CyberPeace Institute’s response to the United Nations zero draft Pact for the Future
Set for September 2024, the Summit for the Future, as outlined in the UN Common Agenda report1, will strive to provide a platform for States to collectively address the major challenges of our time. These challenges, ranging from climate issues to new technology risks, pose a significant threat to humanity. Multistakeholder discussions and consultations were held throughout 2023 and in early 2024 to assist States in their preparation for the Summit, including the preparation of a zero draft Pact for the Future. The zero draft Pact for the Future is intended to serve as a starting point for the intergovernmental deliberations this year, with the ultimate aim of adopting an ambitious and action-oriented Pact for the Future.
Responding to the United Nations’ call for civil society input into the zero draft Pact for the Future, the CyberPeace Institute provided a set of comments and recommendations. In this blog post, we delve into the key aspects of our response.
Preamble
The CyberPeace Institute recognizes the Summit for the Future as a potential catalyst for constructive discussions on tackling global challenges. However, competing sentiments prevail – hope that the Pact for the Future will yield concrete outcomes coupled with a concern regarding the resources and political capital this new process will demand. This is especially important in the current difficult global context characterized by multi crises, increased needs and limited resources to respond. Furthermore, a lack of clarity as to how the Pact for the Future will enhance current efforts further adds to these concerns.
The CyberPeace Institute also emphasizes the urgency of addressing the unique challenges posed by cyber threats to international peace and security and recommends an ambitious vision and focus on cyberspace within the Pact for the Future. As the world is increasingly shaped by technologies, this is creating both opportunities and risks for our collective future. The transformative power of innovation must be harnessed for the greater good, while simultaneously addressing the potential threats to our collective well-being. The CyberPeace Institute’s response focuses on advocating for a secure, inclusive, and human-centric digital future.
Zero harm from the malicious use of digital technologies
Striving for the goal of no harm from the malicious use of digital technologies is paramount, particularly when considering the harms that can disproportionately affect vulnerable communities. The zero draft Pact emphasizes a prevention of the misuse of new technologies, but it should also emphasize a commitment to undertaking tangible actions to reduce the impacts and harms from the malicious use of Information and Communication Technologies (ICTs).
In an era where technology is pervasive, the potential consequences for vulnerable and marginalized groups are pronounced. Achieving zero harm requires a dedicated focus on mitigating the unique risks faced by vulnerable communities. This involves understanding the real harms and impacts of the malicious use of ICTs to people, society and the environment, as well as to international peace and security, and implementing robust safeguards against cyberattacks and incidents, data exploitation, disinformation, discriminatory algorithms, targeted surveillance and other forms of malicious use of ICTs. The consequences of failing to address these issues can be severe, perpetuating existing disparities and amplifying vulnerabilities.
Language proposal for Chapter II. International Peace and Security – Paragraph 13.
Member States shall take steps to mitigate the potential harms resulting from the purposeful use, threat of use, negligent use or autonomous actions of digital and information technologies, that are likely to cause a negative impact on a victim or victims’ physical, psychological, social, economic well-being, their physical security, their economic security, or on the environment or to international peace and security.2
Protection of civilian and critical infrastructure
It is crucial to highlight critical infrastructure and civilian populations are increasingly being targeted with malicious cyber activities. These attacks have real consequences and disrupt access to services that are essential to the survival of populations. Cyberattacks, alongside and in conjunction with kinetic operations, are also occurring in situations of armed conflict. Cyberattacks and operations against critical infrastructure and civilians in situations of armed conflict can lead to potential devastating humanitarian consequences for populations. It is critical to ensure compliance with international law and norms that safeguard civilian objects and critical infrastructure. Additionally, it is essential to protect civilians and other protected persons from cyberattacks and incidents.
Language proposal for Chapter II. International Peace and Security – Paragraph 87.
Member States shall take action to improve the resilience of critical infrastructure to cyber threats and to respect and ensure respect of the civilian population and other protected persons and objects, and critical infrastructure essential for the survival of the civilian population.
