| A | B | C | D | E | F | G | |
|---|---|---|---|---|---|---|---|
1 | Texts modifications suggested | ||||||
2 | Original (Rev. Guadalajara 2010) - complete version | Brazil --- MOD B/75/4 | RCC | Arb | Indonesia | Cuba | CEPT --- MOD EUR/80A1/14 |
3 | RECALLING | ||||||
4 | recalling a) Resolution 130 (Rev. Antalya, 2006) of the Plenipotentiary Conference; b) Resolution 69 (Hyderabad, 2010) of the World Telecommunication Development Conference (WTDC), on the creation of national computer incident response teams (CIRTs), particularly for developing countries, and cooperation between them; c) that ITU Council Resolution 1305, adopted at its 2009 session, identified the security, safety, continuity, sustainability and robustness of the Internet as public policy issues that fall within the scope of ITU, | recalling 'd) that the United Nations General Assembly Resolution 68/167, on the right to privacy in the digital age, affirms, inter alia, "that the same rights the people have off line must also be protected on line, including the right to privacy”, | a) United Nations General Assembly (UNGA) Resolution 68/198, on information and communication technologies (ICTs) for development; b) UNGA Resolution 68/167, on the right to privacy in the digital age; c) UNGA Resolution 68/243, on developments in the field of information and telecommunications in the context of international security; d) the outcome documents of the WSIS+10 High-Level Event, containing the WSIS+10 Statement on the Implementation of WSIS Outcomes and the WSIS+10 Vision for WSIS Beyond 2015; e) Resolution 174 (Rev. Guadalajara, 2010) of the Plenipotentiary Conference; f) Resolution 181 (Rev. Guadalajara, 2010) of the Plenipotentiary Conference; g) Resolution 45 (Rev. Dubai, 2014) of the World telecommunication Development Conference (WTDC), on mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam; h) WTDC Resolution 69 (Rev. Dubai, 2014), on the creation of national computer incident response teams (CIRTs), particularly for developing countries, and cooperation between them; i) that ITU Council Resolution 1305, adopted at its 2009 session, identified the security, safety, continuity, sustainability and robustness of the Internet as public policy issues that fall within the scope of ITU, | a) Article 6, on security and robustness of networks, and Article 7, on unsolicited bulk electronic communications, of the International Telecommunication Regulations; | |||
5 | e) that Council Resolution 1336, adopted at its 2011 session, established a working group of the Council on international Internet-related public policy issues (CWG-Internet), whose terms of reference are to identify, study and develop matters related to international Internet-related public policy issues, including those issues identified in Council Resolution 1305 (2009); f) Resolution 68/167 adopted by the United Nations General Assembly in 2013 emphasized that unlawful or arbitrary surveillance and/or interception of communications, as well as unlawful or arbitrary collection of personal data, as highly intrusive acts, violate the rights to privacy and to freedom of expression and may contradict the tenets of a democratic society, and expressed deep concern at the negative impact that surveillance and/or interception of communications, including extraterritorial surveillance and/or interception of communications, as well as the collection of personal data, in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights, | ||||||
6 | CONSIDERING | ||||||
7 | a) the crucial importance of information and communication infrastructures and their applications to practically all forms of social and economic activity; | see BR proposal on recognizing - reduced version will fit here in substitution to RCC | a) that the WSIS+10 Vision for WSIS Beyond 2015 identified, inter alia, the following as priority areas to be addressed in the implementation of the WSIS Vision: – building confidence and security in the use of ICTs, notably on topics such as personal data protection, privacy, security and robustness of networks; – promoting a culture of online security and safety, empowering users, and encouraging national, regional and international cybersecurity strategies to protect users, including children; | ||||
8 | b) that, with the application and development of information and communication technologies (ICTs), new threats from various sources have emerged that have had an impact on confidence and security in the use of ICTs by all Member States, Sector Members and other stakeholders, including all users of ICTs, and on the preservation of peace and the economic and social development of all Member States, and that threats to and vulnerabilities of networks continue to give rise to ever-growing security challenges across national borders for all countries, in particular developing countries, including the least developed countries, small island developing states, landlocked developing countries and countries with economies in transition, while noting in this context the strengthening of ITU's role in building confidence and security in the use of ICTs and the need to further enhance international cooperation and develop appropriate existing national, regional and international mechanisms (for example, agreements, best practices, memorandums of understanding, etc); c) that the ITU Secretary-General has been invited to support the International Multilateral Partnership Against Cyber-Threats (IMPACT), the Forum for Incident Response and Security Teams (FIRST) and other global or regional cybersecurity projects, as appropriate, and all countries, particularly developing countries, have been invited to take part in their activities; | b) such as phishing, botnets, distributed denial of service, and so on – the serious consequences of which include the possible covert and illegal use by individuals, organizations and States of the computer systems of other nations to attack third countries – | |||||
