Informal multistakeholder consultations

7 Jun 2024 09:00h - 09:30h

Table of contents

Disclaimer: This is not an official record of the session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed.

Full session report

International conference chair navigates stakeholder engagement in cybersecurity discussions

The plenary session of an international conference resumed with the Chair announcing a temporary suspension of formal proceedings to circulate a draft proposal based on the previous day’s discussions. Emphasising the importance of input from various stakeholders, the Chair initiated an informal session to hear from civil society, academia, the private sector, and other non-state actors.

A representative from Team Yellow greeted the Chair and requested the inclusion of two agenda items, one of which was deemed particularly important and required immediate attention. The Chair acknowledged the request and suggested a brief pause in formal proceedings to reflect on the concerns raised by Team Yellow.

During the informal session, a Civil Society representative from the ICT Action Network stressed the necessity of multi-stakeholder engagement in cybersecurity initiatives at national and regional levels. The speaker highlighted the importance of collaboration between governments, experts, civil society, the private sector, and academia to address cyber threats and ensure a human-centric approach in cybersecurity policies. The representative also called for the application of international humanitarian and human rights law in cyberspace, and for capacity building to support the adoption of national positions on cybersecurity.

The private sector, represented by a speaker, outlined their significant role in cybersecurity, owning most of the infrastructure and expertise. They introduced the acronym POETRY (Principles, Ownership, Expertise, Teamwork, Risk, Yardstick) to encapsulate their presentation. The speaker requested that principles be explained to the private sector for practical implementation, highlighted the importance of teamwork, and noted the private sector’s substantial risk exposure. They also proposed the promotion of the customary law of reparations to cover critical infrastructure protection and suggested national consultations with the private sector prior to international forums.

A local delegate representing youth and women pointed out the absence of these groups in the cybersecurity discussions, urging the state parties to consider their critical roles.

The Chair expressed appreciation for the inputs from non-state actors, acknowledging the business sector’s grounding in reality and the need for public services to be more aligned with this perspective. The Chair also agreed with the local delegate’s observation on the need to better involve youth and women in cybersecurity.

Concluding the informal session, the Chair proposed a brief recess to address the issues raised and prepare the draft document for circulation. Delegates were asked to remain in the room for the resumption of formal proceedings shortly.

Session transcript

We now resume the plenary session where we left off yesterday, but before that, we will temporarily suspend the formal part. The Chair will, in a short period of time, with the help of the Secretary, circulate a draft that is proposed based on the interpretations of delegations from yesterday. But before that, it is important that we hear the voices of other stakeholders, the delegations that are here, outstanding actors, both civil society and academia, the private sector. It is important that we have these inputs to our discussions. So for that reason, I allow the Chair to suspend the plenary, the formal part, and go into an informal section of our deliberations. If there are no objections, it is decided, we will suspend the session.

Team Yellow:
Good morning, Mr. Chair, good morning, colleagues, we have really gone far, we thank God for the success so far. My delegation was to place two agenda items, but one for consideration, hoping that this housekeeping is supposed to be an issue, but because of the importance of it, it requires that the delegates have to say a few things, give their responses to it, and we wanted to place it as a topic and consider it this morning. Taking note that the agenda as it stands is very important, the items on it, but since we require this, if the Chair could kindly open up the floor for us to make that presentation as part of the agenda, since we are continuing with yesterday’s agenda. Mr. Chair, thank you. Two items, if you allow, we can quickly read out and then we can react before we go to the main items this morning. Thank you.

Could you approach the Chair at the moment, please? Mr. Chair, thanks to the delegation of Yellow for clarifying the issues ahead. And please allow the Chair some time to reflect on that and try to find a suitable range for the concerns raised by the delegation of Yale. With that, the Chair proposes right now for us to exit the formal part that is suspended for the plenary session for a moment. We will go into an informal session where we will allow for, as the Chair said, the participation of other stakeholders. If there are no objections, the meeting is suspended. Dear delegates, right now we are in informal mode. I have called for this so that we can have a more informal discussion amongst us. And obviously, this will not be a part of the record, just an opportunity for us to express our views in an informal manner, see where perhaps some disagreements exist, but also very important to be able to hear the voices of, as I said, other stakeholders. With that in mind, let me start the meeting with calling on those voices. We have some non-state actors who are there in this meeting. I will start by calling first Civil Society to read out statements that they have prepared. So, Civil Society representatives, please go ahead.

Civil Society:
Mr. Chair, thank you for the opportunity to address the Open-Ended Working Group delegates. I speak here on behalf of the ICT Action Network. Distinguished delegates, ladies and gentlemen, cyber security is everyone’s responsibility. We all have a role to play, even our various skills and responsibilities in cyber ecosystem. Consequently, the meaningful participation of all stakeholders in the design, development and implementation of various cyber initiatives cannot be overemphasized. We believe that multi-stakeholder engagement between governments and all relevant stakeholders such as experts, civil society, private sector and academia at the national and regional levels is critical. Moreover, regular focus and constructive engagement can be instrumental in the identification of gaps, building of synergies and in the design and development of innovative approaches, including context-specific responses to emerging issues in the cyber domain. They also facilitate sharing of information and building a common understanding of the issues, challenges and opportunities. Thank you, Mr. Chair. We call upon delegates from member states, especially those from Africa, to cascade these multi-stakeholder conversations at the national and regional levels to ensure all are brought on board. In particular, to encourage them to utilize the African Union and the regional economic blocs in this continent to prioritize cyber diplomacy, including facilitating greater multi-stakeholder engagement at the national and regional levels on the topics and discussions at the Open Advertising Group. In addition, continued investment by state and non-state actors in evidence-based research and the work of civil society is useful in informing cyber policy-making processes and promoting common understanding of cyber issues, including on how to ensure human-centric approaches in the field of ICPs. Mr. Chair, due to lowering of the threshold of conducts, cyber attack and operations, the threat landscape now consists of nation-state affiliated actors, collectives and activists, and criminal groups, in addition to nation-states as traditional actors. We call on states to be guided by a human-centric approach when assessing the impact of cyber attacks to explain the societal harm of these incidents on people, including groups with specific needs and vulnerabilities. Mr. Chair, regarding international law, while cyberspace is often referred to as a domain, it does not in fact constitute a new legal area or domain, and thus international law applies in its entirety. This does not mean that there are not unique features relating to the use of ICPs which require additional attention, and we welcome the proposal for a dedicated intersectional discussion to further discuss these areas. This should reflect areas of additional convergence, such as the application of international humanitarian and human rights law, and should focus on what is needed to ensure their protected value. We also support various recommendations to build capacity on international law to enable states to provide their own views. The task of developing positions is a challenging endeavor, requiring coordination from multiple agencies, significant financial resources and expert knowledge, and inputs from other stakeholders. Capacity building should thus aim to mitigate these challenges and to support the adoption of national positions which are instrumental to arriving at common understanding. It is also a team effort and should involve the participation of different stakeholders. Thank you, Mr. Chair.

Thank you very much, Vlada. Thank you very much to all representatives of society for providing your valuable input into our deliberations. Am I to understand right now that Nene is also here, or if she’s not, then perhaps we will wait to hear the voice of private.

