Cybersecurity a critical issue for mankind
THE Covid-19 pandemic introduced dramatic changes into our lives and is rightfully dominating the UN day to day agenda. However, this is also an important reminder that cybersecurity is also a critical issue for mankind. Amid the Covid-19 crisis almost all public and private communication went digital.
The world’s dependence on information and telecommunication technologies (ICTs) is now unprecedented. Ensuring security has already become a priority worldwide. Despite political differences or economic disparities, Member States are equally vulnerable to this threat and feel an urgent need to come out with a global response.
In December 2018, the United Nations General Assembly (UNGA) approved the creation of two distinct groups to further explore issues related to responsible state behaviour in cyberspace: an Open-Ended Working Group (OEWG) and a new Group of Governmental Experts (GGE). This decision was preceded by the submission of two draft resolutions by Russia and the United States to the UNGA First Committee; the Disarmament and International Security Committee (DISEC).
The Russian resolution A/RES/73/27 was adopted by 119 votes with 46 against and 14 abstentions. The document, originally titled, ‘Developments in the field of information and telecommunications in the context of international security’, proposed the establishment of the OEWG to discuss further cybernorms for state behaviour. The vote on the American resolution A/RES/73/266 titled ‘Advancing responsible State behaviour in cyberspace in the context of international security’, that asks for the creation of the next GGE, was approved with a larger majority of member states – 138 in favour, 12 against, and 16 abstentions.
Interestingly, as many as 77 states, mainly from South America, Africa, the Middle East and South-East Asia, voted in favour of both resolutions. On the one hand, this can signal a desire not to fall out of the global processes of negotiating cybernorms without attributing themselves to one of the cyber security camps, while on the other hand, such situation may reflect a low level of awareness (and even illegibility) of some small states in the nuances of different approaches to international information security.
One notable difference between the two groups is related to their composition. The OEWG is to involve all interested UN member states and also hold ‘intersessional consultative meetings’ with businesses, non-governmental organisations, and academia. The GGE is taking a more intergovernmental path. It will have limited participation from member states, on the basis of ‘equitable geographic distribution’, and will involve the UN Office for Disarmament Affairs (UNODA) to hold consultations with regional intergovernmental organisations including the African Union.
The OEWG format has many advantages. The open composition of the group allows every member state to participate, in contrast to the limited number of members of the previous GGEs. The rule of consensus decision-making will ensure that the common interests of all participants will be included in the final document.
But there are also several disadvantages. The open composition does not imply the participation of key countries ‘by default’, thus the composition of the group may be much smaller than desired. For example, countries that did not vote for this resolution may be less likely to participate. On the other hand, the USA and European countries could be in the OEWG in order to block its work just because they do not want to have such a consolidated group of likeminded states capable of producing a report that contradicts their understanding of international cybersecurity.
Despite the creation of these two groups, states are still at the beginning of the development of legally binding norms of responsible behaviour in cyberspace. It should be clearly understood that cyber confrontation can never be contained within local borders and will inevitably spread far beyond them. The world literally finds itself now before a choice between global cyber peace or cyber warfare. Making this choice should lie with all Member States regardless of their capacities and cannot be usurped by the ‘elite’ minority, which thinks itself entitled to unilaterally regulate the information space.
It is regrettable that certain countries, in particular the US and its allies, are exploiting the pretext of the ‘full and unconditional application of international law in cyberspace’, including international humanitarian law, in an attempt to justify unilateral pressure and sanctions on other Member States and even possible use of force against them. It is also of grave concern that this elite minority is actively pursuing the militarisation of cyberspace by pushing forward the concept of ‘preventive military cyberstrikes’, including against critical infrastructure.
Peace-loving nations should completely reject these concepts and stand firmly for the use of ICTs for peaceful purposes only. The role of the UN in this process is unique and indispensable. Only the UN can provide a truly global response and ensure the participation of all states on equal footing. There should be no fragmentation of global efforts as they become split along regional lines or among the ‘power groups’.
To reach a state of ‘cyber peace’ is an achievable goal and it can be reached only through the UN consensus based mechanisms like the OEWG which is uniquely positioned to address this issue. In order to expedite this process the international community should focus its efforts on elaborating universal rules of responsible behaviour in cyber space.
All UN members should actively participate in the drafting of the outcome report of the OEWG. Given the current dynamics and a growing desire for a better cybersystem among states, at some point in future a legally binding instrument should also be explored. There is hope that the OEWG will be able to formulate practical recommendations that will meet the expectations of those in need and will be effectively put into practice.