PRINT

EU Statement – UN Open-Ended Working Group on ICT: International Law

19.12.2023
New York
Press and information team of the Delegation to the UN in New York

12 December 2023, New York – European Union Key Messages at the 78th Session of the United Nations General Assembly Open-Ended Working Group (OEWG) on security of and in the use of information and communications technologies 2021-2025 (11 – 15 December 2023): International Law

Excellencies,

I have the honour to speak on behalf of the European Union and its 27 Member States.

The candidate countries North Macedonia*,  Montenegro*, Albania*, Serbia, Ukraine, the Republic of Moldova and Bosnia and Herzegovina*, the potential candidate country Georgia, and the EFTA countries Iceland and Norway, members of the European Economic Area, as well as San Marino align themselves with this statement.

The international community recognises that existing international law, including the UN Charter in its entirety is applicable in cyberspace and is essential for maintaining peace and stability and promoting an open, secure, peaceful and accessible ICT environment. States have also recognized the applicability of the law of state responsibility, international human rights law, and in situations of armed conflict, international humanitarian law.

This is reflected in the 2013, 2015 and 2021 reports of the UN Group of Governmental Experts on Cyber (UN GGE) and the 2021 report of the UN Open Ended Working Group on Cyber (UN OEWG), all endorsed by all MS in the UNGA,  as well as the First and Second Annual Progress Reports of this OEWG. The 2021 OEWG Report called upon States to avoid and refrain from taking any measures not in accordance with international law, and in particular the Charter of the United Nations. The report concluded that States continue to engage in focused discussions at the OEWG on how international law applies in the use of ICTs.

This needs to be the departure point for our discussions. Elaborating how existing international law applies to State activity in cyberspace, is necessary in order to build a practical understanding of the states’ rights and obligations under international law in the cyber context, as well as on how to better implement the law of state responsibility when a state breaches its obligations through cyber means.

This year several states have shared their national perspectives on how existing international law applies in cyberspace, adding to the several dozen states which have done so previously. In doing so, they have contributed to further clarification of key legal rules and principles, such as the principle of state sovereignty, non-intervention, etc.

 

We welcome the broadening of the debate with contributions from states that for the first time have outlined their views, as well as the increasingly higher level of details in national positions that have been adopted and shared. These developments have shown that there is broad agreement among states on key aspects of the application of IL to the cyber context, including the application of the UN Charter, the peaceful settlement of disputes, the law of state responsibility, as well as international human rights law and international humanitarian law.

While substantial progress has been made, there remain areas for further convergence in States’ perspectives on how international law applies in the use of ICTs. And, as we can see from many of the national positions so far, the primary issue does not appear to be the existence of gaps, but rather how to interpret existing rules of international law to address some specific issues in the cyber context.

We are confident that as more states engage in this process of developing and sharing their national positions, it will contribute to developing a better common understanding of how international law applies in cyberspace and become even clearer that the existing international rules and principles provide a comprehensive the legal framework to regulate State behaviour in cyberspace.

In light of that, needs-based capacity building has never been more important, not only in terms of scale, but also in terms of depth in accordance with agreed capacity building principles.

The international community should seek to ensure that all states that express a need are able to benefit from capacity building initiatives designed to deepen the expertise regarding international law in cyberspace. For example, such capacity building could support States in forming their own national assessment and position on how international law applies to cyberspace. This primarily involves making professional educational programs available to governmental legal advisers, but also sensitizing other public officials involved in cyber affairs – diplomats, policy makers and advisers, cyber operators, decision-makers, law enforcement personnel – to the fact that the decisions they make, the advice they give, is guided by international law. It is only through engagement and targeted discussions, like the workshops provided by the UNIDIR and others, that we can improve our collective understanding.

The EU, therefore, welcomes the recommendations of the APR to convene a dedicated intersessional meeting on how international law applies to cyber operations. Such a meeting of several days should be well prepared by an expert paper identifying key issues to be discussed by Legal Advisors.