Session 1-4 Transcript
(OEWG 2021-25)

This is an unofficial transcript

Ambassador Gafoor

Excellencies, distinguished delegates. The fourth meeting of the first substantive session of the Open-ended Working Group on security of and in the use of information and communications technologies 2021 to 2025 is called to order. To serious delegates, I apologize for beginning the meeting a little late. We had wrapped up our informal consultations. But I’m very happy to be here to continue consideration of agenda item four: general exchange of views. We will continue with the speakers list that we have and we’ll start with the first speaker for the afternoon, which is the delegation of Spain. You have the floor, please.


Thank you very much, Mr. Chairman. Since this is the first time that my delegation is taking the floor, I’d like to begin by congratulating you on your election to chair this Working Group and we wish you the very best in your chairmanship, and we offer you the full support of our delegation. Spain adheres to the statement formulated by the European Union, and would like to make the following statement in our national capacity. The beginning of the new substantive meetings of the Open-ended Working Group, is a window of opportunity to make progress in regulation of cyberspace. The joint resolution of the 6th of December, is an enormous success, which now must guide our desired aims and progress. Spain is deeply committed to defending a free, open, secure, inclusive and non-discriminatory cyberspace. We’ve always believed that this joining together of efforts and initiatives which we have repeatedly defended is fundamental. We believe that the full implementation of the norms of international law, United Nations Charter, International Humanitarian Law, and full respect for Human Rights is the condition which will make it possible to have an effective and successful digital world. The prerequisite is that the members of the United Nations work together to develop, specify and guarantee these basic foundations. We’d also like to stress our support for the participation in this process of those actors that have a particular interest in these matters, their contributions we feel would be very useful. The growing threats and challenges that we face in cyberspace mean that we have to move forward decisively towards adequate regulation that is just and fair of the activities taking place in cyberspace. This is and must continue to be for the common good, a driving force for prosperity and security of nations and peoples. That’s why we encourage active participation in the Programme of Action proposed by France and Egypt. This is also supported by all of the European Union. We are committed to working together to achieving the detailed goals that are set out in this document. Spain advocates for the greatest responsibility of states in controlling malicious digital activities that originate in our own countries based on the principle of national sovereignty. It’s up to the international community as a whole to negotiate and agree upon the best legally binding instruments to prevent, react to, and effectively repress cybercrime and malicious activity, which given their alarming growth, and their destabilizing effects are genuine threats to international peace and security. The Open-ended Working Group can, for this purpose, base itself on its own prior work, and also the work of the Group of Governmental Experts of the United Nations. Cross-cutting regulation, which encompasses all bodies of the United Nations is fundamental. Finally, we are afraid that if we cannot manage to agree on global regulations within the United Nations, current geopolitical tensions could lead to a fragmentation of cyberspace into various areas of influence with standards, certifications and technical specificities which are incompatible with each other. This would be to the detriment of state and non-state actors. To avoid this possibility, it must be a priority of the international community. Thank you very much.

Ambassador Gafoor

I thank the Permanent Representative of Spain for his statement. I now give the floor to the delegation of Cambodia. You have the floor please.


Thank you, Mr. Chairman. At the outset, I would like to congratulate you, Ambassador Burhan Gafoor on your assumption as chair of the OEWG 2021-2025. I’m confident that under your able leadership, you will come to a successful conclusion. Please rest assured of Cambodia’s full support and cooperation. Cambodia aligns itself with the statement made on behalf of ASEAN and NAM by Brunei Darussalam and Indonesia, respectively. Cambodia welcomes the first substantive session of the OEWG on security of and in the use of information and communication technologies held in accordance with the GA resolution 75/240 and acknowledge its crucial mandate based on consensus in addressing the subject of ICTs in the context of international security. While digital technology creates new possibilities, it also creates new risks. Cybersecurity threats and attacks are growing increasingly sophisticated on a global scale, including the attacks against Critical Information Infrastructure, which are of great concern to every country. It is therefore absolutely important that we need to strengthen our close cooperation in bilateral, regional and international levels to combat this serious crime. Mr. Chairman, from our part, the Royal Government of Cambodia has established a policy framework on digital economy and society 2021 and 2035. The digital security committee will be established as a fundamental component of this policy framework, to coordinate and monitor formulation of cybersecurity policy and related legal instrument. Cambodia is also working on a number of regulations including the law on cybersecurity, law on cybercrime and law on personal data protection. Furthermore, as part of our digital government initiative, Cambodia has been upgrading a digital infrastructure to ensure, secure and reliable communication channels and data protection. Mr. Chairman, Cambodia is of the view that the OEWG should develop rules, norms and principle, within a framework, with binding obligation, cooperation on data governance, data security and data sovereignty should be dealt with in respond to the security threats and challenges in the way of ICT. The OEWG should also develop the terminologies to be used for effective communication and provide an accessible platform for all member states to express their views, and international cooperation on ICTs. The OEWG should also be an inclusive platform to engage with all relevant stakeholder. Its engagement with small state on capacity building where sharing of best practices, and experiences as well as access to digital technology is crucial to enable them to develop their capability and to contribute to international cooperation. In conclusion, Mr. Chairman, Cambodia will continue to actively engage in the OEWG process in collaboration with all member state to promote an open, secure, stable and accessible ICT environment for our peaceful use and economic cooperation. I thank you.

Ambassador Gafoor

I thank the Permanent Representative of Cambodia for his statement. I now give the floor to the delegation of Austria. You have the floor please.


Thank you, Mr. Chairman. Allow me to congratulate you, Your Excellency on your election as chair of this new Open-ended Working Group. As we can see already from the preparation of this meeting, including the burden of questions for our discussions, we are in very able hands as we embark on this process, you can count on our full support and cooperation. Austria’s fully aligned with the statement delivered by the European Union. In our national capacity, let me add the following points. The importance of an open, stable and free cyberspace for the maintenance of international peace and security has grown in the past years. It is therefore very significant that both the Open-ended Working Group and the UNGGE were able to conclude the delclarations by agreeing on consensus outcome documents in which all states reaffirmed the existing UN framework for cyberspace. Both reports affirm that international Law in its entirety applies in cyberspace, as well as the norms of responsible state behaviour. They emphasize the importance of CBMs and capacity building. This should be our common starting point for the work of this new Working group. Mr. Chairman, you asked which issues require urgent attention by this, our new Open-ended Working Group. In our view, it is the fact that despite this important consensus, we are all confronted with the continued increase of cyber-attacks undertaken by state actors, as well as an unprecedented level of cybercrimes in particular ransomware attacks, often seemingly undertaken with total impunity. This affects all states, big or small in all parts of the world. The key question for this group is therefore, how can we make sure that states comply with their obligations regarding responsible behaviour in cyberspace? In our view, there is no need to elaborate new binding norms. Rather, we should focus on the compliance of states with their obligations under international law, and focus on the better implementation of the norms of responsible state behaviour as set forth in 2015 GGE report and further elaborated in this year’s GGE report. Mr. Chair, you also asked how the Open-ended Working Group can be action oriented and deliver tangible results. In our view. This can be done by focusing on concrete deliverables that help member states to build capacity and confidence. A stocktaking of good practices around the world be the national regional level, alongside with an evaluation on how these practices might be applied at the UN level could be a first step. In addition to capacity building, CBMs are an important area for such exchanges. Several regional organizations all over the world are undertaking important confidence building initiatives in order to reduce the risks of conflict in cyberspace. Austria, together with many others, is actively contributing to the implementation of the set of CBMs developed in the framework of the OSCE. In our view, the Open-ended Working Group could strengthen the implementation of CBMs by fostering dialogue and exchanges among the organizations and member states involved, including by inviting regional organizations active in this field to future meetings. On this basis, the UN could for instance, build on the experiences of regional organizations and set up a system of points of contact at global level. We also remain fully supportive of the proposal of a Programme of Action to advance responsible state behaviour in cyberspace. With the aim of boosting the practical implementation of the framework provided by the Open-ended Working Group and UNGGE. Mr. Chair concerning your question how best to involve stakeholders meaningfully and substantially, a topic of intense consultations, we share the view that this engagement is vital for the group to achieve progress. As member states we cannot discuss these questions in a vacuum, as cyberspace is significantly shaped with various non-governmental actors. We therefore hope that stakeholders will have a strong voice both during substantive sessions and intersessional periods. For future sessions, we hope that an easing of access restrictions for civil society organizations at the UN will also allow and facilitate in-person interaction during meetings and in their margins. This will be to the benefit of all of us. Regarding our methods of work for us, the key element must be inclusivity, allowing all member states to contribute to the work of the Open-ended Working Group. We would also welcome if priority topics could be identified well in advance of each session allowing good preparation and the participation of relevant experts. Security in cyberspace affects us all. We need to work together to strengthen our common understanding and determination. We look forward to all exchanges and stand ready to engaging with you. Thank you.

Ambassador Gafoor

Thank you very much, Austria for your statement. I now give the floor to the delegation of Ethiopia. You have the floor please.


Thank you, Mr. Chair. I would like to start my remarks by congratulate you, Brother Ambassador Burhan, on your appointment to chair this Open-ended Working Group. I also thank you for the commendable work you have done in the lead-up to this meeting. And for the effective facilitation of this first substantive session of the Working group. My delegation aligns itself with a statement delivered by the distinguished representative of Indonesia on behalf of the non-aligned movement. Mr. Chair, Ethiopia, touched on the great importance of this meeting and the UN best platform for intergovernmental, multilateral dialogue on ICTs and security. It is of paramount importance that we are neither duplicating the works of other UN agencies nor creating a non-UN parallel platform to discuss this topic. In this regard, my delegation supports your proposal on the organization of work and participation of non-state actors. It maintains the intergovernmental nature of our work and enables us the benefit from the contribution of non-state stakeholders. We are of the view, the germination of ICT are the phenomenon in the national power equation, and there of international security environment gives us an opportunity to create a fair and equitable international order for the regulation of power and state behavior. In this regard, we look forward to this first substantive deliberation of the Open-ended Working Group. Mr. Chair, national or global security with a defining future, pivoting on borders and nationality, and control of movement of goods and services is practically fading. The rapid development in ICT and the increasing dependence of social-economic, political, and security interests on the ICT infrastructure calls for adjustment of the assumption that went into framing of the norms for interstate relations. Nevertheless, we are reaffirmed on resolutions 70/27 and 73/266. The principles of international relations under the UN Charter, including sovereignty, non-interference in the internal affairs of state, prohibition of the use of threat of the use of force, peaceful resolution of disputes, respect for human rights, and fundamental freedoms, are applicable to the use of ICTs. Furthermore, despite the difficulty of determining attribution, the basic rules on internationally wrongful acts are also of critical importance. In this regard, Ethiopia approach this deliberation with the understanding that it is an attempt to enhance our understanding of the application of the above principles in the context of the unique environment created by the use of ICT and not focus on amending the principles of international relation or the content of international law. Mr. Chair, malicious ICT activities have been immense, resorted to by states and non-state actors alike to accomplish a cause they cannot achieve legally. We have also witnessed the ICT version of rendition. The cyberattack has been an alternative and concealer to the unlawful use of force to weaken states and their institutions. In contravention, without undertaking provided under General Assembly resolution 73/27, the dissemination of false or distorted news, which can be interpreted as interference in the internal affairs of other states, and defamatory campaign, vilification, or hostile propaganda for the purpose of intervening in the internal affairs of other states have been the most rampant. This has mainly been propagated against developing and particularly African countries, including my own. The negative ramification and harm caused by this irresponsible state behavior have been more apparent during the global pandemic. Mr. Chair, from experience, we know that threat is with the strongest guarantee of reciprocity stand, a better chance of compliance, and uninterrupted application. Hopefully, the absence of a clear divide and the prevailing compatibility in the field of ICT will encourage responsible state behavior that had been taken center stage in our discussion. It should also provide an impetus for the development of an equitable international order that effectively promotes an open, secure, stable, accessible, and peaceful information and communication technology environment. Ethiopia appreciates and fully supports the south-south, south-north, triangular, and regionally focused cooperation we endorsed in the conference report back in February this year. Ethiopia has a cybersecurity policy that has international cooperation as a policy focus area with the objective of enabling knowledge and technology transfer and prevention of organized cybercrime, such as cyber terrorism, cyber espionage, and other transnational cybercrimes. Mr. Chair, for developing countries and, more importantly, the African region, the global dialogue on ICT ought to be anticipatory of the plans and strategies of interconnectivity among economies; guidelines and instruments we come up with should not create a stringent constraint on the development, acquisition and transform of ICT in countries, less advanced on the field. We, therefore, call for redoubling our focus on capacity building and consideration of the interest of all states and regions at various levels of development, considering the sensitivity of the platform and the need to prevent the creation of yet another cyber colonization. We expect that cooperation in capacity building will target creation of self-sufficiency. Hence, it shall be seen in tandem with economic, social, and human development, with a specific focus on quality education, technology transfer, enabling homegrown technology development, development finance, and other requisite elements that enable us to foster a level field for the assumption of obligation and state responsibility. Mr. Chair, I’d like to conclude by wishing all of our delegations a productive deliberation and consensual outcome. You have Ethiopia’s full support throughout the process. I thank you, Mr. Chair.

