Agenda item 5: discussions on substantive issues contained inparagraph 1 of General Assembly resolution 75/240 (continued)/ part 1

7 Jul 2025 19:00h - 22:00h

Agenda item 5: discussions on substantive issues contained inparagraph 1 of General Assembly resolution 75/240 (continued)/ part 1

Session at a glance

Summary

This transcript captures the second meeting of the 11th Substantive Session of the Open-Ended Working Group on Security and Use of ICTs, where delegates discussed sections A through D of the revised final report (Rev. 1). The Chair opened by emphasizing the need for constructive solutions and bridging proposals rather than restating preferred positions, as this represents the final week of negotiations for the working group’s mandate.


Multiple delegations, including those from Africa, Europe, and the Pacific, expressed support for maintaining focus on implementing the existing 11 voluntary non-binding norms of responsible state behavior rather than developing new norms. There was particular emphasis on ransomware as a significant threat, with many countries calling for a dedicated paragraph on this issue and supporting references to attacks on critical infrastructure and healthcare facilities. Several delegations proposed specific amendments to strengthen language around capacity building, particularly for developing countries and least developed nations.


Significant debate emerged around paragraph 15’s reference to “exclusively peaceful purposes” for ICT use, with many countries requesting its deletion or modification to reflect that ICTs are already being used in conflicts. On international law, numerous delegations called for better reflection of progress made on international humanitarian law, human rights law, and state responsibility, citing the need to include substantive language from the 34th International Conference of the Red Cross and Red Crescent resolution.


The European Union and many member states expressed concern about the report’s balance, arguing it gives disproportionate weight to non-consensus proposals while inadequately reflecting the established UN framework for responsible state behavior. Russia and some allies pushed back, advocating for legally binding obligations and opposing certain implementation-focused language. The Chair concluded by urging flexibility and compromise, noting that simply advocating for one’s preferred positions while requesting deletion of others would not achieve consensus in this final negotiation week.


Keypoints

## Overall Purpose/Goal


This is the 11th and final substantive session of the UN Open-Ended Working Group (OEWG) on Security and Use of ICTs, focused on reviewing and finalizing the group’s final report (Rev. 1) before transitioning to a future permanent mechanism. The session aims to achieve consensus on the report’s content across multiple sections covering threats, norms, international law, and other cybersecurity governance issues.


## Major Discussion Points


– **Balance between existing consensus and new proposals**: Multiple delegations emphasized the need to clearly distinguish between established UN framework elements (like the 11 voluntary norms from 2015) that have consensus support versus new proposals that lack broad agreement. Many called for stronger emphasis on implementing existing norms rather than developing new ones.


– **Ransomware and critical infrastructure threats**: Widespread support emerged for dedicating separate paragraphs to ransomware attacks and strengthening language on protecting critical infrastructure and critical information infrastructure, with many delegations sharing experiences of being targeted by such attacks.


– **International law application in cyberspace**: Significant debate over how to reflect progress made on international law discussions, particularly regarding international humanitarian law (IHL), state responsibility, and human rights law. Many delegations wanted more substantive content reflecting convergence achieved, while others opposed references to legally binding instruments.


– **Contentious language on “exclusively peaceful purposes”**: Strong opposition from multiple delegations to new language in paragraph 15 stating ICTs should be used “for exclusively peaceful purposes,” with many calling for deletion or alternative formulations recognizing legitimate defensive uses under international law.


– **Future mechanism mandate and priorities**: Discussions on what topics and approaches the future permanent mechanism should prioritize, with tensions between those wanting to focus on implementation of existing frameworks versus those seeking to develop new norms or legally binding obligations.


## Overall Tone


The discussion began constructively with delegations thanking the Chair and expressing commitment to consensus. However, the tone became increasingly tense and positional as the day progressed, with many delegations making firm demands for deletions of opposing viewpoints while insisting on retention of their preferred language. The Chair noted this dynamic in closing remarks, cautioning that simply demanding deletion of all non-aligned positions while preserving only preferred positions would not lead to convergence, and appealed for more flexibility and compromise in future discussions.


Speakers

Based on the transcript, here are the speakers who participated in the discussion:


**Speakers from the provided list:**


– Chair – Session moderator/chairperson leading the 11th Substantive Session of the Open-Ended Working Group on Security of and the Use of ICTs


– Cameroon – National delegation representative


– Republic of Korea – National delegation representative


– Malaysia – National delegation representative


– Kingdom of Netherlands – National delegation representative


– United Kingdom – National delegation representative


– Germany – National delegation representative


– Albania – National delegation representative (part of Women in Cyber Fellowship)


– Fiji – National delegation representative (also speaking on behalf of Pacific Islands Forum)


– Israel – National delegation representative


– Pakistan – National delegation representative


– Ukraine – National delegation representative


– Ireland – National delegation representative


– Czechia – National delegation representative


– Costa Rica – National delegation representative


– Brazil – National delegation representative


– Cuba – National delegation representative


– Viet Nam – National delegation representative


– European Union – Regional organization representative (speaking on behalf of 37 states)


– Cote d’Ivoire – National delegation representative


– Islamic Republic of Iran – National delegation representative


– Australia – National delegation representative


– China – National delegation representative


– Finland – National delegation representative (speaking on behalf of Nordic countries)


– Ghana – National delegation representative


– Russian Federation – National delegation representative


– Italy – National delegation representative


**Additional speakers:**


None – all speakers mentioned in the transcript are included in the provided speakers names list.


Full session report

# Comprehensive Report: 11th Substantive Session of the Open-Ended Working Group on Security and Use of ICTs – Second Meeting


## Executive Summary


The second meeting of the 11th Substantive Session of the Open-Ended Working Group on Security and Use of ICTs focused on sections A through D of the revised final report (Rev. 1), with delegates engaging in substantive discussions on key cybersecurity governance issues. The Chair opened proceedings with an appeal for constructive solutions, noting a delay due to informal consultations and setting expectations for productive negotiations.


The session revealed both areas of convergence and disagreement that will shape the working group’s final report. Key areas of consensus emerged around addressing ransomware threats, the importance of capacity building for developing countries, and maintaining the voluntary nature of existing norms. Significant discussions centered on the implementation of existing frameworks versus developing new norms, the application of international law in cyberspace, and specific language regarding “exclusively peaceful purposes.”


The Chair provided guidance that sections E and F would be added to tomorrow’s agenda and extended an invitation to a reception at the Singapore Mission, emphasizing the importance of continued dialogue in achieving consensus.


## Key Areas of Discussion and Debate


### Implementation Focus: Strengthening Existing Norms


A central theme throughout the discussion was the preference for implementing existing cybersecurity norms rather than developing new ones. The Republic of Korea articulated this position clearly: “What’s needed now is not more norms, but rather a focus on how to implement and operationalise the ones we already have.” This perspective found support from the United Kingdom, Netherlands, Germany, Australia, and the European Union.


The 11 voluntary non-binding norms of responsible state behaviour, established in 2015, were consistently referenced as the foundation that most delegations wished to preserve and strengthen. Multiple speakers called for the deletion of paragraphs 34R and 36, which would mandate the development of new norms, arguing that such proposals lacked consensus.


However, this position faced different perspectives from Iran, China, and Russia. Iran argued that removing references to new norm development would “undermine the balance” of the report, while China advocated for “balance between implementing existing norms and developing new ones.” Russia called for legally binding status for the voluntary norms and objected to the voluntary checklist, preferring that states “observe” rather than “implement” existing norms.


### Ransomware: Achieving Consensus on Concrete Threats


Ransomware emerged as an issue commanding broad support across regional and political divides. The Republic of Korea’s call for a dedicated paragraph on ransomware attacks targeting critical infrastructure found widespread backing. Malaysia emphasized protecting critical infrastructure and critical information infrastructure, while Ireland highlighted concerns about malicious ICT activities targeting healthcare and maritime sectors.


Germany proposed ransomware as a possible example for future cross-cutting, action-oriented discussions, noting how it intersects with norms, international law, and capacity building. This practical approach to addressing specific threats represented one of the clearest areas of convergence, suggesting that future cooperation might be most effective when focused on concrete challenges.


### The “Exclusively Peaceful Purposes” Discussion


The reference to “exclusively peaceful purposes” in paragraph 15 generated significant discussion among delegates. China and Pakistan defended the language, with China arguing it demonstrated “foresightedness” and “firm commitment to peaceful ICT use.” Pakistan similarly supported maintaining this language as an important principle.


Several countries expressed concerns about this formulation. The Netherlands called the language “problematic,” while the Republic of Korea, Australia, Israel, Ukraine, and Czechia called for its deletion or modification. Australia proposed alternative language suggesting “in compliance with international law” as a potential compromise.


The discussion reflected different approaches to conceptualizing state behavior in cyberspace and the relationship between cybersecurity and broader security frameworks.


### International Law Applications in Cyberspace


The application of international law in cyberspace generated substantial discussion, with particular focus on international humanitarian law (IHL). The European Union, Finland (speaking for Nordic countries), Republic of Korea, and Netherlands supported including clear references to IHL applicability in cyberspace and incorporating language from the International Committee of the Red Cross resolution.


Multiple delegations called for reinstating use of force language in paragraph 40C, arguing it represented concrete progress widely reflected in national and regional positions. Australia proposed specific amendments to include references to state responsibility and human rights law, while Brazil suggested additional language based on the ICRC humanitarian resolution.


Vietnam emphasized the importance of progressive codification of international cyber law, while Fiji, speaking on behalf of the Pacific Islands Forum representing 15 countries, supported strengthening references to international law and norms.


Cuba and Iran expressed different perspectives on IHL references. Cuba argued that such references could legitimize cyberspace as “another sphere of war,” while Iran sought deletion of IHL references and argued for “balanced reflection of different approaches to international law.”


### Capacity Building: A Shared Priority


Capacity building emerged as an area of significant convergence among delegates. Cameroon made specific proposals for paragraph 24 amendments regarding capacity building for least developed countries, emphasizing the need for targeted support. Côte d’Ivoire similarly called for capacity building focused on developing countries’ needs.


Vietnam supported global ICT cooperation portal development, while Ghana highlighted the need for technical assistance and training programmes, specifically supporting standardized templates and voluntary checklists. The discussion revealed broad recognition that effective cybersecurity requires comprehensive technical capabilities and inclusive participation.


Ukraine’s emphasis on women’s participation in cybersecurity discussions found support from Albania, which mentioned women in cyber fellowship programs, and Costa Rica, suggesting growing recognition of gender dimensions in cybersecurity governance.


### Attribution and Accountability Discussions


The discussion of attribution practices revealed specific concerns about accountability mechanisms. Albania provided a detailed account of cyber attacks “assessed to have originated from Iranian state-linked actors,” while offering technical cooperation to help Iran address these issues.


Iran categorically rejected these claims, arguing that “attribution is challenging” and that “unsubstantiated claims violate responsible behaviour principles.” Iran emphasized that such accusations were not conducive to the working group’s objectives.


Cameroon supported accountability mechanisms for egregious acts, while Cuba emphasized the importance of responsible attribution practices, suggesting potential approaches for addressing these challenges constructively.


### Future Mechanism and Transition Planning


Discussions about the future permanent mechanism revealed shared commitment to continuity alongside different priorities. The Republic of Korea emphasized the importance of a smooth transition, while the European Union called for a clear mandate grounded in the UN framework. Czechia supported action-oriented discussions, and Pakistan emphasized preserving consensus achievements.


The Points of Contact directory found support among the European Union, Côte d’Ivoire, and Fiji, despite their different regional perspectives, suggesting practical areas where cooperation could advance.


## Technical Proposals and Amendments


Delegates offered numerous specific technical proposals for improving the report structure and content. The Netherlands suggested adding references to GGE reports in paragraph 3 for better foundation, while multiple delegations proposed merging paragraphs 20 and 29 on technology vulnerabilities.


Malaysia made detailed technical proposals for paragraph 20 language realignment, while the United Kingdom proposed moving paragraph 34N consensus language to the chapeau of paragraph 34. Various delegations suggested deletion of duplicative paragraphs to improve document coherence.


These technical proposals demonstrated shared interest in producing a well-structured final document, with delegates working constructively on specific language improvements even where broader political disagreements existed.


## Regional and Cross-Regional Perspectives


The discussion revealed various patterns of alignment on different issues. Western countries, including EU member states, the United Kingdom, Australia, and others, generally favored implementation of existing frameworks and supported stronger references to international humanitarian law.


Countries including China, Russia, Iran, and Cuba often supported maintaining references to peaceful purposes and ensuring balanced representation of different approaches to international law. However, these patterns were not absolute, with some issues generating support across regional divides.


Finland’s statement on behalf of Nordic countries and Fiji’s intervention representing Pacific Islands Forum demonstrated the role of regional coordination in multilateral negotiations, while also showing how regional groups could contribute to consensus-building.


## Process Observations and Chair’s Guidance


The Chair’s interventions provided important guidance for the negotiation process. The opening call for “solutions, not necessarily in the mode of restating and reiterating your preferred positions” established a framework for constructive engagement that influenced subsequent discussions.


The Chair’s closing reflection highlighted the need for flexibility: “If we put together everyone’s preferences, then that is not going to bring us to convergence. I think we will need some expressions of flexibility, and that will mean that everyone, accepting the fact that other delegations who have a different point of view also need to have their points of view reflected.”


This guidance emphasized the importance of compromise and mutual accommodation in achieving consensus, while the Chair’s procedural announcements about tomorrow’s agenda and the evening reception demonstrated attention to both substantive progress and relationship-building.


## Areas of Convergence and Continuing Discussions


Despite disagreements on some issues, several areas showed clear convergence. Ransomware threats, capacity building for developing countries, the importance of the Points of Contact directory, and women’s participation in cybersecurity all generated broad support across different regional and political perspectives.


The voluntary nature of existing norms found widespread support, even as delegates held different views about developing new norms. Similarly, while approaches to international law varied, most delegates recognized its relevance to cybersecurity governance.


Technical improvements to the document structure and language also showed areas where delegates could work constructively together, suggesting that detailed negotiations could produce mutually acceptable outcomes even where initial positions differed.


## Implications for Cybersecurity Governance


The discussion demonstrated both the potential for multilateral cybersecurity cooperation and the challenges of building consensus across different approaches to governance. Areas of convergence, particularly around specific threats like ransomware and practical cooperation through capacity building, suggested pathways for effective future collaboration.


The emphasis on implementing existing frameworks rather than developing new norms indicated a potential approach focused on operationalizing established agreements while addressing concrete cybersecurity challenges. This implementation focus might offer greater prospects for consensus while still advancing practical cybersecurity objectives.


The discussion also highlighted the importance of inclusive participation, with multiple references to supporting developing countries and ensuring women’s participation in cybersecurity governance, suggesting recognition that effective cybersecurity requires broad-based engagement.


## Conclusion


The second meeting demonstrated delegates’ commitment to finding constructive solutions while navigating different perspectives on key cybersecurity governance issues. The Chair’s appeal for flexibility and compromise provided a framework for moving forward, emphasizing that achieving consensus would require mutual accommodation rather than rigid adherence to preferred positions.


The session revealed that while perfect alignment might not be achievable on all issues, practical cooperation on specific challenges like ransomware, capacity building, and technical assistance remained highly feasible. The constructive tone of discussions, despite substantive disagreements, suggested that diplomatic engagement could bridge different approaches to cybersecurity governance.


As the working group continued its negotiations, the challenge would be building on areas of convergence while finding acceptable compromises on more contentious issues. The outcome would have significant implications for the final report and for establishing foundations for the future permanent mechanism for international cybersecurity cooperation.


The session ultimately highlighted that effective cybersecurity governance requires not only technical expertise and political commitment, but also diplomatic skill in building bridges across different perspectives and interests. The working group’s ability to achieve this balance would determine its success in advancing international cooperation in cyberspace.


Session transcript

Chair: Friends, welcome back. The second meeting of the 11th Substantive Session of the Open-Ended Working Group on Security of and the Use of ICTs is now called to order. I apologize for the delay in beginning this session, I was engaged in some informal consultations which took a little longer than expected. The group will now continue its discussion under Agenda Item 5. We will continue our reading of Rev. 1 of the final report. This morning we began with Sections A and B, and this afternoon we will also start with Sections C and D, and therefore Sections A, B, C, and D are now open for comments. We will begin with the speakers who remain on the list from this morning, and the first speaker on my list is Cameroon to be followed by Republic of Korea. I would once again urge all delegations to be as brief as possible. If your points have already been addressed by groups in which you are a member, you could simply align yourself with that statement and make any additional specific points that have not been previously already been mentioned. If you have any very specific proposals, bridging proposals, compromise solutions, or better still, if you have a draft of Rev. 2, make that available to all of us. I think that is the spirit of the discussions, that we are looking for solutions, not necessarily in the mode of restating and reiterating your preferred positions. So thank you very much for your understanding. be followed by Republic of Korea.


Cameroon: Thank you, Mr. Chair. Mr. Chair, my delegation aligns itself with a statement delivered by Nigeria on behalf of the African group and commends your leadership in steering this session towards consensus. My dedication welcomes REF 1 drafted and published on the 25th of June 2025. I would like to make the following remarks in its national capacity to breach the remaining divergences. Under threats to ICT security in section B, my delegation supports section B’s focus on ransomware, undersea cables and critical infrastructure in paragraph 17 to 19. To strengthen this, my delegation proposes the following amendment. In paragraph 24, we propose the insertion of the following. The future permanent mechanism shall prioritize capacity building programs for least developed countries to enhance their resilience against ransomware attacks, including through dedicated technical assistance via the global ICT cooperation portal, referenced in paragraph 55. Regional cooperation frameworks such as African Union’s mechanism for police cooperation, AFRIPOL, and finally, specialized training for national CSETs, building on paragraph 52D of this report. This addition provides concrete implementation pathways for ransomware mitigation directly responding to the trade landscape described in paragraph 17 to 19 on critical infrastructure protection. On sovereignty and norms in section D, paragraph 40A, my delegation suggests reaffirming sovereignty as foundational while recognizing voluntary norms as complementary. The permanent mechanism should facilitate dialogue on harmonizing sovereign rights with cooperative implementation, particularly for developing countries. developing states. For norm accountability in Section C, paragraph 34P, my delegation proposes establishing a working group to study gaps in accountability, including feasibility of binding measures for egregious acts, for example, attacks on healthcare infrastructure, with findings reported to the 2030 Review Conference. Thank you, Mr. Chair.


Chair: Thank you very much, Cameroon, for your contribution. Republic of Korea to be followed by Malaysia.


Republic of Korea: Thank you, Chair. I would like to thank you and your team for leadership and efforts in guiding us throughout the process. Regarding threat section, first, we welcome the revision made to paragraph 24 of the report, which reflects more clearly the risks and seriousness of cryptocurrency heist and ransomware. We strongly urge that this language be maintained in the final report. In this vein, I would like to thank Japan for making these points very clear in the morning session. We also welcome the more concrete reference in paragraph 25 to the use of commercially available ICT intrusion capabilities, which aligns with the developments reflected in the third annual progress report. And third, throughout our discussions, we have recognized the usefulness of AI, but we have also stressed that its malicious use can significantly increase cyber threats. In this regard, we welcome paragraph 27 of the final report, which points out that large language models can lower the barriers to internet access. engage in malicious cyber activities such as malware development and defakes. And lastly, regarding the third section, we have concern regarding the specific phrase, which is exclusively peaceful purposes in paragraph 15. This phrase has not been part of our discussions and it is ambiguous. We suggest reverting to the original language or revising the wording for clarity and consistency. For rules section, Chair, among the voluntary and non-binding norms currently being discussed, we believe that the 11 existing norms as outlined in the 2015 GG report and endorsed by the General Assembly already enjoy broad consensus and provide a relevant and effective framework for addressing emerging threats. In this context, we would like to express our concerns regarding paragraphs 34 and 36 of the current draft, which leave open the possibility of proposing or creating new norms. What’s needed now is not more norms, but rather a focus on how to implement and operationalize the ones we already have. In this regard, the Voluntary Checklist of Practical Action included in Annex 1 is a valuable tool to facilitate practical and ongoing discussions among states on norm implementation. Regarding international law, first of all, I’m pleased to share that the government of the Republic of Korea released its official position paper on this matter today. You can find our position paper in the OEWG website or our ministry website. As many other states have already stated, our position also. confirms the core principles of the UN Charter, such as state sovereignty and the prohibition on the use of force, along with the obligations under international human rights law and international humanitarian law, apply equally in cyberspace. Chair, we believe with the rapid pace of technological advancement and the constantly evolving nature of the cyber environment, it is simply not feasible to create a completely new legal system tailored to cyberspace. Instead, we should base our approach on the application of existing international law and not allow specific practices related to the cyber domain to develop progressively through implementation tools, such as the Voluntary Checklist of Practical Actions, as well as through the accumulation of national position papers. Regarding IHL, we would like to emphasize the need for clearer and more detailed language in the final report on the application of international humanitarian law. Given that IHL has been a recurring topic of discussion within the OEWG and is reflected in the position papers of a significant number of member states, we believe it is important for the final report to reflect this explicitly. Lastly, we believe some revisions are needed in paragraph 41. Among the six currently listed, some are outcomes of a formal international meeting, while others are just joint statements from groups of states. It’s unclear what criteria were used for their inclusion, so maybe possible listing of documents can be deleted as well. I’ll stop here. Thank you for your attention, Chair.


