name of the committee: world conference on cyber · including an alleged meddling in the 2016 u.s...
TRANSCRIPT
Name of the Committee:
World Conference on Cyber
Security Author: Natalia Amortegui Peña, Juan
Pablo Moreno, Kareem Mansour
Time for opening speech: 90 seconds.
The Global Conference on Cyberspace
(GCCS) was first held in London in 2011,
and is done every year. This conference is
held by governments, experts on
cybersecurity, security agencies and all
sort of companies of the private sector.
The purpose of these conferences is to
evaluate the different problems and
situations that are related to the use of
cyberspace, and agree on solutions, rules
and commitments that can address each
problem in a correct and sustainable
manner, the conference also enhances
the sharing of information and data
between countries and companies to
create spaces of global development and
finally, to search and reach new forms of
technological advances that help to the
development and improvement of
modern technology. The pillars of the
committee are based upon inclusive ways
of development, prevent the use of
technology in a negative way and the
creation of new rules and policies that can
make the internet safer for all people. The
reach of the committee is moderated as
each country and company decides what
rules and solutions to take into account.
TOPIC A: DATA-STEALING
ORGANIZATIONS
HISTORICAL CONTEXT
Data breaches have occurred since before
the digitalization of information.
Nonetheless, since the digitalization era
begun, it has become highly efficient to
use technology to facilitate stealing data.
The first major data breach, caused by
using technology, took place in march in
the year 2005, from the DSW Shoe
Warehouse, where 1.4 million credit card
numbers and account datas were
breached. Yet, data breaches do not occur
exclusively do corporations or enterprises,
government institutions have become a
main target for hackers and data-stealing
organizations.
Organizations such as Wikileaks have
been major factors which have
contributed to governmental information
breaches.
Wikileaks was initiated in 2006, in Iceland
by an organization named “Sunshine
Press”. Julian Assange is considered to be
the funder and director of the
organization.
According to wikileaks.com their main
purpose is “to bring important news and
information to the public…One of our
most important activities is to publish
original source material alongside our
news stories so readers and historians
alike can see the evidence of the truth.”
CAUSES
Plenty of organizations have named a
plethora of causes as to why they carry
out their attacks. Most of them though
have stated that their purpose is to
expose corruption and ‘dirty deeds’ by the
world governments. Organizations such as
Wikileaks and Anonymous have rallied
behind these motive, but also plenty of
hacker groups simply steal data to sell it
to the highest bidder. It is important to
take this into account when addressing
the topic, as plenty of causes can arise, all
depending on each individual case.
REPERCUSSIONS
There is an important difference between
the repercussions of a data breach, and
itself of a gubernamental data breach,
delegates must always bear this
distinction in mind. Some repercussions of
data breaches are loss of data, loss of
monetary resources, loss of intellectual
property, and a risk of physical data loss,
amongst others.
A gubernamental data breach implies
other types of repercussions, which cause
an effect not solely upon the institution
whose data was breached, and the
subjects directly linked to it, but, the
effects itself have a much larger numerical
repercussion.
Breach of information:
Gubernamental data breaches, have as a
main repercussion, that sensible
information is outed and exposed to the
public. Information which can harm the
government it was extracted from, its
political foreign associations, the
international community perspective
upon them, and, even so the perspective
of their own people, amongst others.
Repercussions of Wikileaks in the countries media
impact (extracted from MRI Universidad de
Navarra.)
Perspective upon governments:
A gubernamental data breach, causes a
major change upon the perspective of said
government. The outing of private
sensitive information a government has
on their power, causes mainly for its own
population to have a negative perspective
towards their government, and can even
cause foreign people to stand upon said
government.
Protest in Kiev, Ukraine. Against arrest of Assange
in the United Kingdom, and the United States
reaction to leaked documents. (Extracted form
Efrem Lukatsky.)
CURRENT SITUATION
International Actions:
Regarding treaties, there are no
international treaties or conventions
which cover espionage and data breaches
in the specific context using technology.
Some countries have federal laws, such as
the 1917 Espionage Act of the United
States. Yet, there are no major
conventions itself regarding data-stealing
organizations, which use technology as
their main tool. The aforementioned can
be attributed to the fact that digitalization
is somewhat new, thus, it is of the
uttermost importance, that the delegates
reach a consensus on the topic, and
establish international treaties or
conventions to deal with this new form of
espionage.
Study cases:
The main and most known data-stealing
organization in the world, is Wikileaks,
founded and directed by Julian Assange.
