Internet and Human Rights

Diplomacy and danger: negotiating peace in cyberspace

This past July, the second annual report by the Open-ended Working Group on security of information at the UN was approved; in an agenda crowded with multilateral meetings, it emerges as a new forum for geopolitical conflicts that could affect all of cyberspace.

CC:BY (Maira Liberman)

Last July, the Open-ended Working Group on security of and in the use of information and communications technologies 2021–2025 (OEWG) of the United Nations First Commission, held a new substantive session focused on seeking consensus on its second annual progress report. The entity is the mechanism by which all UN countries will debate States’ activity in cyberspace, paying particular attention to the risk of cyberattacks between States. It concerns the search for mechanisms not just to improve security, but also to achieve peace in technology usage.

Reaching consensus was not easy, however, and gains were overshadowed by the inclusion of elements with little support that some States feel could lead to uncertainty and risks.

Concord and accord

Debate on the final draft was marked by the dissatisfaction of many States, on the one hand due to changes to and the omission of proposals formulated in the chamber and on the other hand, due to the practically forced inclusion of proposals that still lack significant support, in order to salvage a fragile consensus via footnotes that recognize the old plan of international rules binding on States, instead of non-mandatory practices and standards. Nonetheless, the report does document points of progress and defines priorities for future debates, while identifying collaboration initiatives that already exist between States.

Positive aspects include inroads on the proposal for a global directory of contact points at the UN, to facilitate communication between States when a threat or bad actor is discovered. This proposal has moved toward operationalization through the adoption of a document included as an annex to the annual report. Requests for inter-sessional meetings were also proposed, to address the points that are most difficult to agree on, such as the applicability of international law or the definition of threats, which continue to be the object of intense discussion.

Likewise, language is included inviting States to greater transparency on their understanding of threats, postures on the applicability of international law and the implementation of non-binding rules. References to gender sensitivity are encouraging, especially in terms of threats and training, in timid recognition of the multi-dimensional nature of digital gender gaps.

Less encouraging is the reduced or conditional mention of the intervention of non-governmental stakeholders, including civil society, as key players in several of the focal points. Similarly, resistance to explicit language on human rights meant that their presence ended up constrained, limiting recognition of the necessary consideration of human rights in measures to guarantee security in cyberspace.

Although Derechos Digitales, like other organizations, has emphasized the concept of different stakeholders and has defended language around human rights, State attention seems to have been focused more on the search for consensus than on these topics.

Negotiation and rejection

The risk of failing to reach consensus was introduced by the stubborn proposal to integrate language acknowledging the (minority) proposal to shift the agreements to rules of a binding nature to a new UN treaty on cybersecurity. “Footnote diplomacy” (as called out by one delegation) became a practical solution for salvaging a difficult consensus among countries in open geopolitical conflict. The insistence focuses on a point promoted for years by the Russian delegation and a few allies, on negotiating new cybersecurity and cybercrime treaties (the latter already under debate in an Ad Hoc Committee), due to the importance given in some of these countries to “information security”, a broader concept than “cybersecurity”, which is preferred in the West.

Indeed, experience shows that coming to an impasse does not necessarily mean the total failure of a process, but it does require approaching the debate realistically to avoid jeopardizing global peace and development.

We are far from considering that the OEWG’s progress represents civil society’s aspirations for promoting inclusive measures and protecting human rights. However, we cannot abandon the hope of better rules of conduct among States, ones that recognize that security and peace require the input of different players.