United Nations (UN)
Last Updated: January 2019
Policy
Strategy Documents
ICT Strategy (A/69/517)
General Assembly, Office of Information and Communications Technology
Comprises a section on information security: states that the Office of Information and Communications Technology has established a comprehensive information security framework for the Secretariat, building on the interim initiatives identified in the report of the Secretary-General in the areas of prevention, incident detection and response, and goevrnance, risk and compliance.
10 October 2014
Other Documents
Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (A/72/327)
Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Report of the Secretary-General on the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security. No consensus was reached on a final report.

14 August 2017
Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (A/70/174)
Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.

22 July 2015
Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (A/68/98)
Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.

24 June 2013
Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (A/65/201)
Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.

30 July 2010
Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (A/60/202)
Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security

Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.

5 August 2005
Report of the Office of the United Nations High Commissioner for Human Rights: The right to privacy in the digital age (A/HRC/27/37)
Human Rights Council
• Report on the protection and promotion of the right to privacy in the context of domestic and extraterritorial surveillance and/or the interception of digital communications and the collection of personal data, including on a mass scale, to the Human Rights Council;
• Mandated by the General Assembly through the adoption of resolution 68/167.
30 June 2014
Comprehensive Study on Cybercrime
UNODC
  • Mandated by General Assembly Resolution 65/230 to "examining options to strengthen existing and to propose new national and international legal or other responses to cybercrime";
  • Prepared for the open-ended intergovernmental expert group on cybercrime;
  • Addresses the following topics covered in eight chapters: (1) Connectivity and cybercrime, (2) The global picture, (3) Legislation and frameworks, (4) Criminalization, (5) Law enforcement and investigations, (6) Electronic evidence and criminal justice, (7) International cooperation, and (8) Prevention.
February 2013
Report of the Secretary-General: Strengthening the United Nations Crime Prevention and Criminal Justice Programme, in particular its technical cooperation capacity
UN Secretary-General
Includes section on High-technology and computerrelated crime, which cites findings of Resolution 56/121 and Report on Effective Measures to Prevent and Control Computer-Related Crime (E/CN.15/2002/8)
2 July 2002
Report of the Secretary-General: Effective measures to prevent and control computer-related crime
UN Secretary-General
Provides a brief overview of ongoing efforts to prevent and control high technology and computer-related crime, highlighting general trends and developments within and outside the United Nations
29 January 2002
Communications
Compendium on the High Level Review of United Nations Sanctions
UN Secretariat
Contains five recommendations for tackling issues of cybercrime, including:
• 147: The Security Council should enhance investigative capacities and strengthen international cooperation to determine which countries and/or individuals or entities are responsible for abuses of cyberspace affecting international peace and security, facilitating the imposition of UN sanctions
2015
"The mapping of international Internet public policy issues"
Intersessional Panel of the Commission on Science and Technology for Development, ECOSOC

Aims to create a more comprehensive set of information on international public policy issues pertaining to the Internet, the mechanisms dealing with these issues, and potential gaps in those mechanisms

21 November 2014
Countering the Use of the Internet for Terrorist Purposes - Legal and Technical Aspects, Working Group Compendium
UN Counter-Terrorism Implementation Task Force
Details strategic approaches (and provides recommendations) to addressing challenges of terrorist use of the internet, including:
•Applying existing cybercrime legislation
• Applying existing (non Internet specific) terrorism legislation
Developing specific legislation dealing with terrorist use of the internet
May 2011
Structure
Specialized Agencies
United Nations Office for Disarmament Affairs
  • Established in January 1998 as the Department of Disarmament Affairs, the United Nations Office for Disarmament Affairs provides substantive and organizational support for norm-setting in the area of disarmament through the work of the General Assembly and its First Committee, the Disarmament Commission, the Conference on Disarmament and other bodies.
  • Provides support for multilateral discussions, including the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, which has been on the UN agenda since the Russian Federation in 1998 first introduced a draft resolution in the First Committee of the UN General Assembly.
1998
International Telecommunications Union

Based on the guidance of the World summit on the Information Society and the ITU Plenipotentiary Conference, tasked with building confidence and security in the use of information and communication technologies.

