IGF 2023 - Day 2 - WS #107 Stronger together: multistakeholder voices in cyberdiplomacy

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.



>> JOHN HERING: Thanks so much for being here.  Thanks so much to IGF for providing the space and to those who are sort of combating various forms of either jetlag or post lunch afternoon fatigue, appreciate you taking the time to be part of a pretty important discussion. 

     I'm John Hering, a senior government affairs manager for Microsoft.  I will be the moderator today.  An incredible online group.  I will have them introduce themselves in a moment. 

     I want to start with just providing framing remarks around the issue at hand to bring folks up to speed and what we will be diving into which is the nature of multistakeholder inclusion in UN cybersecurity dialogues in particular.  A well-timed conversation because last week Microsoft released the annual digital defense report.  If you haven't had a chance to dive into in the day since it has come up, I encourage you to do so. 

     The summit of annual threat intelligence report that we put out a comprehensive overview.  We only see the sliver of our Internet on our platforms but it's a view of what the contemporary challenges are.  Cyber crime continues to be an increasing challenge, to improve the scale and impact of cyber crime operations.  And Nation State activities, particularly with the focus on espionage over the past year. 

     And 41% of which in terms of all Nation State cyber operations observed by Microsoft intelligence teams were focused on critical infrastructures across various regions of the globe.  None of this is especially new.  It has been an escalating concern for decades but now the cyber operations in armed conflict is a rising concern including in the past year and a half in Ukraine most notably making conversations all the more urgent.  We have seen the UN stepping up to try and meet the moment and keep pace with an evolving threat environment.

     Stirring up various working groups and new processes and involving the mandate to make sure it is meeting the moment.  And a new challenge, how do we include the right multistakeholder voices in the conversations.  Cybersecurity is a more shared domain of conflict than any other.  It is inherently synthetic and a lot owned and operated by private entities.  And human rights are protected on academia voices at the table as well.  Thus far, sort of an ad hoc patchwork approach to include more multistakeholder voices in the conversations.  That brings us to today.  And it's I think a two-fold for the conversation.

     The one, on the one hand it is to hopefully keep everyone appropriately informed on where the conversations are at the United Nations and beyond and hopefully help people like they are equipped to more effectively engage in the conversations and to hear from you in the room.  From those in the IGF community about the challenges, recommendations or guidance you might have around how we might improve the relevant inclusion of multistakeholder voices in cybersecurity dialogs. 

     Essential for the guests on the stage and after the action report following the session, we will save the bulk of the time for audience Q&A.  Not just question and answer but also commentary and other suggestions or things you would like to contribute to the conversation or hear our guests respond to. 

     Without further ado, I would like to welcome our speakers on the stage and Charlotte online to introduce themselves first.  Let us know who you are and what organization you are from and maybe your relation to the cybersecurity dialogues at the UN. 

     >> It is not working.  Thank you very much.  Thank you for having me on this prestigious panel.

     >> MARIE HUMEAU: I'm Marie Humeau, working at the permanent mission of the Netherlands to the UN in Geneva and I'm first Secretary Cyber of what cyber diplomacy is in a Member States perspective.

     >> PABLO CASTRO: I'm Pablo Castro.  Basically cover cybersecurity and cyber crime and AI and military domain and among other cyber things.  That is my role as minister.  Thank you..

     >> JOYCE HAKMEH:  I'm Joyce Hakmeh, the Deputy Director of the International Security program at Chatham House.  My relationship to the conversation is that my team we need a lot or a number of projects following UN cyber processes, the open-ended working group as well as the cyber crime convention and had our fair care of multi-stakeholder engagement or attempt to do so at the UN working to The Open Group and cybersecurity.

     >> JOHN HERING: And Charlotte, could you introduce yourself as well.

     >> CHARLOTTE LINDSEY: Good morning.  Can you hear me?  I'm Charlotte Lindsey, the Chief Public Policy Officer at the Cyber Peace Institute in Geneva.  And with my team we engage in the UN processes, the recommended working group, the ad hoc committee on cyber crime and look forward to bring evidence and data-driven based analysis of cyber landscape.

     >> JOHN HERING: Thanks so much.  And thank you again to the panelists for joining us. 

     Starting on the government side of the equation.  I'll gave a little bit of outline from how we see the threat environment from the industry side.  Let me hear from Marie and Bert to start us off. 

     How is it in particular evolved in the UN at the time that you have had there.  And where are we living up to and where are we falling short of the international expectations that have been set.

     >> MARIE HUMEAU: Thank you.  Yes, so from a really UN perspective and really focusing on the cyber industry sense, which is cybersecurity, the discussions are not really new and have been going on since 1998. 

     But there is a broader picture because the cyber security discussion are not new.  What's new is the scale at which they are discussed.  It is in more and more places but also the integration of other stakeholders that is pretty new to the processes. 

     When we would look at the broader cyberspace picture, more multistakeholder engagement and comes back to 2003 with WSIS.  In the cybersecurity strict sense we have seen stronger multistakeholder involvement and unfortunately does not have yet achieved the inclusivity that we had expected in the first place and we would like to have more inclusivity.  It is already nice that the open-ended working group now is open to all Member States which was not the case with the GDE.  There is already more inclusivity, but I think we would like to go further and ensure that all relevant stakeholders can have their voice heard also in those discussions.

     >> ENGELBERT THEUERMANN: Thank you so much.  I have to say I'm very much looking forward to the discussion here because what I can observe is quite a discrepancy between the way we discuss things here at the IGF and where everyone is in equal footing and as soon as -- stay with the metaphor -- step your into the UN it becomes very intergovernmental and it by its nature it is not very multistakeholder friendly.  It is really an uphill battle every time in all of the processes. 

     And when it comes to your specific question on sort of the threat landscape and how it has been discussed, also there, there is a bit of discrepancy between the real world and UN world.  The real world, you just released your own annual report which lays out the landscape that is very -- which raises many concerns about State actors and NonState actors and collusion between the two or cyber crime activities by State actors and espionage and how it is combined and how malicious cyber actors are more and more involved in disinformation campaigns.  All of this is there.

     It is very difficult to have a discussion on this in the working group when we discuss threats.  There is a strong sense, an uncomfortable discussion, so to say.  And people rather skip over the sort of stronger interest to discuss on things like confidence building, et cetera than to discuss the hard stuff.  Why do we need to build confidence?  Because there is the problem of growth malicious cyber activities have, particularly the cyber espionage.  We should be clearer in calling it out assistive technologies clear violation of the framework.

     >> JOHN HERING: Thank you both so much.  Sticking on the government side of the conversation.  And we will go back to you, Bert, and then bring Pablo into the conversation as well. 

     You have both mentioned I think now the open-ended working group, the current information security dialog.  The secondary iteration.  And as of 2015, there have been established norms for responsible State behavior online and recognition that international law ought to govern State behavior online.  There has not been new norms established. 

     How should we think of the current status of the open-ended working group?  What is its mandate and mission and what is the importance of multistakeholder inclusion in that?

