IGF 2018 WS #131 Balancing Cybersecurity, Human Rights & Economic Development

    Room
    Salle II

    Organizer 1: Carolin Weisser, Global Cyber Security Capacity Centre
    Organizer 2: Barbara Marchiori de Assis, Organization of American States
    Organizer 3: Belisario Contreras, Organization of American States (OAS)
    Organizer 4: Alexandrine Pirlot de Corbion, Privacy International
    Organizer 5: Amalia Toledo, Karisma Foundation

    Speaker 1: Carmen Gonsalves, Government, Western European and Others Group (WEOG)
    Speaker 2: Angela Mckay, Private Sector, Western European and Others Group (WEOG)
     

    Additional Speakers

    Speaker 1: Lisa Vermeer,Senior Policy Officer, Ministry of Foreign Affairs the Netherlands

    Speaker 2: William Dutton [intgovforum.org], Quello Professor of Media and Information Policy in the College of Communication Arts and Sciences at MSU

    Speaker 3: Claudio Cocorocchia, Acting Head of Information and Entertainment System Initiative, Global Leadership Fellow, in World Economic Forum.

    Speaker 4: Leandro Ucciferri, Lawyer and Researcher, ADC

    Moderator

    Belisario Contreras, Manager, Cybersecurity Program, Organization of American States (OAS)

    Online Moderator

    Carolin Weisser, Portal Manager, Global Cyber Security Capacity Center, University of Oxford

    Rapporteur

    Barbara Marchiori de Assis, Cyber Security Program Officer, Organization of American States (OAS)

    Format

    Round Table - 90 Min

    Interventions

    The purpose of this roundtable session is to address the relevance of balancing Cybersecurity, Human Rights and Economic Development issues and explore best practices applied in different regions and stakeholder groups. Particularly, it will be discussed coordination and collaboration models between different stakeholder groups aimed at balancing cybersecurity, economic objectives and fundamental values. Speakers will share their expertise and points of view regarding these issues, and moderator will ask for proposals and their views on how to guarantee a real balance in these three areas. Confirmed speakers cover a wide area of organizations and regions, which will provide a unique and global approach to the proposed theme. A background paper prepared by the organizers will be distributed in advance.

    Diversity

    Diversity has been built in from the concept stage to the selection of the speakers and the topics to be covered. Confirmed speakers have are varied and diverse in terms of expertise, gender, geographic representation, stakeholder groups. Proposed speakers are highly qualified and renowned experts who will provide unique perspectives and insights to cybersecurity related discussions during IGF2018.

    The proposed workshop itself will be structured as follows to ensure an integrative discussion: - Introduction of the issues for discussion - Presentation of Background Paper - Moderator will then give the floor to each speaker to present for 5 minutes each on the topics - Moderator will encourage the audience (in situ and online) to add their experience to the debate and to ask questions to the different speakers - Concluding remarks (each speaker to provide a 3 minutes final thoughts) Total: 1.5 hours

    We intent to allocate a significant amount of time to discussion and contributions from the audience and remote participation. It is envisioned that a remote moderator will be in permanent contact with remote participants and update them on the progress of the session. Remote participants will be encouraged to feed into the discussion, and their comments and remarks will be fed back to the room to incorporate them in the discussion. Moderator and speakers will set the stage and share practical cases that will generate discussion and proposals to follow. Unless strictly necessary, experts will be suggested to avoid presentations, and the format will be based on a discussion.

    As national cybersecurity strategies become more common, it is important that countries implement cybersecurity measures through a risk-based approach. Simply put, cybersecurity policymaking must take into account the social and economic opportunities offered by the digital environment when solving security problems, while also guaranteeing fundamental rights. This dynamic balance between cybersecurity, economic development and human rights requires answers not limited to technical solutions strictly aimed at eliminating the threat. On the contrary, in order to reap the social and economic benefits of digitalization, while protecting fundamental values, stakeholders must reduce risk to an acceptable level. What level of security risk would be deemed acceptable at national level? More specifically, how stakeholders with different interests and without a shared understanding of cybersecurity could find this balance?

