Cybersecurity

Protecting children’s rights in the digital age: Balancing opportunities and risks through collaboration

Experts from governments, tech companies, and civil society came together to address the growing challenge of protecting children’s rights in the digital age. While the internet offers immense opportunities for learning and development, it also exposes children to serious risks, including cyberbullying, privacy violations, deepfakes, and data exploitation.

‘The digital world can be both a playground and a battlefield,’ remarked Eugene Kaspersky, CEO of Kaspersky Lab, who emphasised that educating adults is just as crucial as teaching children about online safety.

This Internet Governance Forum (IGF) panel also discussed the limitations of relying solely on technology, highlighting tools like parental controls, age assurance protocols, and safety features on platforms like Meta, which has adopted a ‘best interests of the child framework.’ However, they stressed that technological measures must be complemented by robust education and digital literacy initiatives.

Syed Munir Khasru, chairman of the Institute for Policy, Advocacy and Governance, underscored the role of parents, saying, ‘We have to train, educate, and inspire the children. And in my opinion, they are very smart.’ Andrei Zarenin, Russia’s Deputy Minister of Digital Development, Communications, and Mass Media, added that fostering trust and communication between children and parents is key to navigating the digital landscape.

Collaboration was a recurring theme, with panellists calling for governments, private companies, and civil society to work together on standards and protocols for child safety online. Cross-platform projects like Project Lantern were cited as examples of tackling online harms on a broader scale.

Despite advancements, unresolved issues remain, such as effective age verification, balancing privacy with protection, and addressing the digital divide. Marleni Cuellar, the moderator of this session, concluded that the goal is simple yet profound: ‘the importance of all children and wanting the best for them in the digital world.’

All transcripts from the Internet Governance Forum sessions can be found on dig.watch.

Rhode Island suffers major data breach

Rhode Island officials have confirmed a major data breach in the state’s social services system, potentially exposing the personal and financial details of hundreds of thousands of residents. The hackers, believed to be an international cybercriminal group, accessed sensitive information through RIBridges, the state’s portal for government assistance programmes, including Social Security numbers and banking details.

The breach, which was detected earlier this month, affects users of the Supplemental Nutrition Assistance Program, Temporary Assistance for Needy Families, and healthcare services accessed through HealthSource RI since 2016. The attackers have demanded an undisclosed ransom, threatening to release the stolen data if unpaid. Deloitte, the system’s vendor, confirmed the breach on Friday, prompting the state to shut down the portal temporarily.

Residents impacted by the breach will be notified via letters detailing steps to secure their personal information and protect their bank accounts. For now, new applicants for state benefits must use paper applications as authorities work to secure the compromised system. Governor Dan McKee described the incident as extortion, calling for swift remediation and protection for affected citisens.

Parliamentarians urged to bridge the global digital divide

At the ‘IGF Parliamentary Track – Session 1’ session in Riyadh, parliamentarians, diplomats, and digital experts gathered to address persistent gaps in global digital governance. The session spotlighted two critical UN-led initiatives: the World Summit on the Information Society (WSIS) and the Global Digital Compact (GDC), underscoring their complementary roles in bridging the digital divide and addressing emerging digital challenges like AI and data governance.

Ambassador Muhammadou M.O. Kah, Chair of the Commission for Science and Technology for Development, stressed the urgency of digital inclusion. ‘Digital technologies are transforming our world at a remarkable pace, but we must confront the persistent divide,’ he said, remembering that twenty years after WSIS first set out a vision for an inclusive digital society, one-third of the world’s population remains unconnected, with inequalities deepening between urban and rural areas, genders, and socioeconomic groups.

The Global Digital Compact, introduced as a ‘refresh’ of WSIS priorities, emerged as a key focus of the discussion. From the UN Tech Envoy’s Office, Isabel de Sola presented the GDC’s five pillars: affordable internet access, tackling misinformation, data governance, fostering inclusive digital economies, and ensuring safe AI implementation. De Sola emphasised, ‘We need a holistic approach. Data governance, AI, and connectivity are deeply interconnected and must work in tandem to serve society fairly.’

Sorina Teleanu, the session’s moderator and Head of knowledge at Diplo, highlighted the need for urgent action, stating: ‘We have the Global Digital Compact, but what’s next? It’s about implementation—how we take global commitments and turn them into real, practical solutions at national and local levels,’ she urged parliamentarians to exercise their oversight role and push for meaningful progress.

The session exposed a growing disconnect between governments and parliaments on digital policy. Several parliamentarians voiced concerns about exclusion from international processes that shape national legislation and budgets. ‘We cannot act effectively if we are not included or informed,’ a delegate from South Africa noted, calling for better integration of lawmakers into global frameworks like the GDC and WSIS.

To close these gaps, speakers proposed practical solutions, including capacity-building programs, toolkits for mapping GDC priorities locally, and stronger regional parliamentary networks. ‘Parliamentarians are closest to the people’ Ambassador Kah reminded attendees, ‘they play a crucial role in translating global commitments into meaningful local action’

The discussion ended with a renewed call for collaboration: greater inclusion of lawmakers, better alignment of international frameworks with local needs, and stronger efforts to bridge the digital divide. As the world approaches WSIS’ 20-year review in 2025, the path forward requires a unified, inclusive effort to ensure digital advancements reach all corners of society.

All transcripts from the Internet Governance Forum sessions can be found on dig.watch.

Digital futures at a crossroads: aligning WSIS and the Global Digital Compact

The path toward a cohesive digital future was the central theme at the ‘From WSIS to GDC: Harmonising Strategies Towards Coordination‘ session held at the Internet Governance Forum (IGF) 2024 in Riyadh. Experts, policymakers, and civil society representatives converged to address how the World Summit on the Information Society (WSIS) framework and the Global Digital Compact (GDC) can work in unison. At the heart of the debate lay two critical imperatives: coordination and avoiding fragmentation.

Panelists, including Jorge Cancio of the Swiss Government and David Fairchild of Canada, underscored the IGF’s central role as a multistakeholder platform for dialogue. However, concerns about its diminishing mandate and inadequate funding surfaced repeatedly. Fairchild warned of ‘a centralisation of digital governance processes,’ hinting at geopolitical forces that could undermine inclusive, global cooperation. Cancio urged an updated ‘Swiss Army knife’ approach to WSIS, where existing mechanisms, like the IGF, are strengthened rather than duplicated.

The session also highlighted emerging challenges since WSIS’s 2005 inception. Amrita Choudhury from MAG and Anita Gurumurthy of IT for Change emphasised that AI, data governance, and widening digital divides demand urgent attention. Gurumurthy lamented that ‘neo-illiberalism,’ characterised by corporate greed and authoritarian politics, threatens the vision of a people-centred information society. Meanwhile, Gitanjali Sah of ITU reaffirmed WSIS’s achievements, pointing to successes like digital inclusion through telecentres and distance learning.

Amid these reflections, the IGF emerged as an essential event for harmonising WSIS and GDC goals. Panellists, including Nigel Cassimire from the Caribbean Telecommunications Union, proposed that the IGF develop performance targets to implement GDC commitments effectively. Yet, as Jason Pielemeier of the Global Network Initiative cautioned, the IGF faces threats of co-optation in settings hostile to open dialogue, which ‘weakens its strength.’

Despite these tensions, hope remained for creative solutions and renewed international solidarity. The session concluded with a call to refocus on WSIS’s original principles—ensuring no one is left behind in the digital future. As Anita Gurumurthy aptly summarised: ‘We reject bad politics and poor economics. What we need is a solidarity vision of interdependence and mutual reciprocity.’

All transcripts from the Internet Governance Forum sessions can be found on dig.watch.

Safeguarding democracy: Strategies to combat disinformation in electoral contexts

Disinformation during elections is a growing threat to democracy and human rights, according to a global panel of experts who convened at the Internet Governance Forum 2024 in Riyadh to discuss this issue. Giovanni Zagni, director of Pagella Politica and Facta.news, highlighted the European Union’s approach with its voluntary Code of Practice on Disinformation, which has 34 signatories, including major tech platforms.