Malaysia: We join others in expressing our appreciation for your continued leadership and tireless efforts, bringing us to this 11th and final substantive session of the OEWG. Malaysia is committed to working together with all member states in ensuring smooth transition to the future permanent mechanism in the spirit of constructive dialogue and consensus. We are pleased that the overall structure of the REF-1 draft that have been drawn from agreed language found in the first, second APR and third APR and the activities carry up prior to this substantive session. Recognizing these points we agree with the proposed text in section A of the REF-1 draft. Moving to section B on existing and potential threats, Malaysia appreciates the comprehensive overview of threats in this section reflecting the depth of discussion we have had on this section. Like Mauritius and Malawi, Malaysia supports paragraph 17 on critical infrastructure and critical information infrastructure. Malaysia further joins Qatar, Japan and Australia in supporting paragraph 24 which highlights concern on malicious software as well as cryptocurrency, currency theft and the abuse of cryptocurrency to finance malicious activity which could potentially impact international peace and security. Malaysia joins Indonesia in supporting paragraph 20 and would like to propose realignment of the language in this paragraph, taking into account technical and policy-oriented audiences. We propose the formulation, I quote, states express concern that industrial control systems I see ITS, operational technology, OT, 5G networks, the Internet of Things, IOT, cloud computing services and technologies at the network parameter, such as virtual private networks, VPNs, firewalls and routers are increasingly vulnerable to malicious ICT activities, which could compromise them and have widespread consequences. Malaysia is also of the view that paragraphs 20 and 29 may be combined, as both paragraphs touch upon vulnerabilities that can be exploited for malicious activities. Malaysia further welcomes paragraph 26 and 27 on the new and emerging technologies, including artificial intelligence and the need to better understand the associated risks. Further, Malaysia joins Mauritius, Ghana and Singapore in supporting language on the strengthening of cooperation between CERTs or CSERTs, including capacity building and public-private partnership in paragraph 32. Malaysia also recognises the importance of enhancing dialogue on ICT security between different sectors at the national level, including the technical, diplomatic and legal sector. Finally, Malaysia looks forward to continued exchange of view under future permanent mechanism on existing and potential threat to security of and in the use of ICT in the context of international security, as recommended in paragraph 33. Thank you, Chair.


Chair: Thank you very much, Malaysia, for your contribution. Kingdom of Netherlands to be followed by United Kingdom. Thank you, Chair, for giving my delegation the floor.


Kingdom of Netherlands: The Kingdom of the Netherlands fully aligns itself with the statements of the European Union and I would like to make the following complimentary remarks in a national capacity. At the outset, I want to start by thanking you, Mr. Chair, your team and UNODA. for the preparation of the REF1 report, and we continue to constructively work with you and other delegations towards a consensus outcome at the end of this week. As raised by others, we see a strong need to better reflect the balance between implementing existing consensus agreements on the one hand, and new proposals that did not achieve consensus on the other. The content and value of the existing normative framework should be acknowledged in full in the final report. Chair, on the overview section, as this report will be the basis for future discussion, it is essential it is based on consensus agreements. In that regard, we propose to add in the last sentence of paragraph three, a reference to the GGE reports and the 2021 OEWG report endorsed by the General Assembly. In a similar vein, we agree with other states to remove the language on the chair summary and the proposals in the annex, for example, in paragraph four, as this was explicitly not a consensus agreement. Chair, turning to threats. In the past reports, we have made clear progress in identifying and articulating the range of threats in the use of ICTs. Specifically, we welcome the references regarding malicious ICT activity targeting international organizations and humanitarian organizations in paragraph 21, and the reflection of the in-depth discussion we had in paragraphs 18 and 19. However, we also see room for further improvement, and we will limit ourselves to three paragraphs. First on paragraph 15, on the notion that ICTs have already been used in conflicts in different regions, we join other UN member states in the call for deletion of exclusively peaceful purposes and support the proposal for alternative language raised by Australia. Lastly, as was raised by Colombia, the Republic of Korea and others, we welcome the references in paragraph 24 to the risks of ransomware, and the notion for a human-centric approach. Paragraph 24 lists several examples of malicious software and cyber attack techniques. techniques. As ransomware was specifically raised by many delegations in past years, we asked to dedicate a separate paragraph to it, starting with, quote, states express particular concern over ransomware attacks targeting CI and CII, end of quote. The other examples of malicious software and techniques could be included in the following paragraph. We also support the new proposal for a recommendation as was done by the EU in a statement on ransomware. And turning to norms, in line with what the Republic of Korea just said, we welcome the recommendation in paragraph 37 on the voluntary checklist of practical action for the implementation of the 11 norms, as this provides states with clear guidance on implementation while also remaining flexibility to tailor implementation to specific needs and realities. Second, while we welcome the addition of paragraph 34n, we propose moving the first two sentences to the chapeau of paragraph 34. The first two sentences of 34n reflect consensus language rather than one of the proposals with varying levels of support. The same argument goes for paragraph 34a. In our view, the subparagraphs contain too many references to the chair summary of 2021 OEWG report, which is not a consensus document, as well as proposals that were supported by only a very limited number of states. In that regard, we specifically propose deleting paragraph 34q. As stated throughout this OEWG, my delegation considers that we still have a lot of work to do on norms implementation, including through capacity building. While this does not exclude the possibility of future discussions on additional norms that could be developed over time, as agreed in NXC of the third APR, some of the proposals in this ref1 have hardly been discussed, were proposed by a very limited number of states, or are already captured by existing norms. We therefore strongly urge the deletion of paragraph 34r. and paragraph 36 in its entirety. Then, lastly, turning to international law, Chair. Throughout this OEWG, we have seen a rise in the number of substantive statements on international law. Moreover, in national and regional positions, in cross-regional papers, and inside events, as well as in scenario-based workshops, we have clearly moved from the question of whether international law applies to the question of how it applies. And while my delegation recognizes that we do not yet have all the answers, we believe that the substantial progress made should be reflected in the final report. We therefore urge the inclusion of substantive language on the law of state responsibility, international human rights law, and international humanitarian law, as proposed in the cross-regional paper on convergence language. Then, lastly, turning to a few concrete proposals. First, we regret the deletion of the final sentence of paragraph 40C on the question of when an ICT operation may constitute a use of force. This additional layer of understanding is widely reflected in national and regional positions and shows concrete progress. We therefore propose reinstating this final sentence. Second, as underlined in the second sentence of paragraph 41, this paragraph focuses on how international law applies to the use of ICTs. In that context, we propose a reference to discussions on international human rights law. In addition, we ask for the deletion of the references to the possibility of additional binding obligations and the latter supported by a very small number of states on a convention, as they do not relate to the question of how international law applies. Since the resolution of the 34th International Conference of the Red Cross and Red Crescent represents a consensus outcome, we believe it merits a separate paragraph. We also propose adding substantive language on IHL from OP4 of this resolution. In particular that, quote, states reiterated that in situations of armed conflict, IHL rules and principles serve to protect civilian populations and other protected persons and objects, including against the risks arising from ICT activities.” Furthermore, in paragraph 42e on capacity building, we propose adding scenario-based discussions after conferences. And then, that’s my final point, lastly, with regards to paragraph 43, we support states that have proposed placing a full stop after the phrase in the use of ICTs. Thank you very much, Chair.


Chair: Thank you very much, Netherlands, UK followed by Germany.


United Kingdom: Thank you, Chair. As this is the first time we’ve taken the floor, we’d like to begin by thanking you and your team for your work over the last five years. The UK reiterates its commitment to working with you and other delegations here constructively to achieve consensus this week and deliver a seamless transition to a future mechanism in March 2026. At present, however, we believe the current draft requires further refinement to achieve the balance necessary for consensus. In particular, the report should more clearly focus on the constituent parts of the consensus framework on responsible state behavior in cyberspace that we have built collectively over many years. At present, the draft gives disproportionate weight to proposals that remain far from broadly supported. If we do not clearly preserve and highlight this shared foundation, we risk setting the future mechanism on an unstable footing, potentially undermining the hard-won consensus that international law applies to state conduct in cyberspace. This leads my delegation to our first point on the threats section. The last sentence of paragraph 15 should be removed for the reasons outlined by a number of states, including South Korea, just now. It introduces novel criteria, in paragraph 16 we support the edit made in REV1 with regard to cryptocurrency. The UK also supports the acknowledgement in this paragraph that serious ICT criminal activity could impact international peace and security, thereby bringing such activity in scope for our discussions. This OEWG recognised this by consensus with respect to ransomware in the third APR. In paragraph 20 we would like to add data centres and managed service providers to the list of technology infrastructures, so the sentence would read states expressed concern that industrial systems, operational technology, 5G networks, the internet of things, cloud computing services, data centres and managed service providers and then continue as currently drafted. This would make the list more consistent with the scope of CII regulation in many states. We’d also support merging this paragraph with paragraph 29 as Malaysia has suggested. We support the addition to paragraph 23 made by Ghana regarding security by design. In paragraph 24 we would like to insert the words including those to the third sentence so it reads states expressed a particular concern over ransomware attacks including those targeting CI and CII. We also support the proposal from the EU to make ransomware a standalone paragraph. We support maintaining the last sentence of paragraph 24. We see paragraph 25 as a reasonable reflection of our discussions that also balances a range of positions. Use of commercially available cyber intrusion capabilities by states is subject to the consensus UN framework including the voluntary non-binding norms and international law, so we should retain these references. we also support the, uh, improvement recommended by France to this paragraph. We support the REV1 change to paragraph 26, but this could be further improved by adding, and prepare for the migration to post-quantum cryptography at the end of the last sentence. In the middle of paragraph 27, we would like to replace large language models with simply AI. This is because generative models, reinforcement learning agents and other AI systems beyond LLMs are relevant in this context. In paragraph 28, we support the additional technologies listed in REV1 and their relevance to the security and protection of data. The UK does not support amendments to paragraph 12, and we emphasize that this paragraph is consensus language from the third APR. On norms, we were pleased to see the use of, uh, footnotes to cite the wording of the relevant norms throughout this report. However, in the view of my delegation, the norms section does not sufficiently anchor the final report of this OEWG in the existing consensus framework. With respect to paragraph 34N, we would like this paragraph to be incorporated into the chapeau portion of paragraph, uh, 34, as, uh, a few other delegations have mentioned. This is because the text in 34N is not simply a proposal, but is consensus language. Consensus language from the 2021 GG report referencing the 11 norms should also be added to the chapeau. The combined text added to 34 would read as follows. The consensus resolution 70237, in which the General Assembly called upon member states to be guided in their use of ICTs by the 2015 report of the GGE, which included 11 voluntary non-binding norms of responsible state behaviour, and further recalled that norms do not seek to limit or prohibit action that is otherwise consistent with international law. They reflect the expectations of the international community and set standards for responsible state behaviour. States also acknowledge that the work of the OEWG has contributed to strengthening the cumulative and evolving framework of responsible state behaviour, which provides a foundation for the future mechanism. Moving on, the UK supports the existing text in 34b, 34c, 34e and 34f. In paragraph 34h, we would like to replace lawful purposes with legitimate and necessary purposes and is consistent with international law. In 34l, we regret that our proposals for the Voluntary Checklist of Practical Actions have not been incorporated. We nonetheless welcome the adoption of the checklist as a valuable output of the final report of this OEWG. Chair, we now wish to address paragraph 34r and the recommendation in paragraph 36. Through your guiding questions, you provided opportunities for states to present their proposals for possible new norms at the 4th, 6th, 9th substantive sessions and the intercessional meetings of December 2022, May 2023 and May 2024. There have been at least six meetings of this OEWG in which the states advocating for new norms have been invited to build support among UN members for specific proposals. Despite the substantial time this OEWG has dedicated to studying new norms, we find it hard to see that any convincing complementary addition to the 11 2015 norms has emerged. As the Netherlands has just noted, Annex C of the third APR and the recommendation in paragraph 35 already recognise that new norms could be developed over time, including under the future mechanism. This is existing consensus and delegations, including my own, have already demonstrated flexibility in this regard. However, the UK strongly objects to the use of the Secretariat’s time and resources to further an exercise that has failed to generate convincing proposals over the 10-year period since 2015, as is proposed in 34R and 36. Current UN80 reforms are a further argument against this. 34R and 36 should be deleted in order to provide more emphasis on implementing the more practical measures emerging from this OEWG, including those in Annex 1. On international law, the UK is disappointed that REV1 does not include new substantive content on the additional areas of convergence in our common understanding of international law that have become apparent over the past year. For example, there is a consensus text on the application of international humanitarian law thanks to the ICRC’s 34th International Conference Resolution that could have readily been included in this year’s report. Similarly, we are disappointed that the language in the Zero Draft regarding the use of force at paragraph 40C has been deleted for reasons that are not clear to us. We would like this to be added back into the report. The UK is also deeply concerned with paragraph 41. This paragraph should reflect the rich and deep discussions that we have had in the OEWG on how existing international law applies to the use of ICTs. Instead, paragraph 41 conflates existing law with proposals for new law in a deeply problematic way. The UK considers that new legally binding obligations should not be listed alongside topics such as state responsibility and IHL. This is not an accurate reflection of our discussions. Moreover, the UK cannot accept the inclusion of a controversial proposal for new obligations, which is supported by only five states. We welcome the changes made to Paragraph 42B, which we considered prejudged our discussions on international law at the Future Mechanism. Finally, Chair, on Paragraph 43, the UK does not support the prejudging of international law topics that we will discuss at the Future Permanent Mechanism. Paragraph 43 should simply recognize that we will continue to engage in focused discussions on how international law applies. We’d also like to agree with the points made by a number of delegations in relation to the 2021 Chair Summary and the importance of recognizing GGE reports throughout this report. Thank you, Chair.


Chair: Thank you. UK, Germany, to be followed by Albania.


Germany: Mr. Chair, first we would like to thank you for your and your team’s efforts to move us toward consensus. We align with the statements of the European Union and would like to address in a national capacity a few points on the four sections that have been raised already by colleagues. On the first two sections, first in line with the EU and also highlighted inter-area by Canada, El Salvador and Moldova, we see a need to recall and reaffirm the normative framework and the consensus achieved so far in the overview section. Also as a solid foundation for our future discussion, the suggestion by one state to delete the commitment to implement the UN framework is not an option for us. Second, the threat section should include key issues we are faced with today, like ransomware or the protection of critical infrastructure. structures, as highlighted, for example, by Nigeria on behalf of the African group, Mauritius, but also Cameroon and Korea this afternoon. Like Canada and the Netherlands, we believe ransomware would warrant an extra paragraph. We are all affected by its consequences, and we believe it might also be a possible example for a topic for a future cross-cutting, action-oriented discussion, question how norms in international law relates to it, what cyber capacity building needs and tools are there or need to be developed to better address this threat, also acknowledging the role of the private sector in this regard. Third, like a number of other states, the new last part of paragraph 15 is problematic for us, and we suggest to delete it, but would also be ready to support a proposal made by Australia. More generally, also on Section C and D, Germany, like expressed by many others, believes that a clear distinction between the acquis of the normative framework that we have built collectively over the years and the areas of consensus that we already agreed on during this open-ended working group on the one side, and additional proposals that have been made but not have received universal support on the other side, is necessary, also to move us toward consensus. We would be in favor of mainstreaming and organizing the whole Section C and D following this logic, also with regard to the recommendations. Mindful of time, just a few examples that have already been raised by colleagues, and there can be brief. First, on paragraph 34N, we believe it’s under wrong chapeau. For us, it’s clear that the first sentences are not a proposal of varying levels of support, but they are consensus language. Second, the chair summary annexed to the 2021 open-ended working group report that has been mentioned by colleagues, and which is not a consensus document. Third, we believe it is up to the future mechanism to decide on whether to take on the potential development of new voluntary, non-binding norms, considering the comprehensive set of expectations already in place, and therefore ask for a deletion of 35%. for Q and R, as well as para 36. Finally, paragraph 41 is a mix of very different papers that was just explained by the UK colleague. National positions and non-consensual proposals for future formats for discussion. We therefore suggest dividing it and take out from recommendation para 43, references to non-consensual proposals. A last point on one area where progress has been made and where we also had extensive discussions here with a number of cross-regional working papers. We would very much welcome a clear reference to the applicability of international humanitarian law and an inclusion of relevant language, which would be OP4 of the ICRC consensus resolution adopted last year. Thank you, Chair.


Chair: Thank you, Germany, for your statement. Albania to be followed by Fiji.


Albania: Thank you. Thank you, Chair, for giving me the floor. As this is the Albanian’s first intervention, I wish to commend you and your team for your excellent leadership in advancing the work of this open-ended working group. I am happy to be here as part of the Women in Cyber Fellowship, thanks to the Netherlands. I am happy to be part of a group of women of this fellowship who have a strong voice and give a tremendous contribution to the UN discussions on cybersecurity. Albania supports the EU statement presented at the open-ended working group and presents this statement in its national capacity. Albania has reviewed the APR1 draft and considers it a good foundation for constructive discussions, keeping in consideration that we should conclude on a report that recognizes the work done by the international community so far. Our aim is to contribute actively to the open-ended working group mission and advance global peace in cyberspace. We believe that we can do this. this forum is uniquely equipped to reconcile different views and chart a path forward. Albania stands firmly behind efforts to foster a cooperative framework in the cybersecurity dialogue, recognizing that such progress depends on the collective state commitment. It supports every effort which leads toward a report that would allow a future permanent mechanism which would face real challenges of cybersecurity in today’s world. We welcome the true reflection of the threat landscape, acknowledging this is the basis of our discussions on responsible state behavior in cyberspace and the implementation of the UN framework in this regard. The threat of misuse of cyber operation, whether by state or non-state actors, is growing more urgent. We would like to highlight a matter of paramount importance as Albania reiterates its deep concern over the continued pattern of malicious cyber activities attributed to state-sponsored actors which have systematically targeted democratic institutions and the civilian infrastructure. A notable escalation occurred in Albania in July 2022 when a destructive cyber attack, assessed to have originated from Iranian state-linked actors, severely distributed a wide range of government digital services. This incident was the first of a broader and ongoing campaign followed by subsequent cyber operations, including multiple intrusions throughout this period. The most recent attack happened on June 20, 2025 when the IT systems of the municipality of our capital city were breached and the normal functioning of public services was disrupted. The attackers publicly claimed the responsibility. Such coordinated action Operations, whether conducted by or on behalf of a state, reflect a deliberate strategy to challenge sovereignty, weaken institutional integrity, interfere with the normal functioning of democratic societies, and reflect a persistent and involving threat landscape. We urge member states to reaffirm their commitment to the principle that no state should itself or should only allow its territory to be used for malicious cyber operations. Member states should support the development of a framework that ensures appropriate consequences for those responsible. Albania therefore calls upon the Open-Ended Working Group to allow for a future mechanism which would explicitly recognize the cyber attacks directed at democratic system and civilian infrastructure to be incompatible with international law and require the establishment of effective accountability mechanisms. In closing, Albania reiterates its strong support to the OEWG’s mandate and underscores its commitment to work constructively to ensure a smooth transition for the future permanent mechanism to advance transparency, stability, and trust in cyberspace, and to strengthen the resilience of democratic institutions against evolving cyber threats. Thank you, Chair.


