IGF2024

Summary

This discussion focused on building universal standards for digital infrastructure resilience. Participants explored the need for global standards while acknowledging the importance of localized implementation. They emphasized the critical role of data sovereignty, integrity, and protection against emerging threats like cryptojacking and quantum computing risks. The conversation highlighted the importance of multi-stakeholder collaboration, involving governments, private sector, academia, and international organizations in developing resilience frameworks.

Key challenges discussed included rapidly evolving threats, human error, and the need for flexible, agile policies that don’t become obsolete quickly. Participants stressed the importance of capacity building and continuous skill development to address the human element in cybersecurity. They also noted the need for a risk-based approach in developing resilience frameworks, incorporating threat modeling and scenario planning.

The discussion touched on the role of existing standards like ISO, while considering the need for new, more comprehensive frameworks that address the unique challenges of digital infrastructure. Participants agreed on the importance of starting with a clear definition of the problem and creating action plans with measurable outcomes. They also highlighted the need for diversity in technologies and systems to avoid single points of failure.

The session concluded with a call to action, emphasizing the need to move beyond conversations to practical implementation of resilience standards. The participants agreed to compile the discussion into a white paper to serve as a reference for countries and regions seeking to enhance their digital infrastructure resilience.

Keypoints

Major discussion points:

– The need for universal standards for digital infrastructure resilience

– Challenges in developing and implementing resilience standards across different countries

– The importance of multi-stakeholder collaboration in shaping standards and policies

– Emerging threats to digital infrastructure and strategies to address them

– Balancing universal standards with localized implementation

Overall purpose/goal:

The purpose of this discussion was to explore challenges and opportunities in securing critical digital infrastructure, with the aim of developing ideas for universal standards and best practices that could be adapted by different countries. The panel sought to produce insights that could inform a white paper on digital infrastructure resilience.

Tone:

The tone was largely collaborative and solution-oriented. Panelists built on each other’s points and acknowledged the complexity of the issues. There was a sense of urgency about the need to act, balanced with recognition of the challenges involved. The tone became slightly more pointed when audience questions challenged some assumptions, but remained constructive overall.

Speakers

– Genie Gan: Director of Government Affairs and Public Policy, Kaspersky; Moderator

– Aderonke Sola Ogunsola: Head of Policy and Process Review, Corporate Planning Strategy and Risk Management Department, Nigerian Communications Commission

– Pawan Anand: Major General Dr., Director of United Service Institution of India, PhD Guide and Mentor at the National Defense College

– Alaa Abdulaal: Chief of Digital Economy Foresight, Digital Cooperation Organization

Additional speakers:

– Dino Cataldo Dell’Accio: Chief Information Officer, UN Pension Fund; involved in Best Practice Forum on Cybersecurity, leading Blockchain Dynamic Coalition on Assurance and Standardization

– Unnamed audience member: Asked question about institutions for developing standards

Digital Infrastructure Resilience: Building Universal Standards at IGF 2023

This discussion, part of the Internet Governance Forum (IGF) 2023, explored the challenges and opportunities in securing critical digital infrastructure, with the aim of developing ideas for universal standards and best practices that could be adapted by different countries. The panel sought to produce insights that would inform a white paper on digital infrastructure resilience.

Panelists and Their Backgrounds:

– Genie Gan (Moderator): Head of Government Affairs and Public Policy for Asia Pacific at Kaspersky

– Aderonke Sola Ogunsola: Head of Cybersecurity at the Nigerian Communications Commission

– Major General Dr. Pawan Anand: Senior Fellow at the United Service Institution of India

– Alaa Abdulaal: Senior Policy Advisor at the Digital Cooperation Organization

Key Themes and Discussions:

1. Threats to Digital Infrastructure:

The panel discussed various threats, including:

– Human error and skill gaps

– Rapid technological changes

– Economic and technological disparities between countries

– Physical threats to infrastructure

Specific examples were cited, such as the Singapore banking transaction disruption and a US-based cybersecurity company incident, highlighting the real-world impacts of these threats.

2. Multi-stakeholder Collaboration:

There was strong agreement on the importance of collaboration between governments, private sector, civil society, and international organizations. Ogunsola stressed the need for engagement from all stakeholders to develop effective standards. Abdulaal highlighted the key role of the private sector in innovation and capacity building, while also noting that international organisations can facilitate cooperation.

3. Regulatory and Standards Development:

The panel discussed the need for universal standards that are flexible enough to be adapted to different contexts. Ogunsola emphasized that universal standards are “not negotiable” but implementation may require customization. Anand concurred, stating that standards should be universal, but regulations need to be flexible to allow for innovation.

Challenges in developing and implementing standards included:

– Keeping pace with rapid technological advancements

– Addressing economic and technological disparities between countries

– Establishing common definitions and language around digital infrastructure resilience

Policy examples were discussed, such as Nigeria’s Cyber Security Act 2025 and critical national information infrastructure order.

4. Capacity Building and Human Resources:

Ogunsola emphasized the critical importance of capacity building and continuous skill development in ensuring digital infrastructure resilience. She highlighted human error and lack of skills as major threats to resilience.

5. Risk-based Approaches and Threat Modeling:

Dr. Anand and an audience member advocated for adopting risk-based approaches and incorporating threat modeling in developing resilience frameworks. This was seen as crucial for creating effective and adaptable standards.

6. Ethical Use of AI in Cybersecurity:

Anand highlighted the growing importance of AI in cybersecurity and stressed the need for ethical and responsible use of AI in this context.

Audience Engagement:

The discussion included valuable input from audience members, including:

– A challenge to the premise of developing new standards, pointing out existing ISO standards

– The need for a common language and universal definitions for concepts like Digital Public Infrastructure (DPI)

– Advocacy for risk-based approaches in resilience frameworks

Unresolved Issues and Future Directions:

Despite the productive discussion, several issues remained unresolved, including how to develop standards that remain current given rapid technological changes, and how to address economic and technological disparities between countries in implementing standards.

Conclusion and Next Steps:

The panel agreed on the urgency of moving from dialogue to action in enhancing global digital infrastructure resilience. Genie Gan outlined specific next steps, including compiling the discussion into a white paper to serve as a reference for countries and regions seeking to enhance their digital infrastructure resilience.

The moderator noted time constraints of the discussion, emphasizing the need for continued dialogue and action on this critical topic.

Genie Gan: Can you do it again? Yes, I’m done. Alvar, wait, wait, wait. Wait, wait. Wait, wait. Wait, wait, wait. Wait, wait, wait. Wait, wait, wait. Stay with me. I’m actually going to assist. I’m going to do it soon. I think I’ll just wear it. Of course, yes. I’m doing that. Is it channel zero? Just checked up over there. So, channel one? One, huh? Okay. We should start, right? Okay, we’ll start in one minute. Alright. I’m just going to silence my phone. I know. Thank you for watching. Okay. Are we ready? Yeah, sure. Okay. Right. Good morning, everyone. We are seated in Riyadh at the Internet Governance Forum. Okay, sure, sure. Two minutes. We’ll start in two minutes, I’ve been told. Channel one. Okay. Okay. Okay. All the speakers are on site. I’m sorry. Sorry. We can start now. Okay, thank you. Good morning, everyone. From wherever or good afternoon or good evening from wherever in the world you’re dialing in from. Thank you for attending today’s session on building universal standards for digital infrastructure resiliency. My name is Jeannie Gan and I am the director of government affairs and public policy from Kaspersky. And I’m your moderator for today. We’re here today to discuss the challenges and opportunities of securing the backbone of a modern digital economy. Our critical infrastructure, including data centers, cloud services, and other foundational digital assets. Of course, we all know that cybersecurity and resilience of critical information infrastructure, CIIs, have become well-established requirements over the years. However, as the digital landscape evolves, we actually need to broaden our focus to include not only the security of information and data, but also the physical and operational resilience of the digital infrastructure that house these information and data. When we started conceptualizing this workshop early this year, we were using an example of how an outage of a major data center in Singapore actually disrupted 2.5 million banking transactions across Singapore’s largest banks. Citibank, DBS, to show how vulnerabilities in digital infrastructure can have far-reaching consequences even when it’s not triggered by any cyber attacks. But of course, its close linkage to cyber security was not immediately obvious as well. And then in July, everything all changed when a rogue software update by a US-based cyber security company led to the crippling of up to 8.5 million computers worldwide which were using Microsoft systems. And suddenly, many people realized how resilience requirements which apply in the cyber security industry could apply to digital infrastructure. And governments around the world were beginning to recognize this even before the incident. For instance, Singapore is studying the introduction of a digital infrastructure act going beyond cyber security to address a broader set of resilience risks ranging from misconfigurations in technical architecture to physical hazards such as fires, water leakages, and cooling system failures. The UK government from the other part of the world also has launched a public consultation on enhancing the security and resilience of its data infrastructure. And these developments marked the beginning of a global shift towards more comprehensive frameworks for digital infrastructure resilience. So, well, since conversations in this area are still pretty new and early stages, I think we’re in early stages, right? And there is a chance for the IGF to sort of shape some best practices and common standards. That’s our goal today, to brainstorm ideas. And really, we have today with us speakers from around the world from different regions. and we hope to brainstorm ideas that will help shape the future of digital infrastructure best practices. We have regulators as well, industry leaders and experts from academia to discuss these critical issues and collaborate on creating a white paper that we hope to produce at the end that will serve as a reference for countries developing laws and regulations to strengthen digital infrastructure resilience. So let me now quickly introduce our speakers after this context setting. First of all, I think I’ll start from my right on the far end. We have Ms. Adoronke. She is Head of Policy and Process Review, Corporate Planning Strategy and Risk Management Department at the Nigerian Communications Commission. She’ll speak about the role of national cyber security and digital infrastructure governance, particularly in Nigeria. And then I have Major General Dr. Pawan Anand, who is Director of United Service Institution of India and a PhD Guide and Mentor at the National Defense College. He will share insights from India, focusing on the challenges and threats to digital resilience, particularly in rapidly developing countries. And on my left, that’s Ms. Alaa Abdulal. She is Chief of Digital Economy Foresight at the Digital Cooperation Organization. She’ll discuss the role of the DCO, Digital Cooperation Organization, in shaping and enhancing digital infrastructure, both in the Kingdom of Saudi Arabia and internationally. So for today, we will explore several key topics throughout, focusing on three main themes. First, threats to digital infrastructure, we’ll discuss the latest threats to digital infrastructure, their economic and social impact, and how different countries are responding with new standards and regulations. And of course, the second theme will be multi-stakeholder collaboration, which I think is a running theme as far as the UN and IGF context is. We’ll encourage the exchange of expertise among all stakeholders, government, industry players, academia, and all that. And of course, lastly, we’ll talk about the regulatory and standards development, focusing on the importance of international standards for digital infrastructure, particularly and examine how best practices from cybersecurity can be adapted to this domain. So let’s kick off with some initial thoughts from our panelists. I’ll ask each of you to provide maybe a brief impulse statement, not more than two minutes, based on some following questions. Maybe we’ll start with Aderonke. So, Ronke, in your opinion, is digital infrastructure a universally accepted term? And could you also maybe give us a brief overview of the role of Nigeria’s NCC in digital infrastructure resilience?

Aderonke Sola Ogunsola: Thank you, Jeannie. Good morning, everybody. And thank you, Kaspersky, for sponsoring this conversation. I’d like to start by saying that this topic is timely, considering that it has a lot of interplay regarding development of standards, corporations, and what have you. In the course of reviewing this topic, there was a statement by Sharon and Karin Rudler, some sociologists. And what did they describe infrastructure as? It struck me. It says infrastructure was described in a provocative manner as something. that remains invisible until it’s broken down. So let’s just look at a picture. We all wake up this morning, our emails are not sending, we can’t connect, people cannot even see us all over the world. We can’t do any transactions. I’m sure everybody will go like, what’s happening here? So that’s the perspective. Infrastructure as the bedrock is the underlining framework for digital connection. So having said that, looking at universal, is digital infrastructure universally accepted? I think that’s yes. It’s a universally accepted term because when you look at different organizations, the ITU sees it as an enabler for provision of digital access. The OECD reviews it as an example for social economic development.

Genie Gan: Sorry, give me a moment. I think we need some help here. Ronke’s audio is coming on and off. Can we maybe switch a mic for her, please? Or we can let them, maybe you use that first. Sorry, is it off? No, it’s not that, it’s. I think you used that mic first. Just let me switch that up for you. Can you hear me now? Yes, now it’s okay, yeah. Please. Okay. Now it’s good, yep.

Aderonke Sola Ogunsola: All right, so do I start all over again or just continue from the Nigerian perspective? Yes, just the Nigerian perspective. So as a regulator, I work for the Nigerian Communications Commission and we are the regulator for the telecoms communications industry in Nigeria. Basically, we oversee the technical and economic regulation of the industry. And coming from the perspective of digital infrastructure, the Commission was established by an act of the Parliament, and we have amongst various powers or functions to facilitate and enable an environment. One of the things we are looking at is promoting digital infrastructure. We have various actions or interventions that we have taken, such as providing licenses for infrastructure development, operational spectrum licenses. We also, currently in Nigeria, we have our Cyber Security Act 2025, and part of what was identified was the critical infrastructure, and digital infrastructure was part of what was identified. In addition to this, I hope you can hear me? Yes. In addition to this, a critical national information infrastructure order was recently launched. What is it looking at? It’s because we have identified as a nation the importance, the sensitivity of the infrastructure. I believe, in my opinion, that we have moved beyond cyber security to cyber or infrastructure resilience. It’s the ability for us to bounce back if there’s any attack. Jeannie did talk about the Singaporean experience, but if you also cast your mind back earlier in the year, and the SG, ITU did mention it, about the submarine cable cut. It affected a lot of countries around the West African coast. But the good thing was Nigeria, and I would give kudos to my organization, we had always been proactive in our regulations. that our operators had, you know, resilience in their network, risk management is something that we saw, and also we ensured that they have a network. How do they survive if there’s any attack? So for Nigeria, we did not really feel the impact, but the West African coast did have their internet connectivity shut down for a while, and Nigeria has eight submarine cables landing in its shore. So you can imagine the amount of data network structure that we have, and the ITU also acknowledges that say nothing less than 90 or let’s say 80 to 90 percent of data connectivity is carried on the submarine cable internet connectivity and all of you. And because of this, the commission, Nigeria, is passionate about ensuring resiliency. So we are also part of the working group that was established by ITU. The Honorable Minister of Communications from Nigeria is a co-chair for the corporation to work on developing standards for this, as in me, developing universal standards for digital infrastructure. For me, it’s something that’s, it’s timely. It is expedient for us to look at it holistically, and we have pockets, national, like I mentioned, experience. We also have regional and group interventions, but like the SDG or what they do, I’m not sure we have something that’s universally in everyone. So well done to Kaspersky for sponsoring this, and I think it’s a conversation that is timely. Thank you. Thank you, Ronke. In fact, in your very short impulse statement, you’ve already touched on all three themes. You’ve discussed the threats to digital infrastructure, and I love the submarine cables example that affected West Africa. That was a fantastic illustration, actually, and also about some multi-stakeholder collaboration and efforts already. So maybe I’ll now turn to Ala. So the DCO, as we all know, plays a significant role in shaping and enhancing digital infrastructure internationally. So could you perhaps take a couple of minutes and share the goals of your organization in this area and what efforts are being made in addressing digital infrastructure residents? Switch it on. Yes, we can hear you now.

Genie Gan: Okay, thank you.

Alaa Abdulaal: Thank you very much, and I’m very honored to be part of this panel with you all. So the Digital Cooperation Organization, just to start, we represent 16 member states, having an 800 million population, and our goal overall is to make sure that every person, nation, and business has a fair opportunity to participate. As you have said, Janine, now we are in a world of digital economies accelerating very quickly. So our organization really focuses on giving that fair opportunity for everyone to be part of this growth of the inclusive digital economy. And for that, we have mentioned now, and even my colleague here mentioned, how important is it to have the right infrastructure and have access to that infrastructure from businesses, from governments. And what we are doing at DCO is that we are promoting the use of having the development of resilience framework. those specifically in the response of the increasing risk that is coming on the digital infrastructure. We are giving guides and advices to all our member state, putting all the stakeholders on one table. So what happened during what you have mentioned in July, one of the fastest response that we have done is that we gathered all our member states on one table to discuss the issue that has happened with the faulty deployment and the outage and how did it impacted each and every nation? What was their lesson learned? What can we do together? What are some of the missing regulations in some of the countries that can other can be shared? And this is why, and we are the digital cooperation organization, we believe in the cooperation and we believe that also this is, it should be in a multi-stakeholder approach and also looking not only at infrastructure because again, infrastructure is one layer, but even as you have mentioned, we have services, operations that are running those infrastructure. Okay, do the people have the right skills? And capacity to be educated, to run those infrastructure with the advancements of different technologies. Now, when infrastructure is varying from supercomputers that are supporting AI, that is even bringing different layer of risks. So by focusing on providing the right information, by putting all the right stakeholders and bringing countries together, we are aimed and focused to really enhance the digital infrastructure of our member states and even contribute to globally to all countries. Excellent. Thank you. Thank you for that. I like the point that you made about infrastructure being overlaid with systems and then, of course, capacity. And then maybe we can talk a little bit about capacity building later, because that’s the human element too.

Genie Gan: So now I’ll turn to Major General Pawan. From your experience, what are the main threats and challenges to digital resilience, particularly in India and other leading economies?

Pawan Anand: Thank you, Jeanne, and thank you, Kaspersky, for getting us all together on this interesting subject. So, well, to my mind, firstly, I’m from the USA, the United Service Institution of India, and we do a lot of emerging technologies work with the National Cyber Security Coordinator, the National Security Council, Ministry of Electronics and IT, the Ministry of Internal Affairs or Home Affairs, and, of course, with the Defense and the Defense Cyber Agency. It’s actually interesting that India today is in every conversation that takes place globally on anything to do with digital, because India has gone deeply digital. And with the Honorable Prime Minister of India offering the DPI, the Digital Personal Infrastructure, for almost all the Global South countries, literally, India seeks to help the Global South in coming up with their DPI. So that having been said, what’s the main threats and challenges that we are looking at? And I would start with the main thing, and that is sovereignty of data. And everything hovers, perhaps, around that. You may have all your infrastructure in place. You may have the storages. You may have the transit points. You may have the networks. You may have the processing infrastructure. But at the end of it, it’s the data which really counts. it’s that’s the thing that makes the May go. So if money makes the May go, it’s data that makes the May go here. The data sovereignty to my mind is something that we really need to keep in mind and India is very cognizant of that. We are, of course, would like to have all our data onshore in India, which perhaps is not totally possible at this minute because we don’t have the entire capacity to be able to store that kind of data. So obviously much of it is offshore. And when it’s offshore, and if we don’t have the capacity to keep the data, we don’t have the skills as Aala had brought out as yet, we would be looking at the legal implications of keeping your data offshore. And that’s something that the DPDP Act that we’ve come out with in 2023 really looks into. And I’ll come to that sometime later in our conversation. The second most important thing is integrity. So we have to look at integrity of data in storage and integrity in transit. Both of these are very important to us because wherever the interfaces happen, wherever there is a joining of networks, wherever there is a joining up with the storages, that is the point where we find vulnerabilities occur. So as your digital penetration increases in India, the contact surfaces increase and the attack surfaces increase. And I think the final point that I’d like to make quickly is that when it comes to emerging tech, AI in cybersecurity begins to get more and more important for us. So the ethical use of AI and also the responsible use of AI is so important. We would look at accountability, wherever AI is used, whether it is for cyber or for protecting infrastructure physically or digitally. we would have to look at interpretability as well, because you should be very clear as to what exactly is coming out of that and how it is protecting your infrastructure. I think also what we’ll have to keep in mind is supply chains, and we’ll talk about that later, but supply chains could be compromised, and that is one huge threat that we need to keep in mind. Today, at the end of it, with all the infrastructure that has come up, DPI that has come up in India, we have now become the 10th most vulnerable country in the world to digital assets. And I see that coming up further and further. And you can make out also by the increase in the number of cyber attacks. Maybe I could give out those figures, but that’s pretty obvious, that the number of attacks are going up geometrically every year. So I pause here and come up with some more thoughts

Genie Gan: later on. Thank you. Thank you. When you say rank number 10, I think what came to my mind was that this is really the kind of ranking we don’t want on top, right? But thank you all for your thoughts. I think it’s time for us to turn to the moderated discussions. We do have a set of policy questions that we will like discussed today and to explore with our speakers. So please, however, feel free to jump in if you’ve got thoughts to add on to whatever that other speakers are saying. But of course, please help me to keep your interventions concise and short, yeah, not more than two minutes maybe. So first, maybe I’ll get Ronke to take a first question. Do we need universal standards of resilience or is it… the case that every country’s digital infrastructure has unique needs that require a customized approach, right? So how should we balance these two perspectives of having something universal versus something that’s highly customized? What are your thoughts?

Aderonke Sola Ogunsola: Yeah. Okay. So for me, universal standards is not negotiable. I think it’s something that’s meant to be open and something that needs to be adopted. Like I did say earlier, you can start from the regional level. But like what we have done in Nigeria, I will use my national perspective, and maybe because we also boast of the largest economy in Africa, our numbers speak, our economies speak, especially our interventions when it comes to development of digital infrastructure in Africa. So back to universal standards. Yes, we do need one. What we have also done in Nigeria is to come up with a critical national information infrastructure order. It outlines strategies, methods, or would I say activities or actions by several stakeholders on how to tackle. When General Powell was speaking, he did talk about the physical protection of infrastructure. We have our own vulnerabilities back home, issues regarding vandalization of structures and all of that. So when you look at it from that perspective, you drill down, you need to look at how you protect that. And from the national to the regional, how do we come up with KPIs, standards? What works for Nigeria may not work for Ghana because of our peculiarities, but you cannot undermine that. The reason why all of us are here in this room is because the infrastructure, digital infrastructure matters to us and we’ve identified the need to see how we can continuously sustain it. So that’s the conversation around the room, whether it’s services or whether it’s whatever that runs on the infrastructure. So you move from regional and we look at the universal perspective. The IT is already working on the submarine cable resiliency, just to guide against what happened. Singapore has probably come up with their own solutions and the DCO also is sharing experiences. So in summary for me, it’s home growth to regional and universal. And at the universal level, I would like to liken it to the SDG. It can be adopted amongst all nations and the children will definitely go back home. So when you say, you talked about does it require a different approach? Implementation may require different approach, but the standards can be global. And this conversation I could detail and probably develop a white paper, but about adopting, having more stakeholders, especially policy level to look at it critically and see how we can run with it. Thank you. I like that response. Thank you for putting it across so elegantly because really standards can be universal and they need to be. It’s like what we have at the UN with the SDGs. Indeed, I think that’s a… pretty apt parallel that you’ve drawn. But of course, drawing experiences at the regional level and also having implementation localized. I think that’s excellent. I think that has helped us to set the stage. I’m not sure if other speakers have anything to add. Dr. Pawan. I totally agree with what Adharanka said. I mean, she really built it up from bottom to top and took the whole width of the subject. But I just want to add here that when we talk about universal standards, standards would be something that we should all be, should be all able to take on because if we don’t do that, we would be not able to connect globally. So those universal standards, I think, are so important. At the same time, when it comes to bringing in regulation, I think we need to be a little careful. So while we set standards, we will have to be careful about compliances and we need to differentiate between the two because the moment you bring in compliances and those compliances become too stringent, then there is a fear of stifling innovation. So we need to find that balance between compliance and innovation and we need to differentiate between standards and compliances.

Genie Gan: Okay. Thank you. Thank you for those remarks. I am going to move. I’m going to ask maybe Alaa a next question. What do you think are the biggest challenges in adopting universal resilience standards that we have been talking about for the most part, especially in developing regions? How can we make sure these standards are accessible and scalable in different parts of the world? And if you could maybe draw some experiences from working in DCO. Thank you. I think we have a lot of challenges in that, several key challenges. from economic and technological disparities between countries, different countries. So, let’s look at it, and even it has been mentioned by my colleagues here. Different countries have different level of readiness. Some of them, even at a stage that they lack infrastructure by itself, not only having it resilience enough. And this goes to having lack of financial support and technological support. Another aspect is also, we talked about it when I mentioned in my key or first opening, which was capacity building. Again, for a country to start adopting standards, are they ready for those standards? Do they have the right human capital to understand the standards, to apply them, to make sure that they are customized in the right way?

Alaa Abdulaal: Definitely, it’s very useful to have a framework and standards for everyone to adopt. But again, there will never be a one-size-fits-all. There will be a need of cascading to the needs of the country, to their status. But it’s very good to have that solid foundation that unifies everyone. And this is why having those right human resources and experts is very crucial on a national level, which will really make sure that it’s being adopted in the right way and implemented in the right way. Another aspect, one of the challenges is As I said, is those standards flexible enough to fit the current status of that country? What is the flexibility of those standards? And maybe another aspect that one of the challenges is currently every country is tackling this challenge by their own, even from only a government perspective, not looking at, okay, what can the private sector provide? What can the academia provide? Again, academia can provide a lot of research and understanding of those standards in coming up with the right ways. Are we putting all those people on the same table? Are they having the conversations? Is it a government approach or is it a multilateral approach, a multi-stakeholder approach? I think all of those challenges is being in the way of us, first of all, having the right standards in place to adopting them and then even measuring their impact and the way that they are executing. Thank you. You have covered several very good points. Again, I think we are seeing this recurring issue or question to do with the human capital and their ability to appreciate the issue, apply the standards, and of course, to rightly implement them in a way that makes sense in their home countries. And even, let me add, because there is a very important point from until we all reach that universal standard, okay, things are accelerating very quickly. Are those standards agile enough? In fact, too fast. Exactly. We are talking about AI. We are even now talking about computers. quantum computing. Again, this is adding another layer of complexity from a security perspective, from an infrastructure perspective. Again, until we reach that agreement on those are the universal standards, we will be in another point of era that we need to make sure that this is another layer of challenge that we really need to start thinking of to move fast. Can we build something that is agile enough to take that very fast advancements that we are moving in?

Genie Gan: It’s great that you point this out because Dr. Pawan and I were just having a chat yesterday after hearing some sessions in the opening segment of IGF and we’re just saying that, you know, shortly after this whole global digital transformation movement and then we have got AI and now already we’re into quantum computing. It’s like we’re trying to play catch up all the time. And I think that is definitely a theme that we need to come back to about how we can seek to remain agile and fast enough to respond, to have standards or laws or policies that actually respond to real issues, real questions that are evolving faster than we would like. I totally agree. It’s all the time a game of catch and most of us

Pawan Anand: would agree on some points and we would have disagreements in some areas and I think the solution lies in quickly reaching the places where we have consensus and issue them as some sort of a guideline or at times even as a regulation where we all agree and then we can keep resolving what we don’t agree upon. So I think when we come together to put to talk about these issues, we need to be very clear. Where is it that we’ve quickly found a consensus and let’s start implementing that as quickly as possible. And the rest, we will work on. At the same time, when we’re working on those, the difficult areas, where consensus is a little more difficult, we need to bring in the new technologies also that start influencing. So perhaps that is the only way that we can remain in the picture.

Alaa Abdulaal: Otherwise, compliances or consensus will always be so far behind. And they really like the word we. You have meant we, we have to work together, we have to agree, because yes, it’s not one person or one nation or one country. I think it is the core of it is that we are working together on it.

Genie Gan: And I also like how he says, we just need to get started. Let’s just stop talking about this and let’s just do it. All right, so I just wanna stay with Dr. Pawan and I would like to ask the next question. How can governments be equipped in digital resonance? What policies, regulations and codes of conduct, as you may like to put it, need to be adopted to ensure a secure infrastructure across healthcare, governments, finance, CIIs and data centers? So that’s really a tough one because when you formulate policy, you have to take so much into consideration.

Pawan Anand: And just to tell you how tough it’s been in India, but it’s been a very short-footed move, we came up with the DPDP Act. And we started talking about the Digital Personal Data Protection Act in 2016. We finally came out with drafts in 2022. It was given out to the public, there was blowback, there was a lot of feedback. They went out with the second bill, that was about six months later, there was a bigger blowback. And finally, you know, the DPDP Act came into existence in the mid of 2023. It may have been late, but it was there and it’s for sure. It is yet to be fully operationalized because there are certain rules which are being worked out and there are about a set of 20 to 22 rules which are going to come into place. So it just gives you a sense as to how you go about making policies with keeping in mind various stakeholders throughout the country and abroad. But I think what really gave us a big boost across the globe was that COVID-19 gave us all a real wake-up call because we all went digital and suddenly all of us realized that we need to have certain policies in place where we are able to converse digitally and of course transfer data digitally. We’ve seen how it’s impacted public services. We’ve also seen to the extent how it’s started impacting elections as well. So during COVID, there were certain elections in Europe which had to be postponed. Even the US and India elections which were held later on were impacted somewhat by this kind of digital interventions which were happening and the influence that it played. I think how you can strengthen the policy structure for this is you have a digital-first approach for public services. So this needs to be built up with almost all within the country and outside the country. We also need a remote-enabled kind of a structure in our policies so that everybody is able to work somewhat remotely and that it is controlled. Of course, everybody needs to give a higher priority to digital infrastructure. So with these three in, connectivity between various digital infrastructures would bring us into a complete picture. So policy has to hover around all of these. Not to forget what we spoke earlier, physical protection of our digital infrastructure. So we have to look at the housing of the infrastructure, underground, a distributed infrastructure, how to protect it physically, how to, it’s not disrupted, how to ensure it’s not interdicted physically. And then of course, during transit. And finally, I think we need to look at third party risks and how these will be managed as technology innovations take place. So all in all policies will have to be whole of government. Now, when it comes, let me just take two examples and to bring out the difference. You know, the United States has in healthcare, has those guidelines for HIPAA. And these are very stringent guidelines which have been brought in for various healthcare, for protection of healthcare and digital information. On the other hand, they also have the SSA 18, where they have certain reports, SOC 1, SOC 2, SOC 3 reports, where these are standards by which you would expect certain reporting to happen in financial transactions. Now, in India, we are very clear that we follow the SSA guidelines. And so our reporting in SOC 1, SOC 2 and SOC 3 is fully in place. So we expect all financial transactions to be fully transparent, to be fully controlled. On the other hand, when it comes to healthcare, and the US has the HIPAA, India has come out with its own standards. And that is, we call it Disha. a basically digital infrastructure in health care. But it leaves a lot of space open for data to be utilized. So you can’t have a universal standard, as per us, in that. But we would say that we’ve left a lot of space open for data to be utilized for research. So we don’t mind our data being used for research, but private data has to be kept in place. So it’s a little more nuanced, if you ask me. And that is the kind of nuance that we need to have so that we are able to utilize digital infrastructure and data to its fullest for innovation.

Genie Gan: Yeah, back to you, Jamie. Thank you. Thank you for that. And I think just one point of clarification, when you talked about third party risks, you are basically talking about different people in the ICT supply chain, right? OK, cool. Now, I think questions are coming. Yeah, please. No, I’m just going to say that questions are starting to come in. But I think let’s go with the flow. I quite like the flow. Please, Edoronke.

Aderonke Sola Ogunsola: I just wanted to add one or two points to what Jennifer said when it comes to how governments need to be equipped with developing policies regarding digital resiliency. So for me, I look at it as sometimes people may see resiliency as being subjective based on levels of development and technology or infrastructure availability. In some cases, issues of topography, weather, may also serve as a point of focus for us to consider. because we did talk about the physical protection on the ground, how do we store this infrastructure. Some places it’s nearly impossible, it’s a Hukulink tax for the infrastructure to be protected in case of being resilient. Then also for the Nigerian perspective, because I’m a regulator, we’ve come up with various policies. We have a Nigerian national broadband plan that helps us to fashion out stages, phases on how to ensure integrity, resiliency, recovery plan, standards for infrastructure across the country. Then like I did say, the critical national infrastructure information order did engage or gives plan for various stakeholders. I recall you did say it’s a private sector aware, the academia, all those are also included. It’s a model maybe for national level, regional or even other countries that may want to look at it. If we say we are looking at or developing standards, we are that proactive. I also want to say perhaps that’s part of what gave us that resilience, so to speak, from the submarine cable breakdown or cut. For regulations as well, we keep doing catch-up, it’s a cliche, but is it something that we want to look at? Can we get to a level where we start considering standards or policies or regulation that can be self-regulated? Maybe we come up with soft laws as regulators, thinking outside the box to speak to these global standards, or universal standards we are looking at, rather than putting laws or regulations like General Powell did say that stifle innovation.

Alaa Abdulaal: I think there is one important point also that I want to build upon because it has been mentioned again, we cannot protect ourselves and be 100% resilience, but we as a country and even internationally, we always have to have like the right response plan for those such emergency. Yes, every country they have their recovery plans, incident response plan, but even I believe from an international level, or even sometimes on a regional level, we really need to have that set up in the right way for to have that immediate exchange of experience, immediate exchange of what did this country do to come back or recover from a specific incident. I think this is a very important point that we should consider specifically if we are talking about government being digitally resilient. And when you talk about the exchange, let me just clarify what you mean is that cross jurisdictional learning. Exactly. And that communication that takes place, I presume

Genie Gan: effectively through platforms such as DCO. So that’s great. Thanks a lot. And now there is actually, I know I’m sort of messing up with the order a little bit, but it’s really just to maintain that flow, because we have a comment from a member of the audience. I’m going to read it. And then I have a small question, which I may want to pose it to Ella. So the comment comes from Vahan. from RIPENCC. And he says, coming from different sessions at IGF, there is a feeling that we still don’t have a universal understanding of what is this DPI. I think Dr. Paola mentioned DPI. Neither the universal approach to what is a core, technical core or public core of the Internet. To develop standards, we should use the same language and have a universal agreed definition of these terms. So let us start from Internet and define what is important for us, what is a core and how we can protect it and ensure the resilience of it. So I think what he is really talking about is to have a common language that we speak when it comes to this topic. So my question is really, how can we begin to shape this common language? Any insights? Maybe Alla can start.

Alaa Abdulaal: Yes, definitely. And I totally agree with his comment. And before I answer this question, let me give you our challenge at DCO when we started. Our organization is focused on digital economy. And when we first started, okay, what is the definition of digital economy? Is there a universal understanding of what does it mean? What does it encompass? So I totally agree with him. The first point is to define and put in a framework the understanding of what we are trying to solve. This is the first, let’s say, ABC in any even research. When you start conducting a research, you really identify what is the question that you want to answer? What is the scope? What is in the scope? What is outside that scope? So, and for us to reach that, we need to sit together, as it’s a we problem that we need to solve. Because again, I can come up with my own definition, that you can come up with your own definition and understanding, but then what is the whole purpose? What is the mischief? Exactly. Yeah. So, we really need to bring all the stakeholders from government, private sector, academia on different region, on different countries. And I believe this is the role of, for example, our organization and other organization where we can bring all of the stakeholders in one table to start defining the definitions of what do we want to solve and then putting an action plan to actually come up with different solutions. Yeah. Yeah. Just wanted to add to this.

