WS 9: Non-state actors in Europe and beyond: The true shapers of cybersecurity norms?!

Ilona Stadnik

• A strong regulation of cyberspace could stifle innovation and development.

• The understanding of norms differs from strict legal rules to self-regulation. Moreover, there is a problem in the acknowledgment of the existing principles – ‘western principles’ vs. ‘eastern principles’.

• States have made great progress in negotiating principles for cyberspace regulation, despite some failures, such as the recent GGE in 2017.

• Transnational commercial giants cannot dictate international conventions for cyberspace. It is the responsibility of states to come to legally binding norms. The industry has its own interests in the norm-making process to enable the development of their markets. Civil society is likely to stimulate the industry to come to norms, rather than produce independent initiatives.

• Politics is inevitable in cyberspace due to the ongoing cyber-arms race. In contrast to cyberwar, the issue of cyber stability provides more space for all stakeholders to contribute to the drafting of rules that would ensure the development of information society and digital economy.

• There is a disconnection between the new technologies and the response of the regulators. Therefore, self-regulation by the industry may serve as a starting point for building norms on an international level.
• All stakeholders are responsible for their actions in cyberspace.