WS #260 The paradox of inclusion in Internet governance

Summary

This panel discussion focused on the paradox of inclusion in Internet governance, exploring the challenges of creating truly inclusive processes in international cybersecurity and digital policy forums. The speakers highlighted how efforts to increase participation, such as proliferating initiatives and multi-stakeholder forums, can paradoxically create barriers due to the high resource demands of engaging in numerous processes.

Key themes included the need for better coordination between national and international levels, the importance of interdisciplinary teams in government delegations, and the challenge of balancing political control with meaningful inclusion of diverse stakeholders. Speakers discussed examples like the UN Open-Ended Working Group on cybersecurity and the Palma Process on cyber intrusion tools to illustrate these dynamics.

The discussion emphasized structural inequalities that persist despite inclusive processes, such as developing countries lacking resources to participate effectively in multiple forums. Participants noted the importance of national-level coordination mechanisms and capacity building to enable more diverse and substantive engagement internationally. The need to include marginalized communities and identities in digital governance was also raised.

Speakers proposed some best practices, including creating ownership through early stakeholder consultations, fostering interdisciplinary teams within governments, and calibrating political risk to allow for more distributed leadership of initiatives. Overall, the discussion highlighted the complex challenges of achieving meaningful inclusion in Internet governance while maintaining effective processes and outcomes.

Keypoints

Major discussion points:

– The paradox of inclusion in internet governance: efforts to be more inclusive can create barriers to meaningful participation due to the proliferation of forums and initiatives

– Challenges of coordinating between different government agencies and stakeholders at both national and international levels on cyber/internet governance issues

– The need for multidisciplinary teams and better knowledge transfer between different internet governance forums and processes

– Balancing political control with genuine inclusivity and openness to diverse perspectives

– Ensuring representation of minority and underrepresented groups in internet governance processes

Overall purpose:

The goal was to explore the “paradox of inclusion” in internet governance – how efforts to be more inclusive can paradoxically create new barriers to participation – and discuss potential solutions or best practices to address this challenge.

Tone:

The tone was collaborative and constructive throughout. Panelists and participants shared insights and experiences in a collegial manner, building on each other’s points. There was a sense of shared purpose in trying to tackle a complex challenge. The tone became more solution-oriented towards the end as participants reflected on key takeaways and potential next steps.

Speakers

– James Shires: Co-director of Virtual Roots, a UK-based NGO working on cybersecurity and Internet governance research, education, and public engagement

– Yasmine Idrissi Azzouzi: Cybersecurity program officer at the ITU (International Telecommunication Union)

– Hurel Louise Marie: Associate Fellow with Virtual Roots, works in the cyber program at RUSI (Royal United Services Institute)

– Corinne Casha: Representative from Malta’s Ministry of Foreign Affairs

Additional speakers:

– Audience member: Julia Eberl from the Austrian Foreign Ministry, working at the mission in Geneva

– Audience member: Akriti Bopanna from Global Partners Digital, previously worked in India’s foreign ministry for G20

– Audience member: Natasha Nagle from the University of Prince Edward Island

Expanded Summary: The Paradox of Inclusion in Internet Governance

This panel discussion, featuring experts from various backgrounds in cybersecurity and internet governance, explored the complex challenges of creating truly inclusive processes in international cybersecurity and digital policy forums. The central theme was the “paradox of inclusion” in internet governance, a concept introduced by James Shires, co-director of Virtual Roots.

1. The Paradox of Inclusion

The discussion began with Shires explaining that efforts to increase participation in internet governance, such as proliferating initiatives and multi-stakeholder forums, can paradoxically create barriers due to the high resource demands of engaging in numerous processes. This proliferation of initiatives makes it difficult for stakeholders, especially those with limited resources, to participate meaningfully across all forums.

Louise Marie Hurel, Associate Fellow with Virtual Roots, expanded on this concept by highlighting how the specialisation of debates leads to fragmentation of discussions. She also raised the provocative point that inclusion efforts can be weaponised for political purposes, with the proliferation of initiatives sometimes serving as a political strategy to control the scope of debates and who participates in them.

2. Challenges of Coordination

A significant portion of the discussion focused on the challenges of coordinating between different government agencies and stakeholders at both national and international levels on cyber and internet governance issues. Yasmine Idrissi Azzouzi, Cybersecurity program officer at the ITU, emphasised the importance of national-level coordination for effective international participation. She highlighted the need for creating ownership at the national level across different expertises, including various ministries and critical infrastructure providers.

Corinne Casha, representing Malta’s Ministry of Foreign Affairs, echoed this sentiment, discussing the establishment of national cybersecurity committees for better coordination. She also pointed out the difficulty in maintaining consistent representation across multiple forums, underscoring the challenge of balancing specialisation with comprehensive engagement.

The lack of communication between different UN processes, particularly those based in Geneva and New York, was raised as a concern by an audience member from the Austrian Foreign Ministry. This highlighted the need for better coordination not just within nations, but also between international organisations and processes.

3. The UN Open-Ended Working Group (OEWG) on Cybersecurity

Louise Marie Hurel provided significant details about the UN OEWG on cybersecurity, highlighting it as an example of the proliferation of international forums. She discussed the challenges associated with this process, including the difficulty of meaningful participation for smaller states and non-state actors, and the potential for forum shopping by more powerful actors.

4. The Palma Process and Multi-stakeholder Initiatives

Corinne Casha discussed the Palma Process on cyber intrusion tools as an example of an initiative attempting to address inclusivity challenges. This process aims to develop guidelines for the responsible development, transfer, and use of cyber intrusion tools through multi-stakeholder consultations. It illustrates efforts to balance political control with diverse participation in addressing complex cyber issues.

5. Strategies for Improving Inclusion and Representation

The speakers proposed several strategies to address the challenges of inclusion:

a) Interdisciplinary Approaches: Yasmine Idrissi Azzouzi stressed the need for interdisciplinary teams to engage in various processes, combining technical, diplomatic, and policy expertise to address complex digital issues effectively.

b) Multi-stakeholder Consultations: Azzouzi and Casha both emphasised the importance of creating ownership through multi-stakeholder consultations, involving diverse stakeholders in the decision-making process.

c) Capacity Building: Casha mentioned funding initiatives to support participation from developing countries, addressing the resource imbalance that often hinders inclusive participation. Specific examples included the Women in Cyber Fellowship and the Global Conference on Cyber Capacity Building.

d) Fostering Productive Disagreement: Hurel highlighted the importance of fostering dialogue that allows for productive disagreement, suggesting that true inclusion requires openness to challenging perspectives.

6. The Role of Ministries of Foreign Affairs

Corinne Casha and other speakers discussed the crucial role of Ministries of Foreign Affairs in coordinating cyber issues at both national and international levels. They emphasized the need for these ministries to act as bridges between various domestic stakeholders and international forums, ensuring coherent national positions and effective representation in global discussions.

7. Persistent Challenges and Unresolved Issues

Despite these proposed strategies, the discussion highlighted several persistent challenges:

a) Structural Inequalities: Hurel pointed out that structural inequalities persist despite efforts at inclusion, particularly affecting developing countries and their ability to participate effectively in multiple forums.

b) Balancing Political Control and Inclusion: There was a recognition of the tension between maintaining political control and achieving genuine inclusivity, with Casha noting that relinquishing some control is necessary for true inclusion.

c) Representation of Minority Identities: An audience member, Natasha Nagle from the University of Prince Edward Island, raised the important question of how to ensure representation of minoritised identities in digital governance spaces.

d) Circumvention of National Legislation: Akriti Bopanna from India provided an example of how international forums can be used to circumvent national legislation, illustrating another aspect of the paradox of inclusion where global processes might undermine local democratic decisions.

8. Conclusion and Future Directions

The discussion concluded with Hurel summarizing three key paradoxes: meaningful leadership, meaningful coordination, and meaningful dialogue. These encapsulate the ongoing challenges in achieving true inclusion in internet governance.

Corinne Casha suggested a follow-up session or report to further explore the issues raised during the panel. The discussion also touched on the Global Partnership for Responsible Cyber Behavior as a potential framework for addressing some of the challenges discussed.

The speakers agreed that addressing the paradox of inclusion requires careful balancing of specialisation and comprehensive engagement, political control and diverse participation, and national coordination and international representation. The ongoing nature of these challenges underscores the need for continued dialogue and innovation in approaches to internet governance.

