The 2015 Global Conference on Cyberspace (GCCS2015) was the latest instalment in a series of conferences convened by governments sometimes referred to as the “London Process”. Starting in November 2011 in London, the process was followed by two conferences, in Budapest in 2012 and Seoul in 2013, and evolved from a space for developing principles “for governing behaviour in cyberspace” into a space to discuss emerging issues, particularly the relationship between internet rights and internet security. More information is available in our GCCS FAQ.
Tackling threats online is a matter of public interest, yet internet security issues are often approached by governments with a sense of urgency and in relative secrecy; an approach which tends to overlook that human rights and security are mutually reinforcing and that states have the responsibility to ensure both.
GCCS2015 was an opportunity for civil society groups to listen to government views on internet security, to interact with them and with other relevant actors such as law enforcement and security agencies. It also had the potential to contribute to greater transparency and open and inclusive discussion of security, informed by human rights perspectives, and including civil society and developing country voices.
In many respects GCCS2015 did well. Participation was more diverse than in previous years. The Dutch organising team should be commended for the large number of participants from developing countries, and also for convening the first event in the London Process that had more than a token civil society presence. In the future we would like to see organisers make better use of the diversity of groups present by creating spaces where governmental and non-governmental participants can interact more closely, and also by providing more slots on panels for speakers from developing countries.
The lack of gender balance on panels was regrettable, as was the absence of any focus on gender in the Chair’s Statement To quote Swedish State Secretary Dr. Maja Fjaestad, who spoke at the event , “gender equality has not been sufficiently addressed as a cyberspace issue. Women are under-represented in all dimensions of the digital world and have far less access to the internet and use of technology.”
We valued the depth and quality of some of the panels, and also of the pre-events which provided civil society participants with an opportunity to gain knowledge on security concerns and to network with colleagues from around the world. We would have appreciated the “cyber crime incident” film being used as an opportunity to reflect on how law enforcement agencies can follow due process and respect human rights as well as successfully fight crime. Nevertheless, the scenario-based policy discussions provided a refreshing format and allowed for varied and interesting discussion on cyber security issues.
Of concern to us is that there was little or no mention of mass surveillance at the event, nor in the Chair’s Statement. It was disappointing that the GCCS, having succeeded in bringing a diverse group of actors together, appeared to attempt to avoid serious discussion of the one cyber security issue which has captured the attention of the world for the last two years. Mass surveillance became the proverbial elephant in the room.
Another issue of importance that was not adequately addressed, neither on the conference agenda nor in the Chair’s Statement, is the weakening of cryptographic protocols that enable privacy online. This is such a pressing issue that it will be the focus of an upcoming UN report , yet it was absent from the outcome of this meeting.
We welcome that the Chair’s Statement affirmed that the internet is a global resource that must be managed in the public interest; APC believes it is not only a global resource, but also a public good which is not only a platform for economic growth, as mentioned in the Chair’s Statement, but also a platform for social, political and cultural development. We were pleased to see the Chair’s Statement call for all stakeholders to work together proactively to ensure that cyber security policies are, from their inception, rights-respecting and consistent with both the International Covenant on Civil and Political Rights and the International Covenant on Economic, Social and Cultural Rights. We are however disappointed that the Chair’s Statement did not make reference to the importance of states complying with the principles of necessity and proportionality in measures to ensure cyber security, particularly as the event confirms that there is a worrying trend to securitise internet issues, thereby shifting them into the realm of states and their military, or “cyber-military”, units. This realm is very opaque, and difficult for civil society groups who were new to the London Process to penetrate. Nevertheless, GCCS was a valuable learning opportunity for those who had not previously been exposed to cyber security deliberations.
While we acknowledge that cyber security is of great importance, we were alarmed by what appeared to be the prevailing discourse at the GCCS, which is that “cyberspace” is the “fifth domain” of war; a discourse that left little space for the many in civil society who believe unequivocally that the internet should be a demilitarised space, free of war.
At GCCS2015, the Dutch government along with 42 governments, intergovernmental organisations and companies launched the Global Forum on Cyber Expertise (GFCE), billed as a key initiative to fight cyber crime as described in its founding document, The Hague Declaration on the GCFE APC is not clear that there is a need for this new forum, and we find it unacceptable that the GFCE does not allow for participation from civil society. This contradicts the Chair’s Statement, which encourages inclusive approaches to all aspects of cyber security. We urge the organisers of the GFCE to cooperate closely with civil society, academia and the technical community. We are also concerned that this new forum has the potential to add to the burden placed on developing country actors by having to maintain participation in so many different spaces.
Furthermore, members of the GFCE such as the Council of Europe (CoE) should be wary in their efforts to promote cyber crime legislation in other parts of the world. In repressive countries, this can lead to a situation where such laws can be used to suppress free expression and to target activists , as has been the case in Southeast Asia.
The next GCCS will be held in Mexico, in 2017. We look forward to the opportunity to participate in this event, and urge the organisers to build on the 2015 event’s achievements and respond to the issues highlighted above.
We encourage the organisers to work closely with civil society groups and human rights defenders in the preparations for the event and to take local challenges fully into account, such as the hostile online environment that many journalists and human and women’s rights defenders in Mexico have to confront on a daily basis. In 2014, ARTICLE 19 recorded 59 assaults on journalists via digital platforms and 12 cyber attacks on media with an editorial stance that had been critical of the government.
We recommend that the organisers of GCCS 2017:
- Recognise and address the state of insecurity that Mexican journalists and human rights defenders face online.
- Work with civil society to develop more transparent and inclusive approaches for civil society input and participation in GCCS2017.
- Start the process of gathering civil society input for the Chair’s report early on to give civil society ample time for input.
- Put mass surveillance and weakening of encryption protocols on the agenda of the forum as significant threats to online security that need to be addressed by all stakeholders.
- Integrate gender concerns in the agenda and ensure gender balance on panels.
- Build an agenda that is oriented towards securing the internet as a global public resource for development and peace, as opposed to a platform for new forms of militarisation and war and economic exploitation.
In closing APC thanks the organisers of GCCS 2015 and we look forward to an even more inclusive GCCS 2017.