The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.
***
>> MODERATOR: Good afternoon, everyone. Thank you so much for joining us for this final session for today on mum stake governance and International Law in cyberspace. My name is Joanna Kulesza, I'm an assist' professor in Lodz Cyber Hub in Poland, and I have the privilege of the Research Center for Lodz Cyber Hub that researches cyberspace.
It's my pleasure to be in this session. I'm joined by my online moderator, Mr. Wiktor about square effect who will be monitoring the online. We have are a host of minute industry by the Minister of Digital Affairs who is the host for this session and the cyber hub. For the purpose of time I will shall refrain from individual ducks, and I will ask the speakers to introduce themselves as they take the floor.
And I will start by giving you the background for this panel, why is it that it might be worth our while to discuss the application of International Law in cyberspace during an IGF.
As I'm certain you have noticed there are some overarching themes of WSIS +20 input and WSIS happening in a couple of days time will be the process how we decide if we have governed cyberspace thus far through the multistakeholder model and indeed how we wish to on it.
As much as there is consensus, it will likely remain the way. There are also enhanced conversations around how International Law could help us facilitate that model, make it more initiate, and make it more inclusive, and maybe it more predictable. And this is where our panel and our panelists come in.
We will discuss broader issues of Internet Governance and International Law. We will also look specifically into individual documents and processes that facilitate building a more resilient and sustainable cyberspace.
For the opening remarks I am thrilled to share the floor with Mr. Maciej Gron representing the cyber agency, and why it may facilitate the model with International Law. Sir, the floor is yours.
>> MACIEJ GRON: Thank you very much. I'm speaking on behalf of our research institute. And I deal with cyber civil security. And I work for polish hotline. Frankly speaking I was trying to prepare something -- for something special. But you know discussing the topic of multistakeholder governance and cyber -- law in cyberspace has been discussed extensively, not only at this IGF but many IGFs before.
So I can only say that you don't just -- the model is not nice thing to have. It's absolutely -- it's massive.
And it's not just a good idea, it is fundamentally conditional for our daily work. Even the best national law, our powers are not required beyond borders.
But from my perspective as law working for the hotline, we are dealing with the legal content, as you know. So there's nothing like the national illegal content. The content is legal content. Especially it's always international. So if the problem is international, we need an international solution. Absolutely national regulations which are only for the one country are not -- obviously not enough.
But when we are dealing with legal content, we have good examples, because we are not treating, you know, the regulations, like that digital criminal codes or civil codes. Because on the global level it's absolutely impossible.
But we have very good standards. We are working on the standards absolutely in the model, and we have a great institution called in hope. And to this tradition belong 55 countries.
So we have a lot of good examples. And we are absolutely very, very optimistic that -- you know this approach, multistakeholder approach and International Law, as you know our International Law, because it's impossible we don't have international codes, which are the same -- like you know are national. So we have another good example.
The one example which I wanted to mention --
For example, universal classifications key. Which can standardise the content. What is legal and what is not legal.
But you know, always the meaning of this context are always the same. And the cooperation is very, very important because the same material can be legal in one country and not legal in the others.
Today we have to discuss also the problem of deep fakes and deep notes. And these kind of materials are not legal in every country and not legal in every country. So we have to cooperate somehow. So that's why our standards which we have, you know, they are helping us very much.
And if someone thinking, you know, that good standards for the one country is enough, I don't think it's true. So I encourage everyone to cooperate with us with our standards. And what is important, we have, you know, very good examples.
But we are -- as you know, always, the regression is not enough. So we need to know the people who will share this regulation, and we of course -- first of all, we will respect the standards. But if it's very easy, it just want to be doing this is important.
So I think that when the focus is really concrete and the reason why -- one way we want to protect, you know, someone, in my case, children, it's enough, you know, to start and be efficient as much. Thank you very much.
>> MODERATOR: Thank you very much Maciej. It's important for the multistakeholder approach and important for the International Law to play within that framework.
For our panel, I'm pleased to welcome four speakers. We have a good hybrid setup, as can you see. We have some of our speakers joining online and some of them here in the room. The process for this panel shall be for our speakers to take the floor. I will kindly request them to speak for roughly 15 minutes.
We have given them specific themes which I will introduce as we progress. And then we would love to open the floor for your questions and/or comments. We do have online participants. We encourage them to post their questions into the chat. Clearly highlighting that that is the content of the question and to whom it might be directed. We will then read those questions out loud. The remote participants are also encouraged to take the floor. And then we have remote mics available for participants in the room.
So we would like to keep this session interactive. Whereas we would like to you kindly hold your questions and comments until after the presentations from our panelists.
