreed through a substantive discussion between states. On capacity building, France’s longstanding position is that this is a priority issue and should underpin all discussions. regarding the Future Mechanism for Regular Institutional Dialogue. We welcome the inclusion of the notion of voluntary reporting in paragraph 48E, the aim is to implement the logic of a virtual cycle which we have proposed for the future mechanism at the March session. With this approach, we can collectively draw lessons from the implementation of the normative framework. In paragraph 48G, we see an opportunity to clarify that the coordination of capacity building activities at the UN level will take place within the framework of the new mechanism as set out in the Programme of Action Proposal. This would allow to clarify the second sentence as follows. The Code states underscored that further coordination of capacity building efforts in ICT security was required and that the future mechanism under the auspices of the United Nations could play an important role in such efforts. The results of the mapping exercise carried out by the Secretariat need to be made sustainable. It is necessary to go beyond a general statement by attaching this coordinating role to the future mechanism to make it operational. We note the proposal to establish a dedicated voluntary fund in paragraph 52. For several years, POA supporters have been promoting the principle of a trust fund to support the implementation of the normative framework as an integral part of the POA, and we welcome the growing attention and support given by many delegations to the establishment of a dedicated funding mechanism. The question of how such a fund would fit in with existing mechanisms, such as the World Bank Cybersecurity Multi-Donor Trust Fund to name but one example, needs to be discussed further, however, in order to avoid any duplication or crowding out effects. In addition, initiatives or projects financed by this instrument must correspond to a precise mandate, which remains to be defined within this OEWG with a view to the uprilization of – within the framework of the future mechanism. Such a fund could also be inspired by the UN Trust Fund Supporting the Cooperation on Arms Regulation, or UNSCAR, created in 2013 with the aim of financing projects to support the implementation of the POE on small arms and light weapons and the Arms Trade Treaty. Funds could therefore support incremental drafting so that the OEWG commits to studying the relevance and possible modalities of such a fund. This work would be carried out between now and the end of the OEWG’s mandate in order to pass the baton to the future mechanism, whose primary function would be to support states’ capacity to implement the agreed normative framework. We therefore support the revised wording proposed by the EU. On regular institutional dialogue, to save time, I will highlight the points we raised at the intersessional meeting on July 1st, which we will transmit in writing in its entirety. First, in paragraph 8a, France believes that the order of the function should be reversed to reflect the discussions within the OEWG, and the highlight should be placed on the implementation of the normative framework in order to allow for its development in a clear manner. In addition, this function could be drafted in a sequence manner set out in Resolution 78-16, which largely takes up the language, consensual language, from 76-19. Secondly, the thematic groups need to be made more cross-cutting. It is necessary to reformulate the objectives of these groups in a more active way and to give the plenary the possibility of creating new groups, including for a limited time period. The practical arrangements in paragraph 18 could be detailed further so as to create points of consensus, such as the idea of dedicated resources for the secretariat of the mechanism. This would make it possible to reintroduce support for states in their voluntary reporting efforts, which was something that was removed from this version. However, other issues require more detailed discussion, such as the precise role of the mechanisms chair and vice-chairs. Thank you very much.

Chair:
Thank you very much, France, for your contribution. Fiji, to be followed by Brazil.

