Cyber for Diplomacy

003004005

Advertisements

Cybersecurity Cooperation – India’s Latest Bilateral Arrangements

By Shalini S

The current Indian Government has continually offered significant strategic thrust to cybersecurity and related issues. In November 2015 alone, India established multiple collaborative partnerships that for cooperation in cybersecurity with various countries. This is a welcome move for the sector which continually presents advanced security challenges. There is a demonstrated interest in addressing this serious contemporary concern. In addition, efforts are being made to establish extensive cybersecurity cooperation to ensure protected cyber networks. The latest bilateral ties established by India to boost cybersecurity cooperation are elucidated below.

India and UK signed a first of its kind joint statement that will enable them to collaborate and jointly educate and train its cybersecurity professionals. Together, the countries are also slated to establish a cybersecurity training centre to enable dialogue and exchange of expertise. Additionally, the UK will also help setup a new cybercrime unit in India. This joint statement released after Prime Minister Narendra Modi’s visit to the UK closely follows the visit of UK’s first cybersecurity delegation to India in October 2015.

For the first time, India and China have also decided to establish ministerial mechanisms to effectively tackle transnational crime and specifically delineated cybercrime cooperation as a measure to boost security cooperation between the countries. The new high-level mechanism will be established under the home ministries of both the countries and will result in information exchange, law enforcement and technical capacity building to jointly combat cybercriminal activity. An official bilateral document endorsing this new security collaboration is yet to be signed.

A joint statement from Prime Minister Narendra Modi and his Malaysian counterpart released this week, revealed that their delegation-level consultations between the countries had resulted in the signing of a Memorandum of Understanding (MoU) aimed at strengthening cooperation on cybersecurity. As this MoU was signed between Indian Computer Emergency Team (CERT-IN) and CyberSecurity Malaysia (national cybersecurity agency), closer cooperation in cyber-policy evolution, technological expertise exchange and incident management can be expected.

Later in the same week, a similar agreement for bilateral cooperation and collaboration in cybersecurity measures was signed between CERT-IN and SingCERT (Singapore’s Computer Emergency Response Team). The MoU which envisions research collaborations, in the sector, between the two countries, also agreed to setup appropriate mechanisms to facilitate future dialogue on prevalent policies, best practice, bilateral consultations and real-time exchange of information and has established a broader framework of cooperation between the countries.

India’s recently established and renewed bilateral ties with these countries hinges on mutual sharing of information and best-practices, both critical in constructing a shared response to conspicuous cyber incidents. As these collaborations also come in the wake of joint commitment of India and US to strengthen cooperation on a range of cyber issues, India’s serious commitment in fostering multiple bilateral dialogues and cooperation on cybersecurity and related issues is apparent and must be lauded.

CCG’s Analysis of the WSIS+10 Draft Outcome Document- Initial Thoughts

The draft outcome document for the World Summit on Information Society (WSIS) High Level Meeting in December has been released today (it can be accessed here). This draft is a revision of the Zero Draft based on discussions held in New York last month i.e., the 2nd Preparatory Meeting and the 2nd Informal Consultations. Our coverage of those two meetings can be found here. The Outcome Document will be the basis for informal multilateral discussions to be held from 19-20 and 24-25 November. As per our understanding at this point, these discussions will be closed door meetings between country representatives and will not be open to other stakeholders. Below is a summary of the major changes from the Zero Draft to the Outcome Document:

New Section on Human Rights

Easily the most contentious part of the Zero Draft which had subsumed Human Rights discussions under the heading of Internet Governance. This had attracted criticism from civil society groups and many Member countries. The Draft Outcome Document now contains a separate section on human rights. In terms of content, this new section on Human Rights is notable for the explicit recognition in Paragraph 38 of journalists, bloggers and civil society actors in supporting freedom of expression and plurality. This is a big and welcome change from the Zero draft which only cited the freedom of press in the limited context of journalists. Paragraph 38 is also important given the recent attacks against bloggers in many countries who have been targeted for expressing their views online.

Also notable is the explicit recognition of the Right to Development in Paragraph 40 and the reaffirmation of the universality, indivisibility, interdependence and interrelation of all human rights. The latter is a concept enshrined in the Universal Declaration on Human Rights and an integral component of International Human Rights Law. Its recognition in the Outcome Document is important as these concepts need to be reinforced in the Information Society. This is because many of the rights based discussions online are often connected to other issues such as development, access and security. These cannot be discussed in isolation. This idea has been discussed in some detail in CCG’s comment on the non-paper.

The emphasis placed on the right to privacy on the context of mass surveillance in Paragraph 42 is also a new addition. This expands on the earlier Paragraph 43 from the Zero Draft which merely encouraged stakeholders to respect privacy and the protection of personal information. The expanded Paragraph 42 in the outcome Document is a vast improvement, calling on countries to respect International Human Rights law as it relates to mass surveillance. Para 42 also explicitly cites General Assembly Resolution 69/166 which recognised the Right to Privacy in the Digital Age.

