Main Session on Cybersecurity, Trust & Safety Online | IGF 2023

10 Oct 2023 04:30h - 06:00h UTC

Event report

Speakers

  • Alissa Starzak, Cloudflare’s Vice President, Global Head of Public Policy
  • Christopher Painter, Director, Global Forum on Cyber Expertise
  • Elizaveta Belyakova, Chairperson, Alliance for the Protection of Children in the Digital Environment
  • Ernesto Rodríguez Hernández, Vice Minister of Communications, Cuba
  • Folake Olagunju, Program Officer for Cybersecurity, Internet and eApplications, ECOWAS
  • Katitza Rodriguez, EFF Policy Director for Global Privacy

Table of contents

Disclaimer: This is not an official record of the IGF session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed. The official record of the session can be found on the IGF's official website.

Knowledge Graph of Debate

Session report

Moderator 1

The analysis provides insights into various aspects of cybersecurity and cybercrime, including the relationship between global initiatives and national regulations and activities. It examines the need to enhance the link between global and national policies in this area. The analysis also highlights the role of the Internet Governance Forum (IGF) in facilitating multi-stakeholder discussions on cybersecurity initiatives. It emphasizes the importance of IGF in providing a platform for ministers, industry experts, and civil society representatives to engage in discussions and exchange ideas on cybersecurity.

Another proposed solution discussed in the analysis is the creation of a database of cybersecurity experts for knowledge sharing. Efforts have been made to develop such databases within the Organization of American States and through the United Nations’ open-ended working group on cybersecurity. The aim is to facilitate information exchange and collaboration among different countries and regions.

The analysis also mentions the agreement on the need for a pool of knowledge to aid in dealing with cybercrime. Olga Cavalli, a contributor in the analysis, supports the idea of having a knowledge pool to enhance capabilities in tackling cybercrime.

Furthermore, the importance of dialogue and cooperation in leveraging technology is emphasized. Active participation, interaction, learning, and sharing information are highlighted as key elements in harnessing the potential of technology. The analysis advocates for trusting in human skills and potential in the context of technology.

Overall, the analysis reveals the interconnectedness of global initiatives, national regulations, and activities in the field of cybersecurity and cybercrime. It underscores the significance of multistakeholder dialogues, knowledge sharing, and cooperation in addressing these issues effectively. The positive sentiment expressed throughout the analysis signifies a collective belief in the potential of these approaches in building more secure and resilient digital environments.

Katitza Rodriguez, EFF Policy Director for Global Privacy

The discussions on cybercrime and cybersecurity highlight the importance of finding a balance between security and the protection of privacy and human rights. However, the current UN Cybercrime Treaty is viewed as counterproductive and potentially undermines privacy rights. It focuses primarily on enhancing law enforcement powers, with minimal attention given to strengthening systems and networks at a technical level. Additionally, certain provisions within the treaty could criminalise the work of independent security researchers and allow governments to force engineers to compromise security measures, potentially violating privacy.

To address the challenges of cybersecurity, it is suggested that systems and networks need to be strengthened at the technical level. This would require better incentives to encourage the development of more secure software, devices, and networks. Legal protections for security researchers are also necessary to ensure their work in identifying vulnerabilities and improving security is not hindered. Furthermore, there is a need for enhanced education and information sharing about threats, vulnerabilities, and solutions among users and developers.

One of the major concerns with the current UN Cybercrime Treaty is the lack of adequate safeguards and disparities in privacy protections across different countries. The treaty places mandatory powers for criminal investigations, while the safeguards remain optional. This opens the door for potential abuses and compromises privacy rights. The variation in privacy protection across countries also raises concerns about meeting international human rights standards, as international cooperation in dealing with cybercrime may depend on the privacy protection provided by the assisting country’s national law.

Another argument presented is that there should be a minimum baseline for privacy protections in the UN Cybercrime Treaty. It is suggested that treaty-specific safeguards should be put in place to protect and establish a baseline for international cooperation. Currently, there is a significant disparity in the level of privacy protections and human rights from one country to another.

Companies also play a crucial role in upholding human rights. It is argued that companies should have grounds to refuse cooperation if a request is disproportional or violates human rights law. The broad scope of the treaty may lead to potential abuses, and companies need the ability to deny cooperation on grounds of human rights violations.

