Implementation of UN Cyber Norms in the Promotion of International Security: a Case Study of Kenya.

Abstract

Humanity has been transformed by development and innovation in the Information and Communication Technology (ICT) field. Indeed, we are now talking of the fourth industrial revolution driven by ICTs and the connectivity to Cyberspace. Cyberspace has been touted as one of the most significant intellectual challenges in the third millennium. It is not clear who is in charge and who will be in charge in the future. In the not too distant past, experts looked at cyber security as mainly a technical risk. Today, it is dealt with at the highest level of government as a critical national security challenge. UN member states have gradually united around an agenda of responsible state behaviour in Cyberspace. International discussions point to “cyber norms of behaviour” as being appropriate means for directing the behaviour and actions of states in Cyberspace – with the aim is to increase predictability and stability and foster trust in the utilisation of ICTs and manage misunderstandings that may result in conflicts. Eight of the eleven norms could be considered positive duties – recommend states to take a particular action while three are negative, restraining specific behaviour. Protection of critical infrastructure and cooperation are covered by several of the norms, pointing to the emphasis laid by the UN Group of Governmental Experts. This study examined Kenya’s implementation of the UN Cyber norms in promoting international security. The research study gap pointed to a lack of knowledge and non-adherence to the said norms. The existing literature addresses norm implementation in the context of the developing nations in the pre-COVID 19 era but hardly speaks to what is happening in the developing world. The study made the argument that the UN Cyber Norms promote international security by giving safeguards against cyber-attacks and fostering cyber security and stability. The study was steered by the International Regime Theories (IRT) that indicate that cooperation is possible in a setting with no higher authority to force the nations to cooperate. This study found out that there is an increasingly critical role of information and communications technologies in the Kenyan national security, economy, critical infrastructures (such as finance, transportation, water and food supplies, public health, energy, emergency services) and civil society, more so in the post-COVID 19 dispensations. It also confirms that the Cyber Norms, if followed, would result in a more stable and safer Cyberspace, thus enhancing international security. There is a need to move from Norms to an actual convention anchored on International Law to address Cyberspace matters. In terms of academic gain – there is a need to develop a theoretical framework to address the Cyberspace phenomenon, specifically cyber relations. Working together with the Private sector and Government Agencies, capacity building for cyber professionals needs to be fast-tracked. For Policymakers, identification, classification, and protection of critical information infrastructure are paramount, as is the enactment of the Critical Infrastructure Protection law. There is also a thin line between self-defence and interference with hostile nations’ critical infrastructure, as seen in the Kenya-Somalia tiff. Additional investment in cyber deterrence, expansion of the legal and policy framework, certification of ICT equipment, bilateral and multilateral cooperation as far as cyber relations are concerned (mutual legal assistance), national awareness campaigns and private sector disclosure of successful and attempted attacks must be ramped up significantly.