The summer months were uncharacteristically busy for Internet governance. NATO declared cyber to be the fourth military domain, while the EU-US Privacy Shield was approved. The Microsoft judgment will impact other jurisdiction cases, while e-commerce is gaining momentum. These developments – summarised in the IG Barometer for July and August and in Issue 13 of the Geneva Digital Watch newsletter – gave rise to at least five key trends that are shaping digital policy.
The July and August developments, trends, and regional updates were the subject of our latest Internet governance briefing, which took place on 30 August 2016. Leading the briefing, Dr Jovan Kurbalija gave an overview of the top trends that dominated the summer months:
- Cyber as the fourth military domain: In early July, NATO declared cyberspace to be the fourth military operation domain in addition to land, water and air. This decision will have numerous impacts not only for NATO but also for global governance. Namely, cybersecurity will gain more prominence on global diplomatic agendas. Stakes in how the Internet is managed will be higher as well.
- State responsibility in cyberspace: After confirming that international law applies to digital space, the next question for the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) will tackle how it applies. In particular, the fifth UN GGE will address state responsibility in cyberspace.
- Digital policy and the development agenda: Earlier this year, the World Bank report indicated that efforts to reap the benefits of the Internet must be supplemented by the so-called analogue complements that include good regulation and skills. There are many hopes that ‘e-’ can be an important engine of growth, and ongoing events and initiatives are illustrating this.
- E-commerce gaining momentum: The World Bank’s report set the stage for numerous activities linking e-commerce, trade, and development. It was followed by other reports and initiatives. Looking ahead, the WTO Forum is around the corner, and the GIP will host a session on SDGs and e-trade during the upcoming WTO Forum.
- Privacy Shield approved: European and US diplomats have finalised the EU-US Privacy Shield framework that will facilitate the data flow between two different privacy protection regimes. Transatlantic data flows and the regulations that surround them will remain high on policy agendas since the flow of data across the Atlantic Ocean is vital for the global Internet industry.
The briefing also included two polls, which asked whether cyberspace be considered a fourth or a fifth military operation domain, and whether states should be responsible for crossborder cyberattacks initiated by individuals and companies based on their territory. View the recording of the briefing:
Regional perspectives from GIP hubs
Two GIP hubs – the Rio de Janiero hub and the Tunis hub – joined participants of the webinar to share updates from their region.
Speaking on behalf of the Rio de Janeiro, Luca Belli from the Center for Technology and Society of the Getulio Vargas Foundation School of Law explained that one of the outputs of the recently held Brazilian IGF is the formation of an Internet Rights Coalition. The interim government’s plans to redefine the role of the Brazilian Internet Steering Committee (CGI.br) – a widely-recognised model of multistakeholderism – triggered debates in the region, while the temporary blocking of Whatsapp also raised concern. View a recording of the Rio de Janeiro hub’s intervention:
The Tunis hub focused on the rising threat of cybercrime – including cyberterrorism – in Middle East and North African countries, and the policies that have been enacted to counter the crimes. Speaking on behalf of the hub, policy analysts Hamza Ben Mehrez and Wafa Dahmani explained that such policies are mostly reactive and focus only on the role of the government in maintaining security. In addition, MENA countries have adopted measures to improve security, such as versting responsibility in agencies and directorates, and initiating national incident response protocols. While these are laudible steps forward, they are not sufficient enough to manage the risks associated with the digital assets of an entire country. View a recording of the Tunis hub’s intervention: