Hi, the term "Criticial information infrastructure" is established language in the multilateral cybersecurity negotiations under the 1st UNGA Committee and within the OEWG (now the new "Global Mechanism") since years. It has even an own acronym: "CII". This isa differentz von "critical infrastructure" (CI), that is energy, water etc. It is rooted in one of the eleven GGE norms from 2015: "States should take appropriate measures to protect their critical infrastructure from ICT threats, taking into account General Assembly resolution 58/199 on the creation of a global culture of cybersecurity and the protection of critical information infrastructures, and other relevant resolutions;". The norm was more specified later, inter alia by the recommendations of the Global Commission on Stability in Cyberspace (GCSC) in 2019 which added the need "to protect the public core of the Internet". The GCSC Final Report from 2019 proposed as an additional norm "State and non-state actors should neither conduct nor knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.". The GCSC understanding of the public Internet core included both the "critical Internet ressources" (CIR) as domain names, Internet protocols, IP adresses, as discussed in the WSIS/IGF/ICANN context, as well as the whole underlying infrastructure of servers, (undersea) cables and satellites, as discussed in the various GGEs. A new element in the proposed GCSC norm was, that it calls on "state and non-state actors", that is, it went beyond the "narrow approach" of the GGEs/OEWG, which included only state actors, and supports the inclusion of non-govcernmental stakeholderrs in cybersecurity negotiations, an issue which is still unsettled in the new "Global Mechanism". Insofar it would make sense a. to avoid new language as "critical Internet infrastructure" and to go back to "critical information infrastrutcure" (CII) and b. to have stronger references to the UN cybersecurity negotiations and to call for the inclusion of non-governmental stakeholders in the new "Global Mechanism" . Wolfgang Ashton-Hart, Nick via wsis20 <wsis20@icann.org> hat am 15.11.2025 15:33 CET geschrieben:
Dear Fiona,
I take your point but in a paragraph about international cybersecurity I don’t see that it matters whether it has been used in WSIS or not. The agreement on what constitutes critical information infrastructure in the UN context postdates WSIS, as does AI and many other things that the review is referencing. It is also easy enough to make clear where this comes from in the text, though candidly anyone working in international cybersecurity policy in multilateral institutions will know what it means, which is the point.
Best, Nick
-- Nick Ashton-Hart APCO (m) + tel:+9715595486711 202 779 1072 nashtonhart@apcoworldwide.com mailto:nashtonhart@apcoworldwide.com
From: Fiona Alexander <fionaa@american.edu> Date: Friday, November 14, 2025 at 7:48 PM To: Mona Gaballa <gaballa@isoc.org>, jen--- via wsis20 <wsis20@icann.org>, Ashton-Hart, Nick <nashtonhart@apcoworldwide.com> Subject: Re: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation
Hi Nick
I would actually agree with Mona in the context of WSIS +20. Neither the wording critical Internet infrastcture nor critical information infrastructure are commonly used phrasing in the context of WSIS. Perhaps it might be more common in the various New York based cybersecurity workstreams.
Designating something as “critical” irrespective of the additional words can carry a variety of domestic regulatory obligations depending on the national jurisdiction. At the international level it’s not something I’ve seen used in regards to the Internet in this cluster, so as Mona’s comment highlights it doesn’t have an agreed definition, scope or shared understanding.
Fiona
--------------------------------------------- From: Ashton-Hart, Nick via wsis20 <wsis20@icann.org> Sent: Friday, November 14, 2025 6:07 PM To: Mona Gaballa <gaballa@isoc.org>; jen--- via wsis20 <wsis20@icann.org> Subject: [wsis20] Re: Internet Society's intervention during the WSIS+20 virtual stakeholder consultation
External Email: Use caution with links and attachments. Thanks Mona, for sending this around, I have one concern about and otherwise excellent statement.
I question deletion of the reference to “critical internet infrastructure” - while the correct term is “critical information infrastructure,” protecting that as a form of critical infrastructure should be something we can all support. Critical infrastructure protection is a different order of magnitude than simply protecting infrastructure is, as critical infrastructure includes those forms of infrastructure which are necessary to life and health.