An international non-profit organization
which is based upon publishing secret and
sensible information and classified media.
There is potential criminal prosecution,
mainly in behalf of the United States of
America. As the US Justice Department
has initiated a criminal investigation on
Wikileaks and Assange. The United States
has reportedly considered charges under
the Espionage Act of 1917.
Australia’s primer insistir Julia Gillard
stated that Wikileaks, its foundation and
acts from the United States is punishable
in other countries.
Donations transferred to Wikileaks (extracted from
Nathan L. Fuller)
ORIENTATION AND OBJECTIVE OF THE
COMMITTEE
The chair expects the delegates to debate
firstly upon the acts of data-stealing
organizations, and the legality of these.
Furthermore, actions to avoid data
breaches, and was well the formation of
an international treaty or convention
which bears in mind data-stealing
organizations which use technology as
their main tool.
GUIDING QUESTIONS
1. Has your government been a
target of data stealing?
2. Has your country any laws
regarding espionage and more
specifically the aforementioned
using technology?
3. Has your country had any type of
actions regarding data-stealing
organizations?
SOURCES
Assange, J. (n.d.). WikiLeaks. [online]
Wikileaks.org. Available at:
https://wikileaks.org [Accessed 20 Dec.
2018].
Jones, A. (2015). Pentagon Papers II? On
WikiLeaks and the First Amendment. [online] The Wall Street Journal. Available
at:
https://blogs.wsj.com/law/2010/07/26/p
entagon-papers-ii-on-wikileaks-and-the-fir
st-amendment/ [Accessed 20 Dec. 2018].
Center, E. (n.d.). EPIC - EPIC v. DOJ - FBI:
Wikileaks. [online] Epic.org. Available at:
https://epic.org/foia/doj/wikileaks/defaul
t.html [Accessed 20 Dec. 2018].
SUPPORT LINKS
https://wikileaksreputationcrisis.wordpres
s.com/2011/01/06/wikileaks-country-med
ia-attention-index-some-selected-example
s/
https://wikileaks.org
TOPIC B: THE STUXNET VIRUS
The Student Virus, is a malware which
therefore means “a software which is
specifically designed to disrupt, damage,
or gain authorized access to a computer
system”, which has been reported to have
been hampering the Iranian nuclear
program. In 2010, fourteen Iranian
industrial sites were infected by this
computer worm, among them the Natanz
nuclear site. Even though it has never
been confirmed, The United States and
Israel have been suspected to colluding on
creating this virus, as experts believed
that the level of sophistication of the
malware was such, that it must have been
supported by a national government.
Overview:
Considering the undeniable importance of
technology to modern day world, and the
vast uses it has for societal benefit,
technological warfare through malware is
a double sided weapon, where belligerent
groups and criminals might attempt to
disrupt a government or legal binding
organization, but at the same time,
government enforcement can target
those threats in an array of ways. Be it
from tracking suspicious individuals, to
targeting illegitimate nuclear
programmes, technological interactions
will be the future of safeguarding
communities. At an international
spectrum, cyber security is already an
undeniable issue that has sparked
international attention and concern.
The Stuxnet Virus Definition:
tensions in various circumstances
including an alleged meddling in the 2016
U.S Presidential Election, however the
scope of those attacks have exceeded
such limits, even to disrupt nuclear
development programs such as the role of
the Stuxnet virus to prevent Iran from
obtaining nuclear warfare, with the
leverage of the continuous threats made
by Iran, to both American sovereignty but
more alarmingly Israeli sovereignty, as the
supreme leadership in Iran, has openly
expressed its will to destroy the State of
Israel.
HISTORICAL CONTEXT
The time when computer viruses became
widespread phenomenon came in 1970’s.
However, it wasn’t before late 1980’s that
a computer malware called Morris worm
managed to affect cyber infrastructure,
and only in the 2000s the cyber-attacks
started threatening countries in such a
scale as we know it today. The Morris
Worm felony was distributed through the
internet, which exploited vulnerabilities
across the internet such as guessing weak
passwords, accessing emails. As a result,
The Morris Worm lead the path to the
first conviction under the U.S 1986
Computer Fraud and Abuse Act. Deemed
as the “Great Worm” it had devastating
effects on the Internet at that time; both
in overall system downtime and in
psychological impact on the perception of
security and reliability of the Internet.
Since the end of the Cold War, the world
has undergone a technological revolution,
mainly led by developments and progress
in communication technology - computer
sciences have dramatically and rapidly
evolved. Naturally, it makes perfect sense
that warfare has evolved simultaneously.