Overall, the discussions on cybercrime and cybersecurity underscore the need to ensure that human rights and privacy are not compromised in the pursuit of security. The current UN Cybercrime Treaty lacks adequate safeguards and may potentially violate privacy rights. Strengthening systems and networks at a technical level, providing legal protections for security researchers, and enhancing education and information sharing are seen as positive steps. A minimum baseline for privacy protections is necessary, and companies should have the ability to refuse cooperation if it violates human rights. Upholding human rights and promoting international cooperation are essential in effectively addressing cybercrime.

Ernesto Rodríguez Hernández, Vice Minister of Communications, Cuba

There is increasing concern regarding the development of cyber offensive capabilities and the legitimacy of using force in response to cyber attacks, particularly for certain states. These states have included offensive cyber weapons as part of their national security strategies and doctrines, considering the use of force as a legitimate response to cyber attacks. This trend raises questions about the potential implications and consequences of such actions in international relations and security.

The misuse of Information and Communication Technologies (ICTs) and media platforms has emerged as a significant threat to nations. Individuals, organizations, and states are covertly and unlawfully exploiting computer systems to carry out attacks. These activities can potentially trigger international conflicts. Moreover, social networks and electronic broadcasts are being used as tools for interventionism, promoting hate speech, incitement to violence, destabilization, and the dissemination of false information and fake news. This misuse of ICTs and media platforms not only endangers peaceful relations but also undermines principles of justice and strong institutions.

To address these challenges, it is suggested that countries commit to using ICTs for peaceful purposes, fostering cooperation and development. A global commitment should be established, encouraging nations to utilize information and communication technologies for the betterment of society. Additionally, implementing technical assistance mechanisms to exchange good practices can enhance international cooperation in this domain.

In addition to commitments and cooperation, the development of a legally binding international instrument is necessary to bridge the gaps in cybersecurity. This instrument should complement existing international law and effectively address the growing challenges and threats in cyberspace. International cooperation is crucial in tackling these issues and ensuring stability and security in the digital realm.

It is also acknowledged that existing international laws need adjustments to encompass cyberspace adequately. Given the highly dynamic nature of cyberspace, traditional laws may not cover emerging issues. Thus, a binding regulatory framework is needed to establish clear standards and criteria for cyber activities. Additionally, violations of treaties and conventions should be effectively addressed to maintain the integrity and security of the digital world.

The complexities involved in maintaining good cyber practices and the violations of treaties and conventions highlight the need for comprehensive solutions. It is important to address the challenges faced by both developing and developed countries in the digital arena. Developing countries, in particular, face difficulties due to the digital divide, leading to disparities in accessing information and financing for development. Bridging this divide and promoting equal opportunities for all nations is crucial for achieving sustainable development and reducing inequalities.

The importance of discussions and consensus-building regarding cyberspace-related topics is crucial. Continued dialogue among nations and stakeholders is necessary to navigate the complex landscape of cyberspace and develop shared norms and principles. Such discussions can help establish conventions that promote the development of all peoples and safeguard global interests.

Lastly, it is important to recognize the time constraints involved in addressing all the issues in the world of cyberspace. The rapidly evolving nature of technology and the increasing threats in cyberspace pose significant challenges. While it is essential to strive for comprehensive solutions, it is also prudent to acknowledge the limitations and prioritize actions that can have the greatest impact in mitigating risks and promoting a secure and peaceful cyberspace.

In conclusion, the analysis highlights the pressing need for regulations and international cooperation to address the growing challenges in cyberspace. This includes concerns about the development of cyber offensive capabilities, the misuse of ICTs and media platforms, and the gaps in current cybersecurity measures. Adopting a binding regulatory framework, adjusting existing international laws, bridging the digital divide, and fostering dialogue and consensus-building are vital steps towards creating a safer and more inclusive digital environment.