Fiji:
Mbulwana Kachin, distinguished colleagues, thank you, Chair, for giving us the floor. Chair, in hearing the rich proposals after we took the floor yesterday, we’d like to further support the proposal from Belgium regarding paragraph 28 on exchanging views on the harm to individuals and society caused by malicious cyber activities. With regards to section 6, section C, sorry, Fiji strongly supports the voluntary checklist of practical actions for the implementation of voluntary non-binding norms of responsible state behavior in the use of ICTs in NXA, and finds it valuable as it provides a useful tool for states, and it should be a living document, and welcomes paragraph 30C, which captures this already. To cement its voluntary nature, Fiji agrees with the proposal from Australia to place voluntary before checklists, wherever it applies. Fiji can attest to the seamless application of the checklist, as we have also mapped out our efforts in the progressive implementation of norms that we’re currently doing. And two key efforts that I would like to highlight, particularly for international cooperation, is that earlier this year, we also communicated our points of contact for the UN Directory of Global Points of Contact. Secondly, on the 20th of June, Fiji deposited our instrument of accession to the Budapest Convention, and have designated our 24 by 7 network points of contacts. And we’d also like to take this opportunity to congratulate Kiribati, our Pacific… neighbor who has also joined as a state party to the Budapest Convention. Chair, for developing states who are making significant strides in the implementation of rules, norms, and principles of responsible state behavior, this checklist is a practical tool to not just benchmark our efforts, but to also provide further guidance. Now given our constrained resources and the competing priorities, implementing existing norms continues to be a priority for Fiji, and we welcome support to developing states, including further materials for consideration, as outlined in paragraph 32. An example which is already captured under Norm J is for further materials to be considered on the development on vulnerability disclosure policies and programs and systematic awareness campaigns. And we also echo several delegations in giving the proper weight to implementing existing norms. Chair, given that majority of critical infrastructure and critical information infrastructure are owned by the private sector in Fiji, we welcome paragraph 30 sub E and the recommendation from a number of delegations on the importance of public-private partnership. Fiji is in the process of reviewing its designation of critical infrastructure and critical information infrastructure and supports language proposed by Australia to substitute classification with voluntary designation and looks forward to continued support to developing states in this regard, and we welcome further language in this regard. We support for the paragraph. We also provide support for the paragraph on basic ICT hygiene to be reinstated, and this was in paragraph 29 sub D of rev zero of our report, as proposed by Canada and supported by several delegations. This is a crucial element, and we’d also like to refer to the 2023 Microsoft Digital Defense Report, which stated that basic hygiene practices protects 99% against 99% of attacks. Fiji agrees, Chair, with your balanced approach regarding the holding of intersessional meetings and in considering smaller delegations of one or two, which is is usually the case for smaller island developing states. With regards to Section E on confidence building measure, Fiji attaches great importance to this and to the POC directory and supports the initial list of voluntary global confidence building measures that’s in NXB. Like our intervention on focusing on existing norms, we also echo statements of other delegations on the need to focus on existing CBMs as a starting point and to tangibly measure our progress. As I’d mentioned earlier, Fiji has nominated our point of contact. And in that regard, we welcome the paragraphs in Section E and also echo other delegations like Mauritius and Argentina in strongly supporting paragraph 42 sub C for the support to POCs from developing countries to attend in-person meetings. Chair, we do request that should there be hybrid meetings, that meetings are scheduled considering the diverse time zones. Regarding paragraphs 42D and 45, we understand the diverse perspectives by delegations. We support the proposal by Ghana, and we do see the value in having a minimum set of protocols or information, in particular for states who are new to having points of context. And we also thank and support the language that’s been proposed by Netherlands on the sharing of templates by regional and subregional organizations, and note that this would also meet that need. Fiji also supports the proposal by Netherlands on paragraph 48 sub B. With regards to Section F, Fiji generally agrees with the draft text in Section F and welcomes the voluntary trust fund in paragraph 52 or a similar mechanism to ensure consistent and meaningful participation of all member states. And we look forward to having further discussions in this regard. With regards to Section G, Fiji strongly supports the future single track permanent mechanism, and we note the progress undertaken with the POA. Chair, we thank you for the session last week. Can we support the proposal by Australia on paragraph 18 sub D BIS in NXC regarding the participation of stakeholders? With that, Chair, we’re also intently listening to the proposal made by member states and will continue to be actively participating in that regard. Thank you and binaka.

Chair:
Thank you very much, Fiji, for your contribution. Brazil to be followed by Malaysia.

Brazil:
Thank you very much, Chair. My delegation thanks this opportunity to make comments on sections E, F and G of the draft APR. We once again appreciate the efforts you and your team on the Rev. 1 of this text, of which we’re largely supportive. On confidence building measures, we welcome the references to the establishment and operationalization of the points of contact directory. We support the language on supporting the participation of POCs from developing countries in in-person meetings and see value in the creation of communication templates to help optimize the directory. On capacity building, we welcome in particular in their current wording, paragraphs 48A on the centrality of the capacity building principles and the importance of gender perspective and 48B on the importance of a recipient driven approach. We also welcome the reference to a voluntary trust fund. On regular institutional dialogue, while we recognize that we still have a year left and that some issues might require further refining, we believe it is extremely important to make progress on our debates on the establishment of a permanent and inclusive mechanism within the UN to debate the security of ICTs. We welcome your revised paper with draft elements, which overall strikes a good balance in making the progress we need while leaving room for further debates over the next few months on issues which are still open. and have some specific suggestions to propose in this regard. While we fully support the concept of dedicated working groups for in-depth discussions on specific issues, we are, as previously stated, concerned that having at least four simultaneous working groups, possibly more, could prove a considerable challenge for the meaningful participation of smaller delegations in the debates. Given this concern, and the fact that there are still different opinions on the specific subjects that those working groups should debate, we would suggest deleting paragraph 15 of Annex C and shortening paragraph 14 to mention the groups without specifying at this stage their subjects. We also believe that other stakeholders can bring valuable contributions to our debates, always under the principle of a voice, not a vote. It is key, however, to ensure that we have a balanced representation of those stakeholders to ensure that those from the developing world also have their voices heard. In this regard, we would propose adding on paragraph 6 on the first sentence, so other interested parties, including businesses, non-governmental organizations and academia, could contribute to any future regular institutional dialogue as appropriate, taking into account the principles of transparency and equitable geographical representation with due regard for gender parity. This language comes from the Modalities Resolution of the ETA Committee. Finally, on paragraph 7, we would suggest a small tweak to recognize the role of regional organizations in implementation of the framework for responsible behavior by replacing could in the first sentence with will. We also very much support Australia’s proposal to include the word single to describe our mechanism. The complex challenges to peace and security posed by the malicious use of ICTs need a unified response for the international community. Fragmentation would disproportionately overburden smaller delegations, risking a lack of diverse and representative number of views needed for discussion. effectiveness. Despite some differences in views expressed in this room, Brazil is happy to see the discussions on regular institutional dialogue advance within the group, where they must remain, as this is the body with a mandate by the G.A. to discuss and establish such a framework. In this regard, we reiterate our proposal to have a moratorium on First Committee resolutions on this issue until the end of the Open and Working Group’s mandate, and thank the delegations which have supported it so far. We believe that the progress we are making on our debates here today shows that there is no need to take our discussions outside the group. I thank you.

