IGF 2020 – Day 10 – WS341 Multistakeholder Voices and the UN Cyber Dialogues

The following are the outputs of the real-time captioning taken during the virtual Fifteenth Annual Meeting of the Internet Governance Forum (IGF), from 2 to 17 November 2020. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 




>> RAJ BURLI:  Okay.  If everyone is ready, shall we get cracking?

Sweet.  Hello to everyone from wherever in the world and whatever time you're tuning in from.  Thank you so much for being here for our panel discussion on Multistakeholder Voices and the UN Cyber dialogues.  My name is Raj Burli the Global Ambassador for Digital Peace Now Society, and it's an honor to be your moderator today.  We have an incredible panel of subject matter experts here to talk about our discussion.  I'd like to start with Fabrizio Hochschild.  We have Isaac, we have Chris Painter, President of Global Forum, and Raman Chima Asia Policy Director for Access Now and Kaja Ciglic from Microsoft.

Now, before we dive into to what I know will be an enthralling discussion.  A quick run of show.  Our total event time will be 90 minutes.  Roughly split into two portions, one of 45‑minute segment dedicated to moderated panel discussion and then the second roughly 45 minutes being delegated to open questions from those in attendance.

I highly encourage you to ask any questions that you may have.  It's a fantastic opportunity to hear from our experts and they have an incredible insight into the topics that we'll be discussing.

Down below you'll see a chat function and a Q&A feature.  The chat function is definitely a more social element, so if you want to tell me how good of a job I'm doing, that's where you pop that in.  If you have a serious question or a question for one of our panelists, please do pop it into the Q&A function.  I do ask that if you are going to ask us a question, please place the question at the top and then follow it with your name and the organization that you're here with.

So, without further ado, I'd like to hand it over to Fabrizio for some opening remarks.

   >> FABRIZIO HOCHSCHILD:  Thank you, Raj.  It's a great pleasure to be with all of you.  I wish everybody well, particularly on Friday the 13th, but perhaps it's fitting to have this discussion on this day.  The technology has brought us together but also given birth to new disputes, new borders, new barriers and a whole new domain, Cyberspace for violence and conflict together with health security and climate security, cybersecurity concerns have escalated into one of the central security policy issues of our time with very serious repercussions for the stability of our economies, our politics, and of our social structures.

Most of the efforts at the United Nations are focused on achieving the 2030 Agenda but several of the digital threats we face, the safety of our online systems, networks, hospitals, et cetera, can undermine the SDG's focused on improving social structures using technology.

The transnational and cross‑cutting impacts of digital technologies and cyber threats require new approaches that go beyond silos.  We cannot think of cyber solely in the context of armed conflict between states.  We have to think of it also in areas of sustainable development and economic prosperity.  We must consider cyber a whole of society issue and an issue for each one of us.

Technology cooperation across borders and promotion of technology access across regions of the world will rely on building mechanisms to enhance trust that digital technology is inherently safe and not compromised by cyber risks.  And, additionally, achieving universal connectivity, a paramount necessity for the 2030 Agenda also requires improving universal trust and resulting cooperation in technologies in an ever more digitized world.

This task comes before us as a time when geopolitical gridlock is again at a high and where political battles between superpowers also often play out in the digital arena.  Thus, the questions I think confronting us are basically three.  How do we deal with cyber in a more holistic manner and consider the linkage to the Sustainable Development Goals?  How do we ensure that digital technologies and Internet access for the unconnected 3.6 billion people who are by definition the most excluded and marginalized, how do we ensure those connections are safe and secure?  And how will stare the path forward in this unprecedented age precisely against a political backdrop of large divisions.

   >> RAJ BURLI:  Thank you, Fabrizio.  Just diving in, to those who have been involved in the current round of cyber dialogues at UN, GGE and OEWG, what has this process been like thus far from your perspective, and what do you think are the likely outcomes, and Isaac, I'll start with you.

   >> GERARDO TENORIO:  Thank you very much, Raj.  Actually, many thanks for your question.  Very encouraged to put on the table many things, and let me express my gratitude to organizers for convening this timely and necessary discussion.

It's important to me to say that both the current open‑ended working group and the GD have represented at this stage some elements of success, and just to share very briefly, the first of these elements of success from my point of view is to keep the multilateral fora, and UN in particular as the main platform to discussing and advancing commitments in this regard.

Other elements of success, from my point of view, it's that these both processes have allowed us to better express the knowledge and importance of previously agreed norms.  Actually, it has been very visible and very interesting of how the norms agreed from the DGE track are encouraged to be applied at the open‑ended working group track, that's very interesting.

Of course, to increase attention and interest to actively involved in these discussions, is also an element very visible of success of both processes.  For many countries the open‑ended working group has opened a door to make visible priorities and needs in local and national priorities in needs and that's very important to consider at the international level.

Cyberspace issues, for me are not any more a discussion reserved to big players, to military powers only, or big companies, both for those, all for all of those interested in peaceful uses, promote stability, et cetera.

The opportunity to advance more cross‑cutting dialogues also, it's important to recognize from both pro processes.  It's important to see how we have found more dialogues with policymakers and tech community, and even within the UN and linked to the, as was said, it's interesting how these interactions have been strengthened and also our discussions and our approach with other relevant stakeholders, with private sector, with Civil Society, with academia.

At the national level, just let me put it on the table, these at the national level, these processes have encouraged us governments to get more ‑‑ to get more discussions, to get more dialogues with those sectors in order to consolidate national positions.  This kind of discussions and continuous involvement of different sectors have not been seen in the form that we have recently.

Then, taking into consideration these positive results from the ongoing processes, I have to say that I am confident to get results, to get important results.  Let me briefly share why I am being as optimistic is not only being optimistic for being optimistic, but why.  In this regard, it's important to me to identify that many concrete proposals have been already put on the table of both the open‑ended working group and the GDE, from repositories, international repositories of experiences to implementation guidelines to program of action or mechanisms to follow up the implementation of norms and previously agreements, such as the one presented by Australia and Mexico with many other countries.  So, we have on the table these very substantive and concrete proposals, then something is going to happen with them.  Discussions in both levels, they're reduced to any GGE or open‑ended working group have allowed also to identify the strong link between international laws, norms, CDMs, and capacity building.

For instance, as was said, even considering that we are having first committee discussion in the national security discussions, it is now clear the coherence with this with advancing the 2030 Agenda, for instance, and also we have seen many issues important like gender issues or access, the universal access, et cetera, and the importance of bridging the gaps even when having this first committee or international security discussions.

So, of course, questions and differences on international law applicability have ‑‑ we are facing, but we have now many, many voices that we believe we can push for having responses.  Thank you, Raj.

   >> RAJ BURLI:  Okay.  I think it's very good to start, it's very difficult to have a panel in 2020 without discussing the global pandemic and the coronavirus.  I think the impact of COVID‑19, I think it is not just physical.  I mean, it has completely changed the way that we interact with the digital world and we have a lot of us working from home, studying online, connecting through social media, more than we ever had before.

I think what's really relevant though is these aren't just necessarily temporary changes.  For a lot of people, it's going to be a consistent shift.  Like this is the new normal of operation, and with that an increasing reliance on Cyberspace.  And I also think what comes with that though is a changing nature of conflict in Cyberspace as well, and Raman, I'll start with you on this.  How has the pandemic impacted digital rights as more people everywhere rely on digital infrastructure in an effort not to spread this disease?

   >> RAMAN CHIMA:  Thank you, Raj.  Excellent question.  So in addition to looking into Asia‑Pacific region is to coordinate a global cybersecurity policy and what I see is interesting because there is the policy impact of governments responding to the pandemic and often is unfortunately often the case well‑meaning responses that actually result in harms to rights, but also sometimes the excuse of the pandemic to move fast and break things which also have an impact on digital rights.  But beyond that as you mention, there is the very simple fact that digital is everywhere, it's not just ‑‑ everything you do impacts digital rights.  Access Now is an organization usually called digital rights organization and we actually specifically said three years ago we are a human rights organization in the digital age, along with many other colleagues in this space, and the sort of digital security work we provide and the public policy person, and but the real heros in the organization are the people that work with digital security helpline, a free service any Civil Society member, activist, journalist can use globally to get free assistance proactive or reactive, and what's been striking is that the amount of increase activity they have seen in the pandemic.  April, that month our busiest period of the help line in existence and I think that's not the only benchmark and after that several months are the busiest in existence, and it shows you that digital security is critical to what everyone is seeing locally, it cannily the society actors, what's happening is they are facing newer issues and threats and let me put it this way.  For example, for business security organizations to look at rights of organization to look at human rights issues, they would normally be able to meet laws easily and best that conference nearly all virtual, and it is increasingly digital now and all of that requires them to be more careful about what we put out.  They're targeted from nefarious contactors from criminals to unfortunately sometimes even government actors that is the truth that needs to be said and they're increasingly held to deal with this with limited resources, incredible strain, incredible mental anguish and challenges during the period.

And what we see therefore is an increased need for digital security.  We provide that, many other organizations also do and we're not the only one, where in fact we're very proud to be members of City CIRT the Civil Society Computer Response Team Network, and the fact that a network like that exists shows you global society, the watchdogs that protect our societies and protect our governments locally they need to secure themselves.

And what I want to mention is we've heard about the fact for example that health care is targeted in the pandemic and that's a simple cybersecurity reality, but activists are being targeted, journalists are facing issues, they're also facing issues because they're often talking about digital law, abuse during this period.  And for example sometimes coronavirus tracking programs being used to actually conduct surveillance, and fake news laws being used to not suppress fake news on the coronavirus, but actively used to target free speech and expression, and you're also seeing unfortunately, sometimes the passing of negative cybersecurity laws by national governments saying they're going to improve cybersecurity but actually being used to target not just activists but security researchers and in order to leave that with you, what's striking to me is the very people we need to depend on more, the humans who make human‑centric cybersecurity and human rights rather more secure human rights community globally possible at this stage, security researchers, independent whistleblowers who discover vulnerabilities in software they're sometimes targeted due to badly crafted laws or laws deliberately crafted in a way to be able to target these people.

So, in addition to providing better digital security, we need to understand that cybersecurity discussions at the national level, we need to connect the two.  The technical community and human rights community are not separate are and you need to connect the two and not enough is happening today.

   >> CHRISTOPHER PAINTER:  If I can add to that for a second.  I agree with everything that he just said and that's absolutely right.  But the two things that have struck me as being ideally of note is one that as we become more dependent on technologies, we've seen criminals, states, and others attacking them and that's an unfortunate thing and I think it's a recognition of cybersecurity being more important, but two it goes back to something that Isaac was saying too.  It's important as the processes in New York have been, I think one of the challenges have been that cybersecurity is still seen as a boutique issue, not that important of an issue that the experts can deal with, like all the people on this call are people that do this all the time so we talk to each other, but we really need to convince the high‑level political leadership of countries that this is a real priority that they need to deal with.

And I think to extent there is any silver lining from the COVID crisis I think the fact there is greater recognition, including in developing countries that this is something that is really important, that it's not just a digitization but it's also protecting cybersecurity and how we might be able to get there.

   >> RAJ BURLI:  I think to the rest of the panel do you think this created a greater urgency or need to protect vulnerable institutions from cyberattacks?  Kaja, if I can bring you in here?

   >> KAJA CIGLIC:  I had to unmute myself.  Yeah.  No.  I think I would agree with what Chris just said.  I think for sure it has really focused the minds in terms of, you know, governments around the world are, A, I think realizing a little bit more what critical infrastructures are and how connected everything is.  It's shifting a little what the perception of critical is as the last six months or I guess more now, we've all sort of started working online, schooling using increasingly online, and obviously the attacks on health care as Raman has mentioned, have been really prominent.

I think, in fact, today Microsoft just like an hour ago maybe, Microsoft just published a blog highlighting the attacks from state‑associated entities against health care institutions vaccine research, and that, you know, that has been a theme, I will say, in the last six months.  Right.  There have been others who have called this out as particularly problematic.

We have seen, you know, hospitals close down in the middle of the pandemic and things like that.  And while I totally agree with Raj and I think ‑‑ or I'm sorry, with Raman, I think it shouldn't be the only lens we look through it, but it is that moment in time where governments are much more focused on, okay, okay, this actually needs to work.

But I would also completely agree with Raman.  I think that we, you know, we've seen over the past couple of years the extension of particularly state actors, that are you know, like we originally looked at oh, how do we protect like the parties and electoral process it's within our demanding democracy programs since sort of the last election in the U.S. so 2016, and a service that we offered to the ‑‑ to those entities has increasingly expanded in the last few years as we realize it's much more, like the think‑tank community around it, the human rights activists around it, the journalists around it.  And so there is ‑‑ there is definitely something that both ‑‑ so both sides of the argument, both the attacks against critical like actual attacks that bring things down, and then also attacks that effectively are surveillance or ‑‑ or just trying to understand and find data that can be used against particular individuals have to be kept in mind.

So, I think it is a good time to focus on but also a good time to be vigilant.

   >> RAJ BURLI:  Fantastic.  We touched on the necessity for health institutions and research institutions to be safeguarded during a health crisis.  Do you think there is official protections currently if place?  And if not, why not?  That's an open question to anyone on the panel.

   >> CHRISTOPHER PAINTER:  I mean, I would say, no.  You know, I think it's just recently become more of a priority when folks understand, you know, I'll quote one of the former President of Estonia, Thomas, who always talks about the worries he has in Cyberspace and one of them is the integrity of information, he cares if there is a service attack but if someone actually breaks into the hospital and changes your blood type so the next time you get a transfusion you die, that's more serious.  So that could be a challenge going forward.

If you look back at how the UK's health system was affected, part of it is health systems and places don't have the budget or expertise to deal with this and we need to treat them really as an additional critical infrastructure if we're not already.

   >> KAJA CIGLIC:  Maybe if I'll quickly add one more thing.  I think just to keep in mind as well is, you know, we're looking at the globe at this stage, you know, the finders, the varying levels of connectivity, you about and as a result there is also varying levels of advanced technologies being used, and so you know, so making sure that we not only look at the tech and sort of see how protected they are, or that it is, rather, and I would agree with Chris there that I think there is definitely more to be done, but there is definitely also a human element there and you know, ensuring that the humans who use this technologies are aware and know how to act securely.