     >> PABLO CASTRO: Regarding norms and especially new norms have to be really honest and maybe even from the perspective of probably new norms but the implementation of the norms especially at the regional level.  Probably one of our main interest right now, and it is also important for the Latin American regions to move forward. 

     Expectation can be different regarding the open-ended working groups.  From Latin America and our conversations with our colleagues we, have a good conversation with other States, after years of probably State and Minister of Foreign Affairs didn't have someone in charge of cyber and now it is possible to have this. 

     Capacity building is important.  Norms, implementation is important especially at the regional level.  That could be a good chance for stakeholders how they can help the process and improve implementation.  One of the reasons why last year we proposed a new CDM.  A working group for the establishment of CDMs in cyberspace which started back from 2017.

     We have now 11 CDMs, which is quite something.  One of them is about the implementation of 11 norms, you know.  That was proposed specifically to try to encourage the State with the organization of American State the cybersecurity programme is good and important in the process and working a lot with stakeholders.  That would be a good opportunity on this.

     Moving forward, the open-ended working group it is a really good question, you know, because as we had different expectation, by the way, from Latin America, for example, capacity building could be probably something really important.  We manage in the last, I mean in July, several states for Latin America about capacity building.  The current situation is a little complicated. 

     We always have the conversation between the States in our region because try to get the consensus of the open-ended working groups is really difficult.  So trying to decide which are the item you want to move on is complicated.  It's a complicated balance, you know.  So far, I think we have been trying to agree on things that we -- things that everyone could agree like CDM. 

     But I cannot really oversee how we can move on new topics and new discussion when we do that because the current context.  And I don't see that is going to be easy to resolve from coming years.  I mean with the geopolitical situation we have right now.  Tank you.

     >> ENGELBERT THEUERMANN: We need to focus on how to implement better and not only implement, understand better the normative framework as we have it.  Some countries also who try to produce confusion and say we only have voluntary norms and we need the legally binding treaty to clarify the legal obligations ignore that the General Assembly confirmed that national law as enshrined in the charter fully applies. 

     We need more dedicated discussions and look specifically what does it mean national law applies.  We tried to hammer this out and we will be happy that next year one of the sessions will be dedicated to the application of international law.  A bit the voluntary norms a bit muddied the waters and led to some confusion.  We don't need new norms.  We need better understanding of the existing ones and that they have been implemented and the companies who violate them are held accountable.

     >> JOHN HERING: I heard accountability.  Confidence building measures.  Clarifying the existing norms, obligations -- norms, considerations and things which need multistakeholder inclusion and participation and engagement. 

     And so to that side, I want to bring in Charlotte online and Joyce from the nongovernmental stakeholder perspective.  I think we have a lot of government folks in the room. 

     What is it like to try and participate and engage in the UN information security dialogues as a nongovernmental stakeholder?

     >> JOYCE HAKMEH: Thanks, John.  This is like an experience that reflects on quite a lot and sort of share stories in the multistakeholder community between each other. 

     I think speaking from our experience at Chatham House but also observing multistakeholder participation more generally.  There are maybe four issues that I believe act as a challenge to the multistakeholder participation.  And, of course, I'm not going to talk about the biggest one which is States blocking and actively going out of their way sometimes to blocking multistakeholder participation in UN processes.

     The first point I want to make is I guess there is a disbelief or perhaps insufficient conviction from some states about the value that multistakeholders bring to the table so you basically -- and this comes often from States who need the support or could benefit from the support the most.  Often the starting point is really sort of making the case about why it is important that you are at the table and what is it that you can contribute. 

     And so this basically leads to either States not engaging with multistakeholder or they tolerate your presence, they don't engage or engage at a superficial level. 

     Perhaps this stems from the second point I want to make which is a perception that some States have that the multistakeholder community is a sort of a uniform group.  Like monolith and we all have the same approach and objectives.  This view for more Civil Society and not industry.  This is not true.  Civil Society is a very diverse groups with sometimes overlapping but more complementary mandates and the role they can play is diverse if you don't understand what they can bring to the table.  This is more directed at countries who actually support the multistakeholder participation and be called the champions who really kind of like make the point over and over again from UN processes and beyond.

     I think sometimes the challenge with the relationship is there is a lack of strategic but also consistent engagement.  And you know, this could be related to like time issues, resources issues or perhaps sometimes lack of coordination within the government itself between the different agencies.  This means that the relationship with multistakeholders isn't as good as it can be.  Isn't as impactful as it can be. 

     I'm not suggesting this is just the responsibility of government.  It is a shared responsibility and relationship and has to go both ways.  Perhaps on the current WEOG specifically, I think probably the sort of word that describes the best when it comes to multistakeholder participation is uncertainty.  Right?  What every session like multistakeholder groups, they don't know whether they are going to be accredited or not. 

     I know Microsoft you had your good share in that.  And so Chatham House until we got the status which in a way give us the right to be in the room.  And, you know, the ability to influence you and processes.  In this kind of complex geopolitical climate requires strategic planning over time.  If you are uncertain whether you will be in the room or not, it makes it very hard to influence.

     I want to also talk about the other ways to influence but maybe for later.  Maybe I want to conclude with this point that all know this, you know, the participation hasn't been great, it has been possible, right.  And I think from our perspective it has been a learning curve.  And if you look at the cyber crime convention, this is the first time the multistakeholder community is trying to shape a legal instrument with the UN on cyber.  We are learning from these lessons that will help us in the future and also help us sharpen our tools.

     >> JOHN HERING: Charlotte, you are up if you are online.

     >> CHARLOTTE LINDSEY: I would like to focus on a couple of points.  I think that while the states have veto power and dozens of organizations including the Cyber Peace Institute regularly vetoed and that makes it complicated for us to plan strategically but also to really be representative and to bring added value to these -- to this fora. 

     Clearly an achievement what has been the GTE and open-ended working group around the parallel processes and came out with a consensus report which was aligned.  However, it is very complicated in these parallel processes for multistakeholder, Civil Society organizations to be able to participate in all of these parallel processes and to really be able to contribute.

     The Cyber Peace Institute, we have been able to contribute to the objectives of several of the UN working groups.  We submitted comments, recommendations on predrafts and Zero-Drafts and final reports of the open-ended working group.  And we have also submitted multistakeholder engagement statements which we led with a group of other organizations and contributed ahead of substantive sessions.

     So we are able to find ways to contribute.  But it does take a lot of navigation, a lot of engagement behind the scenes to be able to really be able to be present and to put statements and positions forward.

     I think that we as Civil Society organizations, we do have added value that we can bring.  What we have been able to demonstrate and many states demonstrate that they really appreciate these contributions, is bringing data and evidence on many of the issues that are being addressed in the open-ended working group.  And we have been able to, for example, bring things like a compendium of Best Practices on protecting the healthcare sector from cyber harm and bring practical recommendations that can help negotiations and help discussions.  And I think that by bringing these recommendations we can add the diversity.  We can bring voices which represent the full range of how the cyber landscape is actually being managed from the threats of -- from that landscape today.  With that, I would like to make a couple of final points.