United Nations Institute for Disarmament Research

• Voluntarily funded autonomous institute within the United Nations that generates ideas and promotes action on disarmament and security
• Its Emerging Security Issues Programme currently comprises several projects in cyber;
• Has supported in the past the work of the GGE on Developments in the Field of Information and Telecommunications in the Context of International Security (2009-2010; 2012-2013; 2014-2015; 2016-2017).

United Nations Office on Drugs and Crime

Draws upon its specialized expertise on criminal justice systems response to provide technical assistance in capacity building, prevention and awareness raising, interantional cooperation, and data collection, research and analysis on cybercrime.

Office of Information and Communications Technology

• Responsible for defining strategic direction for ICT to the UN Secretariat;
• Submitted the ICT Strategy (A/69/517), defining the roadmap for ICT for five years, providing a common vision for ICT delivery in the UN through modernization, transformation and innovation.

Legislation
Regulations and Directives
Resolutions and Reports on Developments in the field of information and telecommunications in the context of international security
General Assembly
Adoption by the UNGA of resolutions and reports related to developments in the field of information and telecommunications in the context of international security:
• Resolutions: 71/28 (2016); 70/237 (2015); 69/28 (2014); 68/243 (2013); 67/27 (2012); 66/24 (2011); 65/41 (2010); 64/25 (2009); 63/37 (2008); 62/17 (2007); 61/54 (2006); 60/45 (2005); 59/61 (2004); 58/32 (2003); 57/53 (2002); 56/19 (2001); 55/28 (2000); 54/49 (1999); 53/70 (1998);
• Reports: 72/315 (2017).
1998 (since)
Resolution on The right to privacy in the digital age (A/RES/68/167)
General Assembly
• Reaffirms the right to privacy;
• Affirms that the same rights that people have offline must also be protected online.
18 December 2013
Resolution on the Creation of a global culture of cybersecurity and taking stock of national efforts to protect critical information infrastructures (A/RES/64/211)
General Assembly
• Invites Member States to use the annexed voluntary self-assessment tool for national efforts to protect critical information infrastructures in order to assist in assessing their efforts in this regard to strengthen their cybersecurity;
• Encourages sharing of best practices and measures
21 December 2009
Resolution on the Creation of a global culture of cybersecurity and the protection of critical information infrastructures (A/RES/58/199)
General Assembly
• Invites Member States to use the annexed elements in developing their strategies for reducing risks to critical information infrastructures
• Encourages sharing of best practices and measures
30 January 2004
Resolution on the Creation of a global culture of cybersecurity (A/RES/57/239)
General Assembly
• Invites Member States to use annexed elements in their efforts to develop throughout their societies a culture of cybersecurity in the application and use of information technologies
• Encourages sharing of best practices and measures
31 January 2003
Resolution on Combating the criminal misuse of information technologies (A/RES/56/121)
General Assembly
Invites Member States to take into account the work and achievements of the commission on Crime Prevention and Criminal Justice and of other international and regional organizations, as well as the measures set forth in Resolution 55/63
23 January 2002
Resolution on Combating the criminal misuse of information technologies (A/RES/55/63)
General Assembly
Identifies measures aimed to combat the criminal misuse of information technologies, including information exchange, law enforcement cooperation and training, mutual assistance regimes, and others.
22 January 2001
Cooperation
Meetings
Annual Cyber Stability Conference
UNIDIR
Annual Cyber Stability Conference (since 2012) allows stakeholders to discuss how to take pragmatic steps towards a more stable and predictable cyber security environment, with a specific focus on the risks of escalation in times of conflict, and the implementation of transparency and confidence-building measures
26 September 2018
World Summit on the Information Society (WSIS) Forum 2018
ITU, UNCTAD, UNDP, UNESCO
Key forum for discussing the role of ICTs as a means of implementation of the Sustainable Development Goals and targets
20-21 March 2018
UN Group of Governmental Experts on developments in the field of ICTs in the context of international security
UNGA
• Issue of information seucirty on the UN agenda since the Russian Federation in 1998 first introduced a draft resolution in the First Committee of the UN General Assembly (adopted A/RES/53/70);
