Strengthening the multi-stakeholder approach on international norms in cyberspace

25 Nov 2019 10:35h - 12:35h

Event report

[Read more session reports and updates from the 14th Internet Governance Forum]

State and non-state actors play different but equally crucial roles in promoting responsible behaviour online. Despite the fact that the policy-making capability relies only on state entities, it is undeniable that other stakeholders, namely civil society, technical community, and the tech sector take part in norms development and opinion-shaping, as shown by the intersessional meetings of the UN-mandated working group – the Open-Ended Working Group (OEWG), and the consultations of the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE).

Recently, various actions have been undertaken in the form of initiatives or agreements for promoting the responsible behaviour of states, among which, the 2015 report of the UN GGE stands out. From the norms agreed in the report, it emerges that different stakeholders can play different roles in influencing opinion, rule-making processes, problem solving, community building, norms observation, and oversight mechanisms.

During the session, four break-out groups discussed different perspectives: human rights, protection of critical infrastructures, reporting of vulnerabilities, and security concerns in the supply chain. The main findings were then presented according to Chatham House rules.

A human rights perspective on the multistakeholder approach highlights that some evidence-based mechanisms are already in place to foster the protection of human rights when governing or intervening on the Internet. Multistakeholder processes, forums, and fora can strengthen such an approach and tackle the issue of harmonisation between national and international rules and principles, national laws, and private sector policies.

A perspective on the security aspect of information and communications technology supply chains shows that there is a general agreement at the macro level, but different roles can be highlighted for different stakeholders. The private and technical sector can develop and spread information able to inform governments and public opinion; additionally, governments can play a role in creating security awareness. Additionally, vulnerability equity challenges need to be tackled through the creation of trusted processes, and problem solving capabilities need to be fostered through capacity building.

Reporting vulnerabilities represent one of the areas in which progress has been achieved in the past 30 years. However, barriers remain with regard to the conflict of interests and the approach that looks at the symptoms and not at the root causes. Further norms development needs to be achieved.

The perspective on critical infrastructure protection represents a good example to recall some of the roles mentioned by the other perspectives and to highlight rooms for co-operation development, as well as current challenges.

Civil society organisations and research institutes such as the Citizen Lab play an important role in informing and shaping public opinion that might lead to bottom-up pressure on governments and public institutions.

Multistakeholder platforms such as global, regional, and national IGFs (NRIs) should foster inclusivity of the least represented voices and perspectives. With this regard, governments could play an important role in supporting the participation of such actors through logistics means.

Collaboration among different stakeholders can foster community building and problem-solving in which common interests are pursued, as displayed by the TechAccord and the Paris Call for Trust and Security in Cyberspace.

Finally, it is clear that the role of whistleblowers is essential; however, there are crucial gaps that need to be addressed with regards to the legal protection of whistleblowers as well as follow-up mechanisms after the ‘whistle is blown’.