Pawan Anand: I think it’s a fair point, which has come from the person who made the comment. But when it comes to digital infrastructure, I think a reasonable amount of definition is in place, especially the technical definitions are, I think, across the globe, quite reasonably understood by all. Probably where the difference comes in is when you talk about policy. And there, the cultural difference begins to play. So there may be a few issues where the lexicon needs to be clarified in some cases when it comes to policy. But on the tech side, I think we are okay. In any case, at the moment, when it comes to AI and when it comes to responsible AI, we are still working out a lexicon. And when AI comes into digital infrastructure and cyber resilience, I think it will get more complicated. So there is definitely a need for some of that lexicon to be firmly put into place.

Genie Gan: I hope it’s not an interrogation. No, it’s not. Definitely not. I’m a lawyer, but I will not interrogate you, not today. What novel threats actually should public and private organizations, because obviously Dr. Pawan, you have experience from both ends, so what novel threats should public and private organizations be looking out for, and what strategies or technologies should be implemented to protect against these emerging threats?

Pawan Anand: So you asked novel threats, so everybody knows about how ransomware is in place, and millions have been paid out in various countries, so fine. So the threats are ransomware, there is a huge threat of DDoS attacks, so ransomware, DDoS attacks, APTs, APTs residing in all our computers, ready to give information all the time back to whoever’s placed them in our computers and in our servers. So I mean, these are the standard threats that we all know about, but what’s novel about some of them? We’re looking at cryptojacking, which seems to be now the more current threat which has come up, as more and more people get involved with cryptocurrencies, you’ll get more and more of these problems coming up. And God forbid when we have quantum coming in, then your blockchains are going to get compromised very easily, and crypto is going to face huge threats. So by that time, hopefully crypto would have also evolved, and blockchains would have evolved to take on the quantum threat. So there’s the speed of compute that quantum will bring in, will actually be a huge game changer, and it’s not coming now, but it’s coming in another… maybe 5-10 years. If the US and China are at about 1200 cubits, India is just struggling with 14 cubits at the moment. But India is really working on it and I think we’ll be there very quickly, especially as soon as we get our cryogenics in place. Another one would be border gateway protocols. I think everywhere, every country has their own kind of protection for border gateways. But these protocols need to be in place internationally, otherwise they’re bound to get compromised. And if that happens, then you’ll have a lot of data and a lot of information which either gets disrupted or gets diverted or is routed through somewhere else and then comes, so therefore fully compromised. Another threat I think is this watering hole attacks, which is very simple to understand. I mean, you just create, there are those places where everybody visits and those are the areas that need to be protected. So somewhere or the other we need to make sure that the usual watering holes are well protected and we have our policies in place for that. I mean, there could be, there will be as many novel threats as there are brilliant minds in the net and on the dark net. So I really won’t be able to give you something comprehensive on that, but this gives you a sense as to where we are heading.

Genie Gan: Thank you for those insights. I think they’re very interesting. Yes, please, Frankie.

Aderonke Sola Ogunsola: General has spoken from the technical side. Very technical. I like it. So I look at human error threats. Human capacity or human resources is usually key, whether organisation, government, nation. So another threat based on the speed and advancements of technology will be human itself. And like Alla said, if you do not have adequate skills, you are vulnerable, no matter what technical structure we put in, you still have the human interface. So I believe at public level, private levels and even organizational levels, your human capacity needs to be updated and sensitization of cyber security or cyber protection needs to be consistent is not something you should leave open. Because once your human resource or capacity is vulnerable, you’re as good as exposed. Then for the policy level, another threat I may see may be inflexibility in regulation and policies. So as governments moving forward, it is expedient for us to rejig or rethink or reopen our minds to regulations. We know, like General Pond did also say, that we should be careful so regulation would not stifle innovation. The advancement is unprecedented, the speed, but we should also come up as be responsive as policymakers to think outside the box. What kind of policies do we put in place? Yes, put up different structures, but how do we make sure it’s not obsolete on arrival? Yeah, obsolete on arrival. Of course, yes, please. I don’t, she’s absolutely right, the policy, policy in itself, if you don’t formulate policy, it’s a threat.

Pawan Anand: So, you know, in some ways, the focus is very narrow at times, because we tend to focus on protection. We tend to focus on disaster recovery, but there is very little focus because it requires money, it requires investment, it requires time and it requires skill at the initial stages to bring it in. So I think Kaspersky is in this business and I would really recommend that most of us, even though it would require time and effort to invest in the initial protection, it’s really important. That has to be prioritized by governments, by companies, by the KMPs, the key management personnel, it has to be prioritized by the financial guys.

Genie Gan: Thank you, thank you for that. I want to maybe ask Ronke, from the perspective of a regulator, what metrics do you think should be used to evaluate the effectiveness of resilience standards and how can organizations continuously improve their practices? So I can hear myself now.

Aderonke Sola Ogunsola: So what metrics? I think it should be homegrown or industry grown for metrics because we’ve had conversations talking about uniqueness of different experience. For me, our metrics would be measuring the quality and experience and residency recovery plan or disaster management ability or plans. for different providers and government itself. So, how do you develop these metrics? It needs to be analytical and scientific, so to speak, because it has to be measurable and it’s something that needs to be adaptive. The technical people will definitely play a huge role in developing these metrics, but as a policy regulator, you should also be open to providing guidelines, so to speak, or coming up with frameworks that can be easily adopted and adaptable. Metrics should not be cast in stone. It should be something that you can review from time to time based on maybe advancement or change in technology or infrastructure expandment or when you expand or update or create your infrastructure. So, these metrics, it’s something for me that should be measurable, but it needs to be something that’s acceptable, developed by stakeholders, so to speak, and we cannot undermine the role of the multi-stakeholder engagement in promoting common good. Thank you for that.

Genie Gan: So, Alaa, how can we then ensure that, and that’s really because I’m tapping on your experience dealing with multi-stakeholder engagements and all that, how can we ensure that all stakeholders, whether they’re governments or they’re private sector or civil society and so on, are actively engaged in the development of digital resilience standards? What role does each play? Because it’s hard to handle. Everyone has got a different set of expectations or interests, and sometimes… they don’t agree. Oftentimes they disagree. So, tough job.

Alaa Abdulaal: So, look, I think we have touched upon this during all our questions and our discussions. Yes, every group has its own role, but again, I think it’s a shared responsibility between all groups. But majorly governments are responsible for shaping and setting the regulations and policies and making sure and frameworks that are needed to be digital resilience. And this responsibility of creating the rules and regulations, it shouldn’t be only that government should do, but they should involve the private sector in the process, the civil society also in the process to make sure that whatever they are coming up with from a regulation and policy, it is impactful and also can be executed easily. The private sector, when we look at the private sector, I think we know the private sector is the hub of innovation. They come up with the technologies, they are aware of all the new technologies and advancements that are happening. They are shifting the gears on the AI, on the computing power, quantum computing. So, it’s very important for them always to have that also conversation with the government. It’s very important for them to keep updating from a cybersecurity perspective and also support in the capacity building, the capacity building of human resources from a government perspective also, to have that support to the government. Again, also private sector can help a lot from a partnership in providing the right funds with the cooperation of the government. Again, as I said, I believe it’s, yes, every group have its role, but it’s a shared responsibility. And then we come to civil society and international organizations, the role of academia, the think tanks, where the research, the hub of the research, the hub of how to think of the new innovations, how we can come up with the right set of standards with all supported, but with the right data. This all comes from the civil society. Last but not least, international organizations, let’s say that we are the connector. We are the one who can put everyone together, try to find the common voice, try to unify the effort, try to find the synergies, because again, we need to look at where are the synergies in every group, in the government group, even the private sector group and the civil society group, from a research aspect, from a funding aspect, from a policy and regulation aspect. So for this all to happen, it needs really an effective engagement between those different stakeholders. It needs cooperation and collaboration. It means that we need a continuous dialogue, an open dialogue. We have mentioned this before, we are facing a new or a very quick era of things that are very developing and accelerating very quickly. So if we do not put our hands together, we will not be able to survive those changes. Be agile enough and be prepared. We are looking at different building blocks, infrastructure as physical infrastructure. The doctor mentioned the data aspect of it. We mentioned the human resource aspect. We mentioned services. It’s a huge, big ecosystem connected to each other. We cannot look at one building block by itself or one group by itself. Rather, we have to look at it as a whole and really adopt that effective communication with those different groups.

Genie Gan: Thank you for that. So everything from the definition of the problem to coming up with the resources, whether it’s thought leadership, research, or financial support, all the way to deriving at implementable solutions, we need that input from different segments of our ecosystem. Right. I got that. If speakers have nothing else to add, I would like to move on to a next question. Doctor, yes, please. No, please jump in. Thank you. I’m sorry for always cutting in. No, don’t be.

Aderonke Sola Ogunsola: I like what Alao said about effective engagements, because that’s what has been on my head for a while. How do we move it from talks? We keep having all this conversation, IGF level, UN level, like you did say, GSMA, IETF, just name it. But how do we move it? And we also need to start focusing on conversation and make sure that we engage the right person. We did say earlier that we just need to move. But how do we move and move effectively? I totally agree with you. you. And I think this also goes to back when we when we talked about, let’s have a definition of the problem. Yes, then let’s

Alaa Abdulaal: put an action plan on what do we need to solve, then let’s all sit on that table and try to solve it. Conversation for this, the sake of conversation and dialogue will not take us anywhere. It needs really to be structured with a specific goal with a specific outcome that we want to reach. And then after that, also with a specific measurement, that our conversation and outcome and that we wanted, is it the correct one? Are we progressing in the right way? Again, with all this acceleration, and the thing and how things are really changing quickly, we really need to always to revise ourselves and and see how effective the current solution that we are doing are really impacting the progress that that we are aiming to.

Genie Gan: Okay. I think also today’s workshop and this dialogue that we’re having, I was hoping to produce a white paper that sort of captures our key highlights from today’s discussion, learnings. Well, I definitely learned a lot. And I think we’re learning from one another. And with this white paper, I’m hoping that we could gain some traction as well from the international audience that we have. And from there, work towards that common goal to find solutions that we can develop in order to galvanize everyone. And then from there, with these universal standards, be able to find ways that individual countries can customize for their own needs. I think this is a good start. I am mindful of time. I have only about 12 minutes left. I would like to ask a couple more questions before we do a summary of our discussions today. If I may, let me turn to Dr. Pawan with this question. How can resilience standards be designed not just for immediate response, but also to support long-term recovery after a disruption? What mechanisms should be in place in order to ensure organizations can bounce back effectively? I think the most important point here is to have a risk-based approach.

Pawan Anand: Therefore, going by the discussion that just took place between Alaa and Aderonke, I would say clearly that we need to have a framework which can be put in place, which talks about a risk-based approach in various sectors where we have our digital infrastructure and the resilience that we need to bring it to it. Going technically, of course, we would have to have a backup strategy. So wherever problems happen, we are able to recover from whatever losses have taken place. We have to have a constant update. Much of the time, we find that our softwares are outdated, our systems are outdated, and that’s why there is loss of data. There is outage time, so to say. We need to work around that to see that we are up to date when it comes to all our technologies. You can’t underestimate the skilling aspect. So, quite obviously, we have to bring people up to speed when it comes to the latest skills of this. So, the main things I would say is following a risk-based approach, create a framework, make sure that you have your backups, make sure you have a rehearsed strategy to bounce back. And that rehearsal part of it needs to be done very carefully because most of the time, again, organizations tend to feel that it’s going to take time away from the real work. And, you know, therefore, they just give it a bit of a lip service. And, of course, the human aspect is the final aspect. So, if people have to be trained, cyber hygiene has to be understood by everyone, they have to make sure that there is controlled access, that everybody understands the risks that the whole organization runs, how they personally run risks. I think we would be able to be in a situation where we don’t suffer from these threats.

Alaa Abdulaal: If you allow me to add, thank you. You have mentioned a very important point when we talk about recovery plans. I think it’s very important to think of the single point of failures that every country and system have, and not only looking at it from a backup perspective, but also having diversity of technologies and systems, not relying on a specific vendor, not relying on one company by itself. You need to really think of having that diversity of system and even looking at open sources because this will really make you build a very solid backup plan as well. as mentioned, because it’s very critical. We need to think out of the box regarding the regular recovery plans that we have, just having a backup, a disaster recovery from an infrastructure perspective, to really thinking of diversifying the systems, the technologies that we are using and even looking at open source.

Pawan Anand: Yeah, I think the best example I can give of something like this, what we just spoke of, is what happened in Denmark 2023, right? So over a period of about three months, there were repeated cyber attacks on their national IOT, critical information infrastructure, to the extent that even some of the dams or the dikes that they were working on, sorry, the dams that they were working on came under threat and they went immediately into island mode. And it took them a long time to get back onto the net. But they had their systems in place and literally people pulled out their cars and drove down and started operating systems physically. So quite obviously, they had worked it out well. But these are recovery plans which need to be very firmly put in place so that you don’t suffer outages. Okay. Okay, we’ve got people from the audience pinging us to say we want to ask questions. So quick ones. 10 seconds. Also, ensure that your infrastructure, you have redundancy and excess capacity, in addition to open source and not a single point of source. So it won’t hit you so hard if all these are put in place. And you also ensure that your infrastructure has enough capacity for redundancy. So if one goes down, you have that space like backup for your resilient buffer. Yeah, yeah. Cool. Thank you. Thank you, speakers. I’m gonna

Genie Gan: take a pause and take questions from the floor. I think some people pinged us. in the Zoom chat to say that. I think this gentleman, can we pass him a mic? No mic or you can, we can pass you a mic. Yeah, please. Thank you. Switch it on. Can you hear me now? Yes, perfect. Thank you very much and congratulations for the great talk.

Audience: My name is Dino Delaccio, I’m the Chief Information Officer at the UN Pension Fund, and I’m here in the IGF, I’m involved in the Best Practice Forum on Cybersecurity, and also leading the Blockchain Dynamic Coalition on Assurance and Standardization. Pleasure to meet you, sir. Likewise. So, I actually wanted to share a comment, because in my specific role in blockchain, what I’m facing is the lack of standards. And I want to be a little bit provocative in your case. I think that in the area of infrastructure resiliency, we do have universal standards. The ISO standards, for years, the whole series, ISO 27001, the 22301, I’m also an ISO auditor, are very well established, and ISO is represented by the National Standards Institute of each country in its technical committee that also is open to various stakeholders. So, is there here a risk to duplicate something, and instead to focus on something that already exists, should we instead focus on threat models? Because the way to translate standards into those specificities that we alluded to before in each country is actually to look at which risk each country is exposed to, because not all countries are exposed to the same risk. And maybe focus on threat modeling and risk assessment rather than reinventing a new standard.

Genie Gan: Thank you. I think it’s an excellent question. Any takers? I totally agree with you.

Pawan Anand: Everything you said made sense. So blockchain certainly would require standards. And I think we need to get down to defining those. But you talked about threat modeling and risk. That’s exactly what I meant by a risk-based framework as well. So each one of these will have to, whether you talk about infrastructure resilience, whether you talk about cybersecurity, you talk about AI, in each of these and across these domains, we’ll have to create frameworks. And that will have to be risk-based. The threat models you talk of will come from scenarios. And you need to keep building scenarios from where the threats emerge. And based on those scenarios that you game out, you’ll be able to actually see what kind of frameworks will have to be built around them. So I totally agree with you on that. And the way to go about it is what I just said. Anything else to add, ladies?

Genie Gan: All good? All right. Thank you. Thank you, sir, for that question. And remark, actually. Those are very good comments as well. Anyone else has got questions? I’m just… Yes, please, sir. You need the mic? Maybe just share the mic. Thank you. Am I being heard? Perfect. Okay. Sure.

Pawan Anand: Just to follow on what was just raised there, and what Dr. Pawan said about a risk-based approach to establishing standards, and we’re talking about universal standards here. The ISO standards came from somewhere. They were developed through some institutional framework. And the question would be, in taking the risk-based framework, are we identifying the institutions or the… the partners maybe that have to come together to develop the relevant universal standards for resiliency, that the various scenarios that we’re identifying need basically, right? I came in a bit late, so I don’t know if one of you are talking about institutions or anything like that before, but maybe in answering some of this, we could try to identify the ways forward. Who are the people who would like to take action on these things?

Aderonke Sola Ogunsola: Thanks. All right, so thank you for your comments. So I’ll start with the last speaker. I recall one of the goals for this conversation is to come up with a white paper. We’ve identified, I believe that’s why we’re all here. We’ve identified that perhaps we do need a universal standard. How do we go about this? I recall that Adela also did say that once we identified that we now move forward to practicality and that’s the next phase. We look at who are all the stakeholders involved. It’s not going to be lopsided conversation, but this is getting the conversation going. Yes, we do recognize the ISO standards and I like that you did say it comes, so the standards are developed by institutions. So what are the roles of these various institutions? I recall also did say earlier on that we have different pockets, regional pockets, national pockets, industry pockets, having conversation, having standards to address or even their own actions to address different issues regarding infrastructure resiliency. The fundamental point for me conclusively is Do we need to develop standards or a framework or measurable actions that would ensure universal resiliency of this infrastructure? Yes. Have we seen trends move from just developing cyber security frameworks to cyber resiliency? Because these threats will continue to come, networks will break, human capacity may fail or human error would occur. But how do we ensure that universally what happened with CrowdStrike, what happened with the submarine cable for the African region does not repeat itself? Jeannie, thank you.

Genie Gan: Thank you. Thank you for those remarks. I will, I have one minute left before some people have to run off. I will summarize our conversations in one minute and then we’ll call it a day, okay? So basically I think what we managed to discuss and agree on is that we do need universal standards which will form, which basically are a common language that we need to develop. And of course, how do we do that? How do we do that will be that we start by asking ourselves what exactly is the mischief or the problem that we’re trying to solve, the why, right? And then with these universal standards as a galvanizing, well, a galvanizer for everyone, we also will have to tap on shared experiences. And that is where the multilateral network, regional and international cooperation from within the community, cross-jurisdictional learnings will come in to play. I think we could also benefit from some use cases, learn from past experience, and then also coming down to the local level to make sure that we have localized implementation and solutions which will work for the individual countries in a customized manner. And that’s simply because nothing is one-size-fits-all. We also discussed some challenges that we could possibly be faced with and already are facing, which basically will be the very fast-evolving threats that are facing the world today, from a technical perspective or from a human element perspective, because humans can be the weak link, which is why we also touched on capacity building. And of course, lastly, the policy element, which basically the usual problem is that, like what Rongke had said, it usually becomes obsolete upon arrival. So we have to try to avoid that and make sure that the policies, the frameworks that we put in place are agile enough to respond or be an effective tool that can help us to respond better to evolving threats, which are fast and furious. And of course, lastly, I think a takeaway, again, I’m saying this again, Dr. Pawan had said that we really just need to get started. We just need to get started. So what we’ll do in terms of next steps is that we will compile today’s discussions into a white paper. And hopefully this will serve as a guiding reference for countries, for regions seeking to enhance their digital infrastructure resilience. And of course, thank you, everyone, for being a part of this panel discussion and important conversation. And we really look forward to continuing our work together to shape a more resilient digital future. Thank you. Well, my ears are hurting. Be there. Thank you. Have a good day. Thank you. Good bye. Bye. Bye. Bye. Bye. Bye. Bye. Bye. Bye. Bye.

Agreement Points

Need for universal standards with flexible implementation

Aderonke Sola Ogunsola

Pawan Anand

Alaa Abdulaal

Universal standards are necessary but implementation may require customization

Standards should be universal but regulations need to be flexible

Universal framework needed but must be adaptable to each country’s status

All speakers agree on the need for universal standards for digital infrastructure resilience, but emphasize the importance of flexible implementation to accommodate different national contexts and needs.

Challenges in keeping standards current with rapid technological changes

Pawan Anand

Alaa Abdulaal

Rapid technological changes make it difficult to keep standards current

Economic and technological disparities between countries pose challenges

Both speakers highlight the difficulty of maintaining up-to-date standards in the face of rapid technological advancements and disparities between countries.

Similar Viewpoints

Both speakers emphasize the importance of human capacity building and skills development in ensuring digital infrastructure resilience.

Aderonke Sola Ogunsola

Alaa Abdulaal

Human error and lack of skills are major threats to resilience

Private sector plays key role in innovation and capacity building

Unexpected Consensus

Multi-stakeholder collaboration

Aderonke Sola Ogunsola

Alaa Abdulaal

Pawan Anand

International organizations can facilitate cooperation between stakeholders

Private sector plays key role in innovation and capacity building

Despite coming from different sectors (government, international organization, and academia), all speakers unexpectedly agreed on the importance of multi-stakeholder collaboration in developing and implementing digital infrastructure resilience standards.

Overall Assessment

Summary

The main areas of agreement include the need for universal standards with flexible implementation, recognition of challenges posed by rapid technological changes, importance of human capacity building, and the necessity of multi-stakeholder collaboration.

Consensus level

There is a high level of consensus among the speakers on the fundamental aspects of digital infrastructure resilience. This consensus suggests a strong foundation for developing universal standards, but also highlights shared challenges that need to be addressed collectively.

Different Viewpoints

Approach to universal standards

Aderonke Sola Ogunsola

Pawan Anand

Universal standards are necessary but implementation may require customization

Standards should be universal but regulations need to be flexible

While both speakers agree on the need for universal standards, they differ in their emphasis. Aderonke focuses on customization in implementation, while Pawan stresses the need for flexible regulations to allow innovation.

Unexpected Differences

Existence of universal standards

Aderonke Sola Ogunsola

Alaa Abdulaal

Pawan Anand

Audience

Universal standards are necessary but implementation may require customization

Universal framework needed but must be adaptable to each country’s status

Standards should be universal but regulations need to be flexible

Existing ISO standards may already provide universal framework

While the main speakers discuss the need for developing universal standards, an audience member unexpectedly points out that ISO standards may already provide a universal framework, suggesting that efforts to create new standards might be redundant.

Overall Assessment

summary

The main areas of disagreement revolve around the approach to universal standards, the balance between standardization and flexibility, and the recognition of existing standards.

difference_level

The level of disagreement among the speakers is moderate. While there is a general consensus on the need for universal standards or frameworks, there are varying perspectives on implementation, customization, and the recognition of existing standards. These differences could impact the development and adoption of universal standards for digital infrastructure resilience, potentially leading to challenges in creating a globally accepted framework.

Partial Agreements

All speakers agree on the need for universal standards or frameworks, but they have different perspectives on how to implement them. Aderonke emphasizes customization, Alaa focuses on adaptability to each country’s status, and Pawan stresses the need for flexible regulations to allow innovation.

Aderonke Sola Ogunsola

Alaa Abdulaal

Pawan Anand

Universal standards are necessary but implementation may require customization

Universal framework needed but must be adaptable to each country’s status

Standards should be universal but regulations need to be flexible

Similar Viewpoints

Both speakers emphasize the importance of human capacity building and skills development in ensuring digital infrastructure resilience.

Aderonke Sola Ogunsola

Alaa Abdulaal

Human error and lack of skills are major threats to resilience

Private sector plays key role in innovation and capacity building

Key Takeaways

Universal standards for digital infrastructure resilience are needed, but implementation may require customization for different countries

Major challenges include human error, rapid technological changes, economic disparities between countries, and lack of common definitions

Multi-stakeholder collaboration involving governments, private sector, academia and international organizations is crucial

A risk-based approach focusing on physical protection, disaster recovery, and threat modeling is recommended

Existing ISO standards may already provide a universal framework that can be built upon

Resolutions and Action Items

Compile the discussion into a white paper to serve as a guiding reference for countries seeking to enhance digital infrastructure resilience

Start working on developing universal standards and frameworks rather than just continuing discussions

Unresolved Issues

How to develop standards that remain current given rapid technological changes

How to address economic and technological disparities between countries in implementing standards

How to establish common definitions and language around digital infrastructure resilience

Which specific institutions or partners should lead the development of universal standards

Suggested Compromises

Adopt universal standards but allow for flexible implementation based on each country’s unique needs and risks

Use existing ISO standards as a foundation but adapt them for digital infrastructure resilience

Balance regulation with allowing room for innovation in the private sector

Infrastructure was described in a provocative manner as something that remains invisible until it’s broken down.

speaker

Aderonke Sola Ogunsola

reason

This comment provides a thought-provoking perspective on infrastructure, highlighting its critical yet often overlooked nature until problems arise.

impact

It set the tone for discussing the importance of digital infrastructure resilience and why it needs attention before crises occur.

We need to broaden our focus to include not only the security of information and data, but also the physical and operational resilience of the digital infrastructure that house these information and data.

speaker

Genie Gan

reason

This comment expands the traditional view of cybersecurity to include physical infrastructure, introducing a more holistic approach.

impact

It broadened the scope of the discussion to include physical and operational aspects of digital infrastructure resilience, not just data security.

When it comes to emerging tech, AI in cybersecurity begins to get more and more important for us. So the ethical use of AI and also the responsible use of AI is so important.

speaker

Pawan Anand

reason

This comment introduces the critical intersection of AI and cybersecurity, highlighting ethical considerations.

impact

It shifted the conversation to include emerging technologies and their ethical implications in digital infrastructure resilience.

Universal standards is not negotiable. I think it’s something that’s meant to be open and something that needs to be adopted.

speaker

Aderonke Sola Ogunsola

reason

This strong stance on the necessity of universal standards challenges the idea that each country needs a completely unique approach.

impact

It sparked a discussion on balancing universal standards with local implementation needs.

Are those standards agile enough? In fact, too fast. Exactly. We are talking about AI. We are even now talking about computers. quantum computing.

speaker

Alaa Abdulaal

reason

This comment raises the crucial question of whether standards can keep pace with rapidly evolving technology.

impact

It introduced the need for agility and future-proofing in developing digital infrastructure resilience standards.

I think in the area of infrastructure resiliency, we do have universal standards. The ISO standards, for years, the whole series, ISO 27001, the 22301, I’m also an ISO auditor, are very well established… Should we instead focus on threat models?

speaker

Audience member (Dino Dell’Accio)

reason

This comment challenges the premise of needing new universal standards and suggests a focus on threat modeling instead.

impact

It prompted the panel to consider existing standards and shifted the discussion towards practical implementation and risk assessment approaches.

Overall Assessment

These key comments shaped the discussion by expanding its scope from traditional cybersecurity to a more comprehensive view of digital infrastructure resilience. They introduced considerations of physical infrastructure, emerging technologies like AI and quantum computing, and the need for agile, universally applicable standards. The discussion evolved from defining the problem to exploring practical implementation challenges, balancing universal standards with local needs, and considering existing frameworks. The audience input near the end prompted a reflection on whether new standards are needed or if the focus should be on applying existing ones through threat modeling and risk assessment.

How can we develop a common language and universal definitions for digital infrastructure and related concepts?

speaker

Vahan from RIPENCC (audience member)

explanation

A universal understanding of terms like DPI (Digital Public Infrastructure) and core/public core of the Internet is needed to develop effective standards and ensure all stakeholders are on the same page.

How can we move from conversations to effective action in developing and implementing digital infrastructure resilience standards?

speaker

Aderonke Sola Ogunsola

explanation

There is a need to translate discussions into concrete steps and engage the right stakeholders to make progress on digital infrastructure resilience.

How can we design resilience standards that support long-term recovery after disruptions?

speaker

Genie Gan (moderator)

explanation

Understanding how to create standards that address both immediate response and long-term recovery is crucial for comprehensive digital infrastructure resilience.

How can we ensure that resilience standards and frameworks remain agile and responsive to rapidly evolving threats?

speaker

Alaa Abdulaal

explanation

Given the fast pace of technological change and emerging threats, it’s important to develop standards that can adapt quickly.

What role can open-source technologies play in enhancing digital infrastructure resilience?

speaker

Alaa Abdulaal

explanation

Exploring the potential of open-source solutions could provide additional options for creating diverse and resilient digital infrastructure.

How can we better integrate threat modeling and risk assessment into the development of digital infrastructure resilience standards?

speaker

Dino Dell’Accio (audience member)

explanation

Focusing on specific threats and risks faced by different countries could help tailor universal standards to local needs.

Which institutions or partners should be involved in developing universal standards for digital infrastructure resilience?

speaker

Unnamed audience member

explanation

Identifying the key stakeholders and institutions needed to create and implement universal standards is crucial for moving the process forward.

Summary

This discussion focused on cross-community interaction in cyber policy dialogues, organized by Virtual Roots and the Royal United Services Institute (RUSI). The session aimed to connect different communities, including research, practice, technical, and policy sectors, to foster dialogue on responsible cyber behavior.

James Shires and Louise Marie Hurel introduced the session, highlighting the importance of bridging divides between various stakeholders in cyber policy. Corinne Casha from Malta’s Ministry of Foreign Affairs emphasized the need for inclusive cyber policy development, incorporating perspectives from government, industry, academia, and civil society.

The Global Partnership for Responsible Cyber Behaviour was discussed as an initiative to identify researchers working on cyber behavior topics worldwide. Louise Marie Hurel highlighted the limitations of current UN processes in cyber discussions, noting their government-centric nature and the need for more diverse voices, especially from developing countries.

Participants engaged in an interactive session, identifying obstacles to cross-community interaction. Key challenges included language barriers, funding issues, geopolitical tensions affecting accreditation processes, and the tendency for governments to dominate policy-making without sufficient input from other sectors.

The discussion emphasized the importance of funding and sponsorship to enable participation from less-represented groups, particularly from developing countries. Participants also stressed the need for organizations to improve diversity and regional representation within their own structures.

The session concluded by highlighting the importance of building bridges not just between different stakeholder groups, but also within each sector to ensure more inclusive and representative cyber policy dialogues.

Keypoints

Major discussion points:

– The importance of cross-community interaction and dialogue in cyber policy

– Obstacles to greater cross-community engagement, including language barriers, funding/resources, and limited access to key forums

– The need for more inclusive and representative participation, especially from developing countries and diverse stakeholders

– Challenges in bridging divides between government, academia, industry, and civil society perspectives

– Ways to overcome obstacles and improve cross-community collaboration

The overall purpose of the discussion was to explore how to foster greater interaction and dialogue between different communities involved in cyber policy, including government, academia, industry, and civil society. The goal was to identify obstacles to cross-community engagement and brainstorm potential solutions.

The tone of the discussion was collaborative and solution-oriented. It began in a more formal, presentation-style format but shifted to become more interactive and participatory as attendees were asked to contribute their perspectives. The organizers emphasized that they wanted to hear from participants rather than just talk at them. The tone remained constructive throughout, with a focus on identifying challenges but also proposing ways to overcome them.

Speakers

– James Shires, Co-director of Virtual Roots

Expertise: Cybersecurity and internet governance

– Louise Marie Hurel, Researcher at the cybersecurity program at the Royal United Services Institute (RUSI)

Expertise: Cybersecurity policy challenges

– Corrine Casha, Deputy Director for Global Affairs at the Malta Ministry of Foreign Affairs

Expertise: Cyber policy, government perspective

– AUDIENCE

Role: Various participants from different sectors

Additional speakers:

– Yasmine Azzouzi, International Telecommunications Union, Intergovernmental, WEOG

Role: Co-host

– Erik Kursetgjerde, NATO/CCDCOE, Intergovernmental, WEOG

Role: Co-host

– Anni Adamson, European Cyber Conflict Research Initiative (ECCRI), Civil Society, WEOG

Role: Facilitator (likely for online participants)

Cross-Community Interaction in Cyber Policy Dialogues: A Comprehensive Summary

Introduction

This discussion, organised by Virtual Roots and the Royal United Services Institute (RUSI), focused on fostering cross-community interaction in cyber policy dialogues. The session aimed to connect diverse stakeholders from research, practice, technical, and policy sectors to promote dialogue on responsible cyber behaviour. Key speakers included James Shires, co-director of Virtual Roots; Louise Marie Hurel, researcher at RUSI’s cybersecurity programme; and Corinne Casha, Deputy Director for Global Affairs at the Malta Ministry of Foreign Affairs.

Overview of the Global Partnership for Responsible Cyber Behaviour

Louise Marie Hurel introduced the Global Partnership for Responsible Cyber Behaviour initiative, which aims to identify researchers working on cyber behaviour topics worldwide. This project seeks to create a comprehensive database of experts and their work, facilitating connections and collaborations across different communities involved in cyber policy discussions.

Interactive Session and Word Cloud

The discussion included an interactive element where participants were asked to contribute words they associated with responsible cyber behaviour. This activity resulted in a word cloud that highlighted key themes and concepts, providing a visual representation of the group’s collective understanding of the topic.

Breakout Discussions

Attendees were divided into smaller groups for breakout discussions, focusing on specific aspects of cross-community interaction in cyber policy. These sessions allowed for more in-depth exploration of challenges and potential solutions, with key points later shared with the larger group.

Key Challenges and Obstacles

Several barriers to inclusive participation in cyber policy dialogues were identified:

1. Language Barriers: Highlighted by James Shires and demonstrated by a participant from Chad who greeted the group in Arabic, underscoring the challenges faced by non-English speakers.

2. Lack of Resources and Funding: Corinne Casha noted that insufficient resources often prevent some stakeholders from participating fully in policy discussions.

3. Government-Centric Decision Making: Casha acknowledged that governments often dominate policy development without adequately incorporating perspectives from other sectors.

4. Geopolitical Tensions: Audience members pointed out how international political dynamics can affect participation in multilateral forums, including issues with accreditation.

5. Limited Diversity Within Stakeholder Groups: Louise Marie Hurel emphasised the need for improved diversity and regional representation within stakeholder organisations themselves.

6. Limitations of UN Processes: Hurel highlighted the government-centric nature of UN cyber discussions, which often marginalise voices from developing countries.

Proposed Solutions and Initiatives

To address these challenges, several initiatives and suggestions were proposed:

1. Sponsorship Programmes: Corinne Casha discussed Malta’s efforts to sponsor fellows for participation in the Internet Governance Forum (IGF).

2. Government Funding: Casha emphasised the importance of government funding to support participation from developing countries in international cyber policy forums.

3. Leveraging Existing Structures: Hurel suggested utilising existing UN system structures to facilitate more inclusive dialogue.

4. Improving Internal Diversity: Hurel stressed the importance of enhancing diversity within stakeholder organisations to ensure better representation of different perspectives.

5. Global Partnership Database: The ongoing development of a comprehensive database of cyber behaviour researchers to facilitate connections and collaborations.

Conclusion

The discussion highlighted the complex challenges in achieving truly inclusive and representative cyber policy processes. It emphasised the need for continued efforts to fund and sponsor participation of developing countries and underrepresented groups in cyber policy forums. The speakers and participants agreed that leveraging existing UN system structures, examining internal diversity within organisations, and addressing language barriers are crucial steps forward. As cyber policy continues to evolve, addressing these challenges will be essential for developing comprehensive and effective strategies that reflect the diverse needs and perspectives of the global community.

James Shires: and this is focused on cyber policy dialogues. The idea here is that we will be connecting different communities between research and practice, between technical and policy communities, and trying to do a little bit of interactive networking. So although you see four people up here on the stage, this is not going to be us talking to you very much. It’s going to be you talking to us and talking to each other, and ideally everyone online also talking to each other as well. So welcome and thank you for joining this session. I’ll talk a little bit about just the overall outline and then we can get started. So this is being organized by Virtual Roots. My name is James Shires. I’m co-director of Virtual Roots. We’re an NGO that focuses on research, education, and public engagement in cybersecurity and internet governance. I’ll hand over now to introduce my co-organizer, Louise Marie Harrell.