• Five GGEs so far.
2004-2005; 2009-2010; 2012-2013; 2014-2015; 2016-2017
Open-ended intergovernmental expert group to conduct a comprehensive study on the problem of cybercrime
UNODC
• Mandated by the Economic and Social Council (Resolution 2010/18) and the General Assembly (Resolution 65/230) to conduct a comprehensive study on the problem of cybercrime and responses to it by Member States, the international community and the private sector, including the exchange of information on national legislation, best practices, technical assistance and interntional cooperation;
• Aims to examine options to strengthen existing and to propose new national and international legal or other responses to cybercrime
2011; 2013; 2017; 2018
Arria-Formula Meeting on Threats to Peace and Security Caused by Terrorist Acts (Cybersecurity)
UN Security Council
Chaired by Senegal and Spain, with participants representing Telefonica Internacional USA, ICT4Peace Foundation, FireEye iSIGHT Intelligence, among others
28 November 2016
Activities
High-Level Panel on Digital Cooperation
UN Secretary-General
• Convened to advance proposals to strengthen cooperation in the digital space among Governments, the private sector, civil society, international organizations, technical and academic communities and other relevant stakeholders.
• Expected to raise awareness about the transformative impact of digital technologies across society and the economy, and contribute to the broader public debate on how to ensure a safe and inclusive digital future for all, taking into account relevant human rights norms.
July 2018
International Security Cyber Issues Workshop Series
UNIDIR, Center for Strategic and International Studies
Goal is to promote common understandings among governments, academics and technologists on problems for peace and stability in cyberspace and on a range of possible solutions at the regional and multilateral levels.
2015-2016
"Combatting Cybercrime: Tools and Capacity Building for Emerging Economies" Toolkit
ITU, UNCTAD, UNICRI, UNODC
Includes resources aimed at building capacity among policy-makers, legislators, public prosecutors & investigators, and civil society in developing countries in the policy, legal and criminal justice aspects of the enabling environment to combat cybercrime
2016
Global Cybersecurity Index
ITU
• Multi-stakeholder initiative to measure the commitment of countries to the ITU's Global Cybersecurity Agendathrough surveys;
• Aims to instigate international cooperation and promote knowledge exchange on this topic;
• Iterations of the project result in reports (third iteration currently in progress).
2013-2014 (first iteration)
United Nations Group on Cybercrime and Cybersecurity
ITU, UNODC
• To address programme policy aspects of the work and to foster coordination and collaboration within the United Nations system
• Offered report to the High-Level Committee on Programmes at its 28th session in November 2014
17 October 2013
Digital Blue Helmets Programme
Office of Information and Communications Technology
• Will serve as a common platform for rapid information exchange and better coordination of protective and defensive measures against cyber threats to the UN, and aligns the Organization's cyber operations and cybersecurity policy, frameworks and legal activities;
• Ultimately aims to support the UN's efforts in the areas of peace and security, sustainable development, international law, human rights and humanitarian aid through coordinated policy development, monitoring, response and mitigation strategies.
Global Programme on Cybercrime
UNODC
• Mandated by the UNGA and the Commission on Crime Prevention and Criminal Justice to assist Member States in their struggle against cyber-related crimes through capacity building and technical assistance;
• Comprises as part of the Programme the Cybercrime Repository, a central data repository of cybercrime laws and lessons learned for the purposes of facilitating the continued assessment of needs and criminal justice capabilities and the delivery and coordination of technical assistance.
External Cooperation
Private Sector Engagement in Responding to the Use of the Internet and ICT for Terrorist Purposes: Strengthening Dialogue and Building Trust
Security Council Counter-Terrorism Committee and ICT4Peace Foundation

Goal is to identify the emergence of norms of voluntary self-regulation amongst the private sector in their responses to terrorist use of their products and services, highlight multi-stakeholder and public-private initiatives aimed at supporting efforts in this area, identify persisting challenges, and recommend further areas for engagement

December 2016