The collaborative strategy contrasts with stricter regulatory models, raising questions about the balance between platform accountability and government intervention. Juliano Cappi from the Brazilian Internet Steering Committee underscored the importance of digital sovereignty and public infrastructure, introducing concepts like ‘systemic risk’ and ‘duty of care’ in platform regulation.

Collaboration among stakeholders was a recurring theme, with experts stressing the need for partnerships between fact-checkers, tech companies, and civil society organisations. Nazar Nicholas Kirama, president of the Internet Society Tanzania (ISOC Tanzania) called for platforms to adopt transparent algorithms and assume greater accountability, comparing their influence to that of electoral commissions.

However, Cappi warned about the risks of bias in platforms’ business models and advocated for a ‘follow the money’ approach to trace disinformation campaigns. Aiesha Adnan, co-founder of the ‘Women in Tech Maldives’ and Poncelet Ileleji from the Information Technology Association of the Gambia emphasised media literacy and grassroots empowerment as crucial tools, calling for initiatives like UNESCO-backed fact-checking and community radio programs to counter misinformation.

The tension between regulation and free speech was a central point of debate. While some participants, like Zagni, noted the challenge of addressing disinformation without infringing on freedoms, others warned against government overreach.

Adnan highlighted smaller nations’ unique challenges, urging for culturally sensitive interventions and localised strategies. The session closed with a call for global cooperation and continued dialogue to safeguard democratic processes while respecting diverse regional contexts and fundamental rights.

All transcripts from the Internet Governance Forum sessions can be found on dig.watch.

Global fight against ransomware: collaboration is the key to resilience

Diplo is actively reporting from the 2024 Internet Governance Forum (IGF) in Riyadh, while the forum’s day one is still, and another essential panel of international experts shed light on the relentless rise of ransomware attacks and the global efforts to counter this growing cyber threat. Moderated by Jennifer Bachus of the US State Department, the session featured cybersecurity leaders Elizabeth Vish, Daniel Onyanyai, and Nils Steinhoff, who highlighted the scale of the crisis and the collaborative response through the Counter Ransomware Initiative (CRI).

Ransomware, described as ‘cybercrime as a service,’ has evolved from simple data encryption to complex extortion schemes targeting critical infrastructure worldwide. ‘Emerging markets are now increasingly in the crosshairs,’ noted Elizabeth Vish, pointing to growing vulnerabilities in developing economies that lack robust cybersecurity resources. With over $1.1 billion in crypto payments extracted by attackers in 2023 alone, ransomware continues to prove profitable, its impacts often crippling public services like hospitals and government institutions.

Established in 2021, the CRI is a coalition of nearly 70 nations dedicated to building collective cyber resilience. Operating under four pillars—policy development, capacity development, public-private partnerships, and the International Counter-Ransomware Task Force—the CRI offers platforms for real-time threat sharing, technical support, and global cooperation. Onyanyai emphasised the initiative’s mentorship model: ‘Advanced nations can guide less-prepared countries, ensuring no one faces this threat alone.’

Public-private cooperation emerged as a cornerstone of the fight. Vish stressed that private companies, often the first to detect attacks, ‘own critical infrastructure and can contribute threat intelligence and resilience strategies.’ Additionally, the role of cyber insurance was discussed as a tool for incentivising better cybersecurity hygiene while facilitating incident recovery.

The panellists underscored the need for collective preparation, emphasising proactive measures like multi-factor authentication and data backups. Vish coined the mantra: ‘Prepare, don’t pay.’ While CRI officially advocates a ‘no ransom’ stance, some countries still grapple with policies on payments.

The session concluded with a stark reminder: no country is immune to ransomware. Whether through emerging AI capabilities or evolving tactics, ransomware remains a persistent, global threat. As Jennifer Bachus aptly summarised: ‘Only through cooperation, capacity building, and resilience will we turn the tide against these cybercriminals.

All transcripts from the Internet Governance Forum sessions can be found on dig.watch.

Cambodian ministry and APLE team up to enhance online safety education through a new initiative

The Cambodian Ministry of Education, Youth and Sport (MoEYS) and Action Pour Les Enfants (APLE) have signed a three-year Memorandum of Understanding (MoU) to implement the ‘Promoting Internet Safety in Education’ project. That initiative promotes child online safety by integrating lessons on recognising and reporting online threats, such as grooming and coercion, into school curricula.

