[governance] UN Cybercrime Resolutions

Sergio Alves Junior sergioalvesjunior at gmail.com
Fri Feb 18 14:33:04 EST 2011 

Just in case someone else is interested in US's position on
ITU/Cybersecurity (and Internet) at PP-10, Amb. Verveer's policy statement
made it pretty clear.

"...
Much of the effort here in Guadalajara should be devoted to seeking ways to
enhance the ITU’s excellent contributions to efficient and widely developed
telecommunications services and infrastructure—to improving things that it
does best:  harmonizing radio frequency allocations, developing and
disseminating best practices, and contributing to capacity building.

The United States has identified three matters that warrant special mention
in this regard.

First, the ITU should be a place where the development of the Internet is
fostered.  The Internet has progressed and evolved in a remarkably
successful way under the existing multi-stakeholder arrangements.  Changes,
especially changes involving inter-governmental controls, are likely to
impair the dynamism of the Internet—something we all have an interest in
avoiding.

Second, the ITU’s interest in cybersecurity should continue to focus on
capacity building and the associated development and dissemination of best
practices.  This is an area where an enormous amount remains to be done, and
where improvements will prove very valuable to all ITU members, regardless
of the state of their digital development.  We believe very strongly that
the ITU should not be distracted from this important responsibility by
straying into areas outside of its mandate and expertise such as cybercrime
and cyberwar.

Third, looking forward to the 2012 World Conference on International
Telecommunications, it would be a serious mistake to seek to extend the
International Telecommunications Regulations to today’s world of broadband
and the Internet.  There is a superficial similarity between the narrowband
for which the ITRs were configured and the broadband of today, but it is
only superficial.  Just as with the Internet, inter-governmental controls
over broadband are likely to do much more harm than good."
http://www.itu.int/plenipotentiary/2010/statements/usa/verveer.html

Abraços,
Sérgio



2011/2/18 Sergio Alves Junior <sergioalvesjunior at gmail.com>

> Sala,
> I've sent it to your email.
>
> Abraços,
> Sérgio
>
> 2011/2/18 Salanieta T. Tamanikaiwaimaro <
> salanieta.tamanikaiwaimaro at gmail.com>
>
>> Sergio,
>>
>> May I please also get a copy of PP-10’s Brazilian delegation report (em
>> português), where I tried to collect the voices of various Member States
>> interested in the ITU Cybersecurity debate?
>>
>> Kind Regards,
>>
>> Sala
>>
>> On Fri, Feb 18, 2011 at 4:18 PM, Sergio Alves Junior <
>> sergioalvesjunior at gmail.com> wrote:
>>
>>> Hi, Katitza,
>>>
>>>
>>>
>>> There are no new ITU Resolutions on Cybercrime in 2011. I can only think
>>> of PP-10's, which entered into force this year.
>>>
>>>
>>>
>>> At PP-10, in October, negotiations among US, Brazil, UK, Sweeden, EU,
>>> China, Syria, Iran, UAE, regarding Cybersecurity were intense, but US'
>>> position was to block any effective ITU mandate on it. At the end,
>>> Resolution 130 (on the role of ITU) was revised and a new Res. 181 (on a
>>> Cybersecurity definition) was approved:
>>>
>>>
>>>
>>> - (Revised) Res 130 ("Strengthening the role of ITU in building
>>> confidence and security in the use of ICTs"), originally from PP-02 and
>>> PP-06. It basically states that ITU’s no mandate do not include areas
>>> related to Member States' application of legal or policy principles related
>>> to national defense, national security, content and cybercrime. In these
>>> sensitive matters, ITU's mandate is to foster cooperation, share best
>>> practices, support the establishment of CIRTs. By the way, Brazil
>>> successfully managed to delete every mention to EC Budapest Convention on
>>> both Res.130 and 181.
>>>
>>>
>>>
>>> - (New) Res 181 ("Definition and terminology relating to building
>>> confidence and security in the use of ICTs) is an effort to make official an
>>> ITU-T's definition on "Cybersecurity" (Recommendation X.1205), but it was
>>> not fully agreed, as it was developed under a specific technical sphere
>>> (ITU’s SG 17: Security). It was accep
>>>
>>>
>>>
>>> "*Cybersecurity: Cybersecurity is the collection of tools, policies,
>>> security concepts, security safeguards, guidelines, risk management
>>> approaches, actions, training, best practices, assurance and technologies
>>> that can be used to protect the cyber environment and organization and
>>> user’s assets. Organization and user’s assets include connected computing
>>> devices, personnel, infrastructure, applications, services,
>>> telecommunications systems, and the totality of transmitted and/or stored
>>> information in the cyber environment.  Cybersecurity strives to ensure
>>> the attainment and maintenance of the security properties of the
>>> organization and user’s assets against relevant security risks in the cyber
>>> environment. The general security objectives comprise the following:*
>>>
>>> *          •       Availability*
>>>
>>> *          •       Integrity, which may include authenticity and
>>> non-repudiation*
>>>
>>> *          •       Confidentiality*"
>>>
>>>
>>>
>>> In sum, Res. 130 and 181, which were of great interest to US, are not on
>>> Cybercrime, they are on not-Cybercrime. Furthermore, it is not a US propos
>>>
>>>
>>>
>>> If you want, I can send you part of PP-10’s Brazilian delegation report
>>> (em português), where I tried to collect the voices of various Member States
>>> interested in the ITU Cybersecurity debate.
>>>
>>>
>>>
>>>
>>>
>>> Abraços,
>>>
>>> Sérgio
>>>
>>> Brazil
>>>
>>> 2011/2/17 Katitza Rodriguez <katitza at eff.org>
>>>
>>> Greetings,
>>>>
>>>> Yesterday, Secretary Hillary Clinton mentioned in her speech that the
>>>> U.S has led the effort to get multiple resolutions passed at the United
>>>> Nations, including one this year. Is anyone familiar with this resolution,
>>>> and which part of the UN she is referring to? ITU? I would appreciate any
>>>> information you may have,
>>>>
>>>> All the best, Katitza
>>>> ____________________________________________________________
>>>> You received this message as a subscriber on the list:
>>>>    governance at lists.cpsr.org
>>>> To be removed from the list, visit:
>>>>    http://www.igcaucus.org/unsubscribing
>>>>
>>>> For all other list information and functions, see:
>>>>    http://lists.cpsr.org/lists/info/governance
>>>> To edit your profile and to find the IGC's charter, see:
>>>>    http://www.igcaucus.org/
>>>>
>>>> Translate this email: http://translate.google.com/translate_t
>>>>
>>>>
>>>
>>> ____________________________________________________________
>>> You received this message as a subscriber on the list:
>>>     governance at lists.cpsr.org
>>> To be removed from the list, visit:
>>>     http://www.igcaucus.org/unsubscribing
>>>
>>> For all other list information and functions, see:
>>>     http://lists.cpsr.org/lists/info/governance
>>> To edit your profile and to find the IGC's charter, see:
>>>     http://www.igcaucus.org/
>>>
>>> Translate this email: http://translate.google.com/translate_t
>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20110218/7401f82a/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.cpsr.org/lists/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list