Session Format: Debate - 90 Min
Academia: Leonie Tanczer and Louise Marie Huriel
CERT/CSIRT community: Adli Wahid and Marten Van Horenbeeck
Government: Tobias Feakin, Gavin Willis, Karsten Geier
International Relations/Diplomacy: Elina Noor, Vladimir Radunovic, Marilia Maciel, Camino Kavanagh
Private Sector: Jan Neutze
Content of the Session:
During IGF 2016, at “WS132 - NetGov, please meet Cybernorms”, we opened the debate. An increased commitment from state actors to coordinate on cybersecurity at the regional and international level (e.g. UNGGE, OSCE, Budapest Convention), has reached a point where future development of international norms that aim to regulate State behavior with regards to cyber operations need necessarily other stakeholders to give input or advice. At this workshop, we discussed the extent to which the technical community can support implementation of the GGE agreed norms and whether the IGF can serve as a platform to facilitate these engagements. Given the ongoing difficulties of negotiating global agreements on cybersecurity between state actors, we propose to continue this debate at the IGF 2017, this time focusing on the question of whether the increased regional and international cooperation that happens between CERTs and CSIRTs – both national and private – can support and advance current diplomatic endeavours to establish international norms of responsible state behavior in cyberspace.
Relevance of the Session:
There are many norms that are well established in the technical community. A good example of these technical norms are the practices by which CERT/CSIRT communities exchange technical expertise and share information on risk management and incident response. By establishing trusted networks for exchanging technical expertise, the CERT/CSIRT communities are indirectly engaging in what is referred to as 'science diplomacy'. This proposal aims to continue the debate, started during WS132 of IGF 2016, to understand how ongoing cooperative behaviors around the development of technical norms in the CERT/CSIRT community can help to reveal unrecognized common ground among states and, ultimately, help to improve international cooperation on cybersecurity.
Tag 1: Cybersecurity Norms
Tag 2: Internet Governance
Tag 3: Multistakeholder Cooperation
Dr. Madeline Carr and Prof. Duncan Hollis have been involved in academic research exploring the International cooperation system and studying the feasibility of treaty-based solutions for ruling state behavior on cyberspace. The Internet technical community has been solving cybersecurity incidents by establishing circles of trust for information sharing, and cooperating in emergency response and towards problem resolution. The IGF has provided a unique platform where the technical community and government representatives converge in useful dialogue to improve understanding of their particular norms and behaviors. This proposal to have a 90 minute debate, will continue the discussion from last year in WS132 on Cybernorms, for UNGGE followers and participants, together with the Internet and security ecosystems, mediated by academic research, to answer questions on International security cooperation, and advance towards better understanding of current and possible cybernorms that can possibly result in more responsible state and technical behaviors. A prospective agenda of the debate is:
1. Setting the scene. New research on "science diplomacy" and CERT cooperation. (Academia).
2.1. Technical community. How CERT cooperation works. (Tech/CERT community)
2.2. Update on UNGGE and state cooperation. GCCS. And more. (Government)
2.3. A civil society view on this. (Academia/Civil society)
3.1. Whether CERT cooperation is (or not) a form of diplomacy
3.2. Whether CERT cooperation can (or cannot) help improve responsible cyber behaviors
3.3. Whether existing technical cybernorms are to be recognised formally by states
4.1. Key take-aways
4.2. Follow-up questions
Last year, Workshop 132 on Cybernorms, successfully brought to the IGF participants from UNGGE and NATO, together with world renowned academics in the field of cybersecurity. These were new participants to the IGF, and one of the key agreements of the session was that there could be a mutually constructive way forward for the UNGGE to be more open and transparent and for Internet governance stakeholders to be more aware and involved in the UNGGE discussions. This proposal is a continuation of that effort, to bring into direct conversation the parallel worlds of the Internet governance multistakeholder community and the more formal, state-centric processes, such as UNGGE. In the lead towards the debate at IGF 2017, the organizers will take into consideration geographical diversity and gender balance.
The rapporteur of UNGGE participated last year, remotely through WebEx, in workshop 132 on Cybernorms, asking an important question that influenced the outcome and facilitated agreements at the workshop. There were other remote participants through WebEx and also a wide audience through YouTube. We expect a similar if not a more active participation through online means, in terms of questions and comments being raised remotely by those that are not able to be physically present at the next IGF in Geneva.
There will be two co-moderators of the debate, each fostering the discussion on basically two sides: the UNGGE/governmental perspective, and the technical community/CERT perspective. These two co-moderators will first, help to set the scene by referring to new academic research on CERT diplomacy. Also by calling participants to provide updates on the UNGGE process and the GCCS event. The technical community will explain processes and networks of trust that are the basis of CERT collaboration. The co-moderators will foster a conversation, mainly by distinguishing things that were unknown to each party that merit better understanding and will help discover those issues that can help both parties increase mutual understanding. The co-moderators will lead the participants of the debate towards finding feasible paths for collaboration, which are the key expected outcomes of the workshop.
Conducted a Workshop in IGF before?: Yes
Link to Report: https://www.intgovforum.org/multilingual/filedepot_download/4098/246