IGF 2018 Global Commission on the Stability of Cyberspace

Information

Session

Theme

Cybersecurity, Norms, Cyberdiplomacy

Relevance

The international cybersecurity regime continues to be in flux. Norms of responsible state behavior, confidence building measures, and the application of international law will continue to define the interstate narrative and are essential to the furtherance of the international rule of law in cyberspace. Both bilateral and multilateral discussions have attempted, and in some cases managed, to address the risks involved in inadvertent escalation as well as a loss of escalation control. However, attempts to find a workable interstate dialogue seem to have reached an impasse.

The mandate of the GCSC is to develop proposals for norms and policies to enhance international security and stability in cyberspace. The first phase of the Commission’s work has focused on developing recommendations for norms of responsible behavior in cyberspace, to influence the conduct of both state and non-state actors in ways that complement and reinforce the norms already developed elsewhere.

Session Content

During this panel, GCSC Commissioners will present the work of the Commission on norms, in particular the launch of the Singapore Norm Package, and get feedback from the broader IGF community.

Agenda

13:30-13:40

Welcome Remarks by Michael Chertoff, Co-Chair of the Global Commission on the Stability of Cyberspace (GCSC), Co-founder and Executive Chairman at the Chertoff Group, former Secretary of the U.S. Department of Homeland Security; and Marina Kaljurand, Chair of the Global Commission on the Stability of Cyberspace (GCSC) and former Foreign Minister of Estonia;

13:40-14:10

Rules of the Road - GCSC proposed norms of responsible behaviour in Cyberspace

Call to Protect the Public Core of the Internet, by Wolfgang Kleinwächter, Professor Emeritus, University of Aarhus, former ICANN Board Member, and former Special Ambassador of the NETMundial Initiative
Call to Protect the Electoral Infrastructure, by Marietje Schaake, Member of the European Parliament
Proposed Norm for State and Non-State Actors to Avoid Tampering with Products Prior to their Release, by Bill Woodcock, Executive Director of Packet Clearing House
Proposed Norm Against Commandeering of ICT Devices into Botnets, by Olaf Kolkman, Chief Internet Technology Officer of Internet Society (ISOC)
Proposed Norm for States to Create a Vulnerability Equities Process and Proposed Norm to Reduce and Mitigate Significant Vulnerabilities, by Christopher Painter, Former Coordinator for Cyber Issues in the U.S. State Department, Principal Visiting Fellow at The Hague Center for Strategic Studies
Proposed Norm on Basic Cyber Hygiene as a Foundational Defense, by Anriette Esterhuysen, Director of Global Policy and Strategy, Association for Progressive Communications
Proposed Norm Against Offensive Cyber Operations by Non-State Actors, by Frederick Douzet, Professor at the French Institute of Geopolitics at Paris 8 University & Chairwoman of the Castex Chair of Cyber Strategy

14:10-14:25

Interventions from Stakeholders

David Martinon, Ambassador for Digital Affairs, Ministry for Europe and Foreign Affairs of France
Sarah Deutsch, Board Member, ICANN
Jan Neutze, Director of Cybersecurity Policy, Microsoft
Olivier MJ Crépin-Leblond, Chair of European At-Large Organisation (EURALO), ICANN
Carmen Gonsalves, Head of the Task Force International Cyber Policy, Ministry of Foreign Affairs of the Netherlands

14:25-15:00

Question & Answer with wider audience

Relevant Publications

Call to Protect the Public Core of the Internet and the Definition of the Public Core to which the norm applies.
Call to Protect Electoral Infrastructure
The Singapore Norm Package

Presentation:

gcsc_information_sheet.pdf

Report:

IGF 2018 GCSC Panel Report

- Session Type:

Panel

- Title:

IGF 2018 Global Commission on the Stability of Cyberspace

- Date & Time:

Monday, 12 November 2018 – 13:30 to 15:00

- Organizer:

The Global Commission for the Stability of Cyberspace

- Chair/Moderator:

Chaired by Marina Kaljurand, Chair of the Global Commission on the Stability of Cyberspace (GCSC) and former Foreign Minister of Estonia;

Michael Chertoff, Co-Chair of the Global Commission on the Stability of Cyberspace (GCSC), Co-founder and Executive Chairman at the Chertoff Group, former Secretary of the U.S. Department of Homeland Security;

- Rapporteur/Notetaker:

Louk Faesen and Elliot Mayhew

- List of speakers and their institutional affiliations:

Michael Chertoff, Co-Chair of the Global Commission on the Stability of Cyberspace (GCSC), Co-founder and Executive Chairman at the Chertoff Group, former Secretary of the U.S. Department of Homeland Security (Male)

Marina Kaljurand, Chair of the Global Commission on the Stability of Cyberspace (GCSC) and former Foreign Minister of Estonia (Female)

Wolfgang Kleinwächter, Professor Emeritus, University of Aarhus, former ICANN Board Member, and former Special Ambassador of the NETMundial Initiative – GCSC Commissioner (Male)

Marietje Schaake, Member of the European Parliament – GCSC Commissioner (Female)