I think it's ‑‑ I think that's where a lot still has to be done, and so you know discussions and efforts and things that Chris is leading in the GSEE around capacity building are critical components in getting us all to a better place.

   >> RAJ BURLI:  Yeah.  Fabrizio, do you have a comment?

   >> FABRIZIO HOCHSCHILD:  Thank you.  One thing I learn when the pandemic is over, that day all of us will know how to use the unmute button.  (Laughing).

But,, no, I would just say we need to try to understand the security in a broader ‑‑ have a broader understanding of security threats that go with cyber.  There is a lot of focus on protecting the physical integrity of our systems, which is tremendously important.  But there are other aspects that have come to the forum about COVID that need equal attention.  You know, misinformation, defused on a scale never seen before, never permitted when we were limited to non‑digital media, cause deaths.  That's a security issue.

Fueling of exclusion, political violence, prejudice, hate causes deaths, that's a digital security issue.  And then finally, you know, the issue of not being connected against the backdrop of a pandemic, the unconnected in an ever more digitized world aren't foregoing a luxury, but they are foregoing everything that makes the first world move and will be left ever further behind.  That is also a security issue.  That's the biggest ‑‑ there is the World Bank UN study on this called Pathways to Peace that, you know, analyzes documents, the biggest creator of conflict, the biggest creator of violence is exclusion, inequality, marginalization.  And so security, I think we have to think of in a much more multi‑tiered and comprehensive way and not as important as that is, I'm not saying it's not important.  But as important as it is, not to think of it only through the lens of protecting our digital systems.  It's also about the insecurity that is inherent to the sort of anarchy that is privileged in the digital world.

   >> RAJ BURLI:  Yeah.  I think one key takeaway for someone like me who is just digesting all of that, is like this isn't just a simple one‑solution fix.  There is so many things that require multiple responses from stakeholders and neatly leads to the crux of this discussion.  UN dialogues to what degree have they included multistakeholder input, and what the multistakeholder community is hoping they will achieve.  I guess more specific for Chris, Kaja, and Raman, from more of an outside perspective, what are the impressions of broader multistakeholder community when it comes to these discussions at the UN?  I'm going to start with Kaja.

   >> KAJA CIGLIC:  Sure.  I feel I always have things to say.  No.  I think that's also a question in ‑‑ one of the questions in the chat, I think, which is making sure that we are able to open up this discussion to a broader audience would be incredibly helpful.  I think, you know, from a private sector tech company perspective, obviously these discussions impact us directly.  While there are discussions around state security, it is a reality today that a lot of the infrastructure and technologies are operated by the private sector, and the ‑‑ I think we're able to both provide, hopefully helpful input into those discussions, in terms of how some of the technologies work, how they interrelate, you know, what is the future trajectory as well as what are some of the threats that happen or that we're seeing on our systems effectively.

But and I think from that perspective, they're also hopefully able to be ‑‑ to I want to say help shape solutions in this space, and so you know when the last year in December, the first or the only, I guess, multistakeholder consultation happened within the context of the open‑ended working group, and I think that was a great opportunity.

We, you know, and we'd love to see more of that, more of a conversation between the private sector and government on some of these issues.  Some of the governments really, you know, would love to ‑‑ would want to call out Australia, Canada, in particular in this regard, and Netherlands, and particularly Mexico, I'm sorry, as well but really proactively reach out and consult.  But I think it would be good if this was a more formal opportunity for everybody to kind of be allowed to pick sort of each other's brains, I think.  And I also have views on Civil Society, but I'll probably ask Raman to talk about those.

   >> RAMAN CHIMA:  Happy to.  And to say that it's an interesting challenge in getting the processes, and I say this from a perspective normalization.  Almost a little bit outside because we're formerly ECOSOC accredited and have a coordination but even then we find it challenges particularly with open‑ended working group, and the panels actually made it harder, it's very hard, and I talk concretely, but being the fact that we're in a sense a cybersecurity provider, we provide security to society and other groups internationally, and we're auto user because we have to protect our own systems and networks along with many other society groups and advocate and we have particular points of view and also perform the job or Civil Society more broadly speaking the truth and that can be irritating but incredibly useful to be there and that's a good job of a policy analyst to speak truth to some of these issues. 

The challenge with the UN process is despite the attempts Kaja mentioned and many others as they are also dually mentioned, and it's really challenging because you want it to be useful and effective and to get states to agree to talk about stuff, they're not always happy to and there is disagreement about states.  I've been accused of being an optimist of processes and I probably say I'm still that.  I see the value of these conversations sometimes more so than individual states might be there, but the realities for the technical community, the people who deploy cybersecurity or do cyber day in and day out, it's actually very hard for them to engage even if they have regular engagement in the UN system.  Can't easily take part, can't provide papers, it's a challenge process to make available, and you have to spend disproportionately on people who are either based in New York or Geneva who can talk to people there physically, meet them, and even for a group like this with the pandemic and restriction on physical meetings a lot of access goes away and people who work with us find that frustrating as well, and that's a reality to acknowledge.

With some of the proposals past or being considered and refinements of the processes whether it's restructured OEWG or program of action that many states from EY to Global South have jointly worked on they think it should be in there talking to stakeholders and I give you an example that I find both interesting, a member of the Forum for incident response along with many governments and corporations and they're the big group you want to talk to in cybersecurity regarding advice across lands, and for us it's very even funny that as first member, we can participate in a limited way because of ECOSOC status and as ourself cannot speak and as a part of our delegation.  And that's why we should fix this, not only because we want it to be democratic, and it should, but there are useful perspectives of these groups and there are ways to improve that perhaps.

   >> CHRISTOPHER PAINTER:  And I would say just on the first comment especially, you know, there is this disconnect between the communities that some of the actions in the UN are trying to protect in those communities, for instance in the GGE one of the great forms was not attacking CSIRTs because they're like hospitals or ambulances of the Internet.  I gave a keynote and talked about this and almost no one in the audience had ever heard of that which is strikingly bad and we need to make sure there is a conclusion between technical communities and other communities and what's going on in the U.  In.  As much as we celebrated the December meeting and it was a great breakthrough for the UN, it still was just a small ‑‑ a small piece of advance and I mean the fact is if you were at that meeting, everyone read their statements on both sides and that was pretty much it. 

You know, so we really need a better chance for interaction for meaningful interaction, and Kaja mentioned some of the governments that brought or who have made it their point to assemble stakeholders and talk to them before they go into these negotiations.  That would be great.  And we know some countries aren't going to do that at all, about you if we can find a way to have more meaningful interaction, I think that makes a difference, and look I think there has been progress but not nearly enough.

   >> RAJ BURLI:  Chris, you mentioned like making progress, and I just want to press a little.  Do you feel like the dialogues reflect the input of the private sector and Civil Society?

   >> CHRISTOPHER PAINTER:  I think to some extent, to the extent that countries are actually bringing that perspective in.  The GFC, the global forum on cyber expertise, we have and will submit comments to the OEWG to go through and how much weight the comments have, hard to tell, right.  The players with the most weight are the nation‑states because that's what the UN is organized around, so I do think that it's important for us to have some more meaningful input, but they can ignore that input.  You know, there is going to be debates between countries too, but if there is a way to get that input there, that just helps the whole process.