Cyber Warfare, has also been soaring in
the agendas of international bodies, both
nationally, supra-nationally and
internationally. To illustrate this, the
perceived threat estimated to be felt by
the CIA/NSA of Cyber Warfare has grown
from the 39th biggest threat to US
national security in 2006 to the largest
possible threat to homeland security in
2013. And it's costly - it's estimated to
have cost the corporate world $10 billion.
In 2002, an Iranian opposition group
publicly revealed two undeclared nuclear
facilities, resulting in Iran admitting to
having constructed facilities for fuel
enrichment and heavy water production,
ostensibly for use in research reactors.
Iran suspended its plans in 2003 but
resumed them in 2006 and insists that it
has the right to establish its own uranium
enrichment program.
Iran maintains that its nuclear program is
entirely peaceful. However, the IAEA
(International Atomic Energy Agency)
insists that Iran does not comply with the
safeguard program it has agreed to,
resulting in various sanctions against Iran
by the UN Security Council. It is widely
believed that Iran is in fact working
toward producing nuclear weapons.
Assuming that Stuxnet was intended to
damage this suspected nuclear weapons
program, it was somewhat effective: it
may have destroyed 1,000 centrifuges at
Natanz, about 11% of the total number
installed at the time. In addition, Stuxnet
decreased production of enriched
uranium and likely sowed chaos within
the Iranian nuclear
program. Israel and the U.S. are the
leading suspects as Stuxnet’s creators.
Neither are friends of Iran’s current
leadership (to put it mildly) and both,
especially Israel, fear a nuclear-armed
Iran.
CAUSES
The importance of cyber security on an
international scale is rapidly expanding
faster and more dynamically than most
anyone can comprehend. Many observers
note that the world as a whole is not
adequately keeping up with the rate at
which civilization’s capabilities of
transmitting, intercepting and tampering
with data is becoming ever more
important in the day to day functionalities
of our society. As the first major cyber
weapon seen that was created and
unleashed in a specific and targeted way,
Stuxnet is the veritable ground zero of the
age of digital warfare.
It is no secret that for a number of years
the United States and its allies have been
attempting, by any means necessary, to
stop the nation of Iran from acquiring
nuclear capabilities with which it could
potentially manufacture weapons of mass
destruction. By mid 2009 or even earlier,
the United States had added cyberwarfare
to the list of these means in an effort to
shut down Iran’s nuclear program3. It is
now widely accepted that the U.S, in
conjunction with the nation of Israel, was
specifically involved in the testing and
development of the worm.
From a strategic perspective, following a
variety of attempts to dismantle Iran’s
nuclear program, the use of cyber warfare
was a logical means through which the
United States could achieve its goal. Part
of the effectiveness of the worm lies in its
ability to remain undetected, as well as its
complex nature as a multifaceted piece of
malware that serves multiple purposes.
This dynamic attack bundled into one
program has many implications for
international cyber warfare, showing that
it may be more effective and useful to
carry out attacks with burrowed software
of this nature rather than attempt a
classic remote assault on a system that is
being actively monitored.
As the Stuxnet worm is highly specialized,
highly targeted malware program which
attacks a specific type of Siemens
industrial system, it is a much more
functional strategy to try and destroy
large scale systems such as the one
responsible for the development of
nuclear warfare. The worm was first
transmitted through a portable USB,
which was introduced either by an
unknowing third party or an intentional
infiltrator whose aim was to connect the
original infected drive. It was
approximately half a megabyte in size,
and could move quickly through any
windows system due to its promiscuous
behaviour and its ability to gain
administrator accesses through elevation
of privilege exploits, as well as in some
cases over local area network transfers.
Stuxnet differentiates itself from a typical
virus in the way that it does not need a
host file to burrow into and propagate
itself. It stands as an individual program
which, though hidden, is represented as a
grouping of files which, as will be later
examined, is initially present on a disk and
can move on its own to a newly
connected drive and through a number of
other ways as well.
Stuxnet is, at its core, a rootkit. Upon
download onto a drive, the worm installs
itself as a basic driver with authentic
certification, and renders itself invisible to
detection as it begins to execute its
function. It is extremely specific in what it
targets; downloading it onto your own
personal computer would do nothing
besides allow for its propagation to a set
maximum of three other targetable
systems, and, assuming the you are not
connected to Siemens industrial software,
would remain dormant.
