cybersecurity and multi stakeholder internet governance...aucc at a glance •electronic...

Post on 21-Jan-2021

3 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

CybersecurityandMulti-stakeholderInternetGovernance– thecaseofAUConventiononCybersecurity

TowelaNyirendaJere,PhDPrincipalProgramme Officer,RegionalIntegration,InfrastructureandTrade

IEEEETAPForum,WindhoekMay30,2017

InternetGovernance

• “....thedevelopmentandapplicationbygovernments,theprivatesector,andcivilsociety,intheirrespectiveroles,ofsharedprinciples,norms,rules,decision-makingprocedures,andprogrammesthatshapetheevolutionanduseoftheInternet.”• WSISTunisAgenda

Multi-stakeholderprocesses

• “Weencouragethedevelopmentofmulti-stakeholderprocessesatthenational,regionalandinternationallevelstodiscussandcollaborateontheexpansionanddiffusionoftheInternetasameanstosupportdevelopmenteffortstoachieveinternationallyagreeddevelopmentgoalsandobjectives,includingtheMillenniumDevelopmentGoals”–WSISTunisAgenda

Stakeholders• TunisAgenda:sovereignstates(governments),privatesector,inter-governmentalorganisations,internationalorganisations,academicandtechnicalcommunities.

• 4 keygroupsemergingas“stakeholders:government,privatesector,civilsociety,technical– academia,media,inter-governmentalorinternationalorganisationshavenodefinedplace

Stakeholders

• nouniversalagreementonthemeansofinteractionandengagementbetweenthevariousstakeholdergroupings.

• discourseoccursbothonlineandoffline– prosandconsintermsofparticipationandreach

Stakeholders

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

Government Civilsociety PrivateSector Academia Media Technical None

PerceivedDominanceofStakeholderGroups

National

Regional

Continental

Global

media,privatesector,academiaandthetechnicalcommunityare“notvisible”

Multi-stakeholder processes

• “Theuseofvariousmeansincludingnetworks,platforms,partnerships,collaborations,processes,dialoguestobringtogetherdiversestakeholdergroupingsrepresentativeofsocietyatlargeforthepurposeofdiscussion,consensus-building,decision-makingoractiononmattersofcommoninterest”– TowelaNyirenda-Jere,MA(IG)dissertation

Multi-stakeholder processes• “Nocohesionamongstallthesegroups”(Privatesector)

• “….processesarenotsubstantiatedbyfacts,data ”(Academia)

• “…nocoordinatedapproachnationally…”(Government)

• “…notanissuethathasreallybeenbroughtoutproperlyinastructuredmannerinAfrica…..”(NGO)

Multi-stakeholder processes• “State/governmentsarebetterplacedtotacklecyber-crimeissues.Butcooperationisneededamongthem”(Academic)

• “….moreplayersneedtocomeintosupportthisprocess,workingwithnationalgovernments”(NGO)

• “…multi-stakeholderengagementunfeasibleorimpossibleatthenationallevel..”

• “…afewselectgroupsmakingassumptionsforawholemany”

TheRoadtotheAUCC• 2009ORTamboDeclaration• 2010 – AUSummitendorsement

– AbujaDeclaration• 2011FirstDraft:“AUConventionontheConfidenceandSecurityinCyberspace”

• 2012 – endorsementofdraftbyAUSTC• 2012-2013 Stakeholderconsultations– 2013onlinepetitionagainsttheConvention

• 2014 Adoption:“AUConventiononCybersecurityandProtectionofPersonalData”

AUCCataglance• objectives- harmonizee-legislation,protectpersonaldata,promotecybersecurity,fightcybercrime– Definekeycyberterminologiesinlegislation– Developgeneralprinciplesandspecificprovisionsrelatedtocyberlegislation

– OutlinecyberlegislativemeasuresrequiredatMemberStatelevel

– Developgeneralprinciplesandspecificprovisiononinternationalcooperation

AUCCataglance• Electronictransactions,• Personaldataprotection,• Cybersecurityandcybercrime• Requires memberstatesto:– developnationalcybersecuritypolicy– developlegislationoncybercrime– ensuretheprotectionofcriticalinformationinfrastructure

– enactpersonaldataprotectionlaws

ReactiontotheAUCC

• goodguideline(benchmark/health-check)• adherence tonationalconstitutionsandinternationalhumanrightslaw

• emphasisontheAfricanCharteronHumanandPeoples’Rights

• limitedstakeholderengagement• Vague/broadprovisionsthatmaycausemisusebygovernments

ReactiontoAUCC• No clearminimumthresholds - governmentscould opt not to implementsomeaspects

• inconsistency - racismandxenophobiaoutlawed,discriminationonsexualorientationorgendernot