     A number of governments reiterated the commitment towards an inclusive process in which the multistakeholder community really does have a voice.  We think it really is important that there is more clarity on what these potential contributions from Civil Society or multistakeholders can really bring.  And they can encourage other States to really advocate for and pursue this more inclusive process if there is an understanding of the added value.  Then each time each organization is not having to bring that.

     And we think also what is complex ahead of some of this sort of consultative meetings, we think it is also very complex when documents aren't shared ahead of meetings or are very late; and, therefore, it is really hard to bring -- as Joyce mentioned -- this strategic role if we are not able to actually receive any of the documents. 

     Understand what the subjects are going to be and also not necessarily able to participate in the room.  We think it would be important to have real clarity on nonState actors and how they can participate and clarity on the level of transparency and visibility for multistakeholder contributions throughout the process.

     And there also needs to be inclusion not just at sort of international organizations and Civil Society organizations operating at international level but also those operating nationally and regionally and help have a global understanding of the challenges but also the considerations that different actors can play.  Thank you.

     >> JOHN HERING: Thank you so much, Charlotte.  Hit the major points as a nongovernmental stakeholder I think covered well what the challenges have been. 

     To your point, Joyce, this is also a learning process and we should give credit where credit is due.  I remember the first ever multistakeholder consultation for the WEOG that happened in the conference Room B at the UN in 2019, and we have come a long way.  That is a credit to I think a lots of support from various Member States and increasing numbers of Member States and the current Chair of the WEOG who we should recognise as well.

     I think to the broader point here, indeed, it has been highly ad hoc.  And especially for resource limited organizations, that is a particular challenge to try and think about how best to structure on that level of engagement.  So in thinking about maybe moving forward and how to sort of begin to be a little more accommodating and inclusive, I would love to hear from Bert and from Charlotte.

     Oh, I'm one ahead.  Pablo and Marie, I would love to hear comparison to First Committee that maybe have greater success with multistakeholder inclusion, whether that is the ECOSOC status or other ways that we have seen other stakeholders more successfully included in the past.

     >> PABLO CASTRO:  All of the discussion of internal weapons systems and in Geneva but when I think about the future dialogues, future process, I have to think about the programme of action which is something that is coming. 

     Going to be very good opportunity, you know, to really create a sort of as you mentioned and I can read a lot of the word is what we need and in a way also tries to create some or define a specific role for multistakeholder like in the future.  How they can help or assist in terms of identifying needs assessment.  How to help a State for the implementations. 

     We in some ways are not necessarily from the structure but define some roles in the future dialogue.  That way we can identify some stakeholder good for some -- let's say international law.  Let's say 11 norms.  Let's say CDMs.  Or evaluate I think would be good to actually try to start the discussion, you know.  Cybersecurity Institute, for example, has been good report on this.  The website.  Because this is something that is coming sooner in the next couple of years and that's going to be a good opportunity for a State to think about it.  I would like to see also more, I mean probably between the stakeholders and other states.  Something maybe in Latin America and more on this in some I should say before on the specific task, Chile.  This is something we could probably try to think and work in the near future.  Thank you.

     >> MARIE HUMEAU: I think I will go a bit further than just UN and First Committee.  But looking at the first, the purely like UN perspective, I think those discussion we have seen popping into so many different forum. 

     When the pandemic started, WHO started talking about cybersecurity.  We were seeing cybersecurity related discussion in the context of e-commerce but also obviously with the ongoing situation in Europe and from Ukraine in the humanitarian dialogue.  I think we also need to take into consideration how other stakeholders are involved into the discussion.  If we don't connect the dots and all in discussion as well then we will never be able to have the open, free and secure environment that we want and where people trust and that we can all benefit on. 

     We are seeing a growing number of multistakeholder initiative outside of the UN.  Be it at the national, regional, international level.  And those are really inspiring.  And we need to look at how stakeholders when they are having those multistakeholder initiative, how they engage with each other.  I find it difficult to really compare because obviously we are in a UN situation or in a multistakeholder.

     But I think we need to look for engagement wherever we can and not only in First Committee or purely UN, because as was pointed out, it is really new to have multistakeholder engagement within First Committee discussion on cyber.

     So I think that is one of the things. The other thing that was mentioned earlier on the panel, it's true that we don't always understand as diplomats the entire breadth of how much Civil Society can bring and the stakeholders.  And one other thing I would like to point out is in the context of the open-ended working group we never mentioned the technical community.  If you look at the report, we talk about Civil Society, private sector and academia, but the technical community, for example, is not there.

     So I think that is also a sign that we need to continue that dialogue and we need to understand how much other stakeholders can bring to those discussions.  And then little by little we will make that space and that we will hopefully see more participation in those discussions.

     >> JOHN HERING: Thank you both.  And Pablo, I think you mentioned the elephant in the room here perhaps in the conversation which is the programme of action, the recently passed resolution to establish what would be kind of the first standing body that is going to be focused on cybersecurity at the UN.  And there is a lot of open questions about that.  I would like to invite Bert and Charlotte back into the conversation to share a little bit about what that might look like and how that could regularise perhaps more multistakeholder inclusion in the UN processes from the First Committee.

     >> ENGELBERT THEUERMANN: It's a pleasure.  And again, as was said in the beginning, there are many great initiatives out there.  And again, we should also look more what the IGF experience, what that can bring.  Similarly, the WSIS fora and et cetera.  We have to see this.

     But also just to mention, what is the best way forward?  We have -- I found it more frustrating in the open-ended working group because there is no objection procedure or no other practice for the invitation of multistakeholder was used much more extensively. 

     Basically if you look at the list, it's a long list.  And everyone who wanted to participate was able to participate, which is exactly how it should be.  There are also other ways.  If you look, I have done many things.  I was delegate to the CSW in the past.  There you have many countries involved, NGO representatives in government delegations.  This was done for some countries in the working group.  I'm not totally sure that is the right message because I must say from my perspective, multistakeholder or to put in the delegation sounds like they are aligned with you.  I want you to be there whether you agree with me or not.  I don't want them to be part of a government delegation.  I'm not sure that is the right way.

     I was often the delegate to the Human Rights Commission.  There is a number of negotiations and resolutions non State participates are invited to participate in the negotiations as well.  There is precedent for almost everything. 

     I will not go into the question how it should look like, this is a separate discussion.  It's an important project and we are preparing another resolution for the General Assembly that is happening as we speak. 

     The idea would, indeed, be to have more stability by having a permanent body but have it inclusive.  A strong focus should, of course, be implementing the existing normative framework including capacity building where multistakeholders play a key role.  They are major actors and therefore also need to have a proper seat at the table. 

     At least we have to see -- we want this to be a UN body so we still have to abide, UN rules and regulations apply.  We will have to see, we will have to have the multistakeholders as prominently as possible as the table.  As the saying goes, if you are not sitting at the table, you are on the menu.  So We really want multistakeholders to be at the table.  Thank you.

     >> CHARLOTTE LINDSEY: Thank you.  So I think it's really important really focusing on the implementation of the agreed norms and ensuring practical and needs driven capacity building. 

