Launch of International Cyber and Critical Technology Engagement Strategy
Department of Foreign Affairs and Trade
Good morning everyone, and Tim, thank you very much for your warm introduction. Let me also acknowledge the traditional owners of the lands on which we meet this morning, the Gadigal people of the Eora nation and pay my respects to their elders, past, present and emerging. I particularly want to thank the Business Council of Australia for hosting today’s launch and again, acknowledge President Tim Reed and CEO Jennifer Westacott. Congratulations to you both on a very successful annual BCA dinner this week, the inaugural event for the Biggies, which I see having a long and fruitful future.
And I want to thank and acknowledge Andy as well. Andy, thank you so much for having us here at Telstra this morning, in these spectacular surroundings. I’m promised a secret backstage tour on another occasion of the security apparatus; I’d be fascinated to see that. But it’s very good of you to have us here this morning and thank you very much.
I acknowledge in our audience today, particularly Australia’s Ambassador for Cyber Affairs and Critical Technologies, Dr Toby Feakin. Toby, thank you for all the work that has brought us to this morning. It is much appreciated and it is absolutely vital for our nation. And I really want to acknowledge that on my own behalf, but also on behalf of the Government.
We also have with us this morning our e-Safety Commissioner Julie Inman Grant. Julie, thank you so much and our newly appointed Ambassador for Counterterrorism, Roger Noble, Human Rights Commissioner Ed Santow and representatives of the diplomatic corps and of course, members of the BCA and other interested guests. It is great to have, as Tim said, so many people for breakfast.
I wanted to start by talking a little about the underpinning strength of technology and its digital applications and how that will underpin Australia’s future economy and that of the world. Cutting-edge technologies, changing at pace, will shape, disrupt and in many ways, upend the 21st century. AI, for instance, will drive increases in productivity that literally add trillions of dollars to the global economy.
According to the World Economic Forum, an estimated 70 per cent of new value created in the economy over the next decade alone will be based on digitally enabled business models. Today, in Australia, digital trade enables $43 billion of economic value in our domestic economy. By 2030, this will increase more than threefold to an estimated $192 billion. So, harnessing technological change, adapting to its disruption and leveraging its opportunities will be vital to our economic recovery post COVID-19 and indeed, well beyond. As well as economic growth, these advances offer opportunities for increased connectivity, sustainable development and greater social benefit. They hold keys to new scientific discoveries, to progress in medical research and innovative solutions to some of the world’s greatest challenges.
A good example, the revolutionising impact of data, shown in both scientific and economic terms by the Human Genome Project. That US-led International Public Health Initiative that sequenced and published the 3 billion DNA base pairs that make up the human genome. Aside from the astounding scientific feat, one study estimated that between 1988 and 2010, the project led to a total economic impact of US$796 billion, including more than $244 billion in additional personal income from over 300,000 new jobs.
What COVID-19 has underscored is the critical role of technology. Scientific advances in biotechnology have accelerated vaccine research and assisted with vaccine rollouts, including here in the Indo-Pacific. However, what the COVID-19 period also underscores is why this wave of innovation entails risks as well as opportunities. Malicious actors are increasingly targeting vaccine research facilities and exploiting some of the most vulnerable members of our societies through COVID-19 scams. Disinformation that dangerously undermines public trust in official health advice is on the rise.
The challenge ahead of us and for the world is to create an environment that makes the most of this enormous promise while avoiding and where necessary, mitigating the risks and negative uses of cyber and critical technology. This includes through international engagement and cooperation, and brings us here this morning.
Technology enabled threats, like many challenges that transcend borders, require an internationally coordinated response. As President Biden noted at the Munich Security Conference just in February, and I quote, “We must shape the rules that will govern the advance of technology and norms of behaviour in cyberspace, artificial intelligence and biotechnology, so that they are used to lift people up, not pin them down.” A statement that Australia strongly endorses.
It’s why as these challenges and opportunities continue to evolve, I am very pleased to release our refreshed International Cyber and Critical Technology Engagement Strategy today. The Strategy recognises that cyberspace and critical technologies are, as I’ve said, pivotal to Australia’s future. It sets out our goal for a safe, secure and prosperous Australia, Indo-Pacific and the world, enabled by cyberspace and critical technology.
Building on and complementing the 2020 Cyber Security Strategy, it provides a framework to guide Australia’s international engagement across the spectrum of cyber and critical technology issues. We define critical technology as technology that can significantly enhance or pose risks to Australia’s national interests, including our prosperity, social cohesion and national security. It includes cyberspace, AI, 5G, the Internet of Things, quantum computing and synthetic biology.
Competition in these fields is laudable and indeed vital to a thriving global economy. As has been the case throughout history, nations that harness waves of innovation and navigate periods of disruption will gain significant economic, political and security advantages. Our challenge is to ensure that this is a healthy competition, not a race to the bottom of what is ethical and permissible.
Creating the right environment is not something that any one nation can do alone. It is essential that the international community, including governments, industry and civil society, work together to harness the benefits for everyone. To achieve our objectives in this Strategy and to navigate and shape an increasingly contested international environment, we must be a trusted and influential leader on cyber and critical technology issues, and we will do this in a number of practical ways, framed in a strategy by three pillars – values, security and prosperity.
Australia is guided by our values as a liberal democratic country, including the rule of law, human rights, economic and religious freedom, racial and gender equality, independent institutions, international cooperation and robust engagement in multilateral processes.
Technology is not values-neutral. Rather, it reflects the society in which it is used. Not all governments, nor all people and organisations see cyber and critical technology in the terms that we do. Today, we see technology used or misused for mass surveillance by governments, illiberal governments, to spread disinformation, to interfere in other states. Australia firmly believes that the values we apply to the physical world should also apply to the digital world. It should be used to empower and liberate, not to undermine and oppress. We want the design, the creation and the use of technology to reflect our values. A key question should always be what should be done with technology, not just what can be done. We believe that where cyberspace and critical technologies are used to uphold and protect liberal democracies, values and international law, they are safer, more secure, more inclusive societies that enable greater economic growth and encourage innovation. Our international engagement will focus on upholding and protecting these principles, including promoting and protecting individual human rights in the design, the development and the use of critical technologies, as well as on the internet. These include human, social and environmental wellbeing, fairness, privacy protection and security, transparency, and accountability. Through our international engagement, we will also promote greater diversity, including gender equality, in design and development of technologies, and we’ll advocate for that diversity amongst those responsible for setting, implementing, regulating and representing policy.
Under the pillar of security, Australia’s international engagement will seek to achieve secure, trusted and resilient technology. The malicious use of cyberspace and critical technologies poses clear risks to the security and safety of Australia, of the Indo-Pacific region and indeed, of the world. In some quarters, we are seeing the aggressive pursuit of technological dominance, the deliberate undermining of international law, calculated breaches of state sovereignty, interference in democratic processes, intellectual property theft, and relentless and malicious cyber activity. The United States saw a major attack on its democracy during the 2016 presidential election. Others, including France, Ukraine and Georgia, have also suffered attacks on their political systems. Here in Australia, we have seen our parliamentary network, the systems of our major political parties, experience cyber intrusions. Australia is committed to promoting common understandings of the framework of responsible state behaviour in cyberspace – the core aim of UN discussions on these issues. We don’t take this commitment lightly. We act and we’ll continue to act in accordance with our obligations under international law and consistent with the agreed norms of responsible behaviour in cyberspace.
And thirdly, to foster prosperity – our international engagement. We’ll advocate for open, resilient, diverse and competitive international technology markets and supply chains, and strengthen Australian research, industry and innovation through our international cooperation. We will encourage international critical technology standards that foster interoperability, innovation, transparency, diverse markets and security by design. We’ll continue to promote the multi-stakeholder model of Internet governance and maximise economic growth by shaping an environment that enables digital trade. Our regional engagement will focus on supporting a connected and prosperous Indo-Pacific, comprised of independent sovereign states, enabled by secure and economically viable critical technology.
At the heart of the strategy is the prioritisation and enhancement of our cyber and critical tech diplomacy. It is a practical document that outlines the actions that we need to take to safeguard our national interests, whether that’s taking joint international action against malicious cyber activity or providing parameters for our trade and multilateral negotiators to ensure our economic and security interests are progressed. We’ll do that through our bilateral partnerships, through groupings such as the Quad, the ASEAN Regional Forum, the Pacific Islands Forum. We’ll work globally through the United Nations, where we’re already proving we can have a real effect in multilateral rules-setting and we’ll support partners in our region to build capacity for cyber and critical technology resilience. We will also critically work with industry and the research community.
Last week, we were amongst 38 countries, including all of the Five Eyes, the European Union and NATO members, who declared the harmful cyber campaign against the US software firm SolarWinds to be the work of Russian state actors. We’ll continue to make such cyber attributions when it’s in Australia’s interests to do so, in order to hold malicious actors to account, to reinforce the importance of responsible behaviour, and to promote stability in cyberspace. As a very positive example of deepening the bilateral cooperation on these issues, we’re working more closely with India, recognising that it’s both a growing market for technology and, increasingly, an innovator and regulator of digital technologies.
In June of last year, I co-signed with India’s External Affairs Minister Jaishankar the Australia-India Cyber and Cyber‑Enabled Critical Technology Framework Arrangement. In December last year, we launched the Australia-India Cyber and Critical Technology Partnership Grant Program, a $12.7 million program over four years. And amongst other things, this program will support both Australian and Indian researchers to enhance the ethical frameworks, the technical standards, underpinning the development of critical technology. In its first round, the program received over 50 applications, and today, I can announce that grants have been awarded to three projects: the Centre for International Security Studies at the University of Sydney and the Observer Research Foundation, the ORF, to develop ethical frameworks and best practices for emerging quantum technologies; La Trobe University and the Indian Institute of Technology Kanpur to operationalise ethical frameworks in the critical technology supply chains of global companies; and the School of Computer Science at the University of Sydney, in partnership with the Indian Institute of Technology, Madras, Reliance Jio and the University of New South Wales, to address privacy and security challenges in next generation telecommunications networks. I’m very excited about the opportunities that exist under these grants and I look forward to seeing the outcomes of this very important work. I know it’s of great interest to our partners in India as well. And, COVID-19 allowing, I look forward to visiting India again soon to work to engage with counterparts there.
Our shared goals with India, along with Japan and the United States, were also reflected in the recent establishment of the new critical and emerging tech working group at the first summit of the Quad leaders on that first agenda. The Working Group’s Coordinating Committee held its first meeting early in April, and it will continue to meet monthly. The committee agreed to a program of practical outcomes, including a joint statement on technologies and a technical dialogue between national standards bodies. Standard-setting cooperation is a priority for the working group. We can’t have individual states trying to dominate international standard-setting bodies in pursuit of their own economic and ideological interests. For example, liberal open democracies must not allow authoritarian governments to reshape the rules and principles governing the Internet for everyone else. The Internet is a strong force for bringing people together. The unnecessary bifurcation and fragmentation of the Internet to enhance control and suppression over any nation’s citizens is a sad departure from the promise that this technology offers.
As a keystone of our technology future, the Internet must remain open, free, safe and secure. Last month, after two years of negotiation, the UN open-ended group on cyber, the OEWG, resolved, by universal affirmation, by every UN member state, that existing international law and agreed norms apply to state conduct in cyberspace. We shouldn’t be deceived by the simplicity of this statement. In effect, it banishes the notion that cyberspace is the Wild West. It establishes in cyberspace a framework, binding at international law, against which countries can be held accountable for their actions. Australia was very active in securing this outcome, just as we are in the ongoing Group of Governmental Experts or GGE negotiations. And we urge all countries to conclude the GGE negotiations in the same spirit of good faith that we did with the OEWG.
I’m pleased to announce today Australia’s co-sponsorship of a proposal to establish a new United Nations program of action for responsible state behaviour in cyberspace, the Cyber POA. This will establish a new permanent UN forum to continue negotiations and support implementation of the commitments already agreed to ensure real world action. As a world, we need such negotiations to succeed so that the international community’s shared expectations of acceptable behaviour in cyberspace are properly reflected and all countries adhere to the commitments that they have made.
Australia also recognises that we can achieve our goals only by working closely with those who actually drive technology innovation – that means industry and the research community, many of you represented here this morning. Without these organisations, we can’t arrive at the right settings. Technology companies today are significant global actors whose decisions and products shape economies, security, even geostrategic and foreign policy developments. Our strategy is, in part, an invitation – a call on all to get involved and to partner with us. When it comes to the design of technology, for instance, we need to ensure that authoritarianism is not baked in. Surveillance technologies powered by AI can, with the right design and appropriate safeguards, protect societies by enhancing law enforcement capabilities and the ability of governments to make decisions. However, they can also embed discrimination on the basis of ethnicity, race and gender when these groups are not adequately represented in the data used to train algorithms. We have seen these systems used to actively target political dissidents or otherwise suppress citizens and infringe on their human rights.
We want to work with industry and researchers on the standard-setting that I mentioned a moment ago, to encourage global technology markets that are open but also rules-based. Standards, norms and regulations should drive collaboration, creativity and innovation, but preserve freedom and openness and security. They should be good for business. Where there’s evidence that those standards and norms are being breached, we as governments do have an obligation to hold those responsible accountable. And you, as private sector leaders, have an obligation to reconsider doing business with those who use technology not to liberate, but to oppress.
