The British government’s stance on cyber security and Internet governance firmly favours a multi-stakeholder approach with a substantively large role for the private sector, at a time when the world is grappling with serious policy and Internet jurisdiction questions in the wake of the Snowden exposés.
The British Minister for Cabinet Office, Francis Maude, MP, who bears direct responsibility for the U.K.’s cyber security policies made this plain in a 25-minute address here at the Observer Research Foundation.
Arguing a case for a smaller role for governments, he said, “The important thing is that we do not dilute the characteristics that have made the Internet successful, so we don’t favour a leading role for the government in managing the Internet. That’s because we know, being a government, that they work slowly, whereas the Internet is changing constantly.”
Cautioning governments against taking a more aggressive role, he added, “The Internet developed despite the government, not because of the government. We need to ensure that we don’t place a dead hand on the future of the Internet which can hold back its future.”
The Minister also provided an insight into the British government’s approach in the ongoing multi-stakeholder approach to enhanced cooperation deliberations underway in Geneva, through a United Nations Commission for Science and Technology Development (UN-CSTD) Working Group, of which India and the U.K. are members along with nearly 20 other countries. He said, “We must be wary of an approach which seeks to extend formal government regulation onto a medium, on which people are very dependent, and which liberates them from the government and intermediates the bureaucracy.”
When asked about the divided views on Internet governance between countries such as Russia, China those in the Middle-East as compared to the US, Europe and other western countries, he said, acknowledging the difference that “We have to be careful that the real issues in cyber security are not used as a pretext for suppressing access to the Internet.”
Borrowing an earlier line from by Minister of Communications and IT. Kapil Sibal, Mr. Maude said “Internet is a massive force for good. With everything that is liberating, comes risk. And the risk must be dealt with a proportionate, measured way.”
Disclosing that the U.K. was now setting up a Computer Emergency Response Team (CERT-UK), Mr. Maude said, “We are now establishing a new CERT-UK to improve national coordination of cyber instances and to act as focal point for international sharing of critical information on cyber security. We are behind where India already is but we look forward to working closely with CERT-IN once our CERT is fully operational.”
CERT-IN is led by Gulshan Rai who has played a pivotal role in formulating the recently released Cyber Security Policy of India.
Emphasizing the importance of having a strong domestic law enforcement structure working in collaboration with the private sector, the Minister said that the British government, in the area of cybercrime, “had successfully, saved £18-27 billion a year. It’s a price that we or any other country cannot afford to continue to pay. India’s costs are lower than that today, but there should be no doubt, that they will increase as the economy continues to grow and is based increasingly on technology and innovations.”
Mr. Maude used the London Olympics to explain how the British government has successfully thwarted cyber-attacks and how, while the U.K. had learned lessons from the 2008 Beijing Olympics, and the 2010 New Delhi Commonwealth Games, — the cooperation is now being extended by London cyber security experts to the Brazilians, who are hosting the 2016 Olympics.
Arguing vehemently for an approach which allows all stakeholders to play their respective and equal roles in cyber security he emphasised, “We continue to support the multi-stakeholder model of Internet governance, proposed by the world summit. The approach must continue to be open, inclusive and interactive.”