Towards a human rights-centered cybersecurity training

28 Nov 2019 16:40h - 18:10h

Event report

[Read more session reports and updates from the 14th Internet Governance Forum]

The workshop had three main aims, as explained by workshop organisers Ms Julia Schuetze (Stiftung Neue Verantwortung) and Ms Kate Saslow (Stiftung Neue Verantwortung):

  • First, to discuss how it can be ensured that cybersecurity focuses on the digital safety and security of people instead of focussing on national security.
  • Second, to identify strategies to increase the cybersecurity awareness of individuals by looking at specific case scenarios.
  • Third, to identify some challenges and best practices regarding human rights-centred cybersecurity training.

One of the key questions, according to Mr Daniel Mossbrucker (Journalist and Digital Security Trainer, DW Academy), is why people who have digital security training do not employ their skills in practice and do not adjust their own online habits.

Additional challenges include the issue of trust when it comes to introducing new proprietary software, compared to the software that people use daily and are comfortable with. Another issue, according to Mr Farhan Janjua (Civil Society, Asia-Pacific Group), is low technical expertise to manage and deploy IT at the local level. Janjua also highlighted a lack of interest in matters relating to privacy as a challenge. The belief that privacy is only an issue when someone has something to hide persists. Janjua argued that more capacity development and training are needed to address this misconception.

At the same time, it is also important to look at the challenges that might arise between the grant giver and the local implementer, especially in the context of development co-operation. Mr Gbenga Sesan (Executive Director, Paradigm Initiative Nigeria) argued that particular problems arise when organisations that award a grant do not do research beforehand to find out whether local implementers have the human rights and cybersecurity knowledge and skills needed to carry out the project. He identified a mismatch in the priorities of the donor and the local actors as another area for attention. In proposing solutions, Sesan reiterated that the donors need to research whether the local staff has the capacity to implement the initiative and that project support should match demonstrated needs so as not to result in a mismatch of desired outcomes.

After these initial inputs, the session divided into smaller break-out groups to discuss various scenarios related to human rights-centred cybersecurity training and identify both challenges and solutions. In the discussion, best practices related to the protection of the privacy of individuals and freedom of expression stood out.

By Jacob Odame-Baiden