9 | d) the ITU Global Cybersecurity Agenda (GCA); | brazil have a proposal in aware section | e) the ITU Global Cybersecurity Agenda (GCA), which encourages international cooperation aimed at proposing strategies for solutions to enhance confidence and security in the use of telecommunications/ICTs; | ||||
10 | e) that, in order to protect these infrastructures and address these challenges and threats, coordinated national, regional and international action is required for prevention, preparation, response and recovery from computer security incidents, on the part of government authorities at the national (including the creation of national CIRTs and sub-national levels, the private sector and citizens and users, in addition to international and regional cooperation and coordination, and that ITU has a lead role to play within its mandate and competencies in this field; d) the need for continual evolution in new technologies to support the early detection of, and coordinated and timely response to, events or incidents compromising computer security, or computer network security incidents that could compromise the availability, integrity and confidentiality of critical infrastructures in ITU Member States, and for strategies that will minimize the impact of such incidents and mitigate the growing risks and threats to which such platforms are exposed, | h) that the number of cyberattacks is growing, and they are becoming increasingly subtle, while at the same time our dependence on the Internet and other networks that are essential for accessing critical services and information is increasing; i) that the ITU Telecommunication Standardization Sector (ITU-T) has adopted around 300 standards relating to cybersecurity; j) the final report on Question 22-1/1 (Securing information and communication networks: Best practices for developing a culture of cybersecurity) of the ITU Telecommunication Development Sector (ITU-D), | |||||
11 | RECOGNIZING | ||||||
12 | a) that the development of ICTs has been and continues to be instrumental for the growth and development of the global economy, underpinned by security and trust; b) that the World Summit on the Information Society (WSIS) affirmed the importance of building confidence and security in the use of ICTs and the great importance of multistakeholder implementation at the international level, and established Action Line C5 (Building confidence and security in the use of ICTs), with ITU identified in the Tunis Agenda for the Information Society as moderator/facilitator for the action line, and that this task has been carried out by the Union in recent years, for example under GCA; | c) that the ITU coordinated WSIS+10 High Level Event reaffirmed the building of confidence and security in the use of ICTs, notably on topics such as personal data protection, privacy and robustness of networks, as well as supporting and encouraging stakeholder, in their respectives roles and responsibilities, to work together for the continued evolution of the ICTs to address known weaknesses and to increase capability, while maintain full interoperability and stability, as priority areas in the implementation of WSIS Beyond 2015; | c) that WTDC-14 has adopted the Dubai Action Plan and its Objective 3, on enhancing confidence and security in the use of telecommunications/ICTs, and roll-out of relevant applications and services, which identifies cybersecurity as a priority activity of the Telecommunication Development Bureau (BDT) and defines the main areas of work to be undertaken by BDT; and has also adopted Resolution 45 (Rev. Dubai, 2014), on mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam, calling on the Secretary-General to bring the resolution to the attention of the next plenipotentiary conference for consideration and required action, as appropriate; and Resolution 69 (Rev. Dubai, 2014), on the creation of national CIRTs, particularly for developing countries, and cooperation between them; and that moreover, a national IP-based public network security centre for developing countries is under study by ITU-T Study Group 17; | c) that WTDC‑14 has adopted the Dubai Action Plan and its Objective 3, on enhancing confidence and security in the use of telecommunications/ICTs, and roll-out of relevant applications and services, in particular Output 3.1, which identifies cybersecurity as a priority activity of the Telecommunication Development Bureau (BDT) and defines activities to be undertaken by BDT; and has also adopted Resolution 45 (Rev. Dubai, 2014), on mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam, requesting the Secretary-General to bring the resolution to the attention of the next plenipotentiary conference for consideration and required action, as appropriate, and to report the results of these activities to the Council and to the Plenipotentiary Conference in 2018; and Resolution 69 (Rev. Dubai, 2014), on facilitating the creation of national CIRTs, particularly for developing countries, and cooperation between them; and that moreover, a national IP-based public network security centre for developing countries is under study by Study Group 17 of the ITU Telecommunication Standardization Sector (ITU-T), in accordance with the ITU‑T X‑series recommendations; | |||