As already said we have a wonderful setup of speakers representing different areas of where International Law is being applied to cyberspace. It is my great pleasure to welcome as our first speaker, Ms. Anna Podgorska-Buompane, who is representing Poland with the European commission. Anna is also representative of Poland within the ICANN community. And we have had fruitful conversations around how the work within the European commission on Internet Governance and facilitating responsible state behaviour in cyberspace could compliment the WSIS +20 processes and the work done here within the IGF community.
Anna has kindly agreed to offer a glimpse into the polish presidency with that specific theme. And it is my great pleasure to hand the floor over to her with a brief, kind request for an introduction. Anna, the floor is yours.
>> ANNA PODGORSKA-BUOMPANE: Thank you very much, Joanna. Good afternoon, colleagues and families and good afternoon to all attendees.
First of all I would like to kindly apologize, because I was supposed to be on site. But due to the general strike here in Brussels which affected basically all sector, not just transport, airports are closed and there are no planes taking off today. So that's why unfortunately I had to join online.
I am an employee of polish digital efforts ministry, but for many years I've been seconded to polish representation to the EU. As the digital and cyber attention, dealing with mostly with cyber and digital diplomacy.
And during polish presidency, to the European council, I'm telecom working part-time, focusing mostly on external relations.
So we thought it would be a very good occasion to share our perspective on the external policies and multistakeholder approaches, including WSIS review sees the -- since the presidency happens every 13.5 years. So the next possible for us would be in so many years.
So just to very quickly sum up what we have introduced during our presidency, it's to have a clearer view on the external relations of the EU. And one of the polish president's priorities in the digital sphere was indeed concentration on Internet Governance and multistakeholder processes which are currently taking place and which are indeed very, very important.
So we have worked within our 27EU member says. And we -- the work seized the 1st of January, having been involved in elaborating different coordination positions. If I may only site a couple of them. So we have discussed the EU and its member states together with the European commission on the WSIS +20 review. We have within the council elaborated on different priorities. But just to mention a couple them, these are, of course, the issues related to strengthening the IGF, which is the cornerstone initiative on the IGF, human-centric and human rights based approach. Multistakeholder governance as a core of the EU system.
Of course strengthening WSIS towards a digital device and of course depending the open free and inoperable from multistakeholder governance, which is really a key word for the EU, but also for the stakeholder. And the WSIS review but also in participating on the review and global dialogue on Internet Governance.
And also just to flag up, of course going around the WSIS and multistakeholder approach, being we thought that the involvement of many different players, not only member states, would be very, very much important. That's why we have also organised with the co-organizer, the European commission, in April, the multistakeholder high level conference on the governance of point zero in which the main thing was indeed concentrated on the Internet Governance and we had many distinguished speakers and also representatives of ICANN governments outside of Europe. And the discussion was indeed very good.
Then also in possess lap, under the polish president, who had organised in May a conference on international digital partnerships and projects which we also discussed and mentioned the importance of Internet Governance and the multistakeholder approach. Also always within the view of WSIS +20 review process.
Our model, our presidency was building the bridges, connecting the dots, making -- connecting the dots in cyberspace. So that's why we thought it was very good in the discussion to involve not only the experts but also diplomats.
So that's why the EAS -- European External Action, there is the Digital Diplomacy Network present, which gathers 27 EU digital ambassadors. So we organised two onsite meetings of this network.
One of the teams which were discussed also among the digital ambassadors was also the WSIS +20. WSIS +20 review. One we -- one took place in Brussels and another back in Poland (?), where we had also a good presence from other country representatives where we could exchange other joint approaches and understanding of the ongoing global processes.
Last but not least we have also involved with other stakeholders, very important, which was the ICANN who kindly provided us with the workshop on Internet Governance. So we had a very good turnout from the cyber shares so I'm taking the possibility to thank you also. Because I see among the panel there is Elena who is a representative of ICANN and we had a very good discussion around the round table which we organised but in Brussels with the process and multistakeholder was mentioned many times.
So I would also like to mention that we are also the Elements paper has just been published five days ago. Which addresses many issues. But also including cybersecurity being a critical compliment to confidence in the use of the ICT. And now we are analyzing this in the case and of course the discussion on that will follow.
The other thing I would also mention and draw to your attention, last week, last year, in April, the European council has asked the European commission entity, European external action service for this external strategy for the European Union, which has been published a couple week ago. This is the join communication from those two institutions.
The document is available online, and it's public. So whoever is interested, it can be read through. But there is also indeed a very important compliment of Internet Governance and multistakeholders. So indeed it is also worth making familiar with that, but also -- apart, of course from digital partnerships and cooperating with like-minded countries and other regions and states and organisations, the Internet Governance also has its place in the external EU digital strategy.