James Shires: Yes. Hi, Louise. Testing. Can we hear and see you? Can you hear and see us? Yes, all good. Can you hear me okay? Very well. Let’s get started. So, hi, everybody. Hi. There’s behind us. And welcome, everybody, online. We’re very happy to be hosting this panel on the paradox of inclusion in Internet governance. My name is James Shires. I’m co-director of Virtual Roots. Virtual Roots is a UK-based NGO that works in cybersecurity and Internet governance research, education, and public engagement. So, we have a fantastic lineup of speakers today. We have Yasmin Azouzi, to my right, in person. We have Louise Marie Harrell online. And we have Corinne Kasher, who, unfortunately, is in a taxi coming from a very similarly named conference center that she was accidentally taken to and will arrive soon. These things happen. So, I’ll just say a little bit about the purpose of the panel overall, and then I’ll hand over to our speakers. I will start with Louise online. Then I’ll go to Yasmin. I’ll talk a little bit about my perspective on the paradox of inclusion. And hopefully, by then, Corinne will have sorted out her travel issues. We’ll then open the floor to questions and discussion for everyone, both in person and online. We’re very much looking forward to the discussion. And thank you all for being here early on a Thursday morning. So, we put together this panel because… because we felt that there was a real issue with internet governance and inclusion. And we call this the paradox of inclusion. The idea here is that we see a proliferation of efforts to bring in different actors in internet governance, whether these are multi-stakeholder forums, whether these are efforts to include developing countries and smaller states or states with fewer resources, and there’s lots of different efforts to do these, through different conferences, initiatives, meetings, and so on. In fact, there’s so many of these different efforts that actually keeping up with them all, keeping track of them all, and participating meaningfully in them all, is itself a high resource burden. And that’s what we term the paradox of inclusion. Internet governance recognizes that it has to be inclusive. It has to bring in multiple stakeholders. But those who are really able to track the real range of internet governance forums from this one to those of the UN, such as the OEWG on cybersecurity, through to the Global Digital Compact, through to the Cybercrime Convention, through to the multi-stakeholder initiatives such as the Paris Call, et cetera, et cetera. So this is what we want to talk about today, is the starting point, recognizing that inclusion matters, that there are genuine and very well-developed efforts to make internet governance inclusive, but that sometimes these efforts, as we would say in English, for want of a better phrase, shoot themselves in the foot. They actually bring up barriers to participation through requiring such a thin spread of attention and resources across the internet governance portfolio. That’s the idea behind the session. We’d love to hear your thoughts on this paradox of inclusion, but before we do so, I’ll turn to some short opening remarks from each of our speakers. Our first speaker is Louise Marie Harrell, who is an Associate Fellow with Virtual Roots and is also working at the Royal United Services Institute. Louise, I’ll leave you to do a much better introduction of your own work than I can, and the floor is yours.

Hurel Louise Marie: Thank you very much, James, and thank you all. I would love to be there with all of you, but sadly, and thankfully also, because since we’re talking about inclusion, I think the fact of just being able to connect the IGF has always been great in that sense. And I think James already kind of set a very interesting tone to our conversation here. I am Louise Marie Harrell. As James said, I work in the cyber program at RUCI. And we’ve been reflecting a lot on different elements related to that, but personally, I’ve been attending the IGF for 10 years now, which is kind of like baffling. And I think there’s no other better place to actually have this conversation because being involved in the IGF throughout different cycles of maturity, and also other spaces such as ICANN, but also being increasingly involved in the cybersecurity discussions, which is the bit that I’m going to talk a little bit more about, I think you see those different communities of practice emerging and specializing. So when we look at, in particular, at the proliferation of initiatives, especially when it comes to cybersecurity, and that has something, like if you look from 2017, or 2015, right, to today, it’s quite impressive to see how many initiatives, especially on cybersecurity that have emerged. you would have the group of governmental experts at the UN as the one place, and it was a very kind of multilateral, I mean, it’s still a multilateral process, but you would have 30 governments or so discussing what is state responsibility and how international law applies to cyberspace. And back then also you would have the Global Forum on Cyber Expertise, which back then was also like just called the London Process, starting to mature and to become a bigger platform. And today these initiatives have consolidated quite a bit. I mean, obviously the negotiations at the UN have been taking place for at least 20 years when it comes to state responsibility, but the traction that these dialogues have had is quite substantive. So just to frame this a bit, right now I think we see two movements. And one is we can look at the proliferation of these initiatives in firstly as the specialization of the debate, right? I remember I used to attend the IGF like in the, like again, like 10 years ago, and I would look, where is the cyber community here? And you would have one or two panels talking about this from, let’s say a more cyber diplomacy initiative. And you would see government representatives, and I remember in Geneva, trying to talk about the GGE at the IGF. But nowadays there’s so many other spaces. There’s the Counter Ransomware Initiative, which talks about rent, well, as the name says, you know, ransomware. The Pal-Mal Process, which looks at commercial cyber proliferation. The OEWG, which is looking at state responsibility. And also, I mean, to some degree, the interdependence between state and non-state responsibility in cyberspace. We have the GFCE, which is looking at capacity building, cyber capacity building, and obviously the… you know, Yasmin will definitely, you know, touch upon like capacity building from the ITU’s perspective. We have the Tech Accord, which is an initiative that was spearheaded by Microsoft, but that tries to create this community of practice and thinking within the private sector in different parts of the private sector and how they see norms for their own, let’s say, sector when it comes to cybersecurity and the Paris call as James very already mentioned, which is kind of a mix of different stakeholder groups. So one way in which we can see that discussion, as I said, is the proliferation as the specialization of the debate, where we think that, you know, we cannot have this ethereal, broad conversation. We need to get to these smaller bits and spaces. But obviously the other side of the coin is looking at the proliferation of the debate as also being a political strategy, which it is in many ways. So if you think about the ad hoc committee on cybercrime, that is the result of a long friction at the geopolitical level of Russia trying to push forward in some ways, the discussion of actually have, not just Russia, but in that case, the presentation of the resolution to have a legally binding instrument on cybercrime. And that echo, that really just contemplates the vision of many other countries that have not been involved in the Budapest Convention or that don’t necessarily agree that they should just subscribe to something, that they should be part of the development of it, which is, you know, an increasingly and very valid point from their standpoint. So you have those movements, such as the ad hoc committee, which has ended right now, that becomes part of that, let’s say, political strategy. Another example of proliferation being a political strategy is precisely to specialize debate because then you can control a bit more. or what the scope is, and who is involved in this conversation. So on the other hand, if we look at the counter ransomware initiative, it started out as something that was very much state department led, right? The US spearheading that, but then it has increased throughout the last couple of years. And that requires again, kind of how do you create a platform for a particular dialogue, but that you ensure that you’re still open and flexible to bring others on board. And I’m sure James will talk more about the Pal-Mal process as something that’s quite interesting as well in terms of that proliferation as a political strategy. But I’d say like from an OEWG standpoint, and James, please flag to me when I am, if I’m speaking too much, but I just wanted to give a little bit of a glimpse of the OEWG as part of this paradox of inclusion, right? I think it comes as this proposed solution. So back in 2019, when you had the start of like two simultaneous processes, the GGE, the last GGE and the OEWG, you had this narrative that the OEWG as an open-ended working group, as a UN mechanism for a particular type of dialogue, it would be more inclusive firstly, because it would include all member states. So it would shift the conversation to all of the GA members, the General Assembly members. So from a composition standpoint, it seems that it would probably be more inclusive and also that it would have some kind of participation from non-state actors. But so the enabler is that we’re going from 30 to 193 countries. The challenge there is obviously that enabling effective participation of member states as part of this process is a whole different ball game, right? We’ve been working quite a lot at RUSI to facilitate like workshops on responsible cyber behavior and just working with other governments, like let’s say small island states, like talking about ransomware and trying to really kind of democratize the access to some bits of the debate or to go deeper into some elements of the OEWG agenda. There are structural elements that are just reproduced in these spaces, which is normally you have one person, if it is a small UN mission, you have one diplomat, one person that’s there covering a myriad of themes, right? So even if you have a process that has gone to the 193 countries, is it actually an effective participation? Because again, many countries won’t see that, state responsibility in cyberspace is the first topic on their national priority. And they only have one person in the UN covering these topics. And on top of that, they really don’t, they don’t prioritize because that’s also challenging. And if they want to bring someone from the capital, right, to participate, that’s the cost of meaningful inclusion as part of that expansion of those that can participate. So you have an enabler from a process standpoint, but that does not address the structural challenges over there. Obviously, there’s some solutions such as the Women in Cyber Fellowship, which is an initiative that is funded by state department, the UK government, Australia, and a couple of others that seek to bring women diplomats, or let’s say representatives of national cybersecurity agencies to be the representatives at the OEWG. So again, how do you kind of, you enable a process, but then how do you make sure that that process is actually inclusive at the end of the day? So it’s more of a walking the talk paradox that we’re thinking over here. And in some ways, the- The second logic of inclusion within the OIWG, so we talked about the state one, the non-state actor inclusion, again, the process does enable non-state actors to participate, unlike the GGE, as I said, which is 30 states that participated, it was just them. No opportunity to look at what they were discussing or even like webcast at the UN, and the OIWG does all of those things, which is great. But the disabler, I’d say, or let’s say the paradox of inclusion for non-state actors is obviously that it becomes, it has become a weaponized discussion. So since the start of this latest OIWG, the 2021 to 2025, what we’ve seen is right at the start, at least a year of the process, or more than half of the first year of the process, there was the stalemate between states that wanted to promote effective modalities for stakeholder participation, so that they would be able to provide their speech, to give a speech over at the UN, or that they would be able to listen in through the UN webcast, or that they would be able to be accredited. And there were other states that said, no, we don’t need to have those stakeholders. But they also said, well, if we have to have these stakeholders, we need to have a veto power over who gets to be in the room. So that has led to a stalemate for most of the first bit. And after that, to the effective vetoing of different organizations, including my organization, and also, let’s say, really important technical community experts, such as the Foreign Money and Incident Response Team, which could effectively provide inputs into some of the conversations, but that they were also vetoed by some member states. So you see that there is a process enabling… but that there are political challenges or things when it comes to the meaningful inclusion of non-state actors in these spaces. And just to finalize, because I’m sure that I’m almost done with my time, is looking at the third logic of inclusion. So we talked states, non-state actors, and I think the third one is thinking about the context where this dialogue is being held being more inclusive. So this is a first committee process, which means that usually it’s the highest level of the conversation on international peace and security when it comes to cyber. So obviously the chair of this process has a lot of responsibility to shape meaningfully that inclusion. So the enabler there for thinking about this broader context of the dialogue is the chair, for example, hosting online convenings. He organized the high level round table on cyber capacity building, where organizations from different parts of the world could effectively share their experiences in implementing cyber capacity building. You see also in this process, different proposals from developing countries gaining traction, such as Kenya, suggesting and tabling recommendation for a portal to look at threats so that other states that might not have as much cyber threat intelligence or that might have less access to information that they can share. So you also have coalitions of different states coming together, both developing cross-regional representatives, which is not something specific about the OEWG, but it says that the process is enabling those types of interactions in spite of geopolitical tension between two poles that you see. see effectively happening in the room. But you see, for example, El Salvador working with Estonia, working with Switzerland to think about the applicability of international law in cyberspace and tabling, let’s say, documents for a further conversation. But the outcome, or let’s say, the background tension in this third bit of like the space of this dialogue is really that is the question of what comes next. So I don’t know how many of you are familiar, but the OEWG is coming to an end in 2025 in July. And there is another proposal for a program of action. So let’s see another way in which we structure the dialogue at the UN within this, you know, a regular institutional dialogue for cyber. And there is this dichotomy between these two proposals. One is obviously the OEWG was the result of a Russian table proposal, which has effectively been, you know, successful in the past five years in actually pushing the conversation forward, at least maintaining that dialogue. But there is obviously a need for a more dynamic dialogue that can go deeper into different topics. And that, you know, can more effectively include stakeholders. And that’s the program of action. Not that one is better than the other, but there are different proposals for how that dialogue should happen, that regular institutional dialogue, and the member states will need to decide. So within this context of these three paradoxes, in many ways, how do you think that going forward? And I think there is a very politicized tension between these two proposals. And I think right now is, is thinking about the design of the process, right? And I don’t think that necessarily we’re always tackling those underlying inequalities. But in any case, I just wanted