REPERCUSSIONS
Stuxnet did far more than simply slow
down the progress of the Iranian nuclear
program. As the first major specifically
targeted cyber weapon, it has fulfilled
what many since the beginning of the 21st
century have been anticipating, the first
strike of what will most likely come to
dominate the future of conflicts and wars
between nations. Stuxnet was a highly
specific weapon, and certainly not the last
of its kind. Since late 2010, the code for
the Stuxnet bug has become publicly
available on the internet, and has without
doubt served as a template for other
similar cyber weapons including the
infamous “Flame” counterpart to Stuxnet.
For many in the fields of international
relations and global security policy, the
advent of cyber warfare is a puzzle whose
surface has yet to even be scratched. The
implications of what a certain kind of
attack should illicit when carried out by
one country against the other is anyone’s
guess. The implication here is that in a
future of Cyber conflict, the blueprints of
powerful weaponry would no longer be
stored in top secret CIA vaults, but rather
on the publicly open repositories of
Github.
All political and military conflicts now
have a cyber dimension, whose size and
impact are difficult to predict. Attackers
have at their disposal a wide variety of
effective cyber warfare strategies and
tactics. Above all, the Internet is
vulnerable to attack. Further, its
amplifying power means that future
victories in cyberspace could translate
into victories on the ground. Both state
and non-state actors enjoy a high return
on investment in cyber tactics, which
range from the placement of carefully
crafted propaganda to the manipulation
of an adversary's critical infrastructure.
The issue of cyber warfare often gets
blurred into other ongoing political,
military and economic rivalries and
disputes, making it harder to police on an
international level, as the world becomes
increasingly polarized. However, there is
still great potential for agreements to
protect against and combat cyber
warfare.
(Retrieved from: Stuxnet: The Virus That Shutdown
Iran’s Nuclear Program, Who Developed Stuxnet,
And How The U.S. Protects Itself. (2018))
CURRENT SITUATION
Since cyber defence raised red flags to
those governments targeted, it has
become a reality for the whole
international community that the use of
technology, apart from dominating the
world and serving societies as an asset, is
also a very vulnerable tool that is prone to
suffer deliberate attacks which can have
society’s productiveness at a standstill.
International Actions:
The Tallinn Manual:
The United States Department of Defense
named cyberspace a new domain of
defense only as recently as 2011 and
characterizes cyber action as an emerging
“instrument of power”. International
regulation and law is only now just
starting to address cyber warfare in its
scope of understanding, with a great step
having been taken in the publication of
the Tallinn Manual as recently as March of
2013. This initial established policy on
international cyber security will hopefully
lay down foundations and precedent for
resolving and perhaps preventing cyber
conflicts. Certainly this field brings with it
new threats and new incentives for
innovation, but its rapid development will
require more and more attention. This
behooves people who exist at the
intersection of technical expertise and
policy experience to step into the
challenging nexus of cyber security, so
that the world can move into a more
secure future.
UN Actions Taken:
The UN General Assembly, Economic and
Social Council, and Security Council often
stress the importance of cybersecurity.
These organs usually refer responsibilities
to the International Telecommunications
Union (ITU) which is a UN agency based in
Geneva which is responsible for
coordinating efforts on these issues. They
study cyber activity and set standards to
which various governments are supposed
to adhere to. The difficulty with such
organizations is these standards are often
non-binding and there are not enough
mechanisms to force countries to play by
the rules. Another major difficulty in
combating cybercrimes is the sheer
amount of data that needs to be
monitored in order to catch
cybercriminals. Several NGOs have
stepped up efforts to monitor cyber
activities and on reporting on
cybersecurity issues. The International
Association of Cybercrime Prevention
which “provides information and training
about cybercrime prevention. It is also an
interdisciplinary research organization
bringing together experts, professionals,
and individuals involved with the misuse
of Information Communications
Technology.” The Cyber Peace Foundation
is another NGO which is also involved with
raising “awareness, counseling, education,
training and to reach out to the citizens,
the governments, law enforcement
agencies (LEAs), private enterprises, NGOs
working in cyber crimes and cyber
security, universities, cyber security
experts and bug bounty hunters; to
provide a common platform on a global
level.”