Chair:
Thank you very much, Brazil, for your contribution and also for reminding all delegations about your proposal for a moratorium with regard to actions in the First Committee, which only serves to underscore and underline the importance of the work that we are trying to do here and the absolute need for us to attain consensus and to show progress on regular institutional dialogue. And that is something that all of us should keep in mind as we get ready for the end of the week. Thank you for that, Brazil. Malaysia to be followed by the Islamic Republic of Iran. Malaysia, please.

Malaysia:
Mr Chair, Malaysia will comment on Section E, Section F. Malaysia joins others in welcoming Paragraph 42B on the Global Intergovernmental POC. We agree on the importance of targeted capacity-building and awareness-raising to encourage and expedite the onboarding of States to the POC Directory. In this regard, we support Germany and others on the need for us to focus at this very early stage on advancing the implementations of the Global POC Directory as well as on implementing the already agreed sets. of CBMs. We also welcome the language proposed by Germany on proposed CBM 5, 6, 7 and 8. We agree with the Netherlands on adding language to Para 42B to acknowledge the existing communication channels. We share Mauritius, Argentina and Fiji and others’ views on the importance of support to enable in-person participation by developing countries in POC meetings, as reflected in Paragraph 42C. We further support the proposal from the UK to amend the first sentence of 42C with a view to better understanding the impact of the POC directory. We welcome the recommended next step in Paragraph 44. We are still evaluating the proposal for developing standardised templates, reflecting on our experience in the ASEAN Regional Forum POC directory. Malaysia believes there is merit in indicating certain processes and procedures while leaving it to states to determine how best to proceed without a specific template. However, there may be value in exploring a standardised template at a later phase once we have more experience with the global POC directory. In this regard, we support the proposal to learn from regional experience, as proposed by Netherlands and others. On Section F, Capacity Building, Malaysia welcomes the section on capacity building. We support the proposal by Australia to link Paragraph C, F and 51 to the future permanent mechanism. We look forward to review and discuss the proposal to the development and operationalisation of a dedicated global ICT security cooperation and capacity building portal in March 2025, as per mentioned in Paragraph 50. We support Paragraph 48I, recognising the importance of states’ work with interested stakeholders. holder, Malaysia values and has benefited from Track 1.5 deliberation aimed at completing states’ deliberation on ICT issues, including the recent workshop by UNIDIR on the Future Permanent Mechanism, which is an important topic that we discussed this week. Moving to Section G, RID, in principle we welcome the proposed structure comprising substantive plenary session and dedicated thematic groups, inter-sessional meetings and stakeholder consultation, as well as review conference. This structure appears well-suited to enabling deeper and more focused deliberation on particular issues, whilst maintaining an avenue for broader political or strategic discussion in a plenary format. We also appreciate the reference to the contributions of non-governmental stakeholders in paragraph 6, with modality to be determined in due course by consensus. As to the substantive focus of the dedicated thematic groups, my delegation is presently studying the four topics set out in paragraph 14 of the Ref 2 paper. On this connection, we believe the thematic groups should leverage as far as possible on the deliverables already achieved by this OEWG, including the global POC directory. For instance, member states work to operationalise the directory potential new issues may emerge through the meetings of the technical or diplomatic POCs. If states feel that such issues are ripe for consideration by a dedicated thematic group, we may then decide to establish such a group and to tailor its scope and timeline of work accordingly. Malaysia acknowledges the value of further deliberations on how the thematic working groups may be developed. designed to ensure optimal effect once there is agreement in principle on the overall structure of the permanent mechanism, which would be an important milestone in itself. Consistent with the incremental approach of the OEWG, this could provide a solid basis for developing a constituent part of the future mechanism, allowing States to fully understand their distinct values and how they relate to each other. Mr Chair, Malaysia reaffirms the importance of establishing a permanent, single-track mechanism under UN auspices to take forward the work of the OEWG upon the conclusion of its mandate. We hope that all delegations will continue engaging in a constructive spirit at this critical juncture, so as to achieve a meaningful consensus APR and avoid reoccurrence of competing resolutions on the ICT security in the First Committee of the UNGA. Rest assured, Mr Chair, Malaysia’s full support in this regard. Thank you.

Chair:
Thank you very much, Malaysia, for your contribution. Islamic Republic of Iran to be followed by Russian Federation.