Louise Marie Hurel: Hello everyone, can you hear me okay? Yes, great, good. I’m Louise Marie Harrell. I am a researcher here at the cybersecurity program at the Royal United Services Institute, which is basically a very fancy name for a think-tank based in London working on a range of different security and defense issues, and obviously one of them is cybersecurity. And we conduct research and we also convene different sectors to discuss some of the domestic but also international policy challenges on cybersecurity. So it’s lovely to be here, even if online this time, but it’s great to see some familiar faces as well.

James Shires: Thank you, Louise. And what we’ll do is the following. Louise will say a little bit about Rootsie’s main program in this space, which is a global partnership on responsible cyber behavior. We will then turn to our key speaker. We are very pleased to have Corinne Kasher here from the Ministry of Foreign Affairs at Malta to give her personal perspective on crossing different communities. I will then ask you all to interact with us to fill out a few questions that we have online. So you can either use a QR code if you’re here in person, or you can access a link to the quiz. And then we will break out into different rooms to try and unpack these questions in a little bit more detail. So those of you online will go into smaller groups, and those of you in the room will do so as well. You will be assisted very ably in this task by two of our co-hosts, Yasmin and Eric here, who will be going around and answering any questions, stimulating discussion based on their own extensive knowledge of this area. So Yasmin and Eric, thank you very much for helping out here. I will now stop here and hand the floor to Corinne for some opening remarks. I will also move my video so those online people can see her in person.

Corrine Casha: Thanks James, and thank you everyone for being here. It’s a real pleasure to be among you. My name is Corinne, I am Deputy Director for Global Affairs at the Malta Ministry of Foreign Affairs, and the reason I’m here at the IGF Forum is precisely because of the fact that our government is currently sponsoring fellows to participate here in this IGF Forum. And the reason why we are sponsoring fellows to participate in this IGF Forum is because we are firm believers in the fact that cyber policy should not be restricted solely to governments, but that cyber policy should also incorporate different facets. It should incorporate industry, it should incorporate academia, it should incorporate civil society, and also it should incorporate researchers. So one of the main, let’s say, tasks that we are currently conducting is to bridge the divides and also have the cyber researchers and cyber government officials interact more with each other. And from my personal experience this is a very important task because when it comes to, for example, drafting national cyber strategies, it’s important to have different ideas, not only restricted to what cyber policy is by government, but it’s important to also factor in the research, the academia, the government, let’s say, perspectives coupled with other partners. So I’m very pleased to be here today because this is exactly the culmination of what we wanted to be, a networking event where we discuss ideas, we discuss knowledge, where we impart information together and hopefully build up better cyber resilience as well amongst ourselves. I also wanted to outline that being a European Union member, Malta is also obliged by the regulation, the European Parliament and the Council to actually incorporate these different factors together. So we are actually obliged to also include, so there’s this policy of inclusiveness as well, and to include different communities. So it’s also a part of our, let’s say, EU membership or of our EU obligations to have these different perspectives come together. So that’s what I wanted to say from my perspective and I now hand over to you, James, again. Thanks.

James Shires: Thank you very much Corinne and we’ll go straight to Louise to talk a little bit about the Global Partnership.

Louise Marie Hurel: Wonderful. Again, thank you very much. You know, just a year ago, some of us were together in Kyoto for the regional launch of the Global Partnership for Responsible Cyber Behaviour, which is an initiative that we have established since 2022, actually, here at RUCI, with a purpose of bringing together the research community, studying and engaging in topics related to responsible cyber behaviour. And I think to be back at the IGF just really shows the importance of this space for us to be able to connect not only with other researchers, but most importantly, to make the most out of this multi-stakeholder community that the IGF has been nesting for decades now. And I just like to kind of echo a lot of what Corinne just said. The objective of the partnership is really to bridge part of that conversation, but most importantly, is to identify who’s researching topics related to responsible cyber behaviour. And I say responsible cyber behaviour because it’s not just about state responsibility in cyberspace, but it’s really recognising that we will only be able to have a proper conversation, and we will only be able to develop a critical mass and critical thinking if we’re able to identify those researchers that are based in different regions, right? And that has been our arduous task to identify researchers working in these topics from the different parts of the world. So we launched that. But I think the background for the conversation that we’re having today, and I think it’s a perfect, you know, match between what we’re doing over here at RUCI with a global partnership and what Virtual Routes is doing as well in terms of connecting also different communities. Because at this moment, as I think many of you are very familiar, it’s been decades that the UN processes have been discussing the rules of the road for responsible state behaviour, right? And while it is an important space that has developed norms and, you know, the recognition of how international law applies to cyberspace, even though only 32, 33 government entities, and I say government entities, because 30, 31 of them are actual member states, and two of them are regional bodies have, you know, published their views on how international law applies to cyberspace. And that’s all good. And that’s important in terms of thinking about peace and stability in cyberspace. But these UN processes, they revolve very much around a particular modus operandi. And that includes the fact that it’s very government centric, even though there’s some participation of stakeholders, even though quite contested since the start of this latest process of the open ended working group. And even though we see 193 countries represented there, it’s still very much in the room, a challenge of balancing two different poles. So US Western democracies on one side, and obviously, you know, Russia, China, and a couple of others, right. And I think the debate here is to bring those different bits and pieces and these different countries, especially developing countries to have a little bit more voice in those processes. And sometimes that is obfuscated by these broader strategic competition. I think another thing is that it’s really focused on international peace and security and much less so on other areas of thinking about like responsible cyber behaviour such as development and how it enables a lot of the conversation of states being able to be accountable as well as other stakeholders. Of course, there’s some conversation around due diligence, but then it’s still very limited to the language of this particular space. And I think, you know, it also means limiting who can be in those rooms, right? Even though there’s some accredited organisations that can attend the, let’s say, open-ended working group on cyber security, we still see that there’s a certain privilege to be in this room. You need to be accredited, you need to have the resources. So the whole point of this conversation and it has emerged as part of this dialogue between us and virtual routes, really, to think about how can we actually look at other spaces within the UN system that actually already has that structure for us to facilitate a dialogue where we can bring these communities together, where we can leverage the knowledge and the research that others have been conducting in this field. How can we identify researchers within, let’s say now, like within other regions? How can we understand other views of responsible cyber behaviour beyond, let’s say, just a very state-centric or just very related to these two poles, right? Or just to like governments. And how can we think about responsibility as something that is encoded at the international level in these discussions, but at the regional level, the domestic level and the operational level, thinking about how countries, how states and how different actors justify kind of developing cyber capabilities, right? So I just wanted to really set, like just really give a little bit of a glimpse at the background of where we are coming from as RUSI and our commitment to foster networking sessions such as these, but also our collaboration with Virtual Routes, which is also a member and a partner of the GPRCB. So I just wanted to welcome you all to the session, to thank the opportunity, and again, really gutted to not be able to be there, but very excited to what we’re going to learn from each other and also from the conversation that we’ll have here online. So thank you very much, and sorry if I spoke a little bit too much, but looking forward to connecting with you.

James Shires: Thank you, Louise, and that context was super important, so we’re really glad that you could share that with us. What we’re going to do now is we’re going to move from the bit where we talk at you to the bit where you engage in a little bit of a Q&A to start with. So as you will all be able to see in person, there is now a Slido with three short questions on. So indulge us, please do fill out these three short questions to get a sense of who we have in the room and what you think the main challenges are. Annie, I believe, is going to share the link to this same Slido online for those participating in hybrid form, and I can see people are already filling it out, so maybe the online people are super quick, they’ve got their laptops already open, and we’ve broken this down into a few different communities. You could slice a pie in as many ways as you want, but this is how we’ve decided to look at civil society, academia, IGOs, government, industry, or other, of course. So very pleasingly, it looks like we have quite a similar mix of different attendees, so that’s good if there’s everyone from one community, that might be a lesson in itself. So we are now changing results, and we can see that actually IGOs are representing the majority of people in the room, and Eric and Yasmin haven’t even filled out the poll themselves. So technical community is unfortunately not listed, no, because we believe that technical people do come from industry, they come from government, and they come from civil society. So yes, technical community is an identity, but they also have affiliations in these different areas as well. So if you identify as technical, then also please list your organizational affiliation as well. So I will now go to the second question we asked you, which was how often do you engage with people outside your main community? So we know there’s a lot of IGO people in the room, there’s some civil society, some industry, and how often do you talk to people from other communities? I like that this is going often is the main response, we’re seeing no one’s first time in engaging other communities is good, but you know we would be welcoming that as well. Okay, so occasionally some responses, some people are doing this all the time, but it looks like most people are doing this often, regularly, but not sort of day-to-day in their normal jobs. Maybe what we would expect in a multi-stakeholder internet governance environment. So that’s question two. That gives us, but also you, a sense of who else is in the room and how they see their sort of community interaction. So now we’re going to go to kind of the most important question. This is the one that is going to frame your breakout sessions. So it’s not a ranking, this is more of a word cloud. So what do you think are the main obstacles to greater cross-community interaction? Louise mentioned a few already, things like accreditation to key events, things like resources and participation, others coming out as well. So please fill in as many words as you would like to here as well. Don’t feel you have to come up with additional words, you can also double click or double down on the ones that are already there as well. I will give you a few more minutes to think about this, it’s a little bit more of a challenging question than the first two. And some really thought-provoking answers coming out already. So Wow So I can still see a couple of people typing, so I want to give people the space to make sure we capture as many views as possible in terms of these obstacles. So just to take a quick poll of everyone in the room, does everyone in the room feel that you’ve filled out to your comfort, right? You’ve put as much as you want into the word cloud. I’m going to take that as a yes and same for people online as well. Thank you very much for putting this through. Just a few, I already have a lot of responses thinking already, but I’m going to hold them back because I don’t want to talk any more to you. I want you all to discuss this word cloud between yourselves, right? This is a networking session, not a presentation session. And so what we will do is break into different groups here, small groups in the room. We will go into breakout rooms online. For people online, Annie will be assigning you to breakout rooms. We’re looking at about three or four people per group. And then what we will do is spend 15 minutes just talking about these key points. You can pick one of them and really drill into that, say, what is the issue here? Why is this such an issue? So what are the reasons for that issue? And then most importantly, how can we overcome the obstacle? I really want everyone to get towards that solution part of the conversation in your groups as well. So I can already see three clear groups here, one on the left for me, one on the right, and one in the middle. If you feel free to move around, feel free to make sure you want to have different communities involved in that group. And online, I hope you are also being assigned roughly equally as well. So that’s it from me. I’ll break now and we’ll come back in 15 minutes to hear your thoughts on these obstacles and how to overcome them, and in a way we’ll reflect with our participants as well. So thank you very much, and we’ll see you in 15 minutes.

AUDIENCE: for example in other multilateral forums such as the Open End Working Group, it also depends a lot on geopolitical tensions, so for example I work at the German Council on Foreign Relations, a think tank based in Berlin, and what we see is that sometimes the accreditation process can be rather difficult or it can depend on vetoes from other countries and that sometimes is kind of arbitrary in the sense that some similar organizations in Germany don’t have the chance to participate because xyz so yeah that sometimes we find ourselves in a privileged position when we are able to give our statements there but that not everyone has the same chances and that’s kind of sad because I think that for example also at the OEWG it’s great to see the involvement of different stakeholders because sometimes we are the ones doing the research and providing yeah I would say impactful research on those conversations so if you want to add something other members of the group please feel free to do so now right yeah

James Shires: thank you very much that is very much appreciated before we turn to Corinne and Louise I just want to highlight one group one issue that was discussed in this group that I was fortunate to be part of which is language barriers right we had one attendee here from Chad who speaks French and Arabic and not English and was nonetheless seeking to participate in what is here unfortunately an English language only forum so I would like to invite her to say a little bit in another language on your reflections that you had throughout the group

AUDIENCE: As-salamu alaykum

James Shires: so of course just to say a little bit about those challenges facing a country where not only is a language a barrier to participation you have visa applications you have aware popular awareness of things like cyber security measures and also ultimately uh government resources and money to contribute right so um and the unfortunately the language barriers themselves have been demonstrated in this session so in the last five minutes of the session i would like to thank you all for your participation turn to corinne and louise to give a few concluding reflections on the thoughts

Corrine Casha: yes and just a few remarks i think i don’t have a lot more to add than what the participants actually stated i thought i was very pleased to hear what they what they said and they were all very very valid points and and they are really food for thought also for me coming from a perspective of government i think for me i see two things um one is the fact that um coming from uh government i see that very often decision making at the highest level for example at the un is really sort of the privilege of governments and i don’t only say that in the realm of cyber i’ve seen it in the negotiations for example on oceans um and and therefore this is not just um something that is restricted to cyber policy so also in other in other policy areas and also at the let’s say national level so going from the multilateral but also to the national level what i see is that the government sort of there’s this culture where government thinks that it owns policy and so when whenever we are coming up with a strategy for example not enough research not enough evidence by academia or by industry is is fed into the the sort of strategy um document for example so what i see is that when we were coming up with a policy position very often it’s taken by government but it’s not does not include the the the different perspectives of of the other players and i think it’s really important um to bring everybody on board and this is what we are trying to do and just not to take up a lot of time because i know louise is also wanting to to say some remarks but on the issue of funding um we’re very very well aware of that and one of the things that my government has been doing is we are funding for example when it comes to negotiations at the un level we fund countries we fund um also governments to we sponsor uh let’s say least developed countries um delegates who cannot travel who cannot participate and and we fund them so that they are also included in the process apart from funding also fellows academia and and researchers because we believe it’s very important that we continue to fund um we continue to fund the these different um let’s say stakeholders so that their their ideas and their knowledge is fed into the process i think it’s very important so that’s all i can say from my end but um i think louise has a little bit more to say as well from her end

James Shires: thank you and louise we have already had a sign saying please wrap up so uh if you could summarize in one minute um that would be much appreciated

Louise Marie Hurel: absolutely and i mean not gonna take time uh and corinne definitely uh said a lot of what i was gonna say i just wanted to thank you all for for the contributions and the thought provoking kind of like discussions the one thing that i would stress though is this point on uh usually in these conversations be it at the igf even at the un we’re talking about how to ensure that cross-stakeholder representation is um is more effective right but i think the lesson that i’m taking from this this dialogue today is within our respective stakeholder groups how can we make it more um representative how can we build those bridges within our respective sectors right and that is something that akati and our group mentioned within like civil society you need to you can always pressure and do advocacy to make other spaces more representative but are you as an organization actually walking the talk of making your staff more diverse of ensuring that you have equity and ensuring that you are sensitive to the different let’s say regional representation within your team so i think that is the the key takeaway for me from our conversation here today and thank you again and thanks james for you know holding the fort and for the wonderful session so yeah thanks all for the contributions

James Shires: thank you louise thank you corinne uh thank you annie eric and jasmine for facilitating uh with us thank you everyone online and in person shock and jazzyland and uh have a great rest of your day

Agreement Points

Importance of diverse perspectives in cyber policy

Corrine Casha

Louise Marie Hurel

Importance of including diverse perspectives

Identifying researchers globally working on responsible cyber behavior

Both speakers emphasize the need to incorporate various perspectives, including industry, academia, civil society, and researchers, in cyber policy discussions and development.

Challenges in cross-community engagement

Corrine Casha

Louise Marie Hurel

AUDIENCE

Government-centric decision making in policy development

Challenges of balancing different stakeholder voices in UN processes

Accreditation difficulties for participating in multilateral forums

Speakers agree on the existence of obstacles to cross-community engagement, particularly in government-dominated policy-making processes and multilateral forums.

Need for initiatives to improve cross-community engagement

Corrine Casha

Louise Marie Hurel

Sponsoring fellows to participate in IGF Forum

Government funding for participation of developing countries

Global Partnership for Responsible Cyber Behaviour initiative

Leveraging existing UN system structures for dialogue

Both speakers highlight various initiatives aimed at improving cross-community engagement in cyber policy discussions, including funding participation and creating platforms for dialogue.

Similar Viewpoints

Both speakers emphasize the importance of connecting researchers with government officials and identifying global expertise in responsible cyber behavior.

Corrine Casha

Louise Marie Hurel

Bridging divides between researchers and government officials

Identifying researchers globally working on responsible cyber behavior

The speakers agree on the existence of various barriers to participation in cyber policy discussions, including resource constraints, accreditation challenges, and geopolitical factors.

Corrine Casha

Louise Marie Hurel

AUDIENCE

Lack of resources and funding for some stakeholders

Accreditation difficulties for participating in multilateral forums

Geopolitical tensions affecting participation

Unexpected Consensus

Internal diversity within stakeholder groups

Louise Marie Hurel

Need for more diverse representation within stakeholder groups

While most discussions focus on cross-community engagement, Hurel unexpectedly emphasizes the importance of improving diversity and representation within stakeholder groups themselves.

Overall Assessment

Summary

The speakers generally agree on the importance of diverse perspectives in cyber policy, the challenges in cross-community engagement, and the need for initiatives to improve participation. There is a strong consensus on the need to bridge divides between different stakeholders and address barriers to participation.

Consensus level

High level of consensus among speakers, with agreement on major issues. This suggests a shared understanding of the challenges and potential solutions in improving cross-community engagement in cyber policy. The implications are that collaborative efforts to address these challenges may be well-received across different stakeholder groups.

Different Viewpoints

Approach to inclusive policy-making

Corrine Casha

Louise Marie Hurel

Importance of including diverse perspectives

Need for more diverse representation within stakeholder groups

While both speakers emphasize the importance of inclusivity, Casha focuses on including diverse external perspectives in policy-making, while Hurel stresses the need for internal diversity within stakeholder groups.

Unexpected Differences

Focus on funding and resources

Corrine Casha

Louise Marie Hurel

Lack of resources and funding for some stakeholders

Identifying researchers globally working on responsible cyber behavior

While Casha emphasizes the importance of funding and resources for participation, Hurel unexpectedly does not address this issue directly, instead focusing on identifying and connecting researchers globally. This difference in focus might indicate varying priorities in addressing cross-community engagement challenges.

Overall Assessment

summary

The main areas of disagreement revolve around the specific approaches to achieving inclusive and diverse participation in cyber policy discussions. While speakers generally agree on the importance of cross-community engagement, they differ in their emphasis on internal vs. external diversity, funding priorities, and methods of facilitating dialogue.

difference_level

The level of disagreement among the speakers is relatively low, with more emphasis on complementary perspectives rather than conflicting views. This suggests a generally aligned approach to improving cross-community engagement in cyber policy, which could lead to more comprehensive and inclusive policy-making processes if different strategies are combined effectively.

Partial Agreements

Both speakers agree on the need for better cross-community engagement in cyber policy, but they differ in their approaches. Casha emphasizes direct interaction between researchers and government officials, while Hurel focuses on leveraging existing UN structures to facilitate dialogue.

Corrine Casha

Louise Marie Hurel

Bridging divides between researchers and government officials

Challenges of balancing different stakeholder voices in UN processes

Similar Viewpoints

Both speakers emphasize the importance of connecting researchers with government officials and identifying global expertise in responsible cyber behavior.

Corrine Casha

Louise Marie Hurel

Bridging divides between researchers and government officials

Identifying researchers globally working on responsible cyber behavior

The speakers agree on the existence of various barriers to participation in cyber policy discussions, including resource constraints, accreditation challenges, and geopolitical factors.

Corrine Casha

Louise Marie Hurel

AUDIENCE

Lack of resources and funding for some stakeholders

Accreditation difficulties for participating in multilateral forums

Geopolitical tensions affecting participation

Key Takeaways

Cross-community engagement is crucial for effective cyber policy development

There are significant obstacles to inclusive participation, including language barriers, lack of resources, and geopolitical tensions

Initiatives like sponsoring fellows and creating partnerships can help improve cross-community engagement

More diverse representation is needed both across and within stakeholder groups

Government-centric decision making in policy development limits inclusion of other perspectives

Resolutions and Action Items

Continue efforts to fund and sponsor participation of developing countries and underrepresented groups in cyber policy forums

Leverage existing UN system structures to facilitate more inclusive dialogue

Organizations should examine their own diversity and representation internally

Unresolved Issues

How to overcome language barriers in international cyber policy discussions

How to balance different stakeholder voices effectively in UN processes

How to ensure consistent inclusion of academic and industry perspectives in government policy-making

Suggested Compromises

Governments funding participation of diverse stakeholders in policy discussions to improve inclusivity while maintaining some control over the process

So one of the main, let’s say, tasks that we are currently conducting is to bridge the divides and also have the cyber researchers and cyber government officials interact more with each other. And from my personal experience this is a very important task because when it comes to, for example, drafting national cyber strategies, it’s important to have different ideas, not only restricted to what cyber policy is by government, but it’s important to also factor in the research, the academia, the government, let’s say, perspectives coupled with other partners.

speaker

Corrine Casha

reason

This comment highlights the importance of cross-sector collaboration in developing effective cyber policies, emphasizing the need to include diverse perspectives beyond just government.

impact

This set the tone for the discussion by emphasizing the importance of multi-stakeholder engagement in cyber policy development. It led to further exploration of challenges and opportunities in cross-community interaction.

And I think the debate here is to bring those different bits and pieces and these different countries, especially developing countries to have a little bit more voice in those processes. And sometimes that is obfuscated by these broader strategic competition.

speaker

Louise Marie Hurel

reason

This comment brings attention to the power dynamics and representation issues in international cyber policy discussions, particularly highlighting the challenges faced by developing countries.

impact

It broadened the scope of the discussion to include global power dynamics and representation issues, leading to considerations of how to make international cyber policy processes more inclusive.

What we see is that sometimes the accreditation process can be rather difficult or it can depend on vetoes from other countries and that sometimes is kind of arbitrary in the sense that some similar organizations in Germany don’t have the chance to participate because xyz so yeah that sometimes we find ourselves in a privileged position when we are able to give our statements there but that not everyone has the same chances

speaker

Audience member

reason

This comment provides a concrete example of the challenges in participation and representation in international cyber policy forums, highlighting issues of access and arbitrary exclusion.

impact

It grounded the discussion in real-world examples and led to further exploration of barriers to participation in international cyber policy discussions.

As-salamu alaykum

speaker

Audience member from Chad

reason

While brief, this comment powerfully demonstrated the language barriers present in the discussion itself, making the abstract concept of language barriers concrete and immediate.

impact

It brought immediate attention to the language barriers in international discussions and led to reflection on how these barriers impact participation and representation, especially for non-English speaking countries.

What i see is that when we were coming up with a policy position very often it’s taken by government but it’s not does not include the the different perspectives of of the other players and i think it’s really important um to bring everybody on board and this is what we are trying to do

speaker

Corrine Casha

reason

This comment acknowledges the limitations of current government-centric policy-making processes and expresses a commitment to more inclusive approaches.

impact

It shifted the discussion towards practical steps for improving inclusivity in policy-making processes and led to sharing of initiatives aimed at increasing participation.

Usually in these conversations be it at the igf even at the un we’re talking about how to ensure that cross-stakeholder representation is um is more effective right but i think the lesson that i’m taking from this this dialogue today is within our respective stakeholder groups how can we make it more um representative how can we build those bridges within our respective sectors right

speaker

Louise Marie Hurel

reason

This comment shifts the focus from external representation to internal diversity and inclusivity within stakeholder groups, introducing a new dimension to the discussion.

impact

It prompted reflection on internal practices within organizations and sectors, encouraging participants to consider how they can improve representation and diversity within their own contexts.

Overall Assessment

These key comments shaped the discussion by progressively broadening its scope from the initial focus on cross-sector collaboration to encompass global power dynamics, practical barriers to participation, language issues, and internal organizational practices. They helped to make the discussion more concrete by providing real-world examples and challenges, while also pushing participants to reflect on their own roles and responsibilities in improving representation and inclusivity in cyber policy discussions. The comments collectively highlighted the complexity of achieving truly inclusive and representative cyber policy processes, touching on issues of access, language, funding, and organizational culture.

How can we improve cross-community interaction in cyber policy dialogues?

speaker

James Shires

explanation

This was the central theme of the discussion and was posed as a question for participants to explore in breakout sessions.

How can we identify researchers working on responsible cyber behavior in different regions of the world?

speaker

Louise Marie Hurel

explanation

This was mentioned as an ongoing challenge for the Global Partnership for Responsible Cyber Behaviour initiative.

How can developing countries have a stronger voice in UN cybersecurity processes?

speaker

Louise Marie Hurel

explanation

Louise highlighted that developing countries’ voices are often obfuscated by broader strategic competition in UN processes.

How can we address language barriers in international cyber policy discussions?

speaker

James Shires (on behalf of an attendee from Chad)

explanation

This was identified as a significant obstacle to participation for non-English speakers in international forums.

How can governments better incorporate research and evidence from academia and industry into national cyber strategies?

speaker

Corrine Casha

explanation

Corrine noted that government policies often lack input from other stakeholders, suggesting a need for more inclusive policy-making processes.

How can organizations within each stakeholder group improve their own diversity and representativeness?

speaker

Louise Marie Hurel

explanation

Louise emphasized the importance of stakeholder groups ‘walking the talk’ by ensuring diversity and regional representation within their own organizations.

Summary

This discussion focused on protecting children in the digital world, addressing the evolving threat landscape and strategies to mitigate risks. Experts highlighted the rapid pace of technological change and the increasing sophistication of online threats targeting children, including cyberbullying, grooming, and exposure to inappropriate content. They emphasized the need for a multi-stakeholder approach involving governments, tech companies, educators, parents, and children themselves.

Key challenges identified included the online disinhibition effect, the ease of creating deepfakes, and the collection of children’s biometric data through gaming. Participants stressed the importance of age-appropriate digital literacy education and the development of practical cybersecurity skills for children. They also discussed the role of parental controls and the need for open communication between parents and children about online safety.

The discussion touched on regulatory approaches, with some advocating for stricter content moderation and others cautioning against blanket bans on technology use. Experts emphasized the importance of international cooperation in addressing cross-border cyber threats. They also highlighted the need for ongoing research into emerging risks and the development of evidence-based interventions.

Participants agreed that while the threat landscape is likely to worsen, increased awareness and improved digital skills could help children navigate online spaces more securely. The discussion concluded with a call for continued dialogue and collaboration among stakeholders to ensure children’s rights and safety in the digital environment.

Keypoints

Major discussion points:

– The increasing threats and risks to children in the digital world, including cyberbullying, grooming, and exposure to harmful content

– The need for a multi-stakeholder approach involving government, industry, civil society, and academia to protect children online

– The importance of education and awareness for children, parents, and teachers about online safety

– The challenges of regulating and enforcing child protection measures in the fast-evolving digital landscape

– The role of technology companies in developing tools and solutions to enhance child safety online

The overall purpose of the discussion was to examine the current and future threats to children’s safety in the digital world and explore potential solutions and best practices for protecting children online through collaboration between different stakeholders.

The tone of the discussion was serious and concerned, reflecting the gravity of the issues being discussed. However, it was also constructive and solution-oriented, with speakers offering practical suggestions and examples of initiatives to address the challenges. The tone became more urgent and action-oriented towards the end, with participants emphasizing the need for immediate and coordinated efforts to protect children online.

Speakers

– Gladys O. Yiadom: Moderator

– Melodena Stephens: Professor of innovation and technology governance at Mohammed bin Rashid School of Government in Dubai, UAE

– Elizaveta Belyakova: Chairperson for the Alliance for the Protection of Children in the Digital Development

– Elmirti Arousafi: Cyber security expert and board member of the Moroccan Centre for Polytechnic Research and Innovation

– Heng Lee: Senior government affairs and public policy manager at Kaspersky

– Andre Gorobets: Representative from Ministry of Education (country not specified)

– Margarita Yurova: Translator for Andre Gorobets

– Anne Mickler: Online moderator

Additional speakers:

– Ethan: Youth ambassador of the One Power Foundation from Hong Kong

– Grace: Representative from Pan-African Youth Ambassadors for Internet Governance, from Uganda

– Jutta Croll: Child rights advocate from the German Digital Opportunities Foundation

Protecting Children in the Digital World: A Multi-Stakeholder Approach

This discussion focused on the critical issue of protecting children in the rapidly evolving digital landscape. Experts from various fields, including academia, government, and the technology sector, convened to address the growing threats to children’s safety online and explore potential solutions.

Survey Insights

The session began and ended with a survey of participants’ views on the threat landscape for children in the digital world. Notably, there was a shift in perception by the end of the discussion, with more participants recognizing the severity of online threats to children.

Key Threats and Challenges

The participants highlighted the increasing sophistication of online threats targeting children. Melodena Stephens, a professor of innovation and technology governance, emphasized the alarming rise of deepfakes and the lack of alignment on standards for age-appropriate content. Cyberbullying and emotional harm from online interactions were also identified as significant concerns.

Elmirti Arousafi, a cybersecurity expert, pointed out that the rapid pace of technological change is outpacing regulatory responses, creating a challenging environment for protecting children. Andre Gorobets, representing a Ministry of Education, stressed the transborder nature of online threats, further complicating efforts to safeguard children.

Multi-Stakeholder Collaboration

A recurring theme throughout the discussion was the need for a multi-stakeholder approach to address these complex issues. Melodena Stephens highlighted the crucial role of political will from governments in prioritizing child safety. She also stressed the importance of industry alignment on values and ethics, as well as the role of researchers in studying both the benefits and harms of technology.

Education and Awareness

The experts agreed on the critical importance of education and awareness in protecting children online. Elmirti Arousafi advocated for gamified, interactive curricula to teach children about online safety, making the learning process more engaging and effective. He specifically mentioned the Espace Maroc Cyber Confiance program as an example of such initiatives. Heng Lee, from Kaspersky, shared examples of educational resources such as cybersecurity alphabet books for children.

The discussion also touched on the need for practical guidance for parents on protecting their children online. Elmirti Arousafi emphasized the importance of equipping parents with the knowledge and tools to navigate the digital landscape alongside their children, stressing the importance of building trust between parents and children for effective online safety.

Regulatory Approaches and Challenges

The participants discussed various regulatory approaches to enhancing child safety online, while acknowledging the challenges in implementing and enforcing such measures. Heng Lee highlighted the difficulty of enforcing age restrictions for social media use and suggested the need for dedicated regulatory bodies focused on child online protection.

There was some disagreement on the approach to regulation. While Melodena Stephens emphasized the need for strong political will from governments, Heng Lee suggested a more balanced approach that considers both consumer protection and innovation in the tech industry.

Jutta Croll, a child rights advocate, introduced the UN Convention on the Rights of the Child as a basis for government action on child online protection. She specifically mentioned General Comment No. 25, adopted in 2021, which obliges states that have ratified the convention to implement children’s rights in the digital environment.

Role of Technology Companies

The discussion explored the role of technology companies in developing tools and solutions to enhance child safety online. Heng Lee presented Kaspersky’s Safe Kids as an example of parental control software designed to protect children in the digital space. He detailed features such as GPS tracking, screen time management, and content filtering, emphasizing the app’s ability to help parents guide their children’s online activities.

Youth Involvement and Empowerment

An unexpected point of consensus emerged around the importance of involving young people in developing solutions for online child protection. The potential for youth-led awareness campaigns on online risks was discussed, recognizing children as active participants rather than just passive recipients of protection measures. The Pan-African Youth Ambassadors for Internet Governance expressed interest in raising awareness about online risks among their peers.

A youth ambassador from Hong Kong raised the controversial topic of banning children from using mobile phones or the internet, sparking a discussion about the balance between protection and digital literacy.

Alliance for the Protection of Children in the Digital Environment

Elizaveta Belyakova, Chairperson for the Alliance for the Protection of Children in the Digital Development, presented the organization’s activities. The Alliance focuses on creating a safer digital environment for children through various initiatives and collaborations.

Thought-Provoking Insights

Several thought-provoking comments deepened the discussion. Heng Lee illustrated the long-term risks of seemingly harmless online interactions by describing how a chatbot could casually collect sensitive information from a child. Melodena Stephens highlighted the misconception that home internet use is always safe, framing it as a literacy issue. She also shared an example of a seven-year-old boy’s approach to identifying strangers in online games, demonstrating children’s potential for developing safety strategies.

An audience member raised the issue of content creation challenges and the need for skilled creators to produce engaging, age-appropriate content for children.

In conclusion, the discussion highlighted the complex and evolving nature of online threats to children, emphasizing the need for a comprehensive, collaborative approach involving governments, industry, civil society, parents, and children themselves. While challenges remain, the experts agreed that increased awareness, improved digital skills, and coordinated efforts could help create a safer online environment for children.

Gladys O. Yiadom: . Can the online moderator share her screen? Full screen, please. Thank you. So the first question is this. . . . . . . . . How will the threat landscape for children in the digital world develop over the 3-4 next years? Just as a reminder, an on-site participant can scan the QR code to participate to the survey. First point, it will increase significantly and lead to increased abuse and cybercrime. The threat situation is getting worse. It will increase significantly, but at the same time, children’s awareness and knowledge of cybersecurity issues and protection against threats in the digital world will also increase. The threat situation will remain more or less the same. It will increase significantly, but better knowledge and well-developed defense skills, as well as better developed digital skills, will ensure that children can operate more securely in the digital world. In this respect, the threat situation will improve, or I cannot give an estimation. So just let you a couple of minutes to take the survey, so that we can view the results all together. And please, do we have the results? Okay. The results are coming. Just a few seconds, please. Just a couple of seconds. I just received them, give me one second to share the graph. Thank you, and okay, let me switch the screen, then I’ll be able to share them. There we go, thank you. So we now have the results, so 17% of you have responded that it will increase significantly and lead to increased abuse and cybercrime, 33% of you has indicated that it will increase significantly but at the same time, children’s awareness and knowledge, my mic is not clear apparently, can you please fix it, thank you, that it will increase significantly but at the same time, children’s awareness and knowledge of cyber security will increase. See, 32% of you has answered that it will increase significantly but brilliant knowledge and well-developed defense skills will ensure that children can operate more securely in the digital world, and at least 17% of… few cannot give an estimation. So we will run again this survey at the end of the session and see if the result has changed. Thank you very much Anne. So let’s now start with our conversation with our speaker. I am pleased to have with me today Melodina with us. Brief introduction, Melodina is a professor of innovation and technology governance at Mohammed bin Rashid School of Government in Dubai, UAE. She has three decades of senior leadership international experience and consult in strategy working on policy issue with organizations such as Agile Nations, Council of Europe and the Dubai Future Foundation. So Melodina please tell us in your opinion what are the main threats, risks and dangers for children in the digital world and can you illustrate the negative effects with a few examples and I will kindly ask you to share Melodina’s slides please. Thank you.