James Shires: to stop there. I think there are other bits in terms of the relationship between the IGF and the OEWG. AWG or the coexistence of different UN processes, especially on cyber, but I’m very happy to talk about that afterwards. But I just wanted to maybe set the scene from an AWG standpoint of what are these different logics of inclusion and what are the challenges to these three logics of inclusion? Louise, thank you so much. That is a incredibly rich introduction and overview of the paradox of inclusion. And I really appreciate you breaking it down into this question of between states with non-state actors and also these other modalities of inclusion as well. Given that you covered so much ground there, I do just want to give the people in the room and online the chance to respond or ask a few questions while it’s fresh in their mind. And then we will turn to our next panelist. So if there is anyone who would like to come in online, please do put your question in the chat. If you’d like to come in in person, obviously just raise your hand and we will bring the mic to you. So while you’re maybe thinking of that, and if anyone is thinking of questions, I would just highlight one recent publication from Virtual Roots through our site, Binding Hook. Now, Binding Hook is a way to disseminate academic research in an accessible way to a wide audience. And there’s a new piece from last week on Pacific Island cybersecurity, how to co-design cybersecurity governance for and with Pacific Island states. So if you’re interested in that part of Louise’s remarks, please do check out that piece that has just come out on Binding Hook. If there are no questions in the chat, and everyone here seems very content, I will move on to our next panelist, who is Yasmin Azouzi. So I’m going to turn it over to Yasmin, who’s going to talk a little bit more about cybersecurity and how it can be used in the future. So Yasmin, again, please do introduce yourself a little bit more, and the floor is yours.

Yasmine Idrissi Azzouzi: Thank you very much, James. Thank you, Louise, for that incredible overview. Good morning, everyone. So my name is Yasmin. I’m a cybersecurity program officer at the ITU. So the ITU, as many of you know, is the U.N. cybersecurity and technology agency, and the ITU is a global organization. So we have a virtual moment for Internet governance. So next year, we have the WSIS plus 20. We’re currently navigating the global digital compact, topic specific ones like the ones in cybersecurity, open-ended working group, ad hoc committee on cyber crime, and we’re seeing in general, as mentioned, very nicely, that there is a proliferation of fora, which has obviously both opportunities and challenges. So I’m going to talk a little bit about what we’re doing, and how we’re doing it. So we have a number of fora that are also addressing overlapping issues, overlapping Internet governance issues, and this is being compounded, of course, by duplication and silos at times. So, for example, I can give a specific example from the ITU. So agreements that member states and resolutions that member states have voted on at ITU statutory meetings on the topic of open-ended working groups, and we have a number of fora that we’re working on, and we’re also working on the open-ended working group agenda item on cybersecurity. And this is partly due to member state representation in the ITU being mainly ministries of ICTs, ministry of communication, of digitalization, while the open-ended working group, first committee diplomats at times, but also representatives of national cyber agencies, this shows basically a lack of coordination at national level. So, for example, the open-ended working group, this is a representative of the national cyber agency, and it’s a group that is not represented in the open-ended working group, and it’s a group that prevents them from being represented in this. It’s about financial resources, at times it’s also the technical expertise and ability to communicate, and it’s also the technical expertise and ability to communicate, and it’s also the technical expertise and ability to navigate the interdisciplinary nature of digital policymaking. So this I think is the core of why this paradox exists, because the silos that are present at national level are being reflected internationally. In fact, digital issues touch upon multiple disciplines, so it can span from national security to economic development to human rights to sociological change, and this very interdisciplinarity, while enriching, also contributes to the fragmentation. So I’ll take cyber security as an example. As I mentioned, the Open Ended Working Group addresses cyber security within the first committee of the General Assembly, which focuses on peace and security, and the Committee on Cybercrime operates in the third committee, yet cyber security can also have implications in the second committee on economic development, which has a critical role in security. And in parallel to that, at the same time, at the ITU, at WSIS processes as well, we are emphasizing technical cyber capacity building for the purpose of sustainable development and economic and social development, and this is far removed from peace and security aspects being discussed elsewhere. The Global Digital Compact sees cyber security more as an enabler of securing digital space in general, and it focuses very much on the harms of privacy protection and calls for international cooperation more in a high-level way. So this way of compartmentalization makes it challenging for stakeholders, particularly from low-resource nations, to align their priorities and also to maintain continuity across these different sectors, which causes, again, the silos and duplication. Paradoxically, given also the topic, the solution actually may lie in reducing this fragmentation at national level by improving, for example, inter-agency cooperation, focusing on fostering interdisciplinary teams that are equipped to engage meaningfully in I think that this approach can offer some key advantages. So first off, countries need to establish multidisciplinary teams that can have expertise in technical, diplomatic, and also policy-making communities. For example, representation of national cybersecurity agencies or national computer incident response team at the open-ended world often results in practical, context-specific experiences that are a bit different compared to, let’s say, traditional career diplomats. However, this, of course, requires a pipeline of trained multidisciplinary professionals that have the expertise in technology, but also in diplomacy, so being able to operate in that nexus, in a way. Second, capacity-building with inclusivity in mind must be key. So initiatives must prioritize inclusive capacity-building that can bridge technical and policy silos. So, for example, at the ITU, we have a program that is a part of the ITU that is a part of the ITU that is a part of the ITU that is working on a number of issues, both technical and policy silos. So, for example, at the ITU, that bring together those two communities at national level so that they are accustomed, let’s say, to interagency in that manner. Programs should focus on enabling countries to engage also in Internet governance forum in a holistic manner, so being equipped both, again, from the technical and the policy side, but also from the policy side. So, for example, the ICT forum is a very utopic goal, realistic or useful to think of consolidating all Internet governance forum, but what we can focus on is actually enhancing coordination and avoiding duplication by aligning mandates, creating, let’s say, better linkages between discussions, for example, on the capacity building, cyber security capacity building, these agendas can be implemented in a more holistic way. So, for example, the ICT forum is a very utopic goal, realistic or useful to think of consolidating all Internet governance forum, but what we can focus on is enhancing coordination and avoiding duplication by aligning mandates, creating, let’s say, better linkages between discussions, for example, on the capacity building, cyber security capacity building, these agendas can be implemented in a more holistic way. So, for example, the ICT forum is a very utopic goal, So, I would like to conclude by saying that I think that we need to be very, very careful about how we create these interdisciplinary teams and this can also include having coordination mechanisms in place that can regularly consult across disciplines so that there is consistency when it comes to international negotiations and international fora. So, just to conclude, as we’re looking at, say, the future of Internet governance , we need to be very careful about if there is a difference between

James Shires: . Thank you, Yasmin. And just to repeat my call from earlier, if anyone does have any questions for Yasmin or Louise at this stage, then please do bring them into the discussion. We would love to hear from you whether you are in person or online. I am extremely pleased to have our third speaker here, Corinne. Corinne, please do come up to the table. You snuck in behind me and I didn’t even see you, so that is clearly operating in stealth mode. Now, Corinne, hopefully we will follow on with her perspective on the paradox of inclusion and maybe also the paradox of travel in Riyadh as well. Corinne, it is a pleasure to have you here. I will hand over the mic to you.

