China calls for global Internet governance

Watch here

The World Internet Conference has begun in Wuzhen, a historic town in east China’s Zhejiang Province. Chinese President Xi Jinping sent a congratulatory letter to the three-day conference.

2014111915255996181

In the letter, Xi said that China is ready to work with other countries to deepen international cooperation, respect sovereignty on the Internet, and uphold cyber security.

He said that China and other nations will work together to build a cyberspace of peace, security and openess and would provide an international Internet governance system of democracy and transparency.

Xi hoped the participants would contribute creative ideas, pool their wisdom and build consensus to ensure that the Internet brings even greater benefit to mankind.

The conference has brought together more than 1,000 representatives from technology firms and regulators around the world. The participants are discussing topics such as global internet governance, cross-border e-commerce, mobile internet, and cyber-security.

A consensus is expected to be published on Friday when the three-day conference closes.

Apple’s Plans for Beats Music Start to Take Shape

Read more

Apple’s plans for Beats, the company it acquired for $3 billion earlier this year, are coming into sharper focus.

Apple plans to include its Beats music service in future versions of iOS, its mobile software system for iPhones and iPads, according to people briefed on the plans, who spoke on the condition of anonymity because the plans were not yet official.

Behind the scenes, Apple is working to make the streaming music service cheaper for consumers. It has begun discussions with record labels over new licensing terms that will allow it to drop the monthly subscription price for Beats Music to as low as $5 a month, down from $10 a month, according to executives briefed on those talks. So far labels have balked at that request, seeking a slightly higher price, according to these people.

Apple declined to comment.

The price of subscription music plans has become a debated topic in the music industry, with some analysts saying that $10 a month is simply more than the majority of casual listeners are willing to pay. Estimates of the average listener’s annual spending on music vary, but are usually around $40 to $55 a year.

Record companies and artists have also recently shown frustration with the amount of free music that is available on services like Spotify and YouTube. This month Taylor Swift removed her music from Spotify, apparently because the service would not make her music available only to its paying subscribers. And this week a top executive at Sony Music suggested at an investor’s conference that the company was taking a hard look at the finances of free services.

When Apple released iOS 8, the latest version of its software system, the lack of a Beats Music app was a noticeable omission. Including the app is an obvious step to bring more attention to the streaming music service to Apple’s hundreds of millions of mobile device customers.

The timing of when Beats will appear in iOS is unclear, and it is likely that Apple will roll the product into its iTunes product as opposed to retaining the Beats Music brand. The Financial Times first reported that Apple would include Beats in iOS beginning in March.

Beats has a headphone business, too, which Apple also acquired. The branding for the headphone business is unlikely to be discontinued because it already has a large market of customers, analysts say. The streaming service, on the other hand, still hadn’t gained much traction before Apple acquired it.

Cable companies ‘stunned’ by Obama’s ‘extreme’ net neutrality proposals

Read more

America’s major telecoms and cable companies and business groups came out fighting on Monday after Barack Obama called for tough new regulations for broadband that would protect net neutrality, saying they were “stunned” by the president’s proposals.

The president called for new regulations to protect “net neutrality” – the principle that all traffic on the internet should be treated equally. His move came as the Federal Communications Commission (FCC) finalises a new set of proposals for regulation after the old rules were overturned by a series of court defeats at the hands of cable and telecom companies.

In response, Republican senator Ted Cruz went so far as to call Obama’s proposal for regulating the web “Obamacare for the internet”, saying on Twitter “the internet should not operate at the speed of government.”

The powerful National Cable and Telecommunications Association (NCTA), which represents cable companies including Comcast and Time Warner said it was “stunned” by the president’s proposals.

“The cable industry strongly supports an open internet, is building an open internet, and strongly believes that over-regulating the fastest growing technology in our history will not advance the cause of internet freedom,” said NCTA president Michael Powell, former chairman of the Federal Communications Commission (FCC), which is now rewriting the internet rules.

The cable and telcoms giants are particularly concerned by Obama’s call for FCC to reclassify consumer broadband service under Title II of the Telecommunications Act. Such a move would reclassify consumer internet as a “common carrier” service – like the telephone – and give the regulator greater power to control prices and services.

“We are stunned the president would abandon the longstanding, bipartisan policy of lightly regulating the internet and [call] for extreme Title II regulation,” said Powell.

Advertisement

Fred Campbell, former head of wireless communications at the FCC and now executive director of free market tech group Center for Boundless Innovation in Technology said applying Title II to the internet would create “legal uncertainty at home and encourage the efforts of totalitarian regimes abroad to tighten their control over the internet – the 21st Century’s mass media communications system.”

Obama’s endorsement “of 1930s era Title II classification would lead to unprecedented government interference in the internet, and would hurt consumers and innovation,” said lobby group Broadband for America.

