The mandate of FOC Working Group 1 “An Internet Free and Secure” ended in May 2017. This page holds a record of their work.
As cybersecurity becomes a critical issue on the international agenda, there is a growing need for an informed debate on the relationship between governance, security, and fundamental rights and freedoms online, involving all stakeholders. In this context, the working group (WG) “An Internet Free and Secure” seeks to bring a human rights framing to ongoing debates on cybersecurity and aims to develop, through multistakeholder dialogue, meaningful outputs that feed into existing processes.
Framing and activities
In the above context, building on the Tallinn Agenda and the outcomes of the NETmundial Conference, the WG seeks to add value to the ongoing work on cybersecurity done elsewhere. During the WG’s first in-person meeting on the margins of the Internet Governance Forum in Istanbul and subsequent online discussions among members, the activities that the WG will be carrying out include:
(1) Refining the definition of cybersecurity
As of December 2014, WG members have come to an agreement on the following working definition of cybersecurity:
PREAMBLE: International human rights law and international humanitarian law apply online and well as offline. Cybersecurity must protect technological innovation and the exercise of human rights.
DEFINITION: Cybersecurity is the preservation – through policy, technology, and education – of the availability*, confidentiality* and integrity* of information and its underlying infrastructure so as to enhance the security of persons both online and offline.
*as defined by ISO 27000 standard.
Note: The text of the definition was updated on September 2015
(2) Mapping cybersecurity – developing a visual overview of relevant global spaces where cybersecurity debates are taking place
As a step towards facilitating greater stakeholder engagement in cybersecurity debates, the working group has conducted a mapping exercise to identify main global spaces where cybersecurity is being discussed. The main objective of this exercise was to raise awareness among the broader community. The final output of the exercise was a visual timeline of relevant global spaces where cybersecurity debates are taking place which can be accessed here.
(3) Advancing the normative debate on cybersecurity
In order to advance the normative debate on cybersecurity, the Group decided to develop a set of recommendations that promote greater stakeholder-driven and human rights respecting approaches to cybersecurity. These recommendations are being developed with the aim to provide guidance to all stakeholders involved in cybersecurity matters, and in particular those involved in developing and implementing cybersecurity policies and frameworks. They are being designed to encourage stakeholders to incorporate the protection and promotion of human rights in all matters related to cybersecurity and to ensure that cybersecurity policy is rights-respecting by design.
(4) Blog-series – exploring spaces where cybersecurity is being discussed and avenues for engagement
In a further effort to raise awareness about relevant forums and processes where cybersecurity debates are taking place, the group agreed to issue a blog series that would serve as a platform to explore in depth the existence, relevance, and status of various spaces where cybersecurity issues are being discussed. The blogs will cover a range of topics related to cyber security including discussions taking place at the ITU, the UN, the London Process, NATO, OSCE, WSIS, the IGF, and other forums. The blogs will be a way to share this information with the broader community and highlight potential avenues for greater civil society engagement.
Blog #1: Bringing Clarity to Cybersecurity, by Ron Deibert
Blog #2: Cybersecurity and the United Nations, by Tim Maurer
Blog #3: Promoting International Norm Development in Cyberspace through the “London Process”, by Jochai Ben-Avie and Simone Halink
Blog #4: The Privacy in the Protocol: Why Civil Society Needs to Pay Attention to the IETF, by Mallory Knodel
Blog #5: Reporting back on activities of Working Group 1
Blog #6: Utilizing the UN Human Rights Mechanisms for the Advancement of Digital Rights, by Sarah McKune
Blog #7: Cybersecurity: What’s the ITU got to do with it?, by Sheetal Kumar
Blog #8: Why Do We Need a New Definition for Cybersecurity?, by Eileen Donahoe and Tim Maurer
Blog #9: WSIS+10 Review: Consequences for human rights and cybersecurity issues
Blog #10: Four common myths about human rights and security in cyberspace, by Michael Walma
The views expressed in these blog posts represent the views of individual authors, and do not represent the views of the Freedom Online Coalition or its members.
Structure and Membership
The work of the WG is carried out by its members. The Group consists of 14 selected individuals who join the WG Co-chairs – Simone Halink from the Dutch Government and Matthew Shears of the Center for Democracy & Technology (CDT) – and other FOC country members who have expressed interest in participating in the WG, currently Canada and the United States.
Non-members of the WG will be able to input into the WG at various points in the process through physical meetings and online. Please check this page and our social media feeds for updates. Activities of the WG are carried out in correspondence with the Terms of Reference and will be supported by the FOC Support Unit.
Working methods and timeline
The bulk of the WG’s work is done remotely via email. Working group members may decide to meet on the margins of existing international events like the Internet Governance Forum.
Group decisions and approval of final outcomes is made by consensus among group members.
At the fifth annual FO Conference in Mongolia, the mandate of the WG has been renewed until the next annual FO Conference to be held in 2016.