    Online Participation

    Inclusive online participation in the proposed panel will be encouraged before and during the session. In advance, the opportunity for online participation will be promoted on all available channels of the participating organizations, including mailing lists and social media. Moderator will use IGF and session hashtags in order to promote discussion and questions during the panel. Besides asking online questions, moderator will also consider questions made using IGF hashtags The three core parts of the communication will be the importance of online participation for the outcomes of the IGF, the invitation to submit questions in advance which will be discussed and prioritized in the session, and technical information how online participation via the WebEx platform works. At the beginning of the session the moderator will explicitly ask online participants to take part in the debate and the online moderator will ensure that their contributions and questions are prioritized. Subject to budget availability and technical capacities of the host organization, OAS will hire interpretation for the session in order to secure a wider audience.

    Session Time
    Session Report (* deadline 9 January) - click on the ? symbol for instructions

    IGF 2018 Report Template

    Pre-Session Synthesis Due: 2 November 2018

    Short Report Due: Within 12 hours of when session is held

    Long Report Due: 23 November 2018

    [sample report here]

     

     
     

     

     

     

     

    - Session Type (Workshop, Open Forum, etc.): Round Table - 90 Min

     

    - Title: Balancing Cybersecurity, Human Rights & Economic Development

     

    - Date & Time: Wednesday, 14 November, 2018 - 12:10 to 13:40

     

    - Organizer(s):

    Organizer 1: Carolin Weisser, Global Cyber Security Capacity Centre
    Organizer 2: Barbara Marchiori de Assis, Organization of American States
    Organizer 3: Belisario Contreras, Organization of American States (OAS)
    Organizer 4: Alexandrine Pirlot de Corbion, Privacy International
    Organizer 5: Amalia Toledo, Karisma Foundation

    - Chair/Moderator:

    Onsite Moderator: Kerry-Ann Barrett, Cybersecurity Policy Specialist, Cybersecurity Program, Organization of American States (OAS) (Female)

    Online Moderator: Carolin Weisser Harris, Lead International Operations, Global Cyber Security Capacity Centre, University of Oxford (Female)

     

    - Rapporteur/Notetaker:

    Matthew Griffin, Global Cyber Security Capacity Centre, University of Oxford (Male)

     

    - List of speakers and their institutional affiliations (Indicate male/female/ transgender male/ transgender female/gender variant/prefer not to answer):

     

    Speaker 1: Lisa Vermeer, Senior Policy Officer, Ministry of Foreign Affairs the Netherlands (Female)

    Speaker 2: Prof William Dutton [intgovforum.org], Global Cyber Security Capacity Centre, University of Oxford (Male)

    Speaker 3: Claudio Cocorocchia, Acting Head of Information and Entertainment System Initiative, Global Leadership Fellow, in World Economic Forum. (Male)

    Speaker 4: Angela Mckay, Senior Director, Cybersecurity Policy and Strategy, Microsoft (Female)

    Speaker 5: Leandro Ucciferri, Lawyer and Researcher, ADC (Male)

     

     

    - Theme (as listed here): Cybersecurity, Trust and Privacy

     

    - Subtheme (as listed here): CYBERSECURITY BEST PRACTICES

     

    - Please state no more than three (3) key messages of the discussion. [300-500 words]

    Over all the panellist discussed a wide ranging issues.  Some of the discuss

    1.       They addressed the relevance of balancing Cybersecurity, Human Rights and Economic Development issues and explored best practices applied in different regions and stakeholder groups.

    2.       The panel explored the cross-sectional issues that should be discussed when considering economic development, multi-stakeholder involvement and human rights.

    3.       They examined the fact that cybersecurity is one those topics that affect the ecosystem that supports development.