Ambassador Gafoor

I thank the Permanent Representative of Ethiopia for his statement, and I now give the floor to the delegation of Jordan. Please.


Mr. Chair, at the beginning, I would like to congratulate you on your appointment to chair the Open-ended Working Group on the security of and the use of information and communications technology 2021 until 2025. We wish you every success in your work; we are confident that you chairing this Open-ended Working Group will make it a success. It is an important platform to enhance peace, security, and stability internationally. Allow me, Mr. Chair, to reaffirm that Jordan looks forward to work with the chair towards achieving the desired goals of this particular working group. Mr. Chair, we align ourselves with the statement of the non-aligned movement that stressed the utmost importance of cybersecurity and the need to guarantee the peaceful uses of ICTs. We would like to reaffirm Jordan’s full support for international efforts to support the use of ICTs to protect states from any cyber-attacks. This would contribute towards the maintenance of political, social, and economic stability, security, and peace and would enable us to focus on development. Jordan supports UN work to enhance the peaceful uses of ICTs and to guarantee the right of all states to access such ICTs towards achieving technological and development for all the peoples of the world in an equitable manner. Mr. Chair Jordan welcomes the outcome of the Open-ended Working Group on the security of and use of information and communication technology for the years 2019 until 2021 and the adoption of the final and outcome document by consensus. We would like to express our thanks to the former Permanent Representative of Switzerland, Ambassador Lauber, for his excellent facilitation of the work of the group. We like to affirm GA resolution 75/240, which reaffirms the work of the group, and the use of ICTs internationally for peaceful purposes and that contributes toward sustainable development of all countries alike. Jordan calls for an international consensus that prohibits any non-peaceful use of ICTs and the development of cyber-attack capability. Cooperation is the main pillar and the collective interest for all of us to address these harmful practices. Mr. Chair, we support the efforts of the group towards having the use of ICTs be in line with the provisions of international law, including the Charter of the United Nations, particularly the principles and purposes that pertain to sovereign equality and refraining from the use or threatened use of force and the peaceful settlement of international disputes. This is the main pillar to give direction to stay to enhance the peaceful use of ICTs. In conclusion, Mr. Chair, we affirm Jordan’s full support for the work of the Working Group. And we look forward to work with all partners and the Member States closely during your chairmanship of the work of the OEWG. I thank you.

Ambassador Gafoor

I thank the Permanent Representative of Jordan for his statement. And I now call upon the delegation of Morocco. Please.


Thank you, Mr. Chairman, I wish to begin by warmly congratulating you upon your election to chair the first session of the working group on digital security. This is a reflection of the trust of your fraternal countries at the international community and is a reflection of your personal commitment to multilateralism you can count on the full support of the Kingdom of Morocco during this session. Mr. Chairman, the use of ICT, has largely gained ground in the current context which has been punctuated by the COVID19 pandemic. This helps to ensure continuity specifically in the public sector, in the businesses and international organizations, including our organization of the United Nations. However, in a world that is exponentially connected this now results in exposure to dangerous cyber threats in all areas. Given these challenges and the birth of cyberspace where reforms and significance are still largely unknown, Morocco has adopted a comprehensive tailored strategy to address the evolving threats links to cybercrime and this is in line with our international commitments and our national priorities. The contribution of Morocco to the three sessions of the open-ended Working Group on ICT is a testament to our commitment to fully joining international efforts to ensure safe and secure use of cyberspace. Morocco has also committed to working constructively at the OEWG on progress of ICT in the context of international security, and the GGE to facilitate and advance responsible behavior of the states in cyberspace in the context of international security. My country also joined the Paris Call dating 2018 for trust and security in cyberspace. And we are part of the forthcoming Programme of Action to advance the responsible behavior of states in cyberspace. Morocco has also ratified the AU convention on cybersecurity and data protection. And we are a member of the group of friends on online governance insights about security, which Estonia and your country are currently chairing. Mr. Chairman, we are promising ourselves on a clear, ambitious vision to be among the dynamic states in the area of ICT. the Kingdom of Morocco under the effective presidency of our King, may God bless him, a strategy. The thrust of the strategy is to safeguard the progress that has been achieved and ensure streamlined use of ICT at the level of all actors. Presently, this strategy positions our country as amongst the most advanced states in the region in terms of the use of new ICTs. Our Kingdom has placed the technology sector at the heart of our economic sustainable and economic development. We have a Morocco 2020 strategy to strengthen our position as amongst the most advanced and highest performing states in the region in the area of ICT. This plan has the goal of accelerating the digital transformation of our country and strengthening our position and surmounting the related challenges by specifically tackling governing issues and digital skills. Given the risks linked to these issues, we have a strategy and we seek to build national capacity for security in ICT for public organizations and for infrastructure. This is through the implementation of a national strategy in this regard. This cybersecurity strategy focuses on risk assessment, administrative areas and public services, which are of vital importance to the defense of the administration of public services and other infrastructure, as well as strengthening security through the establishment of a legal framework and awareness raising research and development as well as promotion and development of national and international cooperation. Mr. Chairman, at the institutional level, we have established a number of organizations addressing governing, organizational and digital issues. We have also adopted a number of laws to govern Moroccan cyberspace. Specifically, the law to complement the Criminal Code on malfeasance and the law on electronic transfer of a digital data on the protection of physical person for physical data protection on addressing infractions related to data transfer, as well as other laws. We emphasize the importance of awareness raising research and international cooperation on cybersecurity. In this regard, the Moroccan Polytechnic Innovation Research Center has established a national campaign to combat cybercrime. This is viewed as a leader in Africa for 2014 to 2018 to establish a culture of secure and safe data use both at the public and private levels. In 2018, we launched a national campaign, Morocco Cyber Trust. The aim of this, among other things is to establish an awareness raising campaign visibly the risks linked to cyber security and to support a digital developments that aim is to ensure greater awareness raising for all users, specifically public and private sector users, and young people and children. There is an emphasis on this and on digital entrepreneurship, and to ensure optimal and secure use of the Internet. The Kingdom of Morocco reiterates our call for the international community to make cyberspace a safe area for economic development to uphold peace and security throughout the world. You can count upon our full support, Mr. Chairman, in the success of the work of our working group, thank you.

Ambassador Gafoor

I thank the delegation of Morocco for the statement, and I now give the floor to the delegation of Nicaragua. You have the floor please.


Thank you very much chairman. We would like to endorse the statement delivered by Indonesia on behalf of the non-aligned movement and the Islamic Republic of Iran on behalf of the related countries. I’d like to congratulate you once again on your election as chair of the Open-ended Working Group on the security of ICTs you can count on our cooperation and our full support in your work. Nicaragua is proud to be a co-sponsor of resolution 75/240. Its spirit has been to promote a process which is unique and historic, global, inclusive, transparent and inter-governmental. In order to bring about a secure cyberspace to the benefit of all. Our group has amongst its urgent tasks, the task of safeguarding as for any malicious or inappropriate use of cyberspace, working hard to achieve consensus in decisions and results that will make it possible for us to use ICT for peaceful purposes. We believe that our efforts should be based on the final report adopted by the previous Open-ended Working Group and on the mandate stipulated in General Assembly resolutions which gave rise to this group. As you have mentioned, we are not beginning from the starting block in our work. We are aware that the final consensus report of the previous OEWG has reflected very many areas of consensus. And we should continue to also consider the aspirations of all member states. When considering this issue, which is increasingly important internationally, we believe it’s significant to respect the implementation of international law with regard to ICTs on the part of states. We are reiterating the important following principles of the charter and other norms of international law, such as sovereign equality, the peaceful settlement of international disputes, so that we do not endanger international peace and security and justice, abstaining from international relations that involve force or the threat of use of force against the territorial integrity, political independence of any state, or any other form incompatible with the purposes of the United Nations respect for human rights and fundamental freedoms and the non-intervention in the internal affairs of another state. Likewise, we reject the coercive unilateral measures that prevent an equal access and peaceful use of the ICTs to the benefit of economic and social development of those lacking these resources. This is a reality faced by many countries. The Open-ended Working Group should address the dangerous justification of the threat or the use of force through ICTs, this means not giving political attribution to cybernetic attacks, but rather we must adhere to criteria of international security and not use this aspect as an instrument for providing technical evidence as part of accusations being made against states. It’s urgent that we regulate the areas where ICTs are used, promoting their development in a peaceful environment and making this principle binding in its use in the private sector. We advocate for the adoption of a legally binding instrument and the drawing up of norms that will prevent ICTs from distributing fake news, promote violence or promoting regime change. We want to have an open safe, stable, accessible and peaceful use of ICTs and we support the creation of capacity in the area of ICTs and developed countries should increase their technological and financial transfers to developing countries in accordance with the provisions of the 2030 development agenda. Mr. Chairman, once again, my delegation would like to thank you for your efforts and we reiterate our commitment to the work of the group and to a final consensus outcome. Thank you very much.

Ambassador Gafoor

Thank you very much, Nicaragua for your statement. I give now the floor to the delegation of the Lao People’s Democratic Republic. You have the floor please.

