High-level policy session 5: Building confidence and security in the use of ICTs

Event report

Mr Ernesto Rodríguez Hernández (Deputy Minister, Ministry of Communications) claimed that governments must set different instruments and mechanisms in place nationally, as well as to elaborate treaties and co-operation agreements to combat the use of ICTs for criminal purposes. He also noted that the sovereignty of a state should remain fully fledged. Hernández acknowledged that states, together with other interested parties, should work together to prevent cyberspace turning into a theatre for criminal activity that would undermine digital development.

Mr Leon Behin (State Secretary, Ministry of Public Administration, Slovenia) addressed the topic of multistakeholder collaboration for protecting children online. He shared several projects aimed at the youth that Slovenia carried out on the governmental level. The first is the Safer Internet Centre that promotes awareness about the safe use of mobile devices and the Internet for teenagers, parents, and teachers. Another example is a telephone line with advisors providing help on stopping online violence against women and girls.

Mr Serge Abiteboul (Member of the High Level Board, Electronic Communications and Postal Regulatory Authority of France (ARCEP)) addressed the question of trusting technology and the response of regulators. He shared ARCEP works on analysing the neutrality of devices and expressed concern with the current trend on the ‘infantilisation’ of devices. ‘Users cannot re-choose their device: app stores limit their choices in applications, as well as operating system of the device itself, and pre-installed applications. And voice assistants are talking to users like with children.’ Abiteboul claimed that services should clearly explain their possibilities to users. He also called users to actively participate in taking control of their use of devices and help make more interoperability between applications as well as between different web services.

Mr Ömer Abdullah Karagözoğlu (Chairman of the Board, Information and Communication Technologies Authority, Turkey) spoke about regulatory measures that Turkey undertakes to ensure cybersecurity and privacy online, integrating cybersecurity into the national security strategy. He added that they organise cybersecurity trainings for institutional CERTs from various critical sectors. They also carried out hands-on trainings and competitions for around 2500 students and graduates in the last two years. Karagözoğlu mentioned detection and protection systems that play a huge role in national cybersecurity by providing visibility, detecting command and botnet control centres, and malicious software. He added that Turkey signed several cybersecurity co-operation agreements with various countries and ratified the European Convention on Cybercrime. Moreover, the Turkish Criminal Code covers unauthorised interference, interception, modification, and disruption of IT systems.

Mr Jeff Greene (Vice President, Global Government Affairs, Symantec) stated that cyber-hygiene and education cannot solve the problem, but can make significant improvements in cybersecurity. People have to be a bit more suspicious and careful in dealing with e-mails and software. He then turned to the role of artificial intelligence in detecting malicious activity. ‘Today we see legitimate programs to do illegitimate things, good software doing bad things. This can be much harder to detect as it requires analysis of huge volume of data, and AI and machine learning can detect that activity.’

Mr Bruce McConnell (Executive Vice President, EastWest Institute) spoke about stability and security threats regarding cyberspace internationally. First, he urged states to restrain their activities in cyberspace, for example, to refrain from attacking the public core of the Internet, namely, routers, routing system, Internet naming and numbering systems, and the software behind them. Second, he introduced the idea of telecommunication companies blocking malware traffic through signatures as they are already doing with spam. They are not doing it now because they were not asked to, and governments should think about that. Additionally, governments could give telecom companies liability protection, so when they block malicious traffic, they cannot be sued by customers for caused losses.

Ms Milena Grillo (Director of Strategy and Innovation, PANIAMOR Foundation) said that in 2010 the constitutional court of Costa Rica declared access to the Internet as a fundamental right for all Costa Rican inhabitants. The government expanded investments making digital inclusion a key national milestone both in terms of equal enjoyment of rights, and as a means for personal, social and national wellbeing. Then she provided some insights for e-mentor programmes in Costa Rica. It is a multistakeholder initiative with high-level ministers mediating formal government engagement with public entities. The private ICT sector participates through mentoring and volunteering to help elaborate better policies for social issues with ICT use.

Ms Vandana Sethi (Director, Department of Telecommunications, Indian Federal Government) highlighted some steps that India has taken to improve the confidence of ICT use for their population. The first is the success of the digital identity program Adhaar that increases the inclusion level of the population in the financial system – 300 million people now have bank accounts and 83% are linked to Adhaar. It has enabled the government to directly provide benefits to the population, which has resulted in huge savings of taxpayers’ money. Second, the Government of India started its own CERT that is responsible for incident responses, analysis, forecasts, and alerts on cybersecurity issues and breaches. Sethi shared future plans of the government to establish a central equipment identity register that will have unique identifications for all mobile devices.

The WSIS Action Line Facilitator, Mr Preetam Maloor (Senior Strategy and Policy Adviser, ITU), concluded the session by saying that establishing partnerships is the key to building confidence and trust in the use of ICTs, and that all the speakers illustrated this thesis with bright and successful examples form their countries.

By Ilona Stadnik