And last but not least I would like to mention also the focus, which we have towards the involve -- of youth but for the different processes and the technology importance which are now taking place and the influence of the technology over young people's lives and their thinking perception.
So we also put very important stress on that, that the young people who will be there legislatures and policy makers, basically they are very important in this ecosystem to play an active role. That's why, also during the digital summit which took place last week had a meeting of the very engaging, active and interested in the digital work. Young people with high representers of the European commission.
And this, I have to say, the discussion with the executive president went very smoothly and it showed how the young people, they are aware of what is going-on-the internet and how it can influence their lives, including subject topics like disinformation, AI and others.
So with that, this was just a brief overview from my side. I'm sure that my other colleagues took a deep dive on the more legal issues on right into cyberspace. So thank you so much. And at the end I will be open for any questions and comments you may have.
>> MODERATOR: Thank you so much. That was a comprehensive overview of presidency and its work around the multistakeholder model and support for the WSIS +20 as well as the processes themselves.
In your intervention you mentioned ICANN, and it is my pleasure to hand the floor over to our next speaker Ms. Elena Plexida, who is a representative of ICANN. She has a long standing experience for policy making and policy development and most recently facilitating the cooperation between governments and the broader ICANN community. I have had the pleasure of working with Elena on multiple occasions before. It is my great honour to welcome you to the panel today, Elena.
We have kindly asked you for the purpose of this panel to bridge that divide between Internet Governance and International Law. It is one of my favourite join favourite topics. And I know have you a feasible and understandable way of why multinational law might help with Internet Governance for the multistakeholder perspective. Thank you so much for finding the time and for discuss. It is my great pleasure to hand you the floor.
>> ELENA PLEXIDA: Thank you very much, everyone. Hello, everyone. I hope can you hear me okay. Before I start, and I had the pleasure of hearing Anna, a person I worked with over the last months fantastically, but also before. Let me thank the polish president of this moving with this year but also beyond that and thank the president for the work they did on Internet Governance during the semester for the special care the president took to involve all stakeholders and really helping connecting the dots, which is necessary, I think, if you ask me for my background. Multi-policy making the classic way in European institutions but also the multistakeholder policy. It's an absolute must. So congratulations for the work you did in that space overall.
Right. On the topic at hand. Multistakeholder governance and International Law. I think I would say to talk about multistakeholder governance and International Law. What it is that we are talking about. And see how this fits or not. It's a discussion.
We think today's International Law, within the international order and the way we do things. And then see how it interacts with the International Law. So let's do. That try to define what it is we are talking about. What is multistakeholder governance that we are talking about and how it fits into the way we do thing otherwise in the world.
You know that I work for ICANN, it has been mentioned already. ICANN is one of the organisations that help maintain what we know as the global internet. It's a family of technical organisations. You have the IGF and the regional internet registries, not just one organisation. It's not just one. They do -- what we say they maintain the fundamentals. Those that give you the network layer of the internet tend to have a global internet. I'm not a technical person, hen the way I describe it actually is we maintain some common technical language so all the things and devices on the internet they use the same language, which is unique.
Because of the uniqueness and the same technical language they can find each other. And that's how have a global internet. Otherwise we have a different segment, left and right. So this is what we do. Now how we do it? How we do it goes back to the multistakeholder governance. And if you think about it, and I stand to be corrected here, internet is really a public resource. I said that -- I stand to be corrected here, because at least to my knowledge, I'm not aware of any other public resource or public good, if you will, that is governed the way the fundamentals of the global internet are governed.
Usually what you have is -- let's take the example of Spectrum. Have you a global organisation composed of governments. And you have governments sitting there in the sovereign right to do that, to make the decisions about how to govern a public resource.
In the case of the global internet, the fundamentals and identifiers of the internet, it doesn't work exactly that way. We have government sitting there. But we have everyone else sitting there on an equal footing so stakeholder and engineers. Those who know how standards work. Civil Society and others, they sitting to and make decisions collectively.
The decisions in what about I'm to say, multistakeholders in the global government is decision making. You don't just have stakeholders that are consulted. There is decision making. In the case -- I can think of ICANN as an example, this decision making that is done by the technical community changes things, can change things, like the very root of the internet. So you can imagine the gravity and the importance.
Now the global internet, the fundamentals of the internet, they know no borders and they should know no borders otherwise we wouldn't have a global internet. So you can say in one way that the governance that is applied on the global internet is consistent with the system we are trying to govern. It's a global system. So also the governance, if you will, in a way, it's outside of sovereignty. By not having governments alone making the decisions, it operates in a different way. My generation when I say outside government, the way I perceive it at least. There is no exercise of sovereign right access.