Lao PDR 

Mr. Chair, I would like to join other speakers in congratulating you Ambassador Burhan Gafoor on your election as chair of this Open-ended Working Group. Please be assured of my delegations for support and cooperation in successfully carrying out your noble duty. The Lao PDR aligns itself with the statements made by Brunei Darussalam on behalf of ASEAN and NAM by Indonesia on behalf of the non-aligned movement, and I wish to share my view in my national capacity as follow. Mr. Chair, the Lao PDR welcomes the adoption of the single ICT resolution by consensus in supporting the continued discussion under the Open-ended Working Group for the next five years 2021 to 2025. Guiding by the outcome of the previous OEWG, together with the United Nations Group of Government Experts on advancing responsible state behavior in the context of international security. We support OEWG, holding under the UN auspices by maintaining the open and inclusive dialogue. The global pandemic has proved that our lives economic and social wellbeing have been heavily relied on the new technologies like never before. By recognising the importance of technologies by contributing to social and economic development. Malicious use of these technologies remains a key concern, particularly in the way which can negatively affect peace and security at national, regional and international level. To prevent the existing and emerging threats in cyberspace, it is utmost important to ensure that all ICT activities are carried out in accordance with international law and the UN Charter. More importantly, state share responsibilities to prevent the use of cyber domain for criminal or terrorist purposes. In this regard, we call on the international community to strengthen cooperation in the field of cybersecurity. And the Lao PDR emphasizes the importance of capacity building to reduce cyber parity. Mr. Chair, on our part, the Lao PDR have been implementing the 11 voluntary norms of responsible state behavior in the use of ICT together with ASEAN member states. In addition, we will continue to increase our utmost efforts in ensuring the peaceful use of cyberspace within our national capacity in order to contribute to ensuring international cybersecurity. On a final note, Mr. Chairman, I would like to reaffirm our support on multilateral dialogue under OEWG as an inclusive and transparent forum towards achieving a consensual outcome. We look forward to continuing working closely with all member states in exchanging views and expertise, experience in maximizing peaceful use of ICT in parallel with the objective of maintaining peace and security for all. I thank you, Mr. Chair.

Ambassador Gafoor

I thank the Permanent Representative of the Lao PDR for his statement, and I thank him for his presence and participation. Thank you Ambassador. I give now the floor to the delegation of Algeria. If the delegation is not ready, we’ll go on to the next delegation. Delegation of Senegal you have the floor please. Senegal, would you like to take the floor at this stage? We can then go to the next speaker, the delegation of New Zealand you have the floor please. We’ll go to the next speaker then. I’d like to invite the delegation of Costa Rica. You have the floor.

Costa Rica

Thank you very much Chairman. First, an action oriented approach means, as a minimum, focusing on the implementation of the agreed upon norms from the 2015 GGE report. The 2021 GGE report also offered some specific suggestions in this regard, and highlighted the linkages between Confidence Building Measures, capacity building, and the norms and implementation and operationalization of these norms. Capacity building activities should also be explored based on the principles outlined in the OEWG report, which outlines a clear process and purpose, equal partnerships and a people-centered approach. And that last point is fundamental for my delegation. Secondly, one step in implementation is the exchange of information. Such exchanges should not only take place between states, but also with civil society, academia and the private sector, because they constitute a source of independent and fact based information. Given the role of these other stakeholders in implementation, we reiterate our call that they could be given the opportunity to input into the OEWG process in meaningful ways. On this note, Costa Rica welcomes the offer made by the Office of Disarmament Affairs to be mandated to prepare a substantive report on the basis of the national views and practices submitted by member states. And I reiterate the need to guarantee that civil society has unrestricted access to this group. Third, Costa Rica welcomes Canada’s non-paper to the OEWG and appreciates its advocacy for mainstreaming gender considerations into our work. We also welcome all of the work that UNIDIR and civil society organizations have done in this regard. Gender considerations should not be secondary issues in this process. Costa Rica believes that this group must support research that promotes a better understanding of the linkages between gender and cybersecurity, addressing issues such as access to technology, data literacy, and online harassment, improving data collection processes, making women more visible in open, gender disaggregated datasets, are all steps in the right direction. It is also crucial to integrate a gender analysis in the development of standards and technical regulations for cybersecurity, ensuring that standards are gender responsive in their content and implementation. Costa Rica encourages a sincere discussion of how women and girls can be included in this process that transcend superficial quotas. Thus, at each stage of each negotiation, it is essential that women are featured in all dimensions of national delegations. This requires that women are fully included and heard during the negotiations. The extent of gender responsive inclusion in the OEWG context, will be shown in part by the composition of delegations attending this process. Fourth, Costa Rica emphasizes its conviction that cyberspace and state behavior within cyberspace is governed by international law, including the UN Charter in its entirety, international human rights law and international humanitarian law and international criminal law. In this regard we believe that the International Criminal Court applies in the cyber war sphere. In this regard, the discussions on how international humanitarian law limits the use of ICT capabilities during Armed Conflict must continue. These limits are essential to reduce risks and potential harm to both civilians and civilian objects, as well as combatants in the context of an armed conflict. Another important issue for Costa Rica is ensuring state and individual accountability for violations of international law in cyberspace. And so efforts should be guided by a desire to prevent and reduce cyber harm through a human-centric approach to cyber security. In closing, with regard to organizational matters, Costa Rica strongly encourages intersessional work. I thank you.

Ambassador Gafoor

I thank the delegation of Costa Rica for the statement, and I now give the floor to the delegation of Algeria. You have the floor madam.


Thank you, Mr. Chairman. My delegation aligns itself with the statement delivered on behalf of the non-aligned movement. I wish to begin by extending on behalf of the Algerian delegation our warmest congratulations to you, Excellency Ambassador Burhan Gafoor upon your assumption as chair of this new open Open-ended Working Group on security of and in the use of information and communications technologies. We have every confidence that you will guide our deliberations towards fruitful outcomes. I can assure you of Algeria’s full support and cooperation. I seize this opportunity to pay atribute to both Ambassador Mr. Jurg Lauber Chair of the OEWG on cyber security and Mr. Guilherme Patriota Chair of the GGE on advancing responsible state behavior in cyberspace. And thank them for their tireless efforts in steering the work of these two working groups, which provided us with consensual reports and significant foundations to pursue our deliberations in this domain. Mr. Chairman, Algeria welcomes the establishment of this new working group which offers a unique forum to have not only a better grasp of the critical issues related to the evolving threats emanating from the malicious use of information and communication technologies, but also to continue working collectively in order to overcome these challenges. In addition, we are pleased and encouraged to launch the substantive work of this working group in the positive momentum generated by the recent successful conclusion of the previous OEWG, and the GGE on cybersecurity, as well as the recent consensual adoption of the UNGA resolution 76/19 jointly submitted by the Russian Federation and the United States. Mr. Chairman as an attempt to provide some reflections to the questions you wisely put forward to give an impetus to our discussions my delegation would like to share the non-exhaustive following elements. First, on how the OEWG be an action oriented process and deliver tangible results to state-wide building on previous outcomes. Obviously, this new process should continue building on the conceptual agreements reached out the previous working groups and come up with concrete and innovative solutions to materialize the constructive proposals and agreements reflected in the last OEWG and GGE reports. In the meantime, this process must be able to elaborate further practical actions as appropriate, including the elaboration of additional binding obligations in this respect, my delegation is of the view that multilateral, inclusive, institutional platform dedicated to international cooperation on safeguarding the peaceful uses of ICTs would represent a major contribution towards increasing stability and security in cyberspace through prevention of conflicts and promoting settlement of international disputes. We therefore encourage member states to agree throughout this process on the future form of regular institutional dialogue on international information security under the UN auspices. At the same time, this working group shall be entitled to discuss other relevant initiatives of member states, such as the Programme of Action proposal for advancing responsible state behavior in cyberspace. With regard to the specific issues that require urgent attention and early outcomes, it is from our point of view that reinforcing the capacity of developing states to understand and better address the various challenges related to cybersecurity constitute one of the specific issues that require urgent attention within this process. Consequently, this OEWG should be in a position to launch at the earliest possible time, some capacity building programs, such as focused workshops and seminars aiming at enhancing the capacities of developing states in the area of ICT security. In the same spirit, the working group must be able to determine during its mandate, the appropriate mechanisms to ensure the provision of assistance and cooperation by states and private sector actors to developing countries upon their requests. Such assistance should also include financial resources, capacity building programs, and technology transfer in ICT areas while taking into account the specific needs and particularities of each recipient state. Last but not least, on how to engage the key stakeholders in order to support discussions by member states and deliver tangible results. The meaningful and substantive involvement of the relevant stakeholders in addressing the various challenges related to cybersecurity is of paramount importance to allow member states delivered tangible results. In this regard, the Algerian delegation supports the convening of informal consultative meetings with academia, NGOs, private sectors, think tanks, specialized agencies and the relevant stakeholders in this field. Such informal consultative meetings should be conducted regularly during this process and must create synergies among member states and the main stakeholders and give the opportunity to member states to benefit from the existing initiatives established by the private sector in the cyber security areas. Mr. Chairman, as we embark on this long journey, I’d like to reiterate my delegations readiness to work constructively with all member states to make significant action oriented progress and achieve a consensual outcome. I thank you, Mr. Chairman.

Ambassador Gafoor

I thank the delegation of Algeria for their statement. And I would like to return to the earlier speaker who was not available. I’d like to check if the delegation of Senegal is able to take the floor at this point. Delegation of New Zealand would you like to take the floor at this point? All right, we’ll now move to the delegation of Indonesia. You have the floor please.


Mr. Chair, congratulations on your appointment as the OEWG chair. We are confident that under your able stewardship, the OEWG will make further progress on the issues before it. Indonesia stands ready to support you in the discharge of your important mandate. Our return to a single track of deliberation on this issue, further elevates the needs to make this process constructive and productive. We take this opportunity to also thank Ambassador Jürg Lauber of Switzerland, and Ambassador Guilherme Patriota of Brazil, in leading the successful conclusion of the OEWG and UN GGE processes this year. Successful conclusion and consensus adoption of report of both processes manifest strong political will and multilateralism which would contribute positively towards strengthening peace and security of the ICT environment. Indonesia aligns itself with the statement by the non-aligned movement and ASEAN and wishes to add few points in our national capacity. Indonesia welcomes the commencement of the 2021 to 2025 for OEWG as a single mechanism and consensus based process under the UN auspices to discuss these issues of security and in the use of information and communication technologies. We recall the OEWG mandate set for in a GA Assembly resolution 75/240 and look forward to an action oriented process, which deliver tangible results while building on previous outcomes. We must now move forward and build upon the progress that we have made together. In this regard, my delegation reaffirms the existing acquis particularly outcomes of the previews OEWG and GGEs as a basis on which we build our current and future work. Furthermore, in order to achieve a concrete outcome we might consider identifying concrete proposals set forth in a previous OEWG report, setting targets and timeframe, as well as discuss means to implement them. Given the wide range of agenda item and mandate of our work, we are of the view that we need to treat each and every agenda item as equal, so that the discussion of all issues can progress in a balanced manner. The annual progress report as amended GA Assembly resolution 75/240 also plays an important role in keeping track of progress of our work in the next five years. Mr. Chair, my delegation recognizes the contribution of a wider community of stakeholders and leverages on their expertise to support and enrich discussion by member states in the OEWG. We are following closely the discussion related to the modalities of stakeholder involvement and acknowledge that the participation of non-governmental organization in the OEWG will be governed by the rules of procedure of the General Assembly. We recall the participation of stakeholders in the 2019-2021 OEWG and recognize the fruitful chair summary of the informal intersessional consultative meeting of the 2019-2021 OEWG, which was held in New York 2 until 4 December 2019. We also found written contribution from the stakeholders throughout the process as very useful in providing more in depth inputs and perspectives. It allows member states, especially those whose capital delegations cannot participate, and/or their New York delegation is relatively small. The benefit of intersessional consideration: in this regard, we know with appreciation, the chairs proposal on modalities for participation of stakeholders as elaborated in your letter, dated 13 December 2021. And my delegation is ready to support your proposal Mr. Chair. We particularly welcome the proposal to conduct series of informal meetings, which will allow interactions of states with wider stakeholders. Furthermore, delimitation of in-person meeting during COVID-19 pandemic, which [unclear]much of our work into cyberspace. This has been vastly increasing the significance and opportunity for stakeholders’ engagement through holding of informal and site events virtually. We call on states to extend flexibility with regard to finding the most suitable way for multistakeholder participation. We should focus on improving the quality of our engagement with very clearly defined objectives and contribution to the process. Indonesia stands ready to engage constructively and hopes that we can discuss this matter in positive atmosphere, while ensuring that our substantive discussion continue to progress. I thank you, Mr. Chair.

