International law online: progress in UN yet many questions remain
Dr Ellen Strickland Chief Advisor International •
In a world where cyber attacks between states, and other Internet related disputes between countries, are growing, issues of international law and the Internet grow more complex by the day. While there is now widespread agreement among countries that international law applies online, figuring out what that means and how that will work is a much tougher task.
The issues at stake are complex and have recently been captured in hard-to-understand United Nations processes. But they have implications for everyone across the world, as cybersecurity concerns by countries escalate globally, and the issues involved pose economic, social and personal risks for all.
In this blog, I’ll share a run down of what’s happening around international law and the Internet, both in the UN and in New Zealand (including a range of links for those keen on a deeper dive!). And I’ll talk a bit about the approach I hope we will see going forward.
International progress
This past weekend the United Nations Open Ended Working Group (called the OEWG — because acronyms!) on ICTs and international security adopted it’s final report by consensus. The consensus adoption of this report is a big win for a process filled with disputes and controversial international law-related cybersecurity issues. The meetings of this group of governments over the last two years have seen complex and controversial negotiations among a broad and diverse set of countries.
Having a final report that reflects the views of such a broad range of states is of real value in efforts to explore state behaviour and coordinate action internationally. More information on the OWEG and other United Nations work in this area, an experts working group, can be found here.
An exploration of the complexities of these processes in the UN, and how they might be advanced, can also be found in this blog from Wolfgang Kleinwachter. It notes, “...we live in a divided world where different value systems co-exist. In this divided world, we have one Internet. There is no alternative to the complicated and burdensome process to sit together and figure out how arrangements can be made among partners that are also competitors and adversaries in an interconnected world.”
Acknowledging the progress of these processes, so many questions remain around how International law applies in an online world. It’s a tricky question, because most international law was created before the Internet, and agreeing that it DOES apply and HOW are quite distinct challenges.
Currently, countries don’t have agreement on how to interpret and apply global legal frameworks in the age of the Internet, including around cyberattacks, obligations to protect and respect human rights online, and online business. With the myriad of online aspects of our lives, especially in a global pandemic where the Internet is more critical than ever, understanding the challenges of international law and the Internet is more urgent than ever.
One of the often lauded characteristics of the Internet has been its ability to allow ‘permissionless innovation:’ without legal hoops and frameworks applying to its growth and development. Could the application of international law hamper this?
And for us, what does it mean for New Zealand and for New Zealanders, who in this pandemic are relying almost entirely on the Internet for our connections to the outside world, and at times for connection with each other?
New Zealand approach
Related to the OEWG process, at the end of 2020 the New Zealand Government made a statement on the application of international law to state actors in ‘cyberspace’, which includes the commitment to International law applying online as it does offline. But what does that mean, for example when responding to malicious cyber activity coming out of other countries or for New Zealand sovereignty online, more broadly?
Getting countries to put down their interpretations, in writing, on this topic is something that can help us understand the different perspectives and find a path forward globally. Or at the very least help us to navigate a turbulent area without consensus.
Analysis in Just Security noted that “New Zealand is to be applauded, not only for offering its views on the applicability of international law in cyberspace, but also for doing so very constructively.” It says the effort to highlight where the law is unsettled “advances the international dialogue by encouraging states to take on the tough topics”.
A digest of the New Zealand statement highlighted the point that extraordinary care must be taken when ‘applying established rules and principles appropriately to the multi-layered context of cyberspace,’ with the examples of territorial sovereignty and the rule of non-intervention as topics needing careful consideration.
Noted in analysis of the statement, in the Kleinwachter blog above, was New Zealand’s ‘willingness to explore collective countermeasures,’ as well as reference to ‘like-minded countries.’ This raises the question of what would collective action look like? The prospect of agreements and frameworks to interpret and apply international law, with those countries with similar views, needs exploration.
Importantly, the question of non-state actors and what their role might be, relates to this. Would other parties be a part of collective action and counter measures envisioned? What is the role of the broader Internet community?
Beyond multilateralism
While this OEWG process, and statements which provide clarity around state positions such as New Zealand has published, are important exercises in multilateralism, it is not states alone who have the understanding of the complexities and impacts of the important topics being explored.
Other actors, not just ‘state actors,’ involved in cybersecurity more broadly, such as businesses, the technical community users, and researchers, can play a vital role in understanding and answering the questions on the table now, and those that will emerge in this developing field of negotiation.
This inclusive approach, sometimes called multistakeholderism (as opposed to multilateralism just between states) has been introduced to parts of the OEWG process itself. New Zealand and some other states, and companies have also advocated and submitted to the process. Microsoft, as an example has lobbied for broader input into this important work, for themselves but also broad stakeholder groups.
In an important step for a UN process, civil society as part of the OEWG, with support of countries and other stakeholders, provided feedback on the process as well as a statement on the report.
There are a lot of questions remaining, and consensus is building that a purely multilateral approach to these issues is not best to unpick the challenges, or the solutions. I believe it is also important that New Zealand lead the way domestically in inclusive conversations on these issues.
Towards this, at InternetNZ (and online!) this Friday I will be facilitating a lunchtime discussion forum to explore how the New Zealand government thinks the challenges of international law and the Internet can be best navigated. It will be a conversation with technical experts, civil society and researchers on what it might mean for New Zealanders.
Speakers will include participants from the Ministry of Foreign Affairs and Trade, the Department of Prime Minister and Cabinet, and representatives from the tech sector, legal and academic. If this is a topic which interests you, please register to join us for this conversation.
You can register here: https://international-law-and-the-internet.lilregie.com/
A blog from Ellen Strickland, InternetNZ's Chief Advisor, International