Another reason, to be honest with you, that I think -- and that's my personal take, that we have this special governance, the multistakeholder governance model that became the way it is today. I believe it has to do also with the point in time when the internet became what it is today. The internet grew at the point and time when we were moving to stabilization. We liked each other. There was a collaborative atmosphere all over the place. And I think this is reflected in the convention and also the government. As I said before it's quite special. It's left in a way.
Now of course the world is not the same place as it used to be. There are geopolitical intentions. And that itself is a topic of another panel discussion. So I will have to leave it here. And to continue, and suffice to say the multistakeholder governance when it comes to the global internet, as much as it's nice at the beginning, it's not a nice to have, it's a must have. Because it enables and protects the global internet.
Now going to the question of how multistakeholder governance affects or how it interferes in things and their place with International Law. As I said we have multistakeholder governance where everyone is sitting around the table. Decision making -- I will say again it is decision making. So everything that has to do the with technical standards, the broadband internet is done through. That this is something we should always keep in minute, particularly if we are to design International Law frameworks in the future. We have to remember this particular light of how the internet works and how the regulations need to work.
That doesn't mean anything is happening in a vacuum, there is nothing to do with international. No, it's completely separate. No, we don't have a vacuum as I said. Technical communities are there to yes, create policies and other standards which keep the internet stable and secure and global. But they are not there to interpret or draft International Law. Incident law has to be given by the actors given. It helps the policies of the technical community. For example there are issues that the technical communities are discussions outside, which have to do with registration of domain names and how to hold privacy when it comes to registration. Registration or other issues. How to enable cybersecurity. How to combat abusive use of the domain names.
We may be using spam, what have you. They are having a legal basis by International Law is super important, to be able to have some policy also within the technical organisations. Because imagine the situation where we have -- I don't know, one jurisdiction looking to an issue in one way and implementing a law. And the on the other hand another jurisdiction implementing the Compaq opposite. And then the technical community -- it would be madness. They could not put in place rules that will help.
And the other way around, how the multistakeholder governance and policy making would influence, if you will, impact or have some sort of impact on International Law.
I think I would say here that having International Law being incorporated the way it needs to be case by case into technical community policy making means that we sort of have a level setting for the International Law. It furthers its obligation globally. And I will again here quote Maciej who said at the beginning laws are not good enough if they do not work beyond borders. And I would say that the multistakeholder governance with its global reach then furthers International Law where it is applied in different policies am I think I will stop here. I'm looking forward to the discussion. Thank you very much.
>> MODERATOR: Thank you so much, Elena. That was most insightful and very comprehensive as per usual. It's the perfect framework for us to dive deeper into what International Law actually means in this context. We have looked at policy development processes. We have looked at international Internet Governance, per se and it is my pleasure to hand the floor to the next two speakers who will discuss it indeed.
Our first speaker is Helen Popp policy advisor with the Hybrid Threats & Cyber Division external action service. She will talk about the declaration of International Law in cyberspace adopted by EU member states. Now this is a significant achievement, particularly because as much as different states have produced their own understandings documents where they would identify how they read the application of International Law in cyberspace, such a common misunderstanding remains a challenge.
If you are looking for documents, a one-stop shop on how International Law applies in cyberspace, that might just be that document. But I'm thrilled to welcome Helen here. Because I know there's so much more substance, both with the document and the context in which it was approved, elaborated and steps that will follow.
I don't mean to spoil the surprise, and I will kindly ask you, Helen, to take the floor, and tell us as much as your mandate allows you. Thank you so much for joining us.
>> HELEN POPP: Thank you very much, Joanna. It's a pleasure to join in workshop, and I regret that I am not -- that I'm unable to be there in person this time around, but there's always next time.
Yes, as you said I currently serve as a cyberpolicy expert at the Europe external action service. Over the past four years, I have primarily focused on UN negotiations, particularly related to the opened working group on cyber issues but I will come back to that a little bit later.
As you mentioned in November, 2024, their open council approved a declaration by the EU and its member states on a common understanding of the application of International Law to cyberspace.
The declaration is not legally binding and does not effect the national positions of membered states, however it is a common political understanding of EU states on common political topics. However it is the understanding that the common International Law look at the purpose and restates that the open union states will obey certain rules and obligations when conducting activities in cyberspace.
In that sense the declaration is a political and legal instrument but carries legal implications. And when it comes to legal aspects the EU member states have agreed, first that the states have a legal obligation, not merely a political commitment, to ensure that their directories are not used for malicious cyber operations that violent the rights of other states.
