The EU needs a Cyber Envoy who would coordinate the EU’s diplomatic efforts to advance an open, interoperable, secure and reliable Internet and information infrastructure. Given the global nature of the Internet, even ostensibly EU cyber policy decisions typically have a foreign policy or diplomatic dimension.
The Envoy should be responsible for overseeing the implementation of the EU’s cybersecurity strategy and the external dimension of EU policies that include a significant cybersecurity element such as the AI strategy, the EU’s digital trade strategy and the digital single market strategy.
In particular, the Envoy should ensure that the EU plays an active role in promoting norms of responsible state behavior and cyber stability, advancing cybersecurity, fighting cybercrime, promoting multi-stakeholder Internet governance, furthering rules for digital trade and ensure that fundamental freedoms can be exercised online.
The Envoy should maintain an overview of all the instruments at the Union’s disposal with a view to regular reporting to the Council, the High Representative and ensure effective follow-up of Council decisions. He/she should regularly report to the European Parliament as well.
The Envoy should work closely with the relevant working groups at the EU Council (Cyber Working Group, Hybrid Warfare Working Group), various relevant DG’s in the European Commission, Europol and other related and relevant EU agencies.
The European Council can establish such a Cyber-coordinator, who can work within the Council Secretariat. The High Representative of the Union for Foreign Affairs and Security Policy can appoint the EU Cyber coordinator. (Although the Commission president can appoint such figures as well, see for instance the creation of the Special Envoy for the promotion of freedom of religion or belief outside the European Union in 2016).
- Various EU Countries are appointing their own “cyber ambassadors” (FR, DK, NL, EE). The EU cannot lead on international cyber issues in key international fora if we don't have anyone sitting at the negotiating table.
- The US has just stopped its Office of the coordinator for cyber issues, despite the fact that cyber issues have become central topics of discussion in virtually every international venue, and cyber diplomacy is increasingly viewed by governments as a foreign policy imperative.
- International tensions over cybersecurity have escalated (NotPetya attack)
- The EU is facing significant and growing challenges, especially from China and Russia. In recent years, China has become more assertive in promoting its vision for cyberspace—government-controlled, with an absolutist conception of sovereignty over technology and content—that stands in stark contrast to our own policy priorities. As we push back against these repressive concepts, we also continue to engage China on areas of potential cooperation, such as network defense and other practical measures that could reduce the risk of conflict in cyberspace. Countries like Russia and China increasingly use multilateral venues such as the ITU to press for greater government control over the Internet.