IGF 2019 WS #359
Network disruptions across borders: a new cyber response

Organizer 1: Peter Micek, Access Now
Organizer 2: Berhan Taye Gemeda , Access Now

Speaker 1: Lise Fuhr, Private Sector, Western European and Others Group (WEOG)
Speaker 2: Berhan Taye Gemeda , Civil Society, African Group
Speaker 3: Anriette Esterhuysen, Civil Society, African Group

Moderator

Peter Micek, Civil Society, Western European and Others Group (WEOG)

Online Moderator

Olausson Kristina, Private Sector, Western European and Others Group (WEOG)

Rapporteur

Peter Micek, Civil Society, Western European and Others Group (WEOG)

Format

Round Table - Circle - 60 Min

Policy Question(s)

Is a network disruption ever a justifiable countermeasure or response to a cyber attack or operation? If so, what are the rules, norms, or laws—existing or aspirational—that govern the extent of the disruption? Given the wide impacts of such disruptions, who should take part in the development of these norms and laws, and in which fora?

SDGs

GOAL 9: Industry, Innovation and Infrastructure
GOAL 16: Peace, Justice and Strong Institutions
GOAL 17: Partnerships for the Goals

Description: On November 6, 2018, the United States Cyber Command conducted an operation to silence the Internet Research Agency (IRA), the Russian “troll farm” that played an instrumental role in spreading mis- and dis-information ahead of the 2016 U.S. presidential election. The operation, which was conducted in an effort to “prevent the Russians from mounting a disinformation campaign” that would “cast doubt on the results” of the 2018 U.S. midterm elections, knocked the IRA offline temporarily. In the wake of the operation becoming public, a standing U.S. senator and an Obama-era National Security Council cyber advisor raised the question of whether the response was strong enough. If the U.S. government really wants to send a message, they said, they should disconnect the entire country from the internet. The Cyber Command operation and subsequent statements from officials raise an important question: to what extent are network disruptions a justifiable response to a cyber attack?
Network disruptions, or blackouts, are events where some or all internet end users’ connections to the internet are disrupted. Network disruptions can be intentional or unintentional, and their effects are manifold. When access to applications like social media, mobile money, and messaging are disrupted, users are suddenly left without crucial information and links to family, friends, and institutions within and outside their countries. The many harms from such disruptions are beginning to be catalogued by civil society, as through the #KeepItOn Coalition against internet shutdowns, in conjunction with media.
To date, network shutdowns have largely been perpetrated by governments in order to limit their polity’s access to the internet. However, more recently governments have taken to leveraging cyber capabilities to limit other countries’ citizens’ access to the internet. This roundtable workshop will discuss important questions implicated by this new trend, including:
● To what extent do existing internet and non-internet governance regimes (norms, laws, or standards) already provide guidance for the acceptability of this type of behavior?
● To what extent should network shutdowns be an acceptable countermeasure in response to a cyber attack? What sorts of limitations should be placed on state use of offensive cyber capabilities to disrupt network access?
● What are the implications (political, architectural, economic, human rights, and others) of the use of network disruptions in response to cyber attacks or campaigns?

The workshop will feature two 10-minute opening presentations from featured speakers, including the Director-General of ETNO and the leader of a civil society coalition against internet shutdowns. An academic will then moderate a roundtable-style discussion. The goal of the discussion is to gather a wide array of stakeholder perspectives in order to inform a more substantive policy discussion that expands the current discussion’s aperture wider than the narrow, military focus currently embroiling it. Lessons and learnings would then be captured and published in a public outcomes document.


Expected Outcomes: ● Clearer understanding of:
○ The rules, norms, and laws governing the state use of offensive cyber capabilities to disrupt network access in countries other than their own.
○ The tradeoffs and implications of shutting down network access in another country, including the potential economic, social, political, architectural, and human rights implications.
○ The stakeholders in cyber policymaking and critical infrastructure management, with focus on those with authority over telecommunications networks.
● identification of the leverage points and advocacy pathways to increase inclusion and representation of viewpoints and equities beyond narrow military and legal considerations in cyber policymaking
● Published outcomes document to capture key lessons and learnings for presentation to policy- and decision-makers

Speakers will come from vastly different perspectives, including the Director-General of the private sector telecom association ETNO, the leader of the #KeepItOn civil society coalition against internet shutdowns, and the public sector. The workshop will feature two 10-minute opening presentations from featured speakers, who will then moderate a roundtable-style discussion. The goal of the discussion is to gather a wide array of stakeholder perspectives in order to inform a more substantive policy discussion that expands the current discussion’s aperture wider than the narrow, military focus currently embroiling it. We will present a lively cross-examination of their arguments. Lessons and learnings would then be captured and published in a public outcomes document.

Relevance to Theme: From a broad perspective, a nation's ability to reliably and consistently access the global internet is fundamental to its creation of a digital healthy, resilient, stable, and secure digital environment. Critical infrastructure depends on internet access to track and identify threats, while individual users are growing more reliant on internet-connected applications for their daily economic, social, and cultural activity, from accessing medical services to transacting business to remaining in touch with family. For these reasons, the decision by a foreign actor to actively disrupt a nation's access to the global internet is integrally important to security and safety, online and offline.

Relevance to Internet Governance: The capability of a state actor to prevent another state or population's access to the internet has the potential to broadly impact all stakeholder groups through a swift, decisive, and unilateral act. Given that this sort of powerful act has already taken place, the timeliness of this discussion is established. We propose to study the norms around cross-border disruptions from a variety of stakeholder lenses, attempting to broaden what has so far been a limited discussion of narrow, military interests and arcane legal rules. Few other measures command such fascination as kill switches, and we expect robust discussion of possible norms, procedures, and accountability structures to reign in this function as it begins to be deployed across borders. Governance of the internet by default involves cross-border considerations, and this topic -- despite its origin in more military or cyber scenarios -- squarely falls within the remit of existing internet governance institutions whose purpose is to protect and promote the shared evolution and use of the internet.

Online Participation

Before the event, we will advertise the workshop online through the robust social media channels of Access Now and the New America Foundation. We will elicit questions and comments before the event, and the online moderator will curate a presentation of these online contributions throughout the session, rather than waiting until the end as many sessions do.