Corrine Casha: Yes, hi. Thank you. It is a pleasure to be with you here today. I don’t have much to add, actually, to what Yasmin already said, because I think she really encompassed the discussion very well, and I noticed that she really sort of hit the nail right on the head about the paradox of inclusion. So I just really wanted to add on to what Yasmin said. I think it’s important to avoid having the fragmentation of all these processes through also the fact that you need both the technical and the political level to work very closely together. And the issue of resources was one that really struck me. I know this is one of the main issues, that there are a lack of resources. And from our perspective as Ministry of Foreign Affairs, we are really working hard to fund resources so that we aim to actually provide resources where necessary. So if it’s, for example, the fact of the lack of representation, we fund fellows. We fund also diplomats from, let’s say, least developed countries, et cetera, so that they are able to be represented at the highest levels of decision making. One other aspect that struck me was the need to harmonize the processes and also to enhance coordination. I think this is really key. And obviously, the Global Digital Compact only came into, let’s say, adoption last September at the UN General Assembly. So we will see how it will fit in with the other processes. But that’s all from my end. I will add some closing remarks as well. But I really wanted to hear what participants think about this and what their views are on how to promote more inclusion and also to avoid the fragmentation of the processes. Because this will be really sort of key in us as governments to factor in what needs to be done for this to be, let’s say, a more harmonized process.

James Shires: Thank you. Thank you, Corrine. And yes, we look forward to your concluding remarks as well. So before we turn to an open discussion, and at that point, I will be asking everyone what your perspective is on the paradox of inclusion. So please do get some interventions ready. What I’m going to do is reflect a little bit on one example of the paradox of inclusion that I’ve been working on very closely. And what I’ll do is I’ll use Louise’s framework, because I think it’s a very helpful one of inclusion at a state level, inclusion at a non-state or multi-stakeholder level, and inclusion in terms of modalities as well, to illustrate how this paradox emerges through a particular process. And the one I’ll talk about isn’t the OEWG or the Global Digital Compact, these sort of very high-profile major ones. It’s a little bit more niche. It’s the pow-mow process. Now, can I get a quick show of hands in the room if you’ve heard of or know about the pow-mow process? If anyone does, then please put your hand up. Glad the panelists do as well. If you don’t, then I think I will give a quick overview of what it is. So recently, there’s been a recognition among many states that many offensive cyber tools, otherwise known as cyber intrusion capabilities, have both positive and negative uses. They have positive uses because they are necessary for cybersecurity. They help organizations test their defenses and improve their defenses through things like penetration testing within cybersecurity, so asking someone external to try and hack into your networks, so you know where the holes are and you can fix them. They have negative uses when they are used by cyber. criminals, for ransomware or other theft, and also when they are misused by state actors. So this is where companies would offer cyber intrusion capabilities commercially, often known as spyware, and then states would buy that and then use it. This is a, in many cases, perfectly legitimate activity, right? States need such surveillance capabilities for reasons of national security, but often, in many cases, they have overstepped the line, right? They have used capabilities in ways that are not proportionate, that lead to significant human rights violations as well. This is a recognized issue in internet governance, and there have been many efforts to try and address this at both a national and a multi-stakeholder level. And so, for example, you have the US, which is a major producer of these capabilities, right? It’s a major center for spyware development, research and sale. The US then imposes sanctions on particular companies that it thinks have violated the norms or boundaries that it wants to impose. So there are very high profile cases of US sanctions and indictments and other measures, such as restrictions on government procurement, so US government agencies can’t buy from certain companies in order to shape this market. There are also efforts at the multi-stakeholder level. Some of you may have heard of the Cyber Tech Accord, and this is a group of tech companies, industry companies, who came together to develop their own voices. on internet governance. They produced principles for what they called curbing the cyber mercenary market, right? So they put a different frame on it. But again, they’re trying to intervene in this sphere. Now, again, that wasn’t especially effective. And so what happened last year is a new initiative was launched called the PowerMile process. This aimed at both bringing in industry, including the spyware industry itself, including the companies worried about that, such as the big tech companies, including the states buying and using spyware and commercial cyber intrusion capabilities, and those being affected by it. So in short, it was a big tent initiative, right? It wanted to get everyone together to find a solution to this complex problem. And let’s unpack that initiative, which has now been running for just under a year in the three levels that Louise mentioned. Firstly, at a state level, was it inclusive? Well, in one way, yes, right? Anyone who wanted to, any state that wanted to sign up to the PowerMile declaration published in February could do so, right? They could attend the conference, they can engage in discussions, and put their name at the bottom. And now the state interaction on these discussions is getting more detailed. But it was still not completely equal, right? The sponsors of this initiative, the funders and organizers, are the British and French governments, right? They are the ones running it. They are aiming to include as many other states as possible. But ultimately, the conferences are in Europe, they’re in the UK and France. Most of the attendees and organizers are from these states. there between having a very stereotypical sort of European perspective on the issues and making it as wide an invitation as possible. So that’s at the state level. At the multi-stakeholder level, yes, there are efforts to include multi-stakeholders. So Virtual Roots is a multi-stakeholder participant in the Pal-Mal process and multi-stakeholders have the opportunity to engage at these conferences. They can submit responses to a consultation that closed a couple of months ago on these issues and they will continue to be able to feed into the process. But again, this is clearly a two-tier system. You have in each event a day reserved for multi-stakeholder discussion and then a day reserved for state-only discussion. So while the multi-stakeholders are able to input, they are not able to observe or have any understanding of what is going on in the state negotiations. So in a way, it’s a bit like the OEWG on one side and then the GG on the other side, right, where it’s just the states in a closed forum. So multi-stakeholder, yes, but also two-tier. And then finally, in terms of modalities, and this is where it is very interesting, the open consultation that ran for three months over the summer this year was on the declaration on the way forward for the Pal-Mal process. And what was interesting was a lot of industry coalitions and companies contributed to this consultation. Most of them were from the cyber security industry, right? They were contributing from the defensive side. But what the aim was, was for also to get the companies who build and make and sell the spyware to contribute as well, right? It’s a genuinely multi-stakeholder process. And it didn’t quite succeed in that, right? They were looking for more and more contributions from all parts of the industry, as well as civil society as well. And so, again, when you go into each of these processes, and that’s just one example, you can unpack the layers in which efforts at inclusion are both very laudable, right? They do, in fact, increase inclusion. But on the other hand, they only go so far. And indeed, the barrier to entry to these processes, the amount of knowledge you have to have to enter is far beyond maybe that of an embassy diplomat or a non-specialist, right? You need to really be engaged in these processes to contribute effectively. So with that example, I will now open the floor. Open the floor. And so, how we’d like to run this second half of the session is just to ask the participants in person or online. If you’re online, then please do put it in the chat. I will read it out, and we can ask the panelists to reflect on your remarks. To ask you some very simple questions. Firstly, does the paradox of inclusion ring true to you? Is it something that you recognize in your own work? Is it something that you think, nah, what are you talking about? Why are we even here, right? So that’s question one. Question two is, where do you see it most relevant to your work? And how might you try and overcome it, right? So maybe first, is it something that you recognize? And then where and how do you see it happening? I’ll pause. In the room, please do put your hand up if you’d like to contribute. Online, please do come in on the chat. Yes. Okay, I can hear myself. That’s good. Thank you so much. I’m Julia Abel from the

Audience: Austrian Foreign Ministry, currently working at the mission in Geneva, and I’ve been involved in some of the processes that you’ve talked about. So it was very enlightening to see kind of a full overview, because I can very much resonate with the questions that you’ve raised, that as a diplomat, we tend to work on a couple of these processes, but not all of them. So I was not aware of the Palma declaration, for example, because I’ve been on a mission abroad, and not in capital working on the processes holistically, for example. So that was very interesting. Thank you very much for bringing that up as a question. I wanted to make three points on everything that has been discussed. And one was, from my point of view, we need different expertise in all these processes. And what you’ve brought up, for example, cybercrime, cybersecurity, when you when we look at it from a national point of view, cybercrime, we had a lot of our criminal law experts involved nationally looking at actual criminal law provisions and how it would be applied for us. When we talk about cybersecurity, we get a lot of the defense side in, we get international law questions in. So this requires quite a different expertise and different people also from a national level. But I do hear the need for also coordinating better nationally. So that that is something for sure. And we also always try to bring national experts also into our delegations when we have these discussions on different processes and negotiations. But Austria also funds other like developing country diplomats to come to certain processes. We did it, for example, in the cybercrime process, that we wanted to get the experts from capitals, from developing countries, to be part of the process, because we don’t only want to talk among diplomats, we want to talk with the people that actually have to implement this at a national level. So that is something we did, and I know the Council of Europe is also very active on capacity building when it comes to that. So there are initiatives and there is a wish to bring in the people that actually work on these issues, at least when we talk about government participation. One thing that resonated with me is what Yasmin said about what the ITU does and then what the different committees in New York do, and having worked in both environments, I do see that there is a bit of a lack of communication between Geneva and New York on processes like that, and then, of course, you have the capitals in it as well. And that’s a bit of my question also to the panellists of, have you seen any best practices, or do you have any ideas of how to help, both from a member’s perspective, from a stakeholder perspective, and also from a UN agency perspective? Like, how can we strengthen the communication between these processes to avoid duplication, which is a strain for all of us, really? Thank you so much for your intervention,

James Shires: and a combination of both very insightful points and also a good question to push us to identify best practices as well. Yasmin, given we had a little bit on the ITU, maybe I could turn to you first, and then, Louise, online, to give a little response. Over to you. Thank you very much, and thank you for the very insightful question.