Though the improvements to the Human Rights paragraphs in the document are welcome, Human Rights is still listed as the 2nd section which is contrary to the calls made by civil society groups to list it as the first.

Linkages with Sustainable Development Goals (SDGs)

A common concern across stakeholder groups in the October meetings was to link the WSIS process with the SDGs. While earlier drafts cited the SDGs, they failed to identify specific goals that could be linked with the WSIS process. Though the SDGs do not a have a separate goal that mentions ICTs or the internet, the understanding was that as a cross-cutting issue there are many potential linkages between the two processes.

The capacity of ICTs to facilitate the fulfillment of all SDGs has been mentioned in Paragraph 14. It also lists Goal 4b on Education and Scholarships, Goal 5b on Women’s Empowerment, Goal 9c on Infrastructure and Access and Goal 17.8 on Technology Bank and Capacity Building as specific goals where this linkages can be particularly useful. In Follow Up and Review, the document in Paragraph calls for the CSTD review to feed into the SDG process in Paragraph 58. Additionally, Paragraph 62 designates the High Level Meeting in 2025 as an input process into the 2030 Review of the SDGs.

ICT for Development

In this section, the Outcome document takes a more nuanced view of development issues and the Digital Divide, however a few key ideas are still missing.

Paragraph 19 on cultural expression and Paragraph 23 on Local Content in different languages highlight the need for greater diversity online. The discussion on the Digital divide has also improved from the Zero Draft with Paragraph 22 calling for the creation of knowledge societies and for UN bodies to analyse the nature of the digital divide.  Paragraph 25 dedicated to the Gender divide is a much needed addition and it calls for immediate measures to address this divide. However, the discussion on the digital divide is lacking in that it fails to recognise that the digital divide is a manifestation of existing socio-economic inequalities. It also fails to reognise that access to the internet and ICTs should be rights based and equitable. While the role of ICTs in development is not disputed, having differential access to ICTs or the internet can actually serve to exacerbate the digital divide. Though this point has been made repeatedly, the draft outcome document does not acknowledge it.

Paragraph 36 is also notable as it calls for new mechanisms to fund ICT4D as opposed to the Zero Draft which called for the Digital Solidarity Fund to be reviewed. The position on the DSF has since changed as States and other stakeholders in October recognized that the DSF cannot be strengthened and a new mechanism is necessary.

New Section on Security

Much like human rights, many countries- especially the G77+China- called for a separate section on security issues. Thus, the outcome document has a new section 3 on Building Confidence and Security in the use of ICTs which was the erstwhile Section 2.3 in the Zero Draft.

Paragraph 45 is a change from the earlier Paragraph 46 in the Zero Draft. It notes the ‘leading role’ of governments in cybersecurity as opposed to the Zero Draft which called on them to play an enhanced role. The recognition of the need for security measures to be consistent with Human Rights is a much needed change.

Paragraph 46 of the Draft Outcome Document on cyber-ethics has been expanded to explicitly refer to the need to protect and empower children, women and girls.

Paragraphs 48 and 49 call for greater cooperation among States on cybersecurity matters. In a change from the Zero draft, these paragraphs have placed greater emphasis on cooperation and information sharing across stakeholders and between States. The call for an international cybercrimes convention in the Zero Draft has been changed to an acknowledgment of the call for such a convention.

Internet Governance

The absence of the mention of multistakeholderism or multistakeholder approaches is conspicuous in this Section. In fact Paragraph 50 suggests that internet governance is a multilateral process with “the full involvement of all stakeholders”.

The mandate of the IGF should be extended by 10 years according to Paragraph 54. However, it calls on the IGF to incorporate the findings of the CSTD Working Group on Improvements to the IGF and that the IGF should show progress on these lines. On Enhanced Cooperation, Paragraph 56 calls on the Secretary General to provide a report to the next (71st) General Assembly on the implementation and means to improve Enhanced Cooperation.

Follow-Up and Review

The most notable addition is the call for a High Level Meeting in 2025 to Review the WSIS Outcomes in Paragraph 62. This suggests some sort of a compromise between States as there were multiple proposals on whether there should be a Summit or a High Level Meeting. The section is also notable for the explicit recognition of the ways in which the WSIS Process can be linked with the SDGs. Other than the linkages mentioned above, Paragraph 52 calls for the WSIS Action Lines to be closely linked to the SDG process.

The Outcome Document is a more complete Document than the Zero Draft in many ways. However, there are a few issues that need to be ironed out before the High Level Meeting. With the process closed for stakeholders from now on , most of these changes will largely come from States. Though the co-facilitators have called for comments to be sent on the Draft Outcome Document, it is not on the same scale as the public comment periods and it is not clear how much these suggestions will be taken into consideration by them. In the absence of another Informal Consultation, their interaction with stakeholders at the IGF may be the last opportunity to participate in this process before the High Level Meeting.

