In 2013, representing a major breakthrough in what had heretofore been difficult negotiations, a UN Group of Governmental Experts (GGE) and the Organisation for Security and Cooperation in Europe (OSCE) reached initial agreement on the nature of some of these norms, confidence and capacity building measures. Substantive discussions on how these should be applied and implemented remain, however, at an early stage. Moreover, many of the on-going efforts to reach consensus have run into difficulty not least because it is hard (yet not entirely impossible) to fit ICTs into traditional security paradigms. Yet, most governments acknowledge the role norms and CBMs can play in strengthening trust between states and within states. In addition, core governance principles such as participation, transparency, and accountability can help build and deepen trust between states, and between states and citizens. To this end, governments have acknowledged the need to build trust and deepen their engagement with other groups – including civil society organisations – as they move to further shape and implement new norms and rules in this area. Yet, to date, such engagement has been minimal.

Civil society engagement on international governance and security matters is not new and there are scores of examples of areas in which states have accomodated such engagement. Cyber security should not be an exception. Moreover, it is an area that by its very nature and the broad range of normative concerns involved, calls for much deeper civil society engagement than experienced in other areas. If approached effectively and coherently, such engagement, the authors argue, can afford greater legitimacy and sustainability to on-going multi-lateral norms and CBM processes concerning international security and state uses of ICTs. It can also help ensure that broader normative concerns are attended to, and that the right technical expertise is leveraged when solutions are being sought. Combined, the latter can help build trust between states, and between states and society.

The paper is organised under three sections: the first provides a short overview of the current context; the second discusses why civil society is important to furthering norms and confidence building measures regarding the use of ICTs in the context of international and regional security; and the third tables some suggestions for civil society engagement under three headings: i) engaging effectively; ii) fostering transparency and accountability; and iii) deepening knowledge.

Download report in full colour here or for printing here.