Participants in the Fourth Parliamentary Forum on Shaping the Information Society agreed that the subject of cybersecurity was highly relevant to them. Computer networks underpin the functioning of every country in the world. As well as a huge opportunity for economic, social and cultural development, this dependency can be seen as a major vulnerability.
Parliamentarians have primary responsibility for the creation of a suitable legal framework to ensure cybersecurity. In such a fast-moving environment, the role of the law is to establish the general principles, but not to enter into great detail, or it would become outdated in six months. Regulatory authorities should be tasked with the detailed implementation of the law, in close engagement with the private sector. Yet parliamentarians recognize that a purely national approach can not go far enough to combat cybercrime.
International cooperation is necessary, much more than there is today. Harmonization of legal frameworks is a desirable goal. There are nevertheless hefty challenges. These were discussed by the 150 participants, including many members of parliamentary committees on telecommunications, ICT and the information society.
What constitutes a cybercrime? There is significant variation in the definitions in existing national legislation. Criminal offences initiated outside the national territory are slow and difficult to prosecute. Well-organized crime networks have massively invested the internet. They work from ‘cyberhavens’ where there are legislative loopholes, and are able to move their activities to another location in a matter of seconds. Provisions for international cooperation are generally lacking or inadequate. There little prospect of an internationally-agreed instrument to fight cybercrime in the near future.
To move ahead, participants adopted a brief Declaration, which calls for the Global Centre for ICT in Parliament to set up a working group of parliamentarians to examine ways to harmonize national cybersecurity legislation. In doing so, it should take as a starting point the existing international and regional initiatives, such as the European Convention on Cybercrime and the International Telecommunication Union’s Global Cybersecurity Agenda.