Yasmine Idrissi Azzouzi: Indeed, it’s… I think it’s a decades-long problem of having the lack of communication between the Geneva and New York. But when it comes to good practices, one thing that pops into mind is the kind of work that we do at the ITU at national level in particular. So if I give you an example, when we are supporting developing countries in particular, when it comes to their development or establishment of something like national cybersecurity strategies, part of that agreed upon methodology is to actually have consultation workshops prior that are inclusive of many different stakeholders. And at times we found ourselves in contexts where those same actors had never actually been in the same room together. But this is sort of a prerequisite that we put in terms of if you need your strategy to be developed, these are the people that you need to have in the room. And so that stems from, of course, an inclusion need, but also a very practical need. I mean, if a strategy, since it’s a living document, it’s something that needs to be implemented, is developed by a small group of stakeholders and then is asked actually to be implemented by wider stakeholders, it makes it difficult. So creation of ownership, I think, at national level across different expertises, so ministries and national agencies, but also critical infrastructure providers. We’ve had in the same room central banks, energy representatives, but also ministries ranging from MFA all the way to, of course, defence, interior and others, because, of course, it’s extremely interdisciplinary and a national strategy also needs to have all of those elements be taken into consideration. So this is, say, a model that we have seen being also the start also of better coordination at inter-agency level, where you didn’t have it before. We’ve often felt a bit of resistance at times from, let’s say, the lead agency at national level due to, I guess, wanting to keep ownership over things. things, but then gradually seeing that shared ownership has actually yielded better results in terms of coordination, but also in terms of effective implementation of things. And having also different perspectives on the same topic has actually taught a lot to different stakeholders. So I think this could be one good practice. So having, again, might seem like a leitmotif here, but multi-stakeholder actors at the table prior to, let’s say, major negotiations or major establishment of strategies or policies is part of the solution. It might sound obvious or simple or easy, but I think this is really where it starts.

James Shires: Thank you. Thank you, Yasmin. And Louise, over to you.

Hurel Louise Marie: Yes, thank you so much for that question. And I mean, I 100% agree with what Yasmin just said. But just to add on top of that, I see there are two points that came to mind when you were kind of asking your question. And one of them is, I wonder whether we need to create a community that goes to these places and that kind of like, I know that that is like spreading one thin. And I think that’s exactly where we started this conversation of, do we have to follow so many processes that we can’t actually do that? So I mean, from both a government and a non-governmental perspective, I think, for example, attending the IWG and attending the IGF, that community being able to leave that privileged space. And also, I mean, you could argue that there are some privileges to being able to actually attend the IGF. But being able to have those communities going to other places means that you can, that whenever there’s not an overlap, there’s a new set of community there. But you ensure that there is that knowledge transfer, or at least that experience from that particular room, it’s going to the other. place. So I think the question here is how do we take these New York dynamics or New York-centric dialogues and how do we translate it, transpose it, and let’s say provide the space for those same dialogues, even though let’s say not in the same format, to happen in other places. And I think there’s some answers or let’s say best practices that I’d like to highlight. The first one is, well, just a couple of days ago, and starting from that same productive discomfort, we, RUSI and Virtual Routes, we organize the cyber policy dialogues over here at the IGF, well, over there at the IGF, which is a networking session, right? And the purpose is really to identify people that are doing that kind of similar research or that are engaging in those spaces or that are interested in those spaces, right? So creating the space for us to have those kinds of New York-centric conversations like in another geographic location is absolutely fundamental. And that is one way in which we can do that from, let’s say, an IGF, OAWG kind of cross-pollination, but that could obviously apply for many, many other, let’s say, processes. Another possibility there or example is that over at RUSI, we have launched the Global Partnership for Responsible Cyber Behavior, which is a platform for researchers from all different regions to kind of come together and reflect on what responsible cyber behavior means from their, let’s say, perspective, from their geographic location. And we organized a discussion over in Singapore during Singapore Cyber Week with researchers and government representatives, not just from the Southeast Asian countries, but other regions as well that were attending CICW to discuss norms of responsible state behavior and the practical behaviors that they see from their regional perspective. So we got like small island countries saying that, you know, for example, climate-related concerns and critical infrastructure protection is much more relevant, or that is actually kind of like state responsibility and responsible state behavior is ensuring that the climate discussion is connected to the critical infrastructure discussion at the first committee, right? Which is a very different interpretation, you would argue, but that it is like once you go to the regional level and once you do that cross-pollination is that that can be quite useful. So, I mean, that is another example of a best practice of how we take those very specific bubbles and how do we, let’s say, expand those dialogues and how we as non-governmental actors can do that, but also as governments, I think one other example that I would give here is my other, let’s say, side is I’m part of the National Cybersecurity Committee in Brazil, which has been established as an outcome of the National Cybersecurity Policy. And that committee is mostly government representatives, different parts of the government, of the public administration, but you do have three civil society representatives and three industry representatives and three representatives from the technical community. And what we’ve been discussing, one of the things is how to make sure that the Ministry of Foreign Affairs can better coordinate across, do more of the interagency coordination to then take those, let’s say, inputs to the international fora, right? So, for some countries, you don’t need to have an informal mechanism. And for Brazil, it hasn’t been a formal mechanism, but just having the conversation about how to do that better and how to kind of like calibrate because the ministry has developed its own cyber division, right? How do you foster that or facilitate that liaison role that the MFA crucially plays in collating those different views, right? Even if you can’t have a more diverse delegation going with you to, let’s say, New York or Geneva. So, my question, perhaps, back to the diplomats in the- room is, you know, is there something about best practices of the MFA being more well equipped, or best practices there to think about how to facilitate that interagency coordination, or even if you have a shortage of resources, how you can feed back into those places or feed into in a better setting? Do we need to have MFAs more well equipped for this scenario where there’s a really a spread of different cyber related processes? Anyways, I’ll stop there. Because as you’ve seen, I speak way too much, but hopefully, I’d like to hear from you all.

James Shires: Thank you very much, Louise. And just to add a short footnote to what Louise and Yasmin have said. I think Louise started by saying there are two reasons right for this proliferation of initiatives. One is specialization. And the other one is politicization, right? And Yasmin pointed out that one of the main challenges is giving participants, whether multi-stakeholder or states, a sense of ownership in each initiative, right? So you want to engage early, engage transparently, and set out a clear roadmap for how things will go ahead and when people should and how they should intervene. Now, the danger there, right, is if you engage very transparently and openly early on, with people who do not share the same objectives of the initiative, maybe even would like to sabotage or delay it or see it not exist, right, then that gives them an opportunity to do so very easily. Because you say, okay, we will not move ahead until we have got full ownership from everyone in the room. And so someone says, Oh, I don’t want this to happen. I’m not going to agree. And it doesn’t move ahead. So the best practice that I think of here is Be as open as possible, so do engage really transparently early on, but with clear deadlines and with clear suggestions for who will take forward action after those deadlines. So you have things like the PowerMile consultation period. That is good because it invites broad interventions, it has a deadline, and it’s clear who will go on afterwards. So it’s very hard to say, you know, there was no opportunity to be involved from maybe those that don’t want to see it go ahead or want to push forward for a delaying tactic. But still, the real nub of the issue is that how do you identify those actors that will take it forward? Is it going to be the same people? So ideally not. So in the PowerMile process, in the absence of anyone else, they close the consultation and it’s the UK and France who then take it forward. So you’re back to the original problem of inclusion. Ideally, you would have a different set of actors, but who will be nominated and ready and funded with the resources to take it forward. So just to highlight the politicisation happens in those processes as well. We do have a question online. So I wonder if we could enable unmuting and Akriti, please do ask your question. Hi, thank you so much. I guess it’s more of a comment to Louise’s point than a question. And I’d love to be able to unmute video if that’s possible, by the way, it can’t be. I think just to the point about politicisation and what Louise was saying about the MFA.