Melodena Stephens: Thank you so much. Let me start with just a little question. If I show you this picture can you tell me where the threat comes? So this is what children play with. Post pandemic we went a lot online and right now we’re using gaming as an educational medium. For example I’ll just give you figures Minecraft has 173 million users active users and approximately if you look at the figures less than 15 year olds are 20.6 percent but 15 to 21 year olds so this is a little bit funny we don’t know what that number is 15 or 16 years old is 43 percent. Let’s take another online game Roblox 71.5 million users two-thirds are children right. And this raises these interesting questions because when I look at this figure, I don’t know who’s a stranger, who’s a bot, what kind of information is getting. And if children online are using VR sets, and they are because parents sometimes let them unsupervised, basically when they play a game which is approximately 20 minutes, there’s two million biometric points of data being collected. This may not seem like much, but tomorrow this could be information that could be used for security. So I think the challenge that we have right now, the threats we don’t see because we aren’t having enough discussions. We’re taking a one-sided view, oh, it’s online education and it’s developing digital skills. But we’re not looking at what might be the security concerns. We’re not asking the questions, what happens if children are too long online? And here’s another example that I wanted to show you. This is not working. Next slide, please. Could you put the next slide? Okay, so everything has gone a little bit off. So if I take something like this, there are a lot of age-appropriate codes being developed right now. But there’s a little bit of a problem. The global online safety currently showed that 18 to 19-year-olds scored very high on addiction. So that’s one fourth of them. And 18% of 13 to 17-year-olds, they didn’t do anything lower, but there are children much smaller. I see babies with iPads who are three years and four years old because parents want to keep them occupied, right? And then we also see that many of these children have profiles put up, either directly or indirectly. So if a parent puts up a child’s profile on Instagram or TikTok, there is data being collected. So we see that there is a problem in this gap. Another interesting thing is when there are crimes that are happening, most likely it’s associated with people you know. so it’s friends and family. Imagine a child playing online with a friend. They don’t know this friend. Physically, the parents have not met them. So you can see how much of that threat increases. And then you add the concept of these non-player characters, which are AI bots. And we recently saw a 14-year-old commit suicide because he fell in love with his AI bot in the US. The bot did not ask him to commit suicide. It said, please join me. And the child assumed that was take a gun and shoot himself. So we see this little bit of, I wouldn’t say little bit, horrific consequences of unsupervised online time. Another big challenge that I think is really important is when you look at the standards on how they decide what is allowed for children to play, there is no alignment. So I took this picture across different, it’s the same game, and you can see six-year-old, seven-year-old, 10-year-old, 12-year-old. So we don’t have alignments on standards, and there isn’t enough education for parents on this. So if I look at all the online harms, and I’m just gonna leave that as an impulse, you see there’s quite a lot, but I want to talk about things like self-harm, right? We right now find that WHO says the fourth largest cause of death among, and I’m taking 15 to nine-year-olds, is bullying and cyberbullying. Cyberbullying often happens online, and we may not recognize it because it does not result in physical harm, but it results in deep emotional harm. So I think there are challenges when we look at how we want to manage this process. I’m going to leave it there, but we’ll leave more for questions afterwards. Thank you.

Gladys O. Yiadom: Thank you so much, Milodena, and what you highlighted is very key, and it shows that there is a need to undertake actions to protect children, and this leads us to our next speaker, which is Elisabeta Beliakova. So very pleased to have you with us, Elisabeta. Elisaveta is the chairperson for the Alliance for the Protection of Children in the Digital Development. Elisaveta, I wanted to ask you, you are part of these alliances, what were the motives for founding the Alliance for the Protection of Children in the Digital World? What are the key stakeholders you work with and what are the goals of your organisation? Over to you.

Elizaveta Belyakova: Dear colleagues, good afternoon. I speak Russian because my Russian is much better than English. Sorry. Dear colleagues, good afternoon. I am glad to see you all. Thank you very much for the question.

Gladys O. Yiadom: Elisaveta, sorry, I need to interrupt you. I would kindly ask you to speak in English because we do not have interpreter services here. So, I will kindly ask you to speak in English, thank you.

Elizaveta Belyakova: My English is not good, but okay. I am glad to present to you the activity of the Alliance for the Protection of Children in the Digital Environment. In the Includive, there has been bridging together Russian technologies companies for the, yes, to create digital for our children. Founded in 2021, the Alliance has been working in addressing the key challenges of the digital age. The Alliance has become the unique platform that unites the largest companies in Russia. It’s Laboratory Kaspersky, VTK and many others. One of the most important activities of the creation of the digital liberty. Education, it is a big education portal. This portal provides the children, parents and teachers with access to cyber risk materials that help develop skills of protection. agency digital fees, such as psychological cases, data breaches and others. We have also developed a kind of book Risk of the Digital Environment. This is also a big interesting project, so the future risk of others. We also pay special attention to corporations in international areas. The activity shows our plans with Luvon, or BRICS and many other organizations. Let me also… Sorry, this is really not… Okay. Let me also answer a few questions for the lecture today. First, what is the best way to address children, parents and teachers? It is important for children to use games and education forms to involve them in the education process. Second, how to adapt to the learning programs? We believe the programs of the Internet interactively take into account the psychological characteristics of children, so the difference between games and the inclusive parental care. Third, how should the dialogue be simulated? We see great potential in the organization, regulation, meeting, workshop, and around the table, bringing together the business, government and civil society. Thank you for your attention and I look forward to the continuing and prospective dialogue. Thank you so much.

Gladys O. Yiadom: Thank you very much, Elisaveta, for your words. The contribution that you’re doing in this space is very important. Thank you for having shared your experience with us. Let me now turn over Elmirti, who is with us here. Thank you again also for being with us, Elmirti. A quick bio, Elmirti Arousafi is a cyber security expert and board member of the Moroccan Centre for Polytechnic Research and Innovation, where he plays a key role in advancing cyber security initiatives and research. He also is a core contributor to Espace Maroc Cyber Confiance, a national program dedicated to protecting children and vulnerable groups overall in the digital space. My question to you, Elmirti, is this one. In your opinion and experience, what are the main challenges when it comes to protecting children in the digital space?

Elmirti Arousafi: Thank you so much, Gladys. First of all, I would like to thank Kaspersky for the invitation and for creating this opportunity to talk about a very important subject. I was really surprised to see the numbers you showed, Elmirti, that this issue is really getting worse year after year. And as you kindly introduced, our experience in Morocco, actually with the EMC, Espace Maroc Cyber Confiance, helped us first-hand see how difficult it is to implement a national program in order to raise awareness around those issues. And I would like to just share some of them. I really think the issue is much bigger than that, but we can summarize them into… maybe three or four challenges. The main challenges according to what we see is the speed at which technology evolves. Unfortunately, as well, it’s misuse. So technology advances at a speed, but we can see that harmful people will use it as well, would use those advances such as AI and deep fakes and those kinds of technologies to create more harms, to create more complex harm to combat. So this sophistication really poses a difficulty, both from a regulatory perspective, but as well as technical perspective. And acting quickly is something we are trying to implement as well through the implementation of the helpline to help children, for example, remove content online. We also try to go beyond children. We talk about really weak populations. So in order to act quickly, those target people we are trying to touch needs, and I come to my second challenge, to be aware, right? To be a minimum trained, to be able to detect actually a fraud scenario, I would say, or maybe a cyber threat in the internet realm. So while children are usually digitally savvy, we noticed that they are not well-trained into the main threats, into internet and digital worlds. And equally, parents and educators are also, may lack the knowledge, especially the technical knowledge and tools to guide them effectively in this endeavor. So this is the gap we see, and the cyber criminals actually exploit that gap. The third, maybe, and final challenge would be the regulatory inconsistency across borders. And I emphasize on the across border. Our experience at EMC is to act locally, but we very quickly found out that. we cannot. We are talking about internet, we are talking about internet giants, we are talking about platforms, international platforms, so we have to reach, we have to expand our reach, hence the collaboration with some of our partners like Kaspersky, to actually touch and be in contact with the regulatory boards across borders. So we are trying, and in Morocco we’ve been addressing these challenges through multi-faceted approach. I will leave some of those remarks to the next questions.

Gladys O. Yiadom: Thank you. Thank you very much El-Mahdi, and I think what you share with us also highlight the need to have this multi-stakeholder approach at the end of the day, so having representatives from the civil society of course, including academia and government, which is key, and this leads me to our next speaker, Ang, who will represent the industry. So Ang, again also, thank you very much for being with us today. Just a quick intro and then I’ll share my question to you. So Ang Lee is Singaporean and a lawyer by training. He’s a senior government affair and public policy manager at Kaspersky. Prior to that he worked at the Singapore’s Ministry of Home Affairs as assistant director of technology and data policy, and he studied issues at the intersection of law enforcement and technology, including crimes targeting children and cyber bullying. So Ang, my question to you, why Kaspersky as a cyber security company is committed to protecting children in the digital space, and what projects has the company initiated in that regard?

Heng Lee: Thank you, thank you Gladys and my fellow esteemed speakers. Maybe let me answer this in two parts, the why and the how. Firstly, the why. I think Melodina and Almedi had shared a lot about threats and challenges of protecting children online. I just want to add one more perspective from the vantage point of a cybersecurity company, and why has the online quality of this problem made it particularly difficult and thus relevant to the entire tech industry. So in the physical world, we have special standards for children like child safety seats in a car, and warning labels about small parts that could be easily swallowed by a toddler. These are tangible things that you can touch and feel, and if there is a bully at the playground, you know who he or she is and you can see what he or she has done. But the online world gives rise to a different set of behaviour, what is called the online disinhibition effect, where individuals behave differently than they would in face-to-face interactions. It is partly because of the anonymity and lack of accountability that the cyberspace offers, and partly because consequences aren’t felt as immediately. And children who often do not have full appreciation of these consequences become particularly susceptible to this effect. Since the mischief here had arisen because of tech, the tech industry is naturally well-placed to offer many of the solutions to counter these, because tech practitioners have a good acumen of trends and designing these into a workable solution. Which brings me to the how. So what are some of the projects that Kaspersky as a company has initiated in this space? The first and foremost that I want to share is in parental control. Many cybersecurity companies have come up with solutions in parental control, and so has Kaspersky. Ours is called Safe Kids, and it’s been around for 10 years, having been launched in 2014. This app, when installed on a device, protects children from harmful content. It will interact with search engines and browsers. block search requests and once a week parents will receive reports on what their child had searched for on the Internet. This helps them to better understand the child’s interests and to remind them what is suitable for them to search on the Internet and what is not. The app also allows web filtering by enabling parents to block adult content, violent sites and video games. Moving on to usage control, Safe Kids also allows the blocking of inappropriate apps based on the child’s age. Parents can set time limits for the usage of the device by shelling time slots and days off and the device will also be blocked when a time limit is up. It can be switched off at a given time when the child needs to do their homework or be engaged in other screen-free activities. For how all-arounded this solution is, Safe Kids has received awards from the Independent Assessor AV test from Germany and also at the Mobile World Congress in Barcelona. Of course we know that such apps are not completely without controversy so we’ve also issued guidelines on whether the installation of the app should be discussed with children and how. For instance we are suggesting that from the ages of 3 to 6 there is no discussion needed, from 7 to 10 children need to be informed, from 11 to 13 there has to be a discussion and from 14 to 17 there should also be mutual agreement. This is where tech really intersects with policy so Kaspersky also extends into thought leadership and education programs engaging even parents and teachers who need to be equipped with knowledge about cyber threats to make fully informed decisions about what is best for their child. On that front Kaspersky has been conducting events to promote cyber hygiene habits and in 2023 alone we did 107 events reaching out to some 700,000 people around the world. What we really sought to do is to share some of our findings on threats and make them actionable for parents and teachers like anti-hacking, protecting children’s privacy identifying indicators of cyberbullying, and helping children become more resilient when digital devices become a norm. Kaspersky has also published children’s books on good cyber hygiene habits. One of them launched this year is called Cyber Security Alphabet, where we are teaching A to Z. But here, A is for authentication, B is for backup, C is for capture, and D is for digital footprint. It is a profound reflection of the world that we live in today and how fast changes are happening, because I don’t think even adults may know all of these words. So I encourage everyone to download a copy. There are limited physical copies, which I think Gladys has also been distributing in our booth at IGF. Of course, there are still many other initiatives like a joint study with the UAE government on children’s online habits, and a white paper written with the Singapore Institute of Technology on motivations for safe online behavior. These initiatives allow us, as a cybersecurity company, to contribute to the ecosystem as practitioners with real stories to share that is backed by our data. But given the limited time, I won’t be able to go to the details of many of these initiatives. I’ll be happy to share more about these later on in the questions, as well as during the interaction session with the audience. Thank you very much.

Gladys O. Yiadom: Thank you very much, Eng, for this comprehensive overview of the action led by Kaspersky. As you were saying, there is a need to have this conversation from the get-go with children. So now moving on to sort of conversation that I want to have with all of you panelists. So, El-Mahdi, you referred later to risks that are coming up with AI. So I will address this question to Melody and Eng, but AI is often exploited by cybercriminal to harm children via deepfakes, as you mentioned, El-Mahdi, or text that look convincingly real. What can the different stakeholder groups do to counter this danger and mitigate risk? So I’ll kindly ask Melodina to share her insight, then Engin, and yes, thank you.

Melodena Stephens: So I think the first thing is to know how many pictures it takes to make a deep fake. And you could do that with one. How much a voice recording, 15 minutes. Then think about where all children’s voices are being recorded or pictures are being put up. And this is schools put up children’s pictures online because they are like, this is my new class. We use platforms like learning platforms where we record things. But we never ask the questions, what happens to these recordings? Are these recordings with the platforms? What are the safety things? Because there’s constantly training. I mean, Zoom is currently now training on the recordings that are there. The problem is the large companies may choose, and I don’t know yet because I don’t have clarity, not to share the information, but there are many, many educational apps. Who’s vetting them? And we know apps fail very quickly. You need a minimum user, kind of 50 million users, otherwise you’re not going to be successful. When they die, what happens to the data that the teachers have used to keep the kids engaged? And we don’t have answers because no one’s vetting them. No one’s asking these questions. So I think the problem with deep fakes, it’s very easy to make, and we need a whole of society responsibility, but we need regulators to get onto this too. We need ministries of education to perhaps vet apps and say, these are approved, these are not approved, and also monitor them because if they fail, make sure their data is not leaked. If you look at the deep web, one of the biggest challenges is child pornography. The children that are being trafficked there are synthesized. They take real pictures and superimpose them on compromising pictures. Imagine that child growing up and being confronted with a picture that’s a deep. fake? What will be the psychological damage for that child years later when they’re trying to get a job or anything else? We do not have an idea how this will evolve in the future, but it’s a little bit scary and I am worried for the children.

Gladys O. Yiadom: Likewise, Melodina. Hank, could you share your thoughts on that as well, please?

Heng Lee: Certainly. I think let me divide it into a few parts once again. So it’s really the people, the process, the technology. The people here would really need to gain the kind of awareness and education as to what kind of threats children are facing. In terms of policy, we have examples very recent, in fact, from Australia. I think many of you might have read in the news that Australia is going to become the first country in the world which intends to ban children under the age of 16 from using social media. It is in fact the world’s most restrictive regime so far. But there are also questions about how this is going to be enforced. How do you ensure that children under 16 don’t have access to the social media? Because there are age limits for alcohol, but that doesn’t stop children under the age of 18 or 21 or whichever age limit there is from getting alcohol in different countries. So enforcement can be a problem. And then, of course, there is technology, which I think, once again, coming from a tech company, I feel that the value of what a tech company can contribute is practitioner experience, the understanding of what the latest threats are and how to guard against them. Since we’re on the topic of AI, Melodina has shared a lot about how quickly it is to, how easy it is to create a deep fake, just 15 seconds of voice and just one picture. And AI is actually making it easier to groom children as well. Just imagine if adults can fall for deep fake, what more would it be for children? The kind of grooming also comes in the form of conversations where the child could think that he or she is talking to a friend who is playing an online game, but it could well be a bot which is being programmed to gather some of the personal data. And these have long-lasting effects. I’ll just cite one example. If we have a bot which is collecting conversation very casually with a child asking, what is your blood type? The child takes it as a very innocuous question, answers it. And this is something that stays on the internet forever because it is pretty unlikely that the child’s blood type is going to change. So on the internet or in a dark web database, whatever blood type this person has remains on the internet forever. So this is actually quite a sobering thought, which if you think about the kind of damage that online gaming modules and together with AI can create. So tech companies need to guard against these, to flag these out as early as possible whenever they come across these new threats. And coming from wearing my hat as a regulator previously from the Singapore Ministry of Home Affairs, I also think that there needs to be an enlightened approach when it comes to regulations to ensure the balance between consumers, protection, and innovation. Try not to jump into any new threat that emerges. Start with broad principles, guidelines, rather than a very blunt question like, how do we regulate chat GPT? So I think the kind of balance from regulators, contributions from tech companies are essential to create an ecosystem that’s safe for children. Thank you.

Gladys O. Yiadom: Thank you, Veng. Absolutely. And when you’re mentioning guidelines, we can see here that it’s about an ecosystem, really. So we’re talking about children, but there is a need to also address parents. and teacher, which leads me to my next question that I will address to Elisabetta and Elmeri. What is the best way to address children, parents and teachers? And how can curricula be adapted to create sufficient appropriate cybersecurity offerings? So Elisabetta, please, I know that you answered some of the question earlier, but if you want to perhaps add some more comments to that? Elisabetta, are you with us? Perhaps let’s start with you, Elmeri, if you can answer this question, please.

Elmirti Arousafi: Sure. So if I got the question right, we are talking about how to actually address children, parents, educators, and all the stakeholders. And of course, different targets would require different approaches. And first of all, let’s talk about children. So what we noticed is that effective curricula are actually gamified. So we’d like or we would want to create interactive experiences while we teach children. We don’t want to have a strict technical curricula. We want to get engagement. So remember, we said that one of the challenges is to get children trained, able to spot threats and alarms. So the easiest way and the most effective way would be to create gamified curriculas. We tried that through our subsections of EMC, EMC Youth, where we created actually games on internet and such kind of interactive experiences to get as many children engaged as possible. Now for parents, the focus should be on practicality, right? So the guidance with parents needs to be ongoing and it needs to be helping parents be equipped really to protect their children. And this is again, due to the pace of technology. So when we talk with parents and us included, talking about our generation, we start feeling that technology is actually, you know, far ahead of us. So we actually need practical guidance. We need to understand. I mean, I understood Roblox from my daughter and it took me some time to understand the threats behind that. So it’s really very interesting to see how this space and how parents sometimes feel lost. So again, at EMC, we created guides, practical guides for parents. Now, we need also to think about teachers, right? Because we think that peer-based and structured learning is also important when it comes to cybersecurity. So teacher would play a crucial role and they are in constant contact with children. Us as an NGO, we are not as often with children as the teachers and parents would be. So teachers, the curricula would need to be very specific cybersecurity curricula that aligns with their teaching objectives. So depending on which level we’re talking, which kind of school, et cetera. So again, equip them with foundational cybersecurity skills and it is essential, again, to make it practical. We don’t wanna have only theory on that. And I think part of your question is how to adapt the curricula. So the module should be actually part of standard education. Ideally, we wanna have from an early age, something evolving into more complexity as the child will grow in different levels. It can be like… digital safety weeks, for example. This is some of the initiatives we have been doing, or online hygiene session. So we had that as well done with some of the classes. And again, it involves developing age-appropriate resources. So the key is to adapt curricula to every audience. Thank you.

Gladys O. Yiadom: Thank you very much, El-Mahdi. I saw that Elizabeth was with us a couple of seconds ago. Elizabeth, are you back? No, so let us move then to the next question that I will address to Henk and Elizabeth as well, if she is back. Henk, how can a multistakeholder dialogue and cooperation on online child protection on national and regional level be stimulated?

Heng Lee: Thank you. Thank you, Gladys, for the question. I think it really needs to start from the recognition that the problem cannot be faced or solved by any single stakeholder, because no one will have all the answers to this problem, even the complexity of it involving regulators, tech companies, parents, teachers. So that humility and understanding that it needs to be some all hands on deck, it needs to start with that understanding. And also, there needs to be a recognition that this problem is not something that’s confined to a certain country. So whenever we see a case of something very alarming happening in another country, that could soon be on our shores very quickly. So that dialogue gives the urgency of this problem, really gives the impetus to put together a dialogue that is very specific to this problem. And instances like the workshop that… having today is an example of how we’re coming together to influence policy at a national level because we have regulators sitting with us today, we have government representatives who can take these ideas back. It’s a cross-pollination of ideas not just from the industry but also from people who have done it before, practitioners, NGOs and academics like Melodina giving very good ideas on how we can shape a balanced approach to regulating content on the internet that can protect children. And some of the examples of what have been thematic discussions in the past would be such as the World Anti-Bullying Forum where I think the example I raised just now about online disinhibition in fact had been widely discussed and also there’s a Safer Internet Forum that is done by the EU. I don’t know where there’s going to be another repetition of it but instances like this really allows people to sit together and learn what is it that has succeeded or failed especially instances which have failed so that we know how to draft laws in a way that avoids these pitfalls. And the example finally coming to the example I talked about just now about how health data are becoming very crucial about how blood types could be data about blood types could be taken up from game modules. This is something that I think even health authorities from around the world could be interested in. So especially for children because adults may understand the importance of keeping health data close to themselves but children may not and they could see as oh I’m just sharing it to see if I’m making a good friend or they look at it in terms of whether I’m just sharing my horoscope there’s nothing wrong with it. So that awareness and education, once again, has to be present across different verticals, healthcare being one of them. So I think the involvement of different verticals, and I don’t have a comprehensive list of what these verticals may be yet, but as and when there are new challenges that are targeted at them, they should be involved in this conversation. I think as a start, there will be a good approach to understanding who is it that we need to gather for these conversations. Thank you.

Gladys O. Yiadom: Thank you. Thank you very much, Ang, for these thoughts. And this gave us the opportunity also to open the floor for some comments and questions. And I’ve seen that we have a request from the Ministry of Education. Could we please give open mic to Mr. Andre Gorobets? It’s online, right? It’s online.

Andre Gorobets: Hello.

Gladys O. Yiadom: Hi, we can hear you, sir.

Andre Gorobets: Can you turn on the mic of our translator? I can speak in Russian. And he can say it.

Gladys O. Yiadom: But I can only ask you to speak in English because we do not have interpretation.

Andre Gorobets: Okay. I will translate it online. You can turn for her a mic, a microphone. And Margarita Yurova.

Gladys O. Yiadom: Okay, we have someone in the adjunct that can translate in Russian.

Margarita Yurova: I will help. I will translate from the audience here.

Gladys O. Yiadom: Please go ahead, sir.

Andre Gorobets: Thank you very much. I support my colleague. The issue of digital education is quite important. It is considered as one of the main trends of development in all states.

Margarita Yurova: So, I’m supporting colleagues. The issue of how to deal with digital challenges is one of the key ones, not only for Russian Federation, Russian government, but for other governments across the world. It’s a very important issue.

Andre Gorobets: We believe that our key goal is to focus on new skills development, new competences for our kids to adapt to the new digital challenges. And we believe that new technologies, new technological instruments need to be instrumental and helpful and not to be a showstopper. First of all, Russian government and Russian state pay attention to the fact that security issues, first-stage security issues, need to be combined and considered as pedagogical issues and psychological development of our kids. And we believe that we need to address the issue holistically, and cyber security issues, challenges, has to go along with psychological and educational goals and tactics. So it all has to be in one, to address holistically. And the most important point that all our colleagues should pay attention to, is the interaction between the state and the protection of our children. Because trans-border threats, trans-border interactions, affect our work primarily now. And cooperation needs to be improved to address kids’ safety goals. To address kids’ safety, we are working on three levels. The first level is technological level, to ensure that devices kids are using are protected from harms, unwanted content, threats, etc. The second level is software level. to ensure that the device is equipped with software for checking the content. The highest level is, of course, the content. This is what we should pay close attention to, because the content contains the important moments of the development of our children, which we should control first and, first of all, protect them from external harm. Colleagues have already said that the chat GPT and any other artificial intelligence that is implemented in education poses high risks. Yes, we agree with this. But we must understand that this new technology can be used, and we are already using it, in the work, including for the development of skills, knowledge and skills, which allows the teacher to build a lesson But we need to admit that it’s also generated by the chat GPT, also instrumental in terms of teaching kids, and they can be used for good in educational process. And the role of the government is to equip teachers with the technologies, which can be embedded in a safe way for the educational process. And we need to all together work on the common goal of equipping schools, universities, with the good modern technologies for the modern, modern education. Thank you.

Audience: And what I wanted to address, and I’m sorry, I don’t know all the names of the panelists sitting around here, but I’d like to ask, and the lady, and the sir from Morocco. We found that the modus operandi of perpetrators reaching out to children for either for radicalization, as well as for grooming, is the same. So they use the same pattern for a different crime, meaning that the most vulnerable children, one of you mentioned that, is even more at stake in the online environment. And I must say I’m kind of disappointed because I was hoping this room was packed today, because this is one of the most threatening subjects we have online at the moment, and I don’t think we’re doing enough. We keep talking about it, but at the same time the big tech is just over our shoulders and not protecting our children enough. So, my question would be, you mentioned it, I believe, but how do you emphasize a regulator or regulatory body to be able to put more regulation online, protect our children, if you know that it’s for the perpetrators, just another easy crime.

Gladys O. Yiadom: Thank you. Melodina, I’ll ask you to answer the question first.

Melodena Stephens: So your question was just what should we do for more regulations, if I’m correct? Okay, so there is, I think, a literacy gap, and this is at not only at societal level, but at also regulatory levels. We’re not understanding what, and even with engineers, so I’m also working with big tech, I work with IEEE, even engineers don’t understand the consequences of designing code. Startup founders, they mean to change the world for the better, but the moment is when you’re embedded in 50,000 devices, and you don’t have the safe calls or the protocols, or there is somebody who says, where’s my money, because I’ve invested 50 million, I need, shareholders do the same thing on the stock market. So the issue is really a very large literacy issue. And the scale, and I think you mentioned that too, so I’ll just give you this example. It took 68 years for airplanes to reach 50 million customers, but it took Pokemon Go 19 days. There is no regulator in the world that reacts in 19 days. So we are far behind. What we need is a public sector that is thinking 20 years ahead of the private sector, which is not the case right now. Right. So what can we do right now? I think we need to make hard no-go areas. Does a child who’s five years old need to be exposed to the internet and have a mobile? Should that child have the right to childhood right now and just exploring simple things, learning how to read, looking at books? I don’t think books are bad. When you talk to psychologists, they say reading in books is a slow process, but it helps their brain. develop differently than online stuff, gamified stuff does. So we need a lot more research funding going into these areas. We need stricter penalties on what is a crime online. I don’t think that is very transparently clear. And it’s very difficult to apprehend criminals, make them accountable if they’re in another jurisdiction. So we do need a lot more coordination for apprehension of criminals, a lot more transparency on what is criminals. And I want to come back to cyberbullying for this. A lot of children bully children, and it would be considered a crime. They don’t know better. They think it’s OK to put a face on something else, and it’s fine. So I agree with you. Grooming is the same. With AI, it’s easy. You’re basically mirroring a child. So if a child smiles, you smile back at it. The child develops trust. And therefore, if you say, it’s bath time, the child will do whatever needs to be done, and the camera’s on. So it is very difficult to catch, unless parents have a rule that no kid should be on the computer unsupervised. We assume if it’s at home, it’s fine. So it’s a literacy issue, I think.

Gladys O. Yiadom: Thank you, Mr. El-Medhi. A couple of comments on that, please.

Elmehdi Erroussafi: I would comment from the NGO perspective. And some of the work we do in Morocco is actually with partners and regulators, whether it is telecom regulators, data privacy regulators, are actually partners. So one very important point is to have the common goal, is to align everyone on a shared objective. Because this issue has been taken from different perspectives. Us as technical people, as researchers, we would look into the technicality of it and try to come up with standards and big compliance items to be checked. Whereas from the regulator, those are more into a work in progress. I would say policymaking more into protecting end customer. So we need this shared goal and we need to understand the pain point of each other. So collaboration is key. We don’t need to have multiple initiatives here and there. We need to have focus and we need to have collaboration. I would comment from that point alone because I think we won some months, maybe not years ahead, but months ahead when we worked since day one in a collaborative manner.

Gladys O. Yiadom: Thank you, Almedia. And perhaps since we also have Ang with us and I know that Kaspersky is only working with regulator, could you please share the perspective from the industry?

Heng Lee: Certainly, maybe I’ll just share from my region, which is in Asia Pacific. I think when it comes to regulations and how we respond, like what Melodina rightly pointed out, there is no regulator in the world who could be responding to a challenge like this of this magnitude in 19 days. So in my home country of Singapore, there have been different outfits that’s being set up to respond to new challenges that are emerging. So for example, an issue like child safety will straddle across a few ministries. In public security, the police might come into it, internet regulators might come into it, the social affairs people might want a hand in it. So the latest problem to enjoin such an outfit is something like the protection from falsehood. So there is a dedicated office called the Protection from Falsehood Office in Singapore. Yes, I can hear you. Can you hear me now?

Gladys O. Yiadom: No, I don’t.

Heng Lee: I am not hearing you very well. It’s very choppy on your end. And I’m here to check if it’s well. Can you say something again? That is, are you saying anything?

Gladys O. Yiadom: Yes. Sorry, there is some issue. Online you can hear it, so it’s here actually, it’s onsite. The issue comes from onsite. What we will do is while we’re fixing this issue, we’ll give the floor to another question and then I’ll come back to you once we are fixed. Because online they can’t hear you, but I believe that we’re having an issue with that.

Heng Lee: Do you want me to continue? Because I hear you.

Gladys O. Yiadom: Now it works. Now it works. Please go ahead and then we will take your question afterward. Question from the audience. Please go ahead.

Heng Lee: Sure. I was talking about how there are different outfits that are being set up for specific purposes in Singapore, like the protection from falsehood office, the anti-scam commands. So have we come to a time when we need a child protection authority for online content? And how does that overlap with existing outfits, which are in the physical space for child protection? And what is the qualitative difference other than online disinhibition that warrants such an outfit? These are all problems that we need to think about from a regulatory perspective. And it’s tempting to think about how we answer questions in terms of let’s have a new team of people doing it. But are the people who are staffing such a new outfit sufficiently equipped with the response skillsets to understand this is an upcoming trend that needs to be addressed? This is something that will happen no matter whether you regulate it or not. So I think. That acumen has to be gained over time, so there is really no easy answer to this, but the shape and form that outfit could take is something that we could probably start thinking about. Thank you.

Gladys O. Yiadom: Thank you, Hang. So we will take one question from the on-site audience, and then we will have a question from the online audience. Could you please give the mic to the young man over there? Thank you. We can hear you. I will kindly ask you to share your name, organization, and who you addressed the question to.

Audience: I’m Ethan from Hong Kong, and I’m the youth ambassador of the One Power Foundation. Basically, I’m asking this question to every one of you. In Hong Kong, specifically, I guess, many parents try to protect their children from the internet by physical ways, banning their children from using phones, or maybe banning them from contacting the internet. Before, not five years ago that you mentioned, but actually 12 years ago or below, they are not able to use phones because of some kind of parents’ problem. And I’m just wondering, because I’ve only heard perspective from teachers, parents, and my peers that this way, because they comment on this kind of ways of protecting children. And I want to hear from different perspective that comments on this way. So will banning children from using mobile phone, or maybe banning children from using the internet, an effective way or maybe a suitable way for them to not being cyber-bullied or insecurity in internet. Yeah, that’s a question.

Gladys O. Yiadom: Thank you. Milodina, please go ahead.

Melodena Stephens: So, I think the technology is here to stay. I don’t think banning alone is good enough because we have to teach people how to use the technology safely. And so it’s a dual problem. educate 8 billion people of the world. 30 percent are still not online. We need to educate everyone online. We need to educate parents as their children grow and as new technologies come, how to use that. And we have to educate children. And I want to give you this one example. I was working for a company and we were trying to look at preventing bullying and harassment on an online game. And everything we did, we parents came, and a lot of us were adults, so we came together and we looked at cyber tools, we looked at content moderators, we looked at algorithms, we looked at AI bots. But the thing is, the children were still accessing it because somebody’s parent’s friend allowed them to use it. So I don’t think banning actually works, correct? The children, whatever’s banned, they want to find a way to use it. So the kids were still finding ways to do that. And then I decided to interview a little boy who was seven years old. And I asked him, how do you know it’s a stranger on Minecraft? And we had all these answers as parents, but he said something very simple. If that is my friend, they go to my school, they will know what I ate for lunch. So the first question I asked them is, what did I have for lunch yesterday? What happened in school in this class? And if they don’t know that answer, I don’t play with them. And I thought this was not something I would never have come up with myself. But we also need to involve, and I’m very happy you’re here, we need to involve the children in this dialogue, because they may have answers, because I’m not playing on the ground, I’m not comfortable with that thing. So thank you for asking that.

Gladys O. Yiadom: Thank you Meletana. Elmedli, a couple of comments on that?

Elmehdi Erroussafi: Yeah, I think everything has been said. I would just say that this method of forbidding to children might seem to be effective, but what we noticed talking to children and parents is that there is a more effective way, which is to actually build trust with your child as a parent or as an educator. The child needs to trust you enough, to be able to come forward if he’s being harassed or if he’s being bullied on the Internet without fear of reprisal or without fear of punishment. So, open communication is key. We advise technology will also, you know, is very fast and children will get access to technology. Banishing access to the device itself might not be effective in our current world. So, open communication is key and building trust with your child so that everything can be said, you know, in an open manner. That’s our advice.

Gladys O. Yiadom: Thank you. And Maddy, Ang, do you have brief comments from an industry perspective?

Heng Lee: Yes, yes. Thank you for the question. I’m very happy to answer. Having lived in Hong Kong myself, I’m going to start with a Cantonese answer, which is So, in short, this really means there are trends in the world that we can’t really disobey. And like what Melodina says, I agree with her that the tech is here to stay, which is why going back to what I mentioned just now about the guidelines for safe kids, when we interact with parents on whether or not to tell them or to discuss with the children before they install safe kids on their children’s phone apps. We’re saying that for the younger children, maybe there is no discussion needed. At a certain age, there needs to be information about where am I doing this for? So that it doesn’t have to be a very prolonged kind of information, just that there is an app that I’m installing to protect you. But at some point in time, you realize that by especially by 14 to 17, our guidance has changed to you must get the children’s permission before you install the app, because we also recognize that you can probably install the app, but the children is also, they’re also wise enough to know how to uninstall the app from their phone. They could even be reinstalling it every day before they come home, or they could have a different phone altogether for their day-to-day interaction, and a dummy one just to show the parents. So there is really no hard and fast or blunt way of solving the problem itself, but I think that constant communication to maintain trust between parents and children, rather than a blanket ban, will be something that is more effective and sustainable. Yeah, thank you.

Gladys O. Yiadom: Thank you. Thank you, Ang, for your answer. Now, perhaps turning to our online audience to check whether or not there’s a question. Anne, please.

Anne Mickler: Yeah, there is one question, and it comes from Jochen Michels, who is the Head of Public Affairs, Europe, at Kaspersky. And this question goes to Melodina and Elmedi, please. So the question is, how can the different competencies of the various stakeholders be brought together to ensure better protection, good and sufficient training, and appropriate solutions for children, parents, teachers, and other stakeholders? And should this start at a local level and then be expanded regionally and globally?

