Hands of a guy on laptop keyboard

New Year’s in New York: A Crowded Cyber-Norms Playground (Part 1)

Published on 04 December 2019
Updated on 05 April 2024

In December of last year, New York City was the place for diplomats to write a long list of New Year cyber-wishes, which came in the form of resolutions that established the first UN Open-Ended Working Group on Developments in the Field of ICTs in the Context of International Security (OEWG) and the sixth UN Group of Governmental Experts. A year later, it is time to show that they have put in the work to make these wishes come true. So far, so good.

In the first half of December, the UN Headquarters in New York are packed with cyber-diplomats and wannabes. Their notebooks are full of ideas and information on rather unclear cyber-issues that include: cyberconflict and cyber-stability, cyber-sovereignty, cyber norms, the attribution of and response to cyber-attacks, and others. Their collective goal, hopefully, is singular: to take steps towards a more stable and peaceful cyberspace (and thus bringing more stability to the real world that is dependent on this space).

Related: For context, you may look at the recording and the summary of the web discussion

Cyber-armament: A heavy impact on peace, economic development, and human rights

After its first substantial meeting held in September, the newly established UN OEWG is now open (from 2 to 4 December) for multi-stakeholder informal consultations that bring together government, the private sector, and civil society organisations. Following these consultations, from 5 to 6 December, the sixth UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE) will hold an informal consultation for non-members, which will be followed by the first substantive session of the UN GGE.

The whole discussion about a possible international cyber-stability framework remains an enigma for many. These two distinct, yet somehow connected, processes under the same UN umbrella only add to the confusion. So, what is this all about?

GGE vs/and OEWG

A visualisation developed for a dedicated GGE-OEWG page at our Digital Watch observatory may help: the GGE and the OEWG indeed have similar focuses, yet different compositions and durations. 

GGE and OEWG - comparative survey

For the GGE, which is now in its sixth edition (Res 73/266), the objectives are more or less clear. Its successful reports in 2010, 2013, and 2015, which were each adopted by the UN General Assembly, confirmed that international law, and in particular the UN Charter, applies to cyberspace, and outlined a number of voluntary norms, confidence building measures (CBMs), and capacity-building priorities. One can expect (or at least hope) that this GGE will reach a consensus on further clarifications of how international law applies, and possibly new norms and CBMs. At a minimum, the GGE is expected to publicly disclose detailed official positions of states and the relevant differences between these positions. This edition of the GGE includes 25 representatives of states (including the P5 states), who are mainly experts and their teams from the capitals of these countries. This level of expertise promises in-depth discussions on a wide range of cyber-issues. 

For the OEWG, which was only established a year ago (Res 73/27), things are less clear. The OEWG should also look at how international law applies to cyberspace, and further develop norms and CBMs, but should in addition establish regular dialogue between states and clarify concepts relevant for discussion. With the aim to gather all interested parties at the UN, it is likely that most of the representatives in OEWG will be diplomats from the UN Missions in New York who have broader diplomatic portfolio rather than in-depth knowledge of cyber issues. Yet, in their official statements at the first substantial meeting of the OEWG in September, the majority of the 70-plus countries that were present shared their views on what the role of the OEWG should be. Simplifying these positions to several options –  from ‘at least’ (dialogue, awareness, and capacity building) to ‘at maximum’ (work on the development of the global treaty) – allows us to visually map these positions:

47uz2rpG9embEDZFjsP5NKL7BUbaIPbiWniTBkN9q2uXIP42uTvgdw1 7NyGcoRzerOS89dtTPgUktxZNt9AsPqXLybYK

The comforting news is that, along with the two Chairs – the GGE Chair, Brazilian Ambassador Patriota, and the OEWG Chair, Swiss Ambassador Lauber – most of the countries openly expressed their willingness to contribute to the success of both groups. After all, some countries have voted for establishing both the GGE and the OEWG.

Related: For more about the cyber-stability framework under construction, you may look at the recording and the summary of the web discussion

Norms and confidence building measures (CBMs): Are we there yet?

In Part 2 we will look at the key open questions on the agenda, and positions that states are taking. Stay tuned.

Subscribe to Diplo's Blog