Ambassador Gafoor

Thank you very much, Indonesia, for your statement, I now give the floor to the delegation of Togo.

Mr. Chairman, ladies and gentlemen, at the outset my delegation wishes to convey to you and to other members of the office our warmest congratulations upon your election, we wish to assure you of our full support, we wish you every success in your mission. I also wish to voice the support of our delegation for the initiative of the Secretary General in the area of ICT, specifically commitment to number seven entitled improving digital cooperation. This is contained in his report, which is entitled Our Common Agenda. We align ourselves with a statement delivered by Indonesia on behalf of the non-aligned movement, and we wish to voice the following positions in our national capacity. Mr. Chairman, the Togolese delegation wishes to take this opportunity to applaud the creation of the Open-ended Working Group on security and use of ICT. Its mandate is to strengthen the existing legal framework on the use of cyberspace in line with resolution 75/240, entitled developments in the field of information and telecommunications. This resolution was adopted on 31 December 2020. This year Togo restated its support for this initiative by joining the consensus around the resolution entitled Developments in the Field of Information and Telecommunications in the Context of International Security and Advancing Responsible State Behavior in the use of ICT where the General Assembly voiced its support for the work of the group and reaffirmed its mandate for 2021 to 2025. In recent years, the use of ICT has skyrocketed throughout the world and has given rise to many changes. However, discussions of the major headway made in ICT goes hand in hand with discussions of challenges related to it, as faced by the international community. These challenges specifically relate to enhancement of cybersecurity. We hope that the various sessions under this framework of exchange will help result in a meaningful improvement in the norms governing technologies of ICT. We also wish to emphasize the importance of consensus in decision making at our working group to reflect the multilateral nature of the choices were called upon to make, on matters both technical and substantial. Mr. Chairman, beyond strengthening cybersecurity there’s an important need to draw attention to all the other challenges, they shouldn’t be overlooked during our work. Exploration of cyberspace should be done in a manner that is harmonious with all principles enshrined in the Charter of the United Nations. There is a vital need to ensure that this be the case in upholding sovereignty of states and protecting human rights. Moreover, our delegation wishes to draw the attention of all parties to the persistent, digital divide in developing countries, especially African countries. It is clear that these challenges can only be surmounted through concerted action at the international level. For this reason, we support the establishment of a multilateral negotiations framework under which we are now united. Mr. Chairman, given the importance of secure use of information communications technology, we have enshrined the question of cybersecurity at the heart of our government agenda. Our government has adopted a national ICT development strategy for 2018 to 2022. This strategy gives pride of place to safe and secure use of cyberspace. Under this strategy, important measures have been adopted at the digital realm in the past few years, specifically the adoption in 2018, and in 2019, the adoption of laws and cybersecurity and combatting cybercrime and the law on personal data protection. Furthermore, on 13 February 2019, our government adopted a decree on powers organization and operations of the National Cybersecurity Agency. On 9 December 2020, a decree was adopted on the organization and functioning of the personal data protection body. Furthermore, this year the National Assembly authorized the ratification of the African Union convention on cybersecurity and personal data protections. On 4 June 2021, our president his excellency Mr.Faure Gnassingbé, established and heralded the inauguration of a strategic infrastructure for data hosting, and titled Lomé Data Center. On 3 February that same year, the government launched an Alert and Response Center for Digital Attacks. Beyond the initiatives that have been above mentioned, the outbreak of the COVID 19 pandemic has enabled my country’s authorities to adapt themselves to the new situation through digital tools. And as part of our national response to COVID-19 a website was launched to digitize the secure management of travel at our international airport through the Togo Safe App to combat the spread of the COVID-19. We also have a No-VC programme to support the vulnerable groups in our population. Despite the progress that has been achieved, there are many challenges that are yet to be surmounted. Our government has a number of priority projects in our 2020 to 2025 roadmap, whose implementation will meaningfully help to surmount most challenges in the area of cybersecurity to tackle the increasingly sophisticated threats. To conclude, we hope that these efforts will result in the cybersecurity challenges being surmounted. These challenges have increased with the onset of the pandemic. Thank you for your kind attention.

Ambassador Gafoor

Thank you very much for the statement delegation of Togo. I now give the floor to the delegation of Armenia. Thank you.


Thank you, Mr. Chairman, I would like to congratulate you on assuming the leadership of the Open-ended Working Group and assure you of Armenia’s full support to your endeavors, The global and regional trends have essential impact on the use of information and communication technologies. Although information and communication technologies have been designed to serve the common cause of peace and stability. However, malicious use of ICT can undermine peace and security. The commitment of all member states to cooperative measures and measures of restraint in the use of ICTs is important to prevent the conflict and ensure predictability and stability in cyberspace. In this regard, the OEWG as an inclusive and transparent platform is uniquely positioned to address the current and future challenges in the field of ICTs and shape the international response. We are hopeful that OEWG throughout the next five years will amplify the momentum and spirit of consensus, which was reached during the adoption of OEWG and GGE reports and relevant UNGGE resolution. Mr. Chairman during the crisis caused by pandemic, the critical infrastructure, particularly health care’s infrastructure has been subject of cyber attacks. The misuse of ICTs to disseminate animosity, identity based, hate speech, extremist ideology and violent practices alongside with glorification of perpetrators of genocidal acts constitute dangerous trends, which if not addressed can lead to hate crimes and atrocity crimes. Armenia underscores the importance of open, free, stable and secure cyberspace based on the purposes and principles of the UN Charter. We’d like to reiterate our long standing position, that principles and norms of international law in their entirety should become a basis for the responsible state behavior in cyberspace. The OEWG is well placed to discuss the operationalization of the existing norms, and discuss the need for new norms, principles and rules of responsible state behavior against the backdrop of evolving security environment. The new norms of responsible behavior should foster a common understanding on how to respect, uphold and promote the human rights and fundamental freedoms in the cyberspace. The confidence building measures and risk reduction tools in the ICT sphere should aim at increasing the transparency and predictability, reducing misperceptions and increasing cooperation in the use of ICTs. Designation of national points of contacts for the implementation of the CBMs could be the first step in this regard. It’s our belief that the capacity building measures should be designed on the basis of the needs and priorities identified during the implementation of the existing set of norms, and be available for all the relevant stakeholders. We stand ready to constructively engage and contribute to the deliberations in the framework of the Open-ended Working Group, I thank you.

Ambassador Gafoor

Thank you very much delegation of Armenia. I have the delegation of Djibouti as the next speaker. The floor is for Djibouti. Yeah, it seems that the delegation of Djibouti is not available. We have exhausted the list of speakers for member states and I have two observers and entities who have inscribed to make statements. I’ll start with the statement from the International Committee of the Red Cross, you have the floor please. I’ll move on to the next observer entity, which is the Organization of American States. You have the floor please.

Organization of American States 

Distinguished Delegates and colleagues, on behalf of the General Secretariat of the Organization of American States, we would like to thank you very much for the opportunity to address you today. And Ambassador Gafoor, given this as our first time taking the floor, may we take this opportunity to congratulate you on your appointment as the chair of the working group. With the core values of democracy, human rights, security and development underline the work of the Organization of American States, the OAS serves as a hemispheric political platform, where member states can discuss their collective security threats, and advanced regional peace and stability efforts, including through the development of Confidence Building Measures, and other instruments such as treaties, declarations, and resolutions. As such, it is becoming increasingly important that our member states enhance interstate cooperation, transparency, predictability and stability with the aim of reducing the risk of misperception, escalation and conflict that may stem from the use of ICTs. Mr. Chair, the Americas is a region characterized by great diversity, including diversity in technological development, cyber threat, preparedness and resiliency. Today we can see varying perceptions of risks and vulnerability, varying degrees of implementation of international standards and instruments and/or varying levels of prevention and response capacities. This diversity is also reflected in varying degrees of cooperation. We know that to be effective cooperation needs to happen regularly at all levels: national, bilateral, regional, and international, and among all relevant stakeholders. More importantly, these same stakeholders need to work individually and collectively to translate words into action with timely, cost effective and practical measures to facilitate cooperation and coordination. This multistakeholder collaborative approach to addressing cyber threats, recognizes that no single organization, state or region can succeed in preventing and countering threats to cyberspace in isolation. The stability of one state, directly and indirectly affects the stability of its neighbors, and so contributing if necessary, to more peaceful secure cyberspace, which is our shared responsibility. Chair, the OAS, through its Secretariat of the Inter American Committee Against Terrorism, CICTE, has been working for nearly 20 years to strengthen the cybersecurity capacities of its 34 Member States through various capacity building efforts, such as trainings, cyber exercises, the development and implementation of cybersecurity policies, and through the development of cybersecurity confidence building measures. As such, please know that you have an ally in our collective pursuit of promoting greater peace and security, particularly in the area of cyberspace. And it will be our honor to continue supporting in this very important work that’s happening here today. Specifically, we continue to avail ourselves and are very pleased to work together with our UN colleagues, to act as a regional convener for any future meetings around this topic, and facilitate involvement of stakeholders as determined by the member states. We thank you for the opportunity to continue to participate in this process as an observer, and we look forward to how the discussion on this dialogue will evolve. Chair, thank you.

Ambassador Gafoor

Thank the representative of the OAS for statement and her willingness and commitment to engage in this process. It’s very much appreciated. I now give the floor to the delegation of Djibouti. You have the floor, please. Djibouti is the last speaker.