Gladys O. Yiadom: Thank you. And I’ll kindly ask Elmedi to answer first.

Elmehdi Erroussafi: Yeah, thank you for the question. So I think that it’s a problem for everyone. So again, we are emphasizing on cooperation. So every stakeholder will bring something to the table. Regulators will state, as I said, common objectives, I would say. and those big ethical guidelines, NGOs will help to touch the ground. We believe in the NGO work, we think it’s very effective. Vendors will provide as well technical solutions, technical responses. Educators, academia will provide the research, oversight, early warnings. Those years ahead we need, it’s actually needed from research and we need to be aiming for the best. We really need to be looking forward and having those years ahead. So everyone can collaborate to actually build a common, I would say, strategy. So acting locally is very important. This is where we touch, this is where we also take in consideration local points such as the one we just heard. So locally it’s very important, but we need to open those channels of communications. One example would be, for example, AI regulation. This is a big subject and cannot be local. This is a global issue and it needs to have a global regulation. It needs to have global guidelines. So acting, again, in the spirit of collaborations. Let me just share that we work with those big tech companies like NETA and TikTok to open this channel of communications and to be able to, as a partner of trust, they call us to be able to report on them so that they remove it, maybe quicker than on a regular basis. Collaboration. And hopefully we get there with the help of everyone.

Melodena Stephens: I agree with everything you said. I just want to talk about competencies. I want from government political will. That means this ruthlessness that I will ensure the child is safe. And what does it mean safe? So I want political will from governments. I want alignment on values. What does it mean when I say for good? So this alignment on values across all industry. From society, we want a reflection of culture. I have to say that we have different sorts of culture around the world, and I would like that to be there. So for me, for example, a child is not just below 14 years of age. I would think a child is 18 or 19 or 20. So maybe the way I look at the child is slightly different than maybe somebody in Europe does. I want that also, those nuances of culture, to be there. And from researchers, researchers tend to publish research either for something or against something. I think we have now evolved enough, I would like them to publish both for some of what is harmful, what could be some of the goods.

Gladys O. Yiadom: Thank you. Thank you, Melodina, for this answer. Perhaps checking from the audience on site, do you have any questions? We do have questions from the audience. Can someone share a mic, please? So one question, one question, one question. Okay. Okay. Please name, organization, and who you address this question to, please.

Audience: Hello. I’m Grace from the Pan-African Youth Ambassadors for Internet Governance. Yes, so I come from Uganda, where awareness about online risks is very low. So my question is addressed to anyone who can answer. So I’d like to maybe have campaigns. How can I collaborate with any of you to raise these campaigns and let people know about online child protection?

Gladys O. Yiadom: Thank you. Perhaps this question, I will address it to El-Mahdi, who can share his concrete experience and share some of the best practices that Espace Maroc Cyberconfluent has been doing.

Elmehdi Erroussafi: Yeah, sure. So again, I’ll profit from this question to also share some best practices. So I talked about common goals. I think clearly here we share common goals, but one very effective way to work and to start such campaigns would be to work by small focused work streams. We call them task force. So let’s get all our partners. So we have a team, but we’ll get there and contact every stakeholder partner, whether from the public sector or the private sector. We go on the team, we talk, we produce a project, we work in a project mode, and we build those task force. And if, for example, you would like to build this kind of campaign, I would suggest that first you list the stakeholder. The local area is actually able to support that project. For example, regulators, telecom operators, IT companies, and maybe also ministries of education. So those kinds of stakeholders, we need to contact them to this kind of partnership. Coming from the NGO, it also gives you a kind of a trusting, I would say, hat, because you are willing to basically profit from your time. And as young people, I believe this is very important. This is part of your education. So a portion of your time should go toward that work. And then, as I said, working in small teams. We want to build a campaign to our schools. We need someone from the ministry. We need someone from the education to build the content. We need some experts. And From my experience, I know we are in the same continent and I know how generous African people are. So, whenever we talk about an opportunity for a project, we get more participants than we initially anticipated. So, we end up with a very good problem to have this out-of-the-tunnel relevant people in the work stream. So, again, we are looking for progress and I trust that people will appear. At CMRP, we will share our interests as well. We will be very happy to open this collaboration and discussions with other organizations.

Anne Mickler: Sorry if I chip in for the online audience. The sound quality got really bad at the moment. The online audience can’t hear. Sorry about that.

Heng Lee: Yes, is there anyone speaking on site? I can’t hear you.

Elmehdi Erroussafi: Sometimes, from time to time, we can help. I can’t hear you. I can’t hear you. looking at the mix of vaccines and COVID-19. So it’s becoming such issues, and it’s a policing thing. So the only way to come up with the issue is now to build some solutions, some experiences from the countries whereby open solutions have been found. But now, all what we notice is also from the content creators. Sometimes, because we are calling upon local content, now, local content creators are not really skilled. There is no sound in Zoom.

Gladys O. Yiadom: Now, they’re solving the issue. There is no sound in the Zoom room, apparently?

Heng Lee: No, there wasn’t. Until you promised.

Audience: Yes, I was saying, like, another issue, but part of the issue is lying at the content creator-wise, because they are not really skilled. They are not really aware of educational curricula. What it requires for them is just to have the solution, to have something, like material, something on the hand that they can share and they can maybe share out. So now, what I can suggest, like from this workshop, is that to allow us, as we are coming from such countries, to allow us to have a proper way of bringing about awareness to the public, to those… children at schools, because some of them, maybe the school they are going to is not very equipped, but they are finding, they are coming across the devices out there, so maybe at a friend’s place, and now the only way to save those children is to bring about some programs, such as what we were talking about, from some of those kind of experiences, so that they be aware, and they be willing to say no to those who come to bully them. Yes, this is kind of collaboration I can ask for, to whoever can bring its expertise.

Gladys O. Yiadom: Thank you very much for sharing that, and I believe El-Mahdi is a concrete example of the partnership that we have with the civil society, so please do not hesitate to talk to him, we also have a booth, so very happy to have you there and can discuss further. So we’ll take a last question, please, before the next service, so please.

Jutta Croll: Thank you for giving me the floor. My name is Jutta Kroll, I’m a child rights advocate from the German Digital Opportunities Foundation. I just wanted to mention that what Melodina said about the age of children pretty much resonates with me, because we have these cultural nuances, but we also have the UN Convention on the Rights of the Child, which defines everyone under the age of 18 as a child, and with regard to all the questions that we’ve been discussing, I would like to refer to the principle of the evolving capacities of the child, so it’s not a matter of exact age of whether a child is 12, 13 or 16, it’s about their evolving capacities, and I also would like to go back to Grace’s question, because In 2021, the United Nations Committee on the Rights of the Child adopted General Command No. 25 in regard to… This is the document that you can base all these questions, whether there will be education. The states that have ratified the UN Convention are obliged also to implement the rights of the child in the digital environment. So when you’re asking for training for digital literacy and for cooperation, you can go to your state government and say, hey, you have ratified the UN Convention and here is the basis, you are obliged to do something for the young generation to make the rights come true in the digital environment. So I think it’s kind of groundbreaking that we have a document from the United Nations where you can base child online safety, but all their rights to provision and participation. Thank you so much for listening.

Gladys O. Yiadom: Thank you very much for your comments. So we’re entering now the end of our session. So before closing, we will run out again the survey. So Anne, I’ll kindly ask you to share the slide. So it’s the same question, see that it has evolved. I’ll kindly ask the on-site participant to scan the QR code and participate in the survey. And then we’ll review the result afterwards. So just a couple of minutes so that everyone can take the survey. And then also Anne, our online moderator, can share the results. And it will also be the opportunity to see if the answers have changed after the session. So, we have received the results. Just give me one second to change the screen and show you the results. Can you see the results now? Oh, yes. So, we have seen that the results have changed quite a bit. So, now actually more of you think that the threat will increase significantly and lead to increased abuse and cybercrime, that the situation will get worse, both on the A and the B aspect. But nonetheless, also more of you believe that the awareness and the knowledge of cybersecurity issues and protection against threats in the digital world will increase. And, oh, also 40%. So, now we’ve moved a little bit from 32% to 40% of those of you believe that better knowledge and well-developed defence skills, as well as better developed digital skills will ensure that children can cooperate more securely. And actually, less of you are uncertain. So, we’re seeing that after the workshop, the results have evolved a little bit. So, I would like now to kindly thank our speakers for their contribution. Thank you, Aang, thank you, Melodina, thank you, El-Mehdi, and also El-Evizabeta, which was with us. Thanks to the audience for the great contribution that you shared regarding this topic. And I’d also like to thank Anna, who was our online moderator. And please, let us continue the conversation. Can we… We will discuss this after… Okay, we will share about that, but let me just conclude the session and then we can take this conversation together. So, I would like to thank you all for participating in the session and please let us continue the conversation together. Thank you.

Agreement Points

Increasing sophistication of online threats to children

speakers

Melodena Stephens

Elmirti Arousafi

arguments

Increasing sophistication of online threats like deepfakes

Rapid pace of technological change outpacing regulatory responses

summary

Both speakers highlighted the growing complexity of online threats to children, emphasizing how quickly technology evolves and creates new risks faster than regulators can respond.

Need for multi-stakeholder collaboration

speakers

Elmirti Arousafi

Elizaveta Belyakova

Melodena Stephens

arguments

Collaboration between government, industry and civil society stakeholders

Need for political will from governments to prioritize child safety

Importance of industry alignment on values and ethics

summary

The speakers agreed on the importance of collaboration between various stakeholders, including government, industry, and civil society, to effectively address online child protection issues.

Importance of education and awareness

speakers

Elmirti Arousafi

Heng Lee

arguments

Need for gamified, interactive curricula to teach children about online safety

Creation of educational resources like cybersecurity alphabet books for children

summary

Both speakers emphasized the need for engaging, age-appropriate educational resources to teach children about online safety and cybersecurity.

Similar Viewpoints

These speakers shared concerns about the challenges in regulating and enforcing age-appropriate content and access for children online, suggesting the need for more focused regulatory efforts.

speakers

Melodena Stephens

Elmirti Arousafi

Heng Lee

arguments

Lack of alignment on standards for age-appropriate content

Difficulty of enforcing age restrictions for social media use

Need for dedicated regulatory bodies focused on child online protection

Unexpected Consensus

Involvement of children in developing solutions

speakers

Melodena Stephens

Unknown speaker

arguments

Potential for youth-led awareness campaigns on online risks

explanation

There was an unexpected consensus on the importance of involving young people in developing solutions for online child protection. This approach recognizes children as active participants rather than just passive recipients of protection measures.

Overall Assessment

Summary

The main areas of agreement included the increasing sophistication of online threats to children, the need for multi-stakeholder collaboration, the importance of education and awareness, and the challenges in regulating age-appropriate content online.

Consensus level

There was a moderate to high level of consensus among the speakers on the key issues. This consensus suggests a shared understanding of the challenges in protecting children online and the need for comprehensive, collaborative approaches. However, there were some differences in emphasis and proposed solutions, indicating that while there is agreement on the problems, there may still be diverse views on the most effective ways to address them.

Different Viewpoints

Approach to regulating children’s online safety

speakers

Melodena Stephens

Heng Lee

arguments

Need for political will from governments to prioritize child safety

Balancing consumer protection and innovation in regulations

summary

While Melodena Stephens emphasizes the need for strong political will from governments to ensure children’s safety online, Heng Lee suggests a more balanced approach that considers both consumer protection and innovation in the tech industry.

Unexpected Differences

Overall Assessment

summary

The main areas of disagreement revolve around the approach to regulating children’s online safety and the balance between protection and innovation.

difference_level

The level of disagreement among the speakers is relatively low. Most speakers agree on the fundamental issues but offer slightly different perspectives on how to address them. This suggests a general consensus on the importance of protecting children online, with variations in proposed strategies and emphases.

Partial Agreements

All speakers agree on the increasing sophistication of online threats and the challenges in regulating them. However, they propose different solutions: Melodena emphasizes political will, Elmirti highlights the need for rapid regulatory responses, and Heng suggests creating dedicated regulatory bodies.

speakers

Melodena Stephens

Elmirti Arousafi

Heng Lee

arguments

Increasing sophistication of online threats like deepfakes

Rapid pace of technological change outpacing regulatory responses

Need for dedicated regulatory bodies focused on child online protection

Similar Viewpoints

These speakers shared concerns about the challenges in regulating and enforcing age-appropriate content and access for children online, suggesting the need for more focused regulatory efforts.

speakers

Melodena Stephens

Elmirti Arousafi

Heng Lee

arguments

Lack of alignment on standards for age-appropriate content

Difficulty of enforcing age restrictions for social media use

Need for dedicated regulatory bodies focused on child online protection

Key Takeaways

The threats to children in the digital world are increasing in sophistication and scale, outpacing regulatory responses.

Protecting children online requires a multi-stakeholder approach involving government, industry, civil society, parents, and children themselves.

There is a need for age-appropriate, interactive education on online safety for children, as well as practical guidance for parents and teachers.

Regulatory approaches need to balance consumer protection with innovation, and consider transborder nature of online threats.

The UN Convention on the Rights of the Child provides a basis for government action on child online safety.

Resolutions and Action Items

Continue dialogue and collaboration between different stakeholders on child online protection

Develop more interactive, gamified curricula to teach children about online safety

Create practical guidance materials for parents on protecting children online

Consider establishing dedicated regulatory bodies focused on child online protection

Use UN Convention on Rights of the Child as basis for government policies on child online safety

Unresolved Issues

How to effectively enforce age restrictions for social media and other online platforms

How to address the rapid pace of technological change in regulatory approaches

How to balance children’s rights to privacy and protection in parental control measures

How to align different cultural perspectives on appropriate content/age limits

How to equip local content creators in developing countries with child safety knowledge

Suggested Compromises

Balancing technology bans with education to help children use technology safely

Adapting parental control measures based on child’s age, with more discussion/permission as child gets older

Focusing on building trust and open communication between parents and children rather than strict bans

Combining local action with global coordination on issues like AI regulation

If we have a bot which is collecting conversation very casually with a child asking, what is your blood type? The child takes it as a very innocuous question, answers it. And this is something that stays on the internet forever because it is pretty unlikely that the child’s blood type is going to change.

speaker

Heng Lee

reason

This comment vividly illustrates the long-term risks of seemingly harmless online interactions for children, highlighting how easily sensitive personal information can be collected and potentially misused.

impact

It deepened the discussion on the sophistication of online threats and the need for more comprehensive education on digital safety for children and parents.

We assume if it’s at home, it’s fine. So it’s a literacy issue, I think.

speaker

Melodena Stephens

reason

This succinctly captures a key misconception about online safety and frames it as an educational challenge rather than just a technological one.

impact

It shifted the conversation towards the importance of digital literacy for both children and parents, emphasizing education as a crucial component of online safety.

The child needs to trust you enough, to be able to come forward if he’s being harassed or if he’s being bullied on the Internet without fear of reprisal or without fear of punishment.

speaker

Elmehdi Erroussafi

reason

This comment highlights the importance of trust and open communication in protecting children online, moving beyond just technological solutions.

impact

It broadened the discussion to include the role of parent-child relationships in online safety, emphasizing a more holistic approach to protection.

In 2021, the United Nations Committee on the Rights of the Child adopted General Command No. 25 in regard to… This is the document that you can base all these questions, whether there will be education. The states that have ratified the UN Convention are obliged also to implement the rights of the child in the digital environment.

speaker

Jutta Croll

reason

This comment introduced a crucial legal and policy framework for child protection online, grounding the discussion in international law and state obligations.

impact

It provided a concrete basis for advocacy and action, shifting the conversation towards practical steps that can be taken to protect children online based on established international agreements.

Overall Assessment

These key comments shaped the discussion by broadening its scope from purely technological solutions to a more comprehensive approach encompassing education, trust-building, and legal frameworks. They highlighted the complexity of online child protection, emphasizing the need for collaboration between various stakeholders including tech companies, parents, educators, and policymakers. The discussion evolved from identifying threats to exploring multifaceted strategies for creating a safer online environment for children.

How can we address the gap in literacy about cyber threats and their consequences among regulators, engineers, and startup founders?

speaker

Melodena Stephens

explanation

This gap in understanding leads to inadequate regulations and potentially harmful product designs, making it crucial for protecting children online.

What should be the shape and form of a dedicated child protection authority for online content?

speaker

Heng Lee

explanation

As existing regulatory bodies may not be equipped to handle the unique challenges of online child protection, a specialized authority could be necessary.

How can we involve children more in the dialogue about online safety?

speaker

Melodena Stephens

explanation

Children may have unique insights and solutions that adults might not consider, making their involvement crucial in developing effective protection strategies.

How can we create effective, gamified curricula to teach children about online safety?

speaker

Elmirti Arousafi

explanation

Gamified approaches may be more engaging and effective in teaching children about cybersecurity, making this an important area for development.

How can we develop practical guides and ongoing support for parents to help them protect their children online?

speaker

Elmirti Arousafi

explanation

Parents often feel lost or overwhelmed by rapidly changing technology, so practical guidance is essential for effective child protection.

How can we better align standards for age-appropriate content across different countries and platforms?

speaker

Melodena Stephens

explanation

The lack of alignment in standards for what is appropriate for children of different ages creates confusion and potential risks.

How can we improve international cooperation for apprehending online criminals who target children?

speaker

Melodena Stephens

explanation

The cross-border nature of online crimes makes international cooperation crucial for effectively combating threats to children.

How can we develop global guidelines for AI regulation, particularly in relation to child safety?

speaker

Elmirti Arousafi

explanation

As AI presents both opportunities and risks for children online, global guidelines are necessary to ensure consistent protection across borders.

Summary

This panel discussion focused on protecting children’s rights in the digital world. Experts from government, technology companies, and civil society organizations discussed the challenges and potential solutions for safeguarding children online.

Panelists highlighted how the digital landscape for children has dramatically changed, with increased internet access bringing both opportunities and risks. Key threats identified included privacy violations, cyberbullying, exposure to inappropriate content, and manipulation by bad actors. The speakers emphasized that while technology offers many benefits for children’s development and education, it also poses unprecedented risks that require new protection approaches.

There was consensus that a multi-stakeholder, collaborative approach is needed, involving governments, tech companies, educators, parents, and children themselves. Suggestions included improving digital literacy education, developing better parental controls and age verification systems, and creating unified international frameworks for child online protection. Several panelists stressed the importance of balancing protection with allowing children to benefit from digital opportunities.

The role of technology companies in proactively addressing risks was discussed, with examples given of AI tools to detect harmful content. However, some argued tech companies need to do more. The challenges of keeping pace with rapidly evolving technology were noted, as well as the need for more proactive and predictive approaches.

Overall, the panel agreed that protecting children online is a complex, global challenge requiring coordinated efforts across sectors. While optimistic about finding solutions, they emphasized the ongoing nature of this work as technology continues to advance.

Keypoints

Major discussion points:

– The current digital landscape for children presents both opportunities and risks

– There is a need for a multi-stakeholder approach involving governments, tech companies, parents, and educators to protect children online

– Digital literacy and education are crucial for both children and adults

– Technology solutions like AI can help, but human oversight and compassion are still essential

– International cooperation and unified frameworks are needed to address global challenges

The overall purpose of the discussion was to examine the challenges of protecting children’s rights in the digital world and explore potential solutions involving various stakeholders.

The tone of the discussion was generally serious and concerned, given the gravity of the topic. However, there were also notes of optimism, especially toward the end, with several panelists expressing confidence that solutions can be found and that children will adapt and thrive in the digital age. The tone became more collaborative and action-oriented in the closing statements, with panelists emphasizing the need for cooperation and concrete steps forward.

Speakers

– Marleni Cuellar – Moderator

– Sofiene Hemissi – Minister of Communication Technologies in Tunisia

– Sara Alfaisal – Member of the Human Rights Commission, Kingdom of Saudi Arabia

– Muhammad Khurram Khan – Professor at King Saud University, Kingdom of Saudi Arabia

– Deepali Liberhan – Global Director of Safety Policy at Meta

– Eugene Kaspersky – CEO of Kaspersky

– Syed Munir Khasru – Chairman of the Institute for Policy Advocacy and Governance

– Andrei Zarenin – Deputy Minister of Digital Development, Communications, and Mass Media, Russia

Protecting Children’s Rights in the Digital World: A Comprehensive Panel Discussion

This panel discussion brought together experts from government, technology companies, and civil society organizations to address the critical issue of protecting children’s rights in the digital world. The conversation highlighted the complex challenges and potential solutions for safeguarding children online in an era of rapidly evolving technology.

Current Digital Landscape and Threats

The panelists agreed that the digital landscape for children has dramatically changed, presenting both opportunities and risks. While the digital world offers learning opportunities, it also poses risks to emotional and mental health. Key threats include privacy violations, cyberbullying, virtual masking, deepfakes, and data harvesting. Children often interact with people without clear identities online, creating significant risks.

Challenges in Protecting Children’s Rights Online

The discussion revealed several key challenges, including the lack of consistent international legal frameworks and policies for child protection online, the limitations of purely technological solutions, and the need to balance protection with allowing children to benefit from digital opportunities.

Technological Solutions and Education

The panel explored various technological solutions, including parental control systems, child-appropriate verification, age assurance protocols, and platform-specific safety features. Meta, for example, has implemented over 50 features and tools to address risks, including specialized teen accounts and the adoption of the “best interests of the child framework” in product development.

Education emerged as a crucial component, with emphasis on cyber hygiene programs and digital literacy initiatives for both children and adults. As Eugene Kaspersky provocatively stated, “I think education for adults is more important than education for kids. Because the danger from non-educated adults is much more.”

Multi-stakeholder Collaboration

There was strong consensus on the need for a collaborative approach involving governments, civil society, and the private sector. Suggestions included developing specifications, protocols, and standards for child online protection, especially for smaller companies and startups. Cross-platform initiatives like Project Lantern were highlighted as examples of addressing harms at scale.

Role of Parents and Balancing Protection with Opportunities

The discussion emphasized the crucial role of parents in children’s digital lives. Syed Munir Khasru stressed the importance of parental involvement, stating, “We have to train, educate, inspire the children. And in my opinion, they are very smart.” Andrei Zarenin highlighted the importance of human communication and trust between children and parents.

Eugene Kaspersky suggested implementing flexible limits on children’s screen time based on factors like school performance, balancing technological protections with education to empower children to navigate risks.

Future Challenges and Ethical Considerations

The panel identified several unresolved issues, including effective age verification, balancing privacy with protection, addressing the digital divide, and keeping pace with emerging technologies like brain-computer interfaces and implanted chips.

Conclusion and Call to Action

The discussion concluded with a sense of cautious optimism. Panelists emphasized the shared responsibility of protecting children’s rights in the digital world and the power to make an impact through commitment. As Marleni Cuellar noted, it’s about “the importance of all children and wanting the best for them in the digital world.”

Eugene Kaspersky expressed confidence in fixing problems and saving kids, while Sara Alfaisal emphasized the power to make an impact through commitment. The panel underscored the need for a holistic approach combining technological solutions, education, policy frameworks, and international cooperation.

As the digital landscape continues to evolve, ongoing dialogue, research, and action will be crucial to ensure children can safely benefit from the digital world while protecting their rights and well-being.

Marleni Cuellar: We promise to have a very riveting discussion about a very important topic. I’m Marleni Cuellar and I’m going to be your moderator for today. And of course, today’s session is all about protecting children’s rights in the digital world. Now, I know many of us, whether we want to admit it or not, our childhood was distinctly different. Communication meant landlines. You couldn’t hide any communication you were having. Dial-up internet would announce to everybody that you were logging on online. And so, protection mechanisms and safety were very different when we were growing up. But today’s landscape is dramatically different. And the protection of children’s rights now becomes even more complicated when we’re talking about children living and growing up in a digital sphere. So, our conversation today, I’ll be joined by a very esteemed panel to be able to share some thoughts about what the current situation is, what the plans are in terms of developing safety mechanisms, and of course, hearing their own interpretation of what needs to be done and by whom. Some of the things that we hope to cover is understanding the current digital landscape for children and their rights in the digital world, identifying the main challenges and risks in protecting children’s rights in the digital world, explore technological solutions that can safeguard children’s digital rights and the role of education, examine regulatory frameworks and policies, and promote comprehensive and collaborative approach among all stakeholders. So, let me introduce you to our esteemed panel. to the esteemed panel for today. His Excellency, Mr. Sofiene Hemissi, Minister of Communication Technologies in Tunisia. Dr. Sara Alfaisal, member of the Human Rights Commission, Kingdom of Saudi Arabia. Mr. Eugene Kaspersky, CEO Kaspersky. Mr. Syed Munir Khasru, Chairman of the Institute for Policy Advocacy and Governance. Ms. Deepali Liberhan, Global Director of Safety Policy Meta. Professor Mohammed Khurran Khan, King Saud University, Kingdom of Saudi Arabia. His Excellency, Mr. Andrei Zarenin, Deputy Minister of Digital Development, Communications, and Mass Media, Russia. Yes, yes, welcome. We’re all here. Let’s get seated. So as everyone gets settled, I want to be able to say welcome once again to all of you who are joining us live in this session, and also to those of you who are tuned in online. Child protection is of course a very important topic to many, many of you who are parents, and of course those who are simply concerned about the future for our children. So everyone is settled in? Let’s get started. All right, so one of the first things to establish in this conversation is knowing from both your experience and from the work that you do, what’s the current digital landscape for children, what does it look like, and what are some. of the most urgent threats that they face. Let’s start off with Mr. Kaspersky.

Eugene Kaspersky: Oh, okay. Good morning, everyone. And speaking about the threat landscape and what’s wrong with the kids in the cyberspace and what’s the difference is when we were kids and the kids right now, they spend too much with mobile phones. They spend too much time with the internet. And the main difference is that they play too much games. And these games are different. But from my point of view, I have five kids. So when I see them, I recognize that they’re playing the games, they train themselves with the different skills. So when we were kids, we were playing the different games. Now they play the online games. It’s different, but I don’t think it’s really bad. Because it’s just that it’s different skills. So our parents, they were playing the different games like we did. Our grandparents, they were playing also different games. So right now, I don’t see this as a major problem with the games. Just limit the time they spend there. The second thing is they consume too much information. Is it good or bad? Because they train, again, they train the different skills. They train themselves to consume different kind of information. The probably possible problem is it doesn’t get too deep in the mind. It stays on the top and disappear. And thinking about myself when I was a kid, and my parents. It was also different. My parents never kids. They consumed a different kind of information. We were kids It was all different. We survived So it’s a good question. Is it good or bad? Is it positive or negative and definitely negative is That the content they consume is random It could be dangerous the people they contact online They’re random people could be dangerous, especially for their very small kids. So this is the major problem so Then the keys they’re in a new Cyber a they in a cyber age. So when they’re in this cyber environment It’s a different with our experience than we were kids But this is the new world. It’s a new reality. So it’s a positive and negative at the same time So I recognize that the main threats that’s manipulation Manipulating the kids with the information with the online contacts and with Some modern toys the physical toys some of them they connected to the Internet and Well, I’m from cyber security. So we know that so some of these toys physical toys. They are vulnerable So it’s possible to hack them into manipulate kids online not from the mobile phone not from computer but from physical toys Which are smart toys so of course their cyber age It’s a different so it’s a positive and negative at the same time. So we need to be very Carefully understand so don’t stop our kids to use the positive To train the positive skills, but at the same time we need to control the content they consume and the people they contact and their safety of the toys they play. Thank you.

Marleni Cuellar: Thank you. And for you, Your Excellency, Hemissi.

Sofiene Hemissi: Good morning. I would like to thank you for this kind of invitation. As a matter of fact, it’s a very sensitive topic today. The world, the cybersecurity landscape witnesses unprecedented opportunities and risks. Right now, the virtual world constitutes the key part of their learning and education and part of their lifestyle. And we have a lot of challenges and a lot of opportunities. Today, the digital world is an opportunity to express themselves and to prove their existence. And this is a huge world, and it’s an opportunity to avoid the educational divide. But at the same time, it poses a lot of risk for their emotional and psychological health and mental health. And one of the key challenges is the manipulation and abuse and bullying and sex abuse and for attracting them for some malpractices. And this is very worrying and disturbing for us. And we have, as well, some risks related to the protection of the privacy of the children. Today, the gamification and the… electronic platforms combine a lot of information which is hard to consume, and we don’t know the real target of such information and the end of this information. So one of the key risks for the children is the digital divide between different segments of the society. We have some children who are well-connected for the e-learning platforms, and we have the majority of the children are underprivileged children, and this is a huge challenge to ensure equal opportunities for the children across the country. In addition to such risks and threats, it’s very worrying the origin of the privacy of people regarding the identity, the cultural identity, and the privacy of the people, especially in the Islamic and the Arab society, which is built on specific pillars, and such a privacy can put the cultural identity of our people at risk, especially in cyber security, and especially for the children. And I think the platform of gamification, I think they weren’t designed to take into consideration the cultural identity, and I think we should work together between different No one country can work alone, but this requires coordination, cross-border coordination, and concerted efforts between the civil society, private sector, and governments, and families, and the educational sector to set frameworks fit and put the rights of the children at the top priority. Thank you.

Marleni Cuellar: Thank you. And there we see some similarities, acknowledging that there is much good for children, but of course, major concerns as well. Let’s move to His Excellency Zarenin. In your opinion, what are the most urgent threats that children face online?

Andrei Zarenin: So I will be speaking in the Russian language. The interpretation was great yesterday, thanks to our interpreters, while this forum is very important for us, and so we were preparing for the next IGF forum. We were preparing to participate, but the decision was taken not in our favor. So as we said, the digital world imposes more and more influence on our children and opens more horizons for education, for creativity and communication, but simultaneously, in spite of those so many opportunities, it poses lots of risks. And today we can see that there are deep changes in the digital landscape that influence the psychological and social behavior of people and teenagers. And one of the most important challenges is the so-called virtual masking. Here we see lots of fraudsters that are using deepfakes, are creating a very false sense of trust, manipulating children’s behavior. And that’s… not only poses risks, but also causes psychological traumas, and this virtual manipulations that I’m discussing, and when we are using kids’ trust, they are creating a false identification in the digital world. And apart from that, teenagers are coming across different risks. This is cyber bullying, and also bad content, fraud, and also they engage in some terrorist communities, and also we are coming across the problem that also trafficking and sexual abuse, and all these threats can be devastating for the emotional and physical health of our children. For example, according to the data of the All-Russian Action Cyber Writings Crisis, lots of children pass through it, lots of teenagers cannot detect fraud in online gaming, and it’s very important to form the right skills of digital literacy when children need to detect fraud in online, and the cyber, one of the problems is the gap in their skills. Sometimes parents do not have the skills to have the dialogue with the children to discuss threats that poses the digital world, and our research shows that lots of parents are not certain about their skills to monitor the online activity of their children. That is increasing a lot these days, and that breaches the trust of the children and makes them more vulnerable. And considering all that, it’s very important to create interstate cooperation where not only governmental bodies and schools have to participate, but also families have to support their children in mastering the digital world. And I would say that the problem becomes more and more critical when we’re dealing with artificial intelligence. We discussed it yesterday, when like social media is used more and more widely, and like other tools are developing, and these new technologies are posing threat to the psychology of children. And I believe we need to create safe environment that would assist children to adapt to the digital world and minimize those risks. And this is why it’s very important, the collaboration of all the stakeholders, governmental bodies, families, educational bodies, private sector, to develop the strategy to protect our children and teenagers in the cyber world. Thank you for your attention.

Marleni Cuellar: And a very critical point that you brought up there about parents not being fully able to teach their children the protection mechanisms that are necessary. Let’s hear your thoughts on this, Mr. Khasru. Mr. Khasru, President of Saudi Arabia.

Syed Munir Khasru: First of all, I would like to thank the government of Saudi Arabia and also the Digital Governments Authority and the UN for having kindly invited. I would like to start by saying that I am very pleased to be here, and I’m very happy to be here, and I’m very happy to be here, and I’m very happy to be here, and I would like to push the boundary a little bit. Although I can’t see the audience very clearly. How many of you, after you get up from sleep, in the first 10 minutes, don’t go near your mobile phone? Can you please raise your hand? One, two, hardly three, four. Zero. Second question, those of you who have children, how many of you feel very anxious? that they are into some world where you think they’re exposed to a lot of risks and you’re not being able to keep a proper watch. How many? Can you raise your hand? Okay. The reason I was pushing the boundaries, basic human instinct is something we have to manage. We cannot fight against it. So I would tend to push this hypothesis. We have to train, educate, inspire the children. And in my opinion, they are very smart. Even in this year, people in the age group of 12 and below, 35 to 40 million will be using internet, which is 12 million more than people in the age group of 12 to 17. So what does it tell us? It tells us the primal human instinct that a child has is very strong even for a parents to manage. So I would like to propose we first understand what we’re dealing with here. So I have been one of those who have said, we need to manage, we need to find better ways to educate them, we need to find ways because what also is true, just as people who are exposed to cyber bullying are twice as likely to commit suicide, just as it is true, we have seen in many cases, like in America a few years back, a teenager committed suicide on online games, even where he had the game headset on. So it’s a tricky situation. And 60% of the people, children, interact with human beings without clear identity. Were there risks there? Yes. How do we handle that? We have to look at the benefit it brings. We have to look at the benefit it brings. We have to look at the benefit it brings. And that’s what this session is about. We also have to look at the benefit it brings because for a lot of marginalized communities, children on the fringes, disabilities, to many, Internet is a lifeline. Many of the people do monetization with very little investment. We have to look at the benefit it brings. We have to look at the benefit it brings for all of us. There was a dish she was supposed to prepare. In the evening when I saw the dish, I asked her, how did you do it? You said you had never done it. Her six-year-old daughter picked up a phone, went to YouTube, downloaded it, and taught her mother how to do it. It’s a multistakeholder engagement. It’s a multistakeholder engagement. As his Excellency, the Danish minister, has mentioned, which we’ll come to later part, it’s a multistakeholder engagement. Children, in our first thought, oh, children, five, six, ten year-olds, no. They are the future netizens. They have more power in their hand, and this simple device can change everything. So my opening remarks would be, and I can give you many, many examples, but I would like to give you a few examples. One of the things that we have seen is the European Union tried to put parental guidance in 2011. It failed. European Union tried to put parental guidance. It failed. That means kids are very smart. They can outsmart their parents. So we have to find a better way to inspire, encourage them to be better net citizens, and digital literacy would be one of the key things, in the absence of which it would be very, very difficult. So that’s my opening remarks. I’m looking forward to more engagement with my fellow panelists. Thank you.

Marleni Cuellar: Yes, of course. And digital literacy seems to be a resounding theme when we speak about protecting children online. Now, we understand that children interact in the digital space in many different ways, but let’s go ahead and say one of the primary ways they interact is through social media. And so, Deepali, as the Global Director of Safety Policy at META, we recently saw the rollout of the teen account, and we’ve seen a continuous development of some safety mechanisms for children online. What are the main challenges and risks in protecting children’s rights online?