ORIENTATION AND OBJECTIVE OF THE
COMMITTEE
The threat of nuclear our other
radiological material being misused is a
pressing reality of today’s world. The
cyber security in nuclear framework must
address both random malicious acts to
complex targeted attacks. The World
Conference On Cyber Security being a
fundamental committee for world peace
is expected to come up with a
comprehensive solution to the topic,
where a new legal framework is drafted
and by working together with fellow
organizations such as the UN, and both
the International Criminal Court and the
International Court of Justice to ensure a
proper prosecution to those who attempt
to tamper with international peace and
stability through means such as
technology which are fundamental for the
modern day society. Cyber attacks can be
prevented with two different types of
measures: The first type intending to
prevent states from carrying out cyber
attacks and the second type being
measures to increase security of the
networks which have the highest risk of
being attacked. Most states have laws
regulating computer crimes done by
individuals or non-state actors to
hopefully prevent any cyber attacks but
other states are not bound to any rules
yet. They would only have to be aware of
the reaction of the attacked country.
Besides definitions of cyber warfare and
information warfare and other important
terms, an internationally agreed list of
computer crimes or rules should therefore
be established, maybe in combination
with an organization monitoring the
cyberspace, with large and serious
consequences against states
violating these rules. A proper framework
should evaluate the current Tallinn
Manual on the International Law
Applicable to Cyber Warfare and a
structural reform to any organizations
accountable for the provision of security
strategies to prevent fellons from
tampering with networking systems or
even countries using their technological
supremacy to manipulate organizations
for their own interest.
GUIDING QUESTIONS
1. Considering the continues
breaches in cybersecurity, what
legal definitions and spectrum
should cover terms such as cyber
warfare, cyber crimes, and cyber
attacks?
2. What responsibilities should be
shared among the international
community to prevent further
inter- state aggressions? Should
sanctions be considered in
committees such as the UNSC?
3. What measures should be taken to
counter, prevent, or decrease the
sophisticated cyber attacks that
are increasing constantly from
state to state?
4. How can security be increased
without violating the privacy of
citizens? What measures can be
taken to ensure the right to
personal privacy?
SOURCES
Ophardt JA. Cyber warfare and the crime
of aggression: The need for individual
accountability on tomorrow's battlefield.
Duke L. & Tech. Rev.. 2010:
NATO. (2018). Cyber defence. Retrieved
from https://www.nato.int/cps/en/
natohq/topics_78170.htm
Defence Cyber Command. (2018).
Retrieved from https://
english.defensie.nl/topics/cyber-
security/cyber-command
Cyber Warfare. (2018). Retrieved from
https://www.rand.org/topics/cyber-
warfare.html
Nicholson, A., Webber, S., Dyer, S., Patel,
T., & Janicke, H. (2012). SCADA security in
the light of Cyber-Warfare.Computers &
Security, 31(4), 418-436.
SUPPORT LINKS
https://jia.sipa.columbia.edu/
consequences-cyber-attacks
https://www.researchgate.net/profile/
Huaiqing_Wang/publication/
277422914_Cyber_warfare/links/
558bd6c208aebb816aeb83c7/Cyber-
warfare.pdf
Jensen, Eric Talbot. "Cyber warfare and
precautions against the effects of
attacks."
https://www.techopedia.com/
definition/13600/cyberwarfare
http://www.itpro.co.uk/security/28170/
what-is-cyber-warfare
TOPIC C: MONITORING OF CYBERSPACE
The cyberspace is a common name used
to refer to the virtual world created by the
users of technology and the internet. The
cyberspace provides the opportunity for
people to share data and information,
engage in dialogues and use the tools that
the internet provides to their benefit.
The term “monitoring of the cyberspace”
refers to the capacity a government,
group, person or organization has of
gathering and observing different types
cybernatical activities performed solely in
digital platforms. This implies that the
information within the device is
impossible to acquire through usual
mediums or is unavailable to the general
public.
As it was mentioned before, monitoring
the cyberspace can be performed by a
series of people, however, it is possible to
divide them into two categories,
monitoring done legally or done illegally.
In some cases governments have bylaws
and legislations that let them monitor
certain parts of the cyberspace in order to
stop cybercrime, protect national security
and obtain any useful information for
intelligence and federal agencies. There
are cases, however, in which governments
obtain information illegally because they
don't have the regulations needed or they
abstain to follow the restrictions and
specifications needed on the monitoring
of the cyberspace.
Companies and organizations can also
partially monitor certain parts of the
cyberspace in order to gather information,
this is known as corporate surveillance
and is used with marketing purposes or
given to other companies. The data
recorded includes the activity done
directly in application or website or they
get access to the users research history in
order to profile more suitable ads.