Thank you, Chairman. Chairman, allow me on behalf of my country and on behalf of our permanent mission that I represent here to congratulate you on being elected to chair Open-ended Working Group on securing ICTs. This is a difficult mandate, but also a promising one. My delegation is prepared to support you in this process 2021-2025. I take this opportunity to congratulate you on behalf of my delegation. And I would also like to congratulate Madame Nakamitsu Under Secretary General of the Office of Disarmament Affairs for her tireless efforts in the cause of disarmament; her and her team. To bring about a situation where states will prefer to resolve their differences through multilateral or bilateral means. Chairman, we endorse the statement delivered by Indonesia on behalf of the non-aligned movement. And I’d like to reaffirm that we are very much aware of the dangers presented today by cyber technology, the rapid rise of digital technology and its far reaching role in all sectors, social, banking, governments, administration, make digital technology a major part of development. Chairman, we have the impression that the development of this technology has turned against the countries which are leaders in it. And we are extremely concerned about this. Because as developing countries, we need to benefit from the peaceful and secure use of digital technology in order to achieve the sustainable development goals and in order to achieve the 2030 agenda. Our country is in full transition towards digital administration in the public administration and also in the private sector. Chair while respecting the sovereignty of states and the process of consensus, it’s still not impossible for our group to be able to find the ways and means that will make it possible to ensure trust between states in order to secure every country against the risk of the militarization of cyberspace. We recognize the expertise and the importance of the involvement of non-governmental groups in the process of securing cyberspace. But we believe that the latter is complementary to the efforts of the Open-ended Working Group. And that is why we support the idea of organising informal, parallel consultations with non-governmental groups. Mr. Chairman, in order to ensure this trust, and as it was very well described in the UN report Our Common Agenda, it will be indispensable to significantly reduce the digital divide that exists between states through strengthening capacity and that through global solidarity. We are convinced that at the end of this work, we will have tangible results as the outcome that will make it possible to make progress in the process of securing ICTs. You can count on our delegation. Chairman, thank you.

Ambassador Gafoor

Thank you very much Djibouti, for the statement. I’d like to check of the delegation of Senegal is available, they had inscribed and I’d like to see that at this point they are able to take the floor. Seems like they are not present. Excellencies, colleagues, we have exhausted the list of speakers under item four, general exchange of views. And I wanted at this point to share some of my reflections on the discussions we’ve just had, under this agenda item. First, my sense is that the discussions we had which began yesterday, has been very, very rich. Nearly 70 delegations and groups of delegations made statements. And what is noteworthy is that many delegations who do not normally have the opportunity to participate in a discussion, like this one, relating to cybersecurity, have made an effort to participate and engage in this process, and have come prepared with very thoughtful statements. And as a result of that, I think we have had a very productive discussion. And what struck me also was that the tone was very constructive, and forward looking. And I noticed that in many, many of the statements, there were very concrete proposals, very specific ideas, and very focused suggestions. And I’m also happy to say that many delegations actually responded to the guiding questions that I had put forward, and I had prepared and circulated. I’m very glad that delegations had taken the effort to look at the guiding questions, and gave their views on how we can make the Open-ended Working Group action oriented. I’m also grateful that delegations had identified very specific issues that require urgent attention, because that tool was one of the guiding questions that I had put forward. And finally, in the general statements, many delegations also address the issue of how the Open-ended Working Group can engage stakeholders in a meaningful and substantive manner, which was also one of the guiding questions that I had put forward. My impression from the general exchange of statements is that there is a genuine commitment on the part of all delegations to engage. There is also much good faith on all sides and political will to make this Open-ended Working Group a meaningful and productive one. And I think this general exchange of views gives the working group a good start, a positive start, I would say to the work of this working group. Now, I had earlier in the letter that I had circulated and communicated to delegations that after we have exhausted the list of speakers on the agenda item four on general exchange your views that I will return to agenda Item three, organization of work. So I’d like to now return to organization of work on the agenda item three. Now, you will recall that under this agenda item three, we had discussed the programme of work yesterday. And you will also recall that we had not been able to adopt the programme of work. And we then yesterday had a discussion on the important issue of modalities for stakeholder participation. And you will also recall that I had convened an informal meeting yesterday afternoon. And also this afternoon an informal meeting in conference room four. And so in the interest of transparency, I wanted to share some of my observations from the informal meeting in a formal setting, so that all delegations are informed and all delegations are on the same page. As I mentioned, I had two informal consultations, yesterday and today in conference room four and I’ve also had several informal individual consultations along the corridors. And I have to say that I’ve been gratified by the many expressions of support for the work of the chair. I also notice that the tone of engagement has been very constructive in the informal meetings. And in the informal meeting too, I sensed a genuine commitment to continue the conversation in an informal context. Now, yesterday on Monday, the 13th, delegations will recall that I had also circulated another letter. In addition to the letter dated 15 November, I circulated a letter yesterday that dated 13 December, in which I had proposed seven elements as modalities for the participation of stakeholders in the Open-ended Working Group. And in the informal discussions, there has been considerable discussion on the modalities. And on the seven elements. As of now, no delegation has objected to the proposals I have put forward. And I am gratified by that. My sense, also, from the informal consultations is that delegations have an open mind in terms of working on my draft modalities, and using it as a basis for further informal consultations. Again, I’m gratified by that. Now, where exactly are we on modalities for stakeholder participation? There is still a difference in positions. There is still a gap. But my sense is that the differences are not insurmountable. And my sense is that a consensual solution is possible. Perhaps it is even within grasp. And I would like to say as chair of the Open-ended Working Group, that it is important for the process that we agree on modalities for stakeholder participation as soon as possible at this session. I had indicated to you on the first day that I’m scheduled to meet with stakeholders informally during lunchtime on Thursday. And I would like to be in a position where I report to stakeholders that the working group has reached agreement on modalities for the participation of stakeholders. It is important for the credibility of this process. And is also important for all of us to send a signal as soon as possible that this process is ready to engage stakeholders within agreed parameters, within a consensual framework of modalities, which is what we need to agree on a consensual basis. I remain very much committed to finding a consensus solution. And it is also my sense that many delegations are ready to continue the informal discussions to focus on the issue of stakeholder modalities. In fact, no delegation has told me that they are not interested in engaging on this issue. At the same time, I also have the sense that many delegations are ready and keen to get into a discussion on agenda Item five, because many of them have come to the meeting prepared with very concrete proposals, to discuss agenda item five. So given the update that I have just provided you, I’d like to conclude by putting forward a proposal with three parts to it. First, I propose to convene an informal informal meeting this evening at 6:30pm. To continue informal discussions on the draft modalities for the participation of stakeholders. And I would like to use the meeting this evening to explore solutions, drafting solutions, that will bring us forward, that will allow us to find a consensus agreement on the modalities. This meeting I propose will take place in conference room 12. At 6:30pm this evening. That’s the first part of my proposal. The second part of my proposal is that given the remaining time that we have today, and given that we have with us the interpreters. It is important and essential that we use our time efficiently. And I therefore propose that we begin to take statements from delegations on agenda item five. That’s the second part of my proposal. The third part of my proposal is that tomorrow morning, at 10am, when we meet again. We will return to agenda Item three on organizational matters. We will start the meeting tomorrow morning with item three. And I will give an update to all members on the informal informal discussions, again, from the point of view of transparency. So that all delegations are informed and on the same page with regard to the discussions the previous evening. And I will also give delegations an opportunity to make any comments if they wish on the informal discussions this evening or any other comments they wish to make. So this is the proposal with three parts. And the idea behind this proposal, distinguish delegates is essentially to enable us to continue with our work, continue with our work in parallel. On the one hand, it’s important that we continue our work with regard to modalities for stakeholder participation. On the other hand, it is also important that we begin a discussion of agenda item five. So, this is the proposal that I’m putting forward. And I’d like to ask if any delegation has an objection to the way, as I have proposed to you, with the three parts, and I hope that has been fairly clear. I see that the UK has asked for the floor. UK, you have the floor please.

United Kingdom

Thank you very much, Mr. Chair. And I continue to be grateful to you and to all of the colleagues in the room for the for, the open minded and constructive way in which everyone is engaging with this issue. I’m not going to go back into the debates, we’ve all heard it, and those who came to the informal sessions have heard it again. So, Mr. Chair, what I’m going to do is seek a ruling from you, if I may. The UK is not a delegation that ever wants to get in the way of progress. And we’re as conscious you are of the time at our disposal and the resource at our disposal, including the translators and others. We don’t want to disrupt this. And I think as you said, in the informal, we’ve had a very good opening exchange of views. And it’s important that we move on. But I need to seek a ruling from you, Mr. Chair on the question of how we move on. Because as you know, the UK has put a reservation on the programme of work. And we are proceeding procedurally under your stewardship. So my question is this, we would very much like to move on to the fifth part of our agenda immediately. And I know that colleagues have come a long way, and the colleagues wish to discuss this issue the substantive issues before us. But the UK also thinks that the engagement of stakeholders in this process is also substantive. So if we are to move on now, can I have your assurance was chair that we will return to the issue tomorrow morning. And if we have not seen progress and engagement, on your compromise, overnight, or tomorrow morning, that you will come back to us under the issue of the organization of work. And ask us again, if we are willing to proceed with tomorrow’s activity. If that isn’t the case, then I think I will have to very quickly seek further instructions. And I can do that very quickly. But if you are able to assure us, Mr. Chairman, that we will return to this issue tomorrow morning at 10 o’clock, with the caveat that it is again for delegations to decide whether they join consensus and proceeding with further substantive discussions, then we are happy to proceed. But we want to see quality and committed engagement in the discussions you propose to host this evening thatmake progress on your compromise. And again, the UK is grateful for your compromise, and very happy to negotiate on the basis of it. Thank you, Mr. Chair.

Ambassador Gafoor

Thank you very much, UK. I think I made it clear in my proposal of three parts that we will come back tomorrow morning to the question of agenda Item three, under which I will give an update and under which I will give delegations an opportunity to take the floor if they so wish. So that clarity that you seek is already there in my opening remarks or remarks I made earlier. Second, it’s a given that at any point, any delegation can suggest that we do not move forward. And I’m asking all delegations to take small steps to move forward in terms of agenda item five, as well as a discussion on modalities. So the UK you can reserve your sovereign right to do as you wish tomorrow morning, but as the chair I will give every delegation opportunity to state their views tomorrow. But in the one hour that we have, and I hope that we don’t spend that hour discussing modalities, because the spirit of my proposal is that we get into a discussion on agenda item five. The last point I would make is that what happens this evening is not something that the chair can guarantee. What the chair can say is that I am committed to making the informal discussions happen this evening. And I also know, from engaging with all interested delegations, that people will come committed to the negotiations and I think it is not fair that we assume for a start, that others might not be committed, because others could also make that same assumption and then this process will not lead to a good faith negotiations. As I said, at the beginning, I sense that there is a lot of commitment and political will to engage and continue the informal consultations. So that’s what I would suggest. And I really wasn’t opening up the discussion for a big repeat of the debate we’ve had yesterday, because we have exactly one hour and if we can use that hour meaningfully, to get into agenda item five, and come back to agenda item three, and then decide how to proceed. That would be a good start and a signal by all that, we are able to do both things together. Meaning continue our discussions on the issue of modalities for stakeholder participation, and at the same time, use our time efficiently and to get into discussion on agenda item five. So once again, I’d like to ask if any delegation has any objections to the way as I have foot forward. I see no objection. So for today, the remainder of the hour, we’ll move on to agenda item five. And I really would like to take this opportunity to thank all of you for the trust that you have put in me. And I’d like to also say that the informal informal discussions will take place at 6:30pm at Conference Room 12. I’d like to also inform you that it is a room with a limited seating capacity for about 35 delegations. And given the need to observe COVID safe distancing I’d like to request delegations, interested delegations to organize themselves into representatives so that you or your group are adequately represented. And we will start that discussions this evening at 6:30. And right now, I’d like to move on to agenda item five. Agenda item five, which relates to discussions on substantive issues contained in paragraph one of GA resolution 75/240. The first part of it, which has been scheduled for discussion, is to continue to study with a view to promoting common understandings, existing and potential threats in the sphere of information security, inter alia, data security, and possible cooperative measures to prevent encounter such threat. And in the context of that, I would also invite comments on initiatives of states aimed at ensuring security in the use of ICT. I know that this particular topic of potential threats, existing and potential threats has already been touched on in the general statements. But I think it’s important as we begin to look at this in the context of agenda item five, that I would encourage delegations to look at the guiding questions which I had circulated. If we can address them, that will be very good, because it will allow us to get into a deeper discussion. But also, if they have specific and focus comments, I would welcome that as well. So the floor now is open on agenda item five. Thank you. Venezuela. You have asked for the floor. Followed by Kenya. Venezuela, you have the floor please.


