The outcome documents from the two phases of the World Summit on the Information Society (WSIS) emphasize that building confidence and security in the use of ICTs is a necessary pillar for building a global information society (see extracts below).

The Tunis Agenda describes the establishment of a mechanism for implementation and follow-up to WSIS and requests ITU to play a facilitator/moderator role for WSIS Action Line C5: Building Confidence and Security in the Use of ICTs.  In order to stress the importance of the multi-stakeholder implementation of related work programmes, ITU has named this the Global Cybersecurity Agenda initiative.

Based on the previous facilitation meetings held in May 2006, 2007 and 2008 and the related Chairman's Report, work programmes in five focus areas (Legal, Technical, Organizational, Capacity Building and International Cooperation) have been initiated.

The WSIS Declaration of Principles states that “strengthening the trust framework, including information security and network security, authentication, privacy and consumer protection, is a prerequisite for the development of the Information Society and for building confidence among users of ICTs”.

Extracts from WSIS texts highlighting building confidence and trust in the use of ICTs:

From WSIS Phase I :Geneva Plan of Action

C5. Building confidence and security in the use of ICTs

12. Confidence and security are among the main pillars of the Information Society. Promote cooperation among the governments at the United Nations and with all stakeholders at other appropriate fora to enhance user confidence, build trust, and protect both data and network integrity; consider existing and potential threats to ICTs; and address other information security and network security issues. Governments, in cooperation with the private sector, should prevent, detect and respond to cybercrime and misuse of ICTs by: developing guidelines that take into account ongoing efforts in these areas; considering legislation that allows for effective investigation and prosecution of misuse; promoting effective mutual assistance efforts; strengthening institutional support at the international level for preventing, detecting and recovering from such incidents; and encouraging education and raising awareness. Governments, and other stakeholders, should actively promote user education and awareness about online privacy and the means of protecting privacy. Take appropriate action on spam at national and international levels. Encourage the domestic assessment of national law with a view to overcoming any obstacles to the effective use of electronic documents and transactions including electronic means of authentication. Further strengthen the trust and security framework with complementary and mutually reinforcing initiatives in the fields of security in the use of ICTs, with initiatives or guidelines with respect to rights to privacy, data and consumer protection. Share good practices in the field of information security and network security and encourage their use by all parties concerned. Invite interested countries to set up focal points for real-time incident handling and response, and develop a cooperative network between these focal points for sharing information and technologies on incident response. Encourage further development of secure and reliable applications to facilitate online transactions. Encourage interested countries to contribute actively to the ongoing United Nations activities to build confidence and security in the use of ICTs.

• Legal measures
• Technical and Procedural Measures
• Organisational Structures
• Capacity Building
• International Cooperation

From WSIS Phase II: Tunis Agenda

Paragraph 40

“We underline the importance of the prosecution of cybercrime, including cybercrime committed in one jurisdiction, but having effects in another. We further underline the necessity of effective and efficient tools and actions, at national and international levels, to promote international cooperation among, inter alia, law enforcement agencies on cybercrime. § We call upon governments in cooperation with other stakeholders to develop necessary legislation for the investigation and prosecution of cybercrime, noting existing frameworks, for example, UNGA Resolutions 55/63 and 56/121 on Combatting the criminal misuse of information technologies and regional initiatives including, but not limited to, the Council of Europe’s Convention on Cybercrime. ”

See WSIS Tunis Agenda

From WSIS Phase II: Tunis Agenda

Paragraph 45

“We underline the importance of the security, continuity and stability of the Internet, and the need to protect the Internet and other ICT networks from threats and vulnerabilities. We affirm the need for a common understanding of the issues of Internet security, and for further cooperation to facilitate outreach, the collection and dissemination of security-related information and exchange of good practice among all stakeholders on measures to combat security threats, at national and international levels.”

See WSIS Tunis Agenda

From WSIS Phase I: Plan of Action

Paragraph C5 h)

"Invite interested countries to set up focal points for real-time incident handling and response, and develop a cooperative network between these focal points for sharing information and technologies on incident response.”

See WSIS Plan of Action

From WSIS Phase II: Tunis Commitment

Paragraph 15.

“We further recognize the need to effectively confront challenges and threats resulting from the use of ICTs for purposes that are inconsistent with objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States, to the detriment of their security. It is necessary to prevent the abuse of information resources and technologies for criminal and terrorist purposes, while respecting human rights.”  

See WSIS Tunis Commitment

From WSIS Phase II: Tunis Agenda

Paragraph 39

“We seek to build confidence and security in the use of ICTs by strengthening the trust framework. We reaffirm the necessity to further promote, develop and implement in cooperation with all stakeholders a global culture of cybersecurity, as outlined in UNGA Resolution 57/239 and other relevant regional frameworks. This culture requires national action and increased international cooperation to strengthen security while enhancing the protection of personal information, privacy and data. Continued development of the culture of cybersecurity should enhance access and trade and must take into account the level of social and economic development of each country and respect the development-oriented aspects of the Information Society.”

See WSIS Tunis Agenda

From WSIS Phase II: Tunis Agenda

Paragraph 46

“We call upon all stakeholders to ensure respect for privacy and the protection of personal information and data, whether via adoption of legislation, the implementation of collaborative frameworks, best practices and self-regulatory and technological measures by business and users. We encourage all stakeholders, in particular governments, to reaffirm the right of individuals to access information according to Geneva Declaration of Principles and other mutually agreed relevant international instruments, and to coordinate internationally as appropriate.”

See WSIS Tunis Agenda