Audience: So I’m Akriti, I work at Global Partners Digital, and before that I was working in India as a foreign minister in the G20. And something that we noticed, and especially more so when we were organising a convention on cybercrime and AI at NFT. and this was part of the G20 presidency, so it was under the aegis of technically the foreign ministry, but because there are so many departments, like for us the internal security is done by a ministry called the Ministry of Home Affairs, and then we have a Ministry of Information and Technology, and then we have the Ministry of Foreign Affairs. So and I was coordinating technically on the side of the MFA, but coming from tech policy I was kind of more aware than say most foreign policy people were about some of those discussions, and I think what I noticed was that a lot of the times the positions that came up were something that at least my MFA were just checking to make sure that it didn’t go against, sorry, what we had said at the UN. It wasn’t so much that they were making the policy as so much that they were just checking that it wasn’t contradicting our international opinion on something else. So I just wondered that even if we did have diplomatic practices from the MFA, I think a lot of constructive input, and that’s our challenge as civil society is kind of to make sure that we have connections or sort of a community or interactions with different, like the internal political machinery, which is different ministries, because a lot of times you can come in at the very last stage, but we’re not really involved at the point where the policy is being discussed, so much as just where it’s being vetted, and to me sort of that’s a, you know, very clear delineation between how you participate. So there’s, of course, the things that the MFA can do, but I just wonder how much of that onus on how to involve civil society will then fall on, say, the MFA, whereas permeating that culture within the internal politics where you invite opinion from civil society and different departments, and I guess there is going to be one ministry that needs to lead that, and if it’s an internet governance, which I guess a lot of times happens in international discussions and whether that’s an MFA prerogative or whether it’s someone else, but I think that’s a huge challenge for us as civil society from a national point of view, that how is our national engagement so strong that when we say something internationally, it really comes from kind of the local perspective. or that we’re heard at the very first layer that we can be heard at. Thank you.

James Shires: Preeti, thank you so much. And yeah, it again just highlights this important for coordination at both layers, right? You cannot have a inclusive and effective international layer without first working hard and solving problems in the national layer. We do have a representative from a Ministry of Foreign Affairs on our panel. So I was wondering, Corinne, if you would maybe say a little bit about your perspective on what the role of the Ministry of Foreign Affairs is in these issues, sort of how technical should it be? How can it rely on other technical communities and draw on those different parts of government?

Corrine Casha: First of all, I wanted to make a point on the Palma process. We received an invitation from the French and the UK governments to participate. So we received a formal invitation. And I have to say that we thought about it and we thought that it was a very important process, particularly on the point of also promoting inclusivity and on also getting industry and other different factions on board. So we did participate. This was the first time for us. And I was aware also of the different factions that participated. We had one representative from the industry and one representative from the Ministry, sorry, from a line ministry that participated. And I was happy to see that they were included in the consultation process. And I think for us, this was something that we would like to also encourage other states to sign up to, because it’s very important to not only in terms of, as I said, including the other, let’s say, factions that are not always included in the decision-making, but also as a way of promoting, let’s say, coordination between different states. So that was a point on the Palma process. And on the points raised, I very much share the same thoughts as the Austrian colleague as well, from Ministry of Foreign Affairs. There are a lot of different processes and with the different processes, you have to see which representatives are going to attend which process. Sometimes it’s very difficult also from our side side I think particularly difficult was the cyber crime convention because we had an issue of not having our delegates participate directly in New York, our criminal lawyers, it was very difficult to get them to participate in negotiating sessions. So it was very challenging for us because we had to rely on our delegates in New York and to coordinate back sort of with the line ministry. So that was very challenging because also one other thing is with the sort of proliferation of different processes, I mean even the line ministries themselves are having to keep up or having to keep up pace with all these different processes taking place and sometimes you know you don’t have the necessary specialists, especially with cyber crime for example, there are certain technicalities that where we don’t have the necessary expertise to deal with them. So it’s very hard to keep pace with all these different processes to make sure that you have all these specialists on board and I would say that the cyber crime convention for us was the most difficult because of the fact that we didn’t have these specialists who would be able to go back and forth from New York to Malta and negotiate. And I was also very struck by what Louise said about the sort of transfer of knowledge from New York to other centers of discussion. I mean the fact that I’m participating the first time in the IGF is also sort of decision based on that. The fact that I’m coming from the foreign ministry but at the same time I’m participating in a forum where it’s not just the foreign ministry but also other technical fellows, civil society etc. participating. I think it’s important to share knowledge. in that respect. And there was another point on, I believe that Louise raised, about the sort of need to have this sort of harmonization process going also with respect to the Cyber Security Committee, which she mentioned about Brazil. We also have a Cyber Security Committee in Malta. I’m a representative on that committee. And again, it brings together all the players, all the line ministries, all the representatives of the industry. But the foreign ministry is really sort of coordinating, let’s say, has a coordinating role in that, make sure that what the representatives or the delegates say, as also the online participant mentioned, doesn’t sort of run counter to what we say in New York or in other areas. But I think the fact that this Cyber Security Committee was established was very, not only timely, but also very important. I think it has helped a lot to, first of all, bring sort of to the table items or let’s say issues that maybe not all participants or delegates are aware of. I’m thinking in particular about the issue of the application of international law in cyberspace. For example, that was an area which was being discussed at the EU level, but not every delegate, let’s say from the police force to, let’s say, the critical infrastructure department. I mean, they were not aware of the discussions that were taking place. I mean, they were aware of it in a general sense, but not so much into the detail. And I think it was very important that this was raised at the committee. And so, I mean, the committee has a very important role to play, because it brings together the different sort of factions, but it also enables certain issues to be exchanged, to have more information. And for us, it was important. I think without the committee certain sort of items or issues would maybe fall through the cracks and then line ministries or other entities would come to know about it much later than they would actually come to know about it if there was not the committee. So I think it’s a very important framework as well. For us it’s sort of a formal establishment, it’s under the office of the prime minister so there’s a sort of also prime ministerial lead over that which gives it also a certain influence and a certain weight to take decisions. But I believe that this is also one aspect where harmonization comes into play and where we avoid sort of also the fragmentation of cyber issues because at the end of the day there’s so many processes, so many different ministries tackling different aspects of cyber. The sort of committee brings them together and for us nationally it’s helped a lot. Thank you. Thank you very much Karina and that’s a

James Shires: yeah fantastic insight into how these national structures of coordination work as well. Akriti I can see you’ve got your hand up to respond again and then I will turn open the floor. So

Audience: Akriti come in and then we’ll open the floor. Yeah thanks, just to point out because you know she mentioned the issue of cybercrime convention and from our point of view, so when India we had this law in India which was struck down by the supreme court which was our highest law in the land because the speech was extremely vague in terms of what it marked as offensive and the overreach was such that it was marked down and then eventually India tried to bring the exact like literal verbatim exact same prohibition to the cybercrime convention trying to circumvent our national jurisdiction to you know then have it obviously the international law and then you have to ratify it then you know to get it back into our national legislation and it was I mean it was honestly a little bit shocking to us as a civil society that that route was trying to be used to you know legitimize the chilling effect on freedom of speech again. But also another point was that because that was happening at the cybercrime convention and at least in India the capacity to follow international conversations on intent governance and such is much more limited than national. So the kind of traction that we got on that was so little like if you weren’t very specifically tracking the cybercrime convention which is kind of literally maybe one organization if any in India then it didn’t get as much traction as when of course the national debate was happening and I think that was quite for us just kind of alarming to see that they were moving to the international forum from the national forum and kind of the like because the harmonization works that the way it does they thought that they could try to get away with it and eventually didn’t pass of course so it’s not a reality today but it was quite alarming to see that that kind of those kind of actions also happen and the lesser we see harmonization and even just civil society kind of input or attention on the internet governance spaces it can really come back from what people consider an elitist internet governance level to really our national legislation so just to respond to that thank you. Thank you and yeah that example of

James Shires: states trying to circumvent maybe civil society or popular resistance to certain measures of legislation by going through the international level is really fascinating. Is there anyone else in the room who would like to come in with their perspective on the paradox of inclusion? I see no hands would anyone online like to come in please do raise your hand or put something in the chat if not then I will offer the floor to Yasmin and Louise for their interventions but there is someone already so Sasha please do come in and can we give Sasha some video as well if you’d like to have video if you don’t want then leave it off. Hi, good day. Can you all hear me? Yes. All right. I can’t get the video so that’s that’s

Audience: fine. All right. So my name is Natasha Nagle. I’m here with the from the University of Prince Edward Islands. And my perspective is through the inclusion, digital inclusion perspective. And just inquiry considering the way in which we, we look at the way in which we fragment internet, generally speaking, and the way in which we identify the subtext within the presentation of information. And when it comes to internet government governance, how do we consider the identities that are being put forward? Is it going to be a situation where when it comes, when you look at that lateral transfer from physical inclusion to digital inclusion, what structures are in place to ensure that minority identities are being presented in such a fashion that it is represented on the world stage? And just just general comments on on that particular space, because when it when it comes to our intersectionality and internet identity, it’s important that we don’t lose sight of those minor minority identities within that digital space. Thank you.

