Emerging cybersecurity law and its impact on information society, cyberlaw trends of 2019

Event report

The thematic workshop, organised by the International Commission on Cyber Security Law /Cyberlaws.Net, explored the status and the emerging global trends in the context of cyberlaw and cybersecurity law.

The session was moderated by Dr Pavan Duggal (Advocate, Supreme Court of India, Chairman, International Commission on Cyber Security Law), who gave a presentation of the complex and fragmented landscape of cyberlaw frameworks. He explained how data breaches are increasing and how this raises concerns in terms of accountability and liability mechanisms. Presenting some legislative examples, he underlined how China has developed among the most comprehensive national legislations due to the broad definition of cybersecurity provided. Additional examples are represented by Russia, which focused on data localisation; Vietnam, which recognises the cyberspace in terms of national space; Thailand, which legislated a cyber martial law; Germany, which focused on the protection of the confidentiality, availability, and integrity (CIA) paradigm; and Australia, which recently passed a law to abolish encryption – if you are providing an encrypted service in Australia, you need to give the key to the government. Additional efforts have been put in place in the form of bilateral cybercrime agreements, however, in case of information critical for national interests, the agreement does not apply.

Mr Gonzalo Lopez-Barajas Huder (Internet Policies Executive, Telefonica) talked about data security, arguing that it is not as a technical issue anymore. It affects every aspect of our lives and therefore, it has to be tackled with a new multistakeholder co-ordination mechanism at the regional, and global level. Furthermore, he argued that one of the most challenging aspects of jurisdiction has to be contextualised in the competing jurisdiction and in the search for international harmonisation. With this regard, the work of the EU on e-evidence and e-legislation, and the US Cloud Act should be recalled as an example of best practices.

Prof Dr Christoph Stückelberger (President and Founder at Globethics.net Foundation and Executive Director at Geneva Agape Foundation) addressed the issue of ethics, arguing that law and ethics can be considered as twins. We need values, and the law to implement those values. He introduced the concept of ‘globalance’, meant to identify a global balance of values that can be sought in the following three examples. First, there is a need to balance freedom and security: indeed, if we have total security we have no security, and vice versa. Second, there is a need to balance solidarity and sovereignty. Connected to the risk of fragmentation of the Internet, the main point of this balance highlights that sovereignty is not an absolute value: indeed, it is impossible to have total sovereignty in a globalised world. Finally, an additional balance has to be fostered between prosperity and equity: prosperity should not be an ultimate goal at the expenses of fairity, equiness, and justice.

Mr Alfredo Ronchi (Secretary General, EC MEDICI Framework) recalled how the evolution of new technologies is impacting society at all levels and in all aspects of our lives. As a result, there is a need for more co-operation that would lead to international legislative solutions which however are still hampered by limitations from national governments. He argued that digital literacy and awareness needs to be implemented through training and education programs that would boost the proper use of technology and allow individuals to be more aware of potential risks of technology. Finally, with regards to the increase of cyberwarfare, he stressed that the focus on the dangers should not be limited to the use of physical weapons.

The session was featured by remarks stressing the exponentially evolution of technology, that from an industry perspective, the need to balance the speed of transformation with the trust needed in cyberspace and in new technologies. In addition to that, recommendations should keep in mind that cybercrime and cybersecurity laws should not become a tool to be used against government and civil society activists, as in the case of some countries in South Asia. Moreover, additional comments were addressed by Dr Salma Abbasi (Chairperson and CEO, eWorldwide Group), Dr Mohammad Najeeb Azizi (Chairman of Afghanistan Telecommunication Regulatory Authority [ATRA]), and Dr Madeleine Scherb (President, Health and Environment Program). Abbasi underlined the the challenges posed by social media platforms to society, and by the crime that tech companies perpetuate in creating algorithms and services that addict individuals and especially young generations. Najeeb Azizi stressed the importance of tackling challenges posed by privacy concerns. Finally, acknowledging the difficulties in identifying the actor of cybercrimes, Scherb recalled that cybercrimes related activities should not only focus on the narrow binary paradigm of perpetrators and victims but have a more holistic approach on the various actors involved and affected.

By Stefania Grottola