This duty prevents states from knowingly allowing actors to operate from or through their directories. And instead requires states to engage in their best efforts to stop such conduct.
In law, this is commonly referred to as the due diligent obligation. As welling to we have emphasize the application of international monitorial law and the use of force and the combined effects of several owners scams, when they canning to be comparable to a use of force. This is especially relevant in the cyber context as cyber operations are mostly a part of a campaign.
EU states have also recognized that states must bear legal responsibility for their unlawful conduct in cyberspace. Importantly the EU common declaration sets out the various legal basis for attributing cyber operations to states. This is an important milestone, as it demonstrates that states cannot escape legal responsibility when they, for example, outsource their unlawful cyber operations to unknown state actors.
But of course there are also political aspects, the EU and member states consider implementation of the EU framework and responsible behavior and the use of information and communication technologies.
Of utmost importance in ensuring an open, secure, stable and peaceful accessible environment. And with the declaration we reaffirm our commitment to the UN processes in cyberspace and the full applicability of International Law to cyberspace.
By putting forward this declaration we wanted to incentivise not only EU member states. By the time we went off the EU, they had their positions, and now there are quite a few more that have put forward their national positions, but also encourage all UN member states to develop and share their issues on International Law and agree that even if they may not have applicability to cyberspace, it is still possible to agree on a set of key legal principals.
To that end, normally states individually or collectively have put forward in the working group their views on development, applicable rules as well as how those rules are to be integrated in the cyber context.
In consumption with the EU2024 declaration on a common understanding of the application of International Law to cyberspace, as well as the African Union common position on the application of International Law in cyberspace, over 100 UN member states have now individually or collectively published their position on the application of International Law in cyberspace which makes an encouraging milestone. It's a completely discussion what the current opened working group has produced in the past four or five years. But for me in one really stands out.
And as a last point, it's also important to note that for us this declaration is not the end of the road. The declaration will likely be updated in the coming few years. Possibly, maybe a little longer but the next years to come, when we can agree on more points or when interpretations are involved. But I will leave it here at this point. Thank you.
>> MODERATOR: Thank you so much, Helen. It's important to emphasize that this is the tool book with which we are trying to facilitator multistakeholder governance. All the norms are there to kindly ensure that the multistakeholder models and the WSIS +20, and as you further highlighted, the further work on the zero ended working draft and plan to action remain visible and remain valid and they do support us in building this community and these bottom-up processes further.
And this brings me to our last speaker, president Lukasz Kulaga, who is a professor and academic on the application of International Law in cyberspace. The question is quite simple, why do states do that? And how does that help us keep the multistakeholder model safe and secure. Thank you so much for joining us, sir, the floor is yours.
>> LUKASZ KULAGA: Thank you, Anna, and thank you for this panel. As I speak the preliminary works from 2021, first to prepare in cyberspace the application. And secondly I would like to mention other possible areas for developing International Law in this area.
Plus my aim is to present possible modest steps that can be made to strengthen cybersecurity, which, as mentioned by Elena is important for multistakeholder governance. So first of all on national statements. Poland has prepared its position in 2022, after two years of processed prolonged due to the COVID epidemic and aggression against Ukraine. And has contributed to the development of the common position of the EU just mentioned.
I acknowledge that preparing such a public statement by a state is a challenging task for a different set of reasons. Firstly, the approach presented will effect not only the legal position of a state in cyberspace, but also -- or perhaps mostly in a kinetic world.
Secondly, outside of the courtroom or diplomatic negotiations, states are usually reluctant to present very specific interpretation of fundamental roles of general International Law.
And thirdly, their international agency process, which is usually required for having a unique position can often be burden Sol. It often requires from Minister of foreign affairs lawyers to explain the potential legal consequence of the use of concrete wording to colleagues from other minute sympathy industries. All of this is usually time consuming and as a result of a document for other general and very specific characters.
Still, having such a position is beneficial for several reasons. They include fostering transparency of the conduct of states in cyberspace. They contribute to interpretation of International Law, either treaty, customary or both.
Finally, such a position adopted by a government can have unity for several national procedures. As it usually concerns general International Law applicable to all fields, not only to cyber. It can be important point of reference for any discussion and decision making processes at a domestic level.
And on the second point, we have to be also aware of the limits of the developing International Law from a national position. Taking into account the collective position of the African Union member states and the European member union states. We can identify around 100 states that have already presented their position, either individually or collectively.
A rather obvious rule of this practice is at least to some extent a variety of interpretations of law. Already existing different interpretations of International Law offline influences approaches for its online application.
Thus I would like to draw your attention to some ideas in this current international practice or Academia that can also help to develop International Law in this area.
