Former Estonian Minister of Foreign Affairs Marina Kaljurand on Cybersecurity Norms

When it comes to developing norms and laws around cybersecurity, former Estonian Minister of Foreign Affairs Marina Kaljurand (F95) said the process must be a more inclusive one.

“Once the cyber domain has become accepted as an integral element of any approach to international security and national security, it’s not one that states can effectively manage alone. Given that the cyber realm does not have borders, international cooperation is of utmost importance,” she said.

Kaljurand spoke Friday at The Fletcher School’s new Center for Law and Governance’s (CILG) conference, titled “Protecting Civilian Institutions and Infrastructure from Cyber Operations: Designing International Law and Organizations.”

“Unfortunately, attempts to foster such cooperation at the international level seem to have reached an impasse or a standby, at least for the time being,” Kaljurand said.

The former minister reflected on the failures of the 2017 United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (U.N. GGE), and explained how getting consensus from a variety of actors can be difficult task.

“I understand it’s impossible to negotiate with 198 states in the same room—it was very difficult even with 25—but the process has to be inclusive so that all states that want to be part of the discussion should have the chance to do it,” she said.

Kaljurand pointed to the lack of will to reach an agreement that would bolster international laws and norms in the digital space in last year’s meeting. In previous U.N. GGE meetings, reports introduced legal principles to the cyber domain and created principles of responsible behavior for states in cyberspace. The U.N. notes that while the “reports are not legally binding, they carry significant influence in the field of global cybersecurity.”

“There was one field where states and governments were not ready to make any progress: that was international law,” she explained, while acknowledging that they did make progress in the areas of capacity building, emerging threats, confidence building, and responsible behavior.

Kaljurand, herself an alumna of The Fletcher School, said that given the complex landscape of cyberspace, a multi-pronged approach to cybersecurity is the only practical way forward, “one in which all stakeholders have a unique role, including developing norms of behavior [ . . .]. Maybe it’s the time for the non-state actor community to make proposals, and maybe it is easier for states to accept those proposals,” she said.

She emphasized the importance of civil society and how it could play a significant role in the arena of cybersecurity given that she has seen political norms entangle international organizations.

In the end, though, it’s the approximately 150 states in the U.N.—that have no idea about the significance of cybersecurity—which hold the real power, she said. “They will develop e-cities. They will decide the cyber future.”

As they develop and build their governance, culture, and society around the digital realm, their decisions will pave the future, Kaljurand said.

This piece was republished from The Fletcher School website.

Leave a Reply