     We do think that this -- this initiative needs to address a variety of issues, the operationallisation of the agreed upon framework that would benefit from real practical implementation and meaningful multistakeholder participation. 

     And the inclusion of all the relevant stakeholders in the dedicated forum would build legitimacy, would shape any future instruments.  So this inclusiveness could create a process that really reflects the realities, and addresses threats that affect the safety, security and well-being of people.  And stakeholders can assist States to build their capacity and understanding of how to apply the norms. 

     I think there is a real added role that Civil Society and other multistakeholder organizations can play on a practical day-to-day level that if we can contribute could be invaluable.  I think Civil Society organizations are positioned to connect different actors and to build partnerships and help the practical implementation of the cyber norms.  And we can help in national and regional implementation efforts including reporting on the progress. 

     So that the real added value is there.  I think what is really -- and I come back to this point I started with -- the modalities, the POA modalities in relation to the scope, the method of establishment, the format, the frequency of meetings, the decision-making structures and stakeholder participation, all of these points are being debated.  And we urge that States really create a mechanism that reflects this multistakeholder nature. 

     And as some of the previous participants mentioned, it does need to include Civil Society, industry, academia, the technical community and other experts who can play a vital role and bring expertise to future dialogues on cybersecurity in the context of International Security.  And this will really drive more outcomes from the process and really contribute to ensuring transparency and credibility of the agreed decisions as well as sustainability of implementation.

     >> JOHN HERING: We will have one or two more questions, and then I would like to hear from folks in the room.  Again, either questions or things that you think would be helpful including more stakeholder voices at the UN or elsewhere in conversations about peace and security.  Speaking of online, if you are part of the online audience, please do put questions in the chat and Edoardo will make sure that we address them to the room.

     What I wanted to -- it has been mentioned, but I think the geopolitics of the moment.  To Joyce and then maybe to Pablo to discuss.  Rising tensions means that this is getting more difficult to have any kind of productive conversation in diplomatic spaces.

     Certainly multilateral ones.  But in particular in relation to the multistakeholder inclusion, it's difficult to have their voices heard.  Microsoft is certainly among many, many other multistakeholder voices that would seem to be relevant to dialogues but are blocked from participating by Member States amid escalating geopolitical tensions.  We need to have the necessary voice and to have the inclusive dialogues we need in future conversations without letting geopolitics play such a weighty role.  And if you want to start?

     >> JOYCE HAKMEH: Thank you, John.  I think this is a very important question. 

     Like how do we understand our reality and work within the confines of that.  I think maybe I will sort of like split my answer into two kind of parts or talk about the two different lens. 

     First of all, there is, you know, there will be new processes, right.  So we heard from the POA.  Outside of cyber, there are sort of like processes are being established.  And in cyber there are calls for new processes, whether leading to something binding or otherwise. 

     So I think it is very, very important and this point has been mentioned before, is that this starting point ought to be like figuring out good modalities for the process, right,.  So it's much harder when you have bad modalities to fight for multistakeholder participation.  It's much easier when it is enshrined in the process from the very beginning.  And in that there has to be transparency, there has to be clear criteria for inclusion; but importantly, clear criteria for exclusion. 

     I think we can perhaps also aim to be a little bit more ambitious than just that.  Certain Member States can object and can say why it is objecting and this won't sort of really go much further than that.  I think maybe we should be more ambitious and ask for some maybe formal procedure to resolve disputes when it comes to multistakeholder participation. 

     I think we should -- if we believe multistakeholderism is the kind of way forward in digital technologies governance, which it should be, right, we should have more part and parcel rather than something we sort of like every time try and beg for.  Has to be there and has to be unquestioned.  This is a journey and already had some successes and we hope to build on that.

     The other lens is how we sort of -- what can we do with existing processes and in kind of the geopolitical context that you described.  I think an important point is that while it is very important to be in the room and if you are not on the table, you are on the menu, that is probably maybe true; but also I think it is important to know that the ability to influence is not just in the room.  There's a lot that can be done outside the room.  And arguably, you can have a better impact, you know, outside the room. 

     When we take the floor in the open-ended working group, they give us three minutes to speak.  You know, how much can you influence?  That's very, very arguable.  I guess This sort of like combining this with other initiatives is extremely important on a long-term basis.

     I think the -- we talked about the fact that some Member States don't understand the value of multistakeholders.  And I think there is an onus on multistakeholders to actually prove through actions what their value is.  You know, actually talk about data and resources.  And capacity building is important.  And then through action Member States can understand why multistakeholders are valuable.  And they will then become, the champion circle will expand beyond the current few. 

     And I think also importantly is to focus on not just multilateral, but also nation, also regional.  And Pablo talked about the OAS and different kind of initiatives there because that has a huge potential for influence. 

     If you can get equal status, then do, because that will help you overcome a lot of challenges.  And maybe kind of a final point, I think we are working on new areas, emerging areas.  Right.  And I think we can't use sort of like always or just, you know, old or existing models to solve new and emerging problems. 

     I think it is important to be innovative, to be creative, think outside the box.  Particularly that we as multistakeholder community have limited resources.  So yes, we might be able to participate in meetings if the door is open, but we might not even if they let us, right.  So I think there is also the need to think about how to do it creatively and differently than the way you do it now.

     >> PABLO CASTRO: Thinking about this, I think you mentioned modalities and transparency and the regional aspect. 

     Come back again to the strategy.  I think we definitely need more from the perspective of government to work more with multistakeholders in terms how to face this problem and create strategies.  I don't think it has too much, again from the perspective of my region in Latin America that need to every time we have a new meeting with the working group or cyber crime, it doesn't really have the chance to start or have the dialogue, you know, for the stakeholders, you know. 

     We are trying to move on in the last years with the initiatives in Chile that we managed to have a dialogue with the stakeholders and representatives from the Minister of Foreign Affairs in the region, which was really good.

     I think it will definitely means trying to work in strategy phases.  Because the Member State, they are actually against participation of stakeholders.  They already have a strategy; they have a goal, you know.  That is the problem.  We are not facing something that they like it or not.  They really have very clear mission and goal to stop this.  So I think we are not maybe have this sort of -- this is my impression at least, to say they have a strategy and what is theirs.  How with we can create the counter narrative, you know, and do more with this. 

     And also NGOs, very much, a lot of things we can do in the margins on all these meetings, you know.  Especially the regional level at the OAS or in Africa, et cetera which probably has the most change to do together and really thinks about things that also are important to move on as you mentioned.  Capacity building.  Implementations.  Those are the things that in some region are really critical and important and have to work together in that space.  Thank you.

     >> JOHN HERING: What are the opportunities for engagement outside the UN and how can cyber diplomats in that community help to facilitate that. 

     Before diving in there, I do want to invite -- now that we are sort of in the latter half of the programme -- anyone in the room or online who has a question or a comment or other ways to contribute to this conversation, invite them to please take the floor.  There are microphones in the aisles here and certainly the chat box online.  Edoardo, if you are able to come on, maybe you can ask the first question.

