Dear Israel, On the first: Firstly this term and WSIS are not strangers. For example the General Assembly linked them explicitly as far back as 2004 and then again in 2009 and in fact makes clear that protecting CII is integral to delivery of WSIS’ objectives. See A/RES/64/211 and A/RES/58/199. CII has also been referenced in the subsequent work of the UN GGE and OEWG I and II. Secondly, we need more member-states to implement the norms of responsible state behavior because that would decrease global cyber insecurity, and addressing cyber insecurity is a global priority. The current resolution’s language on cybersecurity is very poor: the only thing it recognizes really is two processes which have extremely poor stakeholder modalities. These allow any single state to veto the participation of any single NGO (which Russia does routinely to almost all developed country voices from the private sector as well as human rights NGOs and many others. If that’s the only substantive element in this section then that section will be badly out of step with the whole rest of the document in stressing multistakeholderism. WSIS is meant to holistically address how ICTs can be leveraged for sustainable development. The confidence and security part of WSIS has had a troubled past, but this is a chance to do something constructive: 1. Call for implementation of UNGA consensus norms that would promote greater online security in the positive sense; 2. Continue to recognize CII, just correcting the term; 3. Bring back the CERT language as without a CERT countries are missing a key part of the very basic foundations of cybersecurity and many countries still don’t have one (FYI nobody was against keeping this language, it was dropped as part of streamlining the text overall). 4. And ideally, also call upon member-states to ensure that multistakeholder participation in the new cybersecurity mechanism is robust and congruent with the WSIS approach (where there are no vetoes). If anyone wants to talk more about this I’m glad to, and I can provide agreed text that could be used for these various purposes. Bottom line: I don’t believe the current treatment of cybersecurity is meaningful, or even congruent with the rest of the text. We should be advocating for meaningful improvements (for the avoidance of doubt, on the ground in New York, I am doing exactly that). -- Nick Ashton-Hart APCO (m) +<tel:+971%2055%209548671>1 202 779 1072 nashtonhart@apcoworldwide.com<mailto:nashtonhart@apcoworldwide.com> From: Israel Rosas via wsis20 <wsis20@icann.org> Date: Saturday, November 15, 2025 at 9:49 AM To: wsis20 <wsis20@icann.org> Subject: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation Hi Nick, all, I think there are at least two aspects to consider about this language. An interesting discussion is whether it strategically makes sense to incorporate these references into the WSIS framework. On the other side, I also wonder about the practical implications of trying to incorporate a term whose shared understanding may be open to different interpretations when negotiators are running out of time in this process. Best, Isra Isra Rosas, Director, Partnerships and Internet Development Internet Society From: Ashton-Hart, Nick via wsis20 <wsis20@icann.org> Date: Saturday, November 15, 2025 at 9:35 AM To: Fiona Alexander <fionaa@american.edu>, Mona Gaballa <gaballa@isoc.org>, jen--- via wsis20 <wsis20@icann.org> Subject: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation Dear Fiona, I take your point but in a paragraph about international cybersecurity I don’t see that it matters whether it has been used in WSIS or not. The agreement on what constitutes critical information infrastructure in the UN context postdates WSIS, as does AI and many other things that the review is referencing. It is also easy enough to make clear where this comes from in the text, though candidly anyone working in international cybersecurity policy in multilateral institutions will know what it means, which is the point. Best, Nick -- Nick Ashton-Hart APCO (m) +<tel:+971%2055%209548671>1 202 779 1072 nashtonhart@apcoworldwide.com<mailto:nashtonhart@apcoworldwide.com> From: Fiona Alexander <fionaa@american.edu> Date: Friday, November 14, 2025 at 7:48 PM To: Mona Gaballa <gaballa@isoc.org>, jen--- via wsis20 <wsis20@icann.org>, Ashton-Hart, Nick <nashtonhart@apcoworldwide.com> Subject: Re: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation Hi Nick I would actually agree with Mona in the context of WSIS +20. Neither the wording critical Internet infrastcture nor critical information infrastructure are commonly used phrasing in the context of WSIS. Perhaps it might be more common in the various New York based cybersecurity workstreams. Designating something as “critical” irrespective of the additional words can carry a variety of domestic regulatory obligations depending on the national jurisdiction. At the international level it’s not something I’ve seen used in regards to the Internet in this cluster, so as Mona’s comment highlights it doesn’t have an agreed definition, scope or shared understanding. Fiona ________________________________ From: Ashton-Hart, Nick via wsis20 <wsis20@icann.org> Sent: Friday, November 14, 