Accountability in Cyberspace
We welcome the reiterated commitment in the Pact for the Future that the use of Information and Communication Technologies (ICTs) by States shall be guided by the agreed norms of responsible State behavior in cyberspace. We also underscore that States must recognize the paramount importance of establishing robust mechanisms to ensure peace and security in the digital sphere. States must not only reiterate their commitment to adhering to the norms of responsible behavior in cyberspace but should also commit to take concrete actions through the establishment of accountability frameworks.
The proposed Pact for the Future should include a clear and unambiguous commitment to developing accountability mechanisms for peace and security in cyberspace, and to enforcing accountability measures that are in line with the evolving nature of cyber threats.
Language proposal for Chapter II. International Peace and Security – Paragraph 87.
Member States shall commit to developing accountability mechanisms for peace and security in cyberspace, and to implementing the agreed UN framework of responsible State behavior in cyberspace.
Preventive diplomacy and confidence building
Malicious use of ICTs adds to the destabilization of cyberspace and jeopardizes safety, security, and trustworthiness of ICTs. Furthermore, the risks of international confrontations caused by misperceptions have increased. We emphasize the importance of strengthening technology diplomacy and confidence-building measures as a cornerstone of the United Nations diplomatic toolbox, as the UN strives to take tangible efforts to develop and enhance preventive diplomacy. Recognizing the evolving landscape, it is crucial to equip and enable states with limited resources and seeking assistance, with the tools to navigate the challenges of today and tomorrow brought by digital technologies. Preventing the escalation of hostilities in cyberspace and achieving a secure, stable, and peaceful cyberspace requires solidarity, building trust, reducing tensions, and strengthening confidence among states. Member States must focus on cyber confidence-building initiatives designed to increase trust and understanding between and among States. Such steps are critical for deepening shared understanding, preventing misunderstandings, reducing the risks of misperception and escalation, and increasing predictability and stability in cyberspace.
Language proposal for Chapter II. International Peace and Security – 2.1 Prevention, Mediation and Peacebuilding , paragraph 63
Member States must focus on confidence-building initiatives designed to increase trust and understanding between and among States. Such steps are critical for deepening shared understanding, preventing misunderstandings, reducing the risks of misperception and escalation, and increasing predictability and stability in cyberspace.
Transforming global governance: Multistakeholder governance
Achieving peace and security in cyberspace demands a collective endeavor, necessitating meaningful multistakeholder collaboration involving civil society organizations, industry and academia. Civil society entities already play a crucial role by offering expertise on cyberspace stability, the impact on human rights, and in relation to digital cooperation frameworks. A multistakeholder approach to formulating and implementing the efforts to address the challenges of the malicious use of ICTs and emerging technologies should be facilitated. The procedural modalities governing substantive discussions and State interactions with stakeholders should incorporate the participation of relevant actors, including the private sector, civil society, and academia, in a formal, comprehensive and systematic manner.
If you would like to read more about this topic, we recommend consulting the CyberPeace Institute submission for the Global Digital Compact , and submission to UN DPPA – New Agenda for Peace.
- https://www.un.org/en/common-agenda/summit-of-the-future ↩︎
- A key contribution to advancing responsible behaviour in cyberspace is recognition that cyberattacks and incidents do not just attack or harm technology, do not always have (easily) reversible effects, and can have impacts at national and international levels. A clarification on what constitutes harm in a comprehensive and measurable manner is required, coupled with data-driven and evidence-based metrics, tools and frameworks for understanding, tracking, and measuring this harm. Recognizing this, the CyberPeace Institute initiated, in 2022, research and a process to develop a harm methodology. The strategic objective is to determine the means to measure harm from cyberattacks and incidents in order to increase knowledge of the human costs, and influence policy, accountability and resilience efforts. https://cyberpeaceinstitute.org/news/publications/report-expert-meeting-harms-methodology/ ↩︎