Islamic Republic of Iran:
Thank you, Mr Chair. Allow me shortly to stress our position about the checklist of practical actions as it is contained in Annex A, and I will address the Annex C in a more detailed manner. My delegation, among others, strongly favor postponing the checklist of practical actions. Addressing a lengthy checklist of 11 norms requires more time and careful consideration. These checklists may eventually serve as tools for assessing a State’s responsible behavior. Therefore, we believe that the State should have the full right to engage in a negotiated checklist before they might be assessed based on the elements of the checklist. Consequently, we propose that the most appropriate place for discussing this matter would be within the next mechanism. By doing so, we avoid delving into detailed discussion of such a weighty checklist as time constraints prevent us from having a meaningful, interactive, and negotiated discussion on topics. Finally we support the establishment of a trust fund proposed in paragraph 52. This afternoon we’ve heard a delegation request to postpone the proposal for the trust fund to address its various aspects. That was an understandable request given the potential legal and financial implication of such a trust fund for some countries. Similarly, how we can expect the bulk of a checklist for 11 norms with vast legal and technical ramifications for many states, including developing ones, to be adopted without true negotiations. Therefore we expect the same understanding when a group of countries request to postpone discussion on checklists, which has far-reaching implications for almost all states. Mr. Chairman, allow me to address Annex C now. The establishment of an institutional dialogue is a critical and delicate task. It demands careful legal and political consideration. Its success hinges on a balanced mandate and clear substantive and procedural directions. The mandate of any multilateral institutional structure is crucial. Therefore we advocate for a well-balanced mandate for any future mechanism. The language of subparagraph 8 is ambiguous and susceptible to various interpretations. States require a clear understanding of the specific rules and norms they are expected to implement. They also need to be assured on the rich operational framework. they must act. While rules and norms may evolve, the frameworks governing their implementation should remain stable. Similarly, without clarity in subparagraph A, subparagraph B remains uncertain. Subparagraph C changes the well-established notion of capacity building to strengthen the capacity of all States to develop and implement the cumulative and evolving framework. The deletion of the word building from the established terminology may alter its intended nature. More importantly, subparagraph C links capacity to the implementation of the cumulative and evolving framework. However, capacity building is a pre-implementation phase that assists developing countries in reaching the level of technology, information, and knowledge needed to implement norms and rules concerning ICT security. Capacity building should not be detached from the well-established notion of international cooperation, which includes information and knowledge sharing, as well as technology transfer. Our commitment to international cooperation and equitable progress will determine our collective resilience in face of evolving ICT threats. Therefore, we stress that international cooperation and assistance should be an integral part of the mandate of any future regular dialogue, including the mechanism as you proposed. We propose the following sentence to be regarded as new subparagraph D, and I read that. Facilitate international cooperation and international assistance to enhance ICT security and implement the cumulative and evolving framework of State-responsible behavior in the use of ICT. Furthermore, despite the consensus among States to address the crucial concept of confidence building measures, which serve as a fundamental pillar of many international instruments in the field of international peace and security, it has been conspicuously absent from the function and scope of proposed future mechanism. Therefore, we consider it important for the success of the future mechanism to have a mandate under Paragraph 8 to address CBMs as a pillar of any future mechanism. The proposal to hold the dedicated thematic groups requires further consideration. All issues and topics related to the use of ICT and ICT security are highly interrelated and integrated. As you rightly mentioned during yesterday’s discussion, it is evident that delegations from developed countries possess the necessary capacity and expertise to effectively address specific issues. In contrast, many developing countries face challenges in engaging comprehensively across various thematic areas. This fragmented approach risks advancing some topics while leaving others behind. Therefore, it is imperative to aim for a unified framework to ensure a comprehensive and inclusive discussion. We prefer to have two-week substantive plenary sessions to address all dedicated topics within a unified framework rather than separating them into different times and different places. For developing countries, it is extremely challenging to attend different meetings at various times and locations. Additionally, such separation may lead to a fragmented approach to ICT security and its use. Therefore, we strongly prefer longer plenary meetings to address all dedicated topics in a unified and comprehensive manner. We also believe the annual plenary meeting can rotate between New York, Geneva, or Vienna. During this OEWG meeting, As well as previously meeting, developing countries have voiced their concern about the ever-increasing digital gap between developed and developing countries. Despite this, there is no specific reference to thematic items for international cooperation and assistance. Therefore, we would like to see international cooperation and assistance in the field of ICT included as thematic issues. We would like to emphasize that the next regular institutional dialogue should be a state-driven process. Therefore, dedicated stakeholder consultation cannot be an integral part of the next mechanism. The chair of the next mechanism, in consultation with the state parties, may propose convening such a stakeholder consultation. Therefore, we propose to move this paragraph from paragraph 12 and amend it as follows to be paragraph 15b. The chair, in consultation with the states, may propose a dedicated stakeholder consultation of at least one day in a length and the rest remains as it is. Paragraph 15 needs to be amended and I read it. In addition to the dedicated thematic group specified above, the chair of the open-ended action-oriented permanent mechanism could propose to states to convene additional dedicated thematic groups with a fixed duration to be led by facilitators based on the chair’s proposal and adopted by states to engage in focused discussion on specific issues as necessary. We wish to propose a small amendment to paragraph 18d and it reads as follows. Formal meetings of the permanent mechanism are to be alternately convened at UN headquarters in New York and Geneva or Vienna. We also propose amending paragraph 20 as follows. The decisions could be put forward by a state or a group of states at any time during a substantive plenary for adoption on a consensus basis. And there is no difference between the substantive or procedural issues, because if we move in that direction, definition of what is substantive, what is procedural, would be very difficult to differentiate. So I would like to read that, the amendment in subparagraph 20. And the last point that I raised was in reaction to a proposal that I heard that the consensus might be on substantive and not on the procedural one. We propose amending paragraph 20 as follows. The decisions could be put forward by a state or a group of states at any time during a substantive plenary for adoption on a consensus basis. The chair will facilitate the decision process. And we would like to present our amendment in written to you, Mr. Chairman. And thank you.