Deepali Liberhan: Thanks for the question, and it’s a pleasure to be here. At the outset, I wanna say that we want young people to use our platforms to connect with their families and friends, to be able to explore their interests without having to worry about being unsafe or being subject to any kind of inappropriate behavior. And that’s why at META, we worked with experts as well as consulted parents and teens to make sure that we’re building these safe and age-appropriate experiences for them on our platforms. Some of the risks and challenges that we face, and the panelists also have talked about it, are essentially threefold, which is echoed by parents as well. The first is content. Parents are worried that their teens online are exposed to inappropriate content. The second is what you call contact risks. Parents are concerned that their teens may be exposed to unwanted interactions that could put them in harm’s way. And the third, as my esteemed panelists also mentioned, that parents are really concerned about the amount of time that their teens are spending online. So based on these… concerns and other risks that we see online. META has worked for the last couple of years to build and develop over 50 features and tools to address some of these risks. We also have a multi-pronged approach to safety so it’s not just about one thing, it’s about many things like we want to have robust policies which say very clearly what is okay and not okay to share online and we proactively enforce those policies and today we can say that a majority of the content that we have we’re able to remove it even before somebody reports it to us. We’ve also built over 50 tools and features including parental supervision because we’ve heard loud and clear from parents that they want to be involved in their teens lives and we’ve also heard from parents that some of them don’t have the skills to be able to have these conversations with young people and therefore we’ve worked with safety partners to make these education resources available and as you mentioned comprehensively we’ve brought all of this together where we launched teen accounts in September this year and we’re globally rolling it out. Teen accounts is essentially all teens on Instagram are placed in an inbuilt protective experience which address a lot of the concerns that I just talked about, you know, what is the content that you’re seeing, who is able to contact you and being able to spend meaningful time online. I’ll quickly go through some of the default protections that there are there in place. So teens are defaulted to a private account. We also put on the strictest messaging settings so that they are not exposed to unwanted interactions from adults. We’ve also put on the strictest controls content settings so there’s limited exposure to sensitive content which goes above what we already have in place which are our community standards which deals with violating content. We also heard from parents that, you know, they were worried about the time that the teens were spending online. So when you’re on Instagram, teens will actually get a reminder if they’ve spent more than an hour online and asking them to leave the app. And we’ve also enabled an automatic sleep mode. So between 10 PM and 7 AM in the morning, all your notifications get muted. So these are some of the things that we have done when we’ve launched teen accounts to address all of the risks that we’ve talked about. We’ve already rolled out teen accounts in the US, UK, Canada, and Australia. And we’re globally rolling it out in the rest of the world. I think one of the things that’s most important to note is with the rollout of teen accounts, we’ve actually engaged and heard from parents. We’ve heard from teens themselves. And we’ve worked with experts in this field to make sure that we’re building the appropriate safe experience for young people on our platforms.

Marleni Cuellar: All right, Professor Khan, let’s get your thoughts on this.

Muhammad Khurram Khan: Thanks, Malini. And this is a great question. And first of all, I would like to appreciate the IGF for hosting this wonderful event. The topic of child online production is very close to my heart, because I have been working on this area for the last 10 years. And before we dive into the challenges to understand them, how they are evolving, we need to understand how technology is transforming for children and will keep transforming for the future, especially when children interact and engage with the technology. So the first important thing is that because children are using internet more than ever before, so there are challenges every day emerging online. For example, we have digital realm, so people or children. are going and they are accessing the websites and they are going to the metaverse, for example, the virtual environment. So these all things are blurring the lines between the physical and the digital realm. And the most important thing for me to foresight, you know, as a foresight and to foresee the future of the challenges is how the technology will permeate into the people. Now we are interacting with the technology, but in the future we will be having technology permeating inside by having, you know, brain-computer interface and we will have the chips implanted in our minds, you know, the brains, you know. And I’m afraid that, you know, what would be the situation look like in the future. Because if children are getting a lot of misinformation and disinformation from the platforms, but when the platforms will be, you know, embedding such kind of information in their brain and where they want to control them. So that is a very, you know, you can say challenging task and we have to be very vigilant about that. So there are two kind of risks I can categorize. The first is active risk, in which child is basically a direct victim of any kind of abuse. And the second is passive kind of risk. So passive kind of risk is, for example, children, you know, they put their photographs online and they do not know what is going to happen with them. So these photographs, for example, from the social media can be picked up by, you know, data harvesting groups and they can use those photographs to create deepfake of the children. And children don’t know that what happened with them. Nobody knows, you know, and this is becoming a very pervasive kind of challenge because the generative AI can do anything, you know. So anybody can create the deepfake videos and, you know, images of any person. So we have to see from the both perspective that how can we address the active and the passive attacks, and how can we build the policies, like our distinguished panelists already told, that we have to have a multilateral and multi-branch approach to address this challenge, and we have to have governance also for the platform so that nobody goes beyond their limits. So that is very important, yeah. Thank you.

Marleni Cuellar: All right. And Dr. Alfaisal?

Sara Alfaisal: Thank you. I’m very pleased and honored to be with you today. Okay, about the challenges, I think one of the main challenges in the cyber world is the privacy violation, and also what we see from all the attacks that happen to the children and cyberbullying and all these things. From human rights perspectives, we need to focus on the right of privacy, because the right of privacy, it’s a big right, and it’s included in the Universal Declaration and also it’s included in the Treaty of Children’s Rights. So when we lose this huge right of privacy, this will make the children face all these maybe difficulties, and I think maybe if we focus on this right and try to promote a solution, you know, our duty is trying to protect and promote human rights. So I think that we need to focus, number one, on these rights.

Marleni Cuellar: All right. And His Excellency, Hemissi? Challenges and risks in protecting children online. Tell us about your perspective.

Sofiene Hemissi: Child protection on the Internet. net, as my dear colleagues have mentioned, there are formidable challenges associated with it, among which is the lack of legislations and policies on the level of every government, every country, and on an international level. It’s correct that many countries have enacted laws and policies regarding child protection on the cyberspace, however, remaining all these legal frameworks and policies are inconsistent and there is a lack of unified framework that we could all rely on. Among other challenges, as was mentioned, is the abuse and exploitation on the internet, as well as the issue of data privacy and monitoring mechanism on this data on the level of each and every country and on an international level, specifically with the increase of solutions related to AI, the analysis of this data as it represents an opportunity and a room for more development comes with it or associated with many risks for the children. Also the inappropriate content for these age brackets, for these lower age brackets and the teenagers, exposing many of them to a great deal of issues that amount to suicide, as was mentioned in the past. I would also like to address the issue of the digital divide between the various brackets of the society. youth and children that have all the opportunities and the means. On the other hand, there are millions of people and millions of children cannot access the networks, especially in some of the African countries and some of the Asian countries, where the access percentage remains very low, and I think it’s our shared responsibility to provide equal access. I would also like to emphasize the importance of what we’re witnessing of the reduction of cultural and societal values, reflecting what the Internet content that has been provided over the past few years, as well as the phenomena of addiction, of social media, which is impacting the safety and sanity of the youth, and the psychological health and the physical health. In order to address all of these formidable challenges, I think it’s necessary to adopt a comprehensive approach that includes all the parties, governments, civil society, content producers, and I think this is the only way to move forward in order to come up with a unified framework to protect the rights of the children, especially in an era where we witnessed challenges that we have never witnessed in the past. Also, we need to protect their privacy and as well as enhance their well-being in order to create an equitable digital future that includes everyone. Thank you.

Marleni Cuellar: One of the things I think that we have all clearly identified is that there is a level of literacy that has to be established. There are many stakeholders in the protection for children. We talk about governments. We talk about regulatory bodies. We talk about parents. And we talk about the educational sector. Dr. Khan, from your perspective, what are some of the technological solutions that perhaps can help to safeguard children online? And in that, what role does education play?

Muhammad Khurram Khan: Yeah, it’s a great question, Malini. There is a very famous saying about technology. If you think technology will solve your problems, then you do not understand technology and you do not understand your problem. And this is very true when it comes to safeguarding children online. Because when we are giving access to a child to the internet, so it means that, on the other hand, we are giving online world access to that child. So in this manner, we need to have some kind of safeguards which should be implemented into the platforms. And for example, there should be some oversight of the algorithms. And there should be some kind of protocols which should be followed. So there is no single solution which can cater all the problems we have for the children. For example, we should have to have a multi-pronged and multilateral approach, which I earlier said in the previous question you asked me. What is that about? So first, we have to have a framework or an approach which should be at different levels. For example, strategic level, tactical level, and operational level. When I talk about the strategic level, I’m talking about some kind of regulations, laws, governance, and compliance, this kind of stuff we have to build. And the second is tactical. Tactical means we should have more standards, specifications for the tech platforms to adopt when they build the system. For example, when they build a system for children, then there should be child-appropriate verification. Age verification, age assurance protocols. As well as, there should be some kind of operational approaches, which means that the tools we are using for protection of children, for example, parental control tools. On the other hand, we should have awareness and education. So that should be inculcated into the curriculum of the children. Not only for the children, for the digital parenting, for educators, in the schools, in our environment. So all these things are very important to build a technological solution. It’s not just one thing, we can just build the technology. Technology sometimes fails, and technology obsoletes. So that is most important, that we need to have a multi-pronged and multilateral approach to build some kind of system which can protect our children while they go online.

Marleni Cuellar: And Mr. Kaspersky, from a cyber security perspective, you have seen the multitude of threats that people are exposed to daily. And perhaps in that experience, it’s challenging to imagine children being able to decipher what puts them at risk and what doesn’t. When we talk about technological solution, on which end is it more important? From the user or from the implementer?

Eugene Kaspersky: I think it’s from both. Technically speaking, it’s possible to build these parental control systems, which you just mentioned. But unfortunately, well, fortunately, it’s good news. The kids are growing and getting more smart, so they’re able to disable these tools. Unfortunately, the mobile phone operating systems, I’m sorry, I’m getting into the technical details, they don’t guarantee that all applications they run forever. So it’s possible to find the tricky ways how to disable some applications. And when the kids are 13-14 years old, they are smart enough to find these tricks and disable any kind of protection. So when I speak about mobile phone, for 10 years old, 11 years old, it still works. When it’s older, when they’re 16 years old, parental control works in a different way. The kids control parents. So speaking about the technical measures, it works for some kind of the level of the age. But maybe it’s also the good news. It makes them find the ways how to bypass the protection, training the mind how to behave if they’re facing the challenges. The other story is how to protect them from the other side, from the content side, from the Internet, how to find the information, wrong information, abuse information, forbidden information on the Internet. That’s the technologies. And actually this is also, we need help of the regulators to make Internet services, make them must do control the traffic they provide. And also the law enforcement to find the bad guys which generate this content, which generate this wrong abuse content, which want to try to manipulate kids. And in this case, we need to have more strong international cooperation. Unfortunately now the geopolitical situation is that like some countries they don’t talk to each other and unfortunately this just give their more opportunities to the very bad guys which use this the fact that the Internet doesn’t have borders and it’s more easy for them to do any kind of crime including the child abuse and stay unrecognized absolutely recognized so that’s a final my final point is that we need to have more strong international cooperation to find they’re not any kind of cyber criminals especially the child abuse criminals.

Marleni Cuellar: Thank you no just one of the things I wanted to say in setting the backdrop we’re talking about children’s rights the establishment of the United Nations Convention on the rights of a child took many things into consideration ultimately the protection and ensuring children reaching the full potential this was created before there was the digital realm and obviously gets more complicated now but the structure of how different entities come together to protect the most vulnerable citizens in our communities remains the same so when we transfer this idea into protection for a digital realm how do you see that collaboration playing out.

Sara Alfaisal: Okay if you allow me to switch to Arabia an answer to your question on the collaboration between the government’s with the civil society organizations is an important It’s an important question and it’s essential in providing protection to the children on the digital world. There are many modalities, among which is the exchange of expertise and increasing the awareness level in order to achieve important outcomes in that regard. We have all seen the Riyadh announcement yesterday. It includes many, many important elements in that regard. The enhancement of digital inclusion, the role of AI in the sustainable development and making most use of AI in innovation and enhancing the governance of AI, which is an essential point, an important point related to the child protection and the cyber world on the management of risks, potential risks of AI through creation of safe, sustainable systems. This cannot happen without the collaboration of the three partners, governments, private sector and civil society. They need to collaborate together in order to reach comprehensive, sustainable solutions to achieve the safety aspired for the children in the cyber world.

Marleni Cuellar: And Dr.Khasru ?

Syed Munir Khasru: I think this is, as most of us in one way or another have expressed the opinion, it’s a very multi-stakeholder engagement and I would, in my opinion, it starts with the tech companies because today Google, Meta, Microsoft, their cumulative worth is almost $12 trillion, which is more than four times the combined GDP of the African continent. So I personally believe they have a more active role to play. With all due respect to my colleague on the left from Meta. So I would like to start with you, and I would like to start with you, Mr. Yes, you have been doing content opinion, it’s still far short of what I have observed, it is more reactive than proactive. We can have different opinions, and happening in between this transition, are getting affected, and one of the things I would like to say is that technology is a bottom-up approach, not top-down, because it is impossible for any government, any tech, anybody to go to that nano-level. So it starts with small family, then society, then community, then nation, then region. Even before this meeting, I was speaking to His Excellency, that regionally, what some of the things can be done. So I think this is a very important issue, and I think it is very important to understand, because, it’s my impression, technology always leapfrogs policy in any part of the world, whether it’s authoritarian regime or democracy, it takes somewhere between six months to two years to pass a law. By the time you pass the law, technology has moved to the next level. So you’re always catching up. So I think we’re heading towards a very different situation, because, in the next one decade, the government will have to give you in that mandate, there’s some central force which adopts this laws and other countries follow, because the risk zone that we’re playing now, particularly when AI will kick in within the next one decade, that will be a very, very different situation. We’re not talking hypothetically, but when practically we’ll kick in, starting from the way you grade your students to what is original, what is copy, it will be a very different situation, because, if you’re going to have a large number of people to cluster around, it will be a big mess, unless there is some central force. So UN probably will have to scale up the operation. So that will be my answer from bottom-up how to scale it up. And I think tech companies have a very important role to play because to be honest with you, they’re more powerful than governments They’re spread around the world. They have access to all our personal data. What we eat where we live. What is our favorite color? What is our date of birth? So there are more information than FBI more information than Interagencies, so onus is on them. They are doing but I think they need to do more. Thank you

Marleni Cuellar: His Excellency is a running Let’s talk about the collaboration

Andrei Zarenin: Many thanks we heard a lot about the cooperation between government and the civil Society are we are studying of fathers and children by Turgenev and it’s about the perception The gap in the perception of the world between the generations. I’m sure when Ivan Turgenev was writing this novel he couldn’t Even comprehend how much it will decrease this gap in the age of technology and in today’s the digital world the we have essential role of Technologies and of course it plays a great role in providing the digital Protection for the children in Russia. We work with Internet companies with providers of Internet And they should adapt according to the current day threats Yevgeny has mentioned that children in many ages can Go through navigate through Bringing down the barriers and in Russia. We are working we have special portals from the government bodies who tackle these problems in the portal of government services, we have a special department for children protection in cyberspace. We have the recommendations for parents. And together with our partners, Lyons, working on the child protection on the web, and we are planning to do the mailer from the portal of government services. None of the current web filters can replace the human cooperation. And we have developed a charter of protection of children, and there are principles protecting the rights and identity of the child. And we under highlight the protection of the identity and privacy of data, and it’s very important in the world of technologies. Also, I would like to pay attention that there’s united the responsibility to protect the children. As adults, this is our task to show to the children how wonderful and diverse is the world. And using gadgets and the web is one of the tools of learning things about this world. And of course, we are working in our ministry. We have the program of cyber hygiene, and the goal of this program is to explain to children in simple language the rules of behavior on the web. Over 10 million, and including 4 million children and adults, participated in different projects related to cyber security. We work with non-profit organizations. We have run so many events which were related for child protection on the web, the lesson on digital world, the digital dictation. We support such initiatives, and we are always open to productive interaction, and we always work to protect the children in cyberspace.

Marleni Cuellar: The Press What is taking place in Russia? Now, Ms. Liberhan, let’s talk about it from Meta’s point of view. As private sector, how do you see this collaboration playing out with civil societies and government?

Deepali Liberhan: So as I said at Meta, you know, we have an approach to safety which is a multi-layered and a multi-pronged approach, where we think about having the right policies, features, tools, and also working with experts, parents, and young people to build safe and age-appropriate experiences. But over the last few years, we’ve gone beyond that because we know a lot of bad actors don’t restrain themselves to one platform, and they move across platform. And I think this is why it’s really important to underscore collaboration between industry, between civil society regulators, to be able to address some of these harms at scales. I want to give two examples of what we are currently doing now. One is Project Lantern. So Project Lantern is run by the Tech Coalition, where all participating companies have the opportunity to share signals about accounts and behavior of those who are violating the child safety policies. Now this goes beyond just Meta. It’s available to all participating companies, and what this helps in doing is it helps all these platforms do their own investigation, so we are able to address these harms in a scalable way because we know predators will move from platform to platform. The second thing that I want to mention is StopNCII.org, as well as Take It Down, which is run by the Revenge Porn Hotline and Nick Mick, which is again a way to address these harms in a scalable way because all participating companies are part of this, and what anyone who’s afraid about their intimate image being shared can actually share a hash with StopNCII.org or Take It Down, and companies like us will receive those hashes, so when that content is actually we are able to remove this kind of content. The reason why I’m giving these two examples is that we hear often that technology companies are not doing enough, but these are some of the ways that we are coming together to address these harms in a very scalable way, not just at a meta level, but at a cross-platform level. And it’s also really useful to have discussions because education about these features and tools and services is really important as well. So what is the role of educators? What is the role of parents? What is the role of regulators? And how can we as a community come together to address these harms and also identify what the gaps are and then work together to address those?

Marleni Cuellar: Now, picking up on some of the points that have been discussed so far, one of the things that still sticks out to me is when we talk about educating our children on how to stay safe online, we’re laying expectations, quite frankly, on a generation that is not up to date with the threats that exist. In my own work, when we talk about media and information literacy, we’re constantly teaching adults on how to detect disinformation and misinformation and the understanding of deep fakes. And so when we talk about these persons then having to teach children about those risks and now there are other manipulation tools that exist specifically for children, how do we pass on that responsibility when they’re starting from a place of knowing less than the person they’re educating? Dr. Khan, you wanna start us off?

Muhammad Khurram Khan: Yeah, absolutely. So, you know, like I mentioned, that technology is not a panacea, you know, or it’s not just a solution for everything. So regulation. Governance are very, very important, you know, and especially when we talk about the AI, which is just the narrow AI we are having now, by the way. So we are not talking about the AGI, you know, Artificial General Intelligence and Artificial Super Intelligence. When we will have this kind of technologies, you know, coming, you know, in the future and brain computing interfaces, so the challenges will be, you know, at the unprecedented level. So what I would say is that, because child online protection is a global problem, and it also needs a global solution. And what solution? The question is that. The solution is that, because the Western world, the developed countries, you know, so they already have skills, resources and technologies. But what about the rest of the world, the least developed countries or developing countries? So we should have some kind of inclusiveness, you know, in the safety and protection of children, not only from the developed world, from the rest of the world also. So what we need to do is that we need to have some kind of cooperation under maybe United Nations, ITU, G20 and G7 and many other, you know, multilateral organizations to build the curriculum, to build the tools and technologies, to build the policies, governance and foresight of the technologies, because like it was mentioned that we are reactive to the technology. That is not a solution. We have to be, you know, predictive about the technologies, like I’m mentioning. We have, for example, quantum computing, you know, and which is changing all the ways. So how would be the impact of these kind of technologies on the children? So it has to be, you know, like studied, it has to be, you know, you can say communicated with all the stakeholders who are building the policies, who are building the technologies and solution. Yeah.

Marleni Cuellar: I think Mr. Kaspersky said earlier, let’s remember that there is good that comes along with the bad. Obviously, I know for a lot of parents who are probably watching, as they hear about the potential threats that they may be unaware of. The inclination is, let me protect my child by limiting any access whatsoever. What’s the balancing act here?

Eugene Kaspersky: That’s a good question. That’s a good question. We have to find a good balance. Actually, that’s what I do with my kids. The limit is flexible and it depends on the school results. So if they perform better, they have more time on the Internet. If they perform before the acceptable limit, they exchange their mobile phone, smartphone with the old-style Nokia. That’s it. And speaking about education, about cyber threats and wrong information, well, I’m very sorry. I have a completely different opinion. I think that education for adults is more important than education for kids. Because the danger from non-educated adults is much more. They can do much more dangerous mistakes. Okay, we as a private company, we do a lot of cybersecurity, a lot of education. We do it for any kind of the audience. We do it for the professionals, for students, for kids, for very small kids. Welcome to the booth. You will see the book about the cybersecurity, the book with the pictures. It’s for very small kids. And we do it a lot. But my experience is that kids, they are learning much faster than adults.

Marleni Cuellar: They outsmart them very often. So this is an open question if there’s anybody else who wants to share thoughts.

Syed Munir Khasru: I think, I’ll just add to what he just said. One of the things probably we are oversighting, the role of parents. And one of the things which I fear in this generation, the proportionate loss of appreciation, understanding of the human component. So no matter what AI, what advanced technology we embrace in the coming decades, the human compassion, empathy, that human touch will always be the number one factor. Even in medicine, you may have the best AI driven medical facility. End of the day, a patient wants to hold the hand of a nurse, of a doctor. And one of the things I can see right and left, I’ll give a very simple basic example. When kids accompany their parents, even go to social events, I see kids with mobile and pads, busy. And I’ve seen very few parents even to tell them that, you know, you need to interact, engage with the people who have come to your home. Very basic things. So what is happening, what I fear, we are unleashing a generation, extremely talented, very well informed. And imagine our forefathers, whatever cerebral capacity they had. So in the same garage, you’re now parking four cars, because over flooding people with information. So there’s an information overload. So, but God has not changed the composition of your brain. In the same garage, you’re trying to park four cars where you used to park one car, right? So people are very stressed. And one of the reason you may have noticed, many of the social media-led movement has always not been successful. Why? Because they lacked a proper human face. If you look at last 15, 10 years, for even the political scapegoats happening, why so many young people come to the street, put their life in the line of fire, and then fail? That’s a question we have to answer. Where is the missing link? And there I think parents have an important role to play. We have talked a lot about children, absolutely. But we must not oversight the overarching important role parents have to play. And so just buying a kid. a smart phone and giving access is a very shortcut route. And the merit and value of bedtime stories is still as important as it was 20, 30 years back. My concern is in the drive, a natural inclination toward technology, we’re sidestepping some basic human factors which continue to shape how we make the future citizens. Thank you.

Marleni Cuellar: And Deepali, before we move into our closing statements, I wanted to kind of broaden the conversation back to technology. Give us some insight, because I think earlier it was said that technology companies seem to be reactive versus proactive, but it seems that that’s a situation that we find ourselves in. The technology comes out, there’s a rapid uptake, and the manipulation that comes along with it. But are some of the technology that’s emerging, are they gonna be helpful tools in being able to guide or ease the protection mechanisms for children? Verification of age, for example, using AI to detect some of the deep fakes. Is this also an opportunity moment for us?

Deepali Liberhan: I think that’s a really good question, and it is an opportunity. And let me give you an example. I’ve been with Metta for over a decade, and when I joined Metta, we had community standards, which were clear rules about what was okay and not okay to post online. But we were very dependent on user reporting to be able to tell us that that content is bad content and we need to take it down. Over the years, we’ve heavily invested in technology, in proactive technology, that now we are able to remove a majority of the content before it’s reported to us by anyone. So if you look at the latest transparency report that we have where we publish these numbers. we were able to remove I think for child sexual abuse material more than 7 million pieces of content, for bullying and harassment more than 7 million plus pieces of content, for suicide and self-injury content about more than 5 million pieces of content and I think a majority of this content we were able to remove before anybody reported it to us and that’s the work of AI and we’re continuing to work with proactive technology in the areas that you’ve mentioned whether it’s verifying age you know what are the signals that we can look for to be able to identify when somebody is under the age of 18 or continuing to see how we can use this technology to be faster and more effective and I do think technology has a very important role to play to be able to address some of these harms and we’ve been using it a long time and we’re gonna continue to do build on it to address a lot of these issues that have been that have been raised today.

Marleni Cuellar: All right well there’s a lot more that we can discuss on this particular topic but I do want to give our panelists the opportunity to give their closing statements.

Sofiene Hemissi: Shukran. Thank you. It was very enriching discussions and I know that the complexities of this digital world we have one true fact which is the protection of human the children rights it’s not a option but it’s a shared responsibility in the digital world the child has the right to safe digital space which ensure growth and and provide opportunities for skill development it’s a space to express themselves and talents to achieve this end. It’s not the responsibility of the governments or civil society or private companies, but it’s a shared and joint responsibility without any exception. The government is responsible for certain framed policies, which we cannot prevent or apply the conventional methods. However, the civil society has a role, a greater role to play for the awareness, education, as well as the private companies play a greater role to develop and create appropriate content to children and to their identity and the culture, and as well as the comprehensive awareness and appropriate, as I said, to this kind of complexity. So under cooperation between international organization and the states, it’s very important. No single country can achieve this end without the international cooperation at different levels. And I hope that we create a very safe digital space and landscape for all. Thank you.

Sara Alfaisal: Thank you for your contribution today. As we conclude our session, I think that we have to remember the key points that we have discussed, and also the action that we need to take to move forward. I think that, together, we have the power to make great impact. It’s all about commitment. Thank you.

Eugene Kaspersky: Thank you. Yes, the wrong and abused content on the internet. That’s bad Manipulating the kids. That’s really bad. We need to fight with that but Now we say that the kids they spend too much time with mobile phones But the previous generation will spend too much time playing computer games The generation before they were too much watching TV Before they were too much reading books So I am optimistic We will fix the problems. We will save our kids and that will be the happy generation and They will have kids too And they will face the same problems

Marleni Cuellar: I

Syed Munir Khasru: Mean I Would like to conclude whatever I I Jeff in a way stands for what I was going to say I for inspiring the children to learn To navigate the web in a manner that adds value to their life Then comes the G the governance part Where we have to do a better job to try to make it as safe secret as possible Then comes the F that That free the human spirit and if you go by UN Convention on child rights IGF is all about child rights and Another thing I think since we are having a very free and frank exchange of ideas I would like to draw attention because I think it would be incomplete Everybody in this room must recognize Any child anywhere in the world Life lost injured sick Should have equal value of life. That means a Rohingya child born in a camp in Bangladesh refugee or a Palestinian child struggling for life all have equal value. And I must say, it’s my opinion, many of the social media companies are not being just fair and equal. And I do not believe they should be dragged into bigger geopolitics. They should be like the United Nations, where every country, every citizen has a voice. Because I have seen many people deserting social media in recent times, which should be a wake-up call. So, people are smart, children are smart, youth are smart, teen are smart. And we must understand, every life, every child matters. Thank you.

Deepali Liberhan: I want to close by saying that, you know, we’re really grateful for the opportunity to be here because a lot of these discussions really helps inform the work that we do on our trust and safety space. So, I want to thank the panelists for their very clear and helpful comments. The other thing that I would close by saying is that, at META, we’ve adopted the best interests of the child framework when we’re thinking about building products and features for young people, which has been guided by the UN Convention on the Rights of the Child. I won’t go into all the considerations, but two important ones are, one is engagement with the families and teens who use our apps, which is why we’re going to continue to work with parents and teens and experts as we think about building for them. And the second consideration is building safe and age-appropriate experiences. And everything that we’ve done, including teen accounts, including working with other organizations, whether it’s Project Lantern or StopNCII.org or Take It Down, is in furtherance of making sure that we… can do all that we can to keep young people safe on the platforms. But it is a collaborative approach and there is a role for educators, there is a role for civil society, there is a role for regulators as well. And I think it’s really important to have more opportunities to come together and develop those roles. I also think that it’s important to have legislative solutions and we’ve also proposed a legislative solution where we think that age assurance at an app level or an OS level and parental consent at that level really will make things easier for parents to be able to navigate their online experience and also minimize the data collection and address some of the age assurance concerns that our stakeholders have raised. And I think it really is a multi-stakeholder community approach and we need to come together to address a lot of these issues as we have been doing.

Muhammad Khurram Khan: Yeah, as we know that Saudi Arabia has two global initiatives. One is child online protection and protecting and empowering women in cybersecurity. So in my opinion, the child online protection should be woven into the fabric of our society. So it should be, you know, very important and we should have some kind of specifications, protocols, formulations and standards which we are actually lacking to guide the social media platforms and online platforms when they build that technology, they should include into their systems. Because not only META and, you know, big organizations, they have the resources, right? But what about small startups and small companies? So they do not know about these things. So if there are some specifications, standards, you know, protocols, so they would include those things into their systems when they build. So it will assure that child remains safe and sound and their well-being is protected while they go online. Yeah, thank you very much.

Andrei Zarenin: I have a responsible mission in my closing word because I’m the final one speaking, so I’ll try to be positive. I would like to stress that security and legislative environment for children, it’s also a social challenge. And as we have already discussed, cooperation of families, business, society, without all that, we cannot be effective without our children will feel safe and protected. And from my point of view, Internet, we have already discussed it, it’s just one of those windows to all this world. And the key point, from my point of view, is the human communication, this is trust between children and parents. And no filters and technologies might replace this actual dialogue. And from my point of view, we need to concentrate on complex solutions that will unite education, technical protection, and psychological support in some situations. We, as Russia, we are ready for international cooperation. We are ready to share with our tools, with our educational programs, and be in some cooperation to protect our children. So let’s create a safe and inspiring environment for our children. And let me conclude with this phrase that our children will be smarter than us.

Marleni Cuellar: In some cases, they already are. So with that, I want to say thank you to all of you for joining us this morning, and for those of you who took the time to join us this morning as we had this conversation. What is the resounding theme here is that there is a recognition that there has to be a multi-stakeholder approach in ensuring the protection of children in the digital realm. Just up here, we have a wide representation, private sector, education, government, civil society organizations, and the technology organizations as well. So this is perhaps a one of many steps to be taken to formalize what the plan of action would be. But I do think the point that you made, Mr. Kaspersky, is probably most important. We’ll survive this too. But all our children are important and we just want the best for them as they interact in the digital world. Thank you all for joining us. And enjoy the rest of your day. ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪♪ ♪

Agreement Points

Digital world offers both opportunities and risks for children

Eugene Kaspersky

Sofiene Hemissi

Andrei Zarenin

Syed Munir Khasru

Deepali Liberhan

Children spend too much time with mobile phones and games, but this trains different skills

Digital world offers opportunities for learning but poses risks to emotional and mental health

Virtual masking and deepfakes create false sense of trust and manipulate children’s behavior

Children interact with people without clear identities online, posing risks

Content risks, contact risks, and excessive screen time are key concerns for parents

Speakers agree that the digital world presents both opportunities for learning and skill development, as well as risks to children’s safety and well-being.

Need for multi-stakeholder collaboration

Sofiene Hemissi

Syed Munir Khasru

Deepali Liberhan

Andrei Zarenin

Lack of consistent international legal frameworks and policies for child protection online

Tech companies should play a more active role given their resources and reach

Cross-platform initiatives like Project Lantern help address harms at scale

Cyber hygiene programs and digital literacy initiatives are important for educating children

Speakers emphasize the importance of collaboration between governments, tech companies, civil society, and educational institutions to address online child protection issues effectively.

Similar Viewpoints

Both speakers emphasize the importance of implementing technological solutions and standards to protect children online, such as age verification and specialized features for young users.

Muhammad Khurram Khan

Deepali Liberhan

Need for child-appropriate verification, age assurance protocols, and standards for platforms

Meta has implemented over 50 features and tools to address risks, including teen accounts

Both speakers highlight the importance of addressing privacy concerns and manipulative behaviors in the digital space to protect children’s rights and well-being.

Sara Alfaisal

Andrei Zarenin

Privacy violations and cyberbullying are major challenges from a human rights perspective

Virtual masking and deepfakes create false sense of trust and manipulate children’s behavior

Unexpected Consensus

Positive aspects of children’s digital engagement

Eugene Kaspersky

Syed Munir Khasru

Children spend too much time with mobile phones and games, but this trains different skills

Children interact with people without clear identities online, posing risks

Despite acknowledging risks, both speakers unexpectedly highlight positive aspects of children’s digital engagement, such as skill development and access to information, suggesting a nuanced view of the digital landscape for children.

Overall Assessment

Summary

The main areas of agreement include recognizing both opportunities and risks in the digital world for children, the need for multi-stakeholder collaboration, and the importance of technological solutions and education in addressing online child protection issues.

Consensus level

There is a moderate to high level of consensus among the speakers on the complexity of the issue and the need for collaborative efforts. This consensus implies that future initiatives to protect children online are likely to involve diverse stakeholders and multifaceted approaches, combining technological, educational, and regulatory measures.

Different Viewpoints

Impact of technology on children

Eugene Kaspersky

Sofiene Hemissi

Children spend too much time with mobile phones and games, but this trains different skills

Digital world offers opportunities for learning but poses risks to emotional and mental health

While Kaspersky sees technology use as potentially beneficial for skill development, Hemissi emphasizes the risks to emotional and mental health.

Effectiveness of technological solutions

Eugene Kaspersky

Muhammad Khurram Khan

Parental control systems work for younger children but older teens can bypass them

Need for child-appropriate verification, age assurance protocols, and standards for platforms

Kaspersky highlights the limitations of technological solutions, especially for older teens, while Khan advocates for more robust technological measures.

Unexpected Differences

Role of parents in digital education

Eugene Kaspersky

Syed Munir Khasru

Parental control systems work for younger children but older teens can bypass them

Children interact with people without clear identities online, posing risks

While most speakers emphasized parental involvement, Kaspersky unexpectedly highlighted the limitations of parental controls, suggesting a need for alternative approaches, especially for older teens.

Overall Assessment

summary

The main areas of disagreement revolved around the impact of technology on children, the effectiveness of technological solutions, the role of tech companies, and the balance between education and technical measures.

difference_level

The level of disagreement was moderate. While speakers generally agreed on the importance of protecting children online, they differed in their emphasis on various approaches and solutions. These differences highlight the complexity of the issue and the need for a multi-faceted approach to children’s online safety.

Partial Agreements

Both agree on the importance of tech companies’ role in protecting children online, but differ on the extent of current efforts. Khasru calls for more action, while Liberhan highlights existing measures.

Syed Munir Khasru

Deepali Liberhan

Tech companies should play a more active role given their resources and reach

Meta has implemented over 50 features and tools to address risks, including teen accounts

Both emphasize the importance of education and technological measures, but focus on different aspects – Zarenin on education programs, Khan on technical standards and protocols.

Andrei Zarenin

Muhammad Khurram Khan

Cyber hygiene programs and digital literacy initiatives are important for educating children

Need for child-appropriate verification, age assurance protocols, and standards for platforms

Similar Viewpoints

Both speakers emphasize the importance of implementing technological solutions and standards to protect children online, such as age verification and specialized features for young users.