Private sector:
Chair, Vice Chair, distinguished delegates, we are honored as the private sector to have been given an opportunity to address you we have listened with respect and gladness to the deliberations of the delegates on this important topic and we are one with you as we present our own viewpoints, which we hope will continue to enrich this discussion. I will make my presentation along six lines. Firstly, principles. The framework of action gives us the norms, the CBMs, international law, and capacity building as important areas. And there are principles that have been developed through the UNGG and the Open-Ended Working Group. And we would plead with the delegates to continue to explain these principles to the private sector and to help us to unpack them into practical action for the reasons that I will present. One, we are the owners of most of the infrastructure, the critical infrastructure, the cables, the masks, the data centers, the systems, security, networks, operation centers, and even many of the services. We own the intellectual property that underpins this technology. We own and run the systems and applications which are used in this technology. And we own a lot of the data or store it for others, the brands and the businesses that make this technology come alive. Secondly, we have the expertise. Even now at times of conflict, we have seen the private sector being requested by governments to help them to defend themselves because the greatest expertise to design, operate, and even to solve the problems of this technology lie in the private sector. Thirdly, without teamwork between the private sector, governments, academia, and civil society, we will be unable to manage the complexities and threats in this landscape. Fourthly, we bear a huge part of the risk that we have. As early as 2018, six years ago, data breaches alone lost the world more than $5 billion. An amount which can provide 5 million households with electricity, which can build 125,000 kilometers of optical fiber, or 2,500 kilometers of roads. These losses were borne largely by the private sector, but we are the taxpayers. We also support the public sector. So this loss was also felt by governments. Finally, the implementation success of the policies you are making will largely be measured by reduction of the losses in the private sector and actions which are taken to protect this sector from harm. I believe you have realized that the six issues I have talked about have created the acronym POETRY. Principles, Ownership, Expertise, Teamwork, Risk, and the Yardstick. The great Senegalese statesman and poet, Leopold Senghor, wrote in his poem, African Woman, that in your shadow I have grown up. The gentleness of your hands was laid over my eyes. This technology has developed in the shadow of the private sector. And our hands are laid over this technology, as the great statesman, I borrow from his poem. So we would make requests in three areas. In the area of principles, we would urge the African continent to emphasize the issue of critical infrastructure management and protection, because this critical infrastructure is the one that supports the private sector to provide services. And also issues of supply chain integrity and responsible handling of vulnerabilities would be important to support the private sector to help us to continue to provide services on the African continent and in the rest of the world. In the area of CDMs, I believe that we can follow the example of Ghana’s cybersecurity agency in enshrining private sector points of contact in law in our various nations. I would also propose that we have an annual knowledge building seminar on this topic that involves the leaders of your country and the CEOs of critical infrastructure sector companies in the private sector. In the area of international law, I would propose that the customary law of reparations be promoted by the African continent to cover the issue of critical infrastructure protection. In African countries, we have invested a lot and we have seen the disruption created by the fibre cuts, the submarine fibre cuts in West Africa and East Africa. Surely those who commit these acts should have the international customary law of reparations applied to them so that they will fund the repair and restoration of critical infrastructure on the African continent and across the world. This will also deter these kinds of acts and protect the private sector from huge losses. Finally, in the area of teamwork, I would really ask that each delegation first have national consultations with the private sector as they approach processes like the open-ended working group, so that they are fully appraised of the needs of their private sectors as they come to these forums and they defend the private sector who, as I have said, they own and provide the services. We would also like to have private sector experts included in some of your delegations in a supportive role, and we would continue to wish to attend as observers with African delegations. Finally, I would propose that the framework of key performance indicators be developed as a yardstick in this area, so that the impact of these policies, positive impact of the policies that you create on the private sector is measured. And the money I mentioned, which is only a small fraction, because I measure only data breaches, there are many other costs which are coming about as a result of the risks. So we propose that the framework should measure those key performance indicators, so that we can see how these policies are impacting positive change in the area of critical infrastructure protection, among others. Please, remember the acronym POETRI, principles, ownership, expertise, teamwork, risk and yardstick. I thank you all.

Thank you very much. I must admit that I don’t usually associate the business sector with POETRI, but you made a good point in this regard. In my language, the business sector is often referred to as the real sector, and I like that analogy, that it really is the real sector. Very often in public service, sometimes we get unreal in how we view the world, but the business sector certainly has to be real, otherwise they fail. So that’s quite understandable. Thank you very much for those inputs, they’re very valuable. Are there any other voices from non-state actors to which to dig for right now? Yes, please.

Local delegate:
Mr. Chair, excellency, I’m a local delegate. In this capacity, I do represent the youth and women. In some of the deliberations that have gone so far in the last two days, I noticed that state parties have not made any attempt to involve the youth and take critical importance of the role of women in cyber security. So on behalf of the youth and women, I put those considerations on the table. Thank you, Mr. Chair.

Thank you very much. Those are very pointed and objective observations. It’s true, and we all need to make a better stand. Thank you very much for highlighting that. We are still in an informal session. If delegations want to take this opportunity perhaps to communicate with each other or with representatives from civil society, from the private sector, from youth and women’s organizations, from any of the organizations that are there, they may do so. Alternatively, we can finalize this informal part, and what I will do is take a few minutes to try to resolve some issues that have been raised and as well prepare a job for circulation. So what I would ask you, if there are no questions on the floor at this point, is for a very short break, so please stay at the very least in the room, where in a few minutes we will resume the formal part and the draft for our consideration will be also released. So with that then, let’s pause for a minute and be back in a few minutes.



Speech speed

123 words per minute

Speech length

733 words

Speech time

357 secs


Civil Society

Speech speed

147 words per minute

Speech length

580 words

Speech time

237 secs


Local delegate

Speech speed

130 words per minute

Speech length

80 words

Speech time

37 secs


Private sector

Speech speed

121 words per minute

Speech length

1011 words

Speech time

502 secs


Team Yellow

Speech speed

124 words per minute

Speech length

169 words

Speech time

82 secs