    - Please elaborate on the discussion held, specifically on areas of agreement and divergence. [300 words] Examples: There was broad support for the view that…; Many [or some] indicated that…; Some supported XX, while others noted YY…; No agreement…

    There was general agreement from the panel that empowering digital citizens and rethinking how we engage on issues that have an impact on cybersecurity is critical.  There was also consensus on the need to have not just a vertical multistakeholder concept but an inclusive multi-disciplinary and wide-raging dialogue in order to have meaning policies.

     

    - Please describe any policy recommendations or suggestions regarding the way forward/potential next steps. [200 words]

     

    Some of the policy considerations were practical in nature and included:

    ·       Be aware that not everyone in the room is speaking the same language. Ensure everyone with the different background speaks to each other.  It was noted that a broad set of arguments brought about by a broad set of actors is best to ensure impact. As such actors need to work together to push and fight back against cyber threats.

    ·       It is important to have a broad inclusive dialogue to ensure that human rights considerations and economic development work in tandem.

    ·       Having a human rights perspective is not incompatible with the economic perspective on cybersecurity development.

    ·       Conversation between people, government and industry need to be managed to reflect rights and values in law.

    ·       You can implement security and human rights parallel, they're not exclusive. At the same time, there will be trade-offs and the trade-offs are something that the society has to be involved in in making helpful decisions to represent, again, the values of a particular geography and context.

     

     

    - What ideas surfaced in the discussion with respect to how the IGF ecosystem might make progress on this issue? [150 words]

    During the discussion some key concepts emerged which can be considered for future workshops:

    ·       Measuring the impact of cybersecurity incidents that affect civil society groups should inform cybersecurity policies;

    ·       Ecology of Games – each of the policy areas have a variety of stakeholders shaping the policy in other areas directly or inadvertently. The outcome of those efforts shape security.

    ·       Security and Human rights can operate in parallel.

    ·       Need to overcome the language barrier between the stakeholders in terms of ensuring everyone is talking about the same issue

    ·       Ethical development – Human rights should be built in by design to economic development plans and cybersecurity investment.

     

    - Please estimate the total number of participants.

    There was approximately 42 participants.

     

     

    - Please estimate the total number of women and gender-variant individuals present.

    ·       Audience: 23 females, 19 Males

    ·       Panel: 3 Females, 3 Males

     

     

    - To what extent did the session discuss gender issues, and if to any extent, what was the discussion? [100 words]

     

    - Session outputs and other relevant links (URLs):

     

    IGF 2018 Report Template

    Pre-Session Synthesis Due: 2 November 2018

    Short Report Due: Within 12 hours of when session is held

    Long Report Due: 23 November 2018

    [sample report here]

     

     
     

     

     

     

     

    - Session Type (Workshop, Open Forum, etc.): Round Table - 90 Min

     

    - Title: Balancing Cybersecurity, Human Rights & Economic Development

     

    - Date & Time: Wednesday, 14 November, 2018 - 12:10 to 13:40

     

    - Organizer(s):

    Organizer 1: Carolin Weisser, Global Cyber Security Capacity Centre
    Organizer 2: Barbara Marchiori de Assis, Organization of American States
    Organizer 3: Belisario Contreras, Organization of American States (OAS)
    Organizer 4: Alexandrine Pirlot de Corbion, Privacy International
    Organizer 5: Amalia Toledo, Karisma Foundation

    - Chair/Moderator:

    Onsite Moderator: Kerry-Ann Barrett, Cybersecurity Policy Specialist, Cybersecurity Program, Organization of American States (OAS) (Female)

    Online Moderator: Carolin Weisser Harris, Lead International Operations, Global Cyber Security Capacity Centre, University of Oxford (Female)

     

    - Rapporteur/Notetaker:

    Matthew Griffin, Global Cyber Security Capacity Centre, University of Oxford (Male)

     