   >> RAMAN CHIMA:  Just to jump in briefly to say that that's one way for more discussions around this because it is a political process, decisions and consensus across states and for them to buy into it.  A lot of it is also implementation.  And the more people beyond just us that talk about this and take the discussion to actual national discussions about by the way what is your cyber coordinator saying or talking about this, what is the UN, what is the mission saying about this, these are important things, but even the cybersecurity communities within countries need to discuss it more.  I struck by once hearing someone who didn't fully know what all the states were saying not because they don't do fantastic job of it, but there is so much going on and that we need to take it there.  And for me it's important it look at UN conversations, it's happening, there is not a breakdown of things, which means you need more discussion and buy in and perhaps even a sharpening of special in the national gap because sometimes states aren't sure what their positions are, and it's fine for them to create them, about you we need to being a knowledge that they need help.

   >> CHRISTOPHER PAINTER:  Yeah, maybe one other thing, one thing I think is effective is the traveling roadshow of ambassadors and others going to various forums.  They came to the global forum on cyber expertise meeting and back last November and I think just having listening sessions where they know what's going on and they're talking to the community, they've been very dedicated to that and I think that's very helpful.  And anticipating, Raj, your next question, since I think it's coming up on in terms of what the global forum on cyber expertise hopes to really get from these processes.  You know, I do think and I was heartened when I participated in some of the meetings, particularly the OEWG, the number of countries that raised capacity building is a core issue for them, foundational issue for them.  The countries that mention the global Forum on cyber expertise that was heartening as well, the launch in New York in February alongside the OEWG meeting so it's important to have that community understand it.  I'd like to see some emphasis on capacity building especially as we talked a little bit before, having capacity building for cyber and not being seen as a separate thing but being integrated into the UN Development Goals I think that's really important because, again, it doesn't make it this outlying, this boutique thing but something that's core to everything that we're doing, and a way for countries to prioritize both donor countries and countries that need help.

And but I don't, what I'd like not to see is the UN trying to say that we have this, we're going to do it all, and we're going to be the ringleader of all of this, come to us, and we're the hub.  Because I just don't think that's going to work very well for all the reasons that we talked about.  First, it's just going to be states, second it takes a lot of resources to do this, and I hope what they would do is leverage organizations like the global forum on cyber expertise that is already working to coordinate these issues and others as well, and I hope that that's going to be the output to be more collaborative rather than this is just going to be a UN thing.

   >> GERARDO TENORIO:  If I can briefly add.

   >> RAJ BURLI:  Yes, please.

   >> GERARDO TENORIO:  This discussion, I mean, at the mandate of these processes, yes, we do have this opportunity to inform on consultations or more formal consultations with relevant stakeholders, and I feel we need to institutionalize these kind of consultations.  We need governments working within the UN, we need to encourage to have on the mandates from the mandates from the very beginning this call to have consultations with relevant stakeholders.

But I just want to insist on the issue, on this issue at the national level.  It has been very encouraging for particular countries, and maybe most of the countries are unwilling to have this kind of consultations, but maybe they have not identified the correct sectors inside their countries, et cetera, and so with this international processes, having consultations, we at the national level, of course, are encouraged to have this kind of interactions.

So, I sincerely believe and taking into account our own experience, that the international processes have encouraged us to have better consultations and better communications, and maybe not most of the time, but institutionalized or standardized, but it will be helpful that from the Civil Society, from the private sector, from the academia, to make visible those successful experiences in this kind of engagement in some concrete conference and in order we, the rest of the conference, tried to accommodate to our own possibilities and our own realities.

   >> RAJ BURLI:  Kaja, if I can bring you in on this one.  Historically, the GGE dialogues have included a very limited number of states, comparatively the OEWG is now open to all UN member states, so specifically from a capacity‑building perspective, how can we make sure that all states, all states are equipped to have a voice in this really important event?

   >> KAJA CIGLIC:  I think that, you know, I think that's incredibly difficult.  I think that it's ‑‑ I think we sort of touched it a little bit on the panel already, but you know it's almost taking a look not only at the cybersecurity capacity building as a technical or domestic policy issue, but also ensuring that states are able to engage on some of these issues and in a diplomatic circle.

So, you know, there has been for sure a few initiatives that, the DIPLO Foundation that is an organization based out of Geneva has run trainings for diplomates on effectively cybersecurity, and Estonia a country has put on a training as well.  There are initiatives that the UN ODA has also put forward in terms of more like interactive online experiences, and I think that is the bit that is critical, right.

I think ensuring that the diplomates that engage in these discussions are able to not just necessarily report back to the capital and hopefully have someone there that knows what's going on, but also engaging on a, you know, in a meaningful debate, and I think it will ‑‑ that would just ‑‑ that is just I think a thing that will take time.  Partly, it will also take time because you know, it's diplomacy so people rotate, right.  So even if there is a breadth and depth of knowledge that an individual could gain or a three or four‑year period while they are, you know, the countries representatives in New York or Geneva, you know then they rotate out and there is a new person, and often times it's a new person that has never had exposure to this, so I think fundamentally it needs to become, as with many security issues, a core part of the training for a diplomatic career.

   >> CHRISTOPHER PAINTER:  Yeah.  And I would say back in 2011, which seems like a lifetime ago now, I was the first diplomatic office dedicated to cyber issues, I think in the world, and now there are over 40 of them which is a great advance because it means retreating this is not just a technical issue but as a policy issue, but Kaja helped co‑chair the task force on the GFC and I should say the members include nation‑states, include private sector, Civil Society, academia, include even some UN institutions as well, and so it's a very inclusive group.  And we looked at how to jump start this, what to do with norms and not negotiate new ones but help implement and help get people familiar with how to conduct diplomacy and putting out a number of things, including a compilation of where we are on CBMs, for instance, which I thought was very helpful.

So, we really need to beef that up, and training diplomates to understand these things, even though they rotate through, but the more folks understanding these are key issues for them going forward and not just technical issues but core issues of technical security, economic security, human rights, that's going to help us all.

   >> RAJ BURLI:  Isaac, I would just like to invite you in on capacity building in the diplomatic sense.  Any thoughts been cybersecurity as a broader issue?

   >> FABRIZIO HOCHSCHILD:  I think there is a real change of attitude that I have observed around diplomates.  I don't have the length of focus that all of you have on these issues, but when I started first getting involved in this domain about four years ago, anything cyber related was considered a job for specialists, and you know ambassadors in New York who considered themselves top of their trade, who are they top of their trade, many are former ministers, many go on to become foreign ministers, and would have considered it something technical and not worthy of their attention.

I think that's changed radically.  Already prior to COVID and even more with COVID.  I think there is a growing understanding that this is no longer a separate issue but it affects the politics as we know it, it affects economics, development, human rights as we know it, and to remain ignorant is very dangerous.

