[Read more session reports and live updates from the 13th Internet Governance Forum]
Cybersecurity can be ensured without sacrificing economic development and infringing human rights, but with trade-offs. Multistakeholder participation in drawing cybersecurity strategies should pay attention to digital intelligence in terms of technical, cognitive, and social competencies that enable individuals to face the challenges of and adapt to the demands of digital life.
Ms Lisa Vermeer, Dutch Ministry of Foreign Affairs, started her intervention by describing how the work is organised inside the Dutch government. The task force on international cyber policy is based on three pillars: human rights, peace and security in cyber space, and the development of cyber capabilities. She also stressed the importance of inclusiveness and multistakeholder operations in having impactful policy or regulation initiatives.
Mr Leandro Ucciferri, ADC Digital, stated that including human rights is not profitable or appealing to investment in and the growth of cybersecurity. He reminded those present that governments have both positive and negative obligations towards human rights, i.e., to take measures to guarantee those rights as well as avoid or refrain from interfering with them. Business should also avoid doing this, if its products or services affect human rights, for example corporations co-operating to provide surveillance of their users. Ucciferri mentioned a set of documents that ADC Digital is elaborating with partners in Argentina, Colombia, and Paraguay to set guidelines on how to think about cybersecurity through the prism of human rights:
- Include a human rights approach in the business development model.
- Consider ethical aspects of new products and services.
- Post transparency reports.
Mr Claudio Cocorocchia, Head of Information and Entertainment System Initiative, World Economic Forum, shared a trend first noticed during 2017 and 2018: There is a societal demand for companies to have more digital ethics and diversity. This is something business should put more thought into, especially after scandals around personal data breaches and privacy violations. Cocorocchia introduced the work of the DQ Institute, endorsed by WEF. It aims to provide digital intelligence in the form of a comprehensive set of technical, cognitive, and social competencies that enables individuals to face the challenges of and adapt to the demands of digital life.
Ms Angela McKay, Microsoft, started her remarks by providing insight into her professional background which helps her to look at the issue from engineering, government, and business viewpoints. The strategies of those entities she worked with were risk-based, used public-private partnerships, and focused on a series of consequences which notably did not include human rights or digital protection. Now Microsoft is watching how countries are reframing their cyber strategies. McKay has found that these strategies are beginning to look not just at national security, economic security, and public safety, but also at human rights, individual rights, and ethical considerations. They are looking at how to improve the transparency of both government and industry efforts, and how to help improve ‘the digital literacy of the populace so that they can engage in these conversations’. Finally she noted that cybersecurity and human rights are not mutually exclusive, but there are definitely trade-offs needed to ensure both.
Mr William Dutton, Oxford Internet Institute, focused the audience’s attention on the idea that cybersecurity is not only about involving multistakeholder participants; it is also a complex game of policies in various areas: ‘You have to think [that] any given actor is focused on various objectives that may be very different from your own if you're interested in cybersecurity. And they pursue those actions, so you have many games going on.’
By Ilona Stadnik