    - List of speakers and their institutional affiliations (Indicate male/female/ transgender male/ transgender female/gender variant/prefer not to answer):

     

    Speaker 1: Lisa Vermeer, Senior Policy Officer, Ministry of Foreign Affairs the Netherlands (Female)

    Speaker 2: Prof William Dutton [intgovforum.org], Global Cyber Security Capacity Centre, University of Oxford (Male)

    Speaker 3: Claudio Cocorocchia, Acting Head of Information and Entertainment System Initiative, Global Leadership Fellow, in World Economic Forum. (Male)

    Speaker 4: Angela Mckay, Senior Director, Cybersecurity Policy and Strategy, Microsoft (Female)

    Speaker 5: Leandro Ucciferri, Lawyer and Researcher, ADC (Male)

     

     

    - Theme (as listed here): Cybersecurity, Trust and Privacy

     

    - Subtheme (as listed here): CYBERSECURITY BEST PRACTICES

     

    - Please state no more than three (3) key messages of the discussion. [300-500 words]

    Over all the panellist discussed a wide ranging issues.  Some of the discuss

    1.       They addressed the relevance of balancing Cybersecurity, Human Rights and Economic Development issues and explored best practices applied in different regions and stakeholder groups.

    2.       The panel explored the cross-sectional issues that should be discussed when considering economic development, multi-stakeholder involvement and human rights.

    3.       They examined the fact that cybersecurity is one those topics that affect the ecosystem that supports development.

    - Please elaborate on the discussion held, specifically on areas of agreement and divergence. [300 words] Examples: There was broad support for the view that…; Many [or some] indicated that…; Some supported XX, while others noted YY…; No agreement…

    There was general agreement from the panel that empowering digital citizens and rethinking how we engage on issues that have an impact on cybersecurity is critical.  There was also consensus on the need to have not just a vertical multistakeholder concept but an inclusive multi-disciplinary and wide-raging dialogue in order to have meaning policies.

     

    - Please describe any policy recommendations or suggestions regarding the way forward/potential next steps. [200 words]

     

    Some of the policy considerations were practical in nature and included:

    ·       Be aware that not everyone in the room is speaking the same language. Ensure everyone with the different background speaks to each other.  It was noted that a broad set of arguments brought about by a broad set of actors is best to ensure impact. As such actors need to work together to push and fight back against cyber threats.

    ·       It is important to have a broad inclusive dialogue to ensure that human rights considerations and economic development work in tandem.

    ·       Having a human rights perspective is not incompatible with the economic perspective on cybersecurity development.

    ·       Conversation between people, government and industry need to be managed to reflect rights and values in law.

    ·       You can implement security and human rights parallel, they're not exclusive. At the same time, there will be trade-offs and the trade-offs are something that the society has to be involved in in making helpful decisions to represent, again, the values of a particular geography and context.

     

     

    - What ideas surfaced in the discussion with respect to how the IGF ecosystem might make progress on this issue? [150 words]

    During the discussion some key concepts emerged which can be considered for future workshops:

    ·       Measuring the impact of cybersecurity incidents that affect civil society groups should inform cybersecurity policies;

    ·       Ecology of Games – each of the policy areas have a variety of stakeholders shaping the policy in other areas directly or inadvertently. The outcome of those efforts shape security.

    ·       Security and Human rights can operate in parallel.

    ·       Need to overcome the language barrier between the stakeholders in terms of ensuring everyone is talking about the same issue

    ·       Ethical development – Human rights should be built in by design to economic development plans and cybersecurity investment.

     

    - Please estimate the total number of participants.

    There was approximately 42 participants.

     

     

    - Please estimate the total number of women and gender-variant individuals present.

    ·       Audience: 23 females, 19 Males

    ·       Panel: 3 Females, 3 Males

     

     

    - To what extent did the session discuss gender issues, and if to any extent, what was the discussion? [100 words]

     

    - Session outputs and other relevant links (URLs):