First, on the hardware aspect of cyberspace, existing international legal regimes do not adequately protect subset data cables from damage. Nor do they effectively hold perpetrators of such damage accountable.
First, negotiating a new instrument would be also another process. Still the new beginning instrument, even if not accepted by all states, can contribute to criticisation of customer International Law in this respect.
Second, in the UN, the recent three years showed the advisory competence of International Court of justice, that is used more often to solidify international legal framework in the specific areas. In particular currently, deliberating on the question of General Assembly concerning obligation of states in respect of climate change. The resolution it formulating the question was for the opinion to be adopted by consensus.
In the written proceedings 91 written comments have been filed mostly by states. Thus, it is another proof that the general questions can be presented to the international Court of Justice for its explanation of existing law in a particular area.
And third, point also worth reflecting is ensuring the application of International Law in the use of ICTs to the International Law commission. Already in 2008, International Law commission working group considered whether to work on the topic internet and International Law.
At that time the commission has not decided to progress on this issue. Certainly the IOC would be an adequate forum to work on the application of International Law in the use of ICTs as the topic concerns fundamental principals of International Law.
In accord Ann with Article 16 and 19 of the IOC statute, it can refer to the commission topics. Commission -- the potential commission conclusion in this respect could contribute to strengthening legal frameworks in this area. Thank you one more time for the possibility to participate in this panel and I'm happy to engage in discussion if there's an interest.
>> MODERATOR: Thank you so much. This brings us to the ended of our panel. We have heard the plethora of views with regards to the most recent developments on the application of International Law in cyberspace, on Internet Governance, and this is the time for our audience to chime in. I encourage our participants in the room to use the microphones that we have available. And there's also a roaming mic standing right there.
I encourage our online participants to post their questions in their chats or raise their hands. And while you are pondering on those questions, please let me recover a few general points it our speakers. I will ask them to try and answer these scoping questions in the order of their presentations.
I believe the questions to pose here obviously reflect around how the Internet Governance community gathered here in the room can further facilitate bridging this relationship between International Law and cyberspace. We have heard a lot about how states are working on make making sure that International Law indeed is a tool to facilitate multistakeholder governance and the peaceful use of ICTs.
It is therefore for us to try and question how that might be put into practice as we approach WSIS +20. And as Helen highlighted the end of the open working group comes to a conclusion.
I'm going to ask our speakers to think about this question or these issues. But I also see a first question from our floor being addressed. So I'm going to give the floor to our participants to kindly introduce yourself, sir. And specify who you would like to address your question to. Please go ahead.
>> QUESTION: Thank you very much, Joe.
That can you hear me. My name is Walter (?), and I represent the Coalition on Internet Standard Security and Safety here in the IGF system. I heard the lady from ICANN, and ICANN does all sorts of decision on security but they promote mostly DNS securities, the domain name system. With the registries they mostly do routing systems. So serve working in their own silos. So that's comment one. And then you hear the UN system working on high level security and International Law.
But the attacks that happen on the internet usually happen through vulnerabilities that are inside of the device, inside of services, inside of connections.
And what my team is working on is how do we make sure that these flaws are being ended by the deployment of existing, sometimes decinia existing new cybersecurity standards that have come into place of the old ones.
So the question is why are we not addressing fundamental options to end flaws in our systems, which can be done by industry, by using these standards, by deploying DNS security, routing security, building secure websites. But you can't do that within your silo.
So the question is maybe to all panelists, how do we break the silos and come together to fundamentally rebuild the security of the internet together? Because we have to do this together. And it's not one silo solution. So that's a question to maybe all of them. How do we get together and make sure these flaws are ended. Thank you.
>> MODERATOR: Thank you very much about. That that's the perfect question. Because that's the purpose of this session. We are trying to figure out how to bridge the high level conversations that aim to stabilizing security of the network with the bottom-up processes that ICANN has managed in facilitating so successfully.
I see Elena's hand is up. And it does feel like the question was primarily addressed to you. And I'm happy to give you the floor. But I will give all of our panelists a chance to address that question. Thank you for posing it. Elena, the floor is yours.
>> ELENA PLEXIDA: That is from my perspective one of the technical organisation, and thank you for the question. As the question highlighted it's not one that has to provide an answer to all of us. How will we get the silos. So indeed one issue that you might say, we have in this space, when we are talking about giving up our silos. Perking my, liking ICANN, for example, we have a specific mission which is in our bylaws, and we condition go beyond. That.