James Shires: Thank you very much, Sasha. In which case, what I will do if there’s no other comments in in person, then I will offer the floor to Yasmin and Louise to give some concluding remarks, but also specifically to address that question of ensuring we have the digital

Hurel Louise Marie: inclusion of minoritized identities and communities. Louise, would you like to go first? Sure, happy. do so, and thank you for that question, Sasha. I think from where I’m standing, and from the, let’s say, sorry, sorry if my voice is a bit robotic at the moment, but just recovering from a cold. From where I’m sitting, and from the example that I gave, I think there is a reflection to be made as to how we best include or recognize minorities in the context of these very high-level processes, right? And I think I gave a very brief example of how some member states have been trying to do that, and I know that that doesn’t respond very specifically to the kind of physical offline, online kind of representation, but again, from that process specifically, let’s say like the OEWG, you do have member states facilitating and supporting the Women in Cyber Fellowship, which I think creates, let’s say, a precedent for not only having more like gender balance there, but effectively having women and folks from different, let’s say, standpoints to actually negotiate an official text, and I wouldn’t underestimate that because there are different ways of approaching the negotiation of a text, and obviously the subjectiveness of your background, where you’re coming from, be it geographically, be it in terms of your gender, that really kind of like plays into the way in which you navigate the world, and that’s not different when you enter a UN windowless room, right? And I think that’s actually very important, and I, you know, just seeing that specific fellowship taking place throughout the last, like, I don’t know, since 2018 at least, 2019, sorry, with the start of the OEWG, you do see the of similar women attending these spaces. And I think that’s good because it just maintains a memory of having effective representatives there. So hopefully that responds a bit to your question, but again, from the very specific standpoint, my concluding remarks is almost like a summary because as you know, James, I tried to kind of like cluster things and structure kind of thoughts. So going back to the notion of paradox, I think we have three paradoxes if that’s the word now reflecting. I think the first one is thinking about the paradox of meaningful leadership. We talked about lots of different processes. I think there is a thing over here, which is there is a value in spearheading certain initiatives and setting into motion, so structuring it. But I think there’s a very important point. And I think that’s something that you raised quite nicely, James, which is, is there a moment for us to delegate some of that leadership? And if that leadership is delegated, how that should happen? Also calibrating political risks, right? Because that’s what member states are usually doing, right? It’s like, I don’t wanna lose control over this process, but I want to indicate that it’s actually inclusive. But is there something about calibrating between spearheading, setting it in motion and delegating? What does delegation look like? The counter ransomware initiative has different working groups with different countries doing that. And I think non, like also like non-state actors, like sharing that, but I might be wrong. The second paradox then, meaningful leadership. The second one for me is like meaningful coordination. And in the meaningful coordination, I think what we saw is calibrating between like interagency mechanisms, developing those if that is something that’s relevant at the national level, be it like a committee structure. So similarly to Malta, like in Brazil, it’s right. like the office of the president, so that provides some political capital domestically, but how do you ensure also that you are having a mixed delegation once you go externally, right? So how do you calibrate between like inter-agency coordination and kind of like international projection? And the third paradox, and finally, is a meaningful dialogue. So, and this is a provocation really, like, okay, it’s very nice and easy to say like, oh, we’re open to dialogue, to meaningful dialogue, we’re going to bring these stakeholders in, we’re going to do consultations, we’ll have a very nice timeline, and this will look very structured, but are we actually open to productive disagreement? Even if like for member states that are funding, like, you know, there were lots of examples of like funding to go to the ad hoc committee, funding, like, these developed countries or developing countries or underrepresented communities, is that actually in the end kind of like, is there an openness for a productively discomforting, uncomfortable dialogue? That’s the word. And open to other expert input from maybe communities that we don’t know, or that we haven’t figured out. And I think one example is the Global Conference on Cyber Capacity Building, which obviously there’s this whole kind of like cyber capacity building community within the cyber world, but there’s a development community, so how do you bridge those? Not saying that the GC3B, the Global Conference on Cyber Capacity Building, is the example, but that is one case where you see this attempt to articulate that conversation, and it’s still very, you know, it’s still gaining its own kind of like traction, right? And I’m sure Yasmin will have some additional thoughts on that. So these are the three kind of like points that I like to add there. But thank you very much all for your contributions. This was great, especially at

James Shires: 6am until like 8am here in London. Thank you, Louise, and impressively awake. I was really struck by this idea… of calibrating political risk and maintaining control, right? Because at the end of the day, right, to have a more inclusive process to really spread ownership, there has to be some kind of letting go, right? Some states who are currently in charge or others new in charge process have to relinquish some kind of control and be ready for the progress to go in different directions. And that is really an uncomfortable place to be in, especially if your whole mandate as a Minister of Foreign Affairs or other official is to steer and maintain control in that way. Yasmin, minoritized identities and communities, and then concluding

Yasmine Idrissi Azzouzi: remarks. Thank you. Sounds good. Thank you very much, James. So I would like definitely to echo what has been said until now and really, really, really keep the focus also on fostering ownership at national level. I think the point on the delegation of leadership definitely is a challenging one, but I’ve seen through national processes, lead agencies that sort of relinquish a little bit that lead role to a certain extent and seeing the usefulness in doing that. That, of course, doesn’t stop us from keeping the balance, of course. And I think both sort of approaches are necessary. So one of them is definitely creating the focus on interdisciplinary teams that are equipped, again, to engage meaningfully in different fora. So in a perfect world, we would have similar something to like what the Austrian representative here has mentioned, multidisciplinary teams that bring different experts at international level as well. And I think to ensure also sort of continuity with these sort of multidisciplinary teams, keeping the lead agency as being sort of the core is also necessary. So the lead agency can sort of keep tabs on the processes, on the different ones, and give that overview as well on the different things that may be lacking at times, while in parallel to that, delegating some of that power or some of that leadership when it comes to having specific processes that are topic-specific, for example. So apart from the national level that I keep coming back to that I think is really, really core, it’s really the key here, of course, inclusivity at international level is needed as well. Akriti’s very relevant example definitely showed the need for obviously going beyond let’s say multilateral or state-focused processes and keep that inclusivity of civil society at international level as well, but I think a lot of it actually needs to happen at national level. Thank you. Thank you very much, Yasmin. And finally, I would turn to our third panellist, Corrine

James Shires: Kasher, for your concluding remarks. We have had our five-minute warning, so we will be wrapping up after these remarks. And thank you, everyone, for your participation. Corrine, over to you.

Corrine Casha: Thanks, James. Well, not much to say. I think the two panellists before me actually wrapped up everything nicely. I mean, we’ve discussed a lot today, and I think we’ll take home, I’ll definitely take home a few of the remarks that participants made today, especially, yes, about the Austrian colleague mentioned interdisciplinary teams, and also Louise mentioned, for example, the transfer knowledge. Yasmin mentioned also the need to sort of, about the consultation process. It was one thing that struck me most about best practices. So I think we have quite a checklist of things that we have gathered here today. And I think they were all very, very valid remarks. I myself, I think, I’m also pleased to be here, not only because I shared some of my experiences, but because I took home a lot of points to consider. So maybe, I don’t know, I mean, we can definitely come up also with a sort of report from this session, and maybe circulate to participants as well. But I think we have all spoken very much about the need to reduce fragmentation, about the need for inclusivity, about the need, as you said, of political risk and sort of relinquishing control. I personally think that what we discussed here today would be very relevant to take forward. Perhaps you can have another session also to follow up on this. And from my perspective, I mean, it ends there. I think we’ve discussed a lot today. And I’m very happy to have participated and to have listened to everybody’s take here. So thank you very much.

James Shires: Thank you, Corrine. And as a quick reminder, before we close, please do check out Roussi’s Global Partnership on Responsible Cyber Behavior, which is online. Louise is running that. And of course, do visit Virtual Roots, and we will be doing more activities in this space. We will be engaging more, so we’d love to continue to have this conversation in future. Have a great last day of the IGF, and thank you everyone. Thank you.

Agreement Points

Proliferation of internet governance initiatives creates challenges for meaningful participation

James Shires

Hurel Louise Marie

Yasmine Idrissi Azzouzi

Corinne Casha

Proliferation of initiatives creates barriers to meaningful participation

Specialization of debates leads to fragmentation of discussions

Difficulty in maintaining consistent representation across multiple forums

All speakers agreed that the increasing number and specialization of internet governance initiatives make it difficult for stakeholders, especially those with limited resources, to participate effectively across all forums.

Importance of national-level coordination for effective international participation

Yasmine Idrissi Azzouzi

Corinne Casha

Hurel Louise Marie

National-level coordination is crucial for effective international participation

Establishing national cybersecurity committees for better coordination

Role of foreign ministries in coordinating national positions

Speakers emphasized the need for strong national-level coordination mechanisms, such as cybersecurity committees, to ensure coherent positions and effective participation in international forums.

Similar Viewpoints

Both speakers highlighted the tension between political control and genuine inclusion, suggesting that true inclusivity requires a willingness to relinquish some control and engage with diverse perspectives.

