The Role of Intergovernmental Organisations (IGOs) in Ensuring Internet Security

As an integral part of the SIGNAL project hosted at the NRCCL, my PhD project critically assesses the role of intergovernmental organisations (IGOs) and international law in establishing security frameworks for critical internet infrastructure and cloud computing. It will map the roles and policies of selected IGOs – primarily the International Telecommunications Union (ITU), Organisation for Economic Cooperation and Development (OECD), COE, EU and World Trade Organisation (WTO) – in the field of internet security. It will further carry out a critical legal analysis and develop a framework (de lege ferenda) for future roles and policies of these IGOs – also in their interaction with other international organisations and non-governmental organisations.

About the Project

The law of IGOs is part of public international law and addresses issues such as the powers and decision-making procedures of IGOs and their relations to states. These powers are to a certain extent dependent on the respective organisation’s mission and purpose. Several IGOs have claimed a mandate for legal security requirements directed at critical internet infrastructure and cloud computing services. The limits to their powers are not clear-cut, despite the fact that traditional issues, such as telecommunications and trade, are clearly assigned to specific organisations. No individual organisation has a specific mandate for internet security, but several organisations have shown an interest in it. Part of the difficulty of delimiting the power of international organisations in the field of internet security may stem from the fact that this is an emerging and cross-cutting issue, which could be framed as a telecommunications problem or a question of international economic collaboration. In addition to this, a great deal of policy work to ensure internet security is done outside the framework of IGOs.

IGOs, such as the ITU, have not enjoyed an especially privileged role in the key organisations that deal directly with CII governance, such as the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Engineering Task Force (IETF). And there is considerable resistance to giving IGOs a more privileged role here. As mentioned above, a central issue that this research will investigate is whether IGOs’ ability to shape CII governance is growing in an era that is increasingly preoccupied with internet security.


The PhD will be delivered 2020.


Financed under the SIGNAL Project, by the Norwegian Research Council.

Published Feb. 16, 2017 4:43 PM - Last modified Feb. 17, 2017 8:35 AM