Beruflich Dokumente
Kultur Dokumente
Al-achkar Jabbour
Imad Y. Hoballah
The Regional Pan Arab Legal and Regulatory Observatory for Cyber Security
Cyber space is the domain that generated from the interconnection between computers
and telecommunication, to store, modify, and exchange data via networked systems and
associated physical infrastructures, without regard to physical geography. So, its security
largely depends on the data and the ICTs’ security.
Banking institutions, energy, states agencies, hospitals, business, education, and even
social affairs heavily rely on their online presence.
With flowing information through boundaries and different legal systems, and the
connectivity between the networks around the globe, there is a growing need to protect
personal information, funds and assets, as well as national security.
Thus, Cyber security issues have stepped into the light and into public as well as private
sectors land of interests.
Background
Cyber security is about building confidence and security in the use of ICTs that support
trust in information society.
Consequently, we can define it as including all activities and operations aiming at threat
and vulnerabilities reduction, prevention and protection, incident response, recovery
policies, data assurance, law enforcement, military and intelligence operations relating to
security of the cyber space.
This latter touches practically all activities and all citizens around the globe; it provides
tremendous opportunities to enhance human development as well as to achieve better
integration in Information society. It also supports wider access to knowledge and
education, as well as to the development policies and strategies.
Moreover, it has imposed new type of commercial, professional and social paradigms,
giving rise to number of legal and technical problems that must be addressed, on the basis
of respecting its special nature, and needs. Hence, different approach and different
methodologies from what has been adopted before the age of information and
communication technology are needed.
Nevertheless, many governments and societies fear the negative impact ICTs can have on
their own citizens because of the potential dangers it carries, and because of the
economic, the social, and the security challenges it poses.
Authorities in charge are trying to find the way to prevent and punish new forms and
types of illegal and criminal activities such as: ICTs’ crimes where we find computer-
based assault. Many governments have already adopted particular regulations and
legislations as an answer to the need of ensuring adoption of security’s measures and
techniques.
Who is it?
The observatory is an independent group with no ties but to the interest, the safety and
the security of the Arabic and regional “Cyber Space”.
It represents a pioneering effort to develop the first Arab Cyber Security task force,
seeking to watch and screen the status of cyber Security in Arab countries, by gathering
and analysing data on Legal, regulatory, educational, social and technical environments
that impact safety and security. With high-level profiles members, the observatory holds
a unique position that allows it to draw on a broad network of scholars and activists. In
this context, the observatory members aim to work together toward shaping the way the
Arab world will protect its information society in the Information Age. They aim also to
serve as an advisory body to the private and to the Public Sectors and to the State’s
departments.
Principles of work
The observatory work respects and acknowledges some vital principles such as:
- Security’s importance cannot be appreciated without first understanding how much is at
stake.
- No country or government can succeed in securing its cyberspace and in reaping the full
benefits of the digital age if it works in isolation.
- Strategy of Cybersecurity shall be shaped according to international standards and
norms which are critical in establishing a secure and thriving digital infrastructure.
- Homogenizing and approaching legal systems are vital to ensure cyber security
especially at levels like: territorial jurisdiction, and use of force, investigation and
prosecution of cyber crime, data preservation, protection, and privacy.
- The government shall keep its classical role and responsibility in protecting and
defending its citizens’ wellbeing, as well as the country and its cyber space. It cannot
entirely delegate or abrogate its role in securing the Nation from a cyber incident or
accident.
- The government shall develop its own vision of its role in the digital age at the
awareness, capacity building and long life learning levels, to ensure better use of the ICT
potential and to better address national economic needs as well as national security
requirements.
Objectives
The objectives of the observatory stand on the WSIS Geneva Declaration of Principles,
Para 35, stating that “strengthening the trust framework, including information security
and network security, authentication, privacy and consumer protection, is a prerequisite
for the development of the Information Society and for building confidence among users
of ICTs”. As well as on the WSIS Tunis Agenda, Para 39, reaffirming ““… the necessity
to further promote, develop and implement in cooperation with all stakeholders a global
culture of cyber-security as outlined in the United Nations general Assembly resolution
57/239 and other relevant regional frameworks. Thus, particular attention will be paid to
the Steps to be undertaken in order to support the development of a Cyber Security
Culture.
