As the technology industry’s voice on peace and security in cyberspace, the Cybersecurity Tech Accord has followed with great interest and engaged as frequently as possible with the efforts of the UN’s Open-ended Working Group on developments in the field of information and telecommunications in the context of international security (OEWG) since its inception. As the two year working group process comes to a close, our signatories are putting forward our input and guidance as it relates to the recommendations in the first draft of the final report of the OEWG. Our complete response to the recommendations in each of the OEWG’s focus areas, can be found here.
On the whole, we feel the draft report – should it be accepted by Member States – marks a positive contribution to the UN First Committee’s body of work in advancing responsible state behavior in cyberspace, setting and reinforcing expectations in a new domain of human activity. While not establishing any new norms, the report affirms the applicability of International Law in Cyberspace and the 11 norms for responsible state behaviors in cyberspace that were first recognized by the UN in 2015. These expectations serve as an important foundation for a rules-based order online, setting a baseline that needs to be adhered to by states and which currently is not.
This is why we support the recommendations in the draft report that states should voluntarily review the essential “how” at the core of these discussions – how do their governments understand international law to apply in cyberspace? And how are they working to implement and uphold the 11 norms for responsible state behavior? This is how we strengthen expectations and build consensus, by governments openly discussing how these commitments shape their practice. It is not enough to simply say these obligations exist, stakeholders everywhere need to insist that governments commit to affirmatively abiding by them, as the current trends of escalating nation state attacks online are unsustainable and unacceptable. This fact was highlighted clearly in the recent survey report the Cybersecurity Tech Accord produced with the Economist Intelligence Unit on corporate perceptions of nation state threats.
More than the particular recommendations in the draft report, however, the true legacy of the OEWG will doubtlessly be its greater inclusion of multistakeholder voices throughout. Through live consultation events and invitations for written contributions, the OEWG has demonstrated the importance, interest and feasibility for multistakeholder inclusion in discussions of peace and security in cyberspace at the UN. Maturing a multistakeholder model in the process. Despite this progress though, more still needs to be done to facilitate regular inclusion of multistakeholder voices in these discussions moving forward, and to plan for such inclusion from the start. Given the unique and overlapping equities in the digital domain, and the ever-evolving nature of technology, multistakeholder inclusion in these dialogues will remain essential and cannot be overlooked. We hope that the OEWG will serve as both a proof point and a stepping-stone to support more robust engagement across stakeholder groups in subsequent processes.