IGP Workshop: “Who Governs, States or Stakeholders? Cybersecurity and Internet Governance”

On May 11-12, 2017, the IGP’s 3rd Annual Workshop  convened at Georgia Tech’s School of Public Policy in Atlanta. This year’s topic: Who Governs, States or Stakeholders? Cybersecurity and Internet Governance

 

Cybersecurity problems challenge existing institutions of governance. Global coordination is impeded by national boundaries, and government-industry cooperation is impeded by public-private distinctions.  Two decades ago similar challenges inhibited Internet governance.  In formalizing Internet identifier assignments, governments, firms, and civil society created novel institutions, most notably ICANN. Internet governance institutions depart from the traditional sovereignty model to empower non-state actors in a multistakeholder model.

Today national security imperatives risk re-establishing the traditional sovereignty model in the cybersecurity domain. Yet the factors that led to innovations like ICANN are also present in cybersecurity. These include globalized markets for technology and services, a need for cooperation and information sharing across jurisdictions, and the need to avoid fragmentation.

Can cybersecurity also elicit institutional innovations, or will national security concerns lead to a re-territorialization of the Internet? If the latter, what consequences will this have for global Internet governance? Can Internet governance offer lessons and models for institutional solutions to cybersecurity problems? This workshop  explored these question.

Workshop Program

Thursday, May 11

10:00

Welcome

10:10 – 12:10

Panel 1: Conceptualizing the relationship between Cybersecurity and Internet Governance

Moderator: Dr. Farzaneh Badiei

How do established definitions of Internet governance relate to definitions of cybersecurity governance? Is cybersecurity a subset of Internet governance or are they distinct domains that overlap? If the latter, how and where do they intersect? To what extent is cybersecurity dominated by national security concerns or is there a distinction between national security and societal security in cyberspace?

• Is Cybersecurity Eating Internet governance? Causes and consequences of alternate framings. Dr. Milton Mueller, Professor, Georgia Tech School of Public Policy and Director, Internet Governance Project
• Security in the internet’s technical evolution: A historical analysis. Dr. Bradley Fidler, researcher, UCLA Computer Science Department, on the history and politics of Internet and cybersecurity infrastructure, architecture, governance, and innovation.
• Unpacking Cyber Security Governance: Institutional Framings, Louise Marie Hurel – Researcher at Brazilian Naval War College, Rio de Janeiro, Brazil
  • Discussants: Dr. Michel van Eeten, Professor, Technology University of Delft, Netherlands, and Will Hudson, Google, Inc.

12:30 – 1:30

Luncheon discussion with

General Philip Breedlove, Distinguished Professor at the Sam Nunn School of International Affairs and former NATO Supreme Allied Commander Europe

Thursday, May 11

2:00 – 4:30

Panel 2: Institutional Landscape of Cyberspace Security Governance

Moderator: Dr. Milton Mueller

How does it all work? Cybersecurity has some public good characteristics but is also supplied as a private good in the market, while also involving complex networked forms of organization. This session attempts to bring all three together into a synthetic overview of cybersecurity governance

• Mapping the Cybersecurity Institutional Landscape Dr. Brenden Kuerbis and Dr. Farzaneh Badiei, Internet Governance Project
• Developing Cybersecurity Metrics, Arastoo Taslim, Project Manager, The CyberGreen Institute
• Patching Security Governance: Fighting Collective Action Problems in the Absence of Collective Institutions, Dr. Michel van Eeten, TU Delft
  • Discussant: Angela McKay, Senior Director, Cybersecurity Policy and Strategy, Microsoft

Friday, May 12

10:00 – 12:00

Panel 3: New Ideas for Governance Institutions

Moderator: Dr. Hans Klein

Is there a place for transnational, non-state institutions for the governance of cybersecurity? What are the limits of networked governance in cybersecurity? What are the limits of state-based governance in cybersecurity? What are the feasibility and the likely effectiveness of new initiatives?

