(No.84) How can cooperation and multi-stakeholder collaboration impact the global fight against cybercrime and improve cyber security?

Go to Report
Status: 
Accepted
Workshop Theme: 
Security, Openness and Privacy
Theme Question: 

Questions 2, 3, 4, and 5

Concise Description of Workshop: 

The workshop will demonstrate the perspectives of relevant ICT stakeholders from different sectors, including private industry, civil society and government. The main focus of the workshop will showcase the progress of the Commonwealth Cybercrime Initiative (CCI) which aims to assist developing countries to strengthen capacity in two ways – by providing access to expertise, resources and tool kits on a cross-Commonwealth basis, as well as through customized, on-the-ground assistance, delivered regionally and nationally to individual countries. The Commonwealth Cybercrime Initiative (CCI) can be seen as a model for international cooperation and multi-stakeholder collaboration. The initiative itself includes stakeholders from government, private industries, and civil society, therefore providing an example on how all can work together to accomplish mutual goals to combat cybercrime. Case studies will be used to illustrate best practice and results of the cooperation with particular emphasis on the Initiative’s first project in Africa. Presentations will be followed by a discussion exploring ways to encourage government take up, awareness, collaboration and cooperation. The discussion may also explore potential avenues to improve the initiative. We will be promoting our workshop at our events preceding the IGF such as the Legal Frameworks for ICTs Workshop, in June 2012, and at ICANN 44 in Prague, among others. We encourage participants at this event to take part in the proceedings remotely and physically if possible.
Agenda
PART 1 – Presentations
Chair: Mark Carvell, UK, Dept. of Culture, Media and Sport

  1. Chair’s Welcome – Mark Carvell (10)
  2. Working with CCI – Perspectives of Ghana –Teki Akuetteh (10)

PART 2 – Panel Discussion (50)
Moderator: Mark Carvell
Panel:
Private Sector
ICANN – Dave Piscitello (remote panellist)
DiploFoundation – Vladimir Radunovic
Civil Society
IG Caucus – Salanieta Tamanikaiwaimaro
Government
Alice Munyua – Gov. Kenya
CTU – Bernadette Lewis
Initiative
Lara Pace – Secretariat CCI
 
PART 3 – Closing – Mark Carvell

  1. Way forward and how to get involved
  2. Milestones and goals the Initiative has set for 2013 and beyond
Backgroung Paper: 
Organiser(s) Name: 

COMNET Foundation for ICT Development runs the Secretariat for the Commonwealth Internet Governance Forum and the Commonwealth Cybercrime Initiative. It is the lead agency of the Commonwealth Connects Programme, which is the Commonwealth’s official ICT4D programme. COMNET is involved locally in the Malta IG Group, on the advisory board of the ‘Be Smart Online’ Project, a local initiative, aimed at raising awareness of Internet related discussion. COMNET is also an organisational member of ISOC and is supporting the establishment of a Maltese ISOC Chapter.

Submitted Workshop Panelists: 

We plan on showcasing 3 perspectives: government, industry, and civil society. 1)Mark Carvell, UK, Dept. of Culture, Media and Sport, Government Europe, Status: Confirmed 2) Teki Akkuetteh, ICT Legal Expert/Legal Desk Officer at Ministry of Communications of Ghana, Government of Ghana, Government, Africa. Status: Confirmed. 3) Salanieta Tamanikaiwaimaro, Diplo, NGO, Pacific. Status: Confirmed. 4) Ms Lara Pace Comnet Foundation for ICT Development, Foundation, Europe. Status: Confirmed.   5) Vladimir Radunovic, Diplo, NGO, Europe. Status: Confirmed 6) Alice Munyua, Kenya, Government, Status: Confirmed 7) Bernadatte Lewis, CTU, Caribbean, Status: awaiting final confirmation. Mr Mark Carvell will provide an overview of the current status of the Cybercrime Initiative. Ms. Akkuetteh will describe Ghana's experiences working with the CCI. Salanieta Tamanikaiwaimaro and Vladimir Radunovic can provide the perspective of Diplo as a partner and can discuss the perspectives in Civil Society as Salanieta is involved as the co-ordinator of the IG Civil Society Caucus. Ms Alice Munyua is Chair of the CCI Steering Group and can give her perspective on the effectiveness of multi-stakeholder cooperation in addressing the problem of cybercrime. Ms Bernadette Lewis can speak of the work the CTU and CCI have done together, specifically the recent workshop in St. Lucia.
The idea is to have an open panel discussion and engage the audience for their feedback.