Chair: Thank you very much, Albania. Fiji, to be followed by Israel.


Fiji: Mbulevunaka, Chair, dear colleagues and dear friends. Fiji aligns itself with the Pacific Islands Forum statement and provides the following in our national capacity regarding sections A and B of Rev. 1. Firstly, Chair, Fiji thanks you for your leadership in our OEWG journey and we’d like to reaffirm our commitment as we lead to the conclusion of this week. With regards to section 8, Chair, Fiji welcomes paragraphs 9 and 12 regarding the need for more to be done to bridge the digital divides and the gender digital divide, and echoes the statements by Australia, Mauritius, Moldova, and a number of other states, and also refers to the working paper on gender and the permanent mechanism which Fiji has co-drafted and which is supported by a large number of states. Fiji also welcomes text recognizing the many cyber threats already impacting member states, especially impacting our critical infrastructure and critical information infrastructure, and the text on the discretion of states to designate their critical infrastructure and critical information infrastructure, which is an area of priority for Fiji, and we welcome collaboration in that regard. With regards to section B, Chair, Fiji welcomes text on new and emerging technologies such as artificial intelligence and 5G and quantum computing, as there is an urgent need to enhance common understanding amongst all states on the opportunities and the risks of these new and emerging technologies, and this has also been referenced by a number of delegations. Chair, data shows that in our region, in the first four months of this year, threat actors have publicly claimed almost one cyber extortion attack per month, compared with an average of one every four months over the previous two years, and we note that in reality, this number may be higher. Therefore, we support the calls for a dedicated paragraph on ransomware and welcome the text of the human-centric approach in paragraph 24, as has been echoed by delegations. Fiji also supports proposals by the European Union and the African Union and supported by other delegations regarding subsea cable infrastructure, the text amendment proposed by Malaysia and the UK on paragraph 20, the proposal by Ghana regarding paragraph 23 on incorporating security by design, the text proposal by France for paragraph 25. Finally, Chair, Fiji welcomes the reference to the need for strengthened cooperation between CERTs. and private-public partnerships in paragraph 32 to combat these cyber threats that we’re facing, and this has also been echoed by a number of delegations. Thank you, Chair.


Chair: Thank you very much, Fiji. Israel, to be followed by Pakistan.


Israel: Thank you, Chair, for the floor. As this is the first time a delegation takes the floor during the 11th round of the open-ended working group discussions, Israel wishes to congratulate and thank you and your team for the commendable efforts up to this point, which, if we all do our part during this week, could bring us to a report that will hopefully be adopted by consensus and pave the road for a seamless and smooth transition into the future mechanism and our institutional dialogue. Mr. Chair, in line with your guidance in our agenda, allow me to briefly share a few suggestions we have for the sections B and C of Rev. 1. There are, however, other very important issues that we intend to address later on in our deliberations. Mr. Chair, in paragraph 15, we would like to support the comments of the EU, made by the EU and the US, Australia, and others, that the language of, for exclusively peaceful purposes, should be omitted. In the spirit of compromise, we suggest replacing the language, for purposes exclusively in line with the principle of the UN Charter. This amendment better reflect, in our view, the appropriate scope of purposes that ICD capabilities should be employed for. We could also support the language proposed by Australia to amend this paragraph. In paragraph 16, keeping in line with the new language added at the end of paragraph 16, which refers to the possibility that criminal activities may impact international peace and security, it is important to add identical language to the threat. posed by terrorist groups, which undoubtedly reflects an equal, if not greater, risk to global peace and security. In response to comments by other delegations and in the spirit of constructive dialogue, we suggest adding may or potential before making reference to threats to international peace and security where appropriate. As for paragraph 17, in order to keep consistent with agreed language, we suggested adding the word malicious before the words ICT attacks. In paragraph 25, the word particularly suggests that the use of ICT capabilities in a manner that is consistent with the framework for responsible state behavior could nonetheless contribute to a threat to the international peace and security. This surely isn’t the notion we are suggesting, and this could be easily amended by deleting the word particularly. Additionally, we request that the word illegitimate be added before dissemination in order to keep the language of this paragraph consistent with the paragraph 34H in section C. On a final and more general note, as other delegations have commented, the reference made in section B to emerging technologies such as AI and quantum computing is overly detailed and overemphasizes the risks, rather the opportunities that these technologies may provide. It also gives an incorrect impression that we have thoroughly discussed these issues, an impression we would not carry on to our work in the permanent mechanism. Therefore, we find it appropriate that these areas of text be shortened and recalibrated to respond to the needs of the international community. reflect the promises these technologies may hold. We will provide these comments in writing to the Chair and his team as well. As for Section C, Mr. Chair, in the Zero Draft Paragraph 34C included an explicit reference to non-state actors. This reflects the reality that often it is these actors that conduct malicious ICT activities from the territory of one state against a third party. This acknowledgement is important, reflects our discussions previously, and is consistent with other paragraphs that explicitly reference to non-state actors. Therefore, we suggest adding the words, including by non-state actors, between two commas after the words, internationally wrongful acts using ICTs, in paragraph 34C. In paragraph 34H, a reference to lawful purposes has been added. This new language may create ambiguity, as the law does not always spell out what purposes are lawful, but rather prescribes rules of conduct. It is true that the former language referred only to international law, yet this could be remended in the clearer and preferable way by replacing these words with consistent with domestic and international law. As for paragraph 24J that deals with, inter alia, the sharing of information between the public and private sector, as well as between states, although we fully support the sharing of information between stakeholders, we would also acknowledge the challenges that the states may face in this regard due to a myriad of reasons ranging from domestic law to the lack of technical capacity. Therefore, we suggest adding the words as deemed appropriate after the words, as well as with the involvement of relevant stakeholders. I thank you, Mr. Chair.


Chair: Pakistan, to be followed by Ukraine.


Pakistan: Thank you, Chair. I have asked for the floor to make a few brief points. First, to express our profound appreciation for your dedication and professionalism, which I believe is recognized by everyone. Second, geopolitical environment in the past five years has discernibly worsened, impacting the ICT landscape and its implications for the global peace and security. Despite a shared comprehension of our collective work, global cyberspace continues to evolve as an emerging, rather, an established arena of conflict. We would have wished these concerns better reflected in the draft report. Third, the Chase revised draft report provides, in our view, a good basis to achieve shared objectives. We, like other delegations, have several proposed amendments in the draft report for it to better reflect our concerns and priorities. However, while doing so, we should remain cognizant of our overarching goal to arrive at a consensus report, which is already the least common denominator of our international understanding. In this spirit, we would strive to make as minimal interventions as possible and allow your efforts to forge consensus and contribute wherever required. Chair, I would like to briefly outline some feedback on the revised text. In Para 15, we support the reference to exclusively peaceful purposes. In the same Para, we’ll request for bringing back the language of zero draft on ICTs in conflict situations. In Para 16, we support impact international peace and security reference. In Para 25, we support the addition of appropriate safeguards and oversight efforts, but would propose to add within the United Nations at the end of it. We also support the reference to cryptocurrency in Para 24 and post-quantum cryptographic solutions in Para 26. We need to maintain a balance between applications of international law and norms, particularly on the possible new norms. The binding instrument or a combination of these approaches. Lastly, we believe that the progress achieved in the OEWG should be preserved and must not be allowed to relapse. Therefore, the only acceptable way forward is to continue in future discussions on security of and in the use of ICTs under the UN auspices. I thank you, Chair.


Chair: Thank you very much, Pakistan, for your contribution. Ukraine to be followed by Ireland.


Ukraine: Thank you, Chair, and thank you for all the efforts of you personally and your team throughout the process and with compiling a comprehensive final document. As a starting comment on the draft final report, Ukraine stresses the importance of adoption of the report that would not be detrimental to our work in this open-ended working group. In relation to the sections A and B, Ukraine fully aligns itself with the statement delivered by the European Union. Now our delegation would like to make some additional remarks in our national capacity. In relation to 12, we welcome the mention of the increasing level of meaningful participation of women in the work of the OEWG and the related decision-making processes, as we believe it makes the process itself a better balanced one. Our delegation positively notes the inclusion of the UN framework in Para 13, but we would like – we would recommend further emphasis on this issue throughout the document, primarily in paragraphs 7 and 8. We welcome the comprehensive reflection of current cyber threats, which provides an essential basis for advancing responsible behavior in cyberspace. In Para 15, we note that the nature of the ICT determines the possibility of its use for the self-defense purposes in accordance with the Article 51 of the UN Charter, which does not lift the obligation of the states to protect civilians from the consequences of malicious cyber operations. In this respect, we believe that the compromise line here could be a mention of using the ICT in compliance with international law. In relation to Para 34R, in line with what was already mentioned by some other countries, Ukraine considers as premature the discussion over the new proposals for norms on top of the 11 voluntary non-binding norms of responsible state behavior in cyberspace that are already in place. We suggest continuing and succeeding with the implementation of the existing 11 norms, and we suggest to put no pressure on the Secretariat regarding the circulation of the list of proposals that is to exclude Para 36. In this respect, we also note that the effective implementation of these norms by the states within the already existing international legal framework should and must precede a possible new international legally binding document in that regard. It is the issue of the will to implement and the responsibility in the first place. A binding document is not the magic pill. We all currently observe the unjustified military aggression against Ukraine lasting for over three years, which was was conducted by a UN Security Council member against another UN member state with full disrespect of the provisions of the already existing legally binding multilateral documents. Therefore, in relation to PARA 41, we cannot accept any language tasking any kind of group or structure within this final report or the future permanent mechanism for developing a binding multilateral document prior to a successful implementation by the states of the already existing UN framework. Having said that, we suggest revising the language to ensure that discussions should not only focus on cooperation, but also on implementing the UN framework. We remain committed to working constructively towards achieving a positive outcome at this session. Thank you, Chair.


Chair: Thank you very much, Ukraine, for your contribution. Thank you very much. Ireland, to be followed by Czechia.


Ireland: Thank you very much, Mr. Chairman. As this is the first time that I have intervened at this session, I would like to, as many others have, thank you for all of your hard work and that of your team over the course of the years of this process. We would align with the intervention of the EU. I thought that your own summary at the start of this meeting was very helpful, particularly your highlighting of the UN normative framework and the need to focus on what has been agreed by consensus over the course of the OEWG. In this regard, the UN framework of responsible state behavior must be at the core of our work in moving forward this process and indeed underpin our future permanent mechanism. As with Argentina, we recognize the importance of enduring and supporting the independence of American citizens. And that is the key to the of capacity building in this process and in the future perpanent mechanism. Turning to threats, Ireland welcomes the progress that states have made under the threats pillar, particularly in recognizing the devastating impact of ransomware and spyware on a global level. In this regard, we feel that ransomware can be further strengthened in the text as has been proposed by the EU and a number of other states already. Regrettably, over the course of the OEWG, we have seen a deteriorating security environment, increasing use of ICTs in armed conflicts and the breach of the consensus agreed UN norms of responsible state behavior. We must acknowledge the proliferation of state and non-state actors using cyber capabilities for disruptive and offensive means. In this regard in paragraph 15, we would oppose the reference to exclusively peaceful uses, which does not reflect the reality that ICTs are being used in conflicts already. In this regard, we can support the Australian proposal on paragraph 15. Today’s cyber criminals are better organized, have more developed capabilities and are more sophisticated in their approach than ever before and we must recognize this. We welcome the language on critical infrastructure and support the mentions in the AU statement and many others, most recently I think Fiji on the importance of CI and CII in this text. Ireland strongly condemns cyber activities that target healthcare facilities, which is a breach of the UN norms. In paragraph 17, in that regard, we support the highlighting of vulnerable sectors, particularly healthcare and maritime. Turning to the norms of responsible state behavior, we support it and we’re encouraged by the consensus development of the UN normative framework for responsible state behavior in cyberspace. This agreement was a major achievement. in our collective path towards a global, open, secure cyberspace. We strongly support the Voluntary Checklist that has been developed as an effective capacity-building tool for states, demonstrating the value of sustainable capacity-building initiatives. We also welcome in Section C, Paragraph N, the clarification on the appropriate role that norms play in the UN framework, and the important reiteration that norms do not replace or alter states’ obligations or rights under international law, which are binding. We have, in regards to many of the new norms that have been proposed, as others have previously mentioned, we feel that there has not as yet been sufficient substantive discussion on these, and therefore we would suggest that the emphasis of the four paragraphs on new norms seems out of step with the discussion of the OEWG. We would therefore propose to merge 3402P and delete 34Q and OR, as all of these paragraphs articulate the same point. This would also help to streamline the document. We would also mention that the recommendation in Paragraph 36 on the same lines perhaps might be premature, and so we’d suggest a deletion of that paragraph. On the capacity-building, we feel – sorry, apologies. Turning to legal, I think that many very good points have already been made. We could agree with the proposals that were made, particularly by the Dutch, but also some of the ones that were proposed by the Germans and the UK on legal matters. We think that there’s – at the moment, the balance here is not right, as many others have mentioned. You know, we have had a great deal of discussion on international humanitarian law over the course of the OEWG. We feel that this is not, as yet, reflected in the text, and we would feel that there is a good deal of change to be made in this section. But in the interest of brevity and the fact that many of these points have already been made as mentioned by other states previously, I will leave it at that for the moment. Thank you.


Chair: Thank you very much, Ireland, for your contribution. Czechia to be followed by Costa Rica.


Czechia: Thank you, Mr. Chair. The Czech Republic fully aligns itself with the statement delivered by the European Union and wishes to add the following remarks in its national capacity. First of all, let me commend all yours and your team’s tireless efforts throughout the entire OEWG process, and now particularly on the final report, driven by a vision to reflect as much as possible the wide range of views expressed by member states and to find an acceptable balance between them. And that is not easy. As we approach the conclusion of the OEWG’s mandate, the Czech Republic believes that consensus must remain the foundation of our collective work while preserving the fundamental elements of what the UN is based on, and also while preserving what we have already achieved, as you rightly mentioned, Mr. Chair, in your opening remarks, and we have already achieved a lot. Now let me make a few remarks to the specific parts of the report which we are now discussing, that means the first four parts. On the overview, we welcome how it covers our previous discussions, mentioning not only the OEWG reports, but also the GGE reports, because all of those discussions provided grounds for where we are now, as was mentioned, for example, by Japan and other delegations, and it is important to include that in the report. In the same vein… We would like to support the Netherlands, the United Kingdom, and others who propose to add links to other important GGE documents which are still missing from the report. On chapter B on threats, we appreciate the inclusion of key concerns, such as cyber operations targeting health care in Para 17, or the growing impact of ransomware in Para 24, as highlighted also by Columbia and many other states, and including the emphasis on a human-centric approach to it in Para 24, as mentioned, for example, by Fiji, and also the risks posed by emerging technologies in Para 27. This inclusion is crucial, as we are all struggling with these threats. And that is why we should also focus on capacity building in this respect, as mentioned, for example, in Para 32, which we welcome. And that is also why we should direct our cross-cutting discussions that way in the future permanent mechanism, and why we see a high merit in involving private sector in such discussions, while not disputing, of course, the intergovernmental character of this process. But the private sector has the expertise which we, as the governments, do not have, obviously, and therefore is irreplaceable and very valuable for us. On the specific wording on this section, we would like to propose just two minor adjustments for clarification purposes in Paragraph 15 and 25. The last sentence of Para 15, in that sentence, we propose to delete the words for exclusively peaceful purposes and replace them in compliance with international law, as mentioned just a while ago, for example, by Ukraine. And we could also support the proposal by Australia, voiced earlier this morning, which goes in a similar direction. And likewise, in the last sentence of Paragraph 25, we propose replacing the words for lawful purposes in compliance with international law. On Chapter C, norms, the Czech Republic has consistently emphasized that priority must be placed on the implementation of norms which have already been agreed by consensus and we would strongly caution against introducing new norms especially those that have not been thoroughly discussed within the OEWG as this risks undermining the focus on practical application which is crucial. In this regard we note with concern para 34 P of the draft report which suggests that norm development and implementation can proceed in parallel and it is precisely because we place such emphasis on emphasis on implementation we welcome the inclusion of the voluntary checklist of practical actions just as it was mentioned by the Republic of Korea and some other states. We fully support this tool as a practical means to guide national efforts and promote shared understanding. While we generally welcome all suggestions for improvements we do not see the suggestion contained in para 36 to compile and circulate to delegations and non-exhaustive list of proposals to be based on previous discussions. For this reason we join numerous other delegations and request its deletion. And in the last sentence of para 34 H for the same reasons explained for example by Israel we propose replacing the words for lawful purposes with in compliance with international law. And finally on section D on international law we would like to thank you for taking into account some of our comments including in paragraph 39 B double I which in our view has improved. However the broad substantive discussion on this topic has not yet been adequately reflected and we would like to see further elaboration on this matter in particular in relation to international humanitarian law. Similarly we appreciate the inclusion of additional important documents and initiatives in para 41. However due to these additions the paragraph now appears somewhat difficult to navigate and we therefore propose splitting it into sub paragraphs in line what was suggested by Germany, and grouping the references according to their origin. And speaking about paragraph 41, we also request the deletion of the notion possibility of additional legally binding obligations, as we do not see there has been consensus on this topic. And for the same reasons, we would also request deleting the reference to the General Assembly document A-77-984. And just like many others, we also regret that the last sentence of paragraph 40C from the Zero Draft has been removed, as we believe it constitutes an essential substantive addition, and we therefore request its reinstatement. Mr. Chair, the Czech Republic is fully committed to listening to other states and to reaching consensus by the end of this week. And we would like to conclude with the belief that we are all here to work toward an agreement on a practical, action-oriented, and inclusive future mechanism, with a high focus on capacity building and on putting the existing normative framework into practice, also through international cooperation. And we should all do our best to reach that goal. Thank you.


Chair: Thank you very much. Czechia. Costa Rica, to be followed by Brazil.


Costa Rica: Thank you, sir. Costa Rica appreciates your leadership in this final stage of the process. We appreciate the inclusiveness and transparency with which you have guided the work of the working group, and we recognize the effort reflected in the revised version of the report. Regarding section A, we highlight the way in which the text recognizes the key role of international cooperation in building an open, secure, stable, accessible, peaceful, and interoperable ICG environment. Capacity building not only complements, but also enables the effective implementation of standards, confidence-building measures, and international cooperation. law and is a priority for countries facing structural challenges in developing their national capacities. Regarding Section B, we believe it is right that the text identify ransomware as a significant and expanding threat, in line with the concrete experience of countries such as Costa Rica, where this type of attack has seriously affected essential public services. We also welcome the fact that the text recognizes the new risk factors associated with emerging technologies, such as generative artificial intelligence and quantum computing. Mr. Chair, we echo, as was mentioned by the delegation of Mauritius in support of El Salvador, Moldova, Colombia and others, on the equal and meaningful participation of women in decision-making processes related to the use of ICTs in the context of international security. Finally, we join the call expressed in the room to work with flexibility and constructive spirit, with the objective of adopting a consensus report that reflects the collective progress achieved. Multilateralism, as this group has demonstrated, remains the indispensable framework for addressing the global challenges of cyberspace. Thank you very much.


Chair: Thank you very much, Costa Rica, for your contribution. Brazil, to be followed by Cuba.


Brazil: Thank you very much, Mr. Chair. My delegation would like to express its appreciation to you and your team for your work throughout this process, in particular for this REV1, which we believe is a very good basis for our continued discussions and, though, of course, with some room for improvement, makes a very good, very successful in balancing. some diverging and sometimes conflicting positions on this issue. Turning to the overview, my delegation appreciates the due recognition given to cooperation and capacity building, and would like to see that remain. We also would like to see the retention of paragraph 12, Language on Gender and Women, which we highlight is the same wording as the one adopted by consensus in the third APR, so we would like to see that remain. On paragraph 13, we also join other delegations in asking to have the reference to the GGE reports, which are part of the UN AQI on the security of and in the use of ICTs, and as others have mentioned, we highlight that these reports were endorsed by consensus General Assembly resolutions. Our future work should build upon what we have already achieved, and that includes the GGE reports. On threats, we agree with El Salvador on reverting the language on paragraphs 15 and 16 to that of the Zero Draft, which we believe better reflects the delicate relationship between ICT criminal activities and ICT activities that amount to threats to international peace and security. We support, however, the Swiss proposal to add, at the end of paragraph 15, a sentence on the protection of civilian populations in situations of conflict. Furthermore, on paragraph 24, we align with the proposals made to have a separate paragraph specifically on the issue of ransomware, given the prominence of this threat currently, and can support the language that has been put forward by other delegations. We also appreciate the changes made to paragraph 25, particularly regarding the use of the adjective irresponsible. which we believe is better defined in the current wording. We are, of course, willing to work with delegations on further refining the language, as long as we are mindful to keep any references to it within the mandate of this group and what was actually discussed on the issues. Moving on to norms on paragraph 34, we can support the UK’s proposal on adding more, a stronger, clearer reference to the 11 norms and responsible state behaviour on the chapeau of that paragraph, lifted from the previous OEWG’s final report. And moving on to international law on 40C, we would also support reinserting the last phrase from the zero draft on definitions of use of force and also would like to reiterate a proposal we made in previous Town Halls to have an additional subparagraph under 40 that is based on the ICRC humanitarian resolution, which would then read, States further recalled that in situations of armed conflict, IHL rules and principles serve to protect civilian populations and other protected persons and objects, including against the risks arising from ICT activities. These are our remarks for now. As you and others have stated, our final week of negotiations take place in a challenging geopolitical environment. We, however, have succeeded in reaching consensus in other challenging circumstances before and remain confident that, guided by your able leadership and our collective goodwill and flexibility, we can reach a consensus outcome once again. Thank you.


Cuba: And here, in addition to what was stated by the Delegation of Nicaragua on behalf of the group of countries sharing ideas related to our common view on international norms and law, I should like to propose the following. We support maintaining P, Q, and R of Paris 34 of Section C on norms. In Section D on international law, we like deleting the reference to unacceptable use of force, which was in the zero draft of the report, as there were controversial documents which were not discussed within the context of the OEWG. However, looking at paragraph 41, we still see references to questions where there is no consensus in the OEWG, such as the references to international law, IHL, international humanitarian law, be that directly or indirectly, by means of the reference to documents that were drawn up beyond the framework of the OEWG and which are not universally accepted. We would like to stress that we want to see the dilution of any reference which could be kindred with the notion defending the applicability of IHL to cyberspace, and therefore this could lead to unacceptable interpretations seeking to legitimise this sphere as another one of war. We suggest re-wording the second paragraph of paragraph 42, sub-paragraph D, so that it should exactly reflect what happened in the OAWG, taking into account that not all the national or regional positions distributed to the working group were discussed in this framework. Thank you very much, sir.


Chair: Thank you very much, Cuba. Viet Nam to be followed by European Union.


Viet Nam: Mr. Chair, at the outset, Vietnam would like to extend our appreciation for the continued leadership and great efforts of you and your team in preparing the draft of the final report. We also commend the initiative to convene the Tahoe meetings, which have served as an inclusive platform to exchange views and promote greater understanding among members and stakeholders. Vietnam supports the adoption of the final report by consensus. Despite ongoing differences in perspectives among member states, the OAWG process has seen meaningful progress across various thematic topics. We believe the final report should reflect all these achievements. It should avoid overly detained and divisive elements that risk undermining consensus and instead aim to address shared concerns and priorities. The report must clearly outline areas of convergence and consensus, while also comprehensively reflecting the wide range of views expressed during the group’s discussions. In this vein, we would like to make the following comments on the first two sections in the draft 1 of the final draft. Regarding section A, we echo the emphasis by previous speakers on capacity building. which is essential for countries, especially developing ones. We stress the pressing need to put capacity-building initiatives proposed during the OEWG into operation, even as pilot programs, to address the growing needs of developing countries in strengthening resilience and ensuring ICT security. Delaying action until a fully completed framework is in place risks missing critical opportunities to respond to emerging ICT threats. To reflect this view, we would like to make two small amendments to paragraph 8 and paragraph 9, which will be provided to you in writing later. On section B, we support the current revised draft, which has identified existing and potential ICT threats. We believe this section provides good basis for discussion in the future permanent mechanism. Mr. Chair, our delegation would now like to turn briefly to on section D on international law. The group discussion on this topic has been significantly enriched by a wide range of national and regional positions on how international applies in cyberspace. We believe the final report should reflect the areas of convergence among these positions. We would also like to see clearer reference to the application of some areas of international law, particularly state responsibility, human rights, and international humanitarian law in the final report. In this regard, we thank you and your team for updating draft 1 with the working paper entitled application of international law in the use of ICTs, areas of convergence by a cross-regional group of states to which Vietnam is a member. We support the recommendation in the final report to continue the discussion on international law in the future permanent mechanism where states and encourage to share their national views and position. We believe that the mechanism should capitalize upon the convergence among national position by promoting progressive codification of international cyber law. This could result in a concrete outcome such as a guideline, declaration, or set of understandings on the application of international law in cyberspace, which will certainly contribute to the maintenance of international peace and security and promotion of an open, secure, stable, accessible, and peaceful ICT environment. I thank you for your attention.


Chair: Thank you very much, Vietnam, for your statement. European Union, to be followed by Cote d’Ivoire.


European Union: Thank you, Chair. I have the honor to speak on behalf of the EU and its member states. The Canada countries, North Macedonia, Montenegro, Serbia, Albania, Ukraine, Republic of Moldova, Bosnia-Herzegovina, and Georgia, and the EFTA country, Norway, member of the European Economic Area, as well as San Marino, align themselves with this statement. That means 37 states, as said before. Please allow me to come back to what I said earlier today. We should not allow this report to lose the progress we made on the UN framework, including the 11 voluntary non-binding norms of responsible state behavior. We should not lose it by putting an emphasis on new proposals, which have not been properly discussed, rather than focusing on the further implementation of existing norms. Moreover, the Russian intervention earlier today shows that we actually are even at risk losing our work on the framework altogether, with Russia wanting to just observe it rather than express its commitment to it. And again, I really ask everyone in this room to think about what that would mean if states would not feel themselves restrained by the UN framework of responsible state behavior. cyberspace. Particularly on norms, to date, the open-ended working group discussions on new voluntary non-binding norms have been limited in scope. And the proposals made could be covered by existing norms, or would fall outside of the scope of the open-ended working group mandate. Also, we have not had sufficient substantive discussions on new norms. And therefore, the emphasis of four paragraphs on new norms seems out of step with the discussion of the open-ended working group. We therefore propose to merge 34O to P, and delete Q and R, as all of these paragraphs are duplicatory, and as these articulate actually the same point. We also call for the deletion of the repeated references to the chair summary annexed in the 2021 open-ended working group reports, as just this chair summary is not a consensus document. Further, to compile a list of new norms is premature. Not only are most states, including EU member states, still focused on implementing existing norms, which we consider to be a comprehensive set of expectation for responsible state behavior in cyberspace. The discussion on potential development of new voluntary non-binding norms is something for the future permanent mechanism to decide whether to potentially take on, considering the current level of discussions in this open-ended working group. The already existing consensus language on these issues, which you can use for the final report, and as we are negotiating this final report right now. We therefore request the deletion of paragraph 36. We stress that reflecting the overwhelming appetite of states in this process, we need to keep our focus on the implementation of the existing set of norms, and provide capacity building to effectively do so, as well as identify on that basis any gaps before considering whether new norms are actually necessary. Regarding the implementation of norms, we welcome the recognition of the value of the whole of government coordination in paragraph 34b. Further, with regard to. implementation, we welcome the paragraph 37 of the Adoption of the Voluntary Checklist of Practical Actions for the Implementation of Norms. It functions as a reference for states working to implement the norms, and we would further support the identification of related cybercapacity-building needs in this context. We also look forward to using it ourselves. Let me turn to international law. Over recent years, the international community, repeatedly in the Open Ended Working Group as well as in the UNGA, has affirmed that international law applies in cyberspace. This affirmation has allowed us to make progress, detailing how international law applies and furthering international security and stability. The Open Ended Working Group has taken important steps to clarify how international law applies and to ensure that states uphold their legal obligations in this context. Many working papers have been put forward, including on the application of IHL, such as the cross-regional working paper submitted by Switzerland and 12 other states, presented by Senegal in March 2024 on IHL, and the cross-regional working paper on the application of international law and the use of ICTs, areas of convergence, submitted on behalf of a number of countries across regions from 21st of May 25, also referred just now by Vietnam. Also with the declaration of the EU and its member states in 24 on a common understanding of the application of international law to cyberspace, as well as the common position of the African Union in this context, over 100 member states have now individually or collectively published their position and views on the application of international law. We see this as significant progress by the current Open Ended Working Group and a milestone, because it has brought not only further clarity on how international law applies, but also enabled us to identify common ground. Common ground that we feel needs to be reflected in the final Open Ended Working Group report. It simply cannot be that all the efforts to further and implement UN consensus on international law is placed at the same level as non-consensual proposals by individual states advocating for a new legally binding instrument, which is not the sole solution to addressing cyber threats, and we all know this. We do not think it’s appropriate to move away from the UN Framework for Responsible State Behavior and therefore do not see room for the reference to the letter with the Russian proposal in paragraph 41. Particularly since this paragraph relates to how international law applies and even more so as this has not been debated in the Open-Ended Working Group. We therefore ask for deletion of the reference to this letter in its entirety. The possibility of future elaboration of additional legally binding obligations could be discussed, if appropriate, and once gaps may have been identified following our further discussions on how international law applies. We already acknowledged that and we already made a compromise on this, of which everyone is aware. We have language on this in the consensus reports of last year that can help us to achieve consensus this week. Also paragraph 41, as it stands, is in general quite heavy and it contains documents that are not of the same nature or value. We would suggest dividing the paragraph into parts and in particular having the landmark ICT resolution adopted at the 34th International Conference of the Red Cross and the Red Crescent recognized on its own. Particularly in this section on international law, we reiterate our strong preference for a structure that shows a clear separation between paragraph that concerns the re-information of the applicability of international law and the consensus interpretations of how it applies gained through this open-end working group from new proposals that have not garnered consensus but could be part of future discussions if gaps are found to exist. We should continue to discuss how international law applies to cyberspace and could should continue the implementation of rules, norms, and principles supported by cross-cutting discussions in dedicated working groups and by capacity building. Through this, we can see how to best strengthen the UN framework. This can also be done through scenario-based discussions. In order to identify the gaps, the report needs to actually reflect the progress made on the application of international law. And given that all that we have achieved, and in the understanding to need to find consensus by the end of this week, the EU requests for the final report to simply acknowledge the progress the Open End Working Group has achieved regarding the application of international law, including on the Charter, on peaceful settlement of disputes, international humanitarian law, international human rights law, and the law of state responsibility. We have language proposals on each of these items that could be reflected to this end, and we will share this with you in writing. But please allow me to highlight just one now, which I know other states have and will continue to address as well. We suggest to include a clear reference to the applicability of IHL in cyberspace and the progress made to this end, building on the various cross-regional working papers mentioned, including also the reference to principles of humanity, necessity, proportionality, and distinctions in situations of armed conflict. As others have suggested, we would also welcome the inclusion of language of OP4 of the consensus resolution adopted by the 34th International Conference of the Red Cross and Red Crescent. And this could be included in the new subparagraph 40H. Achieving consensus on language on state responsibility, human rights law, and IHL have proved to be challenging over the lifetime of the Open End Working Group due to the objections by a small number of states. If the final


Chair: report does not allow us to identify these areas of consensus, at a minimum they should be acknowledged as areas of convergence, as it is not acceptable that the view of the vast majority of Member States were ignored in the final report. on these crucial issues. Furthermore, as regard our discussions on international law, we agree that discussions on how international law applies between legal experts is useful and necessary and this should continue in the plenary discussions as well as dedicated as one of the pillars on the cross-cutting DTGs. We reiterate that discussions on international law between states should be placed in the context of challenges we face and should not be treated in just a silo. How international law applies is not just a theoretical debate nor should the outcome of this debate be predetermined by some states. The debate on international law should most importantly allow states to exchange on practices, seek mutual understanding and common ground as well as build capacity of states on how specific rules and principles of international law apply. In this regard, recommendation 43 is pre-empting the discussions under the future permitting mechanism by adding references to specific draft proposal on a convention. Annex C of last year notes the possibility of future elaboration of additional binding obligations if appropriate and should not be reinterpreted or rewritten. As said, we have accepted this language as a compromise under the pretext that we continue to work on the implementation and if any gaps are identified we could enter in such discussions. We therefore do not consider it necessary or appropriate to mandate the future permitting mechanism to specifically continue the discussions on this specific proposal. We must continue to work on our understanding how international law applies in line with the fragile consensus achieved in Annex C of last year and not stretch this fragile consensus by adding references to a draft convention. We therefore request to put a full stop in the recommendation 43 after ICTs. For a smooth transition to ensure a clear mandate for the permanent mechanism, one that is grounded in the UN Framework of Responsible State Behavior, one that enables the implementation of the UN Framework through action-oriented discussions, one that facilitates capacity building, and one that, if appropriate, and once gaps have been identified, could look into measures of further discussions. This effort towards a smooth transition becomes challenging if other states continue to insist of adding a detailed proposal to an already fragile compromise we have made over recent years. It is all of the pillars of the UN Framework, including, but not just only, international law and their effective implementation that will ensure stability and security in cyberspace. And the effort of implementation will also lead to further discussion on gaps, if they exist, and further measures, if appropriate.


European Union: We should therefore continue to work on the implementation and not dismiss or rewrite it. Let me also continue with CBMs now, if you indulge me, which is another important tool, in addition and in connection to the other pillars I just discussed, that can help us to advance security and stability in cyberspace. Let me thank you for all your efforts, and we are very supportive of the work that you have done in this open-ended working group. We have established eight CBMs, of which we have been able to operationalize one significantly, the POC Directory. While we support these efforts, we also caution against adding too many new elements in the final report. Our collective aim should be to build trust and confidence, which is something that takes time, as we all know, and it requires a strong buy-in and consensus from all UN member states. We therefore suggest to be modest in the final report with new commitments, including in general terms, such as stressing the development of additional CBMs twice in paragraph 47, and refrain from proposals that are unlikely to find consensus, such as the development of technical ICT terms and terminologies, as well as a template that was actually developed as an example by the Secretariat. We have not discussed it, and adopting it would also go beyond what is common practice on the POC networks, such as in the OSCE and in the CERT networks. Their voluntary nature also reflects the need for operational flexibility to adapt to the different organizations and address the dynamic environments in which they are used. We also caution against including the norm and reporting of ICT vulnerabilities in 46F and present it as a CBM, and we caution against putting in obligations as regards to facilitation of access to ICT security goods and services in 46L. Not only have these proposals not been discussed in detail, including regarding their potential nature as a CBM, they have not garnered broad support, and it’s difficult to see a pathway to consensus with these proposals. Placing them into the final report without an exchange during the open-end working group could only undermine the idea that the report will reflect consensus, and in addition is preempting discussions under the future permanent mechanism, while also hampering progress on the implementation of your actual achievements on CBMs today. In this vein, we stress the need to focus on the further development and the implementation of the eight CBMs we already agreed upon, and to just improve the POC directory at this stage. We recognize the value of the directory in enabling communication between states during situations that may threaten international peace and security, but we have also raised our concern about instances of misuse of the directory, an issue that was publicly noted by France and Germany during the February 25 session. We support the Secretariat’s efforts to operationalize and maintain the directory, but we believe that the directory as such needs to first function well, and that existing challenges must be addressed before we can consider an expansion. We believe the priority should be to increase participation and enhance states’ capacity to use the directory in accordance with its agreed purposes. Further development should be informed by the practical experience gained through its use. To summarize, while we are very grateful for your effort in developing the CBMs that we have to date, we suggest it should be left to the future permanent mechanism to guide further discussions and to, moreover, focus on concrete action to implement the actual achievements of this open-ended working group. Thank you very much, Chair.


Chair: Thank you, European Union. Cote d’Ivoire, to be followed by Fiji.


Cote d Ivoire: Mr. Chairman, my delegation aligns itself with the statement delivered by Niger on behalf of the African group, and we wish to duly pay tribute to you for your excellent stewardship of the work over the past five years. We recognize the key role of confidence-building measures in easing tensions as well as improving shared understanding of the framework for responsible conduct of states. We have always supported the various significant measures that we have gradually undertaken over these past few years. These include the initial list of confidence-building measures as well as technical and technological terms for ICT, including the global directory for points of contacts. We recently joined the directory through the nomination of the national focal point, and we are also supportive of continuing and deepening the implementation of this framework as part of the standing future mechanism. We believe that biannual ping tests and exercises and mock simulations are key for its smooth operations and should be fine-tuned. We also support the communications model that was proposed by the Secretariat, as reflected in Annex 2 of the draft report. key tool for facilitating communication, transparency, and confidence among the points of contact. Furthermore, when it comes to extending the open-ended working group, we believe it is wise to stress that the future mechanism should explore to a greater degree the means of encouraging more significant participation in this directory through targeted capacity-building modalities. Moreover, there is an important need to specify for future consideration the priority that needs to be granted for strategies to ensure universal accession to the directory. I now turn to capacity-building. Due to the significance of this, as reflected in the report, we support a regular convening of these meetings, preferably on an annual basis. We also welcome the updating requested by the Secretary for the Establishment and Operationalization of the Global Portal before the first substantive session of the future standing mechanism. We hope that this updating exercise will duly reflect the exchanges on the subject during the 10th substantive session of the OEWG, specifically with more information about the modalities for management of the portal. As a beneficiary, we have appreciated the scholarship program for women in international security and cyberspace. We also reiterate our gratitude to the various donors to this program, specifically Germany. We call for sustaining this initiative and strengthening it through adequate and sufficient financing. To conclude, we fully support the OEWG as well as the successful conclusion of the mandate. Thank you.


Chair: Thank you very much, Côte d’Ivoire, Fiji, to be followed by Islamic Republic of Iran.


Fiji: Thank you, Chair. I have the honor to deliver this statement on behalf of the Pacific Islands Forum with a presence in the United Nations. Namely, Australia, the Cook Islands, Fiji, Kiribati, the Federated States of Micronesia, the Republic of Marshall Islands, Nauru, New Zealand, Palau, Papua New Guinea, Samoa, Salmon Islands, Tonga, Tuvalu, and Vanuatu. On norms, we reiterate our position that the focus must remain on the implementation of existing voluntary non-binding norms. Our members are at varying stages of operationalizing these norms, including identifying national critical infrastructure and critical information infrastructure, developing cyber incident response capacity, and applying whole-of-government approaches. Discussions on new norms, particularly without consensus or a clear gap analysis, are premature. We are not opposed to new norms of responsible state behavior, however, given our constrained resources, we need time to implement the 11 agreed norms. The voluntary track list is a helpful step towards mainstreaming norms implementation, but we also need consolidated guidance, capacity support, and peer exchanges to fully realize their potential, which is crucial. On international law, we continue to support a principled approach grounded in the UN Charter and other relevant international legal obligations. We endorse the applicability of international humanitarian law in situations of armed conflict and reaffirm that human rights apply online just as they do offline. While the REV. 1 text reflects many perspectives, the Pacific shares concerns, also shared by others, that it fails to reflect the depth of legal discussions that have taken place within the OEWG, including the high degree of convergence on areas such as international humanitarian law and human rights. We are of the view that a better balance needs to be struck between acknowledging a diversity of views and faithfully reflecting the views of an overwhelmingly majority of states. We would like to see our final annual report demonstrate the progress that has been made in the OEWG. We call attention to the need to further references to state responsibility and further detail on the peaceful settlement of disputes, both important to our understanding of responsible behavior. We are concerned by the lack of balance demonstrated by reference to the possibility of developing additional legally binding obligations, noting that many states have expressed a need to build legal capacities first and that this is a necessary step to enable states to engage in discussions on how existing international law already applies before considering whether there are any gaps. Legal capacity building, including scenario-based training and regional workshops, will be essential to ensuring all states can meaningfully engage in these discussions. Chair Fiji will also be taking the floor later on Sections B and C in our national capacity. Thank you.


