- Livecasts
- Let's talk cyber
- Confidence Building Measures
Confidence Building Measures
This session will provide an opportunity for the multi-stakeholder community to briefly exchange about the crucial role of existing confidence building measures (CBMs) in the normative framework of cybersecurity and their effectiveness in reducing the risk of misunderstandings and conflict; categories/types of CBMs and significance of UN Group of Governmental Experts (GGE) in formulating recommendations for CBMs at a global level. Participants can also discuss possible options for adopting additional CBMs at a global level; have an exchange of best practices.
The session will open with presentations and kick-off remarks from co-chair partners. The following discussion will be guided by a set of questions circulated to participants closer to the date.
Presentations by state and non-state co-chairs will address the following topics:
- How do regional organizations approach the development in implementation of CBMs at the regional level? What are the fundamental similarities and differences?
- What did OSCE and OAS deliver in terms of CBM implementation and cross-regional information exchanges? Views of non-governmental stakeholders.
- With respect to the draft “CBM” section of the OEWG pre-draft report (points 45-52), are there any notable omissions, or statements with which you disagree? The role of non-state actors, NGOs, tech companies, etc. in the implementation of CBMs, the outreach activity of international organizations towards them.
After an open discussion with participants, wrap up and next steps.
This session is co-chaired by:

Amir Mokabberi
Tehran University
Q: Please add my written intervention to summary report of this session. We should work more on new balanced additional CBMs package including: 1.Definition of CBs for global tech and digital platforms as well 2.Solving the issue of global internet governance in all aspects of cyberspace specially security 5.Special Ethical framework for cyberspace 4.providing Security by design label and multilateral certification mechanism for digital products and services by the ITU 5.Principles, rules and norms package on responsible behavior of global tech and digital platforms, 6. Stablishment of multilateral mechanism to reach international legally binding instruments needed for digital space in data, governance, security and... 7.We need a global declaration on peaceful, development-oriented and civilian cyberspace as a CBM 8.Prohibition of imposing unilateral digital sanctions on other nations in area of investment in ICT infrastructures, digital technologies, digital resources like IPs and DNS system and access to networks that are key barriers in achieving national development goals using ICTs and definitely constitutes human rights violation in cyberspace. All of CBMs that I proposed have a vital role in building and promoting trust and confidence between all players. Global Digital platforms and tech companies are new geopolitical entities even more powerful than some states and really need new CBMs framework at international levels. Many thanks
Amir
Tehran University
Q: We should work more on new balanced additional CBMs package including: 6. Stablishment of multilateral mechanism to reach international legally binding instruments needed for digital space in data, governance, security and... 7.We need a global declaration on peaceful, development-oriented and civilian cyberspace as a CBM 8.Prohibition of imposing unilateral digital sanctions on other nations in area of investment in ICT infrastructures, digital technologies, digital resources like IPs and DNS system and access to networks that are key barriers in achieving national development goals using ICTs and definitely constitutes human rights violation in cyberspace.
Amir
Q: All of CBMs that I proposed have a vital role in building and promoting trust and confidence between all players.
Amir
Q: The Global Digital platforms are new geopolitical entities even more powerful than some state and really need to have new CBMs
Jonas Grätz
jonas.graetz-hoffmann@eda.admin.ch
Q: @Amir - I think those proposals are not related to the CBM discussion. CBM are not about principles or legally binding, but a process to build confidence and trust.
Amir
Tehran University
Q: What about new additional CBMs? 6. Stablishment of multilateral mechanism to reach international legally binding instruments needed for digital space in data, governance, security and... 7.We need global declaration on peaceful, development-oriented and civilian as a CBM cyberspace 8.Prohibition of imposing unilateral digital sanctions on other nations in area of investment in ICT infrastructures, digital technologies, digital resources like IPs and DNS system and access to networks that are key barriers in achieving national development goals using ICTs and definitely constitutes human rights violation in cyberspace.
Jonas Grätz
FDFA Switzerland
Q: @Dan: Great to "see" you here and yes CBM4 is another good example of how CBMs can enhance cooperation internationally. Looking forward to an update of the joint work you're doing with Kazakhstan!
Dan McBryde
Canada
Q: great session everyone, just to note that Canada plans on publishing its views on how international law applies in cyberspace sometime in 2021 (to respond to Louise Marie's suggestion that States do so - we agree!) and that Canada is championing OSCE CBM 4 with Kazakhstan. This CBM aims to share information to ensure an open, interoperable, secure, and reliable Internet. Kudos to the OSCE and other regional orgs for their key role on CBM development and implementation.
Amir
Tehran University
Q: What about new additional and balanced CBMS? 1.Definition of CBs for global tech and digital platforms as well 2.Solving the issue of global internet governance in all aspects of cyberspace 3.Special Ethical framework for cyberspace 4.Security by design label for digital products and services by ITU 5.Principles, rules and norms package on responsible behavior of global tech and digital platforms (to Szilvia Toth)
Chris Painter
GFCE
Q: more a comment: Thanks for the reference to the GFCE work. We hope to continue to help this effort by helping more countries and other stakeholders understand and implement CBMs as well as other measures and look forward to any suggestions from this community.
Jonas Grätz
FDFA Switzerland
Q: @Vlada, @Sheetal: Serbian example needs to be put in the context of the "adopt a CBM initiative" that has been highlighted by Peter. This initiative is very useful in mobilizing both domestic collaboration of the adopters and also generating more international cooperation by assigning responsiblity for implementation to a concrete state or a group of states. So in a way it achieves both multi-stakeholder collaboration and international cooperation.
Louise Marie Hurel
Q: The link to the GFCE document that Peter just mentioned: https://cybilportal.org/wp-content/uploads/2020/05/GFCE-CBMs-final.pdf
Sheetal Kumar
Q: @Vlada - thank you! That's a great example :) It would be good to collect such examples from other countries/regions too I think?
Sheetal Kumar
Q: Thank you, Pablo! It seems like the answer is "yes, a bit. Some more so than others, but a lot more to do." Appreciate the insights :)
Vladimir Radunovic
DiploFoundation
Q: @Sheetal it seems CBMs work better than norms and int. law (which is not hard, though :) Looking at some direct follow-ups on CBMs (and also EU's NIS) here in Serbia, I would say that even mere appointment of contact points and participation in IWG helps establishing trust and cooperation with other states - and stakeholders - on practical levels. Yet, potentials are way bigger than currently explored.
Q: You can learn more about some of the Dialogues that Louise Marie Hurel mentioned here: https://eucyberdirect.eu/events/
Jonas Grätz
FDFA Switzerland
Q: In the OSCE we are actually also working on making crisis communications more rapid and reliable. There is a communications network that has been used for ages for mil-mil messages, which is now also readied for use with cyber-related messages. So our wish is that it is not only about building up confidence in advance, but also to have more reliable channels for crisis communications by making communication channels correspond to a rigid protocol. (to Szilvia Toth)
Sheetal Kumar
Global Partners Digital
Q: Few (provocative?) questions: Do CBMs work? Do we have evidence for that? Is implementation being tracked/is follow up/reporting happening by regional organisations and at the national level? What's the role for non-governmental stakeholders in helping with that?
Debra Decker
Q: How could confidence-building measures work to support accountability/attribution? Have any best practices in attribution been developed, e.g. in GFCE, Interpol? Debra Decker, Stimson Center
Jonas Grätz
FDFA Switzerland
Q: Important discussion about multi-stakeholder inclusion in the domestic context. However, in some countries this is not a common approach. I wonder how we can arrive at a more uniform implementation of multi-stakeholder inclusion. The CBM paper shared by Annalaura / TechAccord is an important step in this direction, as it contains also recommendations for governments in this regard. I am wondering - we are currently running the Geneva Dialogue on Responsible Behavior in Cyberspace (https://genevadialogue.ch/), where 16 global corporations discuss their contribution to norms implementation. Would it be useful if we would also try to develop a common position on the utility and ways to include business and other stakeholders ? (to Louise Marie Hurel)
Annalaura Gallo
Q: Important point by Pablo about connecting CBMs to norms implementation. We touched upon this issue in the Tech Accord paper on effective CBMs for cyberspace aimed at informing the OAS work in this area https://cybertechaccord.org/uploads/prod/2019/04/FINALOASWP.pdf
Jonas Grätz
FDFA Switzerland
Q: Question also to Szilvia: Discussion in the UN fora is moving towards multi-stakeholder engagement (OEWG, new OEWG, PoA...). Will this also have an impact on OSCE CBM process in your view? (to Péter Tamás Horvath)
Q: Dear Participant, You can type in your questions and comments here. Thanks!
Velimir Radicevic
OSCE Secretariat
Q: Link to Permanent Council Decision No. 1202: https://www.osce.org/files/f/documents/d/a/227281.pdf (to Szilvia Toth)
Q: It seems that most states generally agree on the importance of CBMs. For example, the international community has been promoting PoCs and the exchange of information for decades now. However, the reality is that when cyberattacks occur, CBMs are not used so much. Beyond diplomatic agreement on their theoretical utility, how can we promote the actual use of CBMs?
Q: Dear Participant, Welcome to this session. You can tweet using #UNcyberOEWG & #LetsTalkCyber
About the Organiser


About Let's talk cyber
