The issue of cybersecurity perfectly illustrates why the International Telecommunication Union (ITU) should not be given expanded regulatory authority to include matters of Internet governance. The UN body is meeting this December as Member States renegotiate its core telecommunications treaty, and CDT and others have been warning of the risks to online freedom and innovation. In a paper issued today, we examine in detail some of the proposals pending before the ITU relating to cybercrime and cybersecurity.
On the one hand, cybersecurity is undeniably a critical issue for the future of telecommunications and indeed for global commerce, development, and human rights. On the other hand, it is ill-suited to the kind of centralized, government-dominated policymaking that the ITU represents.
Cybersecurity requires agility: Given the pace of technological change, governmental bodies are not likely to be the source of effective technical solutions. Instead, those solutions will emerge from multi-stakeholder efforts, involving ICT companies, technologists, academics, and civil society advocates, as well as governments.