Elizaveta Belyakova, Chairperson, Alliance for the Protection of Children in the Digital Environment

The protection of children from cyber security threats and cyber crime is highlighted as a crucial matter in the collection of statements. The creation of the Russian Alliance for the Protection of Children in the Digital Environment demonstrates the commitment to address this issue. Furthermore, the issue gained recognition at the 2023 BRICS Summit, where participating countries pledged to take action to secure a safe digital environment for children.
Major IT companies are urged to commit to initiatives aimed at mobilizing the public to protect children on the Internet. The Russian IT society has already taken voluntary steps in this direction. Additionally, the Digital Ethics of Childhood Charter was established to establish ethical principles regarding children’s online safety.
A major concern expressed in the statements is the threat of sexual exploitation and abuse of children on the Internet. Disturbingly, a UN statistic reveals that 80% of children in 25 countries reportedly feel at risk of sexual abuse or exploitation online. The We Protect Global Alliance goes as far as to describe the easy access to child sexual abuse material online as a “tsunami.”

The need for data exchange pertaining to the localization of harmful and dangerous material, as well as information on new criminal methods and attacker details, is stressed. In 2022, the removal of 9,126 units of content relied on a hash database with the involvement of major players in the Russian IT market.
Furthermore, joint efforts and open discussions are considered essential in protecting children from cyber threats. Elisaveta, a prominent figure, emphasizes the significance of collective actions in safeguarding children against such threats.

In conclusion, the protection of children from cyber security threats and cyber crime is a pressing issue. The establishment of organizations such as the Russian Alliance for the Protection of Children in the Digital Environment and voluntary commitments by major IT companies demonstrate progress towards securing a safe digital environment for children. However, the prevalence of sexual exploitation and abuse online remains a distressing concern, necessitating further action and cooperation.

Folake Olagunju, Program Officer for Cybersecurity, Internet and eApplications, ECOWAS

The analysis conducted on cybersecurity in the West African region reveals several key findings. One major issue is the lack of national and regional coordination to effectively combat cyber threats. This coordination is crucial for developing and implementing comprehensive strategies that address the complex challenges posed by cybercrime. Due to resource limitations on technical, financial, and human fronts, the West African region is ill-equipped to tackle cybersecurity effectively.

Another important aspect highlighted in the analysis is the insufficient allocation of resources to the cybersecurity sector. Many member states do not have dedicated budget line items for cybersecurity, which hampers their ability to invest in the necessary tools and technologies needed to protect against cyber threats. Additionally, there is a shortage of qualified personnel in the region, further exacerbating the problem. Furthermore, the weak critical infrastructure in West Africa makes it particularly susceptible to cyber attacks, with frequent power outages and telecommunication disruptions already being commonplace.

The COVID-19 pandemic has brought necessary attention to the importance of cybersecurity and digitalization. As member states were forced to adopt digital solutions to meet the daily needs of their citizens, the conversation around digitalization security increased. This shift has highlighted the need for robust cybersecurity measures to safeguard critical systems and protect personal data.

The analysis also emphasizes the need for increased cooperation, information sharing, and involvement of the private sector in cybersecurity efforts. Peer-to-peer cooperation between member states is crucial for effectively combating cyber threats. Furthermore, the analysis suggests that incentives for workers and partnerships with the private sector can significantly improve the cybersecurity landscape in the region.

The approach taken by the Global Forum on Cyber Expertise (GFCE) in collaborating with regional economic communities, such as the Economic Community of West African States (ECOWAS), is commendable. The GFCE aims to enhance capacity building in the region through such partnerships, which aligns with the goals and needs of the West African countries.

While global best practices in cybersecurity are valuable, the analysis highlights the need for local adaptations. Cybersecurity practices from other regions, such as the US, may not be directly applicable in West Africa without considering the local context and challenges. Therefore, promoting a practical approach to cybersecurity and encouraging local adaptation of global strategies are essential.

To address the issues surrounding cybersecurity in the region, a joint platform for advancing cybersecurity in West Africa was launched under the G7 German presidency. This program aims to establish an Information Sharing and Analysis Center (ISAC). The establishment of such a center is considered an excellent approach to enhancing information sharing and cooperation among stakeholders.

In conclusion, the comprehensive analysis of cybersecurity in West Africa underscores the urgent need for action. Promoting a cybersecurity culture, improving communication, coordination, and cooperation at both national and regional levels, and prioritizing resource allocation are vital steps to effectively combat cyber threats in the region. Additionally, the analysis highlights the significance of local adaptations, capacity building, and the involvement of the private sector in addressing cybersecurity challenges and protecting critical infrastructure.