Bill Woodcock, Executive Director of Packet Clearing House – GCSC Commissioner (Male)

Olaf Kolkman, Chief Internet Technology Officer of Internet Society (ISOC) – GCSC Commissioner (Male)

Christopher Painter, Former Coordinator for Cyber Issues in the U.S. State Department – GCSC Commissioner (Male)

Anriette Esterhuysen, Director of Global Policy and Strategy, Association for Progressive Communications – GCSC Commissioner (Female)

Frederick Douzet, Professor at the French Institute of Geopolitics at Paris 8 University & Chairwoman of the Castex Chair of Cyber Strategy – GCSC Commissioner (Female)

- Theme:

Cybersecurity

- Subtheme:

Norms, Cyberdiplomacy

- Please state no more than three (3) key messages of the discussion.

During this panel, GCSC Commissioners presented the work of the Commission on norms, in particular the launch of the GCSC Singapore Norm Package, and asked for feedback from the broader IGF community. The intention was to give a general overview of the work of the GCSC in developing proposals for norms and policies to enhance international security and stability in cyberspace. Of particular interest was the feedback of audience on the 8 norms included in the Singapore Norm Package, which were developed with the express purpose of being adopted by public and private sector actors towards an architecture to improve international security and stability in cyberspace.

- Please elaborate on the discussion held, specifically on areas of agreement and divergence.

There was support for the norms in the Singapore Norm Package, and for the process work that the Commission is undertaking to bring together stakeholders in this area. The overarching view was that international peace and security is traditionally a state-driven area, and the initiative of the GCSC to bring other voices, more specifically from the Internet governance and technical community, into this dialogue was widely welcomed. The IGF has traditionally addressed issues from an internet governance perspective, and the approach of the GCSC in implementing their 5-step process – resulting in a final report and actionable recommendations at the end of 2019 – was a refreshing addition to this debate. The contributions of the audience reflected this and questions addressed several aspects of the presentation.

Participants were interested to hear about the individual norms, each of which address a particular issue that the GCSC feels is relevant and poignant in cyberspace not just today, but potentially in the future. Many comments agreed with the position that both state and non-state behaviour should be addressed, and generally those asking questions were inquisitive about the process and justifications behind the inclusion of each norm and how they might apply to each stakeholder acting within its own context.

Of specific relevance were comments of participants about the nature of the Singapore Norm Package, asking if it was a final document or whether the norms could be further refined and added to subject to comments received by the Commission. This indicated that there was significant interest of those consulted to contribute to the mission of the GCSC, which was seen as a positive and encouraging development.

- Please describe any policy recommendations or suggestions regarding the way forward/potential next steps.

Stakeholder engagement is a core part of the advocacy mission of the GCSC, and the IGF Panel reinforced this. The general positivity of the comments towards the norms themselves was welcomed, though the desire to provide further input prompted the Commission to launch an online Request for Consultation at https://cyberstability.org/news/request-for-consultation-norm-package-singapore/.

The GCSC will continue with its preparations for updating the Singapore Norm Package according to any feedback its receives. The IGF Panel also provided valuable knowledge and experience for conducting these forms of engagement in the future. This lent further input into the events and occasions at which the GCSC might look to present its work over the course of the next year.

- What ideas surfaced in the discussion with respect to how the IGF ecosystem might make progress on this issue?

The GCSC has had the honor to present its work at the IGF in previous years, and believes continued engagement with this community on issues pertaining to international peace and security is crucial. The unique exchange of views and outcomes of these activities was testament to this.

The objective of the GCSC is to reach as many stakeholders as possible with its recommendations and ideas that contribute towards this are very much welcomed.

Other ideas related to further delineating the scope of the norms, in particular how they apply to the stakeholders whom they address and further outlining the next steps for the Commission and how this relates to the work done so far for international peace and security in cyberspace. Further explanation and engagement in this regard will go a long way to ensuring the effective participation of other actors and ensuring the lasting effect of the Commission’s contributions.

- Please estimate the total number of participants.

The estimated total number of participants was 50

- Please estimate the total number of women and gender-variant individuals present.

In addition to the gender balance of the Panel, the number of women was approximately 40% of the audience

- To what extent did the session discuss gender issues, and if to any extent, what was the discussion?

The discussion did not directly address gender issues, although there was an even gender balance in the Panel itself. The GCSC feels that the adequate representation of women is important and the Commission has several members that are noted for their positions on these matters.

- Session outputs and other relevant links (URLs):

Website of the GCSC

https://cyberstability.org/

Announcement of Singapore Norm Package

https://cyberstability.org/news/global-commission-introduces-six-critical-norms-towards-cyber-stability/

Singapore Norm Package

https://cyberstability.org/wp-content/uploads/2018/11/GCSC-Singapore-Norm-Package-3MB.pdf

Request for Consultation on the Norm Package

https://cyberstability.org/research/request-for-consultation-norm-package-singapore/

Future meeting of the GCSC in Geneva

https://cyberstability.org/news/gcsc-meeting-in-geneva-hosted-by-the-united-nations-institute-for-disarmament-research-unidir/

Session Time: