The UN GGE concluded its work with this Report. Cybersecurity process will shift to the UN OEWG.
UN GGE/OEWG
Report of the First UN OEWG on Cybersecurity
- Reaffirmation of the results of the previous reports of the Group of Governmental Experts (GGE), as well as that international law, and in particular the Charter of the UN, is applicable to cyberspace
- Norms do not replace or alter states’ obligations or rights under international law – which are binding – but rather provide additional and specific guidance on what constitutes responsible state behaviour in the use of ICTs
- Recommendation that states voluntarily identify and consider CBMs
- Recommends that appropriate to their specific contexts, and cooperate with other states on their implementation
- Comprehensive capacity building measures in the field of ICT security
Establishment of the Second UN Open-Ended Working Group (OEWG) on Cybersecurity
Consult UN GA Resolution on Establishment of the Second OEWG that includes:
- The renewal of the OEWG for a period of five years – 2021 to 2025, with the same mandate
- The organisational session of the new OEWG be held in 2021 and includes the establishment of thematic subgroups, allowing interaction with other stakeholders.
- The group is to provide an annual progress report and a final report to the 80th UNGA, starting in autumn 2025.
Establishment of the UN Open-Ended Working Group (OEWG) on Cybersecurity
UN GA on OEWG resolution includes:
- Setting up the OEWG
- Welcoming a chosen set of norms enshrined in the GGE Reports of 2013 and 2015
2015 UN GGE Report: Introduction of 11 Principles on Cybersecurity
The report of the UN Group of Governmental Experts (UN GGE) 2015 encompasses principles of State sovereignty, the settlement of disputes by peaceful means, and non-intervention in the internal affairs of other states, applies to cyberspace; recognition that states must comply with their obligations under international law to respect and protect human rights and fundamental freedoms, the agreement that UN should play a leading role in developing common understandings on the application of international law and norms, rules and principles for responsible State behaviour, other norms, rules, and principles on the responsible behaviour of states, confidence-building measures (CBMs), and an invitation for international cooperation and assistance in ICT security and capacity building.
The report was later adopted by the UN General Assembly Resolution A/RES/70/174.
2013 UN GGE report recognises that international law applies to digital space
Report of the UN GGE 2012/2013 (later adopted by the UN General Assembly Resolution A/RES/68/243), which includes:
- Recognition that international law, and in particular the UN Charter, applies to digital space
- Norms, rules, and principles on the responsible behaviour of States
- Reference that state sovereignty applies to the digital field
- The principle that states must meet their international obligations regarding internationally wrongful acts in cyberspace attributable to them
2010 UN Governmental Group of Experts (GGE) Report on Cybersecurity
Report of the UN GGE 2009/2010, which includes recommendations for:
- Further dialogue among States to reduce the risk and protect critical national and international infrastructure
- Confidence-building, stability and risk reduction measures
- Information exchanges on national legislation and strategies, and capacity-building measures
- The elaboration of common terms and definitions related to information security
- Capacity-building in less developed countries
UN starts addressing cybersecurity issues
A proposal to address cybersecurity at the United Nations was made by Russia on 30th September 1998. It was formally adopted by the UNGA Resolution A/RES/53/70 on 4th January 1999.