Six proposals to make the internet more secure

Press release
Marietje

The Global Commission on the Stability of Cyberspace (GCSC) today proposed 6 global norms to help promote the peaceful use of cyberspace. The norms were developed with the express purpose of being adopted by public and private sector actors towards an architecture to improve international security and stability in cyberspace. The norms will be officially presented in the margins of the Paris Peace forum on Monday the 12th of November.

The norms introduced by the GCSC focus on the following areas:

  • Norm to Avoid Tampering
  • Norm Against Commandeering of ICT Devices into Botnets
  • Norm for States to Create a Vulnerability Equities Process
  • Norm to Reduce and Mitigate Significant Vulnerabilities
  • Norm on Basic Cyber Hygiene as Foundational Defense
  • Norm Against Offensive Cyber Operations by Non-State Actors

Read the complete package here.  

GCSC Commissioner and Member of the European Parliament Marietje Schaake: "We should not become used to the seemingly never-ending stream of stories about hacks, cyberattacks or data breaches.  These proposals crystallize further the responsibilities of states and non-state actors. Hopefully they will provide the basis for binding norms in the longer term. One thing is clear: without such norms the open internet as we know it is in danger."  

Launched at the Munich Security Conference in February 2017, the GCSC is a group of 28 prominent, independent leaders in cyberspace from 16 countries, including Chair Marina Kaljurand (Estonia) and Co-Chairs Latha Reddy (India) and Michael Chertoff (USA). Its mission is to enhance international peace, security and stability by developing norms and policy proposals to guide responsible state and non-state behaviour in cyberspace.  

BACKGROUND

This Norm Package is the result of contributions and extensive consultations by GCSC Commissioners, advisory experts and the GCSC Research Advisory Group. It was finalized at the fourth full Commission meeting held in Singapore on September 19-20, which featured a public hearing to facilitate stakeholder engagement.

At the hearings, the proposed norms were discussed by senior representatives from the United Nations Office for Disarmament Affairs (UNODA), the United Nations Institute for Disarmament Research (UNIDIR), the UN Secretary-General’s High-Level Panel on Digital Cooperation, the Organization for Security and Co-operation in Europe (OSCE) and the European Union. Cyber coordinators and senior officials from Australia, Belgium, Canada, Estonia, Finland, France, Germany, Hungary, India, Japan, Kenya, Mexico, the Netherlands, New Zealand, Norway, Poland, Singapore, Switzerland, the United Kingdom and the United States participated in the meeting as well. Civil society and private organizations were also represented, including the Asia-Pacific Network Information Centre (APNIC), FIRST, ICANN, Microsoft, JPMorgan Chase, and the S. Rajaratnam School of International Studies, among others. The list of participants for the Singapore hearings is available here.

“The calls for responsible behavior in cyberspace will only grow louder, in step with the very real risks cyber poses for international stability,” commented Izumi Nakamitsu, United Nations Under-Secretary-General and High Representative for Disarmament Affairs. “All stakeholders should continue the discussion on norms and what they represent in advancing a global understanding of what is – and what is not – acceptable, in cyberspace.”

The Norm Package builds on previous norms introduced by the GCSC concerning the disruption of elections through cyber attacks on electoral infrastructure and a Call to Protect the Public Core of the Internet.