For example, problem on the cyberspace, they mostly have to do with the content level. You have some that have -- target the technical layer of the internet. Which is what ICANN and the IGF are working but when it comes to content, I cannot get there. So when it comes to the question, I agree it is a very good point. How do we get out of our silos. Obvious reply we they'd to find a space to have those discussions.
I would like to give you an example that recently came out -- not from the ICANN community. ICANN has a specific community they are there to make points for the DNS. That's. It but players within ICANN. So domain name system operators and IP address operators, they came together in a form that they created themselves with content providers.
And this is not a dialogue that happens that often. But I'm raising this as an example what have can be done outside or further to think about how -- because it takes all of us. It takes a village. It's not one thing fixes all. For example, just by promoting DNS, fixing it everywhere around the world, that doesn't mean we have solved all the problems of cybersecurity discuss. Thank you.
>> MODERATOR: Thank you so much, Elena. This is precisely why we are having this conversation, to make sure these are parallel dialogues not just join. Elena has supported a meeting -- ICANN, she has kindly led the work on ICANN regulatory meetings jurisdictions and updating us on all the regulation around the globe that might impact the way that the technical community facilitates and operates. And these meetings over the past year have been happening monthly. So if you are interested I'm more than happy to answer questions and provide more details.
I'm going to check if any of other panelists -- I feel like he touched directly at the core of our purpose here. How do we bridge the silos. I will check with our onsite. Lukasz, please go ahead.
>> LUKAZA KULAGA: Thank you, how do we getting to. I would say it's macro level on the International Law than on standards. But what I tried to say is that I see the lives offed certainly on inch law but on statistical statistics they could also be functional. That is why in the last part of my presentation I tried to indicate that perhaps one way to go forward is to at least, to some extent, transfer the possible answers to other institutions such as -- that I mentioned, for example, International Law commission or international Court of Justice. Thank you.
>> MODERATOR: Thank you very much. Maciej, please go ahead.
>> MACIEJ GRON: If I may, just a few words. Joanna has mentioned about most of the polish presidency. Let's bridge the gap. I know it's only a model but it's not easy for this deny on an engineer level to say much more. Because you know, the order is not only about the inclusiveness, it's about effectiveness. And we cannot find -- I don't think we can leave this model. It's crucial to be still in this model.
Of course when we are discussing the thing which are very specific we have to work with professionals, knot -- open doesn't mean that everyone can say everything. But it is the only reason, how can we cooperate.
>> MODERATOR: Great answer. Thank you very much. There we G.M. I see Helen's hand is up and Elena's hand is up. Helen please go ahead and I will give the floor to Ellen am I do have one question if the chat I will move to the remote monitor next. Please go ahead.
>> HELEN POPP: Thank you very much. Maybe just to compliment what was just said. The key challenge with respect to the application of International Law in cyberspace is the fact that the relevant rules of International Law that regulate state conduct in cyberspace are inherently quite abstract. And therefore need to be interpreted in light of their objective and purpose. Key challenge is tone sure that states interpret those rules by in large in the same manner, a challenge we face today is not so much that states interpretations very significantly but rather that too many states have thus far remained silent in this question, and therefore we do not know where they stand on those issues.
Therefore we need the trend of adopting national, regional positions to continue. And next logical step will be to streamline views and enter expressions where necessary. Thanks.
>> MODERATOR: Thank you. Anna, please go ahead.
>> ANNA PODGORSKA-BUOMPANE: If I may add I will subscribe by what was said by the panelists, but I would also like to say that during the polish presidency cybersecurity was very high. High, so indeed we had a lot discussions in the council among the member states. And just to draw your attention to the fact that the six that have joined, telecom council has adopted the blueprint, EU blueprint to better manage the crisis and incident. So it is public. And it is important -- it shows how important it is to have this special kind of guidelines to member states to enhance the broadness and protection capabilities.
And a respond to cybersecurity incidents, so I encourage everyone to read it through. But what is also very much important, that while speaking about the -- some kind of the acts it is important to stress that we cannot apply the efforts. And having the new structures, but rather to be on the existing and have them while working together.
So this is just that.
>> MODERATOR: Thank you, Anna, this is why we are raising this in the IGF. An existing platform with decades of experience.
That's appropriate to do. So my job today is also of a timekeeper. I have been warned of 10 minutes remaining. I have been warned that the lights will go out when the time is out. So we don't want to do. That I will go to the remote facilitator, Mr. Skwarek, to take us throw the chat. And I will fin those of you who might wish to address. It Mr. Skwarek the floor is yours.
>> ONLINE MODERATOR: We have a question online from Luke, and how can we ensure the governments and law agencies don't intend to circumvent the treaties by forcing international actor to abide by laws and practices.
>> MODERATOR: Thank you. That is a very interesting and practical question. A loaded question as well.
