Proposal

APrIGF 2023 Session Proposal Submission Form
Part 1 - Lead Organizer
Contact Person
Ms. Pavitra Ramanujam
Email
Organization / Affiliation (Please state "Individual" if appropriate) *
Association for Progressive Communications
Designation
Asia Digital Rights Lead
Gender
Female
Economy of Residence
India
Primary Stakeholder Group
Civil Society
Part 2 - Session Proposal
Session Title
A Framework for Developing Gender-responsive Cybersecurity Policy
Session Format
Workshop
Where do you plan to organize your session?
Onsite at the venue (with online moderator for questions and comments from remote participants)
Specific Issues for Discussion
In an increasingly digital world, with emerging technologies poised to bring significant change to cyberspace, cybersecurity is critical for both individuals and states. In Asia, states have introduced a series of policies in recent years that seek to protect national interest, critical infrastructure and safety of citizens. A crucial consideration is the impact of cybersecurity frameworks & policies on women and other gender minorities, who experience special risks and suffer consequences from particular threats.

However, the intersection of gender and cybersecurity is still a field in development. While experts recommend the integration of gender into cyber policies and norms, there is a need for more practical guidance on how this can be done. To fill this gap, APC has collaboratively created a framework for developing gender-responsive cybersecurity policy.

During this session, APC will present this framework that aims to provide practical recommendations for those seeking to uphold women & LGBTQI+ rights in and through national cybersecurity strategies and in international negotiations and processes. In the session, APC will present the framework [https://www.apc.org/en/pubs/framework-gender-cybersec], its key findings and recommendations. We will also hear from the APrIGF community through breakout groups and a facilitated plenary discussion on how gender issues are understood in the context of cybersecurity in the region, the current gaps & challenges in integrating a gender perspective in cybersecurity and the usefulness of this framework in helping them to champion gender in their cybersecurity work.

With this workshop, we seek to discuss the framework, gather input for future work on this agenda and continue giving visibility to the differentiated impacts of cyber incidents on women and LGBTQI+ communities. APC also seeks to identify and work with interested stakeholders in the region to use the framework in their work and advocacies.
Describe the Relevance of Your Session to APrIGF
The session directly relates to the overarching theme of this year’s APrIGF. As the Asia-Pacific region is adapting itself to emerging technologies such as AI, cloud computing and Internet of Things, effectively strengthening cybersecurity is a must in order to ensure that people can enjoy a safe and secure digital future.

While a gender approach to cybersecurity looks keenly at how cybersecurity impacts women and other gender minorities, it is much more than that. It is a perspective that addresses the differentiated risks and impacts of cyber threats and to make cybersecurity responsive to the complex and differentiated needs, priorities and perceptions based on gender and other factors. This becomes particularly pertinent in the context of emerging technologies, which are set to bring newer and more complex cyber threats; therefore, it is crucial that we take these factors into consideration while preparing for the future of the internet.

The session falls under the Trust and Inclusion tracks. Cybersecurity and trust in cyberspace are not technical issues only. The gender perspective in cybersecurity can positively impact on the robustness and resilience of infrastructure in the face of attacks, strengthen diversity in cybersecurity and build trust amongst previously unheard stakeholders. Further, this session will seek to bring in vulnerable and marginalised groups such as women & LGBTQI+ communities into the conversation on cybersecurity, to create a more inclusive online space for all.

This session will help to collectively identify future policy advocacy and research opportunities, including unresolved questions around an intersectional gender approach to cybersecurity. Beyond this workshop, this framework will seek to provide guidance to policymakers to incorporate gender into cybersecurity legislation and strengthen civil society to engage in global and national policy spaces to advocate for the inclusion of gender into cyber policies and norms.
Methodology / Agenda (Please add rows by clicking "+" on the right)
Time frame (e.g. 5 minutes, 20 minutes, should add up to 60 minutes) Description
5 minutes Welcome and introductions by facilitator
10 minutes Facilitator will present the APC framework and key findings and recommendations. This segment will also give participants the opportunity to share examples of gender approaches in cybersecurity policies in Asia Pacific.
25 minutes Three (3) facilitated break-out groups which will discuss the following: (i) What does a gender approach to cybersecurity mean to you? (ii) What are some challenges related to applying a gender perspective to cybersecurity in the region? What are the gaps that future work on cybersecurity, gender and intersectionality should address? (iii) How could this framework be useful to bring in this gender perspective?
15 minutes Report back and plenary discussion
5 minutes Conclusion and next steps
Moderators & Speakers Info (Please complete where possible)
  • Moderator (Primary)