And in Mexico, and now I have to praise Mexico.  Mexico did a series of events last year with our support basically to try to educate, and you can't tell senior diplomat es they need to be educated because they don't like that, but to have discussions on these issues with diplomates in New York and they were incredibly attended.  And I see the resonance when the Secretary General launched the Roadmap on Digital Cooperation, I think 150 or 160 states attended and most at a senior level, and so I think there is a big switch and I think COVID only accelerated that.  But having said that, I do think we have further to go.

I would like to put it the other way.  I mean, I spoke once to the head of Nokia about, he was preaching to us on the need for policymakers to understand much better how machine learning works, how AI works, how the policymakers are making the decisions but don't really understand it.

Then we got him in to brief the senior managers at the UN, but I made the point at the time that that's a two‑way treat.  Diplomates need to understand much better how technologies work, but those in the technological field need to understand much better how politics work, how sociology works, how human rights work, and I think there is a massive deficit, if I may say so, on that side and a certain sort of arrogance in the sector that believes that such knowledge is not particularly necessary, and that has to change too.  There has to be massive education on both sides of the divide.

   >> KAJA CIGLIC:  And maybe if I add ‑‑ I would agree with that.  But I would also, you know, to add to that I think it's also ‑‑ so it's a question of, so both on the tech sector of both understanding how the process it's work, how politics work, how just government diplomacy works, right, as well as issues like human rights and ensuring they are integrated into the processes of technology development from early on.  I think there has been greater awareness, and I think we're still far to go, and I think but the other thing as well is to, you know, ensure ‑‑ find a way tone sure the tech sector is not just three or four big players, but actually bring in a slightly broader group.  And I completely understand that you'll never have the SMEs because they don't have the time, right, but ensure that you do have a slightly broader conversation because a lot of the technology that is profoundly impactful is produced by very small companies, and in addition, it's not just effectively companies from maybe three or four markets that are engaging in this conversation.  Right.  I think there is a lot of American companies, they're increasing now, Chinese company, maybe Russian, maybe two European, but getting an understanding of, you know, how these technologies interact in a Latin American context or in an African context, and you actually need to have people who integrate it and operate on the ground versus someone sort of from the West Coast of the United States.

   >> RAJ BURLI:  If I can maybe like pull this a little bit more macro.  Maybe beyond just the OEWG and GGE, and in thinking about the role the United Nations plays.  Fabrizio your office at the UN is coordinating a series of roundtable discussions including one focused on digital trust and security.  How do you see this initiative relating to the first committee working groups and are they overlapping or largely complementary?

   >> FABRIZIO HOCHSCHILD:  I think completely complementary and our process is reinforcing.  The first processes by definition look at this through the lens of registrants and national security and look at the context of interstate conflict.  What we're arguing is that the issue is much broader as I tried to stress in my initial remarks.  We need to look at this from the point of view of the Sustainable Development Goals, we need to look at this from the point of view of the health of our economies, we need to look at this from the point of view of the security of our human rights and that's the complimentary.

The other complementary is that it's meant to be a high‑level regulation and what we're trying to say is this is an issue, this is not just an issue for experts, as important as the experts are, but we need to elevate this to head of state level, and perhaps it's also the added value.  And furthermore, this is very much meant as a multistakeholder process, all the discussions we've had so far have been from a multistakeholder process, and the idea was born through a multistakeholder process, and we would see the advance as a multistakeholder process.  It takes a much broader lens, focuses on development of human rights, it's at a much higher level.  I mean, let's be honest.  How many people outside of very narrow circle of specialists know about the GTE and recommended working group processes as important as they are.  And the other would also be the political, the global political declaration would enhance the image and the knowledge of the important work that's happened and under the GGE and more recently the OEWG.  And perhaps we haven't explained this enough, but somehow, I think this idea of duplication or overlap is a little ‑‑ is a little strange.  I mean, those who are discussing nuclear arm's control in the 50s, 60s, and 70s, never worried that other groups that were talking about safe standards for nuclear power plants were somehow duplicating their work.  I mean, this is transformative to our world, and the idea that we can all settle it, all the issues that arise through the GGE and working group is in my mind not ‑‑ not likely to prevail.

   >> RAJ BURLI:  Just to take it a little bit further, what or which organizations, rather, are included in the roundtable discussions?

   >> FABRIZIO HOCHSCHILD:  Well, the roundtable discussions are open.  So frankly it's those who are most enthusiastic and most committed.  In the particular theme we have roundtables around the different eight workstreams set out in the Secretary General's Roadmap and those companies, countries, Civil Society institutions that are particularly committed to it join, and there are no picks.  It's the people that show up, we have very constantly, but anybody is welcome at any time.

   >> RAJ BURLI:  Thank you.  Isaac if I can bring you in on this next one.  Cybersecurity was notably included for the first time in convenings of the Security Council of recent months and also at the regional level the OAS has increased attention to cybersecurity.  How do you see these developments?

   >> GERARDO TENORIO:  Thank you, Raj.  Actually, let me just first to build upon what Fabrizio said.  Today, when talking about Cyberspace and digital environment, it's impossible, I mean, working within the relevant processes within the UN, it's impossible to see only the first committee or to see only the second committee or the third committee or the sixth committee.  Sincerely, it's impossible.  Actually, we need to be able as diplomates and as governments putting on the table positions, national positions to be able to see how all of these processes and efforts are linked to the very big goal of getting Cyberspace, a lawful Cyberspace and peaceful Cyberspace and open Cyberspace.

So, I feel it's necessary, of course, to break the silos.  How to do it?  It's very hard to respond.  But, of course, this kind of multistakeholder and interregional dialogues, et cetera, help us to try to break those silos.

Of course, I'm not saying that we need no mandates for each of the processes.  I mean, first committee processes, they need an international security mandate.  But the discussions, the efforts, and actually the results coming from each will have links to others.

And regarding your very important question on how I see these developments of the Security Council or the OAES dealing with the Cyberspace issues and cybersecurity, and I have to say that I see these developments as a result of two councils.  The of course the more interest on cybersecurity issues, but unfortunately, the increasing of cyberattacks in major incidents, not only in number but in their negative consequences.

So, I feel that it's important, of course, that the Security Council has had already discusses on these issues.  Nevertheless, it's important to identify and consider the Security Council mandates, that for me it's not necessarily the venue to prevent or to promote commitments to prevent, but to respond or to react, then I believe it's important, of course, to consolidate the previous steps, the prevention of conflicts and ensuring it, and that's why I feel that through the open‑ended working group, the processes will have opportunities to elevate these commitments in order to advance these previous steps to the Security Council discussions.

Regarding the regional level, thanks for the question because it's important also to remember that actually the UN Charter has an 8 chapter, and to regional roles and regional conversation and this is important.  Mexico recently OAES General Assembly, just a couple of months ago, promoted within the international law resolution an affirmation that the international law, it's applicable to Cyberspace, and also the norms development by the previous GGE have been to implement it.  Maybe it's not necessarily a very big step, but considering the role of the OAES has, it's a big step that the OAES has adopted this resolution with this scope to the international law applicability to Cyberspace and the norms of the GGE.

And then I feel that we also at the regional level, we need to have more interaction between the technical and the policy levels, and also to see how from the CBM's work that actually we have been advanced under the leadership of it in the OAES how to find ways to accommodate also awarding and capacity‑building and bridging digital divides from the regional security approach but consolidated also the path to ensure peaceful uses.