Since the then-Office of the Ambassador for Cyber Affairs, and now Cyber Affairs and Critical Technology was established in 2017, the Australian Government has worked with tech leaders such as Microsoft, but also right across sectors, noting the centrality of technology to so much of our economy. We’ve worked with Qantas. We’re increasingly collaborating with Australia’s banking sector to enhance cyber security, given the rapid growth in online banking. We work with Telstra, of course, to encourage the robust and meaningful engagement of civil society and academia. We have also now supported the establishment of the Sydney Dialogue, a new summit to be hosted by the Australian Strategic Policy Institute to drive debate on cyber and critical technology. Its first gathering – somewhat stymied by the COVID -19 processes, but its first gathering – will take place in November of this year. And we will contribute, as a Government, $1.5 million to that important initiative.
I want to talk briefly about capacity building and a number of the initiatives we’re taking with regional colleagues. We know that one of the many ways we can work with industry and academia is to also support our partners in the Indo-Pacific, to build strong and resilient cyber security capabilities to fight cybercrime, and importantly, to counter disinformation. The Government needs the expertise of the private sector. And in turn, our work together increases the profile of Australian cyber security businesses in key regional markets.
I’m pleased to announce today a practical new project on countering COVID-19-related disinformation through online training, advisory support and knowledge exchange, to be delivered by the International Foundation for Electoral Systems for our partners in South East Asia. And I’m also announcing several new partnerships under our Cyber and Critical Technology Cooperation Program, which supports countries in Southeast Asia and the Pacific to enhance cyber resilience in the interests of an open, free and secure Internet. We’ll establish a partnership with Standards Australia to help countries in Southeast Asia to build the knowledge and skills to develop, adopt and implement international standards for critical and emerging technology. I believe the CEO of Standards Australia, Adrian O’Connell, is here today.
We’ll create a partnership with the University of Technology here in Sydney to develop capability in using AI technology ethically for public sector service delivery in Southeast Asia. And I think University of Technology representatives have been here today as well, I think including Anna Aquilina, the Chief Information Security Officer. We’ll provide cyber security advisory and technical support with help from our delivery partner Trustwave in Fiji, Samoa, Solomon Islands, Tonga and Vanuatu. This will help ensure that these governments across the Pacific can effectively mitigate and respond to malicious cyber activity. And I understand representatives of Trustwave, Amelia Gowa and Georgia Turnham are also here this morning. The Australian Government will commit a further $20.5 million to our Cyber and Critical Technology Cooperation Programme to strengthen cyber and critical tech resilience in the Mekong region, to shape the development and implementation of critical technology standards across Southeast Asia.
And finally, we’ll also contribute a further $17 million to support our neighbours in the Pacific to strengthen their cyber capabilities and resilience, including to fight cybercrime, to improve online safety, and importantly particularly at this time, to counter disinformation and misinformation.
The Australian Government isn’t just looking at today or tomorrow, but at how technology will impact, will disrupt, our lives in the decades to come. We’re taking action to ensure that this disruption is positive. The launch of the strategy this morning marks another step in our efforts to shape the international cyber and critical technology environment. I really want to thank my colleagues from across Government for providing input into the strategy, as I said, led by the Department of Foreign Affairs and Trade, Australia’s Ambassador for Cyber and Critical Technology, Dr Toby Feakin, throughout 2020. We will pursue a strategic, coordinated and principled national approach. We’ll remain a firm bulwark against the rising tide of digital authoritarianism and increasing encroachment on fundamental rights and freedoms online, and through the use of critical technologies. We reaffirm our strong commitment to the rules-based international order, to human rights, and to international cooperation. We’ll enhance our engagement with the international community, support our neighbours and partners in the Indo-Pacific as they too look to embrace the opportunities of increased connectivity. We will deter and respond to those who threaten our sovereignty, our values, our interests, and to undermine peace and stability in line with our obligations under international law.
Ladies and gentlemen, distinguished guests one and all, these are remarkable times, as both Andy and Tim have said – times driven by technological developments. We can’t be complacent. If we don’t actively shape our future, others will most certainly try and shape it for us. This would be to the detriment of Australians, to the detriment of our region, and to the detriment of our world. And it’s why Australia will continue to engage internationally in our national interest. It gives me great pleasure to officially launch Australia’s International Cyber and Critical Tech Engagement Strategy, to thank you for your interest, and to say how much I look forward to continuing to work with you on these key issues, domestically, in our region, and globally. Thank you.