Companies can also sell the information
gathered about a client through their
application to other corporations, the
information is then used to better
understand personality. interests,
relations and likings so they can better
target their products into potential
clients. Companies also use it to protect
their intellectual property and monitor
employees performance and activity while
at work.
Finally, illegal groups and criminals can
also monitor the cyberspace in order to
perform crimes, expand their groups or to
perpetrate the information of a specific
government or person. Exploiting
vulnerabilities of a digital device or using
peoples inexperience, they use softwares
to access information of a computer or a
web page, they usually use an external
source (Such as a link) to enter into the
databases of computers and servers. This
kind of monitoring of cyberspace has
several purposes, to gain economical
assets by treating people that they will
share their private information and then
bribing them, to damage the image of
someone (generally a public figure) or to
obtain information from the government
or public institutions that can potentially
help them perform illegal activities with a
lower chance of being caught or in the
case of terrorist organizations to better
know certain details (usually about
security of places) that can help them
perpetuate attacks.
HISTORICAL CONTEXT
The internet is the most influential and
inclusive form of technology, it has
revolutionized the world and the way that
people communicate. It was first
developed in the 1960s in the United
States with the creation of computer
science laboratories that were able to
perform and send messages into another
computer, named “ARPANET”. As the
cyberspace notably increased its users
and consequently the amount of
information and data that is shared and
stored in the cyberspace, so did the need
for governments, companies and criminal
groups to monitor it.
It is possible to say that since the creation
of the internet different forms of
monitoring have been implemented, for
instance, when ARPANET was first
created, there was already interest of the
NSA, the national security agency and
other intelligence agencies of the United
States, at this point in time, what we
know today as the internet was still in
development and was not widely used, in
1978, an act known as “FISA” was passed
in the US which made it more difficult for
agencies to monitor and surveill the
information of people without a
justification or suspicion. Other countries
also started to monitor certain parts of
the cyberspace. From the year 2000 to the
actuality, governments all around the
world started to monitor a big portion of
the cyberspace. In the US, after the 9/11
incident occurred a program of mass
monitoring was implemented, in which
emails and messages send from certain
operators could be obtained by the
government.In the European Union from
2007-2014, the “Data retention directive”
forced to retain phone calls and messages
and give them to the government if
needed, it then became invalid as it
violated private life. Today, most
governments use several mechanisms to
control and monitor the cyberspace, some
do it legally and some illegally
Illegal groups have tried to monitor the
cyberspace since the very beginnings,
from intercepting emails and messages
when the internet was first created to
accessing important government
information stored in the cyberspace. At
first(1980-2000), the internet was partially
monitored by this groups to commit
bribery and spy on people's information.
However, in the recent years it has
become a tool to access information of
the government that can favor their
economic activities or they can monitor
the information of a certain group of
people.
CAUSES
Monitor criminal activities done through
the cyberspace and outside the
cyberspace:
Governments all around the world have
the necessity to protect their own people
and make sure that laws and regulations
are followed, as it is well known, the
cyberspace connects millions of people,
for this reason, all sorts of criminal
activities are currently observable in the
cyberspace. There are several examples of
how illegal actions occur in the internet,
stealing of credit cards, people posing as a
person or company, bribes and tools to
facilitate illegal actions in real life such as
trafficking of drugs, people or weapons.
As governments are in the necessity to
protect their legislations and assure the
well being of their people, they need to
monitor the cyberspace so they can track
down people or groups that are involved
in illegal activities and take the necessary
actions to stop them. It is also common
that the government monitors the
cyberspace of people that are suspected
to be involved in illegal activities in real
life so they can acquire possible evidence
of their involvement in a certain crime,
depending on the country it can be done
with or without an authorization of a
judge or authority.
Seek for national security:
As it was mentioned in the point before,
the cyberspace connects millions of
people, this includes terrorist groups or
people trying to perpetuate the security
of a country. Governments are really
interested on their national security, and
most of them see monitoring the
cyberspace as a tool to prevent attacks or
massacres that could vulnerate the
general well being of a country. An
example of monitoring caused by this
reason, would be the huge increase in
monitoring of the cyberspace that
occurred in The United States after 9/11,
in which federal law could access phone
call and information such as emails,
messages that was passed in certain
operators such as at&t.
