OEWG 2021-2025 – Regular institutional dialogue

Event report

The last meetings of the second substantive session continued in informal mode.

Regarding the establishment of a future regular institutional dialog on the use of ICTs in the context of international security, the delegates mostly expressed their opinions on the Cyber Program of Action (PoA) and its intersection with the current OEWG. 

France highlighted that 57 United Nations member states, as well as the EU are currently promoting the establishment of PoA as a permanent institutional mechanism that is dynamic, inclusive and action oriented, which could work in a coordinated and complementary fashion with the ongoing work and deliberations within the current OEWG. During the meeting,  delegates from Chile, Thailand, the Netherlands, Austria, South Africa, Canada, Australia, Switzerland, Japan, Singapore, El Salvador, Columbia, the UK, and Argentina reiterated their support of the PoA proposal or expressed the wish to join it.

Egypt noted that the co-sponsors are working to improve the PoA working paper to be submitted against the third session of the OEWG in July which will contain more practical steps towards establishing the PoA . For example, it is possible to hold the regular meeting every two years as well as a review conference every six years. There’s also a need to establish technical working groups working during the intersessional period to address the exponential evolving nature of the cyber issues. Therefore it is important that the OEWG consider establishing the POA through its annual progress report to complement the work of the group.

The EU suggested the OEWG could facilitate timely and dedicated exchanges on the POA, taking into account specific views and needs of all states and relevant stakeholders and ensuring that the OEWG is regularly informed about the state of play. 

France and the Netherlands said that the PoA would allow states to establish in fields where they see necessary a dialogue and structure cooperation with private actors and civil society.

Chile noted that the main aim of it is to facilitate the implementation of a consensus framework for the responsible behaviour of states in the use of ICTs. For this reason, the PoA would support capacity building based on the state’s own needs assessment.

Thailand: The PoA would play a significant role in developing a universally accepted and common understanding of international law applicable in cyberspace, especially in the absence of a legally binding instrument on this matter. Also, the PoA must be aligned with and complementary to this open-ended working group.

Canada supposed that the GGE and the OEWG could continue to work on the aquis within these processes. But thePoA will then focus on the implementation of this aquas. Canada is also working on the research document about PoA and will publish it on the portal to discuss with other delegates.

Switzerland, Singapore, Argentina, Columbia and Japan claimed that the PoA should be the regular institutional dialogue under the auspices of the UN and complimentary to the current OEWG. It will focus on implementation capacity building and allow for inclusion of the multistakeholder community.

On the other hand there were voices opposing the PoA or suggesting other formats for future regular dialog.

Iran said that the OEWG should continue its function as an inclusive intergovernmental body for consultation, cooperation, and decision-making in cyber-related issues established by the United Nations. The PoA is build on the same logic as the UN small arms and light weapons program of action, but this experience’ shows that procedural approaches such as the POA are inherently challenging  and, instead, we should move towards legally binding, instrument on cybersecurity and think of establishing an OEWG subgroup for the commencement of negotiations on a comprehensive cybersecurity convention.

Cuba supported action-oriented initiatives, but was not in favour of parallel mechanisms that seek to replace the work of the OEWG. ‘ In our view, any cybersecurity initiative must be the result of a recommendation of this open-ended working group, and it must be based on a broad-based process of discussion among member states and should be adopted by consensus.’

Russia said that the OEWG should remain the only negotiating mechanism under the UN to deal with cyber issues. The decision on the future format for regular institutional dialogue, whether through the continuation of the OEWG or its transformation into a permanent mechanism, could be worked out by states at a later stage of this group. Russia reminded about its proposal to exchange experiences between the OEWG and regional organizations like CIS, SCO, OSCE, ARF and others with the understanding that it is the UN that should play the leading role in fostering dialogue on the use of ICTs by states.

Brazil highlighted that it doesn’ t support the notion of creating OEWG subgroups based on alleged expertise of states in order not to break the discussions. Brazil also touched upon the burning issue of modalities of multistakeholder participation. While it supports the possible broadest participation of stakeholders, Brazil appealed to all member states on the need to protect the consensual decision-making of this group. ‘ It is not necessarily important to the level of having to vote on this particular notion. We believe that these would bring systemic consequences, not only for this group, but also for the work of the first Committee in general. We see the point made by our colleague from Jamaica that precedents are important and we need to set them. But in this particular point, we would prefer the precedent to be a good one. And we believe that consensus is the best option.’

Sri Lanka suggested having institutional dialogues be processed through three tiers – national, regional, and international. The national discussions may feed the regional mechanisms to facilitate the decisions and discussions of the international organisations such as the UN. Further, having study groups, academic forums, compilations of a directory of cyber contact points in each country, that could facilitate confidence-building among countries. Such groups can bring in innovative ideas and proposals for an institutional dialogue.