Hurel Louise Marie

Corinne Casha

Inclusion efforts can be weaponized for political purposes

Relinquishing some control is necessary for true inclusion

Both speakers emphasized the importance of meaningful engagement with diverse stakeholders, including being open to disagreement and challenging perspectives, to create genuine ownership and inclusivity in internet governance processes.

Yasmine Idrissi Azzouzi

Hurel Louise Marie

Creating ownership through multi-stakeholder consultations

Fostering dialogue that allows for productive disagreement

Unexpected Consensus

Importance of interdisciplinary approaches in internet governance

Yasmine Idrissi Azzouzi

Corinne Casha

Hurel Louise Marie

Need for interdisciplinary teams to engage in various processes

Difficulty in maintaining consistent representation across multiple forums

Importance of knowledge transfer between different forums

There was unexpected consensus on the need for interdisciplinary approaches to internet governance, with speakers from different backgrounds agreeing on the importance of combining technical, diplomatic, and policy expertise to address complex digital issues effectively.

Overall Assessment

Summary

The main areas of agreement included the challenges posed by the proliferation of internet governance initiatives, the importance of national-level coordination, the need for inclusive and diverse participation, and the value of interdisciplinary approaches.

Consensus level

There was a high level of consensus among the speakers on the key challenges and potential solutions for improving inclusion in internet governance. This consensus suggests a shared understanding of the complexities involved and a common desire to address the paradox of inclusion. The implications of this consensus are that future efforts in internet governance may focus on developing more coordinated and interdisciplinary approaches, both at national and international levels, to ensure more effective and inclusive participation across various forums.

Different Viewpoints

Role of specialization in internet governance debates

Hurel Louise Marie

Yasmine Idrissi Azzouzi

Specialization of debates leads to fragmentation of discussions

Need for interdisciplinary teams to engage in various processes

Louise Marie argues that specialization leads to fragmentation, while Yasmine emphasizes the need for interdisciplinary teams to address this fragmentation.

Unexpected Differences

Overall Assessment

summary

The main areas of disagreement revolve around the approach to specialization vs. interdisciplinary engagement, and the specific mechanisms for improving national and international coordination.

difference_level

The level of disagreement among the speakers is relatively low, with more emphasis on complementary perspectives rather than outright contradictions. This suggests a general consensus on the challenges of inclusion in internet governance, with differences primarily in the proposed solutions and areas of focus.

Partial Agreements

Both speakers agree on the challenges of inclusion, but Louise Marie focuses on structural inequalities, while Corinne emphasizes the practical difficulties of representation.

Hurel Louise Marie

Corinne Casha

Structural inequalities persist despite efforts at inclusion

Difficulty in maintaining consistent representation across multiple forums

Both speakers agree on the importance of national-level coordination, but propose different mechanisms to achieve it.

Yasmine Idrissi Azzouzi

Corinne Casha

National-level coordination is crucial for effective international participation

Establishing national cybersecurity committees for better coordination

Similar Viewpoints

Both speakers highlighted the tension between political control and genuine inclusion, suggesting that true inclusivity requires a willingness to relinquish some control and engage with diverse perspectives.

Hurel Louise Marie

Corinne Casha

Inclusion efforts can be weaponized for political purposes

Relinquishing some control is necessary for true inclusion

Both speakers emphasized the importance of meaningful engagement with diverse stakeholders, including being open to disagreement and challenging perspectives, to create genuine ownership and inclusivity in internet governance processes.

Yasmine Idrissi Azzouzi

Hurel Louise Marie

Creating ownership through multi-stakeholder consultations

Fostering dialogue that allows for productive disagreement

Key Takeaways

The proliferation of internet governance initiatives creates barriers to meaningful participation, especially for actors with limited resources

There is a tension between specialization of debates and fragmentation of discussions across multiple forums

National-level coordination and capacity building are crucial for effective international participation

True inclusion requires relinquishing some control and being open to productive disagreement

Structural inequalities persist despite efforts at inclusion in internet governance processes

There is a lack of communication and coordination between different internet governance forums (e.g. Geneva vs New York-based)

Resolutions and Action Items

Consider creating a report summarizing the key points from this session to circulate to participants

Explore having a follow-up session to continue the discussion on inclusion in internet governance

Unresolved Issues

How to effectively balance specialization of debates with the need for coherent, coordinated governance

How to ensure meaningful inclusion of minoritized identities and communities in digital governance spaces

How to improve coordination between different internet governance forums and processes

How to address structural inequalities that persist despite inclusion efforts

Suggested Compromises

Creating interdisciplinary teams that can engage across multiple governance forums

Delegating some leadership/control to other stakeholders while maintaining overall coordination

Balancing state-led initiatives with meaningful multi-stakeholder consultation and civil society inclusion

Fostering national-level coordination mechanisms (e.g. cybersecurity committees) to inform international engagement

The idea here is that we see a proliferation of efforts to bring in different actors in internet governance, whether these are multi-stakeholder forums, whether these are efforts to include developing countries and smaller states or states with fewer resources, and there’s lots of different efforts to do these, through different conferences, initiatives, meetings, and so on. In fact, there’s so many of these different efforts that actually keeping up with them all, keeping track of them all, and participating meaningfully in them all, is itself a high resource burden. And that’s what we term the paradox of inclusion.

speaker

James Shires

reason

This comment introduces the central concept of the ‘paradox of inclusion’ which frames the entire discussion. It highlights how efforts to be more inclusive can paradoxically create barriers to participation.

impact

This set the stage for the entire discussion, providing a framework for analyzing various internet governance initiatives and their inclusivity challenges.

So you have those movements, such as the ad hoc committee, which has ended right now, that becomes part of that, let’s say, political strategy. Another example of proliferation being a political strategy is precisely to specialize debate because then you can control a bit more or what the scope is, and who is involved in this conversation.

speaker

Louise Marie Hurel

reason

This comment introduces the idea that the proliferation of initiatives can be a deliberate political strategy, adding complexity to the discussion of inclusivity.

impact

It shifted the conversation to consider the political motivations behind the creation of new forums, deepening the analysis beyond just logistical challenges.

So creation of ownership, I think, at national level across different expertises, so ministries and national agencies, but also critical infrastructure providers. We’ve had in the same room central banks, energy representatives, but also ministries ranging from MFA all the way to, of course, defence, interior and others, because, of course, it’s extremely interdisciplinary and a national strategy also needs to have all of those elements be taken into consideration.

speaker

Yasmine Idrissi Azzouzi

reason

This comment highlights the importance of national-level coordination and inclusivity as a foundation for effective international participation.

impact

It broadened the discussion to consider how national-level processes impact international inclusivity, leading to a more holistic analysis of the challenges.

And I was happy to see that they were included in the consultation process. And I think for us, this was something that we would like to also encourage other states to sign up to, because it’s very important to not only in terms of, as I said, including the other, let’s say, factions that are not always included in the decision-making, but also as a way of promoting, let’s say, coordination between different states.

speaker

Corinne Casha

reason

This comment provides a concrete example of how a specific initiative (the Palma process) is attempting to address inclusivity challenges.

impact

It moved the discussion from theoretical concepts to practical examples, allowing for a more grounded analysis of potential solutions.

And just inquiry considering the way in which we, we look at the way in which we fragment internet, generally speaking, and the way in which we identify the subtext within the presentation of information. And when it comes to internet government governance, how do we consider the identities that are being put forward?

speaker

Natasha Nagle

reason

This comment introduces a new dimension to the discussion by focusing on the representation of minority identities in digital spaces.

impact

It broadened the scope of the inclusivity discussion beyond just state and organizational representation to consider individual and community identities.

Overall Assessment

These key comments shaped the discussion by progressively expanding and deepening the analysis of inclusivity in internet governance. Starting with the introduction of the ‘paradox of inclusion’, the conversation moved through considerations of political motivations, national-level coordination, practical examples of inclusive initiatives, and finally to questions of identity representation. This progression allowed for a multifaceted examination of the challenges and potential solutions to achieving meaningful inclusivity in internet governance processes.

How can we strengthen communication between different UN processes (e.g. Geneva and New York) to avoid duplication?

speaker

Austrian Foreign Ministry representative

explanation

This is important to improve coordination and efficiency in international cybersecurity discussions.

What are best practices for Ministries of Foreign Affairs to facilitate interagency coordination on cyber issues?

speaker

Louise Marie Hurel

explanation

This could help improve national-level coordination to better inform international positions.

How can we ensure meaningful inclusion of minority identities in internet governance processes?

speaker

Natasha Nagle

explanation

This is crucial for ensuring diverse perspectives are represented in digital policy discussions.

How can we calibrate between spearheading initiatives and delegating leadership in international processes?

speaker

Louise Marie Hurel

explanation

This is important for balancing control and inclusivity in multi-stakeholder initiatives.

How can we foster openness to productive disagreement in international dialogues?

speaker

Louise Marie Hurel

explanation

This is necessary for truly inclusive and meaningful discussions on complex issues.

How can we better bridge the cyber capacity building community with the broader development community?

speaker

Louise Marie Hurel

explanation

This could lead to more holistic and effective approaches to digital development.