   >> RAJ BURLI:  Thank you, Isaac.  I think now is a really good time to switch over to our highly engaged audience.  They've been submitting questions to us, so I'm sure you all have some interesting responses.  I'll just with, yeah, this one comes from Ruth, the Internet truly unprecedented or is it the speed of developments that make it different from past developments that disrupted existing structures?  In other words, are there no lessons to be learned from sailing the open seas, telegraphs, trains, telephony that we can use toward the Internet?  So, I guess a question more about are there lessons to apply to these developments?  Kaja?

   >> KAJA CIGLIC:  I will lead off and then hopefully people can jump in because I'm not sure I have a super profound answer.  So, I think my perception is that it is much faster, right.  I think there is ‑‑ I would definitely, you know, if you look at the speed of how things have developed and how far we have come in the past, almost say like 15 years, you know, the 15 years ago we were almost ‑‑ no.  Yeah.  We were basically the first year of Facebook, a tiny small proportion of population used it, and the amount of the Internet usage was ‑‑ I think it was probably like one‑third of where we are now and maybe even less.

So, the adoption, the development, and the transformation that's associated with it that goes across the whole of society, I think it's very different to some of the things that sort of have gone before.  I would say there are definitely lessons to be learned and I think there is not even just lessons to be learned, but I think there are rules of the road that we have, there are laws that we have that just don't need to be rewritten.  You know, the international law, as it is, should apply.  International humanitarian law, human rights law, should all apply to this space and we just need to figure out what are some of the nuances and gaps that need to be addressed.

So, I think there is definitely strong foundation, but we just sometimes ignore them.

   >> CHRISTOPHER PAINTER:  I think that last point is incredibly important.  So, you know, Cyberspace does have lots of differences to be sure, but we don't need a whole new rule set from what we've had for the last hundred years and since World War II to bring us safely into the century or more safely than we were, at least.

And if we have a whole different rule set for the Internet than we do for physical space, that itself causes instability and problems, so I think it's important for us to say how the Internet is really grounded in the physical world, and it is, especially with international law as we think about rules of the road and norms, we're applying some of those precepts to Internet things to be sure, confidence building measures is a concept that was around long before the Internet existed but that's important in this space too.  I think there is a lot of things that are direct parallels, and if we abandon those and treat the Internet as a free fire zone where nothing applies, that's very dangerous, so I think it's very important to keep us grounded in the physical world and what we've thought about in the past.

   >> RAJ BURLI:  Thank you.  Next question comes from Andre Barrinha.  Despite the importance of the issues being discussed and the developments in the GGE and OEWG, the reality is that these processes remain fairly niche, largely invisible to the general public.  What else could be done to make these processes and issues more visible to a wider audience?

I think I might just add a little bit of something to that as well.  From a youth perspective, IP, young people are going to see the impacts of all of these discussions and these decisions moving into the future, so I think that's a really pertinent question and one of how can we make these processes and issues more visible to a wider and potentially younger audience?

   >> CHRISTOPHER PAINTER:  Maybe I'll start with that just because this has been a mission of mine for years now, is to make cyber and cybersecurity not a niche issue but one and thank really transcends that and we need to put it on the political agenda.  Fabrizio is right that we need to make this an issue of world leaders, of Prime Ministers, of national security advisors, of generals, of parliamentarians, foreign ministers, and there has been some efforts in the past to do that like the global conference on Cyberspace that brought together foreign ministers and anterior ministers and that was helpful, but we have to pierce this vail and not think of it ‑‑ you don't have to be a nuclear engineer to understand the policy aspects of nuclear technology.  You don't have to be a coder, although you should have people in the background who know how these things work.  You don't have to be a coder to understand the policy implications here, and you know I often talk about our cyber group as the kind of tribe of cyber gypsies that move from place to place and we all talk to each other again and again, and that's great, but we're not the people that need to be reached.  We need to reach the higher levels, and anything that we can do, and it might be high‑level declarations, and it may be engraining ourselves in these larger conferences on security, like Munich Security Conference and others that they have a cyber track, but we need that on the main stage.  We need to make sure that this is not just some, again, throwaway issue but one that's core to the big discussions that are happening.

   >> RAMAN CHIMA:  I just want to add to that because some of the questions and people that we want to have positions on.  The leaders, it's often with their constituents.  What is your, if you're a candidate for office, what do you think about that?  And I joke of cybersecurity person, I hate using the word cyber because it can mean all the different things.  And as Fabrizio mentioned, it's important to understand the context of it, but somehow, it's easier to just hide behind the initial thing.  But more often than not, you ask them what is your position, they will craft it. 

So, we need to ask what is position of issues happening in cybersecurity or even what is your position of UN cyber processes?  Simple, but keep it going.  Even talk to local communities and that's conversations because often where I see the disjoint between what Chris mentioned the traveling community of cyber gypsies is what people domestically might say.  You talk to someone in Bangladesh on digital security for them, their meaning is very different, far more, I'd say, directly about how a particular law might be misused versus what we might be talking about in terms of confidence building measures or vulnerability disclosures, so that's bring that there and perhaps one of the space is the regional meeting, OEAC has done a great job and maybe others trying to do it, and of a cap union as to credit had useful discussions and done this and led by and also supported of the great work of the OEAC Chair and GGE Chair but we need more of and perhaps not only just depend on UN and perhaps as different stakeholders why not have the chat at regional level or across different stakeholders but to have more of that.

I keep joking there are already so many discussions on cybersecurity, and that's not enough.  We need more.  People for social policy, people with public health, people with views to come in there because some of the things is also to connect existing issues, and as Fabrizio said they coordinate across many areas and sometimes you can also have proactive steps, for example, on digital health, the digital identity, data pro section and cybersecurity in communities is tremendous but very hard to find them in one room.

   >> FABRIZIO HOCHSCHILD:  I fully agree with everything said.  I just would add one element and that's schools, education.  I happen to have three teenage kids who have been in education systems because I work for the UN in three different countries, and they learned far more than I learned about it, but they learn about coding, they do learn about coding.  They don't learn anything about the vulnerabilities that they're exposed to through the cyber world.  They don't learn anything about how this is changing politics as we know it.  They don't learn anything about what can and you can't do to enhance or threaten human rights.  So, I think, and when I learned about nuclear technologies at school, I didn't learn how to become a nuclear engineer I learned much more about nuclear in the context of geopolitics, in the context of transformation of economies, and so something has gone wrong there.  I mean, I'm not saying that they shouldn't learn to be coders, but it shouldn't stop is there.  It should be much more about the societal implications across the board, and I mean in particular on the many levels of security.

   >> RAJ BURLI:  Fabrizio, that's a really good point.  Isaac, please, jump in.

   >> GERARDO TENORIO:  I'm sorry, thank you, just to add briefly.  Actually, I feel that we are facing, I mean, to the Cyberspace discussions from the international security perspective, actually we are facing what most of the international security and peace and security issues sometimes face to the public, that is they are not necessarily, I mean, interest the very first view, they are not necessarily related to day by day, you know, to the reality day by day.  Nevertheless, it's important that we, governments, private sectors, Civil Society, academia, to work together in the international organizations, of course, in order to translate to the public, to the general public that those issues are related also to the day‑by‑day reality because as we ‑‑ as much as we assure that this will do this, we will have this day‑by‑day reality also in a more safe and environment, and I feel that, for instance, they have been doing great job in order to disseminate, in order to spread the knowledge, but to a more specialized, that is a role, of course, but to a more specialized outings.