Thank you Chairman. I’ve been trying to ask for the floor for quite some time now under item four. And I’m also going to refer to item five, if I may. My delegation was obliged to take the floor with regard to the statement delivered by one of the observer organizations of this organization, as is known in 2017, the Bolivarian Republic of Venezuela denounced the charter of the Organization of American States and we follow through with all of the procedural regulations to ensure that we would exit that regional organization in that regard. And since this or an organization that represents the whole region, my delegation does not feel represented or obliged by any of the frameworks binding or otherwise or by frameworks of Inter-American cooperation in the area of cyber security that are discussed in the framework of the Organization of American States, including in its link as a regional organization, and its linkage to the United Nations. I will be grateful Chairman, if you could record this statement in the record of the meeting. Thank you.

Ambassador Gafoor

Thank you very much, Venezuela. Your comments are well noted and will be reflected in the records of the meeting. I now give the floor to Kenya, you have the floor please.


Thank you, Mr. Chairman. This being the first time that Kenya is taking the floor, I congratulate you Ambassador Burhan Gafoor on your election as the chair of this Open-ended Working Group, and welcome your consultative approach to the whole process. Kenya also welcomes the very informative insights from the briefers in the opening session. In particular, Kenya welcomes the consensual adoption of the 2019-2021 Open-ended Working Group outcome document. And we extend our appreciation to Ambassador Jurg Lauber of Switzerland for his able leadership and spirit of cooperation with the Chair of the Group of Governmental Experts on this important topic. Given the importance of cyber security, a positive and flexible approach is indeed needed from us member states. And I assure you of Kenya’s support and constructive engagement throughout, through our active engagement in both the Group of Governmental Experts and the Open-ended Working Group. Excellencies and colleagues on the issue of existing and potential threats in the sphere of information security, including data security, I would like to begin by noting that our increasing dependence on information and communications technology comes with both benefits and vulnerabilities. The COVID19 pandemic has heightened the world’s dependency on the proper and safe functioning of ICTs, and reliance on digital infrastructure for service delivery and continuance of work. However, when ICT and emerging technologies are used for peaceful purposes, they are indispensable tools for social development, acceleration of the implementation of the Sustainable Development Goals, and a useful support infrastructure for peacebuilding efforts. And it is these benefits. We ought to safeguard from threats by both state and nonstate actors and ensure security in the use of ICT. Kenya is committed to the sustenance and protection of a free and open internet domain. We regard it as a key driver of national development. Kenya is a world leader in digital currency having pioneered the M-PESA. The fast widely used mobile money platform. Our government has also embraced, digitized public service platform delivery through our one stop service facilities known as Huduma centers, which are spread across the country. Young Kenyans are innovating and building in transformative companies. This has been recognized by investors globally, the Silicon Savannah attracting the most investment in our region. With such extensive exposure to the digital domain, Kenya regards it a critical national security aim to secure ICT from existing and potential threats. To this end, we have a robust regulatory regime. And we also have growing capabilities to respond to threats. Our Computer Emergency Incident and Response Team KE-CIRT, collaborates with other national CIRT and internationally through the Global Forum for Incident Response and Security Teams. Chair, I will highlight three areas in particular that we believe are urgent and challenging and would benefit from better international cooperation and collaboration when it comes to threats delivered through or that exploit ICT and cyberspace. First, on ICT and emerging economies. Cybercrime is increasingly focusing on emerging economies. Enhanced cooperation strengthening existing regional and international economic conflict settlement mechanisms is needed, including coordinated efforts to identify and mitigate risks associated with ICT linked activities, such as digitized fraud, the impact of cryptocurrencies on national central banking systems and cyber attacks on critical infrastructure. Secondly, on ICT and violent extremism that is conducive to terrorism. The ubiquitous , programmable and data driven nature of emerging technologies, although beneficial, has also opened a door for misuse by armed groups and terrorists. These groups capitalized on the opaque control mechanisms, algorithms, 3d printing, application of cryptography and simplified user interface to recruit, plan and carry out terrorist acts. This has enhanced radicalization and militarization. Kenya calls for enhanced cooperation and partnership between states and the international community, especially through recommendations emanating from the Open-ended Working Group to build a cyberspace security capability that is robust and responsive in responding to member states’ capacity building needs in this area. Lastly, on ICT and social media, the growing negative impact of fake news, deep fakes, misinformation, and disinformation cannot be overstated. Recently, we have seen the impact of fake news, blunting the response to the COVID19 pandemic threat by promoting vaccine hesitance. The social media companies are going to need to be held to account and made to ensure that fake news, particularly by sophisticated actors, some supported by states, is not proliferating on their platforms. Such a regulatory effort will need to be built on a multilateral platform to ensure uniformity of the effect. I conclude by affirming Kenya’s readiness to contribute to enhance global efforts, institutional frameworks and norms that will amplify the potential of a free, peaceful and stable cyber domain and at the same time, mitigate the existing and potential threats. Thank you, Chair. Asantesana.

Ambassador Gafoor

Thank you very much, Kenya for that detailed statement. We have several speakers who have inscribed, I’ll go through the list as I have it now. China to be followed by South Africa, Russian Federation and the European Union. China you have the floor please.


Mr. Chair, China welcomes OEWG under your leadership, pushing ahead with discussion of substantive topics. China would like to share our views on the topic under discussion. Humanity is now in the digital era never seen before. New technologies such as cloud computing, Internet of Things blockchain and AI are developing by leaps and bounds. They are the engine of economic and social development. There is a deep fusion between cyberspace and the physical world. Countries are more dependent on cyberspace than ever before in terms of scope, depth, and complexity. So, cyberspace has become a community of common destiny in which national boundaries are blurred, and national interests are intertwined. At the same time, we’re confronted with new risks and challenges emerging thick and fast. First, cyberspace is being increasingly militarized. China supports the conclusion in the OEWG and GGE reports that development of ICT capabilities for military purposes, is a major concern for us at present. The continuous development of offensive cyber capabilities and advanced cyber weapons by some states and military blocks, and the promotion of the concept of cyber deterrence will heighten the risk of cyber conflict between states going against the effort to maintain international peace and security. It will also increase the risk of proliferation of cyber weapons whose fallout includes fuelling such cyber crimes as ransomware. Second, cyberspace is at risk of fragmentation. UN Secretary General Gutierrez warned during this year’s general assembly session that the world is at risk of splitting into with two conflicting sets of standards. The same is true of cyberspace. Out of that narrow, petty, geopolitical considerations some states are clamming up as it were, into ideologically defined cliques, wantonly, smearing, maligning, sanctioning and prosecuting other states, creating division and confrontation or hindering the international community’s efforts to discuss international rules, share digital dividends and build a community of shared future in cyberspace. Sir, we are faced with clear and present data security risks. On one hand, infringement of personal information and privacy and large scale cyber surveillance against other states have become major challenges in the development of the digital economy. On the other hand, the frequent cross-border flow of large amounts of data is testing the capacity of governments in terms of doctrine, legislation, and management mechanisms. The varied different standards provided for in the laws and regulations of different states are also hiking up the compliance costs of global enterprises. Fourth, we are faced with salient problems of developmental imbalance and injustices. The global internet infrastructure resource allocation and management system is unfair and unreasonable and the digital divide is widening. A scant few states in the name of security have wilfully bullied and suppressed ICT enterprises of other states and created unfair and unjust obstacles to the global information, ICT supply chain and trade to the detriment of global development and cooperation. China would like to explore with all parties these issues to work out solutions in a joint effort to defend peace, security and prosperity in cyberspace. I thank you, Mr. Chair.

Ambassador Gafoor

Thank you very much. China. Floor now to South Africa, followed by Russian Federation, EU, Singapore and Japan. South Africa, you have the floor please.

South Africa 

Thank you chairperson. On the matter of promoting common understandings on existing and potential threats in the sphere of information security, my delegation would like to make the following points and we will come back on the other matters as we progress. Cybersecurity threats are one of the fastest emerging and rapidly evolving challenges to state security. The complexity of cybersecurity challenges is compounded by the fact that these threats could emanate from domestic as well as international sources, or from state or non-state actors. The risks may take the form of attacks on critical national infrastructure, criminal activity, hacktivist, protests action, or bulk identity theft, in particular ransomware attacks, taking advantage of weak cybersecurity measures and practices as well as limited incident detection and response capabilities are also a cause for concern. States, especially developing countries are all at varying positions of risk given the varying capacities of states to respond to the threats posed by malicious act in cyberspace. The challenge of governments in responding to these threats is that cybersecurity activities need to be pursued across the whole of government, including sub-national levels, as well as provincial or local government, independent agencies, state owned enterprises and contractors, and in coordination with the private sector actors. South Africa remains concerned by the growing threat of cyber attacks on critical infrastructure and Critical Information Infrastructure. While we believe we should confront these threats through greater cooperation, and the development of best practice mechanisms, such efforts should be context appropriate, support national priorities and efforts to identify, designate and safeguard such infrastructure. The challenges emanating from the interconnectedness of cyberspace, are not only relevant to interactions between states, but also extend to the public and private domains within states. The developmental perspective to close the digital divide, does not only support socio-economic objectives, but also supports the peace and security objectives. Specifically, raising the general level of ICT capacities in states will also buttress the overall resilience to cyber threats of states. In addressing these challenges, the first OEWG report already provides important practical markers, which the current OEWG may wish to take forward, national implementation of existing norms for example, developing and sharing of experiences and good practices. In this regard, capacity building and assistance in support of national priorities remain critical in bringing states on par for the betterment of security of global cyberspace. As this is truly a global challenge that requires global solutions. To govern the use of cyberspace and especially the threats posed to international peace and security. South Africa supports the applicability of international law, and specifically the United Nations Charter in its entirety. South Africa believes a discussion on how to practically operationalize the applicability of international law when rich national and international efforts to prevent and counter threats in the area of information security. Achieving common understanding on how international law applies, and implementing these will build essential trust among states. Finally, we believe that engagement of all relevant actors, including civil society, in the private sector, is important to both understand the nature of these threats, and to cooperate and adequately address across all of society, the threats posed by both state and non state actors, I thank you.

