Life continues unabated in Bali with busy schedules all round and lots of interesting sessions to attend. Many of today’s IGF sessions focused on multistakeholder(ism). One item in focus was the selection process involved in choosing non-governmental stakeholders. Since the technical community, business, and civil society are not ‘representative’ stakeholders, it is challenging to select representatives in a fair and proper way. In the Internet governance (IG) context, for the Commission on Science and Technology for Development (CSTD) working groups (WGs) like Enhanced Cooperation, or for the Multistakeholder Advisory Group (MAG) various models exist whereby in some, members make the selection while in others the productivity of representatives should be taken into account (even though it is not always easy to evaluate productivity). Some models bring six-month terms before changing to another representative.
But what are some of the basic principles that all multistakeholder models, including local ones, should have? Local multistakeholder processes may have their own dynamics and specificities so one size is unlikely to fit all; accountability and translucency (rather than transparency, which may not be necessary and may complicate matters) should be included.
A few sessions related to online trade, which is not all about laws and regulations. The trade community is not well up on how the Internet works and what the possible trade (and even intellectual property) models are.
Another issue discussed was the proprietary nature of sending and receiving money – there has been no real innovation in the online money transfer system. For instance, there are standards about sending e-mails but no standards about sending money. The Payments Group of W3C is working on this (with a possible first standard expected in 2017) so that anyone can implement a system without asking for permission to do so.
Regarding intellectual property rights, one approach (common in Scandinavia) is that IP rights are by default ‘yes, you can use’ unless someone comes and says ‘no’ (a sort of opt-out). However, in most other countries worldwide it is ‘no’ by default and to get a ‘yes’, you need to get the individual consent of every rights holder.
When it came to security, the issue of spam was revisited (something that hasn’t been discussed at plenary sessions in several previous IGFs). Mind you, not much headway was made. The focus was on crime and cybersecurity strategy, concluding that no one size will fit all but rather that different countries may need different legal approaches. The Commonwealth Cybercrime Initiative was mentioned as one way to assist countries in developing their own legal structures and capacity, based on some model laws. Legal and other means (like capacity building) need to go together. There should be no need to wait for law/policy to act. A Dutch case was brought up whereby the authorities contacted foreign providers through whom fraud e-mails were arriving in Dutch inboxes and – basically without any legal grounds – said to them: ‘Do you want to be associated with fraud?’ Being frightened of being even associated with fraud, most companies simply cut off the service to spammers using their service.
Interesting times ahead.