Perception of how terrorism could be stop in the
us, shows people also agree monitoring in
cyberspace can address the issue
(Retrieved from
https://www.barna.com/research/american-views
-terrorism-15-years-911/)
Obtaimentent of profitable information
(Ilegal groups):
One of the causes for the cyberspace to
be monitored by criminal organization, is
that it lets them acquire information and
data which they can use to gain a
considerable amount economical
resources, by entering into financial data,
credit card information, passwords,
photos, messages and documents of
people they have a variety of crimes they
can perform. They can take money from
the credit cards, they can bribe the person
or they can sell information to external
buyers. At the other hand, criminal and
even terrorist organizations may try to
surveill/monitor government information
so they know important details such as
security points, if they are suspected of
any crimes, possible places where there is
few government security and other data
that is useful for them.
Obtainment of compromising
information of a targeted group, person
or organization:
In today's world, lots of the information
about a person, government, institution
or organization is contained in the
cyberspace, this information can have few
importance or it can being highly
compromising for the integrity, the image
or the well being. For this reason,
monitoring the cyberspace can be used to
directly affect someone or a group of
people. As compromising data is obtained
through different forms of monitoring, it
can be published or put into disclosure to
a wide range of people which can
potentially change public opinion on the
person or institution and in this way
deeply affect them. It is important to state
that this reason for monitoring includes
terrorist groups or even other
governments that want to cause harm by
damaging the image.
REPERCUSSIONS
Violation of privacy related laws and
rights:
Nearly all countries around the world
have agreed upon the importance of
people's privacy, to ensure people's
privacy are protected each country has a
set of laws and there are several
international agreements such as the 12
article of the human rights that also
pursue this purpose. People's privacy can
be deeply vulnerated because of
governmental monitoring of the
cyberspace which puts their private life
into full exposure for government officials
and intelligence agencies. In many
occasions countries violate their own
legislation and agreements by deliberately
monitoring the cyberspace.
Government and people's exposure:
As criminal groups and hackers access a
person's information, it is exposed to
economical and social consequences as
economical resources are taken from
them or intimate information is made
public which puts the person's well being
and intimacy at risk. As this groups of
people also target governments there are
also lots of consequences, its plans,
investigations and security flaws could be
perpetuated. Public figures can also have
their image deeply affected when
opposite governments or organizations
expose compromising information such as
the publishing of secret democrat
information in the past 2016
election,which was obtained by
monitoring secret information of the
political party which exposed several
emails send by democrat party figures
which ultimately affected Hillary Clinton's
campaign to presidency, it is unclear if the
information was gathered by the Russian
government but the fact that it was done
illegally is certain.
New methods for illegal groups to
monitor the cyberspace:
As the government improves its tactics of
monitoring the cyberspace and detecting
criminal activity, illegal groups are each
day developing new softwares and
technology that is each time more difficult
to monitor, forcing the government to
invert each time on better technology and
develop new ways to control what is
happening in the cyberspace.
CURRENT SITUATION
International treaties:
European Union data retention directive:
This agreement involving the European
Union was drafted in 2004 and was
ceased in 2014. It stated that all
telephone companies should keep record
of all telephone calls and messages for
upto a year and that they should be up to
the disposal of the national government
at any given time. After around 10 years
of function in the EU, the directive was
abolished in april of 2014 by the European
Court of justice, (the justice entity of the
European Union) after a case brought by a
Irish digital rights group against the Irish
authorities showed the law had certain
inconsistencies with the rights of privacy,
this led the court to review this law again
and then declaring it abolished, stating it
violated respect for private life and
protection of data.
The International Covenant on Civil and
Political Rights (article 17):
The international covenant on Civil and
political rights was a treaty drafted in
1966 in the General Assembly, which was
signed and ratified by almost every
country in the United Nations including
Russia, United States and the UK. Article
number 17 stated “ No one shall be
subjected to arbitrary or unlawful
interference with his privacy and
Everyone has the right to the protection
of the law against such interference or
attacks”, it is possible to state that this
agreement has not worked taking into
account lots of countries still use unlawful
methods of monitoring of cyberspace that
jeopardize privacy.
Countries agreeing to the covenant
(Retrieved from
https://en.wikipedia.org/wiki/International_Coven
ant_on_Civil_and_Political_Rights )
USA freedom act (2015):
After many claims that the Patriot
Act(important privacy law before the
freedom) was violating in several ways the
privacy of american people, the freedom
act was created, it states that the NSA still
has the capacity to monitor the
cyberspace in search of national security,
protection and law enforcement,
however, it puts certain restrictions to the
government, for example, if the NSA
wants to access a phones data it has to go
to a court named “FISA” with some
evidence of suspicion. Certain limitations
that it has shown are long amounts of
time before the NSA is given permission
which could lead the NSA to ignore the
court in cases of urgency.The law has
partially worked as monitoring the
cyberspace has led to some important
information and preventions taken for the
american government, however, there are
still many claims of privacy violations and
the number of valuable information
compared to useless data is too low.