It would be important to launch from the GFCE, for instance, or from the cyber institute, and I'm not sending the message to Chris and them to do it, but maybe from those platforms to spread, you know, to not necessarily specialize, but to the general public, what it has been doing.

Of course, at the regional level, we have a lot to do, and also at the national level.  This kind of discussions, they are improving our way to disseminate what we're doing and what we're discussing, but also at the national level, we as governments, we are obligated to do this kind of discussions also at the national level with relevant stakeholders in order to spread the work that we are doing and trying to solve.

Finally, just we depend also on the possibility to get results, to get commitments and agreement because if we say, oh, we do have this very interesting process of the open‑ended working group in the GGE and the digital ‑‑ the digital agenda, et cetera, et cetera.  But we reached no agreement, we reached no substantive commitment and then it's, you know, it's unnecessary to the public to know that we do have these processes.

   >> KAJA CIGLIC:  And maybe if I can just add to this because I think that was one of the questions earlier on more focused on health care.  But why these things are important.  You know, whether you look at the UNDG Report of 2015, whether you look at the Paris Call that was mentioned earlier as well.  I think all of these commitments, or even individual countries statement, right, they all build a set of normative roles of behaviors, so they build the idea of what allowed, what is accepted, and what is really not.  So, and there will always be people that break those rules, you know, like it happens in every sphere of existence and there will always be people that break the rules, but if ‑‑ but the vast majority won't.  If there is clarity, I think it kind of like brings the bottom up and we can all strive to do a little bit better, so I think that's the point.  The point is critical.

   >> RAJ BURLI:  Yeah.  Next, just in the interest of time to try to make sure I'm on top of it, I want to get through some of these questions because there are some excellent questions here so if I can just ask for some rapid responses just to get through all of the ones that we have.  Fabrizio, something you mention add quick second ago was looking at schools and education and our next question sort of looks at the manifestation of how we can actually help them.

So, it's asked, journalists, secondary schools, education institutions, and marginalized communities such as refugees are new to the Internet world and have limited knowledge of the Internet.  Do we have some simple software tools developed to protect new Internet users from cyberattacks, and how can we best implement them on a wide scale to ensure their protection?  Chris, if you have any thoughts on this, I can bring you in?

   >> CHRISTOPHER PAINTER:  Yeah, and I mean this goes to an issue that I think is really important.  It's not just the tech companies and others that we need to reach out to.  It's the sectors we're trying to protect, and I think journalists and others are often the ones that slip off the table so we need to make sure we're protecting them for lots of reasons.  There are some tools out there, and there is an organization called the Global Cyber Alliance that just put out a toolkit for protecting journalists and I recommend people check that out.  I think it's very useful.

I think we need to, especially with ransomware and other things we have to do more to protect schools.  In addition one of the parts of the global forum on cyber expertise is talking about skills and education which also talks about how we as some folks on the call, or on this session have already said, how we start indoctrinating people at a certain age to understand these are important issues, and so that's the policy part of it, but I think we have to do both of those things.

But again, the GFCE toolkit I think is very useful, and also it incorporates some of what is called the Center for Internet Security controls, a group that I've been on the board of, and I think those are helpful for folks, too.  There are practical things out there.  The other thing I would say when I was at the State Department there was a lot of funding through the Internet Freedom Program and Human Rights Program to protect vulnerable communities around the world, and to give grants to various groups to do that, and I imagine that's going to continue, especially in the new administration.

   >> RAMAN CHIMA:  Just to point something out as we go through City Cert.org many groups received support from technology and other organizations as well.  They're often the people on the frontlines helps the human rights community and journalists and many others we need to go to as well and the great thing about these folks, is they don't mind pointing to each other's work, they use materials and put it publicly on Open Source platforms and open copyright license terms so people can see it.  So a great set there and we need to do much more as well because for example in the public health space people have been trying to get stuff off for others to translate that, but there is a great set of people and encourage people to look at that and tell them how to do it better as well.

   >> RAJ BURLI:  Moving on to the next question comes from Alexander.  For 20 years global stakeholders fought to ensure that DNS issues including DNS security were addressed through multistakeholder fora like ICANN, and specifically not the UN.  Why should DNS now be included in the UN cyber norms work?  Doesn't this undermine previous efforts and risk the security and stability of the technical layer of the Internet?  Tricky question.  Any takers?

   >> RAMAN CHIMA:  I can take a quick stab.  The most important example is many people have been cautious about specifically going into DNS as an element of this should be discussed and decided at the UN there have been discussions and concerns with states, especially you don't hear it.  Sometimes you have to know they have a concern, it might be posture, genuine, but let it come up otherwise, they're going to go ahead and do other things, But that's why sometimes the technical communities looking at these things carefully to make sure it's effective, doesn't necessarily mean to come up with another UN fora, but to my knowledge has not come up specifically here but again Chris and Kaja may have seen something that I missed.

   >> CHRISTOPHER PAINTER:  I doubt you're going to get any consensus on the UN processes to try to take over the DNS system, and I think that would be a bad idea.  I think the way that's been built, the multistakeholder system is good.  Can it be improved?  Sure, it needs to be, it needs to be reflective of that, but I think it would be mistake for the UN to try ‑‑ and I think this has been true for many years to, try to take over that function, you know, we wouldn't have the Internet we have today if it were done by just a government‑only organization.

   >> KAJA CIGLIC:  And maybe just ‑‑ go ahead Fabrizio.

   >> FABRIZIO HOCHSCHILD:  I just want to say speaking for the UN in terms of the UN Secretariat and not speaking for UN Member States and there is that distinction, there is absolutely no aspiration on behalf of the UN Secretariat to take this over, notwithstanding what Member States may discuss and decide, but there is no aspiration in that regard in the Secretariat.

   >> KAJA CIGLIC:  Yeah.  I just wanted to add one more thing, and I think it's that we've kind of gone in and out of this throughout the conversation, but I think it's important for everyone to remember that there is sort of the normative conversations, which are, you know, conversations about agreements that are fairly, I'm going to say vague, even though it's probably the wrong word.  Commitments that states make at an international level, and then these then have to be implemented on the domestic level.  So, I think the difference between sort of the broad commitment and then the domestic implementation, I think it's something to keep in mind.  I know this doesn't answer the DNS question, but I think it's something that, it's helpful to for us all to think about it as we sort of continue this conversation.

   >> CHRISTOPHER PAINTER:  But I would say the global commission on the stability of Cyberspace where I was one of the commissioners, recommended you can call it a new oral or articulation of the existing infrastructure norm I think it's better, of protecting the global core of the Internet is something that is a norm, a norm of restraint that states should not disrupt the global core of the Internet which includes things like the DNS system, so I think that's important.

   >> GERARDO TENORIO:  And if I may add, we would talk about breaking silos and it's important also to see what has been successful, what's happening or not in order to engage in the processes.