• Microsoft’s proposals for a Tech Accord, Digital Geneva Convention and International Attribution Agency, Jan Neutze, Director of Cybersecurity Policy, Microsoft EMEA
• Institutionalizing Cybersecurity: A Global Cyber Federation? Dr. Duncan Hollis, James E. Beasley Professor of Law, Temple University
• Restrained by Design: Sociotechnical Disincentives for Cyber Warfare, Dr. Jon Lindsay, Assistant Professor, Munk School of International Affairs, University of Toronto
  • Discussants: Holly Dragoo, Research Associate, Georgia Tech Research Institute; Grace Abuhamad, U.S. Department of Commerce, NTIA.

Friday, May 12

12:15 – 2:00: Lunch at the Wardlaw Center

2:00 – 4:30

Panel 4: Cybersecurity, Information Warfare and Internet Governance

Moderator: Holly Dragoo, GTRI

Are Cybersecurity and Info Warfare subsets of each other, or distinct domains? How do different conceptions of this relationship affect Internet governance, especially global efforts at content regulation? This session takes up the classic distinction between information content and cybersecurity in US policy and its recent erosion in the wake of the Russian DNC hack, fake news, terrorist use of social media and related cases of foreign influence on domestic politics

• Dr. Hans Klein, Professor, Georgia Tech School of Public Policy, and Karl Grindal, doctoral candidate Georgia Tech School of Public Policy
• Dr. Jaclyn Kerr, Postdoctoral Research Fellow at the Center for Global Security Research (CGSR) at Lawrence Livermore National Laboratory
• Dr. Shawn Powers, Executive Director, U.S. Advisory Commission on Public Diplomacy, US State Department
  • Discussants: Dr. Jon Lindsay, University of Toronto; Dr. Milton Mueller, Georgia Tech

 

List of participants

Grace Abuhamad, Policy Analyst, International Affairs, U.S. Department of Commerce NTIA

Farzaneh Badiei, Executive Director, Internet Governance Project, IGP

Philip Breedlove, Distinguished Professor at the Sam Nunn School of International Affairs and

former NATO Supreme Allied Commander Europe

Tarun Chaudhary, Doctoral candidate, Sam Nunn School of International Affairs

Holly Dragoo, Research Associate, GTRI

Michel van Eeten, Professor, TU Delft, College of Technology, Policy and Management

Bradley Fidler, Researcher, UCLA Computer Science Department

Karim Farhat, Doctoral candidate, Georgia Institute of Technology School of Public Policy

Worku Gedefa Ugressa, PhD Fellow, Norwegian Research Centre for Computers and Law

Karl Grindal, Doctoral candidate, Georgia Institute of Technology School of Public Policy

Duncan Hollis, James E. Beasley Professor of Law, Temple University

Will Hudson, Senior Advisor for International Policy, Google

Louise-Marie Hurel, Researcher at Brazilian Naval War College, Rio de Janeiro, Brazil

Arastoo Taslim, Cyber Green

Jaclyn Kerr, Lawrence Livermore Labs

Hans Klein, Associate Professor, Georgia Tech School of Public Policy

Brenden Kuerbis, Postdoctoral researcher, Georgia Tech School of Public Policy

Annabeth Lange, Special Adviser International Policy at UNINETT Norid AS

Jon Lindsay, Assistant Professor of Digital Media and Global Affairs, University of Toronto Munk School of Global Affairs

Ann-Cathrin Marcussen, Lawyer at UNINETT Norid AS

Angela McKay, Senior Director, Cybersecurity Policy and Strategy, Microsoft

Michael Mealling, Chief Technology Officer, Seraph Group

Milton Mueller, Professor, Georgia Institute of Technology School of Public Policy

Jan Neutze, Director of Cybersecurity Policy, Microsoft EMEA region

Shawn Powers, Executive Director, U.S. Advisory Commission on Public Diplomacy, US State Department