Monthly Report 01/2023 - Executive Summary
Volume 2, January 2023, No. 1
From 9 to 21 January, the fourth round of negotiations of the Ad Hoc Committee (AHC) on the elaboration of a UN Convention against Cybercrime took place in Vienna. The first draft text (Consolidated Negotiating Document/CDN) on the chapters General Provisions, Criminalization and Procedural Measures and Law Enforcement was discussed very controversially. In particular, the proposed categories of offences in cyberspace were highly disputed. The Western countries want to concentrate on the "core crimes" in cyberspace, e.g. illegal intrusion into foreign networks (cyber-dependent crimes). China, Russia and other autocracies prefer a comprehensive catalogue (cyber-enabled crimes) that includes, for example, content comprising illegal information. NGOs have warned against using the fight against cybercrime as a pretext to reduce Internet freedoms and human rights. The next negotiations on the chapters Preamble, International Cooperation, Technical Assistance, Preventive Measures, Mechanisms of Implementation and Final Provisions will take place again in Vienna at the end of April 2023. The final text is to be drafted at a meeting in New York at the end of August 2023. [1]
The Global Cybersecurity Outlook 2023 presented on 23 January 2023 at the World Economic Forum in Davos states that the threats in cyberspace have changed. On the one hand, geopolitical instability has led to disruptions in supply chains and revealed new threats to national security. On the other hand, threats to businesses from disruption, data theft and reputational damage are growing. 91 percent of the large companies included in the survey expect a "cyber disaster" in the next two years. The report recommends the C-level management to work more closely with cyber experts. These, in turn, must be able to communicate existential threats in a language that CEOs can understand, so that necessary security precautions are taken. Recruiting "cyber talents" for the corporate management level is crucial. [2]
The "Addis Ababa Messages" were published on 17 January 2023. The document contains 72 recommendations on the seven key themes (Connecting All People and Safeguarding Human Rights; Avoiding Internet Fragmentation; Governing Data and Protecting Privacy; Enabling Safety, Security and Accountability; Addressing Advanced Technologies including Artificial Intelligence) of the 17th IGF held in Ethiopia. The messages contain proposals for the Global Digital Compact (GDC), which the UN wants to work out by September 2024, e.g. to overcome the digital divide and promote digital education. Addressing the risk of "fragmentation of the Internet", it says that "Internet openness is instrumental in fostering the enjoyment of Internet users' human rights, promoting competition and equality of opportunity, and safeguarding the generative peer-to-peer nature of the Internet". It calls for civil society participation in negotiations on cyber security and cyber crime. Measures against fake news and disinformation must not have a damaging effect on the right to freedom of expression. The use of artificial intelligence must be transparent and remain under human control. [3]
On 6 January 2023, the USA and Japan signed a "Memorandum of Cooperation on Cybersecurity". The issue of the Memorandum is the certification of hardware and software in order to minimise risks (e.g. the use of Chinese communication technology). At the summit following on 13 January 2023 in Washington, where US President Biden and Japan's Prime Minister Kishida met, the importance of cyber security in the Indo-Pacific region was underscored at the highest level. [4]
In a "Call for Leaders" on 13 January 2023, the CyberPeace Institute in Geneva addressed the participants of the Davos World Economic Forum and called on them to take action to strengthen the role of NGOs, develop "human centric" digital policies, protect critical Internet infrastructure and preserve the universal nature of the Internet. [5]
On 23 January 2023, the Global Forum for Cyber Expertise (GFCE) launched a "Cyber Capacity Building Research Project on Public-Private Partnership best practices for combating ransomware in support of the Counter Ransomware Initiative". The project is designed to aggressively counter the growing number of blackmailing in cyber space. It is supported by the US Cybersecurity & Infrastructure Security Agency (CISA), the US State Department and the Spanish government. [6]