The project also aims to strengthen the capacities of educational institutions, including ministry departments and schools, while providing tailored resources and training for teachers to deliver online safety content. It involves collaboration with key stakeholders, including school administrations, teachers, education officials, parents, community members, and children, to foster a safer digital environment.

However, challenges such as limited resources and low awareness among parents and children pose significant barriers to implementation. The initial phase focuses on seven provinces, with plans for further expansion based on the project’s success.

Why does it matter?

APLE’s strong commitment to combating online sexual abuse and human trafficking reflects the urgency of addressing these critical issues in today’s digital society. The initiative aligns with national education strategies and ensures sustainability by equipping educators and students with the tools to navigate the internet safely.

Additionally, the project includes a comprehensive evaluation after three years to assess its impact and inform potential expansion to other provinces. That effort underscores the importance of empowering communities to prevent and report online exploitation effectively, creating a lasting effect on child safety.

Trump administration plans stronger response to cyber attacks

The incoming Trump administration is set to explore ways to impose higher costs on adversaries and private actors behind cyber attacks, according to Representative Mike Waltz, the pick for national security adviser. Waltz’s statement follows US allegations that a widespread Chinese cyberespionage operation, known as Salt Typhoon, targeted senior American officials and stole significant amounts of metadata.

The White House has revealed that at least eight telecommunications and infrastructure firms in the US were compromised during this campaign. While Waltz did not specify potential actions against Salt Typhoon, he emphasised the need to go beyond defensive measures and start taking offensive actions to deter cyber threats.

Waltz also highlighted the role of the US tech industry in strengthening national defence and exposing vulnerabilities in adversaries. Meanwhile, Chinese officials continue to deny involvement, dismissing the accusations as disinformation and asserting that Beijing opposes cyber attacks in all forms.

Serbian spyware targets activists and journalists, Amnesty says

Serbia has been accused of using spyware to target journalists and activists, according to a new Amnesty International report. Investigations revealed that ‘NoviSpy,’ a homegrown spyware, extracted private data from devices and uploaded it to a government-controlled server. Some cases also involved the use of technology provided by Israeli firm Cellebrite to unlock phones before infecting them.

Activists reported unusual phone activity following meetings with Serbian authorities. Forensic experts confirmed NoviSpy exported contact lists and private photos to state-controlled servers. The Serbian government has yet to respond to requests for comment regarding these allegations.

Cellebrite, whose phone-cracking devices are widely used by law enforcement worldwide, stated it is investigating the claims. The company’s representative noted that misuse of their technology could violate end-user agreements, potentially leading to a suspension of use by Serbian officials.

Concerns over these practices are heightened due to Serbia’s EU integration programme, partially funded by Norway and administered by the UN Office for Project Services (UNOPS). Norway expressed alarm over the findings and plans to meet with Serbian authorities and UNOPS for clarification.

Meta apps experience widespread outages across the United States

Facebook, Instagram, and WhatsApp experienced significant outages across the United States on Wednesday, leaving thousands of users unable to access the popular platforms. Outage tracking site Downdetector recorded over 27,000 reports for Facebook, 28,000 for Instagram, and more than 1,000 for WhatsApp. The disruptions began around 12:50 p.m. ET, with users encountering error messages such as ‘something went wrong.’

Meta acknowledged the issue in a post on X, assuring users that it was working to resolve the problem quickly. A spokesperson apologised for the inconvenience and said teams were working diligently to restore services to normal.

User frustration echoed on X, with many expressing concerns about the reliability of Meta’s platforms. Outages like this are not unprecedented. Earlier this year, Meta faced a similar global disruption that impacted hundreds of thousands of users. In October, Meta apps were also briefly offline due to technical issues, although those were resolved within an hour.

Meta’s platforms are among the most widely used social media and communication tools globally. The recurrence of technical problems highlights the challenges of maintaining the reliability of such massive online infrastructures.

Diplo chatbot can make mistakes. Consider checking important information.