    • Name: Pavitra Ramanujam
    • Organization: Association for Progressive Communications
    • Designation: Asia Digital Rights Lead
    • Gender: Female
    • Economy / Country of Residence: India
    • Stakeholder Group: Civil Society
    • Expected Presence: In-person
    • Status of Confirmation: Confirmed
  • Moderator (Facilitator)

    • Name: Veronica Ferrari
    • Organization: Association for Progressive Communications
    • Designation: Global Policy Advocacy Coordinator
    • Gender: Female
    • Economy / Country of Residence: Argentina
    • Stakeholder Group: Civil Society
    • Expected Presence: Online
    • Status of Confirmation: Confirmed
  • Speaker 1

    • Name: Chat Garcia Ramilo (breakout group facilitator)
    • Organization: Association for Progressive Communications
    • Designation: Executive Director
    • Gender: Female
    • Economy / Country of Residence: Philippines
    • Stakeholder Group: Civil Society
    • Expected Presence: In-person
    • Status of Confirmation: Confirmed
  • Speaker 2

    • Name: Carlos Rey Moreno (breakout group facilitator)
    • Organization: Association for Progressive Communications
    • Designation: Manager, Local Access Programme
    • Gender: Male
    • Economy / Country of Residence: Australia
    • Stakeholder Group: Civil Society
    • Expected Presence: In-person
    • Status of Confirmation: Confirmed
  • Speaker 3

    • Stakeholder Group: Select One
    • Expected Presence: Select One
    • Status of Confirmation: Select One
  • Speaker 4

    • Stakeholder Group: Select One
    • Expected Presence: Select One
    • Status of Confirmation: Select One
  • Speaker 5

    • Stakeholder Group: Select One
    • Expected Presence: Select One
    • Status of Confirmation: Select One
Please explain the rationale for choosing each of the above contributors to the session.
This session will be facilitated by the Association for Progressive Communications (APC) team. APC is an international civil society organization and a network of members dedicated to empowering people working for peace, human rights, development and protection of the environment, through the strategic use of digital technologies.

APC supports women, gender diverse people and vulnerable groups to safely connect and use digital technologies in ways that respond to their lived realities. We approach cybersecurity as a human rights issue since people are the ones impacted by cyber incidents and threats.

APC conducts research on these issues and monitors and engages in cyber policy development at global, regional and national levels. In Asia, APC has been working to incorporate a rights-based approach to ICT policy, including cybersecurity policies.

Pavitra Ramanujam is the APC Asia Digital Rights Lead. Pavitra coordinates APC’s digital rights work in the region, which includes a rights-based and gendered analysis and advocacy of ICT laws and policies in Asia.

Veronica Ferrari is APC Global Policy Advocacy Coordinator. Veronica coordinated the development of APC framework for developing gender-responsive cybersecurity policy and leads the engagement of the organization's global cybersecurity policy process such as the UN OEWG.

Chat García Ramilo is APC executive director. Chat has extensive experience working on the intersections of gender and ICT internationally. Chat was the manager of APC’s women’s programme from 2005 to 2012 and led multi-country ICT for development projects that focused on gender equality and women’s empowerment.

Carlos Rey Moreno leads APC work on digital inclusion, with a focus on community networks. This includes looking at the connections between digital inclusion (and exclusion) and cybersecurity and the differentiated vulnerabilities created by the digital divide in terms of cyber attacks.
Please declare if you have any potential conflict of interest with the Program Committee 2023.
Yes
If yes, please detail the person and his/her level of engagement on your session proposal. (e.g. 1 or more of the PC members are co-hosting/moderating/speaking at the session)
Organiser and facilitator is co-convenor of the program committee.
Are you or other session contributors planning to apply for the APrIGF Fellowship Program 2023?
No
Brief Summary of Your Session
The focus of the session was to initiate a discussion amongst the participants on the need for inclusion of gender perspectives into cybersecurity policy at the national level in various countries in the Asia Pacific. This was done through the presentation of APC’s framework for a gender-responsive cybersecurity policy and subsequent discussions through breakout groups with those present in the room.

The session started with an introduction to APC’s framework by the main moderator, Veronica Ferrari, APC’s global policy advocacy coordinator. She explained that the framework is mainly intended for policymakers working on cybersecurity policies and as an advocacy tool for civil society working on cybersecurity and advocating at the national level. The framework can also be useful for regional and international organisations developing guidance on how to draft national cybersecurity strategies.

The presentation included important points around what a gender approach to cybersecurity could look like, why it was important and how to use the assessment tool that was put together by APC. This tool looks at how to assess cybersecurity policies at different stages of their maturity including the start-up stage, formative stage and established stage to ensure that any cybersecurity legislation is inclusive and well-rounded.