Chair: Islamic Republic of Iran, followed by Australia.


Islamic Republic of Iran: Thank you, Mr. Chair. We have the following specific comments on norm section. As noted in our comments on paragraph 25, states have identified commercially available ICT intrusion capabilities as a threat, but specific measures to address it have not yet been discussed in the open-ended working group. Therefore, we cannot support the inclusion of paragraph 34H in the final report at this stage. Paragraph 33 of the third annual progress report explicitly underscores that the voluntary checklist is to be discussed and updated at the forthcoming OEWG session. However, it is a fact that states have not discussed the checklist in any of the meetings held after the eight substantive sessions of the OEWG. Therefore, we request the deletion of paragraphs 34L and 37, as well as annex 1. We further propose that consideration of the checklist be deferred to the future permanent mechanism. In this regard, we propose the following language as the recommended next step on the checklist. I quote, states to discuss and update the voluntary checklist within the framework of the future permanent mechanism, with a view to its development and finalization, while recognizing that it is the prerogative of each state to structure its implementation efforts in accordance with national policies and circumstances. We appreciate the inclusion of paragraphs 34P, Q, and R, and 36 regarding the development of new norms, and we strongly support their retention in the final version of the report. Any attempt to remove these paragraphs would seriously undermine the overall balance of the section on norms, which would be unacceptable for us. In this context, we are concerned about the reference in paragraph 36 to the inclusion of new norms proposed by stakeholders in a list to be compiled by the Secretariat. This approach is not acceptable, as such proposals have not been subject to intergovernmental discussions. We express our support for the specific language proposal put forward by China during the previous meetings on data security. Mr. Chair, we are surprised by the request from some delegations to remove the reference to the Chair’s summary, given that this document has been referenced repeatedly in previous annual progress reports adopted by consensus. For instance, the Chair’s summary is mentioned seven times. in the third annual progress report alone. Therefore, we cannot support the request for deleting references to the chair’s summary throughout the final report. On international law, we believe that section on international law lacks overall balance as it reflects only one existing approach, namely the sufficiency of existing international law and its application to the ICT domain. To ensure a more balanced treatment, the report should also reflect discussions on the potential development of additional legally binding obligations, particularly in paragraphs 38, 41B, and 42. To accurately reflect the discussions held over the past years, we also propose adding the following sentence at the end of paragraph 42F. I quote, in this regard, a proposal was made concerning the update concept of the United Nations Convention on ensuring international information security. End of quote. We welcome the removal of the reference to the use of force in paragraph 40C, which is a positive development. However, we remain concerned about the reference to article 33, paragraph one of the UN Charter in paragraph 40B, which lacks consensus and reflects significant divergence among the state and therefore should be deleted. A new paragraph 42D has been introduced referring to national and regional views on the application of international law. It states that these views were discussed within the OEWG, which does not accurately reflect the proceedings. Given the current lack of clarity regarding the responsibility of the private sector and platforms with extraterritorial impact in the ICT environment, we underscore the importance of in-depth discussions on their obligations within the framework of the future payment mechanism. We therefore request that the reference to this important issue be retained in. Paragraph 42B. Mr. Chair, concerning the unsubstantiated political accusation made by the representative of Albania, I would like to bring the following to your attention. First, the Islamic Republic of Iran categorically rejects and denounces any kind of unwarranted attribution for the alleged cyber attack on Albania’s infrastructure. This accusation is completely unfounded and is hereby rejected and condemned. Second, given the nature and technical characteristics of cyberspace and the challenges of attribution in the information, communication, technologies, environment, Iran warns of the negative consequences of falsified and forged attribution to the state. We need to observe the principle enshrined in the UNGA Resolution 73-27, which states that all accusation brought against a state in organizing or committing wrongful acts should be substantiated. Paradoxically, this principle has been ignored by those states that advocate implementing the norms of responsible state behavior in ICT environment, and at the same time make groundless accusations that contradict these norms. Publicly attributing responsibility for incidents in the information space to a specific state without any technical evidence is unacceptable and constitutes irresponsible behavior in the ICT environment. Such behavior clearly underscores the validity of certain states’ concerns that existing norms are insufficient and that new norms must be developed. Third and finally, I would like to underscore that Iran, as the primary target and main victim of cyber attacks against its vital infrastructure, has expressed its readiness for technical cooperation since the very first day these baseless claims were made by Albania. Yet, to date, we have received no response. I thank you, Mr. Chair.


Chair: Republic of Iran for your statement. Australia to be followed by China.


Australia: Australia aligns itself with the Pacific Islands Forum statement delivered by Fiji and we will now make some additional remarks in our national capacity. Chair, on norms and international law, we appreciate that there have been some positive additions but we suggest that these sections could be improved considerably to strike a better balance in the text and to more accurately reflect the discussions that have taken place in the OEWG. First, turning to norms, on paragraph 34n we agree with many others that the new additions should be moved to the chapeau of paragraph 34 and additional consensus language on the 11 voluntary non-binding norms of responsible state behavior should be recalled. On paragraph 34h we propose the same change here as in paragraph 25 since these paragraphs are linked amending for lawful purposes to consistent with international law. On the new paragraph 34r and the recommendation in paragraph 36 we echo others that there is no consensus among states to compile and circulate a list of proposals on norms. Only a small number of states have advocated for new norms while many more states have pointed out that such proposals may already be addressed by existing norms. We have also heard from many developing states that have raised the need to focus first on building capacity in order to implement existing norms. We therefore request that these paragraphs be deleted. On paragraph 37 we support the adoption of the voluntary checklist of practical actions and note it could be further enhanced by mainstreaming gender equality actions under relevant norms as detailed in the cross-regional paper on gender and the future permanent mechanism. Turning now to international law, on paragraph 40C Australia supports retaining the last sentence from the zero draft on the use of force which has been omitted in Rev 1. The supplementary detail was a very positive addition that added granularity on common understandings reached. Australia also joins Vietnam in calling for insertion of additional language in line with the cross-regional paper co-sponsored by Australia and a group of 16 other states on the topics of international human rights law, the law of state responsibility and international humanitarian law. This text could be included in paragraph 40. The proposed language in the paper reflects progress made and emerged common understandings reached on international law in the OEWG. The language draws from agreed language adopted by all states including the 2021 GGE report and is supported broadly by states across different regions. On paragraph 41 Australia welcomes the inclusion of references to the two OEWG cross-regional papers on international law as well as references to the discussions that have taken place on IHL and state responsibility. We consider that a reference to international human rights law should also be included to accurately reflect our discussions. In paragraph 41 we are however concerned with the reference to possible additional legally binding obligations which is a topic that has received very little support and does not fall within the scope of the topic of how international law applies to the use of ICTs. It duplicates content already elsewhere in the report including at paragraph 42 F giving it undue prominence in the international law chapter. The letter referring to a convention is also not relevant to the topic of how existing international law applies. These references in paragraph 41 should therefore be deleted. We further suggest placing the reference to the 34 ICT resolution in a separate paragraph to reflect its special status as a consensus document. Noting that we have heard many in the room today call for more substantive content on IHL, including from Brazil and the Republic of Korea, we consider that this paragraph would present a good opportunity to insert a grade 34 IC language on IHL. In paragraph 43 we echo the EU and others in calling for the recommendation to end with the words applies on the use of ICTs as we should not prejudge the topics to be discussed in the future permanent mechanism. Thank you Chair.


Chair: Thank You Australia. China to be followed by Finland.


China: I would like to thank you your team and the Secretariat for your efforts to promote consensus. We would like to align ourselves with Niagara for their statement. On behalf of our delegation, I would like to make the following additions. On section A and B, I would like to make three points considering time constraint. We would like to provide our written recommendations on edits. First, considering the fact that China is not only a target of cyber attack by malicious actors in the cyberspace, by state actors in the cyberspace, China is also the victims of these state actors in spreading misinformation, disinformation on attribution. Given the power of China, I would like to ask that we add 17 bits after paragraph 17. I would like to read the addition. States expressed serious concerns regarding the spread of disinformation on attributions of malicious ICT activities. In the norms section, I would like to add relevant wording as well. Point number two. On paragraph 16 and paragraph 24, China believes that cyber criminal activities are different from malicious cyber activities that impact international peace and security. We believe that under the UN framework, there is a specific mechanism that is dealing with the issue. So we should not equal these two things. At the same time, ransomware, in essence, is a cyber criminal activity, and it should not be linked to any impact on international peace and security. China would like to propose deletion of relevant wordings. On paragraph 15, the use of ICTs for exclusively peaceful purposes has long been a consensus among us. When ICT is being widely used in conflicts in the current landscape, This shows that we are advocating for the use of ICTs for exclusive peaceful purposes. This shows our foresightedness and the significance of the use of ICTs for peaceful purposes. Because of this, we do need to keep the reference here so that we could send a signal to the international community that we are firmly committed to promoting the use of ICTs for exclusively peaceful purposes. Section C and Section D, China has three points to make. First, there should be a balance between norms and international law. Creating existing rules and creating new rules should also strike a balance. This is why we were able to reach consensus in previous sessions. This is not only included in summaries of our previous discussions. This also is reflected in the wording and the organization or structure of recommendation parts. On the summaries of our discussions, in this OEWG session, many countries, including China, in terms of supplier security, data security, cross-border data sharing, attribution cooperation mechanism, gap disclosure, vulnerability disclosure. have made many suggestions and have conducted discussions in these areas. Throughout the whole process, China has always proposed this global security – a data security initiative. Considering PARA 41 has made a detailed summary of our discussions on international law, we would like to put these suggestions and recommendations into the discussions on norms. On PARA 41, I would like to remind us that under international law, we also talked about UN Charter and the principle of sovereignty as well as other major important topics. We would like to ask that those things could be reflected here in our discussions part. At the same time, we should change our topic directly to international law in order to reflect our discussions in a more accurate manner. Now when it comes to recommendation part, recommendations on norms should be consistent with the part under international law. We would like to ask in terms of PARA 35, we need to change states to continue exchanging views to – states to continue to engage in focused Paragraph 36 On commercially available intrusion capacities, China has always made it clear that the transfer of cyber weapons between governments and the spread of aggressive weapon technologies are something that are more concerning. The current text is far from being balanced. In particular, when it comes to Para 34H, it does not consider the major source of threat, which is state actor. It only focuses on commercially available ICT intrusion capacities. It is China’s belief that this is in fact not focusing on what matters and this is not an approach that we should adopt. We would like to suggest deleting H. At the same time, I’ve noted that countries that support the retention of Para H are countries that are opposing the creation of new norms. We hope that these countries should maintain consistency in implementing their own standards. Point number three. On the new Para 34H…


Chair: Thank you, China, for your statement. And could you please share your statement in English with the chair’s office? Thank you. Finland, to be followed by Ghana.


Finland: Thank you, Chair. I have the honor to deliver this statement on international law on behalf of the Nordic countries – Denmark, Iceland, Norway, Sweden, and my own country, Finland. The Nordic countries fully align themselves with the EU statement. This final year of the OEWG, we also mark the 80th anniversary of the signing of the UN Charter. What better time to reaffirm our steadfast commitment to the rules-based international order, with the UN at its core, and to upholding international law. As affirmed by the previous OEWG and endorsed by the General Assembly, international law, including the UN Charter, applies in cyberspace. We consistently emphasize that the applicability of international law does not depend on the technological means employed, but applies across domains. More than a half of the UN member states have now elaborated positions and understandings on how international law applies in cyberspace. These have paved the way towards a truly common understanding. This broad support should be reflected in the OEWG final report. In the course of the OEWG, many of the charter-based obligations have been discussed and references in the annual progress reports. We would wish to reiterate that the prohibition of the threat or use of force apply to any use of force, regardless of the weapons or means employed. Depending on the scale and effects of the cyber operation in question, it may violate this prohibition. And depending on its gravity, a cyber operation may also constitute an armed attack under international law. Regarding peaceful settlement of disputes, the commitment made by states in the GGE report from 2021 continues to be valid. We also wish to emphasize that the rule of state sovereignty is applicable in cyberspace and that a breach of the rule may amount to an international wrongful act and give rise to state responsibility. We are pleased with the further discussions regarding IHL and ICTs both in the OEWG and in other fora, and the final report should clearly refer to IHL’s applicability in cyberspace. The report should also explicitly acknowledge that in situations of armed conflict, IHL rules and principles serve to protect civilian populations and other protected persons and objects, including against the risks arising from ICT activities. The landmark ICT resolution adopted at the 34th International Conference of the Red Cross and Red Crescent merits to be taken into consideration by the OEWG. not merely as a reference, but also regarding its substance and the progress made. The Nordic countries affirmed the need for states to respect, protect, and fulfill human rights and fundamental freedoms, both online and offline, in accordance with their respective obligations. This should also be reflected in the final report. How international law applies in cyberspace will continue to be discussed in the future permanent mechanism. The starting point is the established acquis of the successive GGEs and OEWGs that international law applies in cyberspace. Building on the three annual progress reports, the final report should clearly reflect and acknowledge the significantly deepened discussions during the OEWG on how international law applies in cyberspace. We need to look ahead while holding on to the common understanding already developed. We consider that international law is relevant to all thematic discussions, and the suggested dedicated thematic groups should reflect this. International law is also included in the plenary session. In the future mechanism, the focus should be on addressing practical, concrete challenges. Finally, we wish to thank the Chair for all the work and effort in seeking to take into account divergent views and to continue to steer us in the process of making the future permanent mechanism a reality. The longer version of this statement will be shared in writing. I thank you.


Chair: Thank you Finland for your statement. Ghana to be followed by Russian Federation.


Ghana: My delegation would like to now share our views on sections C and D. Mr. Chair, my delegation welcomes paragraph 34C regarding further discussions to build common understanding on norm C, which highlights that states should not knowingly allow their territory to be used for internationally wrongful acts using ICTs. In support of the comments delivered by Fiji on behalf of the Pacific Island Forum, my delegation is not opposed to conversations around new norms either. However, we see merit in the need to ensure that member states focus on implementing existing norms nationally and regionally. In line with this, my delegation is in support of Paragraph 34B, which advocates for a whole of government coordination on the implementation of the voluntary non-binding norms and the need to raise awareness of these norms at the national level. Ghana during previous sections highlighted the importance of standardized templates and as such welcomes a reference to a common template in Paragraph 34E for requesting assistance and responding to such requests, which is essential to facilitating effective and timely cooperation. Finally, Ghana supports the adoption of the Voluntary Checklist of Practical Actions for the Implementation of Voluntary Non-Binding Norms of Responsible States Behavior in the Use of ICTs, as contained in the next of the Rev. 1 draft of the final report. Now on international law. On Sections D, Mr. Chair, Ghana welcomes Paragraph 42E of the Rev. 1 draft of the final report and sees merit in the retention of this paragraph, particularly the reference to principles that should underpin capacity building efforts to develop a common understanding on how international law applies in the use of ICTs, as well as the proposals for such capacity building initiatives, including workshops, conferences and best practices exchanges at the international, inter-regional and sub-regional levels. To further build on this, Ghana supports the inclusion of scenario-based discussions in this paragraph after conferences, as highlighted by Netherlands. In prioritizing capacity building, Ghana recently joined the ICT work stream of the ICRC’s Global Initiative to Galvanize Political Commitment to International Humanitarian Law to join other like-minded States and build a shared understanding on the topic. Ghana will be co-chairing this work stream with colleagues from Luxembourg, Mexico, and Switzerland. Additionally, the development of online and in-person training courses, as well as the online resource libraries, will serve as a useful tool for developing countries. To conclude, Ghana supports earlier references that have been made to include previous GGE reports in the existing reports to clearly outline the progress that has been made over the years, as highlighted by Netherlands and re-echoed by the UK. I thank you, Mr. Chair.


Chair: Thank you, Ghana, for your contribution. Russian Federation, to be followed by Italy.


Russian Federation: Mr. Chairman, distinguished colleagues. According to the mandate for the OEWG, in resolution 75-240, states as a priority need to continue to formulate rules, norms, and principles for responsible conduct of states in the information space. We cannot but note in the current version of the final report of the group, this key premise has been violated. As a whole, the document, and specifically in the rules of conduct, has unjustified distortion in favor merely of implementation of the existing list of voluntary norms. I refer to paragraphs 30B, 30C, 32, and 36. There is a blatant biased reflection of the course of discussions about this aspect of the mandate. Specifically, there is an absence of something that has been repeatedly voiced by a number of delegations, including the Russian delegation. I refer to the premise about the importance of attributing voluntary, non-binding rules of conduct and making this a legally binding status. I refer to paragraph 34. 34, we stress that there’s a need to incorporate this language in the section on norms. Furthermore, we propose that paragraph 34N, which stresses a difference in the status and rules of conduct and norms of international law, to be brought to the beginning of that paragraph and to be moved there. We cannot agree with the proposal to approve the control list of practical actions to implement rules of conduct, paragraphs 34L and 37. This initiative was not thoroughly considered during the final negotiations round of OEWG, including – and this – we – Russia has a number of – and a number of delegations have principled objections to this, and we propose a continuation of this under the future permanent standing mechanism. We propose that it remain provisional in nature, given that the draft list has already been incorporated in Annex A to the third annual report of the OEWG and has not yet been changed. We stress that it be deleted from the list of proposals for the final report and for the relevant adjustment in paragraph 34L and 37 to be made. In order to ensure progress in terms of rules, norms, and principles for the future standing mechanism, we recommend the deletion from the commendation of paragraph 36B, provisions on the final fine-tuning of existing norms, and to use the two-term observation instead of implementation vis-a-vis the voluntary rules of conduct for states. I also wish to react in this context to the statement that was delivered by the EU representative. In my language, observe is to adhere to, to abide by, or to comply with, and this presupposes a high level of obligation. So far as my language – my knowledge of English allows me to understand English, these are also clear synonyms to the verb observe. Now turning to implementation, this is a matter of domestic policy of states. This is a part of their sovereignty. We cannot dictate to states how they are to implement the norms at the national level. This is only possible in the event of the adoption of a legally binding agreement and the relevant ratification thereof by the relevant states. I now turn to paragraph 34E. We believe there’s an important need to focus on the development through the OEWG to focus on universal templates for data exchange through the UN’s Establishment Global Intergovernmental Register for Contact Points, and not the templates for the delivery of assistance on matters related to malicious impact on critical infrastructure. I am confident that states will be able to deal with this matter bilaterally. We note the unjustified emphasis on something which is not widely supported. I refer to the idea of internal domestic measures for the implementation of voluntary norms, paragraph 34B, and the establishment of some kind of a culture of constant improvement vis-a-vis critical information infrastructure, paragraph 34F. We think it is wise to delete this language in the above-mentioned paragraphs. On the whole, the section on norms could be shortened specifically through paragraph 34F and 34J, as well as for certain provisions of 34M to be brought to the – or moved to the capacity-building section. I’ll turn to the section on the applicability of international law. In principle, in our view, it is important to incorporate recommendation – paragraph 43 on the possibility of developing – developing a legally binding agreement, an information space, in accordance with the OEWG report, which was approved last year for the standing mechanism. We also firmly believe that the fact that the question is being set out in and of itself by certain delegations about the necessity for legally binding norms is simply not relevant. The international community has already taken a concrete step in that direction, having reached agreement last year on the UN Convention Against Cybercrime. This became the first international treaty in the area of safety and security in the use of ICT. For this reason, in paragraph 41 on the relevant national initiatives, we propose that there be a reference with an up-to-date note of state sponsors of the concept of the OEWG on providing for international information security. We also insist on the deletion of mention to the non-consensual resolution of the 34th International Red Crescent and Red Cross Conference on the Protection of Civilians in the Context of the Use of ICT in the light of the centrality of the role of the UN and the OEWG on the question of the applicability of international law vis-a-vis the use of ICT. What is also not feasible, in our view, is to single out certain aspects such as protection of critical infrastructure and data as priorities for the discussion on the matter of the applicability of international law and information space under the future mechanism of paragraph 42B. We believe it is wise to include in the list the relevant proposals on the development of a legally binding – of legally binding agreements and taking into account the specific features of ICT paragraph 42B in order to ensure balanced reflection of the position of states parties of the OEWG. Turning to the section on international law, the idea of briefings of experts, including the International Law Commission, paragraph 42A, is premature for states. What is optimal, in our view, is to have paragraphs shortened on the capacity-building of states on the matter of international law, paragraph 42E and 45 in the section on capacity-building. Mr. Chairman, I also wish to note in response to the statements made by a number of delegations who have been proposing that we revert back – in paragraph 40C to include a highly contentious notion which places cyber operations on equal footing with the use of force in accordance with the Charter of the United Nations. This is an approach which is neither consensus-based nor is it supported by the majority of states. And our objective during this final session is to enshrine in the final report specifically those elements which constitute the fruit of consensus. Thank you.