Obama’s statement also set him at loggerheads with David Cohen, the executive vice-president of Comcast, who has been one of the president’s biggest fundraisers.

Cohen said the cable company “fully embraces the open internet principles that the president and the chairman of the FCC have espoused” but argued section 706 of the telecommunications act – the regulatory legislation preferred by the cable and telecoms industry “provides more than ample authority to impose those rules”.

The president’s move has set the stage for a political showdown in Washington where the cable industry has been left looking flat-footed by a vocal and well- organised grass roots opposition.

FCC Chairman Tom Wheeler
FCC Chairman Tom Wheeler during an open meeting to receive public comment on proposed open Internet notice. Photograph: Alex Wong/Getty Images
The FCC is chaired by Tom Wheeler, a Democrat and former cable lobbyist. There are two Republican members of the five-member board, and both are expected to be staunchly against Obama’s proposals.

But their opposition comes after over four million comments were submitted to the FCC about its new internet regulation rules. Analysis has shown the overwhelming majority of submissions called for more regulation, not less.

The split is likely to be one of the key battlegrounds after Obama’s midterm election defeats. Mitch McConnell, who will become majority leader in the Senate when the Republicans take control in January, urged the FCC to reject Obama’s comments, saying it amounted to “heavy-handed regulation that will stifle innovation”.

The FCC will ultimately decide on its own rules but will face intense political pressure as it finishes drawing them up. Washington sources had expected the proposals to be circulated as soon as this month before a meeting of the FCC in December.

A leaked proposal last week suggested a “hybrid” compromise was under discussion which would expand the FCC’s powers to regulate broadband while also allowing a carve out for cable providers to charge more money for fast lanes.

In his response to Obama, Wheeler said the FCC has explored a “hybrid” solution but that it had created as many questions as it had answered. “The more deeply we examined the issues around the various legal options, the more it has become plain that there is more work to do,” said Wheeler.

ITU Plenipotentiary Outcome Limiting UN Agency Role In Internet Governance Deemed “Success”

By Monika Ermert for Intellectual Property Watch

US Ambassador Daniel Sepulveda on the eve of the final celebration of the International Telecommunication Union (ITU) Plenipotentiary Conference last week said he was “happy” about the results. Asked what he thought was the most important resolution of the three week conference, he told Intellectual Property Watch he would not name one resolution, but rather considered the achievement of overall consensus by the ITU member states on the final documents “a success.”

There had been concerns over a split of the membership before the conference. All references to possible reconsideration of the allocation of internet addresses or names, and also to privacy, were erased from the final documents.

The UN ITU Plenipotentiary Conference, which takes place every four years, was held from 20 October to 7 November, in Busan, South Korea.

Within its work on connectivity in a number of countries, within specialised technical work, or within its work to ensure that radio spectrum is properly allocated, “the ITU can absolutely do more,” Sepulveda said. But if the organisation broadens its scope to privacy or other content or enforcement issues, “it would limit its ability to do anything,” he said.

Swiss delegate Dirk-Oliver von der Emden, from the Office of Communication (OfCom), said countries in the developing world once more had signalled that for them the ITU was a an appropriate forum to talk about aspects of internet governance.

Von der Emden said the ITU had been in a constant change, away from an organisation covering technical standardisation aspects only to one that also addresses issues of the information society. Work on issues like child protection online and empowerment of women by the mean of ICTs could be welcomed, he said.

The technical community, for example at the European IP address registry Reseaux IP Européen (RIPE), which just held its regular fall meeting, welcomed that the ITU role in internet governance will stay limited.

The future of the Internet: What’s next for the World Wide Web?

The Internet has infiltrated almost every corner of society, transforming our lives in the process. Over the coming decades, networked innovations will extend this change to the physical world. But as we become ever-more reliant on online tools and services, who should protect and regulate the Internet itself? Our Global Agenda Council experts explore the debates and opportunities ahead.

Over the past two decades, the exponential growth of the Internet has led it to touch upon every aspect of modern life. From mobile entertainment to healthcare to the heart of enterprise, the Internet has become, in the words of Bill Gates, “the town square for the global village of tomorrow”.

Now, with the advent of the Internet of Things, we stand on the threshold of a new era – one in which online functionality will spread to the physical world, to the objects and environments that surround us. As this happens, however, the complexities associated with online structures are transferred to the offline world, including the question of governance. As web-enabled devices take an ever-more prominent role in our societies, who should govern and protect the infrastructure upon which they rely? Will this issue of governance hinder the development and adoption of Internet technologies? And what opportunities and problems will be presented by this new chapter of our technological history, both for governments and individuals?