I think we would all agree that the Internet is fundamental to health and welfare in the modern world.
I would request that instead of deleting this phrase we simply call for the term to be corrected.
I am of course always open to thoughts.
-- Nick Ashton-Hart APCO (m) + tel:+9715595486711 202 779 1072 nashtonhart@apcoworldwide.com mailto:nashtonhart@apcoworldwide.com
From: Mona Gaballa via wsis20 <wsis20@icann.org> Date: Friday, November 14, 2025 at 2:45 PM To: jen--- via wsis20 <wsis20@icann.org> Subject: [wsis20] Internet Society's intervention during the WSIS+20 virtual stakeholder consultation
Hi everyone,
Please find the Internet Society's intervention during the WSIS+20 Virtual Stakeholder Consultation on Rev1 earlier today. * On behalf of the Internet Society, I would like to begin by thanking you, DESA and the co-facilitators, for keeping the WSIS process as open and transparent as possible, and for welcoming stakeholders views on t views on the first revision of the zero draft.
The Internet Society is committed to bridging the digital divide by supporting connectivity and sustainable infrastructure, and to ensuring the Internet remains an open, secure and trusted global resource for everyone.
On this occasion, noting time is running short, we would like to offer some general remarks and recommendations to keep the text crisp, concise and action focused.
The Internet is empowering more people, more services, and more development opportunities than ever. Which is precisely why the WSIS+20 review outcome document should reinforce what keeps it open, globally connected, secure, and trustworthy.
Firstly, we would like to note that the section entitled “Enabling environment for digital development”, should explicitly include elements that help achieve an enabling environment.
Paragraph 48 should include measures such as “proportionate taxation and licensing fees, access to finance, facilitation of public-private partnerships, multistakeholder cooperation, national and regional broadband strategies, efficient allocation of radio frequency spectrum, infrastructure sharing models, community-based approaches, and public access facilities.”
Secondly, in paragraph 53, we note the reference to “critical Internet infrastructure”, which has no agreed definition, and would like to call for it’s deletion, as the paragraph already importantly recognizes the efforts to protect infrastructure.
Additionally, we welcome the substantive changes introduced to the “Internet Governance” section.
Including the permanent mandate of the Internet Governance Forum (IGF) and the recognition of the NETmundial+10 guidelines for multistakeholder collaboration and consensus building.
As well as paragraph 120 which provides recommendations on how to strengthen coherence between the WSIS vision and GDC commitments.
However, paragraph 101, which invites the Secretary-General to make proposals concerning future funding of the IGF , needs to be done in consultation with existing IGF funders and stakeholders to ensure stable, predictable, and sustainable financial support of the Forum.
Regarding paragraph 119, we recommend retaining the call for multistakeholder advice to UNGIS to ensure more effective collaboration, information exchange, and to avoid duplication.
As we noted in the previous consultation, the Internet Society will keep working with our global community of chapters, individual and organization members to translate these priorities into additional concrete recommendations as the process reaches its final stages.
Our aim is the same as yours: a WSIS+20 outcome that people can rally around, that strengthens multistakeholder collaboration, and that keeps the Internet open, globally connected, secure and trustworthy for everyone.
Warm regards, Mona Gaballa, Senior Advisor, Institutional Relations gaballa@isoc.org | +19082799933 internetsociety.org | @internetsociety
--------------------------------------------- DATA HANDLING
For data handling questions, please view our Privacy Policy https://urldefense.com/v3/__https://apcoworldwide.com/privacy-policy/__;!!Ia... or contact us at privacy@apcoworldwide.com https://urldefense.com/v3/__https://*20privacy@apcoworldwide.com/__;JQ!!IaT_... with any inquiries.
CONFIDENTIALITY
This email may contain material that is confidential, privileged and/or work product for the sole use of the intended recipient. Any review, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. _______________________________________________ Learn more about the WSIS+20 Outreach Network and review relevant resources: https://go.icann.org/wsis20 Read the public archives for this mailing list: https://mm.icann.org/pipermail/wsis20/ _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