     >> EDOARDO RAVAIOLI: Sure, John.  Maybe actually I will pass the floor over to Nick Ashton-Hart who has had his hand up and I think wants to make a comment.  Go for it, Nick.

     >> NICK ASHTON-HART: Good morning from New York.  It's like 2:30 or something here.  No, 3:00, sorry.

     I wanted to follow up on the point that Joyce made.  I mean I agree with everything everyone has said about the value of stakeholders and what we bring to the table.  I think we all know that is true.

     But I think we have to do something about it.  Because you know, just like when women got the vote, they didn't get the vote because those who had the vote decided it would be the right thing for them to get the vote.  They got the vote because they went out and said you are giving us the vote, right?  And made it unavoidable. 

     I follow a lot of processes at the UN.  The cybersecurity processes are frustrating because of the theatre of the absurd of applying and then being vetoed. The WTO negotiations on electronic commerce are completely closed to all stakeholders.  The least open process.  Believe it or not, it is actually somewhat better in the First Committee.  I spend a lot of time with delegates from New York.

     I think they are tired of having this stakeholder argument every time a new First Committee process is launched.  I know they are tired of it.  I think a majority of States think it is a lot of wasted time goes on arguing about this.  It is the same argument every time.  And I do believe that there is appetite to make a set policy on stakeholders that would turn it into more of an administrative process that happens each time a First Committee process is convened, especially related to the Internet.

     And then that would be the end of it.  The decision would be taken, we would be able to participate and that would be there.  States would still take decisions and all the rest of it.  But we would have something more like at the ad hoc committee on cyber crime; an administrative process.  It is not a political process which is what, of course, it has been turned into.  As stakeholders, if that is something we want, we have to advocate for it.  We have to do the leg work on the ground with the delegates and get someone to propose a General Assembly resolution.  And I think we would win on votes if there is voting.  Wouldn't be consensus, of course, because the States that don't want us, don't want us, that is the way it is.  I think we would have a clear majority in favour of an administrative process.  Because we're right basically.

     We are right, but also even for the States who are somewhat -- who don't care that much one way or the other, they are tired of fighting about it and wasting a great deal of time arguing over the subject.  So I think it would be interesting to -- if any of the rest of you have thoughts on that -- it would be interesting to actually mount a campaign to solve this problem on a horizontal basis once and for all.

     Because I think that is the only real way we are going to get a solution.  And the honest truth is the States would be far better off if we are around to bug them because they need a more ambitious agenda when it comes to cybersecurity really.  If you look at what is on the table to be decided at the OEWG and what is going on in international cybersecurity, there is a huge gap in need versus what is actually being addressed.  Thanks.

     >> JOHN HERING: Well taken, Nick.  Thank you so much.  I will leave it to the panel on the table to see if there is anyone that would like to take up that thought about moving this to an administrative matter as opposed to a political process and whether Nick's read of the appetite has some accuracy and validity to it.

     >> ENGELBERT THEUERMANN: I would be happy to try to answer.  People are tired because it comes up over and over again and particularly because it has become a politicized question, and it has been politicized for a number of countries and it would be difficult all along.

     I think the idea whether one sizes fits all for every resolution of the General Assembly, how multistakeholders participate in such processes is an interesting idea.  It has to be discussed.  If you make this totally unclear for what type of future process, I'm not sure we get the best results. 

     You might get better results on a specific process under specific circumstances than for any future process where it might become quite narrow and a difficult process.  Something to be discussed.  My concern is even if it would succeed.  We would have a fight whether the agreed framework is being applied or specific rules have to be decided upon.  It is an urgent matter and issue where I think which is particularly urgent is we are discussing here both in sessions and informally about the upcoming process of negotiating particularly a Global Digital Compact, which is part of a broader process preparing for the summit of the future where we need stronger multistakeholder involvement in the General Assembly process which is already, as we said, intergovernmental by nature.  And we have to challenge that the key objective out of the process key information of the multistakeholder model and also in our view a strong role for the IGF. 

     But then again, to get there, the process must be as multistakeholder as possible.  This will be an uphill battle.  It is not clear whether the multistakeholder would be made specifically for the Global Digital Compact resolutions or for the entire process.  I would be in favour of the Global Digital Compact because there's a better understanding, a new agenda for peace where basically I think there's a sense that States have a much bigger role to play.

     Some countries who are opposed to multistakeholder involvement for a number of reasons.  We also need to do more work why it is of benefit to all of us.  It has become a political issue.  For me, an issue of expertise and quality control.  I can only say I come from a country our capacity in the area of cyber digital is limited.  We benefit a lot from talking to industry partners, from academics, experts.  Without them, we can't survive such negotiations. 

     This is where we get ideas, inputs, quality check of our ideas.  And I'm sure it is the same for others.  And also very important that multistakeholder are involvement is as inclusive as possible and as representative because in one sense, there is multistakeholder means basically big tech companies at the table.  It must be clear that it must be broad include everyone involved as much as possible.  Thank you.

     >> JOYCE HAKMEH: I agree with what you said and the sentiment behind Nick's message. 

     On your point, Bert, about how you benefit from multistakeholder input, I think it also goes both ways because we benefit also when we speak with government what is on their mind and how they are thinking about the different priorities. 

     Sometimes between online and in the room we might not know what is going to on.  So speaking to them is valuable to us because it makes our role much better, right, if we kind of like have our fingers on the right pulse.

     >> JOHN HERING: Thank you both so much.  And thank you to Nick, even if we don't have the be-all, end-all, moving towards a gold standards of multistakeholder inclusion.  In the US, we call it the Cadillac of multistakeholer inclusion.  But noticing that we're in Japan, maybe the Lexus of multistakeholder inclusion I think could be a good framework to work towards.  I think we have a question in the room here.

     >> AUDIENCE: Thank you very much for an interesting conversation and discussion.  I think I'm just going to point out the elephant in the room. 

     We are talking about multistakeholderism.  And just looking.  I was just looking at the representation of different multistakeholders from the panel.  And I don't see representation from African stakeholders. 

     So I guess my question would be how involved are African stakeholders in the discussions and debate?  And what can they do to improve their participatory role in the discussions?  I understand government actors could be different processes being followed but with the public sector and Civil Society, academia what is being done to improve their participation in discussions like this. 

     Like we talk about inclusion.  But if we are not going to have African voice as being part of these discussions, it becomes a bit difficult to understand how we approach our multistakeholderism.  Thank you.

     >> JOHN HERING: Absolutely.  Thank you so much for the question.  And I will leave it to those at the table to comment on multistakeholder inclusion and participation and dialogues across geographic regions.

     >> JOYCE HAKMEH: I think you are right.  I'm happy to take it up.  I think you absolutely are right.  I think we talk about multistakeholder participation, but if we look at the composition of the multistakeholder groups, it tends to be mostly western dominated.  So you are absolutely right.  There is a need for inclusion at the regional level and not bring different actors but also actors that represent different regions. 

     That's why I talked about the importance of regional efforts, that We don't put all our focus just on the end processes.  Because there is a lot going on at regional level, at national level.  And the experience from those stakeholders who are very much on the field would be absolutely very, very valuable to the UN process and beyond.  I agree with you there.  I think also we need to be honest about -- we need to be honest about how multistakeholders coordinate with each other.  I don't think it is great either.  I think there is definitely room to improve. 