Christopher Painter, Director, Global Forum on Cyber Expertise

The analysis explores various arguments surrounding cybercrime negotiations, stakeholder involvement, capacity building, cybersecurity, emerging technologies, and the digital economy.

One of the key points highlighted is the need for expertise in cybercrime negotiations. The analysis suggests that negotiations often lack input from experts who understand the real challenges on the ground. It further notes that the current model of negotiations, which is primarily built for countries, tends to involve a lot of geopolitical issues. This argument highlights the importance of including expert knowledge to develop effective policies to combat cybercrime.

Another argument put forth is the crucial involvement of stakeholders outside of government in cybercrime discussions. The analysis emphasizes that there is a wealth of outside expertise and insights available, and bringing in this expertise is essential for creating effective policies. This argument recognizes the need to involve various stakeholders such as industry experts, civil society organizations, and academia to ensure a more comprehensive approach to tackling cybercrime.

The analysis also addresses the growing international issue of cybercrime. It notes that cybercrime, particularly ransomware attacks, has significantly affected people’s daily lives, making it a pocketbook and backyard issue for many individuals. Additionally, cybercrime has become a political priority for countries around the world. These observations underscore the urgency of addressing cybercrime as a pressing global challenge.

In terms of cybersecurity, the analysis highlights the need for sustained attention to this issue. It acknowledges that cybersecurity has matured as a policy concern but identifies the challenge of bridging the gap between the political level and the practitioner level. The analysis suggests that ransomware attacks have helped raise the profile of cybersecurity and the importance of protecting against new and existing threats.

Furthermore, the analysis touches on the issue of policymakers feeling intimidated by technical issues. It points out that policymakers often struggle to understand complex technical concepts, which can hinder effective policymaking. However, the analysis argues that technical concepts can be understood by non-technicians if they are adequately explained. This highlights the importance of effective communication and education to bridge the gap between technical experts and policymakers.

Capacity building is also identified as a key aspect in the analysis. It highlights that countries, especially developing ones, require assistance in dealing with cybersecurity threats, building national strategies, establishing emergency response teams, and applying international norms and laws. The analysis praises the Global Forum on Cyber Expertise for coordinating capacity-building efforts worldwide.

Notably, the analysis observes the importance of not losing sight of the larger cybersecurity issue amidst the focus on emerging technologies. While emerging technologies are part of the problem, it is crucial to maintain a holistic approach to cybersecurity.

In conclusion, the analysis provides insights into various aspects of cybercrime, cybersecurity, stakeholder involvement, and capacity building. It underscores the need for expertise in cybercrime negotiations and involving stakeholders outside of government. The analysis highlights the urgency of addressing cybercrime as a global issue and the necessity of sustained attention to cybersecurity. It also emphasizes the importance of adequately explaining technical concepts, capacity building efforts, and maintaining a balance between addressing emerging technologies and the larger cybersecurity challenges.

Audience

The analysis encompasses a range of important discussions relating to cybersecurity, digitalisation, international law, knowledge-sharing, and solar technology. One notable point emphasised is the need to effectively utilise emerging technologies to enhance cybersecurity measures. This argument underscores the importance of staying ahead of cyber threats by employing advanced technologies. Policymakers are urged to prioritise cybersecurity and treat it seriously.

The significance of cybersecurity is further underscored by research findings which indicate a potential increase in a country’s GDP per capita with the maturity and implementation of robust cybersecurity measures. This evidence demonstrates the economic benefits that can be gained through investing in cybersecurity.

The debate surrounding the need for a legally binding instrument to govern responsible state behaviour in cyberspace is another key aspect addressed. While international law is already deemed applicable in cyberspace, there is a call for a specific instrument to address the complexities and unique challenges of cybersecurity. The involvement of stakeholders such as the technical community, civil society, and international law firms is viewed as crucial in shaping this instrument.

The analysis also highlights the importance of knowledge-sharing in the context of cybersecurity. It suggests the creation of a worldwide knowledge pool accessible to individuals across different regions, including Africa and South West Africa. The inclusion of non-technical aspects, such as social, psychological, and gender considerations, is emphasised as essential in developing comprehensive cybersecurity strategies.

In terms of infrastructure development, the potential of using solar technology to address the electricity gap in West Africa’s telecommunications sector is explored. This could potentially provide a sustainable solution to power critical telecommunications infrastructure.

Another important topic in the analysis is the need for specific measures to ensure the safety and security of children online. It is argued that a holistic approach to cybersecurity may not effectively protect children, and a more targeted and comprehensive approach is required. This includes the building of children’s capacity through internet governance and digital literacy initiatives.

The importance of cross-border collaboration in addressing cybersecurity challenges is also highlighted. Given the transnational nature of cyber threats, regional and international cooperation is deemed crucial to effectively counter cybercrime. The analysis suggests the involvement of organisations like Interpol for effective collaboration.

Lastly, the analysis suggests that instead of establishing a new convention or treaty on cybercrime, it may be more practical and efficient to focus on improving or expanding the role of existing organisations such as Interpol. This approach could lead to more effective outcomes in combating cybercrime.

In conclusion, the analysis provides a comprehensive overview of various topics related to cybersecurity and related fields. It emphasises the need for the effective use of emerging technologies, the importance of policymakers’ attention to cybersecurity, the role of international law in cyberspace, knowledge-sharing, and the potential of solar technology in telecommunications infrastructure. The analysis also highlights the importance of including non-technical aspects in cybersecurity, protecting children online, and promoting cross-border collaboration. Overall, the analysis offers valuable insights and recommendations for addressing the challenges and opportunities in the field of cybersecurity.

Moderator 2

The discussion on cybersecurity covered a range of important topics, including best practices, case studies, and practical issues. The participants expressed a strong desire to focus on real-world experiences and address core issues rather than engaging in theoretical debates. This emphasis on practicality and applicability underscores the need for actionable strategies and solutions in the field of cybersecurity.

In relation to the protection of children in the online environment, there was a call for the adoption of self-regulation mechanisms and social initiatives. The participants highlighted the importance of collaboration between various stakeholders in reducing online risks and threats. It was also noted that the prevalence of child exploitation risk in the digital environment needs to be addressed, as evidenced by statistics shared by Elizaveta Belyakova. The rise of child trafficking in areas where the online world has a significant influence further highlights the urgency of this issue.

The discussions also shed light on the importance of equal communication and participation of all stakeholders in multilateral meetings regarding internet governance. In order to ensure effective participation, Tracy highlighted the role of the Internet Governance Forum (IGF), where all participating stakeholders can freely exchange ideas. It was acknowledged that language barriers may hinder effective communication, and suggestions were made to provide interpretation services to overcome this challenge.

The notion of collective action was deemed essential in addressing cybersecurity challenges, particularly in developing nations. The positive experiences shared by Folake and Tracy Hackshaw demonstrated how countries that excel in cybersecurity can assist those facing challenges in this domain. This highlights the potential benefits of sharing best practices and collaborating on cybersecurity efforts among nations.

Additionally, resource allocation towards cybersecurity in developing nations was acknowledged as a crucial aspect of addressing cybersecurity challenges. Participants, such as Folake, highlighted the issue of limited resources in West Africa. However, the discussions emphasized that collective action and collaboration can help overcome these limitations and contribute to the enhancement of cybersecurity measures.

In conclusion, the discussions on cybersecurity focused on practical aspects, such as best practices and case studies, rather than dwelling on theoretical debates. The protection of children online, equal participation in multilateral meetings, collective action among nations, and resource allocation in developing countries emerged as key areas of concern. Overall, the discussions provided valuable insights into the challenges and potential solutions in the field of cybersecurity.

Alissa Starzak, Cloudflare’s Vice President, Global Head of Public Policy

The analysis explores various perspectives on cybersecurity, including the importance of prevention and secure design in protecting against cybercrimes, as highlighted by Cloudflare. International collaboration and a human-centric approach are also emphasized as crucial in addressing cybercrimes, while the Internet Governance Forum (IGF) is seen as a proactive platform for promoting a human-centric approach. Additionally, the role of emerging technologies like Artificial Intelligence (AI) in cybersecurity is recognized. The analysis stresses the need for global collaboration, data sharing, and industry involvement to improve security. It also discusses legal considerations, treaty definitions, and the importance of empowering individuals through education and preventive measures.

Speakers

&

’Alissa

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Christopher

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Elizaveta

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Ernesto

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Folake

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Katitza

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Moderator

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

&

’Moderator

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more