Chair: Thank you, Russian Federation, for your statement. Italy, please.


Italy: Thank you, Mr. Chair. First of all, I’d like to express our sincere appreciation for your leadership and for preparing the final report. Let me also extend my gratitude to the Secretariat for its invaluable support. Mr. Chair, as you pointed out earlier today, we have almost reached the final goal of the OIWG. We now need to make sure that everyone’s concerns are taken into due consideration for a more balanced consensus-based report that is firmly anchored to the framework of responsible state behavior. behavior. Italy fully aligns itself with the statements delivered by the European Union. I would like just to share a few additional reflections on Sections B, C, and D in our national capacity. On Section B, we welcome the thorough analysis of the threat landscape, acknowledging this is the basis for the implementation of the UN framework. In this context, we note that ICTs are increasingly being employed in ways that combine different non-conventional instruments of influence, including activities below the threshold of armed conflict. We are thus confident that the final report for Concerns Paragraph 15 will reflect this understanding about the potential hybrid use of ICTs with which the international community is daily confronted. We also welcome the inclusion of a dedicated paragraph on AI. Italy highlights the importance to continue to better understand the risks associated with emerging technologies, including AI, quantum computing, IoT, and cloud computing, and to dedicate appropriate space in the report to each of them as they do have a direct impact on international security, and we are called to address the risks they pose. As for Section C, we strongly believe that states should not knowingly allow their territory to be used for internationally wrongful acts using ICTs, as is rightfully mentioned in Paragraph 34C. However, building on that, we underline that all the actors present within a state’s territory so state and non-state ones should fall under the application of this rule. As for Section D, we would like to see the progress made on international humanitarian law reflected into the final report. In particular, we once again underline the importance of upholding the core principles reaffirmed in the resolution adopted at the 34th International Conference of the Red Cross and Red Crescent, as also recalled a while ago by the Netherlands, the UK, the EU, Finland, and others. In addition, we stress that human rights have to be protected in the digital space inasmuch as they are offline. This is much more evident and undeniable now than it was at the beginning of the OEWG. Furthermore, we share many delegations’ conviction that we should continue to debate on how international law applies to cyberspace and continue to implement existing rules, norms, and principles supported by cross-cutting discussions and by capacity building before introducing new norms or legally binding instruments for which consensus has not been reached. Finally, we regret the omission of previously agreed language on the threshold for an ICT operation to constitute a use of force, and we support its reinsertion in paragraph 40C. Mr. Chair, to conclude, let us not lose sight of the considerable progress already achieved in this OEWG. We encourage a final report that duly reflects this progress and reinforces our collective, shared commitment to implement the UN Framework on Responsible State Behaviour in Cyberspace. Thank you, Mr. Chair.


Chair: Thank you very much. Now, friends, I think we have about another maybe 15 delegations, so certainly we’ll need to tick up the list of speakers and continue our work tomorrow morning. But second, I just want to share that tomorrow morning we will shift to, in addition to A, B, C and D, also to sections E and F tomorrow morning. And I’ll give an opportunity to delegations who are waiting on the list to speak to also make comments on these two additional sections. So we’ll keep for the moment regular institutional dialogue apart and I intend to take that up tomorrow afternoon or hopefully earlier in the morning if we can exhaust the speaker’s list. Thirdly, now there has been some interventions which are fairly long and some of you have been speaking for groups. I respect that. I acknowledge that these are very important inputs and I’m hoping also that the statements that we have heard today will help to frame the discussions and that those who are speaking tomorrow do not find the need to repeat statements that were already made today, especially if they were part of these groups to which they had been, to which they are aligned. So I seek your indulgence in that. The last comment I wanted to make was that today, or rather this afternoon, we went deeper into the discussions because we were trying to cover four additional or two additional sections, so covering a chunk of REV1. And so we’ve continued our work. The tone has been constructive. The contributions have been detailed and specific. But there’s also a degree of expressing strong preferences for your own positions while expressing objections and requests for deletions of proposals that are not your positions. And this has been the dynamic to some extent this afternoon. And that is not surprising because this is a negotiation, you obviously are not ready to part with your national positions and your preferred positions. But that too is understandable. But what you need to keep in mind, as we reflect on the day’s work, is that if we put together everyone’s preferences, then that is not going to bring us to convergence. I think we will need some expressions of flexibility, and that will mean that everyone, accepting the fact that other delegations who have a different point of view also need to have their points of view reflected. And that is where the balance needs to be struck. So I appeal to each one of you to keep that in mind, because it’s in some ways easy to take a position that I want the document to be reflected the way it is aligned with my own national position. But anything that is not aligned with my national position, I would like to have it deleted. I mean, that kind of reasoning is not going to get us very far. So please keep this in mind when you come back for your statements tomorrow. Tomorrow we’ll start with France, to be followed by the United States. And to be fair to them, I don’t want to give them the floor at this point, partly because we are running out of time, partly because the interpreters have worked hard. They’ve also passed me the message that… Delegations have to speak a bit slower. Obviously, projecting the clock on the screen is stressing quite a number of you and accelerating your statements. But if you slow down, we don’t have all the time either. So I really think you need to, this evening, those who are planning to speak tomorrow, to focus on the essential points, so that you are communicating your position in terms of what you can live with, what you can accept, what the compromises could be, and of course any bridging proposals, if you have any to put forward. The final thing is that since you worked very hard today, I’d like to invite all of you for a drink at the Singapore Mission. This is the traditional start of the meeting reception that I would like to host for all of you this evening at 6.15 p.m. at the Singapore Mission. So please come and have a drink, meet and mingle, get to know people, and if you can also negotiate bridging proposals at the reception over a drink in a neutral territory like the Mission of Singapore, that is also very much welcome. So friends, thank you very much for a productive day. My thanks to the interpreters for keeping up with the rapid speeches. The meeting is adjourned. We resume tomorrow morning at 10 a.m. Thank you for your attention. you


R

Republic of Korea

Speech speed

130 words per minute

Speech length

648 words

Speech time

298 seconds

Support for dedicated paragraph on ransomware attacks targeting critical infrastructure

Explanation

Republic of Korea welcomed the revision made to paragraph 24 which reflects more clearly the risks and seriousness of cryptocurrency heist and ransomware. They strongly urged that this language be maintained in the final report and thanked Japan for making these points clear.


Evidence

Referenced paragraph 24 of the report and thanked Japan for supporting these points


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity


Agreed with

– Malaysia
– Kingdom of Netherlands
– Germany
– United Kingdom
– Costa Rica
– Ireland
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


Focus should be on implementing existing 11 norms rather than developing new ones

Explanation

Republic of Korea expressed concerns regarding paragraphs 34 and 36 which leave open the possibility of proposing new norms. They argued that what’s needed is not more norms, but rather focus on implementing and operationalizing the existing 11 norms from the 2015 GGE report.


Evidence

Referenced the 11 existing norms as outlined in the 2015 GG report and endorsed by the General Assembly, and mentioned the Voluntary Checklist of Practical Action in Annex 1


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity


Agreed with

– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Germany
– Australia
– European Union
– Fiji

Agreed on

Focus on implementing existing 11 norms rather than developing new ones


Disagreed with

– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Ireland
– Islamic Republic of Iran
– China
– Russian Federation

Disagreed on

Development of new norms versus implementation of existing 11 norms


Need for clearer language on international humanitarian law application

Explanation

Republic of Korea emphasized the need for clearer and more detailed language in the final report on the application of international humanitarian law. They noted that IHL has been a recurring topic and is reflected in position papers of many member states.


Evidence

Referenced that IHL has been discussed within the OEWG and is reflected in position papers of a significant number of member states


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory


Agreed with

– Kingdom of Netherlands
– Israel
– Germany
– United Kingdom
– Ireland
– Czechia

Agreed on

Opposition to ‘exclusively peaceful purposes’ language in paragraph 15


Disagreed with

– European Union
– Finland
– Kingdom of Netherlands
– Cuba
– Islamic Republic of Iran

Disagreed on

References to international humanitarian law (IHL) in cyberspace


M

Malaysia

Speech speed

110 words per minute

Speech length

422 words

Speech time

229 seconds

Emphasis on protecting critical infrastructure and critical information infrastructure

Explanation

Malaysia supports paragraph 17 on critical infrastructure and critical information infrastructure. They also proposed realignment of language in paragraph 20 to better address technical and policy-oriented audiences regarding vulnerabilities in industrial control systems and other technologies.


Evidence

Supported by Mauritius and Malawi, and proposed specific technical language for industrial control systems, operational technology, 5G networks, IoT, cloud computing services, VPNs, firewalls and routers


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Infrastructure


Agreed with

– Republic of Korea
– Kingdom of Netherlands
– Germany
– United Kingdom
– Costa Rica
– Ireland
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


I

Ireland

Speech speed

139 words per minute

Speech length

788 words

Speech time

339 seconds

Concerns about malicious ICT activities targeting healthcare and maritime sectors

Explanation

Ireland strongly condemned cyber activities that target healthcare facilities, noting this as a breach of UN norms. They supported highlighting vulnerable sectors, particularly healthcare and maritime, in paragraph 17.


Evidence

Referenced paragraph 17 and noted that targeting healthcare facilities breaches UN norms


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Human rights


Agreed with

– Republic of Korea
– Malaysia
– Kingdom of Netherlands
– Germany
– United Kingdom
– Costa Rica
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


C

Costa Rica

Speech speed

125 words per minute

Speech length

270 words

Speech time

129 seconds

Need for inclusive and transparent future mechanism

Explanation

Costa Rica emphasized the key role of international cooperation in building an open, secure, stable, accessible, peaceful and interoperable ICT environment. They highlighted that capacity building enables effective implementation of standards and is a priority for countries facing structural challenges.


Evidence

Referenced Costa Rica’s concrete experience with ransomware attacks affecting essential public services


Major discussion point

Future Permanent Mechanism Structure and Mandate


Topics

Capacity development | Digital access


Agreed with

– Cameroon
– Cote d Ivoire
– Viet Nam
– Ghana
– Ukraine
– Czechia

Agreed on

Support for capacity building programs for developing countries


K

Kingdom of Netherlands

Speech speed

158 words per minute

Speech length

1076 words

Speech time

408 seconds

Opposition to “exclusively peaceful purposes” language in paragraph 15

Explanation

Kingdom of Netherlands joined other UN member states in calling for deletion of “exclusively peaceful purposes” language and supported alternative language raised by Australia. They argued this language was problematic and not based on consensus agreements.


Evidence

Supported by Colombia, Republic of Korea and others, and referenced Australia’s alternative proposal


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Republic of Korea
– Malaysia
– Germany
– United Kingdom
– Costa Rica
– Ireland
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


Opposition to paragraphs 34R and 36 on developing new norms

Explanation

Kingdom of Netherlands strongly urged deletion of paragraph 34R and paragraph 36 in their entirety, arguing that some proposals have hardly been discussed, were proposed by very limited number of states, or are already captured by existing norms.


Evidence

Referenced that existing consensus language on future norm development already exists in Annex C of the third APR


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Legal and regulatory


Agreed with

– Republic of Korea
– United Kingdom
– Ukraine
– Germany
– Australia
– European Union
– Fiji

Agreed on

Focus on implementing existing 11 norms rather than developing new ones


Disagreed with

– Republic of Korea
– United Kingdom
– Ukraine
– Ireland
– Islamic Republic of Iran
– China
– Russian Federation

Disagreed on

Development of new norms versus implementation of existing 11 norms


Support for reinstating use of force language in paragraph 40C

Explanation

Kingdom of Netherlands regretted the deletion of the final sentence of paragraph 40C on when an ICT operation may constitute use of force. They argued this understanding is widely reflected in national and regional positions and shows concrete progress.


Evidence

Referenced that this understanding is widely reflected in national and regional positions


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Cybersecurity


Agreed with

– United Kingdom
– Brazil
– Australia
– Italy

Agreed on

Need to reinstate use of force language in paragraph 40C


C

China

Speech speed

97 words per minute

Speech length

770 words

Speech time

475 seconds

Support for maintaining “exclusively peaceful purposes” language

Explanation

China argued that the use of ICTs for exclusively peaceful purposes has long been a consensus and should be kept to send a signal to the international community about firm commitment to promoting peaceful use of ICTs. They viewed this as showing foresightedness given current conflicts.


Evidence

Referenced that ICTs are being widely used in conflicts in the current landscape, making the peaceful purposes language more significant


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Legal and regulatory | Cybersecurity


Need for balance between implementing existing norms and developing new ones

Explanation

China emphasized that there should be balance between norms and international law, and between creating existing rules and creating new rules. They argued this balance was achieved in previous sessions and should be maintained.


Evidence

Referenced previous OEWG sessions where many countries including China made suggestions on supplier security, data security, cross-border data sharing, attribution cooperation mechanism, and vulnerability disclosure


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Legal and regulatory


Disagreed with

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Ireland
– Islamic Republic of Iran
– Russian Federation

Disagreed on

Development of new norms versus implementation of existing 11 norms


A

Albania

Speech speed

124 words per minute

Speech length

585 words

Speech time

280 seconds

Concerns about state-sponsored cyber attacks on democratic institutions

Explanation

Albania expressed deep concern over continued patterns of malicious cyber activities attributed to state-sponsored actors targeting democratic institutions and civilian infrastructure. They cited specific attacks on Albania in July 2022 and June 2025 attributed to Iranian state-linked actors.


Evidence

Provided specific examples: July 2022 destructive cyber attack on government digital services assessed to originate from Iranian state-linked actors, and June 20, 2025 attack on Tirana municipality IT systems


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Human rights


Disagreed with

– Islamic Republic of Iran
– Cameroon
– Cuba

Disagreed on

Attribution practices and accountability mechanisms


A

Australia

Speech speed

141 words per minute

Speech length

675 words

Speech time

286 seconds

Need to address commercially available ICT intrusion capabilities

Explanation

Australia supported the proposal by France for paragraph 25 and welcomed the more concrete reference to the use of commercially available ICT intrusion capabilities. They argued that use of such capabilities by states is subject to the consensus UN framework including voluntary norms and international law.


Evidence

Referenced paragraph 25 and France’s proposal for improvement


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Legal and regulatory


Request for inclusion of state responsibility and human rights law references

Explanation

Australia called for insertion of additional language on international human rights law, law of state responsibility and international humanitarian law in line with their cross-regional paper. They argued this reflects progress made and common understandings reached on international law in the OEWG.


Evidence

Referenced cross-regional paper co-sponsored by Australia and 16 other states, and noted the language draws from agreed language adopted by all states including the 2021 GGE report


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Human rights


Agreed with

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Germany
– European Union
– Fiji

Agreed on

Focus on implementing existing 11 norms rather than developing new ones


U

United Kingdom

Speech speed

141 words per minute

Speech length

1418 words

Speech time

599 seconds

Support for voluntary checklist of practical actions for norm implementation

Explanation

United Kingdom welcomed the adoption of the voluntary checklist as a valuable output of the final OEWG report, despite regretting that their specific proposals for the checklist were not incorporated. They argued it provides valuable guidance for states working to implement norms.


Evidence

Referenced paragraph 34l and the checklist as contained in Annex 1


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Capacity development


Agreed with

– Republic of Korea
– Malaysia
– Kingdom of Netherlands
– Germany
– Costa Rica
– Ireland
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


Opposition to references to new legally binding obligations

Explanation

United Kingdom strongly objected to references to new legally binding obligations and controversial proposals for conventions supported by only five states. They argued this conflates existing law with proposals for new law in a problematic way and is not an accurate reflection of discussions.


Evidence

Referenced paragraph 41 and noted that new legally binding obligations are supported by only five states


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Kingdom of Netherlands
– Brazil
– Australia
– Italy

Agreed on

Need to reinstate use of force language in paragraph 40C


Disagreed with

– Australia
– European Union
– Islamic Republic of Iran
– Russian Federation

Disagreed on

References to additional legally binding obligations


G

Germany

Speech speed

171 words per minute

Speech length

614 words

Speech time

215 seconds

Concerns about document giving undue weight to non-consensus proposals

Explanation

Germany argued for clear distinction between the consensus normative framework built collectively over years and additional proposals that have not received universal support. They suggested mainstreaming and organizing sections C and D following this logic.


Evidence

Referenced specific paragraphs like 34N, 34Q, 34R, and 36, and mentioned the chair summary annexed to 2021 OEWG report as non-consensus


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Republic of Korea
– Malaysia
– Kingdom of Netherlands
– United Kingdom
– Costa Rica
– Ireland
– Fiji

Agreed on

Support for dedicated paragraph on ransomware attacks


U

Ukraine

Speech speed

147 words per minute

Speech length

537 words

Speech time

217 seconds

Premature to discuss new norms without proper consensus

Explanation

Ukraine considered it premature to discuss new proposals for norms on top of the existing 11 voluntary non-binding norms. They suggested continuing with implementation of existing norms and excluding pressure on the Secretariat regarding circulation of new proposals.


Evidence

Referenced paragraph 34R and paragraph 36, and noted the existing 11 voluntary non-binding norms of responsible state behavior


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Legal and regulatory


Agreed with

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Germany
– Australia
– European Union
– Fiji

Agreed on

Focus on implementing existing 11 norms rather than developing new ones


Importance of women’s participation in cybersecurity discussions

Explanation

Ukraine welcomed the mention of increasing meaningful participation of women in OEWG work and related decision-making processes, believing it makes the process better balanced.


Evidence

Referenced paragraph 12


Major discussion point

Capacity Building and International Cooperation


Topics

Gender rights online | Human rights


Agreed with

– Cameroon
– Cote d Ivoire
– Viet Nam
– Ghana
– Costa Rica
– Czechia

Agreed on

Support for capacity building programs for developing countries


G

Ghana

Speech speed

143 words per minute

Speech length

442 words

Speech time

185 seconds

Support for whole-of-government coordination in norm implementation

Explanation

Ghana supported paragraph 34B which advocates for whole-of-government coordination on implementation of voluntary non-binding norms and the need to raise awareness of these norms at the national level.


Evidence

Referenced paragraph 34B


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Capacity development


Need for technical assistance and training programs

Explanation

Ghana supported paragraph 42E regarding capacity building efforts and proposals for workshops, conferences and best practices exchanges. They also supported inclusion of scenario-based discussions and development of online training courses and resource libraries.


Evidence

Referenced paragraph 42E and mentioned Ghana’s participation in ICRC’s Global Initiative work stream co-chaired with Luxembourg, Mexico, and Switzerland


Major discussion point

Capacity Building and International Cooperation


Topics

Capacity development | Legal and regulatory


Agreed with

– Cameroon
– Cote d Ivoire
– Viet Nam
– Ukraine
– Costa Rica
– Czechia

Agreed on

Support for capacity building programs for developing countries


I

Islamic Republic of Iran

Speech speed

135 words per minute

Speech length

911 words

Speech time

402 seconds

Support for retaining paragraphs on new norm development

Explanation

Islamic Republic of Iran appreciated the inclusion of paragraphs 34P, Q, and R, and 36 regarding development of new norms, strongly supporting their retention. They argued that removing these paragraphs would seriously undermine the overall balance of the norms section.


Evidence

Referenced paragraphs 34P, Q, R and 36


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Legal and regulatory


Disagreed with

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Ireland
– China
– Russian Federation

Disagreed on

Development of new norms versus implementation of existing 11 norms


Concerns about unsubstantiated attribution claims

Explanation

Islamic Republic of Iran categorically rejected Albania’s accusations of cyber attacks, arguing that attribution in cyberspace is challenging and that unsubstantiated political accusations violate principles of responsible state behavior. They warned of negative consequences of falsified attribution.