13 | c) that WTDC-10 has adopted the Hyderabad Action Plan and its Programme 2 on cybersecurity and ICT applications and IP-based network related issues, which identifies cybersecurity as a priority activity of the Telecommunication Development Bureau (BDT) and defines activities to be undertaken by BDT; and has also adopted Resolution 45 (Rev. Hyderabad, 2010), on mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam, calling on the Secretary-General to bring the resolution to the attention of the next plenipotentiary conference for consideration and required action, as appropriate; and Resolution 69 (Rev. Hyderabad, 2010), on the creation of national CIRTs, particularly for developing countries, and cooperation between them; and that moreover, a national IP-based public network security centre for developing countries is under study by Study Group 17 of the ITU Telecommunication Standardization Sector (ITU-T); | d) that WTDC-14 has adopted the Dubai Action Plan and its Objective 3, , in particular, output 3.1 on building confidence and security in the use of ICTs,, which identifies cybersecurity as a priority activity of the Telecommunication Development Bureau (BDT) and defines | d) that, to support the creation of national CIRTs in Member States where these are needed and are currently absent, the World Telecommunication Standardization Assembly (WTSA) adopted Resolution 58 (Rev. Dubai, 2012), on encouraging the creation of national CIRTs, particularly for developing countries; and WTDC-14 adopted Resolution 69 (Rev. Dubai, 2014), on the creation of national CIRTs, including CIRTs responsible for government-to-government cooperation, particularly for developing countries, and cooperation between them; | ||||
14 | f) that the establishment of international rules and policies for the exchange of electronic information over reliable and safe networks will serve to build trust between the users of these networks, particularly in the developing countries; | ||||||
15 | d) that, to support the creation of national CIRTs in Member States where these are needed and are currently absent, the World Telecommunication Standardization Assembly (WTSA) adopted Resolution 58 (Johannesburg, 2008), on encouraging the creation of national CIRTs, particularly for developing countries; and WTDC-10 adopted Resolution 69 (Hyderabad, 2010), on the creation of national CIRTs, particularly for developing countries, and cooperation between them; | g) that the ITU coordinated WSIS+10 High Level Event identified several challenges in the implementation of the WSIS Action Lines that still remain and would need to be addressed beyond 2015, among them the need to call upon States to take steps to avoid and to refrain from taking any unilateral measure not in accordance with international law and the need to increase the awareness of all stakeholders of the ethical dimension in the of ICTs and the ethical challenges of emerging technologies and the Information Society, including regarding the protection of personal data and privacy; | i) that Resolution 69 (Rev. Dubai, 2014) provides for the establishment of national CIRTs, including CIRTs responsible for government-to-government cooperation, where needed or currently lacking, | ||||
16 | e) § 15 of the Tunis Commitment, which states that: "Recognizing the principles of universal and non-discriminatory access to ICTs for all nations, the need to take into account the level of social and economic development of each country, and respecting the development-oriented aspects of the information society, we underscore that ICTs are effective tools to promote peace, security and stability, to enhance democracy, social cohesion, good governance and the rule of law, at national, regional and international levels. ICTs can be used to promote economic growth and enterprise development. Infrastructure development, human capacity building, information security and network security are critical to achieve these goals. We further recognize the need to effectively confront challenges and threats resulting from use of ICTs for purposes that are inconsistent with objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States, to the detriment of their security. It is necessary to prevent the abuse of information resources and technologies for criminal and terrorist purposes, while respecting human rights", and that the challenges created by this misuse of ICT resources have only continued to increase since WSIS; f) that Member States, in