Muhammad Khurram Khan

Deepali Liberhan

Need for child-appropriate verification, age assurance protocols, and standards for platforms

Meta has implemented over 50 features and tools to address risks, including teen accounts

Both speakers highlight the importance of addressing privacy concerns and manipulative behaviors in the digital space to protect children’s rights and well-being.

Sara Alfaisal

Andrei Zarenin

Privacy violations and cyberbullying are major challenges from a human rights perspective

Virtual masking and deepfakes create false sense of trust and manipulate children’s behavior

Key Takeaways

Protecting children’s rights in the digital world requires a multi-stakeholder approach involving governments, tech companies, civil society, and parents

The digital landscape offers both opportunities and risks for children, including educational benefits but also threats to privacy, mental health, and safety

Technological solutions like parental controls and AI-powered content moderation can help, but must be balanced with education and human oversight

International cooperation and consistent legal frameworks are needed to address cross-border online threats to children

Digital literacy and cyber hygiene education are crucial for both children and adults

Resolutions and Action Items

Continue developing and implementing technological safeguards like Meta’s teen accounts and cross-platform initiatives like Project Lantern

Increase collaboration between stakeholders to develop standards, protocols and specifications for child safety to be integrated into online platforms

Expand digital literacy and cyber hygiene educational programs for children, parents and educators

Work towards more consistent international legal frameworks and policies for online child protection

Unresolved Issues

How to effectively verify age and implement age-appropriate protections online without compromising privacy

Balancing children’s rights to privacy and expression with parental oversight and protection

Addressing the digital divide to ensure equal access and protections for children globally

How to keep pace with rapidly evolving technology and emerging threats

Suggested Compromises

Flexible limits on children’s screen time based on factors like school performance

Balancing technological protections with education to empower children to navigate risks

Implementing child protection measures at the operating system or app store level to reduce data collection concerns

We have to train, educate, inspire the children. And in my opinion, they are very smart. Even in this year, people in the age group of 12 and below, 35 to 40 million will be using internet, which is 12 million more than people in the age group of 12 to 17.

speaker

Syed Munir Khasru

reason

This comment challenges the notion that children need to be protected from technology, instead suggesting they need to be empowered to use it wisely. It also provides surprising statistics about young children’s internet usage.

impact

This shifted the conversation from a protective stance to one focused on education and empowerment. It led to further discussion about digital literacy and the role of parents and educators.

Now we are interacting with the technology, but in the future we will be having technology permeating inside by having, you know, brain-computer interface and we will have the chips implanted in our minds, you know, the brains, you know. And I’m afraid that, you know, what would be the situation look like in the future.

speaker

Muhammad Khurram Khan

reason

This comment introduces a futuristic perspective on technology integration, raising ethical concerns about the long-term implications of technology on human cognition and autonomy.

impact

It broadened the scope of the discussion beyond current issues to consider future challenges, prompting others to think about long-term technological trends and their potential impacts on children.

From human rights perspectives, we need to focus on the right of privacy, because the right of privacy, it’s a big right, and it’s included in the Universal Declaration and also it’s included in the Treaty of Children’s Rights.

speaker

Sara Alfaisal

reason

This comment frames the discussion in terms of fundamental human rights, emphasizing the importance of privacy in the digital age.

impact

It refocused the conversation on legal and ethical frameworks, leading to further discussion about the role of governments and international bodies in protecting children’s rights online.

If you think technology will solve your problems, then you do not understand technology and you do not understand your problem.

speaker

Muhammad Khurram Khan

reason

This provocative statement challenges the over-reliance on technological solutions, emphasizing the need for a more holistic approach.

impact

It led to a more nuanced discussion about the limitations of technology and the importance of education, policy, and human factors in addressing online child protection.

I think education for adults is more important than education for kids. Because the danger from non-educated adults is much more. They can do much more dangerous mistakes.

speaker

Eugene Kaspersky

reason

This comment offers a counterintuitive perspective, suggesting that adult education is more critical than child education in addressing online risks.

impact

It shifted the focus of the discussion to the role of parents and adults in creating a safe online environment, leading to further exploration of intergenerational digital literacy gaps.

Overall Assessment

These key comments shaped the discussion by broadening its scope from immediate concerns about online safety to long-term technological trends, human rights implications, and the limitations of purely technological solutions. They challenged participants to consider the complexity of the issue, emphasizing the need for a multi-stakeholder approach that includes education, policy, and human factors alongside technological solutions. The discussion evolved from a focus on protecting children to empowering them, and highlighted the importance of adult education and intergenerational understanding in addressing online risks for children.

How can we address the digital divide between privileged and underprivileged children?

speaker

Sofiene Hemissi

explanation

This is important to ensure equal opportunities for all children in the digital world.

How can we protect children’s cultural identity and privacy in the digital sphere?

speaker

Sofiene Hemissi

explanation

This is crucial for preserving cultural values and protecting children’s personal information.

How can we develop unified international frameworks and policies for child protection online?

speaker

Sofiene Hemissi

explanation

This is necessary to create consistent protection measures across different countries.

How can we address the manipulation of children through AI and data analysis?

speaker

Sofiene Hemissi

explanation

This is important to protect children from potential exploitation through advanced technologies.

How can we improve digital literacy for parents to better protect their children online?

speaker

Andrei Zarenin

explanation

This is crucial for enabling parents to effectively guide and protect their children in the digital world.

How can we create safe environments that help children adapt to the digital world while minimizing risks?

speaker

Andrei Zarenin

explanation

This is important for balancing the benefits of technology with necessary safety measures.

How can we inspire and encourage children to be better net citizens?

speaker

Syed Munir Khasru

explanation

This is crucial for developing responsible digital behavior in children.

How can we address the challenges posed by emerging technologies like brain-computer interfaces and implanted chips?

speaker

Muhammad Khurram Khan

explanation

This is important to anticipate and prepare for future technological developments that may affect children.

How can we develop global solutions for child online protection that include developing and least developed countries?

speaker

Muhammad Khurram Khan

explanation

This is necessary to ensure comprehensive and inclusive protection measures worldwide.

How can we balance the benefits of technology use with the need to limit screen time for children?

speaker

Eugene Kaspersky

explanation

This is important to promote healthy technology use habits in children.

How can we improve international cooperation to combat child abuse and exploitation online?

speaker

Eugene Kaspersky

explanation

This is crucial for effectively addressing cross-border online threats to children.

How can we develop standards and protocols for child safety that can be easily implemented by small startups and companies?

speaker

Muhammad Khurram Khan

explanation

This is important to ensure consistent safety measures across all digital platforms, regardless of company size.

Summary

This discussion focused on the role of regionalism in Internet governance, particularly within the context of the Internet Governance Forum (IGF). Participants explored how regional approaches contribute to global Internet governance and their evolving relevance. The panel highlighted that regional organizations are often better equipped to address local challenges due to shared cultural values, languages, and priorities. They noted that regional Internet Governance Forums (IGFs) serve as important platforms for capacity building, amplifying local voices, and bridging gaps between national and global levels.

The discussion emphasized the value of regional approaches in fostering multi-stakeholder engagement and developing context-specific policies. Panelists pointed out that regional organizations can better support member states in responding to global agendas like the Sustainable Development Goals. They also stressed the importance of regional cooperation in developing digital infrastructure.

Participants debated whether regionalism acts as a building block or stumbling block for global governance. While recognizing the need for global standards in technical areas, they acknowledged the benefits of regional diversity in addressing policy challenges. The discussion touched on the evolving nature of regionalism, noting that some coalitions form based on shared values rather than geographic proximity.

The panel also addressed youth engagement in regional IGFs, highlighting the importance of connecting young people to these platforms for capacity building and leadership development. Overall, the discussion underscored the continuing relevance of regional approaches in Internet governance, while recognizing the need to balance regional diversity with global coordination.

Keypoints

Major discussion points:

– The relevance and importance of regional approaches to internet governance, including logistical benefits, capacity building, and strengthening voices in global discussions

– How regional internet governance initiatives (NRIs) contribute to and complement global internet governance processes

– The role of regional organizations in developing policies and strategies tailored to local contexts and needs

– The tension between global technical standards and regional policy approaches

– Youth engagement in regional internet governance processes

The overall purpose of the discussion was to examine the concept of regionalism in internet governance, exploring its relevance, evolution, and potential future role in global internet governance processes like the IGF.

The tone of the discussion was largely collaborative and exploratory. Speakers shared insights from their diverse regional experiences while acknowledging common challenges and opportunities. The tone remained constructive throughout, with participants building on each other’s points to develop a nuanced understanding of regionalism in internet governance.

Speakers

– Chris Buckridge – Moderator

– Markus Kummer – former head of Working Group on Internet Governance

– Jenna Manhau Fung – Works for a top level domain registry in Asia-Pacific, coordinator of Asia-Pacific Youth Internet Governance Forum

– Nibal Idlebi – Acting Director of Statistics Information Society and Technology at UNESCO

– Carolina Aguerre – Scholar and university professor studying regional internet governance

Additional speakers:

– Ulka Atle – Works at RIPE NCC (Regional Internet Registry)

– Roman Danyliw – Representing the IETF

– Nadia Tjahja – Co-organizer of the workshop

– Jamal Shahin – Co-organizer of the workshop, researcher at United Nations University

Expanded Summary: The Role of Regionalism in Internet Governance (Workshop #141)

This discussion, moderated by Chris Buckridge, explored the evolving role of regionalism in Internet governance, with a particular focus on its relevance within the context of the Internet Governance Forum (IGF). The panel, comprising experts from various regions and backgrounds, examined how regional approaches contribute to global Internet governance and their changing significance in an increasingly interconnected digital landscape.

Importance and Relevance of Regional Approaches

There was broad consensus among the speakers on the continued importance of regional approaches to Internet governance. Chris Buckridge highlighted that regional approaches address crucial logistical issues such as time zones, languages, and cultural differences. This sentiment was echoed by other panelists, who emphasized additional benefits of regionalism.

Nibal Idlebi, Acting Director at UNESCO, stressed that regionalism allows for capacity building and brings people into a deeper understanding of Internet governance. She argued that regional organizations are often better equipped to propose policies suited to local governance processes, as they have a more nuanced understanding of the specific challenges and priorities within their regions. Idlebi also shared insights from the Arab IGF experience, highlighting how governance processes can differ significantly between regions.

Jenna Manhau Fung, coordinator of the Asia-Pacific Youth Internet Governance Forum, pointed out that regional forums provide a vital platform for amplifying voices, especially for youth and developing countries. She highlighted the diversity within the Asia-Pacific region, noting the multitude of languages and cultures that necessitate a regional approach distinct from other areas. Fung emphasized the importance of regional approaches for youth engagement and capacity building in Asia-Pacific, discussing how these platforms offer opportunities for young people to develop leadership and policy skills.

Carolina Aguerre, a scholar and university professor, emphasized that the regional approach enables thought processes and development of digital infrastructure tailored to local needs. She noted a renewed interest in regional forums in Latin America and the Caribbean, possibly driven by geopolitical shifts and emerging technologies like AI governance. Aguerre also highlighted the lack of political and economic integration in Latin America and the Caribbean, explaining how this affects regional approaches to internet governance in the area.

Relationship Between Regional and Global Internet Governance

The discussion explored the complex relationship between regional and global Internet governance processes. Markus Kummer, a veteran of Internet governance with extensive experience in WSIS and other processes, pointed out that regional Internet registries complement the global ICANN governance structure. He also noted that regional solutions, such as the EU’s General Data Protection Regulation (GDPR), can sometimes become global standards.

Chris Buckridge emphasized that regional forums help strengthen voices in global discussions, providing a stepping stone for local actors to engage in broader Internet governance debates. Nibal Idlebi added that regional organizations can support member states in responding to global agendas, such as the Sustainable Development Goals.

However, an audience member raised the important point of balancing regional perspectives with global protocols necessary for an interconnected Internet. This highlighted the ongoing tension between the need for global technical standards and the benefits of regional diversity in addressing policy challenges. Roman Danyliw from the IETF provided additional insights on the technical perspective of regionalism in internet governance.

Evolution of Regionalism in Internet Governance

The panel noted significant developments in the evolution of regionalism within Internet governance. Chris Buckridge pointed out that national and regional Internet governance initiatives (NRIs) are a significant outcome of the IGF process, demonstrating the growing importance of regional approaches.

Jenna Manhau Fung discussed how the regional approach is evolving to address new issues like AI governance, indicating that regionalism remains relevant in tackling emerging technological challenges. Speakers mentioned specific examples of regional AI governance initiatives, highlighting the diverse approaches taken in different parts of the world.

An interesting perspective was introduced by Jamal Shahin, who suggested the need to consider non-geographically contiguous actors and coalitions. Shahin also briefly mentioned a UNU research project on regionalism in internet governance. This idea was further explored through an audience question about the potential for “middle powers” like Canada, Australia, and New Zealand to form their own “region” based on shared values rather than geography. This concept challenges traditional notions of regionalism and suggests a potential future where regions might be defined by shared economic frameworks or political policies rather than geographical proximity.

Youth Engagement in Regional Internet Governance

The discussion also touched upon the crucial topic of youth engagement in regional Internet governance processes. Nadia Tjahja, a co-organizer of the workshop, suggested specific ways for youth to get involved, including connecting with NRIs and regional representatives. She also mentioned regional events and summer schools as avenues for youth participation.

Unresolved Issues and Future Considerations

While the discussion highlighted many benefits of regional approaches to Internet governance, it also revealed several unresolved issues. These include:

1. How to effectively balance regional needs with global technical requirements of the Internet

2. The role of non-geographically contiguous actors and coalitions in regional approaches to Internet governance

3. Improving pathways from regional to global Internet governance processes

The panel suggested some potential compromises and action items to address these challenges. These included using regional forums to develop common positions that can then feed into global discussions, and adopting a multi-layered approach that includes regional, sub-regional, and like-minded country groupings in addition to traditional geographic regions.

In conclusion, the discussion underscored the continuing relevance and importance of regional approaches in Internet governance. While acknowledging the need for global coordination, particularly in technical areas, the panelists emphasized the value of regional diversity in addressing policy challenges and fostering multi-stakeholder engagement. As the Internet governance landscape continues to evolve, it is clear that regional approaches will play a crucial role in shaping policies, developing infrastructure, and ensuring that diverse voices are heard in global debates.

Chris Buckridge: Okay. I think we are ready to go here. So I would like to welcome everyone to probably the first or second of the sessions of the day for everyone. This is workshop number 141 and it’s on regionalism and the IGF. My name is Chris Buckridge. I’m here, I think with no hats on today, just as a general IGF gadfly, but to moderate the session, and I’m very happy to do so. We have a panel of four speakers, two of whom are here with me on site in Riyadh and two of whom are online here. And hopefully we’ll also have a very active discussion with both participants online and in the room here. As Marcus just noted, we have more people in the audience than on the stage, which is always a good sign for these workshops. So looking forward to that. The speakers that we have, and I’m going to let them maybe, as we go around with the questions, introduce themselves a little bit more in terms of their affiliations. I know certainly many of us here probably have multiple hats on and I’ll let people identify for themselves. We have Marcus Kummer to my right here, Nibal Idlebi on my left, and online we have Jenna Manhao-Fung and Carolina Aguera. Apologies to all for any mangling of pronunciations there. The topic of today’s session, and sorry, just looking around for anyone, we are on channel two in the room, we have the audio set up. The topic of today’s session, regionalism and the IGF. So, I mean, from very early in the internet’s development and technical governance processes, there has been a bit of a focus on regional. groupings, regional coordination, regional preparation. The regional internet registries are one example of that, which has really emphasized that approach. And it’s allowed that structure was very much reflecting a need for local communities based around whether language, time zone, cultures to develop policies that suited their specific needs and circumstances while maintaining and contributing to global coordination on essential elements of governance. Now, today we see with the Internet Governance Forum, there is a really vibrant network of national and regional internet governance initiatives and internet governance forums, which we usually call NRIs. So I’m sure that acronym will be used very often in this session. So we have NRIs representing all of the national, regional internet governance initiatives. There are currently more than 170 of those around the world. And that also includes youth IGFs. Majority of those are in the global south, though I think it’s probably very well represented across the world. And they’re defined, those NRIs, by their multi-stakeholder bottom-up approach. This is something that’s laid out and overseen in some ways by the global IGF. So the recent, okay. There was a recent paper called Net Effects, which was produced by the DNS Research Federation. And in full disclosure, I was one of the co-authors on that. But one of the findings that it had was that those NRIs, the National and Regional Internet Governance Forums, were actually one of the most significant outcomes and products of this IGF process, and are seen as a really vital. space to foster and develop new leaders and informed governance participants for global discussions. And in the GDC, we actually see the IGF referenced in part for the importance of its connection to national and regional groupings. So with all this focus on on regionalism, I think the purpose of today’s discussion is to dig into that idea a little bit is is regionalism, how does it contribute to the idea of global governance, is it still as relevant today as it ever has been. And and how can that develop over time. The first question I want to sort of put to the panelists that we have here is, well, speaking to that how relevant is the regional concept for understanding the IGF or the multi stakeholder world. And how is that regional approach regional idea evolving and developing. And so I first want to put it to Marcus and Marcus as I said, if you maybe take the opportunity on this first question just to introduce yourself and your affiliations, that would be great. Thank you.

Markus Kummer: Thank you, Chris. Well, I’m a veteran of this space I was involved in WSIS, WSIS-I, WSIS-II. And then I was the head of the Secretariat of the Working Group on Internet Governance which provided input into WSIS-II, which was by and large adopted by the summit. That is the definition of Internet Governance explaining what Internet Governance is. So I worked and I also worked for Internet Society and I was on the board of ICANN. Right now, I’m mainly retired, but I stay involved. One of the advantages of old age is that you have seen a lot and previous life I was dealing with trade with free trade agreements. I worked then for the European Free Trade Association, which is the tiny brother of the European Union. Switzerland, Norway, Liechtenstein, and Iceland, but these are four highly developed and well-to-do countries and we had free trade agreements all over the world from Singapore to Canada to Chile and in free trade there was a saying of regional free trade agreements, a stumbling block or a building block for free trade globally. And I think we can ask the same question with regionalism in the internet space. Chris mentioned the RIRs that are more the regional side of internet governance, ICANN is the global side in trade that would be like the WTO in trade. So in the internet space, I think in the technical space, they are complementary. Now when it comes to internet governance, it’s not just about naming and addressing and the WSIS outcome clearly states that, it’s also about the use and abuse of the internet. There are issues like cyber security, like protecting children and, and, and, and you all know that these are all hotly debated issues. Now do we need to find global solutions or can we find regional solutions to tackle the problems we are facing? One of my favorite sayings, it was from your former boss, Chris from Axel Pavlik used to say good internet governance begins at home. There’s a lot to be said for that. A lot of internet governance is actually at the very national level. National governments have a lot to say, but obviously in the regional, there are usually countries that share a lot. lot of commonalities. They share the same, obviously are from the same region. So quite often they share the same language in Europe. That’s not the case, but, uh, they share the same legal background. Now, the European union is an excellent example of, uh, regional approaches. The European union has obviously the market power and it has the power also to impose their views. I mean, the GDPR was one of the examples where a regional solution by its sheer force became a global approach. Countries are more or less forced to adapt to the GDPR. If not, they will be forced to, they will be just left behind and their actors will face huge consequences if they don’t adapt to the GDPR. So this is obviously one example and the European union has others for digital market act, digital services act. So they are, uh, solutions that are regional, but they become kind of global standards. Now for other regions that don’t have the same market power, the same power to impose sanctions, they will not be able to do the same, but they can nevertheless, uh, share same experiences. And there, I think the possible way could be that they have a bottom up, uh, share the same, adopt the same practices in dealing with similar issues. Uh, so. In trade, there was never, um, a clear way of saying this is good or this is bad, the regional approach. And I think we are in the same way in the, uh, internet governance space. Uh, we cannot say it’s good. We cannot say it’s bad, but I think that is merit that obviously in discussing in sharing experiences and also in developing good practices in how to deal with some of the issues. And obviously it’s easier to get together on the regional basis where you share, have some commonalities, share cultural aspects and, uh, bring that into the global debate, but we are, as we all know, far away from having global solutions to some of the issues. We have one global solution to, uh, security, but that’s also highly controversial right now. And it shows it’s not easy to find global solutions with that. I think I hand it back to you, Chris. And I also apologize to the people in the room that I will nip out in between because I’m double booked for this session, but I will come back again. Thank you.

Chris Buckridge: Thank you very much, Marcus. But all right, we’ll, we’ll work around the, the very, um, uh, busy schedules that we all have. Um, for the next speaker and please, I w I want to go around the four. Um, panelists first, and then we’ll come to the room. I know there’s already, um, some questions or comments starting to bubble up. Um, but the next speaker I’d like to hand to is Jenna. So Jenna, please, the floor is yours. And with the same, um, sort of framing question there of, uh, how relevant is regional concept and how is that evolving?

Jenna Manhau Fung: Thanks, Chris, and thanks, Marcus. That makes so much sense because I was like, Marcus is the most experienced person I’ve ever met in the global IGF community, and I was like, it’s not a good sign to go after him because I was so stressed about what should I go next. But before I get started and answer the question, perhaps I can provide some background of myself before I started, especially given the topic, it’s about regionalism. I work for a top level domain registry in Asia-Pacific, mostly spending my time managing a program, a youth capacity building program on Internet governance for about six or seven years now. And I usually wear my hat as the Asia-Pacific Youth Internet Governance Forum coordinators when I get more involved in the IGF related initiative right here. So in the past year, I’ve been quite active in helping organizing the youth related activity and outreach within the IGF community. So speaking of this topic, I always get very interested. And I don’t want to repeat too many of Marcus’ points because I think he make it very clear and it also resonates with a lot of points I want to make. But I want to echo on some of the points and build upon on that. Earlier, Marcus mentioned how regionalism could help with creating some regional solution. But my personal experience and as a youth coordinator there for about six years, I think, especially for younger people in Asia-Pacific. Pacific region before you can even come up with anything that’s close to a regional solution. That regional approach is even more important as a platform for them to amplify their voices. As you might know, Asia Pacific is really huge. There are many languages and there are different cultures as well. Even there are times when we talk about the topics that we approach there would be very different from Europe, I would imagine. And now that I also reside in North America, I could really see that people usually have different focus. And there are times just like picking on my own experience organizing a youth IGF in the Asia Pacific region. I could see that Southeast Asian country will have a different interest on topics that might be different from East Asia, for example. And many of the students who are involved from some regions may care about more, for example, internet access, while the other maybe want to talk about more the issues related to AI or technologies, maybe not AI. Everyone wants to talk about AI because it’s really influencing our life right now. But what I wanted to say is there are times even with a region as vast as Asia Pacific, we already feel challenges making a conversation that’s constructive enough that leads us close to a solution, so to speak. And so that’s why I think a regional approach or even a sub-regional approach maybe even become more important, because if you couldn’t have a constructive conversation at home… then it will be very difficult for you to represent your voice at a global stage. Myself being very involved in the global internet governance forum for so long is that I do value and I do think that global solution or a platform for that kind of conversation is important. But as Chris kickstarted the sessions, time zone sometimes doesn’t work out and it just naturally eliminates some voices, right? And it’s, you know, there’s some level of practicality to like imagine an initiative having coordinator based in the region that has more resources that allow them to make this initiative or conversation happen. That’s, you know, just sometimes naturally make the conversation happen or flavoring people from certain regions. But for example, it’s like, of course, I know there’s like a mechanism, for example, rotating the schedule to kind of like accommodate, but, you know, it’s just different from how regional approach work. Well, I’m starting babbling right now because it’s right way past midnight here in Toronto, but I will stop here and pass it back to my fellow panelists and moderators so we could continue conversations as we move on.

Chris Buckridge: Thank you very much, Jenna. And thank you for the closing illustration there of the challenges of a global conversation and the importance of regionalism. I would like now to pass back to the room here in person. We have Nibal, please.

Nibal Idlebi: You hear me? Okay. Thank you very much, Chris, Marcus, and everyone on the panel here. I would, I’m Nibal Idilbi to introduce myself. I am currently the Acting Director of Statistics Information Society and Technology at the UNESCO. UNESCO stands for United Nations Economic Social Commission for Western Asia. I was involved and we are working mainly in the Arab region. We are focusing in the Arab region. However, we are of course linked to the UN Secretariat and we have a lot of collaboration with all UN agencies. Myself, I was also like Marcus, I was with WSIS since the starting point, since 2003 when the discussion started. I followed WSIS plus 20 and so on. We are now making the preparation for WSIS plus 20. We have Arab IGF which is one of the regional IGF. I am speaking about our experience in this regard. The Arab IGF was really established at the beginning since 2005, around 2005. We are continuing organizing the Arab IGF regularly. Sometimes each year, sometimes each two years. Based on our experience, I believe the regional dimension is very important. As Marcus was saying, we are sharing the same challenges in the region. We are aware of the dynamism of the countries in the region. We know very well the stakeholders. Based on our experience with the stakeholders, different stakeholders, especially that IGF is multi-stakeholder, we were able to engage them in a very dynamic way, I would say. We were able also during this experience to fill some stakeholders who were not very knowledgeable about the IGF and its importance and so on. We have made a lot of capacity building about what it is IGF and what it is even with us in some cases. It was very important for capacity building. I believe in the Arab region, we had a lot of things to say to engage people and to make them learn about the process. I believe also the challenges are very similar. As Marcus said, the culture, the language, it is the same language across the Arab region. I believe it was a very good experience for us also to bridge the gap between national and global. Because some countries at the beginning, they didn’t have this national IGF. Our role was also to encourage countries to establish the IGF at national level. We supported some of them. interacted with some of them, we feel till now some countries don’t have IGF, a national one. Then I believe the regional dimension filled the gap in a way between the national and the global. And also it was very important, I believe, for the common positioning, to have common position of the region vis-a-vis the global issues, I mean, that are discussed at a global level. And then it was an intermediary layer, I would say, and important block to fill the gaps and to give the voice of the region at a global level. This is from one side and also encouraging the stakeholder. I believe the dynamism in the Arab region was among the different stakeholder was completely not the same, I mean. For example, NGO, they needed really a lot of capacity building to have and so on. While public-private sector, they were more engaged and they were really very supportive and they wanted to be real, to play a role, very important role, especially that in many countries, it is more the government who is leading the scope of the regulation and everything in the country. Therefore, the private sector, they found it as a very important room and very important forum to discuss and to discuss sincerely with the government and to put their position and to put what they need, in fact, for enhancing the sector as a whole. This is what I think the most important issue that I would say. And I believe for the last 20 years now, I mean, I believe the discussion started smoothly, but now I believe we have a strong community for the IGF, very strong community for the IGF at regional level. And we can build on this what we have achieved so far. I believe it is more promising for the future. And although there is between Arab countries, there is is no binding rule as there is in the EU. You mentioned the EU and GDPR, which is a very important experience. However, in the Arab country, we don’t have this political power to impose anything at a regional level, unfortunately. What we do is more promoting, positioning, global positioning, and so on, and we try to make it as serious as possible, vis-a-vis the global community. I will stop here for the time.

Chris Buckridge: Okay. Thank you very much, Nibel. And turning now to the last of our panelists, or at least in this first round, and going back online, Carolina Aguerre, pass to you.

Carolina Aguerre: Thank you, Chris. Hi, everyone. Good morning. So, it’s also very late for me over here, so I empathize with Jena, and bear with me for my ranting a little bit. I’m a scholar, I’m a university professor, and I’ve been very much interested in how local and regional communities embrace internet governance. In my understanding, I mean, it’s conceptually very hard for people all over the world, global north, global south, or global majority, however you want to call that, to embrace something as powerful, but also as immaterial, and very material at the same time as the internet, without going down into the local layers, and how local actors organize themselves, how they imagine, how they build their networks, how they want their standards to operate upon. And this kind of struggles, and this kind of vision, is something that, in the case of the in Latin America and the Caribbean. It has been present, I would say, since the late 1980s. There was, and the struggle to sort of generate a regional internet registry portrays the relevance of thinking about this levels of subsidiarity where local policy or the policies of assigning IP addresses come closer to the communities that have to be served. And this applies to all our RIRs. And I think this is a very valuable lesson on how the internet evolved originally and how it still stands today, reflecting the needs and the identities of these regional and local communities. Lately, I would say that in my region, regionalism has tended to become more interesting for actors, and I’m not exactly sure why, but I think that this, a lot of the geopolitical turn concerning the governance of the internet, but also the governance of AI, really leaves much less space to think about the development of these infrastructures and the platforms that citizens want to engage with and the actual local power dimensions that need to be addressed. And I’ve seen that there is a renewed interest, not so much in national initiatives in Latin America and in the Caribbean, but more in the regional forum. This year’s regional IGF in Santiago de Chile, the 17th edition. it really sort of marked this kind of vibrancy that with the pandemic I think had lagged and now we’re seeing this spike coming up again. But just to end my first intervention, I also want to address something concerning Marcus’ original intervention, concerning this idea of, okay, so which is the platform, which is the kind of process that is guiding regionalism? And so he mentioned trade a lot, for example, right? And the EU, for example, it is an economic and a political bloc, but we don’t have that kind of regional integration in Latin America and the Caribbean. That’s much more loosely bound. Actually, there’s so many sub-regions and countries that actually operate with the North much more commercially-wise, much more than with the South. But still, this brings in another cleavage or another interesting dimension to address, okay, but there are regional forums, there are regional, and not just the IGF, there are regional processes addressing the impact of this general-purpose technologies. We are seeing this in AI as well, where identity and culture from this regional perspective does matter. So I think that the challenge in a region that is not politically or economically integrated, as is LAC, we have the challenge to think about what kind of institutions, other than the existing RIR processes or LAC-TLD for the top-level domain sector, I mean, which other institutions will be able to sort of harness this regionalism that we need to think about in terms of the digital and the internet? world. And this is so this is my closing comment for my first intervention. Thank you.

Chris Buckridge: Thank you very much, Carolina. Yeah, okay. rectify that going forward. So I think that’s been a really good discussions here. I do want to commence from the floor. I think from my very limited attempt to sort of summarise where what I’ve heard or what key points I’ve heard here. The sort of the relevance and the importance of a regional approach comes down to obviously, logistical issues, there are time zones, there are languages, there are cultural distinctiveness that can be addressed in terms of a read more regional processes. There is the sort of capacity building element where you can bring people into an understanding of the importance of internet governance and this this sort of space and the opportunities there are to engage. There’s strengthening that that glow that those voices in the global discussions and I think maybe some of the discussions around EU processes, GDPR, etc. And Carolina, your points, then maybe speak a little bit to that. And I think also about your point about sort of regional processes, allowing for more sensitive discussions with stakeholders was with a really interesting and important one. So I want to see if Yeah, we have one at the back of the room there and another year. So thank you.

Audience: Hello. My name is Tiago. I am a PhD scholar at VLB in Brussels but also a fellow at Unicris. So, very nice to be here in this panel that’s discussing the discussion on the regionalism in the IJF. And my question is, and this has been part of the discussion that we had in Brazil during NET Mundial Plus 10, how we make regionals, IJFs or national ones to be more connected and like what’s being shared there and best practice of these flows. And one specific example that I think that can be very interesting if we can have some platform, some way of like sharing better and building bridge of these initiatives is how different stakeholders in these regions connect with the topic. Because I can give an example, at least in Brazil, I’m from there of course, and in Brazil we see civil society has really an outstanding role there in the way that talking about digital rights organizations, they are very well structured in a coalition and they do a lot of like policy agenda as like there are different institutions that work together for some common goals. And I see that the role of the Brazilian IJF makes a big difference for making them to connect. And this, for example, is a kind of what I could say good practice and stakeholders that could be shared in other regions. And I heard Nibal saying that, for example, here the private actors in Arab region is quite active and I hear that in some other places it’s not. And people say, yeah, we should have more people from a business being engaged. Otherwise, how can we say that this is really mood stakeholder, right? I think there’s also an imbalance of how, depending on the region, some groups of stakeholders are more or less active, and maybe it’s something that the regionalists’ approach could, I don’t know, see how they share, and trying to understand why is this happening here and not there, and vice versa. So, just food for thought.

Chris Buckridge: Thank you very much. A really, I think, important point there, particularly in terms of regional diversity and distinctiveness versus sort of emerging common best practices. So, I’m sure the speakers will come back to that. I think, Dana?

Audience: Thank you to the panel overall. Dana Kramer here, for the record. I’m a PhD candidate, and I study a lot of these regional elements, so I’m quite interested by this panel overall, and I thought that these opening remarks were phenomenal. I come from Canada, and our region does not have a strong regional focus. We’re a bit left out in the regionalism conversation because North America has very large landmass countries in Canada and the United States, and we have that Mexico tends to get looped into the South American space because of similar language, but also, too, the Caribbean nations also have their own regional initiatives because telecommunications-wise, they’re either European or North American or South American. From a numbers perspective, they get split between Aran and Latinx, and then also, too, culturally, they have a very distinct identity that doesn’t fit. Like, we don’t have a homogenized view the way that Europe or other regions might to help with it. And so that kind of guides like a… bit of why I’m going to ask two questions are a bit more like slightly geopolitics focused, but within the lens of recognizing that not all regions really have the capacity to act as regions in that North American context, which is like with Canada as a middle power, for example, and ahead of WSIS plus 20. Is there a role for middle powers to start to become their own region, such as Canada, Australia, New Zealand have been moving together enjoyed statements in the space of the GDC and WSIS plus 20. But do we need to start seeing like regions emerge across like similar economic frameworks, similar political policies that might not be geographically the same, but have different socioeconomic factors to make a region such as including, for example, like the Nordic countries within them. And my second question, I think maybe Carolina would be best for this rest within thinking about a new Bradford’s book on digital empires, which notes that the EU, the US and China as three global digital empires overall. And I’m wondering if you could speak to how maybe instead of thinking as certain countries, as superpowers in the digital space, if it’s because that they might have a large stakeholder groups that create that local level. And that’s how we can better understand regions, their capacity to have these complex networked actors that then create global superpowers in this space and how then different communities overall might be able to become new digital empires in and of themselves for forecasting how we might see internet governance evolve over the next 10 years. Thank you.

Chris Buckridge: Thank you very much, Dana. I’m going to throw to Marcus quickly, because I know he has to leave us shortly. And so Marcus, obviously, we’ve got some very interesting questions. important insights and questions from the floor. The other sort of next round of questions we have here is in terms of I think a little bit more looking to the future. Will regions continue to be building blocks or be building blocks for a new multilateralism or multi-stakeholderism? So in the time you have, can I ask you to answer that definitively?

