Cybersecurity, the global IG architecture, the IANA transition process, privacy and data protection, and the responsibility of Internet intermediaries ranked high on the digital policy agenda during the summer months, the IG Barometer for July and August revealed.
A round-up of the main developments during the summer months was the focus of yesterday’s Geneva Internet Platform webinar briefing, delivered by Eng. Vladimir Radunovic, Diplo’s director of cybersecurity and e-diplomacy programmes.
Fewer developments took place with regards to ICANN and the new domain system, net neutrality, jurisdiction and e-commerce.
The events that took place during the summer months were the following:
Among the main updates on cybersecurity were the outcomes of the UN Group of Governmental Experts (GGE) meeting. At its last meeting a few weeks ago, the GGE agreed on several norms, including that nations should not target another country’s critical infrastructure or CERT, and on confidence-building measures. The meeting was also expected to confirm that international law applied to cyberspace in accordance with Article 51 of the UN Charter; however, Radunovic explained that no specific agreement was reached, due to concerns over the militarisation of cyberspace.
The Tallinn Manual on the International Law Applicable to Cyber Warfare is being updated. The updated version will expand the scope of the manual to peacetime international law.
Breaches seem to be taking place regularly. In Europe, leaked documents revealed that Italy’s Hacking Team sold surveillance software to European governments (find out if your country is one of them), while a major ‘dating site’ was hacked and the data of millions of users published.
With regards to the global IG architecture, preparations are under way for the WSIS+10 high-level event in December. The WSIS+10 process also includes the publication of a paper to capture stakeholder perspectives on progress made on the WSIS outcomes. Over 80 submissions (21 from governments) were made by stakeholders, which will feed into the ‘non-paper’ version. Read the submissions, and learn more about the WSIS+10 process.
Earlier in July, the final declaration of the SCO Brics Summit (9-10 July) held in Ufa contained key paragraphs on Internet governance, emphasising the importance of the UN playing ‘a facilitating role in setting up international public policies pertaining to the Internet.’ Radunovic explained that while the statements do not come as a surprise, India’s position is unclear: India has previously supported the multistakeholder model during the ICANN meeting in June, but is now again in favour of the intergovernmental approach as part of the Brics position.
The Ufa Declaration also reaffirmed the UN Human Rights Council resolutions on the ‘inadmissibility of using ICTs and the Internet to violate human rights and fundamental freedoms, including the right to privacy, and reaffirm that the same rights that people have offline must also be protected online.’
Also last month, the UN established a new Technology Facilitation Mechanism – as part of the Addis Ababa Action Agenda (13-16 July) – which includes a UN inter-agency task team on science, technology and innovation for SDGs, a multistakholder forum for SDGs, and a new online 'mapping' platform.
The main development related to the IANA transition was the NTIA’s announcement of an extension of the IANA contract by one year (until 30 September 2016), with the possibility of extending it further for another three years, if required.
Meanwhile, a 40-day public comment period was launched by the IANA Stewardship Transition Coordination group (ICG) on 31 July, and the ICG is now welcoming public comments on the Interim Final Proposal to Transition the Stewardship of the IANA Functions until 8 September. The Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability) also launched a 40-day comment period on its second draft proposal until 12 September. Learn more about the IANA transition and ICANN accountability process.
The summer months were a quiet period for ICANN and the new domain names, although a controversy surrounded a new proposal that would prohibit the owners of commercial websites from using proxy registration services. On one hand, privacy groups are arguing in favour of safeguarding the privacy of website owners, especially vulnerable groups; on the other, others argue that the proposal would prevent criminals from exploiting the system, and would therefore instil more transparency.
Online privacy and data protection was high on agenda due to a number of decisions related to the right to be forgotten. Google is disagreeing with a decision by the French data protection authority that the right to be forgotten rules apply globally; the giant tech company believe that no one country should have the authority to control which content a person in another country can access. In Russia, the State Duma has approved a bill which applies the right to be forgotten rule, while in Colombia, the Constitutional Court ordered a two-pronged measure which would respect the claimant’s rights without resorting to deletion of content.
Also in Russia, the deadline for Internet corporations to moving all data related to Russian citizens to servers within Russia has been postponed to 1 September.
It was a relatively quiet period for net neutrality. Radunovic reminded the webinar participants that the trilogue process resulted in the European Parliament and Council reaching a political agreement on net neutrality and roaming charges on 30 June. More developments are expected in September and October, and the proposal will now undergo a formal approval process.
With regards to jurisdiction, while the cases mentioned above have jurisdictional elements, a number of other cases have also brought this issue into focus. For example, the Belgian court has started hearing the Facebook ‘tracking’ case, but the main question will be related to the court’s jurisdiction over the case, given that – as Facebook is arguing – the company’s European headquarters are in Ireland. The German regulator has ordered Facebook to allow pseudonyms, while the country’s plans for the new ‘Bundescloud’ will require official data to be processed in Germany.
An interesting update related to E-commerce concerns the future of Bitcoin. The cryptocurrency’s network needs to grow, but it is essentially built around consensus. Two camps have therefore formed: one in favour of scaling up the network, and the other in favour of maintaining the status quo, given that Bitcoin was built around premise that rules should never be changed. Both positions are explained in detail in a blog post on Diplo’s IG channel.
Countries are shifting their attention on the responsibility of Internet intermediaries, especially when it comes to moderating user comments on websites. In June, the Grand Chamber of the European Court of Human Rights confirmed the 2013 lower court judgment which found that Estonian courts were justifiable and proportionate in finding Estonian news portal Delfi liable for offensive comments posted on its website. Similarly, reforms to the National Anti-Discrimination Act of Argentina will require online platforms to monitor and remove user comments which are 'discriminatory', raising concerns over online censorship.
A number of events (and other deadlines) are scheduled for September:
Two workshops are being planned by the Geneva Internet Platform and DiploFoundation. The Asia Cyber Diplomacy Workshop is taking place this week (28-29 August) in Bangkok, while the Malta-Commonwealth Third Country training on Legal Instruments for the Internet Economy will take place in Malta on 14-19 September.
The next webinar briefing – on Internet governance developments in September - will take place on Tuesday, 29th September.
View the recording of the briefing, and download the presentation. Join us for the next briefing on 29 September; registrations are now open. The briefing will be delivered live in Geneva, and online for remote participants.