particular developing countries, in the elaboration of appropriate and workable legal measures relating to protection against cyberthreats at the national, regional and international levels, may require assistance from ITU in establishing technical and procedural measures, aimed at securing national ICT infrastructures, on request from these Member States, while noting that there are a number of regional and international initiatives which may support these countries in elaborating such legal measures; g) Opinion 4 (Lisbon, 2009) of the World Telecommunication Policy Forum, on collaborative strategies for creating confidence and security in the use of ICTs; h) the relevant outcomes of WTSA-08, notably: i) Resolution 50 (Rev. Johannesburg, 2008), on cybersecurity; ii) Resolution 52 (Rev. Johannesburg, 2008), on countering and combating spam; i) that Resolution 69 (Hyderabad, 2010) provides for the establishment of CIRTs, | ||||||
17 | |||||||
18 | AWARE | ||||||
19 | a) that ITU and other international organizations, through a variety of activities, are examining issues related to building confidence and security in the use of ICTs, including stability and measures to combat spam, malware, etc., and to protect personal data and privacy; b) that ITU-T Study Group 17, Study Groups 1 and 2 of the Telecommunication Development Sector (ITU-D) and other relevant ITU study groups continue to work on technical means for the security of information and communication networks, in accordance with Resolutions 50 and 52 (Rev. Johannesburg, 2008) and Resolutions 45 (Rev. Hyderabad, 2010) and 69 (Hyderabad, 2010); | d) that the ITU Global Cybersecurity Agenda (GCA) promotes international cooperation aimed at proposing strategies for solutions to enhance confidence and security in the use of ICTs; | f) that ITU is also assisting developing countries in this domain and supporting the establishment of CIRTs, | ||||
20 | c) that ITU has a fundamental role to play in building confidence and security in the use of ICTs; d) that Opinion 4 (Lisbon, 2009), on collaborative strategies for creating confidence and security in the use of ICTs, invites ITU to pursue, principally on the basis of membership contributions and direction, further initiatives and activities, in close partnership with other concerned national, regional and international entities and organizations, consistent with Resolution 71 (Rev. Guadalajara, 2010) of this conference, on the strategic plan for the Union for 2012-2015, and all other relevant ITU resolutions; e) that ITU-D Study Group 1 continues to carry out the studies called for in ITU-D Question 22-1/1 (Securing communications networks: best practices for developing a culture of cybersecurity), which has been reflected in United Nations General Assembly Resolution 64/211, | ||||||
21 | NOTING | ||||||
22 | a) that, as an intergovernmental organization with private-sector participation, ITU is well- positioned to play an important role, together with other relevant international bodies and organizations, in addressing threats and vulnerabilities, which affect efforts to build confidence and security in the use of ICTs; b) §§ 35 and 36 of the Geneva Declaration of Principles and § 39 of the Tunis Agenda on building confidence and security in the use of ICTs; c) that although there are no universally agreed upon definitions of spam and other terms in this sphere, spam was characterized by ITU-T Study Group 2, at its June 2006 session, as a term commonly used to describe unsolicited electronic bulk communications over e-mail or mobile messaging (SMS, MMS), usually with the objective of marketing commercial products or services; d) the Union's initiative concerning IMPACT and FIRST; e) that BDT Programme 2 in the Hyderabad Action Plan was adopted with the understanding of the delegations to WTDC-10 that BDT does not draft laws, | ||||||
23 | BEARING IN MIND | ||||||
24 | the work of the ITU established by Resolutions 50 and 52 (Rev. Johannesburg, 2008) and 58 (Johannesburg, 2008); Resolutions 45 (Rev. Hyderabad, 2010) and 69 (Hyderabad, 2010); BDT Programme 2 in the Hyderabad Action Plan; the relevant ITU-T Questions on technical aspects regarding the security of information and communication networks; and ITU-D Question 22-1/1, | the work of the ITU established by Resolutions 50, 52 and 58 (Rev. Dubai, 2012); Resolutions 45 and 69 (Rev. Dubai, 2014) and 80 (Dubai, 2014); Objective 3, on enhancing confidence and security in the use of telecommunications/ICTs, and roll-out of relevant applications and services, under the Dubai Action Plan; the relevant ITU‑T Questions on technical aspects regarding the security of information and communication networks; and ITU‑D Question 22-1/1 | |||||
25 | RESOLVES | ||||||