The power of networks

Networked technology is spreading rapidly from traditional devices to everyday items, and even to the spaces in which we live. Before long, online functionality will be ubiquitous in the most commonplace objects, allowing them to identify, communicate and cooperate with one another. This coming phenomenon is known as the ‘Internet of Things’.

Research firm Gartner predicts there will be 26 billion devices on the Internet of Things by the year 2020. Anil Menon, President of Smart+Connected Communities at CISCO, believes that the rise of omnipresent connectivity will present opportunities and challenges in equal measure, fuelled by an explosion in data feedback from our networked environment.

“Connecting one object to every other object will not necessarily transform the way we live or do things,” he says. “It is by connecting things to processes, and then using the resulting data to change the way we behave – that is where you will see a dramatic shift. The Internet of Things will be the foundation, but it will be the business models on top of it that will change our lives.”

Menon believes that cities are the entities best placed to benefit from this data-centred evolution. Yet the current lack of standards in network interoperability presents a potential hurdle to those who would harness this power. Global standards in medicine, for example, allow for communication between doctors who cannot speak each other’s language. Now we need to establish a similar harmony for data.

“In 1913, the city of London had 65 utility companies with 49 standards,” says Menon. “One hundred years later, in 2014, the situation echoes that of digital infrastructure, where you have multiple networks, each with different standards. What we need is a single layer with very strong privacy and security protocols, allowing us to use data feeds at the appropriate levels to manage things like traffic, water flow, and parking.”

The management of these services won’t be limited to local authorities, either. Menon cites the example of TaKaDu, an Israel-based company that is offering cloud-based water management to cities in Australia and Singapore, monitored remotely from the other side of the world. In the near future, authorities will be able to outsource a plethora of operations, from traffic control to waste-disposal, to the cheapest, most efficient operator – wherever they may be. At the same time, immersive technologies will reduce the need for individuals to relocate to cities in order to access top-tier healthcare services.

“Our research shows that for 80% of a typical doctor’s consultation, the doctor doesn’t need to touch you themselves,” says Menon. “Somebody needs to be physically present, but that person doesn’t necessarily need to be the doctor. So once we have wearable health monitors and interactive video, why should you drive all the way into town for a consultation?”

The evolution of medical services will be particularly effective in developing countries. “In a country like Tanzania, which has one of the highest rates of infant mortality from heart conditions, most hospitals will not have a dedicated pediatric radiologist or surgeon. But with the help of immersive digital technologies, we’ll be able to offer those institutions interactive access to experts. And those same experts will also be able to help a child in India, or rural Mexico.”

Thanks to the increasing omnipresence of networked technology, we are set to experience significant changes to the long-established, time and space-bound structures of society. But as we grow ever-more reliant upon online functions to support and enhance our lives, a key question arises: who should oversee our online world?

The governance of the Internet

Many people regard the Internet as a global entity, something that exists outside of the boundaries of national ownership. Yet the fact remains that much of the system’s core infrastructure remains in the hands that pioneered it, and specifically in Western institutions. The protocol for the assignation of IP addresses and online namespaces is handled by ICANN, based in California; authority over the Internet’s Domain Name System ultimately lies with the U.S. National Telecommunications and Information Administration. The Internet Society, a non-profit organization that aims to shape the development of the net for the benefit of users worldwide, now has chapters in 90 different countries – but its headquarters are located in Reston, Virginia, in the U.S..

In the wake of Edward Snowden’s electronic surveillance revelations, the movement to oppose this U.S. dominance is gaining momentum. Professor Xiaodong Lee, Chief Executive Officer of the China Internet Information Network Center (CNNIC) thinks the current governance model has to change, yet he suggests it is unhelpful to blame Western nations for their established levels of influence.

“It’s not the fault of Western countries,” he says. “The West is home to a lot of developed nations with strong technology and good knowledge about the Internet – that’s why they play a very important role in its governance. The reality is that there’s a gap between western and eastern countries. If you look at Africa, there are still many countries with a limited number of Internet users – but I believe in the next 10 years, the entire population of the continent will move online.”

Crucial bodies like ICANN currently lack members from developing nations, depriving these countries of a voice in regulatory debates. Professor Lee regards this as a key flaw in the current governance arrangement. As their access to computer resources improves, developing countries will find it easier to send representatives to organizations such as ICANN – yet true progress may rely upon the creation of new institutions altogether.

“In the future, no lone institution or country can rule the Internet, not even the United States,” says Professor Lee. “I would choose a new organization to govern the Internet, a new platform to discuss the culture issues involved. The Internet is everything! It’s not only a commercial or educational or technological concern. It has morphed into the physical world, so it cannot stand only one organization to govern it.”

Professor Helen Margetts, Director of the Oxford Internet Institute, agrees that the transition to a more global governance structure is desirable. However, she feels that the question of governance is less important than the fact that the landscape of the Internet is evolving at a speed that authorities struggle to match.

