Incyder news


14 November 2012


United Nations: Recent Developments in the Field of Information and Telecommunications in the Context of International Security

The 67th session of the United Nations General Assembly (UNGA) and the work of the First Committee in November 2012 shed light on various national perspectives on cyber security but did not yield the adoption of substantially new resolutions.

UNGA is one of the six principal organs of the United Nations (UN), and the only one in which all member nations have equal representation as 193 Member States gather to debate and find common ground on a range of global issues, including Internet Governance and cyber security. In order to facilitate the discussions of 193 countries, two weeks of General Debate is followed by work in six main committees that examine issues falling into various broad areas.

Like many other international organisations, the UN uses a specific vocabulary regarding the domain of cyber security. Such issues are categorised in the UN as ‘Developments in the Field of Information and Telecommunications in the Context of International Security’ and are mostly discussed in the First Committee, also known as the Committee on Disarmament and International Security, having been put on the agenda by Russia’s initiative1 in 1998. In addition, the Second Committee (Economic and Financial Committee) and Third Committee (Social, Humanitarian and Cultural Committee) cover aspects of Internet Governance and freedom of expression on the internet. Each year, after the UNGA has allocated items relevant to its work among its six main committees, the committees then go on to discuss the issues and strive for a common viewpoint across different Member States. Having reached an agreement, the committees present the Assembly plenary meeting with draft resolutions and decisions for consideration.

As its first priority, the First Committee focuses on disarmament, non-proliferation, arms control and international security issues, its members recommending resolutions and decisions to be adopted at the UNGA plenary sessions. Although the Committee is considered to be one of the best fora for cyber security related discussions within the UN (besides the International Telecommunication Union), the constructive collaboration has, from the beginning, been challenged principally by different approaches to information security regarding terminology, the scope of the problem, the mandate and role of the UN, and perspectives on the threat.2 The exchange of views in the Committee is largely static due to the limited acknowledgment of other states' perspectives.3 Resolutions on ‘Developments in the Field of Information and Telecommunications in the Context of International Security’ recur in the First Committee year after year with minimal or no change in the text.

Group of Governmental Experts

Nevertheless, the statements presented in the First Committee indicate the approximate positions of different countries and their political goals, even though these viewpoints, unless having the support of the majority, are hardly ever reflected in the resolutions voted on year after year. Perhaps the most significant development in the First Committee regarding cyber security has been Russia’s proposal in 2001 to convene a Group of Governmental Experts (GGE) to discuss the threats, possible cooperation and other issues of international information security; an initiative that has managed, even if marginally, to bridge some of the differences in opinions. Mr Linnar Viik, Estonia’s representative in GGE, called the group and its 2010 report ‘a breakthrough’ since the ‘previous efforts made over the last ten years to formulate standard recommendations in the cyber security realm have always ended with no agreement being reached’.4

After the already convened two GGE meetings, the UNGA approved the third session for the GGE in 2011 with the purpose of continuing  to study existing and potential threats in the sphere of information security and possible cooperative measures to address them.5 GGE is to report back their findings to the 68th session of the UNGA in September 2013. The Third GGE consists of members from Argentina, Australia, Belarus, Canada, China, Egypt, Estonia, France, Germany, India, Indonesia, Japan, Russia, the UK and the USA.6

First Committee’s Session in 2012

At its second plenary meeting, on 21 September 2012, the General Assembly, following the recommendation of the General Committee, decided to include the item ‘Developments in the Field of Information and Telecommunications in the Context of International Security’ in its agenda and to allocate it to the First Committee.7

In November 2012, new technologies and their use were at the heart of the discussion in the First Committee, taking into account the A/67/167 report to the Secretary-General.8 China’s representative stated that the ‘international community was confronted by the “abusive use” of information and communications technologies, and must work to prevent the information space from becoming a ‘new battlefield’.9 A group of 32 nations, led by Sweden, underlined that the internet should remain open in order to facilitate the free flow of information in cyberspace, taking into account universal human rights. They stressed the importance of a multi-stakeholder approach to the discussions about the future of the internet (as a possible hint to the ITU WCIT in Dubai) and the imminent need for international cooperation to tackle the growing threat of cyber attacks, cyber espionage and cybercrime. Lastly, the group invited countries to intensify their efforts in the domain, and emphasised the need to further work on the norms and principles of responsible state behaviour as well as confidence building and transparency measures.10  

Germany raised several issues attached to a note verbale 516/2012. Firstly, Germany is concerned about the ‘prevailing ambiguity about what norms apply in cyberspace’ and the fact that many states defer or leave off their agenda ‘concrete steps to enhance resilience’. Most importantly, the note underlined that Germany will strongly advocate strengthened cyber security within the EU and international organisations and that Germany is supporting ‘developing broad, non-contentious, politically binding norms of State behaviour in cyberspace’. It is added that the norms ‘should be acceptable to a large part of the international community and should include measures to build trust and increase security’. Germany declared that it is ‘ready to work on a set of behavioural norms addressing State-to-State behaviour in cyberspace, including, in particular confidence, transparency- and security-building measures, to be signed by as many countries as possible’ and outlined a number of possible elements of such a code of conduct on international norms. Moreover, Germany pointed out the ‘necessity to start a debate on an international cooperation in the framework of attribution of cyber attacks’ and the need to focus on the issues of state responsibility when the attacks in launched from its territory. In addition, Germany welcomes NATO’s commitment to cyber security.11

As a result of these discussions, the draft resolution A/C.1/67/L.30 ‘Developments in the Field of Information and Telecommunications in the Context of International Security’12 was agreed upon and recommended for the plenary meeting of the 67th UNGA session for adoption. The text itself does not reflect any new agreements but reiterates the views expressed within the last similar resolutions. According to the resolution, the UNGA invites all Member States to take into account the assessments and recommendations contained in the GGE report13 on ‘Developments in the Field of Information and Telecommunications in the Context of International Security’, and to continue to report back to the Secretary-General their opinions on the following issues:  general appreciation of the issues of information security; efforts taken at the national level to strengthen information security and promote international cooperation in this field; possible measures that could be taken by the international community to strengthen information security at the global level; and the content of relevant international concepts aimed at strengthening the security of global information and telecommunications systems.14