Index of CCG’s WSIS+10 Review Coverage

To help readers navigate our coverage of the 2nd Preparatory Meeting, we have indexed our posts from the last 3 days. Please find them below:

  • Summary of Day 1

https://ccgnludelhi.wordpress.com/2015/10/20/2nd-preparatory-meeting-of-wsis10-review-summary-of-day-1/

  • India’s Statement on Day 1

https://ccgnludelhi.wordpress.com/2015/10/20/wsis10-zero-draft-indias-statement-at-the-2nd-preparatory-meeting/

  • Summary of Day 2- ICT4D

https://ccgnludelhi.wordpress.com/2015/10/21/2nd-preparatory-meeting-of-wsis10-review-summary-of-ict4d-discussions-on-day-2/

  • Summary of Day 2- Internet Governance

https://ccgnludelhi.wordpress.com/2015/10/22/2nd-preparatory-meeting-of-wsis10-review-summary-of-internet-governance-discussions-on-day-2/

  • India’s Statements on Day 2

https://ccgnludelhi.wordpress.com/2015/10/21/indias-statements-on-day-2-of-the-2nd-preparatory-meeting-of-the-wsis-review/

  • India’s Statements on Day 3

https://ccgnludelhi.wordpress.com/2015/10/22/indias-statement-on-cybersecurity-on-day-3-of-2nd-preparatory-meeting-for-wsis-review/

https://ccgnludelhi.wordpress.com/2015/10/22/indias-second-statement-on-cyber-security-references-digital-india/

https://ccgnludelhi.wordpress.com/2015/10/23/indian-statements-on-implementation-and-follow-up-at-2nd-preparatory-meeting/

Indian Statements on Implementation and Follow up at 2nd Preparatory Meeting

India made a third statement today, this time on the Implementation and Follow up of the WSIS Review. Below is the Statement:

The essence of what we’ve been discussing is Implementation and Follow-up. Talking about action lines is also talking about implementation. It is an assessment of whether we have succeeded or not. The WSIS document is commendable as it stands. We are in favour of an ongoing review process. But also support a High Level Meeting to look at these at some point. We do not understand approach of not changing anything or changing Action Lines. We’re talking about a dynamic platform like the internet, the manner in which it has changed the economy, lifestyles of people around the world would tell us that more is yet to come. Therefore we must be talking constantly about Cybersecurity, ICT4D and human rights as change is happening at rapid pace. Not being ready to review Action Lines or High Level Meeting that brings to attention issues that needs to be addressed is not understandable. Support Review Process and High Level Meeting at a period agreeable to Member states.”

In response to a query from the US on why a Review was needed the Indian delegation had the following to say:

This Review platform is a different one from the ongoing review. If ongoing review was efficient we wouldn’t be sitting here. Review must happen at the UNGA in 2020. We will continue to call for it.We urge the reconsideration of the approach that Review or High Level Meeting is not needed. Societies that have reached a certain level of development and want to manage growth over the next 10 years like India need Review. India is targeting internet for all by 2020. There will be several consequences for all. It will be mostly positive, but there might be negative as well. We are an open democracy. Voices are expressed and encouraged in India. UNGA must have Review in 2020.

India’s Second Statement on Cyber Security, References Digital India

India made a 2nd statement on cyber security and the WSIS today, highlighting the importance of a secure environment for development programmes for ICTs. India highlighted the Digital India programme in its statement. The summary is below:

India re-emphasized the importance of cybersecurity both from the point of view of economic development and national security. India also disagreed with Japan on the importance of cybersecurity for development pointing to the Digital india Initiative. India argued that the Digital India Initiative, which is taking e-services to all citizens in country needs to be supported by a secure environment and cybersecurity is an important part of this. India also stressed the importance of protecting  critical internet resources for India. India went on to Encourage Member States to present concrete, clear proposals on cybersecurity. India suggested having more Confidence Building Measures and raising awareness. India also supported Brazil on finding that the Budapest Convention as it stands is not sufficient to tackle cybercrimes.

India’s Statement on Cybersecurity on Day 3 of 2nd Preparatory Meeting for WSIS+10 Review

During discussions on cybersecurity in the Zero Draft of the WSIS+10, the Indian government made a statement calling attention to the increasing cyber threat and “malicious activities” online. Below is a summary of the statement:

We must recognize that Cyberspace is now the 5th domain as there is increasing innovation with information technology and cyber technology. However, we must protect existing infrastructure and information contained in infrastructure as malicious activities online are increasing exponentially with improvement in technology. Hence, the security of infrastructure is paramount, we must work together to prevent this through exchange of information and collaboration. Steps must be taken in comprehensive manner to improve R&D and technology transfer to counter cyber threats.