     But, as I said, it is a learning curve on different fronts.  The focus for today is how we work better with governments.  But also there is a bigger question how we work better with each other and bring more voices into the debate.

     >> MARIE HUMEAU: Thank you for the question.  I think I think, indeed, there is a lot that still can be, done but it is also a capacity issue I think. 

     Coming from a developing country, it is even more difficult to dedicate time to come to New York and come to the processes.  Also, the initiative at the national and regional level are so important.  And it was mentioned earlier, it is not only what about you are saying in the room, it is actually the ongoing discussion that you have with your representative that will go to New York and represent those points and having the long run discussion, not only a one go during The Open Group network but really ongoing discussion where you actually bring to your governments, to your people that will represent and present in the room negotiating, give them the arguments they will need to shape and inform policy that will benefit also not only us but like every stakeholder groups.  And that is completely part of the entire process.  We have the luxury that we can do it.

     We also have some diplomats that are there in different countries that can also have the discussion not only with the national stakeholders but also with other stakeholders from other regions.

     But really like we need those information to make informed policy decision that we will then bring to those fora.  Thank you, Nick, for being a dedicated stakeholder and still up at 3:00 a.m. for the discussion.  But that is exactly the kind of stakeholders that we need.  Really dedicated as well.

     And we understand that it is a capacity issue as well.  Wherever you can go at any level, try to like bring your expertise and knowledge so we can make better informed policy decisions.

     >> ENGELBERT THEUERMANN: Important-point.  Just two comments. 

     One is, the same challenge also on the government side.  How to ensure to have negotiations that are inclusive.  But I notice, for instance, if you compare the open-ended working group with the ad hoc committee negotiations.  A number of measures, include there is some funding is available for travel.  Far more countries are represented from experts from the cyber crime, than in the open end working group.  And if you see the quality of the discussion is quite different in a way. 

     I find I learn a lot from listening to the different perspectives, and that is extremely positive.  The same applies on the multistakeholder side.  Some initiatives have been taken to provide funding to participate.  We all agree even for us, we sometimes get denied the travel to New York because it is too expense to send everybody to spend two weeks in New York. 

     If you have seen it once, then you also understand better how it works.  And that is maybe the advantage, so one of the positive side effects of COVID, the democratization of such processes; all of this is now hybrid and you can participate much more easily.  And again, a key role is any government in the world, the position formally is backing capital.  So you need to work with the people with capital so the people who sit in New York or Geneva or whatever press the right button or make the right statement.  A lot of the work has to happen at national level in any event.

     >> JOHN HERING: Charlotte, please take the floor.

     >> CHARLOTTE LINDSEY: African representation, it's something that we tested a year and a half ago where we invited Ambassadors from representatives of the African Union in Geneva to come.  There was representation from most countries of the African Union at Ambassador levels.  There is an appetite to engage and learn about these processes. 

     And I think it's also really important to de-mystify these processes.  Because we heard feedback, for example, we specialize more on human rights.  Well, actually, a lot of what is discussed at the open-ended working group is about human rights.  So there are very transferable skills. 

     It's just sometimes the language is exclusive or very difficult for people to feel that oh, I haven't followed the debates for many years and therefore I can't contribute.  And actually what we saw was there were very key messages and participation possibilities from representative of the African Union that could very easily transfer their skill set into the negotiations.  So I think there's an appetite, we just need to focus much more on the capacity building side.

     >> JOHN HERING: Thank you all.  I think we have two questions in the room.  Patrick, were you at the mic and then the young women here.  And then back to over to you Edoardo if there's anyone online after that.

     >> AUDIENCE: Hi, I'm from Carnegie.  My question was partly asked and partly answered.  Let me use the microphone to push back a bit and get a bit more precise answers.

     In answering to the colleague's question, many of you said yes, the engagement with stakeholders at the regional and national level is important we have to do it more. 

     How exactly do you envisage this?  We have three governments on the podium.  Would you describe to us how each of your governments engages with your Civil Society ahead of the open-ended working groups.  I know for a fact that we very often talk about the engagement of the multistakeholder community, it happens through the side events during the open-ended working group sessions or any other events there.  And they are used as a fig leaf, let's say, for the lack of engagement at the national level.  So if you can share some concrete examples, that would be great. 

     Speaking of engagement With Civil Society, a lot of organizations from many countries around the world will tell you that they actually they have no access.  It will be easier for Joyce from Chatham House to talk to anybody in the world, to cyber Ambassadors and get the access than the organizations who are completely ignored, right. How do we break that sort of ceiling at the national level? 

     And thirdly, I think that this engagement at the national and region level, indeed, might be a more sustainable solution if we want to create, let's say, better functioning cyber diplomacy engagement simply because so many countries in the world actually have the strength and space for Civil Society organizations. 

     So by creating the opportunities for engagement around cyber issues, we also are contributing to strengthening the broader ecosystem of Civil Society organizations.  So yes, I agree, but wonder how we could do this in a more specific way.  Thank you.

     >> JOHN HERING: Question over here as well and we will take both together.

     >> AUDIENCE: I'm head of Innovation Industry of Foreign Affairs of Brazil.  I would like to, first of all, thank all the panelists for their interventions. 

     I have a question on a point I believe Charlotte made about fragmentation.  In The period of 2019 to 2021 participation of stakeholders.  For Brazil, fragmentation is a huge concern.  It is a challenge Not only to stakeholders but also to most developing countries.  It is always difficult to have enough delegates to follow multiple tracks at the UN.

     So one question I would have is we have spoken a lot about the POA and in their supportive terms.  And Brazil very much supports continuing discussions on the proposal, but it is not a consensus within the UN.  We have observed a fragmentation on the States that support POA and States that are still in favour of starting negotiation on a legally binding instrument. 

          I guess my question would be, do you see a risk of having this fragmentation once again given the polarisation of positions after the OEWG?  And second, if the POA is, indeed, adopted this year, how do we avoid that the OEWG in a way is undermined or has the discussions emptied due to a decision being made two years ahead of the end of its mandate on regular institutional dialogue?  Thank you very much.

     >> JOHN HERING: I will leave to you to take the questions in turn or where you would like.  Anyone on the stage that would like to hope in.  Or, of course, Charlotte online.

     >> JOYCE HAKMEH: I can't answer how they should do it, I know my government doesn't do anything. 

     This is a very important problem and we think about it as well because inclusive governance is one of the strategy priorities for our work at Chatham House.  And, you know, and just someone talked about the appetite that exists.  And I agree with that.  I think there is a huge appetite to organize -- I think it was last year a conference in Jordan and we have a representative from the MFA here, about the cyber diplomacy in the region and what are their perspectives.  I was amazed by the turnout. 

     There is, or course, the issue of the subject matter expertise with the UN processes.  As Charlotte mentioned, it can be a little bit too intimidating.  Even for us.  If I miss one OAWU session, I'm like I don't know what is happening any more.  It is very hard to kind of stay on top of these very lengthy negotiation process and feel like you have the expertise to contribute every time in an informed way. 