26 | 1 to continue to give this work high priority within ITU, in accordance with its competences and expertise; 2 to give high priority to the work in ITU described under bearing in mind above, in accordance with its competences and areas of expertise, while being mindful of the need to avoid duplicating work among the Bureaux or the General Secretariat or work which more appropriately falls within the mandates of other intergovernmental and relevant international bodies; 3 that ITU shall focus resources and programmes on those areas of cybersecurity within its core mandate and expertise, notably the technical and development spheres, and not including areas related to Member States' application of legal or policy principles related to national defence, national security, content, and cybercrime, which are within their sovereign rights, although, this does not however exclude ITU from carrying out its mandate to develop technical recommendations designed to reduce vulnerabilities in the ICT infrastructure, nor from providing all the assistance that was agreed upon at WTDC-10, including Programme 2 activities such as "assisting Member States, in particular developing countries, in the elaboration of appropriate and workable legal measures relating to protection against cyberthreats" and in activities under Question 22/1, | 2 to support a human rights based approach to cybersecurity to foster a proper balance between security and privacy, and in this regard encourage ITU to work closely with other bodies/agencies within the United Nations, including but not limited to UNESCO, UNODC and HRC, taking into account the specific mandates and areas of expertise of the different agencies; | 3 that ITU shall focus resources and programmes on those areas of cybersecurity within its core mandate and expertise, notably the technical and development spheres, and not including areas related to Member States' application of legal or policy principles related to national defence, national security, content and cybercrime, which are within their sovereign rights, although this does not however exclude ITU from carrying out its mandate to develop technical recommendations designed to reduce vulnerabilities in the ICT infrastructure, nor from providing all the assistance that was agreed upon at WTDC-14, including work under Objective 3 such as strengthening the capacity of Member States to incorporate and implement cybersecurity policies and strategies into nationwide ICT plans, as well as appropriate legislations, and in activities under ITU-D SG 2 Question 3/2, | 1 to continue to give this work high priority within ITU, in accordance with its competences and expertise, and to provide governments, in cooperation with other stakeholders, within their respective roles, to develop necessary safety and appropriate measures for preventing cybercrime, in obtaining common understanding and/or agreement on a Regional basis, aside from legislation for the investigation and prosecution of cybercrime, at a national, regional and international level pursuant to considering a) of Resolution 181 (Guadalajara 2010) and considering b) of this Resolution; | 3 that ITU shall focus resources and programmes on those areas of cybersecurity within its core mandate and expertise, notably the technical and development spheres, and not including areas related to Member States' application of legal or policy principles related to national defence, national security, content and cybercrime, which are within their sovereign rights, although this does not however exclude ITU from carrying out its mandate to develop technical recommendations designed to reduce vulnerabilities in the ICT infrastructure, nor from providing all the assistance that was agreed upon at WTDC‑14, including Objective 3, on enhancing confidence and security in the use of telecommunications/ICTs, and roll-out of relevant applications and services, as well as activities under Question 3/2, | ||
27 | resolves 3 ... does not however exclude ITU from carrying out its mandate to develop technical recommendations designed to reduce vulnerabilities in the ICT infrastructure, nor from providing all the assistance that was agreed upon at WTDC-10, including Objective 3 2 activities such as "Strengthened capacity of Member States Strengthened capacity of Member States to incorporate and implement cybersecurity policies and strategies into nation-wide ICT plans, as well as appropriate legislation" and in activities under Question 3/2, | resolves: 2 to continue to encourage and facilitate governments to develop measures to combat misuse as elaborated under the “Notes with appreciation” of UNGA Resolution number 55/63: a) States should ensure that their laws and practice eliminate safe havens for those who criminally misuse information technologies; b) Law enforcement cooperation in the investigation and prosecution of international cases of criminal misuse of information technologies should be coordinated among all concerned States; c) Information should be exchanged between States regarding the problems that they face in combating the criminal misuse of information technologies; d) Law enforcement personnel should be trained and equipped to address the criminal misuse of information technologies; e) Legal systems should protect the confidentiality, integrity, and availability of data and computer systems from unauthorized impairment and ensure that criminal abuse is penalized; f) Legal systems should permit the preservation of and quick access to electronic data pertaining to particular criminal investigations; g) Mutual assistance regimes should ensure timely investigation of the criminal misuse of information technologies and the timely gathering and exchange of evidence in such cases; h) The general public should be made aware of the need to prevent and combat the criminal misuse of information technologies; i) To the extent practicable, information technologies should be designed to help to prevent and detect criminal misuse, trace criminals and collect evidence; j) The fight against the criminal misuse of information technologies requires the development of solutions taking into account both the protection of individual freedoms and privacy and the preservation of the capacity of Governments to fight such criminal misuse. | |||||
28 | instructs the Secretary-General and the Directors of the Bureaux 1 to continue to review: i) the work done so far in the three Sectors, under the ITU Global Cybersecurity Agenda initiative and in other relevant organizations, and initiatives to address existing and future threats in order to build confidence and security in the use of ICTs, such as the issue of countering spam, which is growing and on the rise; ii) the progress achieved in the implementation of this resolution, with ITU continuing to play a lead facilitating role as the moderator/facilitator for Action Line C5, with the help of the advisory groups, consistent with the ITU Constitution and Convention; 2 consistent with Resolution 45 (Rev. Hyderabad, 2010,) to work towards the preparation of a document relating to a possible memorandum of understanding (MoU), including the legal analysis of the MoU and its scope of application, among interested Member States, to strengthen cybersecurity and combat cyberthreats, in order to protect developing countries and any country interested in acceding to this possible MoU, with the outcome of the meeting to be submitted to the Council session in 2011 for its consideration and any action, as appropriate; 3 to facilitate access to tools and resources, within the available budget, required for enhancing confidence and security in the use of ICTs for all Member States, consistent with WSIS provisions on universal and non-discriminatory access to ICTs for all nations; 4 to continue to maintain the cybersecurity gateway as a way to share information on national, regional and international cybersecurity-related initiatives worldwide; 5 to report annually to the Council on these activities and to make proposals as appropriate; 6 to further enhance coordination between the study groups and programmes concerned, | instructs the Secretary-General and the Directors of the Bureaux 2 consistent with Resolution 45 (Rev. Dubai, 2014) to report on memoranda of understanding (MoU) between countries, as well as existing forms of cooperation, providing analysis of their status, scope and applications of these cooperative mechanisms to strengthen cybersecurity and combat cyberthreats, with a view to enabling Member States to identify whether additional memoranda or mechanisms are required; | instructs the Secretary-General and the Directors of the Bureaux 2 consistent with Resolution 45 (Rev. Dubai, 2014), to report on memoranda of understanding (MoUs) between countries, as well as existing forms of cooperation, providing analysis of their status, scope and applications of these cooperative mechanisms to strengthen cybersecurity and combat cyberthreats, with a view to enabling Member States to identify whether additional memoranda or mechanisms are required; | instructs the Secretary-General and the Directors of the Bureaux to continue to review: iii) the preparation of international rules and policies to maintain confidence and security in the use of ICTs, and the protection of privacy and confidentiality of users' data; | 2 'instructs the Secretary-General and the Directors of the Bureaux: :consistent with Resolution 45 (Rev. Dubai, 2014),to submit an annual report to the Council containing an analysis of the incident data provided by Member States together with an assessment of the effectiveness of the action plan to strengthen the role of ITU in building confidence and security in the use of ICTs; | 2 'instructs the Secretary-General and the Directors of the Bureaux: consistent with Resolution 45 (Rev. Dubai, 2014)to report on memoranda of understanding (MoU) between countries, as well as existing forms of cooperation, providing analysis of their status, scope and applications of these cooperative mechanisms to strengthen cybersecurity and combat cyberthreats, with a view to enabling Member States to identify whether additional memoranda or mechanisms are required; | |
