Global Commission on Stability of Cyberspace has published its full report – a result of its three years of work. The report outlines seven elements of a Cyberstability Framework: multistakeholder engagement; cyberstability principles; the development and implementation of voluntary norms; adherence to international law; confidence building measures; capacity building; and the open promulgation and widespread use of technical standards that ensure cyberspace is resilient. GCSC has particularly focused on three of those - multistakeholder engagement, principles, and norms.
Four principles were outlined: 1) Responsibility: Everyone is responsible for ensuring the stability of cyberspace; 2) Restraint: No state or non-state actor should take actions that impair the stability of cyberspace; 3) Requirement to Act: State or non-state actors should take reasonable and appropriate steps to ensure the stability of cyberspace; 4) Respect for Human Rights: Efforts to ensure the stability of cyberspace must respect human rights and the rule of law. GCSC has proposed 8 new norms, related to not attacking the public core of the Internet, or electoral infrastructure, tampering with products or services, using general ICT resources as botnets or similar, promoting disclosure of vulnerabilities, prioritising products security, enhancing cyber hygiene, and preventing the engagement of non-state actors in cyber-operations.
Finally, the report recommends adopting the norms, responding to violation of norms, building capacities and promote understanding, collecting and sharing information on norms violation, establishing Communities of Interest, and a standing multistakeholder engagement mechanism to address stability.