     So I guess there is sort of responsibility on both side.  If we look at the list of accredited organizations at the cyber crime convention, they were all accredited after a little bit of pushback.  I think there was Around 160 or something like that.  But look at how many organizations actually participate?  Maybe 20 or maybe a little bit more in terms of consistently participating. 

     Although there is the opportunity for online engagement, et cetera.  So there is also this if you want to engage, you need to put in the effort, and that's very true.  But there is maybe how to encourage that.  I think maybe the governments, the way they have been supporting developing States to come to the negotiations, perhaps there could be some funding dedicated to bring in multistakeholders more to the debate. 

     And I know, Patrick, you have done work on that in the past.  And I think more initiatives like this would be extremely important. 

     On the fragmentation point that was mentioned, I think the question was should we be concerned about fragmentation with new processes.  To be honest, I think the fragmentation is already here to an extent.  You feel there is, you know, this huge desire to keep those conversations separate.  Of course, this one is dealing with international peace and security, this one is dealing with criminal activities.  But the reality with cyberspace is the lines are not, sort of like the division is not very clear. 

     Sometimes it is artificial and the distinction is not as clear cut.  So there are overlaps that need to be understood.  If we take, for example, the Open-Ended Working Group is trying to operationalise this point of contact directory.  Each State will have one organization dedicated to answer responses and requests to de-escalate.  There is a similar obligation almost like or expectation in the cyber crime convention about 24/7 networks and having a point of contact.  I mean of course they will have different mandates.  As we know, in a lot of States like there will be one agency doing like the same role and sort of cybersecurity but also cyber crime stuff. 

     So we need to be more conscious in terms of where the touch points are and how do we understand them, and how do we reflect them better in policies.  And I think here really multistakeholders can play a big role in bringing the nuances together and talking about them in a more sort of clear way.  That's the answer.

     >> PABLO CASTRO: I will start with the question from -- a very good question, by the way. 

     Because we had this internal discussions, you know, in our Ministry of Foreign Affairs and also now with conversation between Latin American, Brazil, Argentina, et cetera about the situation we are at right now as mentioned before about the geopolitical conflict which is difficult.  The problem is not just the working group.  Also, the cyber group and the discussion of the weapons system and it seems that we have this sort of fracture that is already there.

     So one of the reason regarding the POA.  It was action oriented.  Okay, we have the discussion at UN which is -- well, by the way Chile voted against the working group back in 2019 for the committee.  I can explain why.

     But at this moment we say okay, this is a good idea because it is something that basically would definitely from the perspective of Latin American focus on capacity building and implementation and we can keep the discussion about national law obligations, et cetera. 

     But we have critical needs that we need to achieve.  We supported the POA but you are right that we have the sort of things that we can do now and we have the working groups and POA and the part of discussion, the dialogue.

     And I'm not quite sure that I have the right answer.  And in a way, I think situations for the long-term.  The discussion is quite frustrating, by the way, on the cyber crime.  Sometimes even -- impossible to agree in a technical and practical solution.  Some States have principle and values.  Culture problems and geopolitical problem.  Maybe in the future will we have different Internets, I don't know. 

     I agree and the way how you can manage this is something that definitely we need to discuss more and see what we move on.  I agree it is something that civil state have a lot of concern how to deal with the process.  It is not just -- it is a very important matter and part of our discussions.

     Regarding the questions.  Very good questions and fundamental measures.  I have to confess to you, Patrick, sometimes I see a lot of State regarding multistakeholder in the engagement and so on and at the very end you come back to realize they are probably not going to do it enough to where we met.  That is true, I have to confess.

     In my case, the Minister of Foreign Affairs ten years ago.  I had no idea of the stakeholders.  I think the first time.  I just came back to the Minister of Foreign Affairs and explained to the Ambassadors about the role of Microsoft in International Security and trying to make understand to them.  So it has been quite fascinating.  You don't see that in other processes. 

     Sometimes, you know, and I can say from our reality in Latin America is lack of people that still have expert.  Now you have the capacity to cover one thing and another.  I have to cover cybersecurity and cyber crime, I would like to do with more stakeholder is to work from some specific line of actions.  If it comes to international law, how we can specifically with stakeholders in the regions.  Something that can be done and sometimes lack of the time and resources. Many things to do, backing capital.

     But I would give again there is something that we did with Netherlands with the dialogue.  I don't think we have enough dialogues with the region.  Bring into the people in charge to talk and engage with multistakeholders, you know.

     And talk about, you know, process that we have, you know, at the level.  You know.  And I would add just in mind that important roles that regional organizations play in this around most of engagement of stakeholders thanks to the regions the same. 

     Chile now is the when cybersecurity there, so it is something especially on the implementation of CDM is something that we definitely would like to do more and engage the stakeholder more in the process.  I agree with you it is not good enough what we are doing right now.  Thank you.

     >> MARIE HUMEAU: I couldn't be a better advocate for our way of doing stakeholder engagement than you are.  National level back in the open-ended working group. 

     And I went back from the Hague and we were having a conversation with other stakeholders to actually before we entered from the rooms more or less open. 

     Then we would be able to have an informed policy position.  I'm not saying we are doing it enough.  And I think that is one thing.  Probably not enough. 

     But we are already trying at that level.  Obviously those conferences I think Bert pointed out well that the IGF is a place also where we can have lots of open discussion and we should grab those opportunities that we have at the IGF, at our national IGF, at also the regional IGF to also talk about those issues that we are facing in the First Committee and grab all of the expertise that is there. 

     There are so many people around here they know so much more than we would.  We need to grab the opportunities.  Talking about the IGF, but I can talk about non-UN forum like Rights Con or the conference next month, for example.  We need to take the opportunities to also ourselves engage with the stakeholder community as well.

     I mean capacity building.  We are doing lots of capacity building and also trying to what are our objective and really like looking into the implementation and what it means also for people so then when they are informed they are also engaged.  And like Charlotte said, we need to de-mystify what's happening in the First Committee.  And I think that's on our side also.  Someone who doesn't have -- have been there for so long or is not engaged in every day or in all of the discussion or can be engaged from all of the discussion, it is even more complicated. 

     On our side we also need to do more on de-mystifying and what you can bring to the discussion.  We have the luxury of having a nice cyber policy and we participate in meetings and try to grab all of this, but we also need to share our knowledge and our experience to make everyone be able to also engage. 

     And we still have so much to learn, and I'm sure some others have better ways of doing.  It is about exchanging on how we do and then learning from others what they have been doing.  And then we can just like improve the way we engage.  It is true that we have the luxury of having a bit more people.  Happy to share.  But also really happy to get feedbacks on how you would like us to engage with you because that's the only way we can make it better so.

     >> ENGELBERT THEUERMANN: Thanks so much.  It is of critical importance.  Joyce, you said that many were accredited but not so many make use of it. 

     A challenge and even for governments the cyber crime negotiations.  It is a huge investment.  And there indeed, if you are not following too closely, it is difficult to do so. 