Ambassador Gafoor

Thank you very much, South Africa for your statement. I give now on the floor to the Russian Federation.


Mr. Chairman, I wish to thank you for having given us the floor. And despite all the obstacles that stand in our way, the possibility for delivering a statement is something which we appreciate the opportunity to speak on such an important matter as the existing potential threats in the area of information security, and potential joint action to prevent those threats and to counter them. Under circumstances of the COVID-19 bio pandemic which has covered the entire world what we see unfolding before our very eyes is a manmade cyber pandemic, which is now affecting almost all areas of our lives. Under these circumstances, we deem it to be of critical importance that we identify new and existing threats to most effectively ward them off. In our view, the current challenges in the area of information security could include the following threats: threats that are related to the use of ICT means include military, political and other threats in military, political and other areas in order to undermine or damage sovereignty and to violate the territorial integrity of states for terrorist and extremist purposes, including for terrorism propaganda, and the spread of extremism and to bring new adherence into these activities; for criminal purposes, including for crimes in a computer information as well as to carry out various forms of fraud for the conduct of computer attacks targeting information resources of states, including Critical Information Infrastructure, as well as unsanctioned intervention in information resources for the meddling in domestic affairs of states in a breach of civic order to inflame inter racial, inter ethnic and other forms of hatred are for these dissemination of propagandistic and other hate speech and theories which inflame discrimination and violence as well as instability as well as to destabilize political and socio economic situations and to undermine state governance, as well as so to spread information that undermine socio political and economic systems, spiritual, moral and cultural realms. In recent years, considerable vulnerabilities have been identified in remote management and service management, as well as services supported by them, result in amplified computer attacks being carried out. This points to the fact that private individuals and terrorist groups have effectively gained access to tools which are on the same footing as those held by states. There is a threat posed by certain states using technological dominance in the global information space, to monopolize the ICT market, and limitations on access for other states, so to modern technology as well as to enhance their technological dominance, and increased information inequality. There is a persistent problem of the dominance of certain states in the conduct of normative and legal aspects of the activities of IT companies which have a global profile. The international community needs to carry out an in depth consideration and analysis of the gamut of factors that lead to escalation of threats including an anonymity of action in information space. In order to counter existing and potentially new threats, there is a need to endeavor to forge a global system of international information security under the aegis of the United Nations on the basis of respect for the principles of equitable safety and security of states and equitable resolution of disputes that arise from the use of ICT. Among individual areas which warrant attention, subjects which warrant attention, I wish to emphasize the importance of the protection of personal and other data. The definition subsequent approval of principles for processing of personal data in a manner that is uniform for all UN member states would help to significantly raise the level of personal data protection under the irrelevant cross border realm, and it will help to strengthen legislation for the protection of personal data, where certain states may have shortcomings. Thank you for your attention.

Ambassador Gafoor

Thank you, Russian Federation for your statement. I give now the floor to the European Union to be followed by Singapore, Japan, India, and the Islamic Republic of Iran. EU you have the floor please.

Thank you, Mr. Chair. I have the honor to speak on behalf of the EU and its member states. Cyberspace and in particular the global open Internet has become one of the backbones of our societies and economies. The promotion and protection of international law, human rights and fundamental freedoms as well as norms of responsible state behavior are crucial to our social, political and economic development. The uptake of digital technologies has allowed for a significant transformation as well as unfortunately an increase of cyber attacks, including state sponsored malicious cyber activities. These attacks have the potential to pose systemic risks to our societies and economies nice and seek to threaten our security, as demonstrated by the recent rise of supply chain and ransomware attacks, including those targeting the health care sector. The EU continues to investigate all malicious cyber activities with the view to sustained joint and coordinated action to prevent discourage, deter and respond to such malicious behavior in cyberspace, including by closely working with our international partners. In 2017, the EU developed a cyber diplomacy toolbox making measures within our policy, foreign and security policy available to respond to malicious cyber activities. With this, the EU intends to encourage cooperation, mitigate cyber threats and influence potential perpetrators towards responsible behavior in cyberspace. In April 2021, in this context, the high representative on behalf of EU member states expressed solidarity with the United States on the impact of the Solar Wind cyber operation. We have also exposed in July 2021, the compromise and exploitation of the Microsoft Exchange Server attack, which undermine the security and integrity of 1000s of computers, and networks worldwide. It further allowed this attack to access a significant number of hackers that have continued to exploit the compromise since then. We have urged states to take action against malicious cyber activity stemming from its territory. And also in September 2021, EU denounced malicious cyber activities designated as Ghostwriter that some of our member states had observed. And we see these as unacceptable, and we say that all states and all actors involved must put those to an end immediately. Preventing and limiting malicious activities is of crucial importance for conflict prevention and reducing the risk of miscalculation and escalation. Malicious cyber actors taking advantage of vulnerable systems is another example of the fast evolving landscape and the risk for security and stability. In this context, the EU and its member states call upon states to continue to encourage responsible reporting of ICT vulnerabilities and for the cooperation to address them in line with norms part of the UN framework of responsible state behavior. We are concerned about the rising threat landscape in particular cyber attacks that have most significant effect, notably those affecting our critical infrastructure, democratic institutions and processes, supply chains, attacks, ransomware, and cyber enabled theft of intellectual property. This makes it particularly pertinent that we continue to discuss and implement the United Nations Framework for Responsible state behavior in view of international security and instability, notably through the Open-ended Working Group, as well as through the Programme of Action to advance responsible state behavior in cyberspace. Through our respective EU cybersecurity strategies, we have invested significantly in legislation, policies and measures aimed at appropriately addressing cyber threats and activities. Computer Emergency Response Teams has been established, cooperation with the private sector has been developed, and crisis management structures has been set up. All efforts to address the increasing cyber threat landscape, and all efforts which are directly contributing to the implementation of the United Nations Framework. In addition, the EU has put in place external policies and mechanisms to address the growing challenges, notably to advance United Nations Framework for Responsible state behavior, but also to implement diplomatic responses as said, as well as increasing international partnerships and global resilience through capacity building efforts. We believe that we should continue to elaborate an exchange on the cyber threat landscape, and the consequences for international security and stability as well as are the consequences for our societies and our economies, and on the ways and means that could support states to effectively tackle those pertinent challenges in cyberspace. In order to develop a common understanding to tackle these pressing challenges faced by all states, the Open-ended Working Group could hold dedicated meetings on specific norms of responsible state behavior in light of specific threats faced by the EU and its member states, as well as the broader international community. Such discussions would contribute to the understanding of the cyber threat landscape, the challenges to be addressed by the international community, and will help us to identify concrete solutions to advance the implementation of responsible state behavior in cyberspace. In this context, the EU and its member states will take the opportunity to elaborate on the cyber threat landscape, as well as their efforts to developing cybersecurity structures and mechanisms that could support states to appropriately address these challenges. We look forward to share our best practices and lessons learned, contributing to our common understanding, and operationalizing, the consensus under the United Nations Framework in view of the rising threat landscape. We thank you for holding these discussions and look forward to the continued exchange on these important matters. Thank you.

Ambassador Gafoor

Thank you very much European Union for your detailed statement, I would take the opportunity to encourage delegations to share their statements in the Estatement  Module, I think delegations are able to submit their statements in the Estatements platform, so that all of us are able to have access to the written statements, and we can refer to them easily. So that’s something I would encourage. I’d like to give now the floor to Singapore, followed by Japan, India, Iran and Cuba. Singapore, you have the floor please.


Thank you, Mr. Speaker. Malicious cyber activities have grown in scale, sophistication and impact, especially in response to the increasing reliance that all of us have on digital solutions to help countries, companies and individuals cope with COVID-19. These threats, new and old, have elevated to a level which impacts international peace and stability. I will highlight three trends of particular concern for Singapore. First, the step change in ransomware attacks. Ransomware attacks are no longer just sporadic and isolated incidents. The emergence of an entire ransomware ecosystem in the dark web has led to differentiation and specialization of roles. And this is a particular concern. Ransomware developers provide their products for sale to affiliates, who in turn are responsible for causing further infections. This whole ransomware as a service business model is a very worrying development, as it places capabilities, dangerous capabilities in the hands of anyone who has intent to cause disruption and the financial means to do so. Even if they did not have the capability to do so organically. They have developed it into a threat that has systematic and national security implications, especially when they target or attack Critical Information Infrastructure, or lock up hundreds, if not 1000s of systems in a single attack. The impact of ransomware attacks is no longer contained in the digital domain, and have now spilled over into the physical domain, often with ramifications on the provision of public or essential services. Second, the compromise of supply chains, organizations and governments often rely on vendors such as technology firms and managed service providers for digital products and services to support their business operations. Cyber attackers have increasingly been leveraging these upstream products and vendors to attack their clients. This is insidious and difficult to guard against as it compromises the trusted IT ecosystem. Earlier this year, the Kaseya Virtual System Administrator incident showed just how such breaches with this compromise many, many victims at once, going through just a single trusted vendor. Just a few days ago, a critical vulnerability was discovered in a widely used piece of code known as Log4j which, if used by attackers, could compromise hundreds of millions of systems. Third, the threat against operational technology and Internet of Things systems. There is a rise of critical OT vulnerabilities discovered. The number of OT vulnerabilities discovered and reported annually by the industrial control systems cyber emergency response team has grown steadily at an estimated 16% year on year from 2017 to 2020. These OT systems run our energy grids, water systems, fuel pipelines, and when disrupted have tangible consequences on our day to day lives. In the past, OT systems were less exposed to cyber risks. Increasingly, various sensors and IOT devices are being connected to these OT systems to aid in data collection, analysis dashboarding and this is leading to an increased attack surface for all of these operational technology systems. There have been reports of threat actors targeting utilities companies with the objective of disrupting critical services. Given the increasing digitalization of OT systems, securing them against such cyber threats must be a priority. Fourth, and finally, it’s not a threat in particular, but its the emergence of new technologies that we’re still studying. Attackers are also actively developing ways to compromise these new relatively new digital technologies like cloud, AI, blockchain. Victims of the three major threats I highlighted above, as well as these new threats. These new technology risks could be at the scale and impact that have serious national security concerns. While technical professionals are working on specific solutions at the technology layer, it is equally important for us here to work together to reduce misunderstandings and increase cooperation so that we can have a more peaceful and resilient ICT environment. Thank you.

Ambassador Gafoor

Thank you, Singapore for your statement. I give the floor now to Japan.


Thank you Chair for giving me the floor. I’d like to develop Japan’s point of view on the issue of existing and potential threats in the sphere of information security, following the guiding question provided by the chair. Across the international community, cyberspace is used as a basis for all activities. And the dependence of the entire society on cyberspace is dramatically increasing. Such trend is accelerated by COVID19 pandemic. In consequence, the impact and damage of cyberattacks on the international community is more and more serious. And it is necessary to promote cybersecurity policies and activities based on the understanding that the cyberspace is a part of the social infrastructure. Based on this recognition, Japan revised our cybersecurity strategy in September. In the cybersecurity strategy, we decided the policy approaches in order to maintain cyberspace as a free, fair and secure cyberspace, which is a realm of interstate competition that reflects geopolitical tensions even during normal times. And we will implement them. The international community needs to respond urgently to cyber attacks by ransomware. In some countries, ransomware cyber attacks on critical infrastructure have already occurred, causing direct damage to people’s day to day lives. It is important to send out the message that the international community is united in its response, not only from a technical standpoint, but also from a political policy standpoint. It is important for the international community as a whole continued to implement the norms agreed upon in the past GGE reports. It is unacceptable for any governments to be involved in cyber attacks. In addition, accumulating implementations of the internationally agreed upon norms by states will enable to improve the trust among countries and send a message to oppose to any cyber attacks. Thank you Chair.