Chair:
Thank you very much, Islamic Republic of Iran, for your comments. Just one specific point by way of reaction. I think it’s worth keeping in mind that even as we speak, the UN is engaged in negotiations on a global digital compact. And all our countries and delegations are involved in that negotiations, which is to be adopted at the summit of the future. So in a sense, the global digital compact is intended to provide an overarching framework for countries to address the digital divide. in the context of accelerating implementation of the SDGs. So there is an overarching process that is taking place even as we speak. So our challenge in this working group is to look at ICT security from the perspective of international peace and security. In other words, from a first committee perspective. So yes, international cooperation on ICT issues to address as well the digital divide and to build resilience, cyber resilience in the context of ICT security from the perspective of peace and security. So I think it’s worth keeping that in mind because I think the working group, if we are expected to address the larger issues of digital cooperation or international cooperation in the digital domain, then we are taking on a burden that we may not be able to discharge. So I thought I will just mention that Islamic Republic of Iran. It’s not that I’m disagreeing with what you have said, but I think it’s worth all of us keeping in mind that in this working group, we stay very focused from the perspective of international cooperation from the point of view of ICT security in the context of international peace and security, which is the mandate of this working group, open-ended working group, so that we cannot resolve all the issues, but we can and must resolve some of the issues as it relates to our mandate. Islamic Republic of Iran, would you like to come back, please?

Islamic Republic of Iran:
Thank you, Mr. Chairman, for the clarification. I fully agree with you that in this forum we cannot address all aspects of the ICT. But since you refer to the disarmament instrument, in all disarmament instruments, the international cooperation has a very high placement. In NPT, Article 4 of NPT, in the Chemical Weapon Convention, Article 11, in Biological Weapon Convention, Article 10. So in all of the issues, international instrument on disarmament, so the international cooperation and assistance is a basic pillar in order to balance the both aspects of the negative aspect and the positive aspect of that one. I just wanted to, while I concur with you in general, but specifically even in the first committee, this issue is one of the basic pillars that always have been discussed. And in the very, very basic disarmament instrument, the international cooperation has been enshrined. Thank you, Mr. Chair.

Chair:
Thank you very much, Islamic Republic of Iran. I think that was helpful, and I hope helpful for all of us as well. Let’s move on with the speaker’s list. Russian Federation, to be followed by Pakistan.

Russian Federation:
Thank you, Chair. I would like to comment on the sections of the report dedicated to capacity building and regular institutional dialogue. Given the importance of capacity building in the sphere of ICT use for the majority of UN member states, we believe it would be unreasonable to limit the relevant OEWG efforts to the implementation of the framework of responsible behaviors of states. I have referred to paragraph 48 It is unacceptable in our view to make the provision of assistance to states conditional on their voluntary assessments of some sort of information security at the national level. And that’s referred to in paragraph 48B. Instead, we recommend stressing the importance of respect for states’ sovereignty and strict observance of their national legislation in providing assistance in the field of ICT security. The text should also reflect that it is unacceptable to limit states’ access to advanced ICTs and to entrench their technological dependence on countries dominating the field of IT. It is also unacceptable to increase the digital divide, including through the monopolization of the ICT market by certain states and or by private companies with their assistance. That’s paragraph 48B. We support the proposal to establish a permanent online portal on ICT security under UN auspices, but only provided that it will be strictly informational in nature. Alternatively, it would subsequently replace the OEWG web page after the expiration of its mandate. It could be useful as a repository of states’ position papers on ICT security, as well as a calendar of events related to this topic, and if consensus is reached on this, a catalog of states’ capacity-building needs. At the same time, what worries us in the current version of the draft report is the evolution and the vagueness of the proposed functions of such an online resource. We believe it is unjustified to propose focusing its activities on states’ implementation of voluntary, nonbinding rules, norms, and principles of responsible behavior in cyberspace, including through the creation of certain self-tracking tools, as referred to in paragraph 48E. In principle, we support the idea of establishing a voluntary trust fund of the United Nations on security and the use of ICTs. We believe that its main goal should be financing specific capacity-building programs for states in this area. It could also be used to sponsor the participation of national delegations in OEWG meetings in order to exclude the possibility of political pressure being exerted on recipient states by states providing such assistance directly or bilaterally, as is proposed in the current version of the annual report. We propose deleting the relevant provisions that I refer to, paragraph 51 in particular. We also believe that discussions on launching the trust fund would only make sense after states reach agreement on the general parameters of how the future negotiation mechanism on ICT security would function, paragraph 52. We also disagree with attempts to overstate the role of non-governmental stakeholders in capacity-building efforts in the field of ICT security and to present them and portray them as full-fledged participants in negotiations on equal footing with states. I refer to paragraphs 48i and 51. On the section on regular institutional dialogue now, Mr. Chair, we believe that defining the parameters of the future negotiation process on security and the use of ICTs at the UN is our main goal for the current OEWG session. We welcome and support the Chair’s efforts to find compromise solutions on this issue. NXC, devoted to the format of the mechanism that would replace the group, requires some stand-alone but important changes. First of all, it is necessary to clarify the functions of the future mechanism. It is necessary to clearly state the intention to create international norms for regulating cyberspace activities, as well as the incorporation of already agreed voluntary rules of responsible behavior into national legislation. I refer to paragraphs 2, 7, 8 in NXC. The capacity-building functions of the future mechanism, as I said in the context of the capacity-building section, should not be limited simply to the implementation of the above-mentioned norms. Rather, they should be aimed at providing assistance to states. in strengthening their national ICT security in the broadest sense. That is paragraph 8C. Overall, the activities of this new entity should not be built around a certain, I quote, action-oriented program, end of quote, which states have not even discussed at this point. Instead, it should be aimed at developing practical measures to promote an open, secure, stable, accessible, and peaceful ICT environment. Engagement with regional organizations, let alone non-governmental stakeholders, cannot be considered as one of the functions of the future mechanism. I refer to paragraphs 11, 12D, 14C. The mechanism will function under the auspices of the First Committee of the General Assembly and will deal with issues that directly affect the national security interests of states. Therefore, the role of non-governmental organizations in the process that is being established should remain purely consultative and informal, and their participation in discussions can be carried out based on the modalities that were the subject of a hard-won agreement within the current OEWG. We call on member states not to rock the boat on this issue. We believe that it is unacceptable to attempt to impose on this group or on the future mechanism standards for engagement with NGOs that emanate from other mechanisms within the UN system under the guise of certain golden standards. We oppose creating a dedicated thematic group on a so-called cross-cutting approach to ICT security. That is paragraph 14D. The activity of that subgroup would clearly duplicate discussions under all the pillars of the mandate of the future mechanism and distract states from its implementation. We support the idea of the possibility of convening time-limited subgroups, but only pursuant to a decision by states and on the basis of consensus. Paragraph 15. We propose taking another look at the idea to nominate chairs and vice-chairs for the entire review cycle or to reduce the cycle to three years. This would spare states the need to hold regular elections and will allow to elect chairs that will be able to take a more responsible approach to planning their term and be more motivated as well as have enough time to agree on practical decisions. In our view, it would also be useful to provide for the possibility of extending the sessions of the new body devoted to negotiating biannual reports to two weeks. This would lower the risk of failing to reach consensus due to a simple lack of time. Finally, we believe it would be advisable to launch the Future Mechanism in early 2026 rather than in December of 2025. I refer to paragraph 19. This would allow us to build upon the final report of the existing OEWG what would be endorsed by the GA by that time without prejudging the outcomes of its work. Mr. Chairman, in conclusion, I would like to note that the Russian delegation is very perplexed by the statements made today by a number of states in which doubt was cast on the commitment to the principle of consensus in the context of discussing the parameters of the Future Negotiating Mechanism. We’re of the view that relevant agreements and a relevant agreement was reached by consensus last year and that the current OEWG has shown the effectiveness of using a consensus-based mechanism for decision-making. A clear example of this is the agreement on the decision on established of the Global Directory of Points of Contacts, POC, which was adopted and established this year. Thank you very much.