Name of Remote Moderator(s): 
Jasper Schellekens
Gender Report Card
Please estimate the overall number of women participants present at the session: 
About half of the participants were women
To what extent did the session discuss gender equality and/or women's empowerment?: 
It was not seen as related to the session theme and was not raised
Report
Reported by: 
CIGF - Jasper Schellekens
A brief substantive summary and the main issues that were raised: 

The format of the workshop was a panel discussion, where –rather than have the participant give a traditional presentation – the audience was invited to participate in a moderated discussion with the panellists. Questions were asked by Mr Carvell, the audience in the room and remote participants which included the remote hub of the University of Aberystwyth.  Remote participation was central to this workshop, as Dave Piscitello participated as remote panellist.
Mark Carvell provided a brief background to the Commonwealth Cybercrime Initiative, highlighting that the Initiative was placed before participants at the IGF to seek final feedback before submission to Heads of Government.. He explained that following endorsement from Commonwealth Heads of Government last October in Perth the CCI has moved from concept to implementation.  The Initiative is composed of three pillars, the Executive Management Group composed of government representatives, the Steering Group, composed of organisations with expertise in different areas of combating cybercrime, and the Secretariat.
Lara Pace updated the audience on the current status of the Ghana project, as the point of contact for Ghana was unavailable to participate. A scoping mission was sent to Ghana in February and further assistance is expected to be provided this year.
- Lara Pace discussed the kind of assistance that can be expected from the CCI, namely that the CCI offers all-encompassing and holistic assistance from legal review to technical training. Additionally, despite being centred on the Commonwealth, when providing assistance regionally, it does not exclude non-Commonwealth countries.
- The involvement of the private sector was discussed, with specific reference to the banking sector.. Institutions such as banks often claim to have their own cyber security in place, but Ms Lewis pointed out that it was a wider picture than the individual cyber security of the specific bank. Awareness is key, which also included the need of wider reporting of incidents. Cybercrime can go unpunished if banks are isolated in their cyber security strategy and refrain to report incidents. Mechanisms need to be in place to protect the reputation of the banks when they report instances of cybercrime.
- Raising awareness of cybercrime incidents is needed at every level of involvement in the Internet, but language is one of the main barriers to raising this awareness. There is a need to accommodate different languages.
- The role of private industry in combating botnets and phishing was highlighted by Mr Piscitello. Further elaborating the multi-stakeholder model allows for governments to combine and tap into financial and technical resources that are available to the private sector.
- Using a multi-stakeholder model such as the CCI allows organisations to synergize in the broader remit of the CCI, thereby not constraining assistance to different isolated silos.
- The link between cybercrime and cyber terrorism was discussed, with Mr Piscitello highlighting the main difference which lies in the motivation behind each. Cyber terrorism may result in crimes, but it is based on ideology rather than profit. As an addendum industrial espionage was raised and also classified as a crime that perhaps had more unusual motives. It was questioned whether it was necessary to address this specifically or merely under the wider umbrella of cybercrime.
- Ms Lewis indicated that even in situations of cross-border cooperation there needs to be local/national engagement and then a framework internationally, or regionally. If the local situation was not functioning properly, it is naturally more difficult to fit in and operate within an international context.
- Harmonized legal frameworks were identified as a critical aspect to ensuring cooperation related to cybercrime across borders, ITU’s work in the Caribbean was mentioned as an example of this harmonisation.
- Experience or cooperation is not always available, best practices based on the projects currently undertaken are extremely valuable for any other attempts at multi-stakeholder collaboration.
- Vladimir Radunovic of DiploFoundation emphasized the importance of capacity building both across sectors and across locations and regions. Cybercrime capacity,  in the same way as Internet Governance covers so many different areas it needs to be built for stakeholders to cope with the fact that it cross-cuts so many sectors.
- Diplo further highlighted the fact that the Internet itself is an essential tool for  cooperation and capacity building.
- A strategy for dealing with Cybercrime is only as strong as the weakest link.
- Wout de Natris mentioned that governments may have to re-invent themselves outside the traditional “geographical borders” format.
- Audience raised the issue that the problem of cybercrime grows exponentially with each day that passes. Action needs to be taken now to be able to bridge that gap and not be left perpetually behind the curve.
- The question of treaties as an option for cooperation in dealing with cybercrime was raised, but the panel responded that treaties aren’t always the only answer. Yes, cybercrime is a global phenomena.  It must be that there is collaboration at the international and regional levels but there are things that countries need to put in place.  Ms Bernadette Lewis gave a simple example: When a country or on individual or an organisation receives a cyber threat, what do they do with that? What are the mechanisms for escalating that?  Those are things that have to be done at the national level. 
- Whatever activities are undertaken ensure that a holistic approach is maintained that includes all stakeholders.

Conclusions and further comments: 

The open discussion raised interesting questions and observations from both the panellists and the audience. Main themes in the discussion included raising the awareness of cybercrime and harmonisation of legislation. For a multi-stakeholder model of cooperation to work, the stakeholders need to be made aware of how they can participate and need to be drawn in to participate. The many questions raised by the audience demonstrated the wide scope of cybercrime, ranging from terrorism to commercial transactions. Best practice gleaned from the experience of the multi-stakeholder cooperation, from a practical point of view, could help other institutions should they wish to provide assistance to countries.
 

Additional documents: