On the occasion of the fourth meeting of the EU-U.S. Cyber Dialogue in Washington on 14 and 15 November 2017, the European Union (EU) and United States (U.S.) jointly reaffirmed the strong partnership between the EU and the U.S. in favour of an open, stable and secure cyberspace in which individuals can exercise their human rights and fundamental freedoms and that fosters innovation and economic growth.
The EU and the United States have a shared assessment on the opportunities and challenges that fast digital development poses for foreign, security and digital policy and share the concern on the growing ability and willingness of actors to undertake malicious activities in cyberspace. Both sides presented developments with regard to their respective strategies, policies and legislation, including aspects of the EU Joint Communication on “Resilience, Deterrence and Defence: Building Strong Cybersecurity for the EU” and the U.S. Executive Order 13800 on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure”, the latter of which calls for reports on deterrence and international engagement. Following the exchange, the EU and U.S. identified synergies and committed to continue to share information and to coordinate on an on-going basis to ensure the utilization of these synergies for the benefit of the U.S., the EU, EU Member States, and the multi-stakeholder community.
In support of a stable and secure cyberspace, the EU and U.S. reaffirmed the application of existing international law to State behaviour in cyberspace and their adherence to voluntary, non-binding norms of responsible State behaviour in cyberspace during peacetime. The EU and U.S. strongly endorsed the work that has been done by the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UNGGE), including its landmark 2013 and 2015 reports, and regretted that the 2016-17 UNGGE was not been able to produce a new consensus report taking that work forward. The EU and U.S. marked the importance of adherence to the framework of responsible State behaviour identified in the UNGGE reports and discussed ways to hold accountable States that act contrary to that framework. The U.S. and EU plan to continue to work together on building an international understanding of how international law applies in cyberspace, as well as the important work on the development and implementation of cyber confidence building measures to reduce misperception and the risk of escalation when using information and communications technologies (ICTs).
Following the issuance of the Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities and U.S. Executive Order 13800, the EU and U.S. discussed the need to strengthen the measures to prevent, detect and respond to malicious activities in cyberspace, encourage cooperation for a stable and secure cyberspace and influence the behaviour of actors in cyberspace to refrain from malicious activities. The two sides welcomed further exchange on these efforts including ways to improve coordination on strategic policy communications and preparatory practices in case of a cyber incident affecting the security and integrity of both the U.S. and EU, such as through a joint table-top exercise in the future.
The EU and U.S. emphasized the importance of bridging the digital divide to enable economic growth, social developments and increasing cyber resilience towards cyber threats. Both sides stressed the commitment to make investments, along with partners to increase the global capacities to prevent and mitigate cyber threats and to investigate and prosecute cyber criminals. The EU and U.S. expressed the need to strengthen international cooperation, coordination, and sharing of best practices to maximize the economic and social benefit enabled by the Internet and the use of ICTs, including within the Global Forum for Cyber Expertise. The EU and U.S. reaffirmed the importance of the Budapest Convention as a solid basis for national legislation and international cooperation in fighting cybercrime.
The EU and U.S. reaffirmed their strong support for an open and free Internet and the multi-stakeholder approach to Internet governance that includes the participation and contributions of all stakeholders. Both sides stressed that no single entity, company, government, or inter-governmental organization should seek to control the Internet. The EU and U.S. emphasized the value of the Internet Governance Forum as the premier, global, multistakeholder venue for dialogue on Internet-related public policy issues. Both sides reaffirmed their commitment to an Internet governance approach that is accountable, transparent, inclusive and accessible to all stakeholders and welcomed the efforts to capture and package the content of the Internet Governance Forum, such as the European Commission work on the Global Internet Policy Observatory (GIPO), and the Friends of the Internet Governance Forum.
The EU and U.S. reaffirmed that the same rights and freedoms people have offline must also be protected online. Both sides expressed their concern about measures that intentionally prevent and disrupt open and trusted access and dissemination of information online and commitment to the work to promote the application of existing international human rights law and the ongoing work in the UN and the Freedom Online Coalition. The EU and U.S. reaffirmed their strong commitment to an open Internet on which individuals can exercise their human rights and fundamental freedoms, including the freedoms of expression and association, and to condemn any effort to exploit the Internet for malicious intent including repression.
The co-chairs concluded a successful meeting in which the strong partnership of the EU and U.S. with regard to cyber issues has been confirmed and deepened. The EU and U.S. intend to continue to strengthen their partnership throughout the year to follow-up on the identified areas for coordination and cooperation and in preparation and during events.
The fourth formal EU-U.S. Cyber Dialogue took place on 14 and 15 November 2017 in Washington, co-chaired by the U.S. Department of State Deputy Assistant Secretary Robert STRAYER and the EEAS Director for Security Policy Pawel HERCZYNSKI. A number of Departments and Agencies participated in the meeting and 16 Member States took part of the dialogue as observers. The dialogue included a stakeholder engagement opportunity event. The fifth EU-U.S. Cyber Dialogue is to be convened approximately one year later in Brussels.