29 | instructs the Director of the Telecommunication Standardization Bureau 1 to intensify work within existing ITU-T study groups in order to: i) address existing and future threats and vulnerabilities affecting efforts to build confidence and security in the use of ICTs, by developing reports or recommendations, as appropriate, with the goal of implementing the resolutions of WTSA-08, particularly Resolutions 50 and 52 (Rev. Johannesburg, 2008) and 58 (Johannesburg, 2008), allowing work to begin before a Question is approved; ii) seek ways to enhance the exchange of technical information in these fields, promote the adoption of protocols and standards that enhance security, and promote international cooperation among appropriate entities; iii) facilitate projects deriving from the outcomes of WTSA-08, in particular: a) Resolution 50 (Rev. Johannesburg, 2008), on cybersecurity; b) Resolution 52 (Rev. Johannesburg, 2008), on countering and combating spam; 2 to continue collaboration with relevant organizations with a view to exchanging best practices and disseminating information through, for example, joint workshops and training sessions and joint coordination activity groups, and, by invitation, through written contributions from relevant organizations, instructs the Director of the Telecommunication Standardization Bureau 1 to intensify work within existing ITU-T study groups in order to: i) address existing and future threats and vulnerabilities affecting efforts to build confidence and security in the use of ICTs, by developing reports or recommendations, as appropriate, with the goal of implementing the resolutions of WTSA-08, particularly Resolutions 50 and 52 (Rev. Johannesburg, 2008) and 58 (Johannesburg, 2008), allowing work to begin before a Question is approved; ii) seek ways to enhance the exchange of technical information in these fields, promote the adoption of protocols and standards that enhance security, and promote international cooperation among appropriate entities; iii) facilitate projects deriving from the outcomes of WTSA-08, in particular: a) Resolution 50 (Rev. Johannesburg, 2008), on cybersecurity; b) Resolution 52 (Rev. Johannesburg, 2008), on countering and combating spam; 2 to continue collaboration with relevant organizations with a view to exchanging best practices and disseminating information through, for example, joint workshops and training sessions and joint coordination instructs the Director of the Telecommunication Development Bureau 1 to develop, consistent with the results of WTDC-10 and pursuant to Resolution 45 (Rev. Hyderabad, 2010), Resolution 69 (Hyderabad, 2010) and Programme 2 in the Hyderabad Action Plan, the project for enhancing cooperation on cybersecurity and combating spam in response to the needs of developing countries, in close collaboration with the relevant partners; 2 upon request, to support ITU Member States in their efforts to build capacity, by facilitating Member States' access to resources developed by other relevant international organizations that are working on national legislation to combat cybercrime; supporting ITU Member States' national and regional efforts to build capacity to protect against cyberthreats/cybercrime, in collaboration with one another; consistent with the national legislation of Member States referred to above, assisting Member States, in particular developing countries, in the elaboration of appropriate and workable legal measures relating to protection against cyberthreats at national, regional and international levels; establishing technical and procedural measures, aimed at securing national ICT infrastructures, taking into the account the work of the relevant ITU-T study groups and, as appropriate, other relevant organizations; establishing organizational structures, such as CIRTs, to identify, manage and respond to cyberthreats, and cooperation mechanisms at the regional and international level; 3 to provide the necessary financial and administrative support for this project within existing resources, and to seek additional resources (in cash and in kind) for the implementation of this project through partnership agreements; 4 to ensure coordination of the work of this project within the context of ITU's overall activities in its role as moderator/facilitator for WSIS Action Line C5, and to eliminate any duplication regarding this important subject with the General Secretariat and ITU-T; 5 to coordinate the work of this project with that of the ITU-D study groups on this topic, and with the relevant programme activities and the General Secretariat; 6 to continue collaboration with relevant organizations with a view to exchanging best practices and disseminating information through, for example, joint workshops and training sessions; 7 to report annually to the Council on these activities and make proposals as appropriate, further instructs the Director of the Telecommunication Standardization Bureau and the Director of the Telecommunication Development Bureau each within the scope of his responsibilities: 1 to implement relevant resolutions of both WTSA-08 and WTDC-10, including Programme 2 on providing support and assistance to developing countries in building confidence and security in the use of ICTs; 2 to identify and promote the availability of information on building confidence and security in the use of ICTs, specifically related to the ICT infrastructure by Member States, Sector Members and relevant organizations; 3 without duplicating the work under ITU-D Question 22, to identify best practices in establishing CIRTs, to prepare a reference guide for the Member States and, where appropriate, to contribute to Question 22; 4 to cooperate with relevant organizations and other relevant international and national experts, as appropriate, in order to identify best practices in the establishment of CIRTs; 5 to take action with a view to new Questions being examined by the study groups within the Sectors on the establishment of