Internet governance in March 2017

China’s International Strategy of Cooperation on Cyberspace, WikiLeaks disclosure of the US Central Intelligence Agency’s (CIA) hacking arsenal, and the second report of the UN Special Rapporteur on the right to privacy were among the main digital policy developments in the month of March. These and other developments, trends, and regional updates were the subject of March’s just-in-time briefing on Internet governance – our monthly appointment on the last Tuesday of every month – which took place on 28 March 2017. They were also summarised in the Internet Governance Barometer for March, and in Issue 19 of the Geneva Digital Watch newsletter, published on 31 March.

Leading the briefing, Dr Jovan Kurbalija gave an overview of the top trends in digital policy in March:

• China outlines new cyber diplomacy. In early March, China launched its International Strategy of Cooperation on Cyberspace, which sets out the country’s policy and position on cyber-related international affairs. Among others, the strategy reiterates China’s support for a multilateral approach to Internet governance, yet it opens possibilities for other stakeholders to play their respective roles via a ‘multi-party’ approach.
• WikiLeaks reveals CIA’s hacking arsenal. WikiLeaks latest disclosure, dubbed Vault 7, involves over 8000 pages of confidential documents describing the CIA’s ability to hack phones, computers, and smart devices, as well as to compromise software of major vendors (including Apple and Microsoft), and trick anti-virus programs (such as Kaspersky, BitDefender, and AVG) to avoid detection.
• Second report of the UN Special Rapporteur on privacy talks about an international legal instrument to regulate surveillance. In his second report to the United Nations Human Rights Council, the Special Rapporteur on the right to privacy notes that there were no improvements in the status of the right to privacy with a focus on surveillance in the past year, and recommends a legal instrument regulating surveillance in cyberspace. The instrument would co-exist alongside other instruments and would address surveillance activities that fall beyond the scope of existing international instruments.
• EU asks social media companies to change terms of use. Authorities in the EU are putting pressure on social media companies to change their terms of use which are seen as creating an imbalance in the users’ rights and obligations. The required amendments will address issues related to jurisdiction, misleading contracts, and termination of contracts, among others.
• The 58th meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) refocuses on policy development. Unlike recent meetings which focused on the Internet Assigned Numbers Authority (IANA) stewardship transition and the strengthening of ICANN’s accountability, ICANN’s 58th meeting – held in Copenhagen, Denmark, on 11-16 March – refocused on policy development processes. Discussions included advancements on new generic top-level domains (gTLDs), how to improve next round(s) of new gTLD applications, and issues related to the review of the Whois policy. 

The next Internet governance briefing is on 25 April. Registrations are open.

An overview of the main Internet governance events held in March and planned for April was also part of the briefing. More details are available in Issue 19 of the Geneva Digital Watch newsletter.

During the interactive section of the briefing, several issues were discussed: the clash between the ICANN Board and the Governmental Advisory Committee on the release of two-letter country codes at the second level in new gTLDs; how critical infrastructures are/should be defined worldwide; with regard to China’s cyber-diplomacy, whether there is a practical difference between the terms ‘multi-party’ and ‘multistakeholder’, or whether it is only a matter of translation; and whether the EU requests for social media companies to change their terms of use would impact the companies’ policies globally.

Regional perspectives from GIP hubs

Local hubs in Brazil, Tunisia, and South Eastern Europe shared regional updates and perspectives.

The Rio hub, represented by Cristiana de Oliveira Gonzalez, from the Center for Technology and Society of the Getulio Vargas Foundation, gave an overview of several digital policy developments in Brazil. The Congress is discussing a bill which proposes the creation of a mechanism to combat dissemination of what is considered offensive images on the Internet. A judge in a labour court decided that there is a labour relationship between Uber and a driver, and ordere the company to pay the driver for a holiday and overtime hours. The government has bought a satellite that has the power to provide Internet access for rural and remote areas. The Science and Technology Committee in the Brazilian Congress is organising a series of public discussions on issues related to privacy and data protection. A video of regional updates and perspectives from Brazil is available:

Representing the Tunis hub, Maryem Khribi, member of the iGmena community, spoke about the PayPal case in Tunisia. In 2015, developers complained about transactions through PayPal being blocked in Tunisia. Last September, the Central Bank of Tunisia sent a letter of comfort to PayPal asking that Tunisia be included in the list of countries where the company is active; the request was not approved at that time due to some legal restrictions on the Tunisian currency. As PayPal and the Central Bank continue discussions, the case has brought into focus the need for new legislation and policies to facilitate Tunisians’ access to and use of e-commerce services, including in terms of online payment methods. For more details, see the video of regional updates and perspectives from Tunis:

During the South Eastern European hub, an overview was given of the main Internet governance and digital policy developments that occurred in March in the region. In Romania, Internet stakeholders sent a letter to the Ministry of Communications and Information Society, outlining several key principles for any regulation on .ro – the country’s top-level domain, such as transparency, openness, accountability, and regulatory flexibility. In Ukraine, the Ministry of Information Policy is compiling a list of websites that should be blocked because they undermine Ukrainian sovereignty. The Federal Police Administration in Bosnia and Herzegovina has reported an increasing number of cyber attacks, and has made recommendations for preventing and mitigating cybercrime. In Serbia, the Ministry of Public Administration and Self-Government has announced the launch of a new e-government service to remind citizens about the expiration dates of their documents. More details are available in the March 2017 summary of developments and activities related to Internet governance and digital policy in South Eastern Europe. The recording of the South Eastern Europe hub meeting is also available.

---