UNHRC_Eric Bridiers|

To keep us safe, global cybersecurity norms must be human-centered and protect rights

Header image: Eric Bridiers, licensed under Creative Commons BY-ND 2.0

Today, the United Nations Open Ended Working Group (OEWG) on global cybersecurity began its intersessional meeting. Unlike the OEWG meeting in September, this meeting is wide open to civil society, companies, and other non-government stakeholders. Access Now and our partners welcome this openness and we are actively engaging in this week’s series of meetings in New York. As part of that participation, we sent delegates our new Discussion Paper on International Cybersecurity Norms.

The OEWG, known more formally as the U.N. Open Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, was established in 2018 to supplement the work of the U.N. Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE). The current GGE, building on the work of two previous GGEs, comprises 25 selected member states; the OEWG, meanwhile, is open to all interested states. 

In the opening OEWG session today, Raman Jit Singh Chima, our Senior International Counsel and Asia Pacific Policy Director, intervened to deliver remarks on the working group’s approach to cyber threats. We stressed the importance of learning from the digital security training and incident response that civil society and global security research communities undertake, and involving these experts more deeply in OEWG and related global cybersecurity discussions. We also stressed the need to defend the internationally protected rights to free expression and access to information while combating cyber threats, asserting that states must recognize the threat posed by the increased use of malware and exploitation of vulnerabilities to facilitate the surveillance of individuals and networks globally. This is a threat not just to the safety of human rights defenders, but also the ability of everyone to use the internet securely. In addition, we raised the issue of the alarming global epidemic of internet shutdowns, tracked by members of the #KeepItOn campaign and others, which jeopardizes cybersecurity as well as endangering lives, hurting free expression, and damaging the economy.

Access Now believes that approaches to cybersecurity policy should be user-centric, systemic, and anchored in open and pluralistic processes. Flowing from this, we see the U.N. processes on global cybersecurity as important for establishing these norms, which is why we prepared a discussion paper for state delegates and other stakeholders. In the paper, we recommend OEWG participants prioritize work in the following key areas, along with other recommendations:

  1. Defining the objective of international cybersecurity norms
  2. Developing norms that address all objectives equally
  3. Building a secure cyberspace with humans in mind
  4. Ensuring OEWG discussions engage with the bottom-up, internationally distributed nature of cybersecurity

Additionally, we encourage government representatives to the OEWG to address inter alia the following questions:

  1. What does the promotion of a safe and secure ICT environment mean? Should this objective include the international security among states, the national security interest of states, or the security and integrity of the ICT systems themselves? Where do the human rights of users and interests of at-risk communities fall?
  2. What objective shall be achieved by the agreed norms? Where is it possible to identify gaps? Which objectives are not sufficiently addressed by the existing voluntary, non-binding norms?
  3. How will these norms be implemented to adequately prevent and mitigate harms to individuals and societies? What measures might accompany these norms to facilitate action? 

We will continue to engage in the OEWG discussions that follow today’s opening session, participating in subsequent meetings and working to drive actions to help ensure a safe, secure, and rights-respecting ICT environment for all. You can follow the conversation throughout the week using the #OEWG hashtag.

Our discussion paper was prepared by Nele Achten, with input by Raman Jit Singh Chima and Peter Micek.