And, many objectives are seen as essential to achieve better integration in the information
society. Here we can mention as objectives:
- conduct a dialogue on Cyber security to develop more public awareness of the threats
and risks and to ensure an integrated approach toward the Nations’ need for security and
their commitment to citizens’ protection and crimes’ prevention.
- Integrate workable plans to address cyber security related issues confronting the
different governments.
- Elaborate a Harmonized approach to build synergies between cyber security initiatives
Through Comprehensive strategies on all levels in multiple work areas:
1 •legislative rules and measures
2 •Technical measures
3 •Organizational structure
4 •awareness Capacity building
5 •Inter-states and International cooperation
- Establish a comprehensive framework in the Arab world that can ensure coordinated
responses and recovery by the governments, as well as by the private sector, to a
significant incident or threat.
- create a resource of cyber security guides from a variety of organizations.
In order to achieve these objectives the observatory will:
- Produce a clear and consistent overview of the emerging cyber security needs of the
Arab-Speaking society, as well as of the legal and regulatory framework that should
be dealt with
- Cover the commercial, economic, academic and social aspects of cyber security
There are many aspects to consider with regard to enhancing cyber security in the Arab
world. Hence the observatory will conduct studies, researches, and capacity building
workshops and seminars, with focus on: best practices in responding, detecting and
preventing attacks, as well as in raising awareness, decreasing cyber crimes and all other
related dangerous activities. Special attention will be paid to enhance cooperation
between the different national agencies in the field of forensics, data encryption, network
security, adoption of international standards and norms, and the development of the
adequate regulatory and legislative framework.
Key themes to be covered by the studies and research include the way to enhance
relationship among awareness, education, capacity building, legal and regulatory
framework, technical security, as well as the nature of reforms that can promote the
establishment of trustful information society.
Hence, the observatory gathers experts and professionals from a broad cross-section of
industry, academia, NGOs, State governments, international partners, Legislative and
Executive authorities. Actually, they are representatives of the Ministry of justice, the
ministry of Interior security and the municipalities, the General Directorate of the ISF-
the judiciary police- ”Cyber crime and intellectual property office”, the Regional
standards Bureau of Microsoft, the Arab League “Center of judiciary and legal studies”,
the Lebanese institutions for standards and norms- LIBNOR, the office of the minister of
state for administrative Reform OMSAR, the Telecommunications Regulatory Authority,
- The Faculty of Engineering – The Antonine University – and the Lebanese Information
Technologies Association (LITA).
The observatory membership is open to participation by all Arab institutions who have an
interest in making the Internet secure and who commit to disseminate the common
message of cyber security concerns in their environment. Hence , the membership of
the Observatory will be expanded to include new Arab countries and institutions.
Participation in the observatory doesn’t require a financial contribution. Secretariat and
meeting expenses are covered by the Antonine University, who supports the observatory.
The administration is run by all the members through two committees in charge of
performing the work, following-up and coordinating the various efforts: General
Committee and Executive Committee assisted by committee created according to needs.
Management
Following-up on safety standards and measures in the areas related to the use of
information technology and communications
Following-up on the latest developments in internet management and
communications, especially those that directly affect cyber security
Legal Sub-Committee: is responsible for:
Executive committee
This committee Includes representatives of all participating Arab countries who are
elected by the members of each country. Its responsibilities include:
This committee shall serve as a link between the General Committee and the member
states. Each participating country should have three members, at least. Each of these
three members should work with one of the following three sub-committees of which
the Executive Committee is composed:
Provide reports on technical data, standards, rules and statistics related to his
country
Implement recommendations of the General Committee in the technical field &
translate them into local best practices/rules
Establish a local network in his country in order to stay up-to-date with the
activities and recommendations of the General Sub-Committee, and provide
coverage of the various activities related to cyber security within his country
Apply awareness plans and capacity building programs suggested by the General
Committee
Suggested Arab countries, already having experience and taskforces in the area of
cyber security, which should have members in the above Sub-Committees are: UAE,
Qatar, Egypt, and Tunisia
Supplementary activities