Ambassador Gafoor

Thank you very much, Japan, I get floor to India.


The threat to nations at large and public in general has increased many folds over the years in this period of information security. The broad array of threats posed by both state and nonstate actors have not only multiplied but misuse of information infrastructure has increased to extents, which were earlier not thought of. The threat to public safety and security is multiplying. With growing dependence on the Internet, including the move towards Internet of Things, smart cities, connected cars, artificial intelligence, drones, big data, augmented reality, etc. It increases the canvas of objects for attacks, and some of them are capable of causing lethal kinetic impact, which can adversely affect peace and security at the global level. The most unregulated cryptocurrency and digital currency markets have posed challenges of aparallel economy, which many nations are finding hard to fight. The unregulated growth in this sector has been one of the biggest sources of channelizing funds for hosting of evasive attack infrastructure used by cybercriminals. There is an increase in reliance on cloud infrastructure and security of data centers housing the data of individuals and organizations. The sheer number of cyber attacks on companies, government, and individuals and the sophistication of these threats has increased from the application of emerging technologies, especially from greater tactical cooperation among nonstate and state actors. Moreover, the lack of standard procedures of data security and compliance over cross borders. Lack of demarcation between data acquisition for experience and services. An exact need by application service software companies has many times resulted in mega breaches and also misuse of data. Incidents involving the malicious use of ICTs by states and nonstate actors have increased in scale, scope, severity and sophistication. There is an immense need to protect critical information infrastructure systems like health, power, banking and financial transport networks, etc. from cyber attacks by the adversaries. The threats to this critical infrastructure systems are bound to increase in the future as our dependence on them increases. There is an increasing phenomenon of using social media platforms for spreading misinformation and disinformation leading to disturbance of law and order, peace and security of member states. This issue needs to be addressed holistically by involving the social media intermediaries and the end users. The use of ICTs for terrorist purposes has become an increasingly complex challenge to address by individual countries. India believes that as a transformative enabler within governments and societies, ICTs should be used responsibly with trust and transparency for application in a human centric manner and data for development should be a global imperative. The concept of trusted sources in the ICT global supply chain to ensure integrity of ICT products and systems could not be stressed more in the context of increasing use of ICTs for the purposes that are inconsistent with international security. Mr. Chair, the growing role of nonstate actors, including the private sector, some of whom are contemplating or already implementing development of offensive compatibility for their own use could lead to proliferation and direct threat to international peace and stability. Global ransomware attacks in the recent time, pose an increased danger to all critical infrastructure owners and operators small and medium businesses, governments. More and more organizations are being targeted by sophisticated criminal enterprises and nation state proxies operated by distinct criminal organizations. Also use of AI power, deep fake videos, audios in fishing, poisoning of AI models based defense devices, hacking of blockchain powers, smart contracts and attacks from computing cloud using data center malware define the latest threats. Mr. Chair, the Indian Computer Emergency Response Team CERT-In is at the forefront in preventing and countering cyber attacks and has been successfully in ensuring resilience of Indian cyber infrastructure. I would like to take this opportunity to highlight some of the initiatives and activities that CERT-In has taken that are of relevance to the international community. CERT-In operates 24/7 incidents response Help Desk. CERT-In provides incident prevention and response services as well as security quality management services to Indian cyber community. CERT-In provides swift response to the incidents reported by international partners and facilitates timely resolution. CERT-In has established its automated cyber threat intelligence sharing platform to facilitate bi-directional sharing of operational strategic and technical threat intelligence to various counterparts and stakeholders to deal with complex sophisticated cyber attacks sharing and exchange of threat intelligence. CERT-In has partnered with many international partners and leading cybersecurity organizations from industry for cooperation and collaboration in the area of cybersecurity. CERT-In is also participating in activities of several global multilateral forums in the area of cybersecurity. Botnet cleaning and malware analysis center has been established by CERT-In for detection of compromised devices in India and to notify enable cleaning and securing systems of end users to prevent further malware infections. The CERT-In is working in close coordination and in collaboration with Internet service providers, antivirus companies, academia and industry. At the level of states in India, there are cyber cells which address the issues of law enforcement in the context of cyber crimes. There are several initiatives taken by these cells to protect end users from cybercrimes. With this, I will conclude my statement on this particular agenda topic. Thank you, Mr. Chair.

Ambassador Gafoor

Thank you very much, indeed, for your statement. I give now the floor to Iran.

Thank you, Mr. Chair. As a matter of fact, I’ve received some further remarks about the general aspects of the question. So with your indulgence, I’m going to share those remarks first, and then I’ll address the issue of existing and potential threats about the question on action oriented approach. First and foremost, referring to many states at the beginning of this question is a factual departure from previous outcomes. We are of the firm view that a selective approach would not facilitate our discussion in this important forum, which has been established as an open, transparent and all-inclusive UN body. The last OEWG report, including the chair summary reflects the fact that there are other states with different views on essential issues that have to be discussed comprehensively and agreed as the most important prerequisite before exerting to any action oriented mechanism. We shall avoid impulsiveness at this stage and give ample opportunity to this new OEWG during its five year timetable to saturate its deliberation on resolved core topics including existing and potential threats, new norms, terminology, the applicability of international law, etc. It goes without any saying that previous outcomes are clearly indicative of the fact that a large number of states support legally binding obligations to ensure the security and stability of the ICT environment, which is stated in paragraph 80 of the OEWG final substantive report. All proposals should be further considered in this OEWG established persuant to General Assembly resolution 75/240. On the issues that require urgent attention and early outcomes, we believe that since the lack of common understanding of terms and concepts constitutes a major potential source of mistrust in ICT environment, we believe that the new OEWG should prioritize the pending issue of terminology to this end according to resolution 240. A subgroup could be established early in the process to work on this important issue of terms, concepts and terminology as a practical step for furthering international cooperation and building trust. We have explained in detail why the elaboration of terminology as the element for describing the definition and criteria to deal with ICT security is absolutely needed in our submissions to previous OEWG according to the UNGA resolution 240. The primary mandate of the new OEWG is to continue as a priority to further develop the rules, norms and principles of responsible behavior of states and the ways for the implementation, and if necessary to introduce changes to them or elaborate additional rules of behavior. In the first OEWG discussion, many countries had put forward specific language proposals on the rules, norms and principles of responsible state behavior, which were contained in the annex to his final substantive report as the Chair summary for further consideration. In this new OEWG as stated clearly in paragraph 80 of the report. It is Iran’s priority to formulate new norms in light of existing and potential threats in ICT environment during the previous OEWG. Our delegation has put forward specific proposals on new rules relative to threats arising from content, unilateral, coercive measures, and the responsibility of private sector and other stakeholders among others. We stand ready to exchange views and work for consensus with all parties in this regard in the new OEWG and about stakeholders participation in a meaningful way, the inter governmental character of the OEWG should be preserved and respected with a view to availing all UN member states of the opportunity for interaction, any contribution from the private sector, civil society and academia to this intergovernmental mechanism can be made through informal consultative meetings with stakeholders as occurred during the previous OEWG. Now with regard to the existing and potential threats first, we believe that a peaceful ICT environment can enforce international security and instability. This requires a more comprehensive approach to threats in the sphere of information security, which addresses not only the digital infrastructure, but also the content and information itself. Some examples of urgent and challenging existing and potential threats that states are facing are as follows. One, monopoly and hegemony in the Internet governance. Two, actions in the ICT environment in that violating national sovereignty interfering in internal affairs, and undermining the political, economic and social systems of other states inter alia, through disinformation. Three, threat or use of force against sovereignty and territorial integrity or political independence of any state, within and through ICT environment. Four, unilateral, coercive measures, including limiting and blocking in ICT environment. Five, excessive and politically motivated and fabricated attribution of attacks in ICT environment. Six, lack of responsibility of private companies and platforms. Seven, applying double standards in safeguarding cyber security. Eight, manipulating of ICT supply chain, including through implanting backdoors in order to create vulnerability in products, services and maintenance, compromising sovereignty, data protection and data security of the target states. Nine, lack of legally binding international instrument to regulate states and other stakeholders behavior in ICT environment. And Ten, imbalanced development of different areas of international law in the ICT environments such as governance, cyber crimes, data protection, and data security. And this second question, with regard to prevention and detection and respond to existing and potential threats, my delegation is of the view that states can exercise responsible behavior realize their rights and accomplish their obligations in cyberspace if and when required capacities exist. This is however not realized unless technological, infrastructural and informational needs are met, including through the de-monopolization and facilitation of access to and transfer of new ICT relative science and technologies. Restrictive measures against other states in ICT environment, such as limiting and blocking IP addresses, restrictions to the registration of domain names, and removal of popular apps from App marketplaces seriously affect existing capacities and efforts to build and develop the required capacities. Internet is a global resource and digital sanctions have affected investment in ICT infrastructures, as well as access to digital technologies, equipment and digital resources such as IPs and DNS systems and networks and digital forensic tools, which constitute barriers for achieving national ICT relative development goals. OEWG should focus on components of global architecture for capacity building under the auspices of the United Nations. This should guarantee a balanced non-discriminatory and demand driven global cooperative arrangement for ICT related to capacity building, ensuring also security, safety, integrity of ICT supply chains. Thank you very much, Mr. Chair.

Ambassador Gafoor

Thank you very much, Iran for the statement. Distinguished Delegates, I have three more speakers, Cuba, Iraq and Switzerland. But I propose that we take up the remaining speakers and others who will no doubt inscribe to speak later. Tomorrow when we get to agenda item five. Tomorrow morning it’s my understanding we are meeting at Conference Room 123. Let me check with the secretariat. Yes, correct. So we will resume tomorrow morning at Conference Room 123 at 10am. And we will as I said earlier, start with agenda item three to get an update on organizational issues. And then it is my hope that we will be able to take up there remaining speakers and other speakers on agenda item five. I wish you all a pleasant evening, and I will see oh, sorry, Cuba.

Thank you, Chairman. I’m sorry for asking to take the floor. But I just wanted to say that a few minutes ago one delegation took the floor as observer and referred to the fact that they were speaking on behalf of the countries of the Americas overall, we just wanted to make it clear that this organization does not speak on behalf of all of the member states of the region of the Americas. Thank you very much.

Ambassador Gafoor

Thank you very much, Cuba. Your point is noted and will be recorded and I know that you had also asked to make a statement. You will have an opportunity to speak on agenda item tomorrow. When we get to the agenda item. I wish you all a pleasant evening and I will see those of you who are attending the informal consultations at 6:30 in conference room. Good evening. The meeting is adjourned.

Leave a Reply

Your email address will not be published. Required fields are marked *