As cybersecurity concerns edge higher on policy agendas worldwide, establishing ‘rules of the road’ for cyberspace has grown more challenging. International cyberspace meetings have multiplied, and the views expressed within them are, typically, divided. In 2015, the Netherlands will host the fourth international cyberspace conference in The Hague. That summit is the next in a series of events—previous conferences have been held in London, Budapest and Seoul—that flow from then UK Foreign Secretary William Hague’s proposal at the 2011 Munich Security Conference ‘to consider how to reach international agreements about behaviour in cyberspace.’ It’s time for Australia to start thinking about what it can bring to the table in The Hague.
Last Tuesday, a Dutch delegation led by Uri Rosenthal, special envoy for the 2015 International Conference on Cyberspace joined ASPI’s International Cyber Policy Centre for a roundtable discussion with a cross-section of representatives from the Australian government, private sector, NGOs and academia. Two strong themes ran throughout the meeting: the need to encourage multi-stakeholder views from industry and civil society in cyberspace discussions, and the importance of moving beyond simple awareness about cyberspace issues, to ‘putting principles into practice’ and building cyber capacity.
The last meeting hosted by South Korea covered a range of issues, with a particular focus on the role of developing nations in cyberspace debates. One major criticism of the Seoul conference was that there was a disproportionate degree—in number and influence—of government voices. ICPC Director Tobias Feakin wrote in a firsthand account that ‘there was a distinct lack of world leading industry figures alongside the Government representatives, meaning that it was a largely state-led focus for the headline panels’. As is the nature of politics, foreign ministers used the conference as a soapbox to talk past each other.
As Australian Foreign Minister Julie Bishop stated in Seoul, ‘governments are not generally the best or first place to look for solutions to the internet’s challenges.’ The best means to build an open and secure Internet is through a multi-stakeholder approach, encouraging civil society, academia, industry and the private sector to be involved. But it’s a paradoxical situation, wrote Tim Maurer and Camino Kavanagh on Cyberdialogue, ‘that the conference hosted by governments supportive of broader participation in discussions on cyberspace, is increasingly being perceived as dominated by, and reinforcing of the role of governments.’
In light of the challenges posed by the Seoul conference, a clear aim for The Hague conference should be to foster a diverse community of stakeholders actively involved in shaping cyber policy. While this multi-stakeholder position is not universally held, it’s hard to ignore the role that the private sector and civil society have had in building the Internet, and the role they’ll have in the future (PDF).
Accompanying efforts to expand the discussion, another aim should be to move from awareness about cyberspace concerns to building cyber capacity. Transitioning from discourse to outcomes is likely to be an overarching objective for The Hague meeting. It’s promising that the Netherlands has already shown leadership in this area. In their 2013 National Cyber Security Strategy (PDF) for example, one aim is to develop a ‘cyber diplomacy hub’ that gathers multidisciplinary knowledge about conflict prevention and cyber operations to create new solutions for international cooperation.
Australia is well placed to help build cyber capacity in regional states. Recent efforts in conjunction with Malaysia as part of the ASEAN Regional Forum workshop on cybersecurity earlier this year show how regional engagement, matched with practical confidence building, can promote an open and secure cyberspace. Five areas for Australia to assist in regional cyber capacity building have previously been outlined here.
Australia can also encourage multi-stakeholder views in time for The Hague conference. Many non-government voices within Australia have a role in cyberspace debates and encouraging them to outline their role and aspirations is a good start. That could be achieved in a consultative process, the outcomes of which the Australian Government and private stakeholders could take together to The Hague conference.
The key question for the 2015 conference is whether it can it bring together diverse, and potentially irreconcilable, views on cyberspace, and manage opposing opinions while delivering real outcomes. It’s a big ask, made even more pressing due to rising cyber threats and increasing Internet penetration. At the least, the conference objectives are ambitious. And with the future state of cyberspace at stake, that’s a good thing.
Simon Hansen is a research intern in ASPI’s International Cyber Policy Centre. Image credit: Luke Wilson, ASPI.