Home / Blogs

ITU’s Critical Cybersecurity Role and the 2018 Plenipotentiary

In the rather unique world of public international law for cybersecurity, the treaty provisions of the International Telecommunication Union (ITU) stand alone. They form the multilateral basis for the existence of all communication networks, internets, and services worldwide and have obtained the assent by every nation in the world. They also contain the only meaningful multilateral cybersecurity provisions that have endured over a century and a half through all manner of technological change. Indeed, it was radio internets a hundred years ago that gave rise to the greatest cybersecurity challenges.

So when all the nations of the world meet every four years at ITU Plenipotentiary Conferences to review these treaty provisions, the activity is eagerly watched by the small group of international cybersecurity law historians for potential changes to respond to new developments. The 2018 Plenipotentiary Conference (PP-18) is coming up in about three months—meeting at Dubai, 29 Oct to 16 Nov. Today, watching these treaty conferences is easier with all the documents available online in multiple languages shortly after being received. Indeed, almost the entire history of materials is available on-line going back to 1865.

The documents for the period from 1850 to 1865 reside in the Austria State Archives in Vienna, and for the period between 1917-1922, in the U.S. National Archives. The United States played the leading role in forming the modern day ITU treaty provisions, including key cybersecurity norms, in a series of conferences at the end of the First World War, including a long seminal treaty drafting conference in Washington in 1920 and in Paris in 1921 to add global radio internet provisions.

Most of the cybersecurity treaty making proposals to the ITU instruments in recent years have been relatively unimpressive—largely dealing with the enormous major issues today by adopting or altering conference resolutions rather than changing organic law found in the provisions. For a stable body of public international law that has formed the basis for all global telecommunication and cybersecurity over a century and a half, the basics remain fairly constant. Instantiating and protecting communication capabilities across the borders of national sovereigns fundamentally remain the same. It is an arena where Bully Bilateralism fails spectacularly.

Thusfar, the PP-18 input proposals are not particularly notable - primarily directed at getting national candidate officials elected to ITU positions in its multiple component bodies and slots on its continuing management mechanism, the Council. As perhaps the first evidence of the adverse effects of the current U.S. Administration, the candidacy of a highly-regarded U.S. expert was withdrawn for re-election to the Radio Regulations Board on which she already sits. Thus, the U.S. will have no representative on this key international quasi-judicial body overseeing radio spectrum use which the U.S. itself created seventy years ago, and has had a presence over many decades, including a continuing one since 1999. Notwithstanding the widely divergent views about the ITU in domestic Washington politics over the decades, one consistency has been the support for significant involvement in the Radiocommunication Sector since 1904 except for a brief period under Harding.

One of the significant PP-18 bellwethers among the input materials is a report on potentially holding a treaty conference to amend the International Telecommunication Regulations (ITR) that exist as an independent instrument. The principal purpose of the current ITR provisions adopted in 1988 was legalizing public internets globally and providing for related cybersecurity

An ill-advised subsequent attempt by Russia to amend the provisions in 2012 resulted in half the world rejecting the provisions. However, there are certainly ample reasons to amend and evolve the 1988 treaty given the plain need for a multilateral instrument directed at instantiating extraterritorial NFV-SDN-5G capabilities and OTT services. U.S. Cloud Service providers have also been actively seeking treaty provisions.

The only sage input into the meeting dealing with the subject matter occurred earlier this year—notably from China speaking for the first time on the subject—which took the strategic global leadership view that such provisions were essential for the global economy and would eventually be adopted.

For the present, it appears as if the U.S. Administration is content with trashing multilateral obligations and institutions, and moving back to a world of national insularity—forcing U.S. companies to locate their facilities and services abroad in multiple jurisdictions with long-term adverse effects. How it will prevent network products and services from entering the U.S. from abroad seems best described as a fool’s errand. What the unfolding U.S. calamity does provide, however, is to give other nations—especially China—the opportunity to forge the necessary multilateral arrangements to pursue emerging markets and larger global market shares. China is today by far, the largest-scale participant in all manner of industry standards bodies in the telecommunication sector, including cybersecurity-related activities. It is a role once played by the U.S. government and industry.

So from a cybersecurity legal historian’s perspective, events at the PP-18 remain a kind of fascinating crystal ball for looking into a future where the U.S. has clearly lost its leadership at best, and viability in the worlds of spectrum management and global information economy at worst. ...to be continued.

By Anthony Rutkowski, Principal, Netmagic Associates LLC

The author is a leader in many international cybersecurity bodies developing global standards and legal norms over many years.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API