• Impactofleakeddataonjournalistsandsources

• Nosafeguardsoninformation-sharingbetweenprivatesectorandgovernment

Currentstatus andWayForward

• 15Ratifications requiredforentryintoforce• Signatures:Benin,CapeVerde,Comoros,Congo,GuineaBissau,Mauritania,SierraLeone,SaoTomeandPrincipe,andZambiahavesignedtheconvention

• Noratifications

MostratifiedinstrumentsInstruments Yearof

AdoptionNumberofRatifications

ConstitutiveActoftheAfricanUnion 2000 54

AfricanCharteronHumanandPeoples'Rights 1981 53

TreatyEstablishingtheAfricanEconomicCommunity, 1991 49ProtocolRelatingtotheEstablishmentofthePeaceandSecurityCounciloftheAfricanUnion

2002 49

ProtocoltotheTreatyEstablishingtheAfricanEconomicCommunityRelatingtothePan-AfricanParliament

2001 48

AfricanCharterontheRightsandWelfareoftheChild 1990 47

OAUConventionGoverningtheSpecificAspectsofRefugeeProblemsinAfrica

1969 45

AfricanCivilAviationCommissionConstitution 1969 44

OAUConventiononthePreventionandCombatingofTerrorism 1999 41

PrivilegesandImmunities 1965 40

Nuclear-Weapon-FreeZone 1996 40

LeastRatifiedInstrumentsInstruments Yearof

AdoptionNumberofRatifications

RevisedConstitutionoftheAfricanCivilAviationCommission 2009 5

ProtocolontheStatuteoftheAfricanCourtofJusticeandHumanRight 2008 5

ProtocolontheAfricanInvestmentBank 2009 2

AfricanUnionConventiononCross-BorderCooperation(NiameyConvention)

2014 1

ProtocoltotheConstitutiveActoftheAfricanUnionrelatingtothePan-AfricanParliament

2014 1

AfricanUnionConventiononCyberSecurityandPersonalDataProtection 2014 0

AfricanCharterontheValuesandPrinciplesofDecentralisation,LocalGovernanceandLocalDevelopment

2014 0

ProtocolonAmendmentstotheProtocolontheStatuteoftheAfricanCourtofJusticeandHumanRights

2014 0

ProtocolontheEstablishmentontheAfricanMonetaryFundandtheStatuteoftheAfricanMonetaryFund

2014 0

AgreementfortheEstablishmentoftheAfricanRiskCapacity(ARC)Agency 2012 0

EffectivenessofMSProcesses• towhatextentareobjectivesmet– Outputs- immediateresults– Outcomes - resultsoveralongertime-frame– Impact-longertermsustainedchanges

• Determinantsofeffectiveness– Architectural:howestablished– Procedural:howrun– Operational: howmaintainedandsustained

Effectiveness ofAUCCprocess

Parameter ObservationsOutputs - TheConvention

- StateofCybersecurityandCybercrime inAfricareport

Outcomes - Ratification- Legislation andpolicyinitiatives

Impact - Moretimeneededtoassess

Determinant Observations

Architectural - DeclarationatMinisteriallevel- EndorsementbyHeadsofState

Procedural Stakeholderconsultations- Expertmeetingsconvened byAUC,UNECA- Onlineconsultationsconvenedbycivilsociety

Operational - Advocacythroughtechnicalmeetingsanddialoguesatregionalandcontinentallevel

- Declarations atMinisteriallevel- Limitedactivities atnationallevel

AUCC– WhatisatStake?

• Countrieswithlegislation• ElectronicTransactions: 28(51%)• ConsumerProtection: 18(33%)• PrivacyandDataProtection: 22(40%)• Cybercrime: 27(49%)

• (Source:UNCTAD)

E-Legislation

Source:UNCTAD

E-transactions

Source:UNCTAD

DataProtection&Privacy

Source:UNCTAD

Cybercrime

Source:UNCTAD

ConsumerProtection

Source:UNCTAD

Recommendations• CoordinationbetweentheAUCandmemberstates

• Awarenessamongstakeholders• Coordinationandcommunicationatnationalandregionallevel

• Inclusiveness - needforallstakeholders(civilsociety,government,privatesector,academic)tobeinvolvedinnationalandregionalprocesses.

Recommendations• StrengtheningtheroleofPanAfricaParliament

• Examineadstreamlineratificationprocesses• Financialresources– settingupofinstitutions,capacitybuilding,monitoringandenforcement

• Technicalandinstitutionalcapacitybuilding

QuestionsforReflection

• WhatarethelimitsofMSapproaches?• AreMSapproachesreallyfeasible/practical?• Whataretherolesandresponsibilitiesofthevariousactorsandstakeholders?–Whoneedstodowhat,when,howandwhy?

• Howlongshouldtheprocesstake?Canweaffordlengthyratificationprocesses?

THANKYOU

Contact Information

Towela Nyirenda-Jere, PhD

Email: towelan@nepad.org

Tel. : +27 11 256 3587

top related