Conclusion: Ways forward on a multistakeholder approach

Event report

Through resolution 73/27, the UN General Assembly established the Open-Ended Working Group (OEWG) on developments in the field of information and telecommunications in the context of international security which – in addition to the intergovernmental nature of its work – also provides the possibility of holding intersessional multistakeholder consultations. The first intersessional consultative meeting took place on 2-4 December 2019 with sessions that included the tech industry, civil society, academia, and member states.

The sixth meeting was divided into two parts. The first part of the meeting served as a continuation of the topic of the fifth meeting: engaging all stakeholders to enhance capacity building efforts. The discussion underlined that capacity building should be tailored to local contexts, pursuant to the needs of the recipient. Including all stakeholders in the development and implementation of capacity building initiatives was reiterated. Cyber capacity building should be approached with a holistic view which encompasses not only states, but non-state stakeholders as well. It was noted once again that the capacities of states must be built so that they can adopt and observe the norms of the UN GGE reports. Estonia also highlighted that focusing on cyber diplomacy can help bolster confidence building and capacity building.

The second part of the meeting dealt with the ways forward for the multistakeholder approach. Derechos Digitales noted that open, inclusive, transparent, multistakeholder dialogue is in itself a confidence building measure that leads to increased trust and confidence. The Center for Strategic and International Studies recommended that a regular multistakeholder dialogue should build an agenda reflecting the concerns of all stakeholders, include as many stakeholders as possible, and co-ordinate and collaborate with other types of dialogue. Stakeholders should have the opportunity for deep and meaningful participation, Uruguay highlighted. Brazil noted that the OEWG should consider the report of the High-level Panel on Digital Cooperation, as it explains how multilateralism should be complemented by multistakeholderism. Brazil also suggested that non-state actors should also be included in the decision-making.

National, regional, and global dialogues on cybersecurity should feed into each other, Global Partners Digital, Derechos Digitales, and Access Now pointed out. Global Partners Digital recommended that member states conduct national level consultations, including using existing forums such as the Internet Governance Forums (IGFs) to gather stakeholder inputs, expertise, and provide updates on progress regarding the implementation of existing recommendations. Regional processes could also involve consultations and exchange mechanisms of civil society and other stakeholder groups. Then, national and regional consultations could feed into the global level consultations, such as the OEWG.

Reaching Critical Will (RCW) – the disarmament programme of the Women’s International League for Peace and Freedom (WILPF) – underlined that opportunities for remote participation, input, or sponsorship to attend the OEWG should be encouraged. The organisation also noted that the multistakeholder process in the OEWG was challenged in September. At the formal OEWG meeting in September, non-ECOSOC accredited organisations were blocked from attending, a point reiterated by Australia and Germany.

All stakeholders should be able to embrace their specific roles and responsibilities. Shared responsibility is easiest to achieve when there is clarity among the different actors, and the roles and responsibilities of the different stakeholders are clear. The Telenor Group suggested that the OEWG should help ensure that there is clarity in this regard. The Telenor Group also underlined that it is necessary to recognise that the development of offensive capabilities and increasingly sophisticated cyber-attack tools by state actors is also fueling threats and capabilities of non-state actors. Thus, further efforts by stakeholders must take all different threat actor groups into account to secure a stable and peaceful ICT environment. Furthermore, a clear definition of peace and war in cyberspace could be a specific output of the OEWG, the GGE, or integrated into the norms derived from the UN GGE 2015 consensus report.

Following up on the informal meeting, the RCW noted that the formal conference report could contain an annex listing all practical suggestions that were made during the meeting. The report should be objective and reflect all the views raised in the meeting; attention to converging views should not overshadow the need to reflect divergent views, the Islamic Republic of Iran stressed. The RCW also suggested that enabling space for side events or thematic panel discussions within the context of the formal meetings of the OEWG would be a good practice.

Mr David Koh (Chief Executive, Cyber Security Agency, Singapore), who chaired the meeting on behalf of the Chair of the OEWG Mr Jürg Lauber (Ambassador Permanent Representative of Switzerland to the UN), briefly summarised the topics discussed during the first intersessional consultative meeting. These included the cyber threat landscape; cyber rules, laws and norms; confidence building and capacity building measures; and, the way forward for a multistakeholder approach. He advised that instead of fixating on the differences which amount to 20% of issues, stakeholders should focus on the other 70-80% of issues – the ones they have in common. That would help to slowly build trust between stakeholders. Koh underlined that trust can only be fostered when there is consistent, inclusive, and consultative engagement of all stakeholders.

The session was closed by Mr Lauber. He noted that the OEWG is essentially an intergovernmental process on an issue with a relatively narrow scope – cybersecurity in the context of international peace and security, a sensitive area that is traditionally under the purview of states. However, cybersecurity is also linked to many other areas. He cautioned that the outcome of the OEWG will impact many constituencies and every individual. He reiterated that the OEWG discussions must remain open and inclusive to all stakeholders.