IGF 2018 WS #379 Addressing Abuse with Cybernorms: Between Failure and Succes

Format: 

Round Table - 90 Min

Organizer 1: Jacqueline Eggenschwiler, University of Oxford
Organizer 2: Louise Marie Hurel, Naval War College
Organizer 3: LB Weissinger, University of Oxford

Speaker 1: Jacqueline Eggenschwiler, Civil Society, Western European and Others Group (WEOG)
Speaker 2: Louise Marie Hurel, Civil Society, Latin American and Caribbean Group (GRULAC)
Speaker 3: LB Weissinger, Civil Society, Western European and Others Group (WEOG)
Speaker 4: Sheetal Kumar, Civil Society, Western European and Others Group (WEOG)
Speaker 5: Maarten Van Horenbeeck, Technical Community, Western European and Others Group (WEOG)
Speaker 6: Cristine Hoepers, Technical Community, Latin American and Caribbean Group (GRULAC)

Relevance: 

The session, named 'Addressing Abuse with Cybernorms: Between Failure and Success' aims to answer questions such as: “What norms and regulatory instruments exist, and (how) do they work?”; “Which norms matter?”; and “How can different stakeholders effectively design functioning norms?”

The proposed session does not builds on any specific previous discussion but is focused in Cybersecurity.

Session Content: 

In 2017, cybercrime and abuse have continued to be considerable issues, affecting millions of people and organisations worldwide. In addition to vast amounts of insecure products being crunched out by corporations with questionable security doctrines, the world has recently witnessed a strong wave of political hacking, election meddling, and propaganda. Although of broader concern, cybersecurity incidents seem to have a disproportionate effect on those with little resources and ability to protect themselves (e.g. small businesses and individuals in developing countries). Adequate mechanisms of protection are therefore of utmost importance.

However, despite the seeming urgency to address issues of abuse, agreement on appropriate standards of behaviour for state and non-state actors in cyberspace seems hard to come by. Indeed, international cybernorm development processes have encountered a fairly steep setback in the month of June 2017, when the UN Group of Governmental Experts, one of the prime norm setting bodies, failed to agree on a consensus report. Malicious activities require concerted efforts and streamlined response strategies, but priorities and norms across different stakeholder groups vary dramatically. To be more effective and security-enhancing, cybernorm development processes need critical reflection and discussion. As part of the session proposed, we hope answer questions such as: “What norms and regulatory Instruments exist, and (how) do they work?”; “Which norms matter?”; and “How can different stakeholders effectively design functioning norms?”

Therefore, the proposed session aims to address the following questions:

1) What types of abuse exist, how can we address them?
2) What norms and regulation instruments exist? Empirically, is there evidence of working security-enhancing or -sustaining norms?
3) How can we think about human-centric rights-based approaches to mitigating abuse?
4) Whose norms matter in which context or cases, and which actors should be engaged in norm setting processes?
5) How could we design effective norms together? How can norm development processes bring about adequate levels of security, and how can civil society support this?

And by so doing, we hope to engage different community representatives in the discussion on cybernorm development processes, find multistakeholder-informed answers to the questions highlighted above, and enlighten avenues for further progress.

Interventions: 

The discussion will be divided into two blocks - (i) rights and abuse: types of/fighting and (ii) norms adequacy to the proposed context - in which participants will engage in a discussion addressing the following questions:

(i) Rights violation and abuse (types of/fighting):
What types of abuse exist, how can we address them?
What norms and regulation instruments exist? Empirically, is there evidence of effective/ best practices security-enhancing or -sustaining norms?
Question about rights violation (maybe focusing on data breaches, harassment, infrastructure, anonimity…)

(ii) Norms adequacy to the proposed context:
Whose norms matter in which context or cases, and which actors should be engaged in norm setting processes?
How could we design effective norms together? How can norm development processes bring about adequate levels of security, and how can civil society support this?

Diversity: 

Input and participation from a diverse group of stakeholders is key to further enhancing and meaningfully supporting cybernorm development processes. To this end, we have confirmed participation of four stakeholder
representatives, and at least twelve participants from different communities all over the world, should the session be accepted. The four stakeholder representatives are diverse in region, profession, gender, and background and has also considered the importance of giving the floor to new voices in the sector.

Online Participation: 

During the workshop, the remote moderator will enlist questions, comments from the online audience throughout the session and online participants should have priority on participation. A collaborative document will gather
these records of comments and questions during, and after the workshop, and will be integrated into the report. A variety of media can also serve as background material for this debate, based on previous workshops done at IGF.

Discussion Facilitation: 

This session offers its participants an opportunity to learn about and engage in discussions about cybernorm development processes.
Participants will be confronted with critical questions and are urged to think about possible solutions. By introducing the key actors, fora, and subjects linked to international cybernorm development processes, this session will also allow for deeper collaboration across different communities and will help address diverging understandings of cybernorms.

Specifically, the session wants to:
- Encourage the integration of different actor perspectives on cybernorm development processes, i.e. private sector, public sector, academia, civil society (multistakeholder)
- Promote a better understanding of the different levels and models of norms available, from technical standards (self-regulated) to legal codes (state intervention)
- Raise the visibility of and concerns about cybernorm development processes, and offer stepping stones towards potential solutions

An outcome document in the form of a best-practice report is hoped to instruct future norm development processes, and raise awareness of the underlying issues at play.

The workshop will be centered on a roundtable format and the moderator will introduce the speakers and they will set the scene sharing their stories and experiences. After the initial exposition from each Stakeholder/speaker the onsite moderator will open the floor for the onsite and online audience in
order to promote a more intimate and informal conversation. The roundtable format will enable attendees to exchange their views about the issues.The remote moderator will have a key role for online participants, giving them the chance to interact with the both the audience and speakers and express
their opinions about the topic. The moderator will be in charge to express the online participants’ ideas to the attendees.

Onsite Moderator: 

Bruna Santos

Online Moderator: 

Luísa Lobato

Rapporteur: 

Bruna Santos and Luísa Lobato

Contact Information

United Nations
Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage
Palais des Nations,
CH-1211 Geneva 10
Switzerland

igf [at] un [dot] org
+41 (0) 229 173 678