confidence and security in the use of ICT; 6 to support strategy, organization, awareness-raising, cooperation, evaluation and skills development; 7 to provide the necessary technical and financial support, within the constraints of existing budgetary resources, in accordance with Resolution 58 (Johannesburg, 2008); 8 to mobilize appropriate extrabudgetary resources, outside the regular budget of the Union, for the implementation of this resolution, to help developing countries, instructs the Secretary-General pursuant to his initiative on this matter: 1 to propose to the Council, taking into account the activities of the three Sectors in this regard, an action plan to strengthen the role of ITU in building confidence and security in the use of ICTs; 2 to cooperate with relevant international organizations, including through the adoption of MoUs, subject to the approval of the Council in this regard, in accordance with Resolution 100 (Minneapolis, 1998) of this conference, requests the Council to include the report of the Secretary-General in the documents sent to Member States in accordance with No. 81 of the Convention, | 5 to encourage further strengthening of the trust and security framework with complementary and mutually reinforcing initiatives in the fields of security in the use of ICTs, with initiatives or guidelines with respect to rights to privacy, data and consumer protection; | urther instructs the Director of the Telecommunication Standardization Bureau and the Director of the Telecommunication Development Bureau 6 to develop a roadmap on cybersecurity, setting out the roles and responsibilities of Member States in combating cyberattacks; | instructs the Director of the Telecommunication Development Bureau to develop, consistent with the results of WTDC‑14 and pursuant to Resolutions 45 and 69 (Rev. Dubai, 2014) and 80 (Dubai, 2014) and Objective 3 in the Dubai Action Plan, the project for enhancing cooperation on cybersecurity, combating spam and establishing reliable information frameworks in response to the needs of developing countries, in close collaboration with the relevant partners; | |||
30 | invites Member States to consider joining appropriate competent international and regional initiatives for enhancing national legislative frameworks relevant to the security of information and communication network, invites Member States, Sector Members and Associates 1 to contribute on this subject to the relevant ITU study groups and to any other activities for which the Union is responsible; | invites Member States 2 to support the Global Cybersecurity Index initiative and other evidence-based approaches to cybersecurity, in order to promote government strategies and publicize efforts across industries and sectors, | invites Member States, Sector Members and Associates 2 to contribute to building confidence and security in the use of ICTs at the national, regional and international levels, by undertaking activities as outlined in the relevant provisions of the Geneva Plan of Action, the Tunis Agenda, the WSIS+10 Statement on the Implementation of WSIS Outcomes and the WSIS+10 Vision for WSIS Beyond 2015, and to contribute to the preparation and implementation of studies in these areas; | instructs the Director of the Telecommunication Development Bureau 1 to develop, consistent with the results of WTDC‑14 and pursuant to Resolutions 45 and 69 (Rev. Dubai, 2014) and 80 (Dubai, 2014) and Objective 3 in the Dubai Action Plan, the project for enhancing cooperation on cybersecurity, combating spam and establishing reliable information frameworks in response to the needs of developing countries, in close collaboration with the relevant partners; | invites member states: 2 to strengthen regional and international cooperation, taking into account Resolution 45 (Rev. Dubai, 2014), through the conclusion of agreements and implementation of measures to facilitate the reduction of risks and threats to confidence and security in the use of ICTs; 3 to refrain from using ICTs for activities: i) involving the extraterritorial interception and monitoring of communications in a way which violates the privacy of communications and users’ personal data protection; ii) that undermine confidence and security in the use of ICTs, the preservation of peace and the economic and social development of other Member States; and iii) that affect traffic routing and telecommunication quality of service; 4 to inform the Secretary-General of any incident of the kinds referred to above, | ||
31 | |||||||
32 | |||||||
33 | Reasons: This key Resolution on strengthening the role of ITU in building confidence and security in the use of information and communication technologies should be updated in order to reflect the significant developments in the framework of the United Nations on defining the right to on-line privacy in the digital age. Furthermore, Brazil recognizes the significant contributions on this issue that have been provided by the WSIS+10 High Level Event and draw attention to the present and future work of the ITU, as reflected in the Dubai Action Plan (WTDC-14). | ||||||
34 | |||||||
35 | |||||||
36 | |||||||
37 | |||||||
38 | |||||||
39 | |||||||
40 | |||||||
41 | |||||||
42 | |||||||
43 | |||||||