Trust and Security digest (July 2021)

9 Aug 2021

This extract is taken from the July 2021 issue of The digest, GPD’s newsletter. Sign up here.

*

Cyber norms at the UN: latest updates

A few updates from the key forums discussing norms for state behaviour in cyberspace:

  • At the Open Ended Working Group, discussions around modalities are still ongoing. Civil society access and participation remains controversial, despite most member states supporting a more inclusive and open approach (see Reaching Critical Will’s summary of the June meeting, pp. 3-4). We expect to hear more in the coming month, as member states will want to have agreed modalities before the busy UN General Assembly season kicks off in September.
  • It seems increasingly unlikely that there will be a UN resolution this year to set up the Cyber Programme of Action, spearheaded by France and Egypt. This isn’t necessarily bad news: pushing it to next year will give stakeholders—including civil society—to engage with co-sponsors to shape the aims, scope and modalities of the resolution.
  • The Chair of the Third Committee’s Ad-hoc Cybercrime Committee has started consulting with member states to elicit their high level views on the scope, objectives and agenda for its upcoming first meeting, which is provisionally set to take place 17-28 January 2022. The deadline for member state submissions is the end of September. We hope states take the opportunity to include civil society and other stakeholders.

Other news

  • As our Senior Programme Lead Sheetal Kumar observed in a recent article, states are becoming increasingly willing to attribute cyber attacks to other states. July furnished a good example, with the US, EU and NATO jointly condemning China for attacks on US servers. However, as was noted elsewhere, only the EU’s statement made reference to UN-agreed cyber norms—a missed opportunity for supporting the adoption and meaningful use of the responsible state behaviour framework.
  • Last month brought fresh revelations of states using NSO Group’s controversial Pegasus software to illegally spy on human rights activists, journalists and political opponents. These actions not only gravely contravene human rights; they also undermine trust and security in cyberspace. Along with more than 100 other civil society groups, we’ve signed onto a joint letter calling for a moratorium on the sale, transfer and use of surveillance technology, as well as the institution of a range of new regulatory measures.
  • The first part of our capacity building series for civil society on UN discussions around responsible state behaviour in cyberspace wrapped up this month. You can watch recordings of the presentations on our dedicated UNGA hub. Applications for the second part will open in August, so stay tuned.
 

 

Listening post

Your monthly global update, tracking relevant laws and policies relating to the digital environment.

On trust and security, a few updates on laws relating to cybercrime and national cybersecurity strategies and policies:

*