Evidence

Referenced UNGA Resolution 73-27 principle that accusations against states should be substantiated, and noted Iran’s readiness for technical cooperation with Albania


Major discussion point

Attribution and Accountability in Cyberspace


Topics

Cybersecurity | Legal and regulatory


Disagreed with

– Albania
– Cameroon
– Cuba

Disagreed on

Attribution practices and accountability mechanisms


Concerns about balanced reflection of different approaches to international law

Explanation

Islamic Republic of Iran argued that the international law section lacks balance as it reflects only one approach – the sufficiency of existing international law. They called for more balanced treatment including discussions on potential development of additional legally binding obligations.


Evidence

Referenced paragraphs 38, 41B, and 42, and proposed adding reference to UN Convention on ensuring international information security


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Cybersecurity


Disagreed with

– United Kingdom
– Australia
– European Union
– Russian Federation

Disagreed on

References to additional legally binding obligations


E

European Union

Speech speed

161 words per minute

Speech length

2083 words

Speech time

771 seconds

Need to reflect progress made on IHL through ICRC resolution

Explanation

European Union suggested including clear reference to applicability of IHL in cyberspace and progress made, building on cross-regional working papers and referencing principles of humanity, necessity, proportionality and distinction. They welcomed inclusion of language from the 34th International Conference of the Red Cross and Red Crescent.


Evidence

Referenced various cross-regional working papers, EU declaration of 2024, African Union common position, and noted over 100 member states have published positions on international law application


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Human rights


Agreed with

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Germany
– Australia
– Fiji

Agreed on

Focus on implementing existing 11 norms rather than developing new ones


Disagreed with

– Finland
– Republic of Korea
– Kingdom of Netherlands
– Cuba
– Islamic Republic of Iran

Disagreed on

References to international humanitarian law (IHL) in cyberspace


Support for operationalizing POC directory with proper safeguards

Explanation

European Union supported the Secretariat’s efforts to operationalize and maintain the POC directory but emphasized that existing challenges must be addressed before expansion. They noted concerns about instances of misuse and called for increased participation and enhanced capacity.


Evidence

Referenced public concerns raised by France and Germany during February 2025 session about misuse of the directory


Major discussion point

Confidence Building Measures and Point of Contact Directory


Topics

Cybersecurity | Capacity development


F

Fiji

Speech speed

142 words per minute

Speech length

868 words

Speech time

366 seconds

Opposition to prejudging future mechanism discussions on binding instruments

Explanation

Speaking for Pacific Islands Forum, Fiji expressed concerns about lack of balance in references to developing additional legally binding obligations, noting many states have expressed need to build legal capacities first before considering whether there are gaps in existing international law.


Evidence

Referenced the need for legal capacity building including scenario-based training and regional workshops


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Capacity development


Agreed with

– Republic of Korea
– Malaysia
– Kingdom of Netherlands
– Germany
– United Kingdom
– Costa Rica
– Ireland

Agreed on

Support for dedicated paragraph on ransomware attacks


Caution against expanding directory before addressing existing challenges

Explanation

As part of Pacific Islands Forum statement, Fiji emphasized that the POC directory needs to function well first and existing challenges must be addressed before considering expansion. Priority should be increasing participation and enhancing states’ capacity to use the directory properly.


Major discussion point

Confidence Building Measures and Point of Contact Directory


Topics

Cybersecurity | Capacity development


C

Cameroon

Speech speed

117 words per minute

Speech length

281 words

Speech time

143 seconds

Support for accountability mechanisms for egregious cyber attacks

Explanation

Cameroon proposed establishing a working group to study gaps in accountability, including feasibility of binding measures for egregious acts such as attacks on healthcare infrastructure, with findings reported to the 2030 Review Conference.


Evidence

Referenced paragraph 34P and proposed specific language for paragraph 24 on capacity building programs for least developed countries


Major discussion point

Attribution and Accountability in Cyberspace


Topics

Cybersecurity | Legal and regulatory


Disagreed with

– Albania
– Islamic Republic of Iran
– Cuba

Disagreed on

Attribution practices and accountability mechanisms


Emphasis on capacity building for least developed countries

Explanation

Cameroon proposed that the future permanent mechanism should prioritize capacity building programs for least developed countries to enhance resilience against ransomware attacks, including through dedicated technical assistance and regional cooperation frameworks.


Evidence

Referenced global ICT cooperation portal in paragraph 55, African Union’s AFRIPOL mechanism, and specialized training for national CSERTs building on paragraph 52D


Major discussion point

Capacity Building and International Cooperation


Topics

Capacity development | Cybersecurity


Agreed with

– Cote d Ivoire
– Viet Nam
– Ghana
– Ukraine
– Costa Rica
– Czechia

Agreed on

Support for capacity building programs for developing countries


C

Cote d Ivoire

Speech speed

138 words per minute

Speech length

417 words

Speech time

181 seconds

Need for targeted capacity building for developing countries

Explanation

Cote d’Ivoire supported continuing and deepening implementation of the CBM framework and emphasized the need for the future mechanism to explore means of encouraging more significant participation in the POC directory through targeted capacity-building modalities.


Evidence

Referenced biannual ping tests, mock simulations, and the communications model proposed by the Secretariat in Annex 2


Major discussion point

Capacity Building and International Cooperation


Topics

Capacity development | Cybersecurity


Agreed with

– Cameroon
– Viet Nam
– Ghana
– Ukraine
– Costa Rica
– Czechia

Agreed on

Support for capacity building programs for developing countries


Support for biannual ping tests and mock simulations

Explanation

Cote d’Ivoire believed that biannual ping tests and exercises and mock simulations are key for smooth operations of the POC directory and should be fine-tuned. They also supported the communications model proposed by the Secretariat.


Evidence

Referenced Annex 2 of the draft report containing the Secretariat’s communications model


Major discussion point

Confidence Building Measures and Point of Contact Directory


Topics

Cybersecurity | Capacity development


V

Viet Nam

Speech speed

140 words per minute

Speech length

535 words

Speech time

228 seconds

Support for global ICT cooperation portal development

Explanation

Vietnam stressed the pressing need to put capacity-building initiatives into operation, even as pilot programs, to address growing needs of developing countries. They emphasized not delaying action until a fully completed framework is in place.


Evidence

Proposed amendments to paragraphs 8 and 9 to be provided in writing


Major discussion point

Capacity Building and International Cooperation


Topics

Capacity development | Digital access


Agreed with

– Cameroon
– Cote d Ivoire
– Ghana
– Ukraine
– Costa Rica
– Czechia

Agreed on

Support for capacity building programs for developing countries


Need to reflect wide range of views while maintaining consensus foundation

Explanation

Vietnam argued that the final report should reflect all achievements and avoid overly detailed and divisive elements that risk undermining consensus. It should clearly outline areas of convergence while comprehensively reflecting the wide range of views expressed.


Evidence

Referenced their membership in the cross-regional group on application of international law in use of ICTs


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


C

Czechia

Speech speed

158 words per minute

Speech length

1041 words

Speech time

393 seconds

Support for action-oriented discussions in future mechanism

Explanation

Czechia emphasized the need for a practical, action-oriented, and inclusive future mechanism with high focus on capacity building and putting the existing normative framework into practice through international cooperation.


Evidence

Referenced the importance of involving private sector expertise while maintaining intergovernmental character


Major discussion point

Future Permanent Mechanism Structure and Mandate


Topics

Cybersecurity | Capacity development


Agreed with

– Cameroon
– Cote d Ivoire
– Viet Nam
– Ghana
– Ukraine
– Costa Rica

Agreed on

Support for capacity building programs for developing countries


P

Pakistan

Speech speed

118 words per minute

Speech length

357 words

Speech time

180 seconds

Emphasis on preserving consensus achievements in transition

Explanation

Pakistan argued that progress achieved in the OEWG should be preserved and must not be allowed to relapse. They emphasized that the only acceptable way forward is to continue future discussions on ICT security under UN auspices.


Evidence

Referenced the worsened geopolitical environment over the past five years impacting the ICT landscape


Major discussion point

Future Permanent Mechanism Structure and Mandate


Topics

Legal and regulatory | Cybersecurity


B

Brazil

Speech speed

133 words per minute

Speech length

574 words

Speech time

257 seconds

Request to strengthen references to GGE reports in overview section

Explanation

Brazil joined other delegations in asking to have reference to the GGE reports in paragraph 13, highlighting that these reports are part of the UN acquis and were endorsed by consensus General Assembly resolutions. They emphasized that future work should build upon what has already been achieved.


Evidence

Referenced paragraph 13 and noted GGE reports were endorsed by consensus General Assembly resolutions


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Kingdom of Netherlands
– United Kingdom
– Australia
– Italy

Agreed on

Need to reinstate use of force language in paragraph 40C


C

Cuba

Speech speed

98 words per minute

Speech length

247 words

Speech time

150 seconds

Importance of responsible attribution practices

Explanation

Cuba supported maintaining certain paragraphs on norms development but wanted to see deletion of references to international humanitarian law applicability to cyberspace, arguing this could lead to unacceptable interpretations seeking to legitimize cyberspace as another sphere of war.


Evidence

Referenced paragraphs P, Q, and R of section 34 on norms, and concerns about IHL references in paragraph 41


Major discussion point

Attribution and Accountability in Cyberspace


Topics

Legal and regulatory | Cybersecurity


Disagreed with

– Albania
– Islamic Republic of Iran
– Cameroon

Disagreed on

Attribution practices and accountability mechanisms


F

Finland

Speech speed

148 words per minute

Speech length

621 words

Speech time

251 seconds

Support for scenario-based discussions and capacity building on international law

Explanation

Speaking for Nordic countries, Finland emphasized that how international law applies in cyberspace will continue to be discussed in the future permanent mechanism with focus on addressing practical, concrete challenges. They supported scenario-based discussions and noted international law is relevant to all thematic discussions.


Evidence

Referenced the 80th anniversary of UN Charter signing and noted over half of UN member states have elaborated positions on international law application in cyberspace


Major discussion point

Application of International Law in Cyberspace


Topics

Legal and regulatory | Capacity development


Agreed with

– Kingdom of Netherlands
– United Kingdom
– Brazil
– Australia
– Italy

Agreed on

Need to reinstate use of force language in paragraph 40C


I

Italy

Speech speed

130 words per minute

Speech length

560 words

Speech time

257 seconds

Importance of maintaining intergovernmental character while involving private sector

Explanation

Italy noted that ICTs are increasingly being employed in ways that combine different non-conventional instruments of influence, including activities below the threshold of armed conflict. They emphasized the importance of involving private sector expertise while maintaining the intergovernmental character of the process.


Evidence

Referenced the need to address hybrid use of ICTs and the direct impact of emerging technologies on international security


Major discussion point

Future Permanent Mechanism Structure and Mandate


Topics

Cybersecurity | Economic


Importance of preserving UN framework as foundation

Explanation

Italy emphasized that the final report should be firmly anchored to the framework of responsible state behavior and should reflect progress made while reinforcing collective commitment to implement the UN Framework on Responsible State Behaviour in Cyberspace.


Evidence

Referenced the UN Framework of Responsible State Behavior and the considerable progress achieved in the OEWG


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Kingdom of Netherlands
– United Kingdom
– Brazil
– Australia

Agreed on

Need to reinstate use of force language in paragraph 40C


R

Russian Federation

Speech speed

135 words per minute

Speech length

1166 words

Speech time

516 seconds

Call for flexibility and compromise in final negotiations

Explanation

Russian Federation argued that the current version of the final report has unjustified distortion in favor of merely implementing existing voluntary norms, violating the mandate to formulate rules, norms and principles. They called for incorporating language on the importance of making voluntary rules legally binding.


Evidence

Referenced resolution 75-240 mandate and paragraphs 30B, 30C, 32, and 36, and proposed using ‘observation’ instead of ‘implementation’ for voluntary rules


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


Disagreed with

– United Kingdom
– Australia
– European Union
– Islamic Republic of Iran

Disagreed on

References to additional legally binding obligations


C

Chair

Speech speed

124 words per minute

Speech length

1838 words

Speech time

882 seconds

Need for flexibility and compromise rather than rigid adherence to national positions

Explanation

The Chair emphasized that if everyone only expresses their preferences while requesting deletion of others’ positions, convergence will not be achieved. He appealed for expressions of flexibility where delegations accept that others with different viewpoints also need their positions reflected.


Evidence

Observed the dynamic of delegations expressing strong preferences for their positions while objecting to proposals that are not aligned with their national positions


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


Focus on essential points and bridging proposals in final negotiations

Explanation

The Chair urged delegations to focus on essential points in their statements, communicating what they can live with, what compromises could be made, and any bridging proposals they might have. He emphasized the need to avoid repetition and lengthy statements.


Evidence

Noted that delegations have been speaking for fairly long periods and some interventions were repetitive


Major discussion point

Future Permanent Mechanism Structure and Mandate


Topics

Legal and regulatory | Cybersecurity


Importance of preserving consensus achievements while balancing different viewpoints

Explanation

The Chair stressed that the final report should be based on consensus agreements and preserve the normative framework already achieved. He noted the need to balance reflecting consensus achievements with accommodating the wide range of views expressed during discussions.


Evidence

Referenced the need to add GGE reports and remove references to chair summary as it was explicitly not a consensus agreement


Major discussion point

Report Structure and Balance


Topics

Legal and regulatory | Cybersecurity


I

Israel

Speech speed

133 words per minute

Speech length

782 words

Speech time

352 seconds

Support for replacing ‘exclusively peaceful purposes’ with UN Charter compliance language

Explanation

Israel supported comments from EU, US, Australia and others to omit ‘exclusively peaceful purposes’ language from paragraph 15. In the spirit of compromise, they suggested replacing it with ‘for purposes exclusively in line with the principle of the UN Charter’ or supporting Australia’s proposed language.


Evidence

Referenced support from EU, US, Australia and others, and offered specific alternative language


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Legal and regulatory | Cybersecurity


Agreed with

– Kingdom of Netherlands
– Republic of Korea
– Germany
– United Kingdom
– Ireland
– Czechia

Agreed on

Opposition to ‘exclusively peaceful purposes’ language in paragraph 15


Disagreed with

– China
– Pakistan
– Kingdom of Netherlands
– Republic of Korea
– Australia
– Ukraine
– Czechia

Disagreed on

Use of ‘exclusively peaceful purposes’ language in paragraph 15


Need to address terrorist threats equally with criminal activities

Explanation

Israel argued that terrorist groups pose an equal if not greater risk to global peace and security compared to criminal activities. They suggested adding identical language about terrorist threats impacting international peace and security, similar to the language used for criminal activities.


Evidence

Referenced the new language added at the end of paragraph 16 about criminal activities impacting international peace and security


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Violent extremism


Concerns about overemphasis on risks of emerging technologies

Explanation

Israel argued that references to emerging technologies like AI and quantum computing are overly detailed and overemphasize risks rather than opportunities. They suggested these sections should be shortened and recalibrated to reflect the promises these technologies may hold.


Evidence

Noted that the current text gives incorrect impression that these issues have been thoroughly discussed


Major discussion point

Threats to ICT Security and Infrastructure


Topics

Cybersecurity | Economic


Need to explicitly reference non-state actors in norm discussions

Explanation

Israel suggested adding ‘including by non-state actors’ to paragraph 34C after ‘internationally wrongful acts using ICTs’. They argued this reflects the reality that often non-state actors conduct malicious ICT activities from one state’s territory against third parties.


Evidence

Referenced that the Zero Draft included explicit reference to non-state actors and this is consistent with other paragraphs that explicitly reference non-state actors


Major discussion point

Implementation of Existing Norms vs Development of New Norms


Topics

Cybersecurity | Legal and regulatory


Support for flexible information sharing with appropriate safeguards

Explanation

Israel supported information sharing between public and private sectors and between states, but acknowledged challenges states may face due to domestic law or lack of technical capacity. They suggested adding ‘as deemed appropriate’ to paragraph 34J to reflect these challenges.


Evidence

Referenced challenges ranging from domestic law to lack of technical capacity


Major discussion point

Confidence Building Measures and Point of Contact Directory


Topics

Cybersecurity | Legal and regulatory


Agreements

Agreement points

Opposition to ‘exclusively peaceful purposes’ language in paragraph 15

Speakers

– Kingdom of Netherlands
– Republic of Korea
– Israel
– Germany
– United Kingdom
– Ireland
– Czechia

Arguments

Opposition to “exclusively peaceful purposes” language in paragraph 15


Need for clearer language on international humanitarian law application


Support for replacing ‘exclusively peaceful purposes’ with UN Charter compliance language


Concerns about document giving undue weight to non-consensus proposals


Support for voluntary checklist of practical actions for norm implementation


Concerns about malicious ICT activities targeting healthcare and maritime sectors


Summary

Multiple speakers from different regions agreed that the ‘exclusively peaceful purposes’ language in paragraph 15 should be deleted or replaced with language referring to compliance with international law or UN Charter principles, arguing this language was problematic and not based on consensus


Topics

Legal and regulatory | Cybersecurity


Focus on implementing existing 11 norms rather than developing new ones

Speakers

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Germany
– Australia
– European Union
– Fiji

Arguments

Focus should be on implementing existing 11 norms rather than developing new ones


Opposition to paragraphs 34R and 36 on developing new norms


Opposition to references to new legally binding obligations


Premature to discuss new norms without proper consensus


Concerns about document giving undue weight to non-consensus proposals


Request for inclusion of state responsibility and human rights law references


Need to reflect progress made on IHL through ICRC resolution


Opposition to prejudging future mechanism discussions on binding instruments


Summary

A significant number of speakers agreed that the priority should be on implementing the existing 11 voluntary non-binding norms rather than developing new ones, with many calling for deletion of paragraphs 34R and 36 that would mandate development of new norms


Topics

Cybersecurity | Legal and regulatory


Support for dedicated paragraph on ransomware attacks

Speakers

– Republic of Korea
– Malaysia
– Kingdom of Netherlands
– Germany
– United Kingdom
– Costa Rica
– Ireland
– Fiji

Arguments

Support for dedicated paragraph on ransomware attacks targeting critical infrastructure


Emphasis on protecting critical infrastructure and critical information infrastructure


Opposition to “exclusively peaceful purposes” language in paragraph 15


Concerns about document giving undue weight to non-consensus proposals


Support for voluntary checklist of practical actions for norm implementation


Need for inclusive and transparent future mechanism


Concerns about malicious ICT activities targeting healthcare and maritime sectors


Opposition to prejudging future mechanism discussions on binding instruments


Summary

Multiple speakers supported having a dedicated paragraph specifically addressing ransomware attacks, recognizing it as a significant and expanding threat that warrants special attention in the final report


Topics

Cybersecurity | Infrastructure


Need to reinstate use of force language in paragraph 40C

Speakers

– Kingdom of Netherlands
– United Kingdom
– Brazil
– Australia
– Italy

Arguments

Support for reinstating use of force language in paragraph 40C


Opposition to references to new legally binding obligations


Request to strengthen references to GGE reports in overview section


Support for scenario-based discussions and capacity building on international law


Importance of preserving UN framework as foundation


Summary

Several speakers regretted the deletion of language on use of force from paragraph 40C and called for its reinstatement, arguing it represented concrete progress and was widely reflected in national and regional positions


Topics

Legal and regulatory | Cybersecurity


Support for capacity building programs for developing countries

Speakers

– Cameroon
– Cote d Ivoire
– Viet Nam
– Ghana
– Ukraine
– Costa Rica
– Czechia

Arguments

Emphasis on capacity building for least developed countries


Need for targeted capacity building for developing countries


Support for global ICT cooperation portal development


Need for technical assistance and training programs


Importance of women’s participation in cybersecurity discussions


Need for inclusive and transparent future mechanism


Support for action-oriented discussions in future mechanism


Summary

Multiple speakers, particularly from developing countries, emphasized the critical importance of capacity building programs and technical assistance for developing nations to enhance their cybersecurity resilience and meaningful participation in the process


Topics

Capacity development | Cybersecurity


Similar viewpoints

These speakers generally supported maintaining references to peaceful purposes, developing new norms alongside existing ones, and ensuring balanced representation of different approaches to international law including potential legally binding instruments

Speakers

– China
– Pakistan
– Islamic Republic of Iran
– Russian Federation
– Cuba

Arguments

Support for maintaining “exclusively peaceful purposes” language


Emphasis on preserving consensus achievements in transition


Support for retaining paragraphs on new norm development


Call for flexibility and compromise in final negotiations


Importance of responsible attribution practices


Topics

Legal and regulatory | Cybersecurity


These Western/European speakers consistently emphasized the need to focus on implementing existing consensus frameworks, reflect progress made on international humanitarian law, and avoid giving undue weight to proposals that lack broad consensus

Speakers

– European Union
– Kingdom of Netherlands
– United Kingdom
– Germany
– Australia

Arguments

Need to reflect progress made on IHL through ICRC resolution


Opposition to paragraphs 34R and 36 on developing new norms


Opposition to references to new legally binding obligations


Concerns about document giving undue weight to non-consensus proposals


Request for inclusion of state responsibility and human rights law references


Topics

Legal and regulatory | Human rights | Cybersecurity


These speakers emphasized the importance of legal capacity building and scenario-based training before considering new binding instruments, and supported strengthening references to international humanitarian law and human rights

Speakers

– Fiji
– Australia
– Finland
– Ghana

Arguments

Opposition to prejudging future mechanism discussions on binding instruments


Request for inclusion of state responsibility and human rights law references


Support for scenario-based discussions and capacity building on international law


Need for technical assistance and training programs


Topics

Legal and regulatory | Capacity development


Unexpected consensus

Support for POC directory with concerns about expansion

Speakers

– European Union
– Cote d Ivoire
– Fiji

Arguments

Support for operationalizing POC directory with proper safeguards


Support for biannual ping tests and mock simulations


Caution against expanding directory before addressing existing challenges


Explanation

Despite different regional perspectives, there was unexpected consensus that the POC directory should be maintained and improved, but with caution about expansion until existing challenges are addressed – showing pragmatic agreement across different blocs


Topics

Cybersecurity | Capacity development


Importance of women’s participation in cybersecurity

Speakers

– Ukraine
– Albania
– Costa Rica

Arguments

Importance of women’s participation in cybersecurity discussions


Concerns about state-sponsored cyber attacks on democratic institutions


Need for inclusive and transparent future mechanism


Explanation

Speakers from different regions and political alignments unexpectedly converged on emphasizing the importance of women’s meaningful participation in cybersecurity discussions, suggesting this has become a broadly accepted principle


Topics

Gender rights online | Human rights | Cybersecurity


Overall assessment

Summary

The discussion revealed clear regional and ideological divisions, with Western/European countries generally favoring implementation of existing frameworks and opposing new norm development, while some developing countries and non-Western states supported balanced approaches including new norm development. However, there was broad consensus on practical issues like ransomware threats, capacity building needs, and the importance of the POC directory.


Consensus level

Moderate consensus exists on technical and practical cybersecurity issues, but significant divisions remain on fundamental questions about the balance between existing and new norms, the role of international law, and the structure of future mechanisms. The Chair’s appeal for flexibility suggests these divisions may be bridgeable through compromise, but will require significant diplomatic effort to achieve consensus on the final report.


Differences

Different viewpoints

Use of ‘exclusively peaceful purposes’ language in paragraph 15

Speakers

– China
– Pakistan
– Kingdom of Netherlands
– Republic of Korea
– Australia
– Israel
– Ukraine
– Czechia

Arguments

Support for maintaining ‘exclusively peaceful purposes’ language


Opposition to ‘exclusively peaceful purposes’ language in paragraph 15


Support for replacing ‘exclusively peaceful purposes’ with UN Charter compliance language


Summary

China and Pakistan strongly support maintaining the ‘exclusively peaceful purposes’ language, arguing it shows foresightedness and firm commitment to peaceful ICT use. However, multiple Western countries (Netherlands, Republic of Korea, Australia, Israel, Ukraine, Czechia) oppose this language, calling it problematic, ambiguous, and not based on consensus agreements. They propose alternative language or deletion.


Topics

Legal and regulatory | Cybersecurity


Development of new norms versus implementation of existing 11 norms

Speakers

– Republic of Korea
– Kingdom of Netherlands
– United Kingdom
– Ukraine
– Ireland
– Islamic Republic of Iran
– China
– Russian Federation

Arguments

Focus should be on implementing existing 11 norms rather than developing new ones


Opposition to paragraphs 34R and 36 on developing new norms


Support for retaining paragraphs on new norm development


Need for balance between implementing existing norms and developing new ones


Summary

Western countries (Republic of Korea, Netherlands, UK, Ukraine, Ireland) strongly oppose developing new norms, arguing focus should be on implementing existing 11 norms and that new proposals lack consensus. Iran, China, and Russia support retaining language on new norm development, with Iran arguing removal would undermine balance and Russia calling for legally binding status for norms.


Topics

Cybersecurity | Legal and regulatory


References to international humanitarian law (IHL) in cyberspace

Speakers

– European Union
– Finland
– Republic of Korea
– Kingdom of Netherlands
– Cuba
– Islamic Republic of Iran

Arguments

Need for clearer language on international humanitarian law application


Need to reflect progress made on IHL through ICRC resolution


Importance of responsible attribution practices


Summary

EU, Finland, Republic of Korea, and Netherlands strongly support including clear references to IHL applicability in cyberspace and incorporating language from the ICRC resolution. Cuba and Iran oppose IHL references, with Cuba arguing this could legitimize cyberspace as ‘another sphere of war’ and Iran wanting deletion of IHL references.


Topics

Legal and regulatory | Human rights


References to additional legally binding obligations

Speakers

– United Kingdom
– Australia
– European Union
– Islamic Republic of Iran
– Russian Federation

Arguments

Opposition to references to new legally binding obligations


Concerns about balanced reflection of different approaches to international law


Call for flexibility and compromise in final negotiations


Summary

UK, Australia, and EU strongly oppose references to new legally binding obligations, arguing they conflate existing law with non-consensual proposals and are supported by only five states. Iran and Russia support including references to additional binding obligations, with Iran arguing the current text lacks balance and Russia calling for legally binding status for voluntary norms.


Topics

Legal and regulatory | Cybersecurity


Attribution practices and accountability mechanisms

Speakers

– Albania
– Islamic Republic of Iran
– Cameroon
– Cuba

Arguments

Concerns about state-sponsored cyber attacks on democratic institutions


Concerns about unsubstantiated attribution claims


Support for accountability mechanisms for egregious cyber attacks


Importance of responsible attribution practices


Summary

Albania strongly condemned state-sponsored attacks and called for accountability mechanisms, specifically citing Iranian attacks. Iran categorically rejected these accusations, arguing attribution is challenging and unsubstantiated claims violate responsible behavior principles. Cameroon supported accountability mechanisms for egregious acts, while Cuba emphasized responsible attribution practices.


Topics

Cybersecurity | Legal and regulatory


Unexpected differences

Chair summary references from 2021 OEWG report

Speakers

– Kingdom of Netherlands
– United Kingdom
– Germany
– Islamic Republic of Iran

Arguments

Opposition to paragraphs 34R and 36 on developing new norms


Support for retaining paragraphs on new norm development


Explanation

An unexpected technical disagreement emerged over whether to reference the 2021 chair summary, with Western countries arguing it’s not a consensus document while Iran pointed out it was referenced seven times in the third annual progress report adopted by consensus.


Topics

Legal and regulatory | Cybersecurity


Voluntary checklist adoption timing

Speakers

– United Kingdom
– Islamic Republic of Iran
– Russian Federation

Arguments

Support for voluntary checklist of practical actions for norm implementation


Support for retaining paragraphs on new norm development


Call for flexibility and compromise in final negotiations


Explanation

Unexpected disagreement over whether the voluntary checklist should be adopted now or deferred to the future mechanism, with Iran and Russia arguing it hasn’t been properly discussed while UK supports its adoption as valuable output.


Topics

Cybersecurity | Capacity development


Overall assessment

Summary

The discussion reveals fundamental disagreements between Western countries and countries like China, Iran, and Russia on key issues including peaceful use language, new norm development, IHL applicability, and legally binding obligations. There are also specific bilateral tensions around attribution practices.


Disagreement level

High level of disagreement with significant implications for consensus-building. The disagreements reflect deeper geopolitical divisions and different approaches to international law and cybersecurity governance. The Chair’s appeal for flexibility suggests these disagreements pose serious challenges to achieving consensus on the final report.


Partial agreements

Partial agreements

Similar viewpoints

These speakers generally supported maintaining references to peaceful purposes, developing new norms alongside existing ones, and ensuring balanced representation of different approaches to international law including potential legally binding instruments

Speakers

– China
– Pakistan
– Islamic Republic of Iran
– Russian Federation
– Cuba

Arguments

Support for maintaining “exclusively peaceful purposes” language


Emphasis on preserving consensus achievements in transition


Support for retaining paragraphs on new norm development


Call for flexibility and compromise in final negotiations


Importance of responsible attribution practices


Topics

Legal and regulatory | Cybersecurity


These Western/European speakers consistently emphasized the need to focus on implementing existing consensus frameworks, reflect progress made on international humanitarian law, and avoid giving undue weight to proposals that lack broad consensus

Speakers

– European Union
– Kingdom of Netherlands
– United Kingdom
– Germany
– Australia

Arguments

Need to reflect progress made on IHL through ICRC resolution


Opposition to paragraphs 34R and 36 on developing new norms


Opposition to references to new legally binding obligations


Concerns about document giving undue weight to non-consensus proposals


Request for inclusion of state responsibility and human rights law references


Topics

Legal and regulatory | Human rights | Cybersecurity


These speakers emphasized the importance of legal capacity building and scenario-based training before considering new binding instruments, and supported strengthening references to international humanitarian law and human rights

Speakers

– Fiji
– Australia
– Finland
– Ghana

Arguments

Opposition to prejudging future mechanism discussions on binding instruments


Request for inclusion of state responsibility and human rights law references


Support for scenario-based discussions and capacity building on international law


Need for technical assistance and training programs


Topics

Legal and regulatory | Capacity development


Takeaways

Key takeaways

Strong consensus on need to focus on implementing existing 11 voluntary norms rather than developing new ones, with many delegations opposing paragraphs 34R and 36 on new norm development


Significant support for dedicated paragraph on ransomware attacks targeting critical infrastructure, reflecting growing threat landscape


Major disagreement on ‘exclusively peaceful purposes’ language in paragraph 15, with some supporting deletion and others (like China) strongly supporting retention


Widespread call for better balance in report between consensus achievements and non-consensus proposals, with concerns about giving undue weight to minority positions


Strong support for reinstating use of force language in paragraph 40C and including more substantive content on international humanitarian law application


Emphasis on capacity building for developing countries and need for smooth transition to future permanent mechanism


Chair’s warning that current approach of demanding deletions of opposing views while preserving own positions will not lead to convergence


Resolutions and action items

Chair invited all delegations to reception at Singapore Mission at 6:15 PM for informal consultations


Tomorrow’s session will expand discussion to include sections E and F in addition to A, B, C, and D


Delegations requested to provide written proposals and amendments to Chair’s office


Chair urged delegations to focus on essential points, bridging proposals, and compromise solutions in future statements


Multiple delegations committed to sharing detailed written recommendations on specific paragraph edits


Unresolved issues

Fundamental disagreement on whether to retain ‘exclusively peaceful purposes’ language in paragraph 15


Dispute over inclusion of new norm development paragraphs (34R and 36) versus focus on existing norm implementation


Disagreement on references to chair summary from 2021 OEWG report as non-consensus document


Unresolved balance between reflecting consensus achievements versus accommodating diverse viewpoints on international law


Ongoing debate over inclusion of references to new legally binding obligations in international law section


Dispute over voluntary checklist adoption (paragraphs 34L and 37) with some delegations having principled objections


Disagreement on attribution language and accountability mechanisms for cyber attacks


Unresolved structure and mandate details for future permanent mechanism


Suggested compromises

Australia’s proposal to replace ‘exclusively peaceful purposes’ with ‘in compliance with international law’ in paragraph 15


Multiple delegations suggesting merger of paragraphs 20 and 29 on technology vulnerabilities


UK proposal to move paragraph 34N consensus language to chapeau of paragraph 34


Suggestion to create separate paragraph for ransomware while maintaining other malicious software references


Proposal to split paragraph 41 into subparagraphs grouping references by origin and nature


Netherlands suggestion to add GGE reports reference in paragraph 3 for better foundation


Brazil’s proposal for additional subparagraph under 40 based on ICRC humanitarian resolution


Various delegations suggesting deletion of duplicative paragraphs (34O-P merger, 34Q-R deletion)


Chair’s appeal for flexibility where delegations accept that opposing viewpoints also need reflection in final document


Thought provoking comments

Chair’s opening guidance: ‘I think that is the spirit of the discussions, that we are looking for solutions, not necessarily in the mode of restating and reiterating your preferred positions. So thank you very much for your understanding.’

Speaker

Chair


Reason

This comment was insightful because it directly addressed the fundamental challenge of multilateral negotiations – the tendency to simply restate positions rather than seek compromise. It set a constructive tone by explicitly calling for bridging proposals and solutions.


Impact

This guidance influenced the entire discussion flow by establishing expectations for constructive engagement. Many subsequent speakers referenced this call for flexibility, and it created a framework against which participants could measure their contributions.


Republic of Korea’s position on norms: ‘What’s needed now is not more norms, but rather a focus on how to implement and operationalize the ones we already have.’

Speaker

Republic of Korea


Reason

This comment crystallized a key philosophical divide in the discussion between those wanting to develop new norms versus those prioritizing implementation of existing frameworks. It challenged the assumption that more rules necessarily lead to better outcomes.


Impact

This perspective became a recurring theme throughout the discussion, with multiple delegations (UK, Netherlands, Germany, Australia) echoing this implementation-first approach. It helped frame the debate around paragraphs 34R and 36, leading to widespread calls for their deletion.


European Union’s warning: ‘We should not allow this report to lose the progress we made on the UN framework… we actually are even at risk losing our work on the framework altogether, with Russia wanting to just observe it rather than express its commitment to it.’

Speaker

European Union


Reason

This comment was particularly thought-provoking because it highlighted the fragility of existing consensus and the risk of regression. It reframed the discussion from one about adding new elements to one about preserving hard-won agreements.


Impact

This warning shifted the tone of the discussion toward preservation of existing achievements. It influenced subsequent speakers to emphasize the importance of maintaining the UN framework and led to increased resistance to proposals that might undermine established consensus.


Chair’s closing reflection: ‘But what you need to keep in mind, as we reflect on the day’s work, is that if we put together everyone’s preferences, then that is not going to bring us to convergence. I think we will need some expressions of flexibility, and that will mean that everyone, accepting the fact that other delegations who have a different point of view also need to have their points of view reflected.’

Speaker

Chair


Reason

This meta-commentary on the negotiation process itself was deeply insightful because it diagnosed the core challenge: the mathematical impossibility of satisfying all preferences simultaneously. It called for a fundamental shift in approach from position-taking to compromise-seeking.


Impact

This comment served as a reality check that reframed the entire negotiation dynamic. It challenged delegates to move beyond their comfort zones and consider what compromises they could accept, setting the stage for more constructive engagement in subsequent sessions.


Albania’s specific attribution example: ‘A notable escalation occurred in Albania in July 2022 when a destructive cyber attack, assessed to have originated from Iranian state-linked actors, severely distributed a wide range of government digital services… The most recent attack happened on June 20, 2025 when the IT systems of the municipality of our capital city were breached.’

Speaker

Albania


Reason

This comment was significant because it moved the discussion from abstract policy debates to concrete real-world consequences of cyber attacks. It personalized the stakes and demonstrated the urgent need for effective frameworks.


Impact

This specific example prompted Iran to respond with a detailed rebuttal, highlighting the contentious nature of attribution in cyberspace. It demonstrated how attribution disputes can derail constructive dialogue and reinforced arguments for focusing on implementation rather than new norms.


Russian Federation’s semantic challenge: ‘In my language, observe is to adhere to, to abide by, or to comply with, and this presupposes a high level of obligation. So far as my language – my knowledge of English allows me to understand English, these are also clear synonyms to the verb observe.’

Speaker

Russian Federation


Reason

This linguistic intervention was thought-provoking because it revealed how semantic differences can mask deeper philosophical disagreements about the nature of international commitments. It showed how language choices carry significant political implications.


Impact

This comment exposed the underlying tension between voluntary and binding obligations, influencing how other delegations approached discussions about implementation versus observation of norms. It highlighted the importance of precise language in international agreements.


Overall assessment

These key comments fundamentally shaped the discussion by establishing three critical dynamics: (1) the Chair’s interventions created a framework for constructive negotiation that emphasized compromise over position-taking; (2) the substantive debate crystallized around implementation of existing frameworks versus development of new norms, with most delegations favoring the former; and (3) specific examples and semantic challenges revealed the practical difficulties of achieving consensus in a politically charged environment. The discussion evolved from initial position statements toward a more nuanced understanding of the trade-offs required for consensus, though significant divisions remained. The Chair’s process observations were particularly influential in encouraging delegates to think beyond their preferred positions toward what might be collectively acceptable.


Follow-up questions

How to implement and operationalize the existing 11 voluntary non-binding norms of responsible state behavior

Speaker

Republic of Korea


Explanation

Korea emphasized that what’s needed now is not more norms, but rather a focus on how to implement and operationalize the ones already established


How to better understand the associated risks of new and emerging technologies, including artificial intelligence

Speaker

Malaysia


Explanation

Malaysia welcomed discussion on AI and emphasized the need to better understand the risks associated with emerging technologies


How to enhance dialogue on ICT security between different sectors at the national level, including the technical, diplomatic and legal sector

Speaker

Malaysia


Explanation

Malaysia recognized the importance of cross-sectoral dialogue for comprehensive ICT security approaches


How norms and international law relates to ransomware, what cyber capacity building needs and tools are there or need to be developed to better address this threat

Speaker

Germany


Explanation

Germany suggested ransomware as a possible example for future cross-cutting, action-oriented discussions examining multiple aspects of the threat


How to establish effective accountability mechanisms for cyber attacks directed at democratic systems and civilian infrastructure

Speaker

Albania


Explanation

Albania called for the development of frameworks that ensure appropriate consequences for those responsible for malicious cyber operations


How to enhance common understanding amongst all states on the opportunities and risks of new and emerging technologies such as artificial intelligence, 5G and quantum computing

Speaker

Fiji


Explanation

Fiji emphasized the urgent need to develop shared understanding of emerging technologies across all member states


How to encourage more significant participation in the POC directory through targeted capacity-building modalities

Speaker

Cote d’Ivoire


Explanation

Cote d’Ivoire highlighted the need to explore means of increasing participation in the global directory for points of contact


How to ensure universal accession to the POC directory

Speaker

Cote d’Ivoire


Explanation

There is a need to specify strategies for achieving universal participation in the points of contact directory


How to address the responsibilities and obligations of the private sector and platforms with extraterritorial impact in the ICT environment

Speaker

Islamic Republic of Iran


Explanation

Iran emphasized the current lack of clarity regarding private sector responsibilities and the need for in-depth discussions on their obligations


How to address practical, concrete challenges in the application of international law in cyberspace

Speaker

Finland (on behalf of Nordic countries)


Explanation

The Nordic countries emphasized that future mechanism discussions should focus on addressing practical challenges rather than theoretical debates


How to develop a common understanding on how international law applies in the use of ICTs through capacity building initiatives

Speaker

Ghana


Explanation

Ghana supported capacity building efforts including workshops, conferences and scenario-based discussions to build shared understanding


How to develop universal templates for data exchange through the UN’s Global Intergovernmental Register for Contact Points

Speaker

Russian Federation


Explanation

Russia proposed focusing on the development of universal templates for data exchange rather than assistance delivery templates


Disclaimer: This is not an official session record. DiploAI generates these resources from audiovisual recordings, and they are presented as-is, including potential errors. Due to logistical challenges, such as discrepancies in audio/video or transcripts, names may be misspelled. We strive for accuracy to the best of our ability.