There's a little bit of politics in there. I'm not sure who of our -- Elena, thank you so much. The technical community has much more freedom to discuss political implications. Please kindly take the floor.
>> ELENA PLEXIDA: I'm not sure if it's the freedom or maybe speaking from experience.
>> MODERATOR: There you go.
>> ELENA PLEXIDA: And that question from Luke is really relevant and not that easy to answer. Not a straight forward answer or might not even be effective. So I would say from one hand you have to make sure that in the dialogue or whatever it is there build before the policy making all the voices are heard. And this goes back beauty and the relevance of the multistakeholder -- or the multistakeholder discussions. We are not talking about decision making but the consultation. So the safeguard that the Civil Society or the academics can bring around human rights. They are absolutely essential.
If you can imagine a discussion or debate living up to policy that is dominated by law enforcement or by doves also. It's natural you would only have one side of the story. That's one way to make sure thing not go in one direction or another direction. You need to maintain the balance.
The other thing I would say is the role of the technical community there. There has to be involvement in the sense of technical experts are also needed to explain things. Explain how things technically work because we have seen often that policy makers are rightfully so trying to address an issue. The problem, there is a problem at the content level by intervening at the technical level of the internet or intervening at the multistakeholder policies which if you ask me it's actually not consistent with championing the multistakeholder approach.
So if we excited to go to those things and give input, I think it's one way to try to ensure that things do not go south.
If I may, just for one more minute, I have an example to say here which comes from the council of Europe, I would. The council of Europe at some point in time, pretty recently, you might recall worked on the additional protocol with the convention.
And that goes back to what I was saying that inch law is useful for the multistakeholder policy making. The multistakeholder policy making is there are not standards for the technical foundation of the internet. But we need a legal basis for things to happen beyond what is there.
The protocol to the convention gave a legal basis which had to do with operators, in case of cybersecurity problems, being able from -- sorry, law enforcement agencies in one jurisdiction being able to ask for information relevant to a search. From another level in other jurisdiction. That is helpful. That enables also the ICANN community do things. But without a legal basis you cannot do. That why am I raising it as an example. Council of Europe did the connotation and the adjusting of protocol. Of course this is just one Article relevant to ICANN in a way that was just putting in place what was needed to help, i.e., the legal base skills.
We are taking the extra care of not including the multistakeholder policy making or not circumventing other rights -- if anyone has the time to look at the memorandum, it gives the whole thing. But it can be done. That's what I'm trying to say with this example. Thank you.
>> MODERATOR: Great, thank you so much. Mindful of the time. I will check if anyone wishes to chime in on that. Lukasz, please go ahead.
>> LUKAZA KULAGA: So on the enforcing of the law and by passing treaties the one issue that -- as Elena mentioned with respect to the cyberspace we have only treaties on the criminal cooperation. So the Budapest convention and the UN cyber convention. So there are some treaties but not all of them are in force but there are treaties in cooperation on these area matters.
But in general I would say that the answer is of a general nature. So if a state makes an effort to enforce its domestic law, then it is up to the state of the national to protect him against this action of the third state. So here I would come back with this sovereignty. Sovereignty can be -- I understand problematic for some elements of Internet Governance. But with such a situation, it's also the sovereignty that would protect this national, not to be bound by the law of the third state. Thank you.
>> MODERATOR: Great. Thank you. Wonderful I think that's the perfect summary how the general links are very specific. We do have the norms in place. Our timer has now gone into a red mode which implies I should be wrapping us up. And I'm happy to do. That thank you so much for taking the time to join us. Someone once told me that International Law is boring. I refuse to believe that and I hope we have been able to convinces you that there are so much potential in the general norms and how they impact the every day internet usage of every day internet and users. Thank you for taking the time for being here.
All of our speakers, I am certain, are available for you to follow up with. Me myself personally I'm more than happy to answer specific detailed questions. This is what we do, both within the ICANN community and beyond. The polish presidency has gone a long way making sure that cybersecurity is relevant to European and international policies. We tried to emphasize that in this session. We are all available for feedback. And what I will do -- I would like to thanks, first of all, Wiktor Skwarek for getting us here and Wiktor was wonderful for making sure we stay on the agenda and on time.
And my sincerest thanks to all of my speakers, an narc Elena, Helen and Lukasz. Maciej would you like to wrap us up?
>> MACIEJ GRON: We shouldn't have provided a solution because it's impossible to find one solution and not enough.
>> MODERATOR: Absolutely. That's why we here at the IGF. Thank you so much to our speakers. Please join me in giving them a hand. Thank you, everyone. This session is adjourned.
(Applause)