Study cases:
The United States:
Although high monitoring of the
cyberspace from the United States and
companies within this territory has helped
with the prevention of some illegal
activities, and has partially helped to
protect national security, it has already
been used negatively, violating in this way
the very important right of privacy. An
example of this violations happened in
2016 during the presidential elections,
The Republican National Committee hired
an Internet research firm named Deep
Root Analytics with the purpose of helping
Donald Trump to win. The firm obtained
information of around 200 million
Americans in order to target political
preferences of each person. some of the
data gathered included phone numbers,
race, what people liked and their family
names, they were able to illegally obtain
this information through several
algorithms including one of the world's
largest social media platforms, Facebook.
After this kind of events, people in the
United States and all around the world are
concerned about the effects that a total
monitoring of the cyberspace from
governments and companies could
assemble on their rights and their privacy.
China:
China is one of the countries with the
most monitoring of its cyberspace around
the world, they nearly control all aspects
of the cyberspace of their people. Not
only they have major control, but they
have blocked several pages and
applications that are accessible in the rest
of the world such as whatsapp, facebook
and google. Meaning that chinese people
can only use local applications. China
takes advantage of monitoring only local
websites and applications as it is easier to
surveil and access information. The
chinese government can practically see
any action that is taken from a mobile
device, for example, china's largest
messenger app “wechat” provides all
messages, photos and media sent to the
government. The government not only
monitors information from the
cyberspace but control what information
is put online, since 2017 the government
requires all news to be posted to be
checked by editorial staff which clearly
belongs to the government. The chinese
government not only violates all rights of
privacy but also violates the right of free
speech through its extensive monitoring.
China's monitoring rate through the years, shown
with the blue line
(Retrieved from
https://www.economist.com/briefing/2016/12/17
/china-invents-the-digital-totalitarian-state )
GUIDING QUESTIONS
1. What are the national laws that
apply for the monitoring of the
cyberspace of your country?
2. What international treaties has
your delegation been part of? In
case it has not been part of any,
why not?
3. What are the types of cybercrime
that your country is most affected
of and what have been the social
and economical applications?
4. What have been the statements
and position of your country
towards the moderation and
control of the cyberspace? In case
they are very moderated, how has
this affected the privacy of the
people of your delegation?
ORIENTATION AND OBJECTIVE OF THE
COMMITTEE
We expect that the delegates come very
prepared regarding the position of their
delegation towards laws and regulations
on the monitoring of the internet within
their country, the justification their
country has given for monitoring, detail
on the involvement of illegal groups in the
monitoring of the cyberspace, we also
expect that the committee understands
the implications that monitoring the
cyberspace could have on the privacy of
its citizens. Solutions on how governments
can reduce criminal action and protect
their national sovereignty without
reaching their citizens private life should
be discussed and the implications of illegal
groups monitoring data about citizens and
compromising government information
should be taken into consideration. The
purpose of the committee is that the
delegations present are able to reach
agreements on how governments should
monitor the cyberspace, always taking
into consideration that the sovereignty of
every country needs to be respected and
that in order for the agreement to be
legitimate in needs to respect all other
types of rights such as the right of privacy.
SOURCES
-Timeline of NSA Domestic Spying
1791-2015. (2015). Retrieved from
https://www.eff.org/es/nsa-spying/timeli
ne
-Dreyfuss, E., & Newman, L. (2011). How
9/11 Completely Changed Surveillance in
U.S. Retrieved from
https://www.wired.com/2011/09/911-sur
veillance/
-Storage, C. (2019). What is the USA
FREEDOM Act? What's So Free About It?.
Retrieved from
https://www.cloudwards.net/freedom-act
/
-Media Censorship in China. (2017).
Retrieved from
https://www.cfr.org/backgrounder/media
-censorship-china
SUPPORT LINKS
-https://www.ohchr.org/en/issues/digital
age/pages/digitalageindex.aspx -
https://theintercept.com/2014/10/15/un-
investigator-report-condemns-mass-su
rveillance/
-https://www.techopedia.com/definition/
31668/network-surveillance -
https://policyreview.info/articles/news/n
ew-un-resolution-right-privacy-digital-
age-crucial-and-timely/436 -
https://www.techopedia.com/definition/
24954/internet-privacy