2025 6:07 PM To: Mona Gaballa <gaballa@isoc.org>; jen--- via wsis20 <wsis20@icann.org> Subject: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation External Email: Use caution with links and attachments. Thanks Mona, for sending this around, I have one concern about and otherwise excellent statement. I question deletion of the reference to “critical internet infrastructure” - while the correct term is “critical information infrastructure,” protecting that as a form of critical infrastructure should be something we can all support. Critical infrastructure protection is a different order of magnitude than simply protecting infrastructure is, as critical infrastructure includes those forms of infrastructure which are necessary to life and health. I think we would all agree that the Internet is fundamental to health and welfare in the modern world. I would request that instead of deleting this phrase we simply call for the term to be corrected. I am of course always open to thoughts. -- Nick Ashton-Hart APCO (m) +<tel:+971%2055%209548671>1 202 779 1072 nashtonhart@apcoworldwide.com<mailto:nashtonhart@apcoworldwide.com> From: Mona Gaballa via wsis20 <wsis20@icann.org> Date: Friday, November 14, 2025 at 2:45 PM To: jen--- via wsis20 <wsis20@icann.org> Subject: [wsis20] Internet Society's intervention during the WSIS+20 virtual stakeholder consultation Hi everyone, Please find the Internet Society's intervention during the WSIS+20 Virtual Stakeholder Consultation on Rev1 earlier today. * On behalf of the Internet Society, I would like to begin by thanking you, DESA and the co-facilitators, for keeping the WSIS process as open and transparent as possible, and for welcoming stakeholders views on t views on the first revision of the zero draft. The Internet Society is committed to bridging the digital divide by supporting connectivity and sustainable infrastructure, and to ensuring the Internet remains an open, secure and trusted global resource for everyone. On this occasion, noting time is running short, we would like to offer some general remarks and recommendations to keep the text crisp, concise and action focused. The Internet is empowering more people, more services, and more development opportunities than ever. Which is precisely why the WSIS+20 review outcome document should reinforce what keeps it open, globally connected, secure, and trustworthy. Firstly, we would like to note that the section entitled “Enabling environment for digital development”, should explicitly include elements that help achieve an enabling environment. Paragraph 48 should include measures such as “proportionate taxation and licensing fees, access to finance, facilitation of public-private partnerships, multistakeholder cooperation, national and regional broadband strategies, efficient allocation of radio frequency spectrum, infrastructure sharing models, community-based approaches, and public access facilities.” Secondly, in paragraph 53, we note the reference to “critical Internet infrastructure”, which has no agreed definition, and would like to call for it’s deletion, as the paragraph already importantly recognizes the efforts to protect infrastructure. Additionally, we welcome the substantive changes introduced to the “Internet Governance” section. Including the permanent mandate of the Internet Governance Forum (IGF) and the recognition of the NETmundial+10 guidelines for multistakeholder collaboration and consensus building. As well as paragraph 120 which provides recommendations on how to strengthen coherence between the WSIS vision and GDC commitments. However, paragraph 101, which invites the Secretary-General to make proposals concerning future funding of the IGF , needs to be done in consultation with existing IGF funders and stakeholders to ensure stable, predictable, and sustainable financial support of the Forum. Regarding paragraph 119, we recommend retaining the call for multistakeholder advice to UNGIS to ensure more effective collaboration, information exchange, and to avoid duplication. As we noted in the previous consultation, the Internet Society will keep working with our global community of chapters, individual and organization members to translate these priorities into additional concrete recommendations as the process reaches its final stages. Our aim is the same as yours: a WSIS+20 outcome that people can rally around, that strengthens multistakeholder collaboration, and that keeps the Internet open, globally connected, secure and trustworthy for everyone. Warm regards, Mona Gaballa, Senior Advisor, Institutional Relations gaballa@isoc.org | +19082799933 [cid:b54d5039-cdbb-407d-8656-8b2572ce6bed] internetsociety.org | @internetsociety ________________________________ DATA HANDLING For data handling questions, please view our Privacy Policy<https://urldefense.com/v3/__https://apcoworldwide.com/privacy-policy/__;!!Ia...> or contact us at privacy@apcoworldwide.com<https://urldefense.com/v3/__https://*20privacy@apcoworldwide.com/__;JQ!!IaT_...> with any inquiries. CONFIDENTIALITY This email may contain material that is confidential, privileged and/or work product for the sole use of the intended recipient. Any review, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