What I'm saying is that when calling to break the silos we're not trying to bring the IGF to the first committee and the first committee to the third or the GCFE to the first committee or something.  We do have many different platforms, and so some platforms, the multistakeholder nature or maybe the various specialized work, they have very important merits in each of their work, so we are not ‑‑ we have not tried to, you know, to overlap the mandates.  It's important to break the cycles, but to have the complete picture, but not necessarily to overlap the mandates and the work that actually have been doing the different platforms and doing good, I mean, having results such as the IGF, et cetera.

   >> RAJ BURLI:  Just on behalf of the audience and their incredible questions, I want to say thank you, Chris, Isaac, Raman, and Kaja, looking and coming to the closing time of our discussion, I guess fortuitously timed because next week kicks off the next round of dialogues for the open‑ended working group.  I guess for the panel more broadly, what are the best ways for multistakeholder communities to provide comments and contributions even if it is informally?

   >> RAMAN CHIMA:  Just to flag, especially my colleague Kaja fantastic made a couple of suggestions here.  Please look in the chat because there are fantastic things people are mentioning from Anriette and others; but in addition, again, if you have it make it available, can you send it to the process but also send it to the states and also again many of us are happy to help and coach people who want to provide more inputs there.  But often the common positions, the more people agree on common positions and put them up jointly, again that tends to have more impact then.

But there is a process as well for informing in December that people are working on and I again that's very important to make sure it's effective and that's something that a lot of us are focusing on there.  But lastly, if there is a proposal from states that people have strong views on or believe should carry forward, speak up and talk to perhaps your own national policymaker or relevant political contact because there are agreements being made there and some of them may go over the line and I always recommend it is a good idea that a lot of people are behind, tweak it and improve it, and it will be more likely to get ahead there.  Also, something very concerned about, speak up and do that but again many are happy to help people who may want to do that.

   >> KAJA CIGLIC:  Maybe I'll just add so the open‑ended working group has a website where you get a lot of the submissions, so I'm now going to remember where it is ‑‑ oh, there you go.  Someone pasted it.  There you go.  Thank you.

And so, you know, go check it out, that's where you will see a lot of the latest ‑‑ where the latest sort of discussions are, and you will also see all the submissions from both states and sort of the multistakeholder community more broadly, but then also, you know, Raman sort of alluded to it, but there are things afoot in terms of the preparing and more informal consultation in December, so if you want to know more, you know, I think email Shital, email me, or email Raman and we'll be happy to help with that.

   >> RAJ BURLI:  Yeah.  Chris and Isaac, I might get your thoughts on this.  Through industry and Civil Society organize an ongoing dialogue to contribute to the UN discussions.  Should they?

   >> CHRISTOPHER PAINTER:  I think that's a possibility.  I don't think we should look at industry or Civil Society as monolithic creatures, right.  There are lots of industries, tech industry, non‑industry, even in the tech industry there is a lot of diversity and the same with Civil Society.

So just having one big session, I'm not sure is as effective as having several small one, perhaps, but I think we need to find new mechanisms.

You know, one thing that the global forum on cyber expertise is thinking of doing is convening a conference that's not just us, not just the GFCE but a number of these other stakeholder groups, including states, to have discussions around capacity building and some of these other issues, and we're looking to perhaps do that at the end of next year and hopefully things will be better then and we might be able to actually get people together in person.

And we're going to consider that at our annual meeting week after next; but you know, I do think that the more we can get these communities together and talking to each other and being more effective, yes, you know, posting comments is great, the GFCE is posting comments, and I don't know that the Member States read every one of those comments.  You know, it's ‑‑ there are a lot of them and it's just hard so we have to go beyond that and actually have an influence, and we can even convene, you know, different groups can convene sessions with some of the Member States.

I think, you know, doing things in New York where we have sessions with the diplomats there and folks participating in this, I think can be very valuable, so I think we need to be creative in how we do this.

   >> GERARDO TENORIO:  Thanks.  I will add, if you allow me, actually I will suggest something in order to get maybe more possibilities to ‑‑ I mean, to as governments discussing of the open‑ended working group or GGE to consider the inputs coming from Civil Society, from private sector from academia.  And of course, general statements, of course general positions, of course all what those sectors want help us in order to identify priorities at national, regional, and international level.

Nevertheless, sometimes it's also important that those sectors, because I mean it's just like governments, we have many Member State's voices then we have many private sector voices and we do have many Civil Society organizations' voices and academia voices, et cetera.  So sometimes it's good, it's helpful to see some statements or additions or suggestions to actually input and put it on the table already.

For instance, it will be helpful for the general processes to see how the Civil Society and the private sectors sees ‑‑ how they see the Program of Action.  The Proposal of Program of Action and how they see the proposal of international repositories and experiences, and how they see the implementation, review mechanisms if I may say, or disservice, et cetera.  I mean, if you go to the work page of the open‑ended working group, and also the Secretariat and the chairs, both the open‑ended working group Chair and GGE are doing great and you will see how many different concrete proposals, more concrete proposals are already on the table.  It would be good for the process in order to get something concrete, something substantive and also those sectors to say something on those proposals already on the table.

   >> RAJ BURLI:  Thank you.  Fabrizio, I'll turn it back to you for your closing thoughts on what the stakes are as we look ahead.  What is the potential of digital technology to help fulfill the UN's agenda, and what leadership is needed from the UN in seeking to achieve this potential?

   >> FABRIZIO HOCHSCHILD:  Thank you.  I think the Secretary General likes to how mechanisms we handle two issues will determine more than anything else what our future looks like.  One is not surprisingly, climate change, and the second is the impact of digital technology, and there is no question that they can be a massive, and we're seeing that already, a massive force for good, force for achieving the Sustainable Development Goals, from leapfrogs and access to health, and for leapfrogging and access to quality education, and et cetera, but it's also clear in the pandemic has brought that out that if not adequately managed, if not adequately directed, and in some cases adequately regulated, they can further inequality, they can spread hate, they can undermine social creation, and it's also clear that the technologies have spread at a far greater space than policymakers have been able to keep up, and that's true at most national levels, true of regional levels, and even truer at the international level, and these technologies, by definition, ignore borders, by definition mean that you can sit in one place and cause harm or good in a place completely across the world. 

So we need greater international steerage, and at this time where we're steering toward fragmentation of the Internet, but partially because of the international cooperation because of the lack of international understanding, I think there is a certain urgency notwithstanding the very fundamental areas which will always exist where we disagree on doing much more to visualize and articulate where we do agree to precisely try to undercut the trend that is dominant toward visualize the sort of balkanization of the Internet which if left to prevail will do great harm in terms of our ability to overcome the digital divide and make the most out of this incredible technology.

   >> RAJ BURLI:  Well, here we are.  Thank you so much, Fabrizio, Isaac, Chris Painter, Raman, and Kaja.  It's been an absolute pressure being your moderator today and I hope that you enjoy the rest of IGF 2020 and a massive ‑‑ I'm sorry, how can I forget, a massive, massive, thank you to our highly engaged audience.

   >> KAJA CIGLIC:  Thank you, Raj.

   >> RAJ BURLI:  Thank you very much.