10 Matching Annotations
  1. Mar 2021
    1. including the possibility of additional legally binding obligations.

      This was pushed in by China, though opposed by the West. Additional legally binding obligations most likely refer to a possible future Code of Conduct/global treaty (as proposed by the Shanghai Cooperation Organisation earlier)

    2. Programme of Action should be further elaborated including atthe Open-Ended Working Group

      While this gives 'mandate' to OEWG to discuss PoA, it doesn't limit the options of running the PoA through other venues ("including at") - GA, First Committee, GGE report, or other. One can expect, however, that PoA will be among first elements of the OEWG2 agenda.

    3. support the capacities of States in implementing commitments in their use of ICTs, in particular the Programme of Action

      PoA is framed in context of support with the capacities of states in implementations. PoA is, however, envisaged as a possible single process to replace other processes in terms of institutional dialogue - as a continuous process (https://dig.watch/updates/france-and-partners-propose-programme-action-advancing-responsible-state-behaviour) This framing is not helping with this.

    4. ensure the continuation of the inclusive and transparent negotiation process

      Important element is the transparency and inclusiveness. Even if it is not explicit about the involvement of non-state stakeholders, transparency is rather clear here (one of the main remarks to the GGE work, besides being for a limited number of states, was its confidentiality and lack of transparency).

    5. of other issues.7

      It was removed in the final round: "including terrorism, crime, development, human rights and Internet governance."

      This is a continuous 'battle' on what the OEWG (ie UN institutional dialogue) talk and not talk about - in particular whether cybercrime should be included, and that it should (not) address Internet governance aspects such as content policy, or ICANN-related issues.

    6. Some non-State actors have demonstrated ICT capabilities previously only available to States

      This is interesting: attribution to states was always contested. Yet here, we hear that non-states have capabilities that states have… yet we don't know what states have due to lack of transparency.

    7. The OEWG recognizes the importance and complementarity of specialized discussions on aspects of digital technologies addressed by other UN bodies and fora

      This may, in particular, refer to the UN digital cooperation track as well as the IGF, but also the 'digital elements' of the SDG process

    8. general availability or integrity of the Internet,

      Indirect reference to the call by the Global Commission on Stability of Cyberspace (GCSC) for the protection of the Public Core of the Internet: https://cyberstability.org/research/call-to-protect/ GCSC defines the public core to include packet routing and forwarding (thus routing protocols), naming and numbering system (thus ICANN and IANA work), cryptographic mechanisms of security and identity (including DNSSec and similar protocols), and physical transmission media (including submarine cables): https://cyberstability.org/wp-content/uploads/2018/07/Definition-of-the-Public-Core-of-the-Internet.pdf

      Here, only a mention of 'general availibility and integrity of the Internet' was included, but this is a step forward. It is also mentioned in par. 26 under Norms, which is even more relevant.

    9. The continuing increase in incidents involving the malicious use of ICTs by State and non-State actors, including terrorists and criminal groups,is a disturbing trend

      It is pity this language has not been stronger, and more explicit. In particular, exploiting vulnerabilities should have been explicitly mentioned as 'disturbing' - if not condemned (having in mind SolarWinds and other examples).

      Exploiting a vulnerability against one system discloses the vulnerability of a whole classes of commercial systems to the broader public. This then ends up being exploited by criminals against other such systems around the world, thereby weakening the entire cyberspace.

      While it may be understood to fall under "malicious use of ICT", it is important to clearly spell it out.

    10. The continuing increase in incidents involving the malicious use of ICTs by State and non-State actors, including terrorists and criminal groups,is a disturbing trend.

      It is pity this language has not been stronger, and more explicit. In particular, exploiting vulnerabilities should have been explicitly mentioned as 'disturbing' - if not condemned (having in mind SolarWinds and other examples).

      Exploiting a vulnerability against one system discloses the vulnerability of a whole classes of commercial systems to the broader public. This then ends up being exploited by criminals against other such systems around the world, thereby weakening the entire cyberspace.

      While it may be understood to fall under "malicious use of ICT", it is important to clearly spell it out.

    Created with Sketch. Visit annotations in context

    Created with Sketch. Tags

    Created with Sketch. Annotators

    Created with Sketch. URL