Chair:
Thank you very much, Russian Federation, for your various detailed comments. Please do share your comments. with the secretariat and the chair’s team, as well as with other interested delegations. I think there continues to be some discussion on the length of the tenure of the chair’s term, plus also a discussion about the length of the ideal substantive plenary session. The current draft says a substantive plenary session lasting for one week. If there’s a desire to meet for more than one week, I think that’s easily done by drafting it such that we say lasting for at least one week. I mean, these are details which will evolve as we proceed in the discussions, but what I know from many decades of working at the UN is that four weeks is not enough if you give delegates four weeks. Three weeks is not enough if you give delegates three weeks. So I think you want to keep that in mind. I think the question that was also raised by the Islamic Republic of Iran is the question of whether you have a series of meetings over a period of time, which means you are travelling back and forth, or do you consolidate a few key clusters of meeting periods. But that, too, will evolve with practice, I imagine. When I convene more meetings, the feedback I get is that there are too many meetings. And when I cut the meetings, the complaint is that you want more meetings. So there is a certain… schizophrenia that is inbuilt in this process, but also in every process I’ve seen. Because when people cut the number of meetings, you feel that you’re losing out and you need more time. But when more time is given, the same issues are going to be resolved on the second week on Friday evening. So I’m not dismissing what you’ve just said, Russian Federation, but I think these are details that we can approach with a certain level of flexibility. And you said that you prefer a chair to serve for three years. Initially you wanted four years. Maybe tomorrow I hope you could change your mind to two years. It’s a question of would you be able to find a chair who would serve for three years, or even two years. Maybe this working group is not a good advertisement for future aspiring chairs, because people have realized how torturous the process is. But all of you have been very kind to me, so perhaps it is a good advertisement for aspiring candidates for the future chair. But again, I think these are issues that one needs to approach with a certain amount of flexibility. And that’s why you have a review conference as well. I think the key really is getting the functions and scope right. But even then, that is something that could be reviewed along the way. Because if we don’t start with some understanding of the function and the overarching mandate, then it will be difficult to get started. But you can also… evolve these things as part of the practice, but also as part of the review conference. So my appeal to everyone is to keep an open mind. I think we focus on the functions and scope. I think that is important for everyone. That’s my sense. And we need to agree on a substantial set of elements that will give everyone the confidence that in October this year, when the first committee adopts the report, assuming we adopted ourselves by consensus in a few days, and when the first committee adopts our report, everyone has confidence that there’s going to be a seamless transition. And we have to provide that visible pathway to a seamless transition. But if we don’t agree on enough elements, there’s, of course, the risk of a very litigious scenario in the first committee. But also, you may start a process in 2025, December, or 2026, where the chair will spend the next two years discussing, debating modalities and mandate. And that would be a waste of everyone’s time, because we won’t be able to have that seamless transition in terms of continuing the substantive, action-oriented work. So also keep that in mind. So if I’ve put a lot of these elements, it’s not to satisfy my… My desire to have a lengthy document, it is in order to provide clarity for all of you, but also clarity for the presiding officer of the new mechanism as to what exactly needs to be done. So it is important that we pre-design some of these things precisely to avoid a big fight on the first day of the new mechanism. And that would be very inauspicious for the new mechanism. And I certainly would not wish that on my successor. Because if that were to happen on the first day, the successor might just quit on the spot and you will have to look for another person. But apart from that, I think it’s a question of doing enough to ensure a seamless transition. So it’s easy to postpone everything. It’s tempting to micro-manage all the details now, but we need to find a balance. So keep that in mind, folks. Let’s take maybe one or two more speakers. Pakistan, please.

Pakistan:
Thank you, Chair. I will be commenting on the Section G. At the outset, let me express Pakistan’s deep appreciation for the revised drafts element for the open-ended, action-oriented mechanism on ICT security in the context of international security as an XC in the APR. Pakistan maintains a consistent position on the topic of regular institution dialogue. Pakistan believes that the discussions on future platform concerning ICT security and related topics must be guided by the principles of state-led participation, consensus-driven decision-making, and multi-stakeholder involvement. Pakistan supports that the mandate of future institution dialogue should include existing and potential threats, norms development, international law, including discussions on legally binding instruments, capacity building, and CBMs. We strongly support the proposal that future regular institution dialogue should be a single-track state-led permanent consensus-driven mechanism under the auspices of the UN. Chair, however, Pakistan seeks further discussions on the function, scope, and structure of the future mechanism as envisaged in the elements paper. The proposal to establish dedicated thematic groups, the mandate, the number of meetings and appointment, or election of coordinators or facilitators of such groups may be discussed in the upcoming sessions of the OEWG. Pakistan would like to highlight that it will be difficult for certain countries to dedicate resources to attend in-person meetings. In this regard, Pakistan supports the Singapore’s proposal of hybrid meetings. In the end, once again, I would like to reiterate that Pakistan remains ready to continue to engage constructively in the discussions on future regular institution dialogue and to evolve consensus on its terms of preferences and mandate area. We are hopeful that the member states will be able to reach a consensus on this important topic. I thank you, Chair.

Chair:
Thank you very much, Pakistan. United Kingdom, provided your statement does not go beyond six o’clock. Thank you very much. No pressure.

United Kingdom:
Thank you, Chair. I feel confident that I won’t be more than ten minutes. On capacity building, this is a very substantive section of the APR, and we support many aspects. My delegation would highlight in particular the link made between capacity building and norms implementation, the emphasis on the importance of taking a coordinated approach to capacity building, the recognition of the role of stakeholders in capacity building, and the reaffirmation of capacity building as a cross-cutting dimension of the framework on responsible state behavior. In paragraph 48G, after the sentence that reads, facilitating access by states to capacity building programs, We propose to add the following sentence. States noted these efforts should avoid duplication with similar initiatives taking place across the UN system such as the creation of a Cyber Capacity Building Initiative signposting tool and good practice repository being completed by the ITU. At the end of paragraph 48H, we would like to add the following sentence. It was noted that this should be complementary to activities already taking place elsewhere in the UN system, such as the sharing of good practices for ICT security policy occurring in the ITU development sector. In paragraph 52 regarding the concept for a UN voluntary trust fund, we welcome the emphasis on an initial report outlining this concept in further detail. We very much agree with the remarks made by Australia in relation to the initial report and the questions it should address. We would add that the UK’s own experience seeking to expand the Women in Cyber program is that funding is not the only constraint to the participation of some states at the OEWG. We recommend that the report considers the level of unmet demand for participation from states that do not currently send capital representatives to this OEWG. My delegation would like to be able to consider this report before establishing a fund in principle under the future mechanism. Turning to regular institutional dialogue, in particular Annex C, I would like to begin by reiterating my thanks for the development of the paper in Annex C and for incorporating many of the ideas proposed by states over the last year. My delegation is optimistic that there are many elements on which we will find consensus in this paper, allowing us to demonstrate progress this year. In the interest of time, I will therefore focus on those areas that are more challenging. Several states noted in the intercessional meeting earlier this week that paragraph 8 a to c is problematic. To resolve this, we support the proposal made by the Netherlands to merge paragraphs 8 and 9 into a narrative form. We share Australia’s concern with regard to the current wording of paragraph 9. For the UK, this relates in particular to the way in which norms are described, which is of serious concern. Regarding the stakeholder consultation session proposed in paragraph 12d, we remain concerned that this arrangement could inadvertently drive down participation by states and stakeholders by separating it from the substantive discussions of the future mechanism. States will derive most benefit from the expertise of stakeholders if their contributions are complementing the substantive discussions by states. To address this, at the end of paragraph 11, we would like to add the following sentence. Plenary sessions, thematic groups, intersessional meetings and review conferences will include opportunities for consultation between states and relevant stakeholders, including regional organisations, businesses, non-governmental organisations and academia. With this edit, we could perhaps remove paragraph 12d. If the participation of stakeholders can be clarified in this way, we are otherwise content with paragraphs 12a, b, c and e, subject to the views of states regarding the number of meetings that can be sustained. We support the use of the Ad Hoc Committee on Cybercrime modalities on stakeholder participation suggested by several states and the European Union. We also support the proposal by Brazil regarding stakeholders given the importance of balanced geographical and gender representation. In paragraph 14a regarding the international law working group, the second part of the sentence is not acceptable to my delegation and should be removed. This language raises the prospect of this working group becoming immediately gridlocked given the very polarized debate on whether or not new international law is needed. My delegation has previously articulated a proposal for such a working group in a joint paper with Estonia, Chile, Fiji and Japan focused on building our collective understanding of how existing international law applies. Beyond this important point we would generally support more time to discuss the focus of the working groups currently specified in paragraph 14 as we are mindful of the burden these groups could place on delegations. We share the sentiment expressed by Malaysia in this regard. We express some disappointment that no reference is made to the potential value of scenario based discussions under the future mechanism given their widespread support by many states throughout this year. We do however continue to support and appreciate the reference to the cross-cutting nature of the future mechanism and the cross-cutting working group. We agree with the European Union’s proposal with regard to the role of states in establishing working groups. We note this could be on a time-limited basis as suggested by France. We also support the EU’s request for more time to agree the arrangements for the chair of the future mechanism. Thank you very much.

Chair:
Thank you very much, United Kingdom. Give the floor now to the Syrian Arab Republic.

Syrian Arab Republic:
Thank you, Chair. My delegation insists on the importance of international cooperation and capacity building, first among these the principle of respecting the sovereignty of states and meeting and satisfying their needs and priorities by providing assistance on the basis of mutual consent so that this does not result in interference in the internal affairs of states in cyberspace or in reality – actually, international cooperation and capacity building is extremely important. We continue to emphasize this for as long as UCM continue to hamper all kinds of fruitful international cooperation and undermining confidence. The states affected by such measures lack necessary equipment to build the resiliency of their systems, which would make them immune to electronic attacks. We should not ignore these negative impacts of such unilateral measures. We also emphasize the need to highlight their negative impact, and in this context, the wording proposed by Zimbabwe in light of the growing digital divide, creating a dedicated mechanism for CBM and providing technical assistance to developing countries is absolutely crucial. Hence, a fund for capacity building under the auspices of the United Nations in order to provide non-politicised and equitable aid is important, and we welcome the reference in paragraph 52 to the draft report on approval in principle by states on the creation of a special fund of the United Nations relating to ICTs and security in order to support the representation of developing countries. In this regard, the wording should be more ambitious regarding the purpose of the fund and should be more practical to bring us closer to really making the fund a reality. On regular institutional dialogue, my delegation welcomes the revised version of the report with positive elements. This can be further developed in order to reflect a state’s willingness to cooperate constructively with you in order to bring about this much sought-after consensus. My delegation also wishes to highlight the need to take into account the following issues. The following norms related to future dialogue mechanisms in a working group on a basis of consensus in order to guarantee inclusion and to avoid fragmentation of this process. This process taking place outside of the group could disperse international efforts and deepen polarization, which could in turn damage the international process relating to information security. The mechanism should also focus on elaborating principles, norms and rules for responsible behavior of states and the legally binding principles for international application. On the thematic groups, our concern is that this would lead us to repetition of issues and questions already on the program of work. And so further clarity as to the working methods of the teams and how they reach decisions would be welcomed. We once again reiterate the need not to underestimate the role of stakeholders and we are at your disposal to cooperate constructively. Thank you.

Chair:
Thank you very much, Syrian Arab Republic, for your contribution. Distinguished delegates, we have about, I think, 15 delegations and two observers, delegations who have also inscribed to speak. So this is what I intend to do. First, tomorrow morning. In accordance with our program of work, we had scheduled a dedicated stakeholder session. So what we will do tomorrow morning, as we had agreed to apply the program of work in a flexible and pragmatic manner, what we will do is tomorrow morning we will meet here and continue with the remaining speakers’ list. And it is my intention to exhaust the speakers’ list from 10 to 12 noon. And I will give the floor to all the remaining speakers who have pressed the button today. And we will go through the speakers’ list tomorrow morning. And then at 12 noon or thereabouts, after we have exhausted the speakers’ list for delegations, we will hear from the stakeholders in the format of a dedicated stakeholder session. So my apologies to the stakeholders for shifting the meeting with you from 10 to 12 noon. But I think it will also be good and beneficial for you, as well as for all of us, that you hear the views of states, so that you can then also take that into account as you respond. So I have been advised that we have about 12 stakeholders who have inscribed to speak. And we’ll give each of you a chance, but I would have to, as in previous years, put a time constraint of three minutes for each intervention. This is not very pleasant, to sort of put a time limit, but you can see the pressure under which we are in terms of time pressure and the political pressure of producing a consensus outcome. But I believe it’s very important that We hear you hear your voices tomorrow. So do come prepared with your statements Three minutes each and I think we would be able to give everyone a chance by 1 p.m And then after that, I will give some reflections on the way forward We after having completed the first reading hopefully by tomorrow morning, I’ll give some reflections on the way forward as to How we proceed to the next phase, which is the second reading. So at this point, I do not wish to detain you any longer I would like to thank the interpreters for giving me some additional minutes and I thank you all have a pleasant evening The meeting is adjourned