On the conclusion of the presentation, the participants were split into three breakout groups to discuss some key questions which included:
- What are the crucial factors that a gender perspective to cybersecurity should consider in the region?
- What are the obstacles associated with implementing a gender perspective in the context of cybersecurity in the region?
- How could this framework be useful to bring in this gender perspective in your work?

After 20 minutes of facilitated discussions in the breakout groups, participants shared their feedback through a report-back in the plenary. The session ended with a brief conclusion by APC on how this framework can be adapted at the national level in different countries in the region, and the ways in which APC is able to work with key stakeholders in the room to achieve this objective.
Substantive Summary of the Key Issues Raised and the Discussion
The key issues raised during the discussion were around the lack of considerations given to gender when it comes to developing cybersecurity frameworks in the region, and the need to include these perspectives to ensure that internet regulation is more inclusive.

The discussion also focused on the importance of a gender approach to cybersecurity, not only to ensure that women are protected online but also for broader considerations, such as (i) a gender approach to cybersecurity is not only a ‘women’s’ issue but rather a question of power structure and hierarchies (ii) cybersecurity is not only a technical issue but can contribute to mitigating inequalities and discrimination more broadly, and (iii) cybersecurity is not gender-neutral and does impact gender and other identities in many intersectional ways which can have far-reaching consequences for various communities.

The discussion detailed what a gender approach to cybersecurity is about, which includes understanding and addressing the differentiated risks and needs faced by complex subjects (or individuals) in the context of cybersecurity; one that is explicitly intersectional to make cybersecurity responsive to the diverse security priorities, perceptions and practices; one that recognises practices of care and gives people agency and questions and works to overcome the lack of intersectional diversity in a broad sense in cybersecurity.

Other points raised during the session include the various nodes that need to be considered while discussing the implications of gender in cybersecurity, including the gender-gap in the cybersecurity field, dimensions of gender-based violence online, differentiated vulnerabilities to cyber attacks, reconfiguring cybersecurity analysis frameworks, enabling feminist autonomous infrastructure, and reviewing international public policies on cyber security.

Key issues also included the importance of having a gender perspective while designing a cybersecurity framework at the national level. Without a systemic approach to cybersecurity policy, large segments of the population are left vulnerable to cyber threats. Without a gender approach to policy, critical security decisions will be made based only on assumptions and partial or incomplete information. As a consequence, national security as well as human rights are weakened.

Finally, the discussions with participants raised various key issues related to the current context in Asia Pacific relation to cybersecurity. Some of the points raised during the discussion included the increase in cybersecurity legislation in the region which heavily favour censorship and curtailing of public opinion, leading to shrinking civic space online, lack of safety for women and other minorities due to prevalence of hate speech, disinformation and gender-based violence, as well as patriarchal and cultural values in the region influencing the outcome of such legislation.
Conclusions and Suggestions of Way Forward
The overall vision for this framework on gender-responsive cybersecurity policy is as follows:
- The gender perspective is considered strategic in cybersecurity by all stakeholders.
- The gender perspective in cybersecurity has a tangible positive impact on the robustness and resilience of infrastructure in the face of attacks, has strengthened human rights for the diversity of people in cyberspace, and has had a positive impact on mainstream and dynamic cybersecurity cultures at the corporate and societal levels.
- The country applying this framework has become a champion of the gender perspective in cybersecurity at the regional and international levels.

At the end of the session, APC highlighted our intention to continue working with the various stakeholders in the room to socialise this framework at the national level as well as support interested actors in adapting this framework to national needs. This would include consultations with stakeholders at the national level, holding capacity building workshops for policy-makers, journalists and civil society, as well as helping to frame policy briefs and other research around this issue at the national level.
Number of Attendees (Please fill in numbers)
    • On-site: 50
    • Online: 14
Gender Balance in Moderators/Speakers (Please fill in numbers)
  • Moderators

    • Male: 1
    • Female: 4
How were gender perspectives, equality, inclusion or empowerment discussed? Please provide details and context.
The focus of the session was the inclusion of gender perspectives into discussions around cybersecurity and cybersecurity policy at the national level in Asia Pacific. The issues considered during the session were aimed at ensuring that the conversations around cybersecurity were broadened beyond national security issues to consider the impact on individuals and communities, the disproportionate impact of such policies on women and gender-diverse persons and enabling the inclusion of provisions that can protect women and gender-diverse persons online into cybersecurity legislation.
Consent
I agree that my data can be submitted to forms.for.asia and processed by APrIGF organizers for the program selection of APrIGF 2023.