     So it's a challenge in terms of resources.  I hope that many multistakeholder will make the investment because it is important.  I was a bit concerned that everyone was invited to provide input and so on late last year until I think March or April this year.  And then I think nobody heard what happened to the input.  And then we had the policy briefs which I can't imagine really somehow be a reflection of the input received. 

     I hear when I talk to people about the process, there is a lots of -- there's some who say well, limited access and so far our input has not been appreciated.  That is a huge concern to me because we need multistakeholder involvement in the process in order to get the multistakeholder model as an outcome.  That is certainly an issue.

     Responding to the question of Patrick, how do we involve multistakeholders.  And maybe I start with the Global Digital Compact.  There basically we use the national IGF to discuss the process and input.  The government and multistakeholder input, but we used the national IGF for it.

     When it comes to the ad hoc committee, there we use very much our public-private partnership with the whole industry and cybersecurity platform where we bring all of the people together.  For instance, telecom and et cetera.  They are hugely interested in how the treaty turns out because it has serious implications for them.  Some of them are also actively participating but we regularly try to exchange with them.

     And I must say this, the weakest involvement is on the Open-ended Working Group because simply because unfortunately we are a small group, most people for them it doesn't -- it is not clear what is in it for them.  So we have a need to mobilize interest so they are fully aware of it. 

     We are working on a national position paper and analysing the government draft.  And we want to concert with multistakeholders particularly with the international law community, so to say.  And then I think Pablo responded the colleague from Brazil on the important question of how do go ahead in the First Committee.  The proposals has been around for a couple of years and has a lot of support.  I also think it makes a difference in terms of implementation, et cetera.

     The idea with the POS is exactly to avoid fragmentation and battles over new mandates and have a permanent body and also settle the multistakeholder at least for that process.  We use the current augmented working group to use and discuss in detail how it should be fixed out.  But the elements should be and then any sort of the configuration would be the follow-up.  We will have to see how it pans out.

     It is negotiations ongoing.  But we very much hope in the end we have an inclusive process in the end with one mechanism after the working group.  Because also more as we discussed for any one of us it is difficult to entertain.  Thank you so much.

     >> JOHN HERING: Thank you all.  We're coming up on time here.  So I'm just going to say, Edoardo, is there a question online?  Otherwise, I think we've exhausted things in the room and I will move to just a quick lightning round question.

     >> EDOARDO RAVAIOLI: We do have a question.  I wonder if we have time to answer it.  Amir Mokabberi was questioning the legitimacy of companies participating in multistakeholder discussion, especially in the field of international law development due to the conflict of interest and lack of election by citizens.  I wonder if you have a quick response to that, John.

     >> JOHN HERING: Maybe I will take that one.  It's a fair question and fair thing to -- fair question and fair thing to be concerned about what is the proper scope and size of private industry engagement in any conversations that relates to governance at national or international level. 

     The only thing I will say is Microsoft makes products and services that we sell and that help to augment the digital domain.  And we certainly don't want to be contributing to a space that is getting increasingly unsafe and more unstable.  And so supporting the dialogues is critically important to us as an organization, especially that is large technology company. 

     But I think we are always clear in that and we want to always be as transparent as possible in saying that obviously governments make the decisions here, we don't.  We are at -- I think together with our other multistakeholder partners pushing for a voice at the table, not a vote.  That seems to be always the proper boundary and limitation there. 

     I hope that answers that question well enough.  And I will just say in the last couple of minutes a lightning round.  If there are sort of nongovernmental stakeholders in the room who have not engaged before in any of these processes at the UN, what Would be a quick piece of guidance on the way to be most impactful in helping to support government dialogues on cybersecurity at the UN.  Anyone can start.

     >> MARIE HUMEAU: I will start because I'm at the back of the table.  I will be short because we don't have too much time.  I would say so we are not -- we will listen.  Talk to us.  We will listen and be there, provide information, numbers, facts, show the impacts of the project that you are doing like in the different countries and different regions.  Report on what is happening.  Those information can only give an added value to the discussion that will happen in the context of the UN.

     But also, if you start following it from a like it is not a one go.  If you started following and then come back and tell us you did this but you haven't yet talked about that or this.  And actually, I have to say I find it like very sad that people are saying that they don't see the impact of what they bring to the table. 

     I can say some of the outcome for the open-ended working group and report in 2021, there are actually things that that I heard happening at the beginning of the process.

     When it was a side event and discussion that we had with Civil Society, the private sector and academia and they made the way through the end report.  Actually, it is a long process, it is frustrating because it takes time.

     And you don't always have everything you would like to see, but it makes its way through.  So just like continue and hold us accountable for making sure that we are taking the right position when it comes to those discussions.

     >> PABLO CASTRO: I would agree.  Also, I encourage to approach States in just our conversation in other places.  But also from capital.  Most of the work that we did with the stakeholders is because they approach to us proposing side events.

     We have had one very good in July regarding the toolkits for implementation for marginalized stakeholders.  It was very interesting.  With Mexico and Colombia. 

     The stakeholders approached.  The working group or cybercrime conversations.  So I encourage you to -- of course, during this hour meetings in New York and -- we have a chance to create I would say even friendship.  One of the things that I like about stakeholders, you share a beer and go dancing and then say let's go to work on something or just have some minutes. 

     And we were having this conversation very much with for example, Microsoft, with cybercrimes.  I also liked the submission of documents.  Thanks for the stakeholders with the really good documents sometimes using very good ideas.  It is never really I mean recognised.  It is incredible.  Very good documents and put in there just for conversation.  Thank you for that.

     >> JOHN HERING: We are one minute over.  Please.

     >> JOYCE HAKMEH: 20 seconds.  Maybe choose one thing that you think you can contribute value and not try to do everything. 

     If you are new to this, right.  If you -- if I want to look at the OAWG, in July they agreed on a progress report.  If you are a CSO or industry, you want to be involved, look at those recommendations and see can I contribute to one or more from my perspective.  National or regional.  And take that as the first step and gradually you will feel you are involved.  States are listening so your input would make a difference.

     >> ENGELBERT THEUERMANN: I do subscribe to that.  Also of note is we receive a lot of proposals and ideas, sometimes general and sometimes very specific. 

     And very often it happens that you pick certain elements up as a statement or argument.  But rarely you write back to the organizations, thank you, I see you there.  I want to get better with this.  It is difficult to measure impact and you might not hear about it and how your idea, how it was used and might have more impact than you think that you have.

     >> JOHN HERING: Charlotte, the last word for 20 seconds.

     >> CHARLOTTE LINDSEY: I would just say very quickly in terms of engagement, I think what is critical is fact-based framing and the timing of the input particularly for States so they can then take the input to the table so you can produce the input but have to do it in a timely way.

     >> JOHN HERING: Thank you all so much for showing up, especially late in the day here.  Everybody online, especially folks like Nick who are up at 3:00 in the morning, really appreciate the engagement and look forward to seeing you all throughout the week here at IGF.  And thank you to panel and please join me in giving them a big round of applause.