Markus Kummer: Yes, thank you. That’s all good questions and thanks to my fellow panellists also for their intervention and I think in particular I will circle back to Carolina. She corrected me or made an addition obviously which I forgot to mention. It’s the question of regional integration and there the European Union of course is light years ahead of most of the regions in terms of integration. So they have the institutions that allow them to find binding solutions to tackle the issues and that makes what comes out of the European Union, what comes out of Brussels so important. And the other was a very interesting question of like-minded middle powers who are not geographically linked whether they should work together more and you mentioned a case which is already happening. So and I also remember that my days when I was dealing in multilateral affairs for the Swiss government we worked actually closely together also with Canada, Australia, New Zealand because they were like-minded but definitely not geographically linked and that is definitely I think a way to approach these. And the last question I would address was Tiago made also very excellent points and I think that is precisely what the IGF is all about that we come here to learn from each other, to share good practices and also then to go back home and make sure. that governments don’t take the wrong solutions, because governments have a tendency to shoot from the hip, so to speak. They want a solution, a quick fix, and they don’t think of unintended consequences. Governments in particular, whatever their leaning is, they like blocking the internet, for instance, which is a quick solution, something they don’t like, okay, let’s block it. I come from a country which has excellent democratic pedigrees, but they actually adopted that solution when it came to gambling. They thought, okay, let’s protect our own gambling industry and block foreign providers of the same services. I’m also part of the Internet Society Swiss chapter. We went on the barricades against it. We think this is a bad solution. It essentially breaks the internet, but the government didn’t listen. They listened to the lobby groups who wanted that solution. This is, I think, one of the strengths of the IGF, that we actually learn and can promote good policy and also go back and prevent governments from taking the wrong quick fixes without thinking of the unintended consequences. We may not always succeed, but at least we learn from each other. Let’s keep up the good fight. With that, I apologize. I have to run.

Chris Buckridge: Thank you very much, Marcus. Thank you for being here and sharing your insights. As an Australian, I’m a little triggered by the example you gave there, but we’ll move on from that. I’ll throw back now again to our online speakers. Jenna, again, please respond to any of the questions, but also that looking forward as to how regionalism might play into evolving multilateralism and multi-stakeholderism?

Jenna Manhau Fung: Certainly. I will try to combine some of my responses to both of the questions and echo a little bit on what Marcus just mentioned as well. Every time Marcus makes his remark, it sparks me with some sort of like new insights all the time. And now that make me realize how to say that. Unlike Europe, Asia Pacific, for instance, there’s no singular institution that could help create a binding solution that could influence globally to an extent of how the EU works. Many of the time, it will eventually fall into the hands of the big power of certain countries or certain corporations in the regions. You can see that for example, microchip, you could see that some certain corporations are bigger there. I try not to name them out specifically because given my background, I’m not very comfortable naming them out directly. But many of the time, I want to name the power dynamic there as well. Because in the regions like Asia Pacific, for example, there are certainly countries that is so big with a big market, big political power to also influence how smaller countries react to approach certain issues. And then there’s economical factors on top of political factors that will influence how things are like. And so that’s why I think beyond the actual organizations like RIR were literally to deal with the technical aspect of the internet. I personally do see that the regional NRIRs are the ones that are the ones that are the ones that are the ones that are eyes or local NRIs for some countries, if they do have a more democratic system, they’re helpful as a channel for them to advocate what they concern. Because I do believe there are times where individuals may have to leverage some sort of power, but different kind of power, from people or organization beyond their own physical boundaries. I don’t know if that makes sense, but that’s some of the cases. I think just echoing on the questions about whether I think that the multi-stakeholderism will be a beating block, like regionalism will be a beating block for this kind of new multi-lateralism or multi-stakeholderism. I do think that this approach could be a catalyst for that one. Just so how I mentioned earlier, I think how different countries share a geographical context and sometimes because of how they’re… It’s just a more practical way to do it regionally as you can’t really just start everything huge when a small country in one of the regions do not have such global impact where everyone will give them the attention, especially right now with us actually just living like living online, relying on whatever information we get through social media, for example, which is highly manipulative in my own opinion. I think that kind of platform is important, but at the same time, people who are in involved in IGF, regionally or globally, it’s still our own community or bubble sometimes. So I think Tiago mentioned and actually throw out questions about something related to that. Like in terms of collaboration, I think regionalism can favor collaboration beyond the actual physical IGF, whether it happen nationally or regionally. Because I mean, not speaking for businesses, I do believe that unless they are huge corporation which have a lot of resources to send people to a physical IGF to just like show up, to partake in conversation that we’re making, sometimes like smaller businesses, they’re trying to survive. And even if they care, they won’t be as active as those. And that’s why those people are usually missing in our conversation. And that’s why I think there are times some ongoing collaboration is important. But of course, there are many different kinds of businesses, but I won’t be speaking for them at this point. But I start to see that in some of the Southeast Asian countries, for example, especially around the AI area. Last year, I did a research, like a really casual research on how the developments in terms of their policy look like. And I could see that in some of the Southeast Asian country, they kind of like rely a little bit more on public-private collaboration into making things happen. Because I would assume not every country have such a system that allow them to develop something that’s like comprehensive right away, just to start with while they have to catch up everything that’s just like evolving so quickly, right? So I’ll stop here because I do believe. I echoed and respond to a few points that was asked and named earlier, and that’s my take on that. Thank you.

Chris Buckridge: Thank you very much, Jenna. I think some good points there, and I was wanting to push a little on the sort of AI aspect of this, not that this is the AI governance forum, but we have seen, I mean, groups like ASEAN, the African Union have all done regional AI strategies in the last 12 months, so we’re certainly seeing that engagement at a regional level, not necessarily in the specifically digital policy and internet governance related groups, but at the more geopolitical element of it as well. Nibal, I’ll pass to you.

Nibal Idlebi: I mean, okay, let me answer Teo, I believe, here some question about his question related to platform and exchanging experience. I believe, as Marco said, IGF, global IGF, is very good platform for sharing experiences. It is really, I believe, during the two previous days, I saw, I turned around, I saw many regional IGF, they were speaking, one of them, it was about the Arab IGF yesterday, there was a session about their experience, and it was really multi-stakeholder, I mean, the intervention and the people who participated in the session were from different background and from different groups, and then I believe such IGF, global IGF, is very good platform for sharing experience, but I will add to it that it could be even, that it could answer maybe this best practices exchange and also this building block that you have asked about. I believe, as, I mean, involved in the IGF and as involved in other platforms, I mean, related to WSIS or other development of policy in general in the IGF. for many, many countries. I believe having more reporting about the IGF, till now IGF they don’t have at the beginning there was any reporting about IGF process at regional or national or international. Then there was introduction at after 10 years of this of the IGFs, there was this introduction of chairperson messages or key messages that were shared by different IGF forum. I believe this is very important for sharing experience and capitalizing and exchanging the best practices and so on. I think reporting on what is taking place on IGF either nationally, regionally or globally, it is really very important for building on the things. It is like that, it will be more important, I would say important element to building the blocks. I mean for building blocks among the different regional IGF or even from national to regional, from regional to the global. This is maybe missing and this is where sometimes myself even when I want to look at the IGF, I don’t know in others area what was the result. It is really difficult to find the result. Then some reporting mechanism in the IGF, the introduction and I’m not here, I’m just giving this idea, it will really be very important for everyone. This is what I want to say and I want to mention that it is really, I mean the multi-stakeholderism that was introduced in the IGF, it was copied everywhere today. I mean in many platform and in many international forum, we find this, it is copied in a way. It is everywhere multi-stakeholderism. Even we are working as international intergovernmental organization. However, today, because we see the value of multi-stakeholderism, we duplicate this model everywhere. In all kind of activity that we are doing today for development, we are working more on development, socio-economic development, we are copying this model. Then multi-stakeholderism, even if there is no voting, I mean sometimes, but however, the process, the multi-stakeholderism that was introduced very much by IGF, it was copied everywhere nowadays in many forums. Then I believe this is really also a very good example to borrow from it and maybe to generalize it.

Chris Buckridge: Okay, thank you very much, Nibel. I think something that jumps out at me from that, and maybe others will want to comment on it. Taking up your final point there about there is this model that has been adopted and embraced by a lot of people, but also the point you made about the reporting back from the IGF to the regional areas. I think that relationship between the NRIs and the global IGF is something that is very important and is evolving. I mean, particularly that question of how do NRIs feed into the global IGF? Is that a sort of defined, distinct process? Or is that something that happens in a very organic way? Does that need to change as we go forward? I will throw to Carolina now, and I am sure we will have then more discussion after that. Carolina?

Carolina Aguerre: Yes, thank you, Chris. So, yes, I am taking your point and then we will address Tiago and Dana’s comments. So, concerning the function of regionalism in multistakeholder stakeholder governance or multilateral governance, I think that that avenue is very much alive. Again, I mean, for many of the national or local communities that are unable to speak or to have a voice or to a representation or even to sort of follow and understand global debates, the region is really there for them. It’s closer to them and there is this value from these different communities. And I’m not just talking about civil society, I’m definitely talking about governments, about SMEs, trade associations in smaller countries or in countries such as in Latin America and the Caribbean, which is, again, as was rightly pointed, I mean, there’s many sub-regions within such a vast cultural continent and with many subcultures and identities and languages as well. So going back to the question concerning the comment that Tiago raised about the role of the Brazilian IGF and CGI, that, again, raises the centrality of having mechanisms and institutions that can allow for this ongoing process, for this transparency and accountability about the discussions, about the outcomes and about how those processes feed into broader, more consistent national discussions, but also into the global IGFs or other relevant institutions. And you did mention, Chris, that you were interested about AI. And I have to say that in Latin America and the Caribbean, there has been a lot going in the. last two years concerning finding and building a regional institutional inter-ministerial platform to address what kind of AI governance the region is looking forward to and actually building on this regionalism is how they have addressed the Global Digital Compact’s search for comments in September. Finally, looking into Dana’s comment, thank you, I think that’s a super relevant question and also to think about is geography or regionalism the only way to address this issue of multi-stakeholderism and again let’s go back and be kindly critical towards the stakeholder discussion which sometimes it’s not just about being a different stakeholder but it’s sharing different points of views in the same space or venue, right? And what you were mentioning about like-minded countries in certain contexts or certain discussions, this brings in the idea that sometimes you may have countries that come from very different parts of the world, have different sizes and different capacities of stakeholder groups but they have a strong opinion about or a normative approach or consensus about how to move forward some of these debates and it is in this respect that this Brussels effect or this approach that the EU may have in some regions, it’s not because there is this, it’s because those values are in a way embraced by other jurisdictions as well so that’s a kind of like-mindedness I’m talking about but you can also find that for example in groups such as the D9, the advanced digital nations where governments from different parts of the world sort of embrace technologies to address government transformation for their citizens. And so this is again another way of reflecting how values, norms, ideas about certain issues make this kind of new networks or coalitions around certain topics.

Chris Buckridge: Thank you very much, Karolina. I want to again now maybe throw open to the floor. While you think about putting your hands up, which I encourage you to do both online and in the room here. I think one thing I’d be really interested in, I’m looking around the room here seeing some participants in technical processes and representatives of technical organizations. We started out this session, talking about how that regional approach was sort of embedded in the technical governance space. It would be really interesting to sort of hear in terms of those technical governance processes. Is that regionalism still central? Has that evolved? How has that developed over time? We have a speaker here in the middle of the room first. And then Anil, I see you as well.

Audience: Hello, sir. I’m Sardar Farmanullah from Pakistan. I’m a student of Defence and Strategic Studies at the University of Islamabad. Sir, what the youth can do in regional IGF? Some comments, sir? I’m sure I’ll throw it to our panelists, I’m sure, in terms of how youth can engage in regional groupings. I mean, I think coming back to the first one, there was that capacity building element is a really that educating and showing how they can have that voice is a really important aspect. Okay, Jamal. Thanks. Hi, good morning, everyone. My name is Ulka Atle. I work at the RIPE NCC, one of the five regional Internet registries, and a regional approach has been central to how the RIRs approach Internet governance right from the start. So at least from, I can tell you a little bit about how the RIPE NCC does things. For us, for the past few, for the past several years, we, while we have events that bring together the technical community and other stakeholders from across our region, which is very big, we also do smaller, more focused events. The Middle East Network Operators Group is reaching its 25th year next year. So that’s been a long running event that we have, which brings people together. But one of our more recent ones is the Central Asia Peering and Interconnection Forum, which is just in its third or fourth year. And this is particularly interesting because the Central Asian countries are landlocked. And you have to think about what makes a regional event happen, or success, and, you know, motive, means, and opportunity come to mind. Because when we carried out research on the Internet infrastructure in these countries, and we showed it to representatives there, they realized that cooperation and working together was the way forward for the digital economies that they hope to build. We heard from the minister, the deputy digital minister from Uzbekistan yesterday on the high level session, and he was talking about unlocking the potential of digital economies. But all of that is built on Internet infrastructure, which needs a lot more work. And this is really where we see the benefits of multi-stakeholderism. I also wanted to add that the RIPE NCC supports a lot of network operator groups. to be very technical and we also support a lot of Internet governance conversations, regional IGFs or like CDIG, EuroDIG, but we don’t always see these two groups coming together and that again is what makes the IGF so special. Thank you. Thanks very much, Ulka. Hi, Roman Danidio representing the the IETF here. I’m going to make a slightly different kind of statement, mostly as the IETF is the standards development organization for the Internet. Our approach on kind of regionalism is everyone comes to the IETF kind of as individual, we need everyone to come, come one, come all to provide that multi-stakeholder input, but the charm that makes the Internet work, the interconnectivity of thousands of networks around the Internet is that there is not a regional protocol. If we want an end-to-end Internet that interconnects everyone, it’s about a single collection of different kind of protocols agreed globally that makes the Internet actually kind of possible. So certainly kind of filtering up regional perspective is great, but ultimately that needs to come to one place if we’re going to have one Internet and the IETF develop such protocols, then we welcome everyone to come.

Chris Buckridge: Thanks, Roman. I think that captures, I was going to say, the tension between the global and the regional very nice. You’re not presenting as attention, which I think is important as well. I think it’s not necessarily attention, but it’s something to be balanced and understood as we go through. We had one more question in our planning with our speakers. Possibly we’ve answered it in many ways, but it’s, I think, a good opportunity for our speakers to go around again and maybe engage with some of the questions. It was, for which policy challenges are regional organizations better equipped to tackle than something at the global level like the UN or even the sort of global technical organizations? And we do have Marcus back. Thank you for coming back. we’ll put you on the spot again for that. I’m going to give you this. Oh, you have a microphone there. Thank you. Yes, seems to work. Yes. It is an excellent question. I mean, we refer to it,

Markus Kummer: I think, in our opening statement, each speaker in a different way. I think that is the commonality of the regions, same cultural values, and also different priorities. I think it was also mentioned by one speaker that different regions have different priorities. It became to me obvious when I first went to Africa, access was the number one priority. First, you want to have the internet, and then once you have the internet, there are different issues that come to the fore. If you come from a developing region where access is a major issue, then obviously, the focus will be on promoting access, sharing best practices on how to do that, and also sharing bad practices, what didn’t work. It was quite often that the incumbent telcos did not help with promoting access as they were defending their own priorities, what they owned, and their income. Just to get over that resistance by the incumbents, there was also the interconnection fees governments earned from the telcos. They were afraid of losing that. I do remember attending once a meeting in Africa where one minister said, no, they want to take that away from us. Overlooking the fact, yes, you may lose something, but you get benefits through the connection to the internet, which by far outweigh the interconnection fees. fees you had, but then quite often there were individuals who benefited from the interconnection fees. So that was built in resistance then to change. Yes, it’s nice if I have my car financed through that, why should I give that away? So there are many, many different ways. So just, I mentioned that as a negative example, but you have to overcome these obstacles in order to find good policy. And there, just one example, that was access. But so in different ways, I think regions can also learn. I mean, it’s one of the issues, I think everybody agrees that you have to take care of vulnerable children on the internet. Everybody who is a parent or a grandparent is aware of that, that there is content that is clearly not suitable for young people. Now, how to do that is a different issue. And there again, I mentioned in a previous intervention that governments like to shoot from the hip. So blocking is a quick reaction, a quick solution. And there we, I mean, I say we collectively now, we will go to the IGF and learn from each other. We know that blocking is not a good solution. So we have to talk and say, you know, what are the good solutions? And it’s, maybe it’s like parenting, you know, as a parent, you learn how to prepare your children for the bad world out there. You tell them not to take sweets from strangers and so on and so on. And the same is obviously questioned when you go to the internet. I mean, it’s parents, it’s their first and foremost responsibility to make sure that their children are in a safe space when they go online. Yes, it may be difficult. And not all parents are digital natives. The children are, they quite often, by far. smarter than the parents, they outwit their parents. But again, it’s a question of trust. Parents need to also have trust with their children. But simple word, it’s parenting. And governments cannot take over from the responsibility of parents. And, and, and, and. So they are, because of the cultural affinities, it is easier maybe to share good practices. In the Arabic region, so you are much better suited to find solutions within your own regions. And I’m not talking on hard law solutions, but on soft law solutions, on good practices, on what to do and what not to do. That’s my short comments on this issue.

Chris Buckridge: Thank you very much, Marcus. I know we’re having a little choppy sound online, but hopefully it’s going to come back and be better than ever. And I am also planning to throw it at Jenna, but Jenna, can you, are you hearing and you’re okay? Yes. No. And, and I mean, obviously I gave a very brief answer to the question of youth in these before, but you’re certainly much more expert in this. So yeah, very happy to hear your views. Yeah.

Jenna Manhau Fung: And it’s kind of weird to be called an expert in the youth thing, but thank you. The audio works fine now, but in, I realized maybe Marcus’ voice got cut out for like five seconds. I kind of missed it. But to approach and to respond to your last question about for which policy challenges regional organization better equipped to tackle them? I think since I also wanted to respond to that question related to how you’ve engaged, I would say that, like in my opinion, any kinds of policy challenge, especially for example, in Asia Pacific, I think it’s better to kind of approach it that way too, as usually young people, they are relatively having less experience as in how to practice into making policies and all that, comparing to people who might not be a digital natives, but having more experience in different institution into making policy changes. So that’s why in that context, I think for young people especially, trying to find a spot in the regional space to make a change is the first start, as many speakers already mentioned, how we get together to hear different people perspective. I think that’s important and it gives you inspirations on what kind of change you wanna bring, want to make and what kind of insights you wanna bring back to your own countries. Cause I mean, we can’t just like, we chat here, come up with some sort of ideal solution or best practice. And then the world doesn’t just work it that way because those solutions just do not naturally become law right away by the end of the discussion, right? You have to bring it back to your own country and to make the real change that will impact people back in your community who can’t afford to be in this room, talking about this issues. And those are the people who are also being impacted by all the things that we discuss all the time within our community. And so I think at least that’s the thing. I think I value so much. And perhaps some of the young people also share a similar sentiment, if not the same. So I think everyone will have a different path, but try to find your way on what kind of changes you want to make, whether you just want to mostly spending more time advocating, amplifying your voices of your respective community, whether geographically or value-based community. I think that’s very important. And so I think that’s a good starting point. And since I am mostly favoring this regional approach, and I think as different regions getting stronger in some sense, whether they’re being bond, bond, bond through certain topics, values, or purely geographically, I think that’s already making things slightly. I don’t know if that will be easier, but what I understand right now is that the issues we are facing, it’s getting more complex. And then perhaps sometimes this cross-regional approach could be one of the ways that could help us to start a conversation, especially on some sort of topics that may need to be discussed and approached at global level, as I think we mentioned about AI. But for example, their actual, like for example, climate change, it could be disastrous and it affect everyone. And then not directly related to what we’ve been discussing here, but there’s things that kind of menacing to people’s actual life these days where you need that kind of global conversation. But I think there are regional. platform where you can talk about the interests of those people more. And so, um, that’s why I think, I think any kinds of policy, uh, it’s better taking approach and started regionally and then as young people, for example, find their own path, whether you bring it globally or back to your own community. I think that’s like the important first step where we actually try to make change.

Chris Buckridge: Okay. Thank you very much, Jenna, um, Nibal, please. And then I’ll Carolina, and then we’ll have a closing comment.

Nibal Idlebi: Okay. To answer your question about what the regional organization are more suitable to do as, uh, as versus international, uh, for, um, let me say that because we are regional organization and we are working, we are related to the UN of course, but we are also working at regional level. I believe, uh, regional, uh, institute or regional organization are more suitable in general to make policy and to propose how to make policy and the strategy for specific area, like for example, uh, information society, knowledge society, research and development and so on. Um, um, but I mean, this is, I believe based on our experience. I want to tell you a story. I, when I started working with Esquire, I was, uh, dedicated as task to make a guidelines for information society for the Arab region, and I tried to copy what is the, uh, EU is doing in this regard. However, I was, it was useless for me, the experience of EU for one example, because the governance process in the Arab region, it is, I mean, I learned a lot from EU, uh, really, I mean, I learned a lot from the EU experience. However, because the governance process of the information society or the ICT sector in the Arab region is completely different, it is more oriented towards government who is. leading, not the private sector who is leading, then the scope was completely changed. I mean, then I was obliged to completely change the scope of the work because I mean, the governance process in the Arab region is completely different. It is guided by the government while it is guided by private sector in the area. And this make a change because the government in these cases in Europe, they are facilitator, they are enabler, they are not the one who do things. Then they are the facilitator, they make the regulation, enabling environment, whatever. However, in the Arab countries, it was everything controlled by the government. Then they have to do everything. Then the formulation of the strategy and the policy and the guidelines that we developed, it was completely different scope. However, we learned a lot from EU. We learned also a lot from the EU, for example, in rule and regulation. I believe and here the regional organization can do a lot also in regulation and legislation, legislative process. And because also the similarity in the governance process and in the administrative process at the regional level might be different from other region. And this is this administrative and how they deal with things and the cultural issue. Here it comes into the scope that the cultural issue also different at regional level. Then I believe the regional organization are more suitable to propose a regional dimension of legal and regulatory framework. I want to add one another, if you allow me. Yeah, rapidly. I believe the regional organization has a lot of role for answering to support state or member countries in the region to respond to the global agenda. For example, sustainable development goals, for example, a global digital compact nowadays. And you counted, there is a lot of global agenda and I believe the regional organization can support member state, their member state, whatever. it is much more than international one because of the similarity among countries. Thank you.

Chris Buckridge: Thank you very much, Nibal. Apologies for rushing you at the end. Carolina, please, some closing thoughts from you.

Carolina Aguerre: Yes, so just to complement what has already been mentioned by the other speakers, I mean, and the word services emerged a lot of times. I mean, if we make a word count of how many times the value of regional organizations that may contribute to this idea of service, I think this is crucial. So it’s service, it’s delivery, it’s being closer to the citizens which are being affected by these kind of policies. And so you really need to sort of be like the on the ground delivery of these global policies or general principles that then need to sort of get to the ground. And I also want to add another point, which is the essential for the information and digital society, which is that of infrastructure. And I do think that regional organizations are key institutions and processes that enable the thought process and the development of digital infrastructure. And this is something that we’ve seen already in the past with internet related technologies from ISPs, IXPs, undersea cables, that kind of connectivity, but it’s also the kind of discussions that we are beginning to see emerging more and more in Latin America and in the Caribbean concerning the infrastructure that is needed to develop AI capacity. Thank you.

Chris Buckridge: Thank you very much, Karolina. We’ve got just a little bit of time left, but I wanted to… And this workshop has been put together and driven by Nadia Chaha and Shahan Jamal Shaheen. And I want to give Nadia a chance and then Jamal to finish us off there. So Nadia, please.

Nadia Tjahja: Thank you very much. And thank you very much to the speakers and also the people in the room for your comments and your interventions. And I highly encourage you, if you haven’t seen, we’re taking notes online and you could still put in feedback and comments. We really want to start using this to build our conversation on. And what I would like to take a very brief moment on is to answer the question on how youth can participate in regional processes. And what I think is important is to take this opportunity while you’re here at the IGF to meet up with some of the NRIs. So there are NRI sessions where you can go to, where you can actually meet the people who are organizing events that are happening in your spaces. So for example, for Europe, there is the European Dialogue on Internet Governance or EURODIG. They have a stand. And also, if you go to these NRI sessions and you see these people on the stage, please don’t hesitate to actually walk up to them and say, hey, I live and work in your region. Can you please advise me? But if you are not able to find people on site, you can also find it on the IGF website for the NRIs. And also Jenna is one of the coordinators who facilitates youth participation in the NRI spaces. But if you don’t have a regional event or a regional space where you could go to, there is a dynamic coalition called the Youth Coalition on Internet Governance, and they have a regional representative space on the UN regions. So you are able to reach out to that representative and they can help you and support you with setting up your own events or connect you to other people in your region. your space who are working on particular youth issues or just wanting to connect to other young people. So it is not a space where you have to feel alone. And there are opportunities out there, especially for those. There are summer schools, winter schools and other youth events that are being organized. So the way to get involved is start joining the Youth Coalition Incident Governance mailing list, going to the NRI sessions, and also join the youth newsletter that is on the IGF. I hope that is very helpful. And I would then give the floor back to the moderator. Thank you, Chris.

Chris Buckridge: Thank you, Nadia. And Jamal, going to you for last word here.

Jamal Shahin: Yeah, thanks. Chris, thanks very much to our panelists as well. Everybody. It’s been a great discussion. And thanks to everybody here. I have a lot of things to say, but there’s a lady at the back who wants me to finish. So I will go through just a few points. A few points as a reflection on what we heard, and how this fits into an ongoing research program that we’re carrying out at the UNU in Bruges, the United University for Comparative Regional Integration Studies. So we’re looking at this idea of regionalism. This is the thing that’s causing the problem. Okay, there we go. So, okay, we’re looking into how regions can be useful. also in the IGF sphere. I think, Mark, no, it doesn’t help. In project, Nadia has been in, Nadia has been, it’s working. Okay. Nadia has been involved in a project that we’ve been doing, comparing trade to internet governance. Be really interesting. We found that there’s quite a lot of differences that make this very difficult to compare these two. So I’d love to go into more on that. I think also this idea of the global needs of the technical community of the internet, in fact, and the regional needs of the actors to actually build up a common position is actually quite challenging. We need to think more about how those pathways from the regional to the global actually play out in something like the IGF. I think also we need to think that regions are only one of the complex set of actors in the mosaic. We have non-geographically contiguous actors as well. I think, Carolina, you mentioned them as other geopolitical actors, like the G7, the OECD, and so on. I think, Dana, you also alluded to this in your question. I think those are very important relations to think about as well. How does the region fit into the non-regional responses here as well? I think these are questions that we’ll carry on talking about as we go into the implementation of the GDC, as we go on to thinking about how the IGF will work and what role different actors like regional actors will play in the IGF in the future. So it’s been a great way to actually have this discussion with people, open up this way of thinking on our part, and also get some insights into this. The document that we’re doing will hopefully turn into… something a bit much more. So we’re looking forward to that. Thanks very much, Chris.

Chris Buckridge: Thank you very much, Jamal. And thank you, Jamal and Nadia for organizing this session. Thank you to our speakers. We’ve got Marcus, Nibal, Carolina and Jenna. Thank you all for being here and for your active participation in the discussion. We’ll bring this to a close. Have a good day.

Agreement Points

Importance of regional approach in internet governance

Chris Buckridge

Markus Kummer

Jenna Manhau Fung

Nibal Idlebi

Carolina Aguerre

Regional approach addresses logistical issues like time zones, languages, and cultural differences

Regional forums provide platform for amplifying voices, especially for youth

Regionalism allows for capacity building and bringing people into understanding of internet governance

Regional approach enables thought process and development of digital infrastructure

All speakers agreed on the significance of regional approaches in addressing specific needs, facilitating participation, and developing infrastructure in internet governance.

Relationship between regional and global internet governance

Chris Buckridge

Markus Kummer

Nibal Idlebi

Regional forums help strengthen voices in global discussions

Regional internet registries complement global ICANN governance

Regional organizations can support member states in responding to global agendas

Speakers emphasized the complementary nature of regional and global internet governance, with regional initiatives strengthening local voices and supporting global agendas.

Similar Viewpoints

Both speakers noted an evolution in regional approaches to address emerging technological challenges and a renewed interest in regional forums.

Jenna Manhau Fung

Carolina Aguerre

Regional approach evolving to address new issues like AI governance

There is renewed interest in regional forums in Latin America and Caribbean

Both speakers highlighted the potential for regional solutions to influence broader policy-making, either by becoming global standards or by better addressing local needs.

Markus Kummer

Nibal Idlebi

Regional solutions like EU’s GDPR can become global standards

Regional organizations better equipped to propose policies suited to local governance processes

Unexpected Consensus

Importance of non-geographical regional groupings

Carolina Aguerre

Jamal Shahin

There is renewed interest in regional forums in Latin America and Caribbean

Need to consider non-geographically contiguous actors and coalitions

While most discussions focused on geographical regions, both Aguerre and Shahin pointed out the importance of considering non-geographical groupings in internet governance, which was an unexpected area of consensus.

Overall Assessment

Summary

The main areas of agreement included the importance of regional approaches in internet governance, the complementary relationship between regional and global governance, and the evolution of regional initiatives to address emerging challenges.

Consensus level

There was a high level of consensus among the speakers on the value and relevance of regionalism in internet governance. This strong agreement implies that regional approaches are likely to continue playing a crucial role in shaping internet governance policies and practices, potentially leading to more tailored solutions for specific regions while contributing to global governance frameworks.

Different Viewpoints

Role of regional organizations in policy-making

Markus Kummer

Nibal Idlebi

Regional solutions like EU’s GDPR can become global standards

Regional organizations better equipped to propose policies suited to local governance processes

While Kummer emphasizes the potential for regional solutions to become global standards, Idlebi focuses on the ability of regional organizations to tailor policies to local contexts.

Unexpected Differences

Overall Assessment

summary

The main areas of disagreement were subtle and centered around the specific roles and capabilities of regional organizations in internet governance.

difference_level

The level of disagreement among the speakers was relatively low. Most speakers generally agreed on the importance and relevance of regionalism in internet governance, with differences mainly in emphasis and specific applications. This low level of disagreement suggests a broad consensus on the value of regional approaches, which could facilitate more coordinated efforts in developing regional internet governance strategies.

Partial Agreements

Both speakers agree on the importance of regional approaches in addressing emerging technological challenges, but they focus on different aspects: Fung emphasizes policy development for AI, while Aguerre highlights infrastructure development.

Jenna Manhau Fung

Carolina Aguerre

Regional approach evolving to address new issues like AI governance

Regional approach enables thought process and development of digital infrastructure

Similar Viewpoints

Both speakers noted an evolution in regional approaches to address emerging technological challenges and a renewed interest in regional forums.

Jenna Manhau Fung

Carolina Aguerre

Regional approach evolving to address new issues like AI governance

There is renewed interest in regional forums in Latin America and Caribbean

Both speakers highlighted the potential for regional solutions to influence broader policy-making, either by becoming global standards or by better addressing local needs.

Markus Kummer

Nibal Idlebi

Regional solutions like EU’s GDPR can become global standards

Regional organizations better equipped to propose policies suited to local governance processes

Key Takeaways

Regional approaches are important for addressing logistical issues, cultural differences, and capacity building in internet governance

Regional forums provide platforms for amplifying voices, especially for youth and developing countries

Regional organizations are well-positioned to propose policies suited to local governance processes

There needs to be a balance between regional perspectives and global protocols for an interconnected internet

National and regional internet governance initiatives (NRIs) are a significant outcome of the IGF process

Regional approaches are evolving to address new issues like AI governance

Resolutions and Action Items

Encourage youth to connect with NRIs and regional representatives to get involved in internet governance

Consider how to improve reporting and information sharing between regional and global IGF processes

Unresolved Issues

How to effectively balance regional needs with global technical requirements of the internet

How non-geographically contiguous actors and coalitions fit into the regional approach to internet governance

How to improve pathways from regional to global internet governance processes

Suggested Compromises

Use regional forums to develop common positions that can then feed into global discussions

Adopt a multi-layered approach that includes regional, sub-regional and like-minded country groupings in addition to traditional geographic regions

We have one global solution to, uh, security, but that’s also highly controversial right now. And it shows it’s not easy to find global solutions with that.

speaker

Marcus Kummer

reason

This comment highlights the tension between global and regional approaches to internet governance, particularly around security issues. It introduces complexity by acknowledging that even when global solutions exist, they may be controversial.

impact

This set the stage for further discussion on the merits and challenges of regional versus global approaches throughout the conversation.

As you might know, Asia Pacific is really huge. There are many languages and there are different cultures as well. Even there are times when we talk about the topics that we approach there would be very different from Europe, I would imagine.

speaker

Jenna Manhau Fung

reason

This comment provides concrete examples of why regional approaches can be valuable, highlighting the diversity within regions that global approaches may not adequately address.

impact

It shifted the conversation to consider more nuanced views of regionalism, acknowledging intra-regional diversity as well as inter-regional differences.

Based on our experience, I believe the regional dimension is very important. As Marcus was saying, we are sharing the same challenges in the region. We are aware of the dynamism of the countries in the region. We know very well the stakeholders.

speaker

Nibal Idlebi

reason

This comment reinforces the value of regional approaches by emphasizing shared challenges and stakeholder knowledge within regions.

impact

It deepened the discussion on the practical benefits of regionalism in internet governance.

Lately, I would say that in my region, regionalism has tended to become more interesting for actors, and I’m not exactly sure why, but I think that this, a lot of the geopolitical turn concerning the governance of the internet, but also the governance of AI, really leaves much less space to think about the development of these infrastructures and the platforms that citizens want to engage with and the actual local power dimensions that need to be addressed.

speaker

Carolina Aguerre

reason

This comment introduces a new perspective on why regionalism may be gaining importance, linking it to geopolitical shifts and emerging technologies like AI.

impact

It broadened the scope of the discussion to consider how global geopolitical trends are influencing regional internet governance approaches.

Is there a role for middle powers to start to become their own region, such as Canada, Australia, New Zealand have been moving together joined statements in the space of the GDC and WSIS plus 20. But do we need to start seeing like regions emerge across like similar economic frameworks, similar political policies that might not be geographically the same, but have different socioeconomic factors to make a region such as including, for example, like the Nordic countries within them.

speaker

Dana Kramer (audience member)

reason

This question challenges traditional notions of regionalism based solely on geography, proposing a new conceptualization based on shared economic and political frameworks.

impact

It sparked discussion on evolving definitions of regionalism and how non-geographic factors might influence regional groupings in internet governance.

Overall Assessment

These key comments shaped the discussion by progressively expanding and nuancing the concept of regionalism in internet governance. The conversation moved from acknowledging basic regional differences to exploring intra-regional diversity, practical benefits of regional approaches, geopolitical influences, and even reconceptualizing what constitutes a ‘region’. This evolution allowed for a rich, multifaceted examination of regionalism’s role in internet governance, considering both its current state and potential future developments.

How can regional, national, and global IGFs better share experiences and best practices?

speaker

Tiago

explanation

This would help improve knowledge sharing and collaboration between different levels of IGFs

How can middle powers like Canada, Australia, and New Zealand form their own ‘region’ based on shared values rather than geography?

speaker

Dana Kramer

explanation

This explores alternative ways of conceptualizing regions beyond traditional geographic boundaries

How might different communities become new ‘digital empires’ in internet governance over the next 10 years?

speaker

Dana Kramer

explanation

This looks at potential future shifts in power dynamics in global internet governance

What role can youth play in regional IGFs?

speaker

Sardar Farmanullah

explanation

This explores how to better engage and empower youth in regional internet governance processes

How can the relationship and information flow between NRIs and the global IGF be improved?

speaker

Chris Buckridge

explanation

This examines how to strengthen connections between regional and global internet governance forums