ABSTRACT
As use of the internet has become critical to global economic development and international security, there is near-unanimous agreement on the need for more international cooperation to increase stability and security in cyberspace. This paper compares what the United Nations’ (UN) Group of Governmental Experts (GGE) and the Organization for Security and Co-operation in Europe's (OSCE) norm-building processes have achieved so far and what disagreements have impeded these efforts. It identifies several priorities for cooperation identified by participants in both forums. It also proposes three practical projects related to these priorities that members of regional or global organisations might be able to work on together, despite political tensions and philosophical disputes. The first would help state and non-state actors share information and communicate about various types of cybersecurity threats using a flexible and intuitive effects-based taxonomy to categorise cyber activity. The second would develop a more sophisticated way for state and non-state actors to assess the risks of different types of cyber incidents and the potential benefits of cooperation. The third would identify aspects of the internet that might be considered the core of a public utility, worthy of special protection in their own right and for their support of trans-border critical infrastructure.
Disclosure statement
No potential conflict of interest was reported by the authors.
Notes on contributors
Theresa Hitchens is a Senior Research Associate at the Center for International and Security Studies at Maryland (CISSM). Prior to joining CISSM, Hitchens was the director of the United Nations Institute for Disarmament Research (UNIDIR) in Geneva from 2009 through 2014.
Nancy Gallagher is the Director of CISSM and a Research Professor at the University of Maryland's School of Public Policy.
Notes
1 There is no agreed definition of what makes up the ‘core’ or ‘backbone’ of the internet, although there is increasing international interest in trying to define both infrastructure and functions of the internet that provide global connectivity and thus should be ‘off limits’ for disruption and attack.
2 See ‘Law of Armed Conflict (LOAC), 4 Basic Principles’, LOACblog.com, https://loacblog.com/loac-basics/4-basic-principles/.