“I don’t think talking about a new model of governance for the whole Internet is really the way to go. The Internet is often depicted as some kind of lawless Wild West, when in fact its architecture and operation is governed by clear standards and protocols set by international bodies, while our use of the Internet is largely covered by existing laws and regulations on issues such as fraud, copyright and libel. There are aspects of these laws and regulations that are basically unsuited to deal with changing technologies and the fact that people spend increasing amounts of their time in digital contexts – and that is what we need to address. But that is not really a question of Internet governance.

I am in favour of a multistakeholder approach, where there is no single point of failure, or domination by a single group or set of interests. Existing governance structures need to adapt and change – but I am not supportive of a government-focused type governance model. There are reasons to be worried about those – I’m not aware of an Eastern governance model that doesn’t involve censorship. Rather, we need a clearer understanding of the limits of government and corporate intervention online.”

The recent debates over the surveillance activities of the U.S. National Security Agency (NSA) and the UK Government Communications Headquarters (GCHQ) have cast a spotlight upon governmental use of the Internet, particularly with regards to data-tracking. But for Professor Margetts, the real dangers lie with the rapid centralization of the Internet, which has led to the emergence of monolithic platforms such as those owned by the world’s most popular search engines and social networks. While she feels that these companies have had a broadly positive impact on the experience of using the Internet, their data-gathering capabilities and increasing omnipresence makes them hard to control.

“As unhappy as I am that the NSA and GCHQ have gathered large quantities of my personal data, I am equally concerned about the amount of information the major digital services companies have about me,” she says. “How long are they storing this data for, and for what purpose? Once you are using the same platform for your search engine, email and cloud services – and then add a driverless car into that mix – you establish a toxic situation that is very difficult to regulate.”

Legislation arguably represents the key battleground for determining the future of the Internet. Professor Margetts believes that the real question is whether existing laws and regulations on issues such as fraud, copyright, libel, data protection and freedom of expression can be effectively enforced online. In some areas new bilateral agreements are emerging which may amount to international agreement, such as consensus around measures tackling child abuse images online. In other areas, we see a few reactive prosecutions rather than widespread adherence.

For all the drastic change that the growth of the Internet has already brought to our lives, the years ahead will require further adaptation on the part of governments and individuals alike – particularly as the Internet of Things becomes a widespread reality. But for Professor Lee, this change is not something for us to fear.
“If you go back 100 years, there were very few cars – most people would feel very nervous if they even saw one,” he says. “Today there are five or six million cars in most cities. People aren’t worried because they know how to drive, how to avoid being hurt by them.”

He continues: “Now we’re living in the Internet age. There are so many sensors, so many video cameras everywhere and facilities to monitor everything – so of course there are a lot of security issues, and people want to protect themselves. We already know how to do that in the physical world, but we need to build new models and cultures for the Internet era, rules that will let us find a balance between a convenient life and a secure life. And that may take a couple of years. ”

_________
Xiaodong Lee is the Chief Executive Officer of the China Internet Information Center and a member of the Global Agenda Council on Cyber Security

Helen Margetts is Director and Professor at the Oxford Internet Institute, Oxford University, and a Member of the Global Agenda Council on the Future of Government

Anil Menon is the President of Smart+Connected Communities, Cisco Systems, and Vice-Chair of the Global Agenda Council on the Future of Cities

Read more

A RIGHTS-BASED REVOLUTION?

by IEAG MEMBERS CARMEN BARROSO & KATELL LE GOULVEN

As data become more central to sustainable development, the immense scope for data to empower people is becoming apparent. But alongside this opportunity are clear risks, as people around the world question the accessibility and privacy implications of the new world of data. At the heart of issues like these—both the potential and the risks— are rights. Some members of the panel have been asking: what would a rights-based approach to the data revolution entail?

using a mobileWe know we are not alone in asking these questions. The panel’s initial consultations revealed a shared concern for data-related rights. Indeed, around the world, issues of rights and data are being hotly debated by citizens, legislative bodies, civil society, and the private sector. As we attempt to map the landscape of rights and data, we therefore seek your help!

If you have thoughts, expertise, or concrete examples on the following set of questions, please share with the panel by commenting below or by emailing them to undatarevolution@gmail.com with the subject line “rights-based data revolution.”

HOW DO RIGHTS INTERSECT WITH THE PROCESS OF COLLECTING, ANALYZING AND DISSEMINATING DATA?

Initial consultations have resulted in the following set of rights related to data. What is missing? Which rights should be prioritized in the context of the Panel’s report?

Right to an identity (right to be counted)
Right to privacy (in Europe: right to be forgotten)
Right to participation
Freedom of expression/ speech
Ownership: right to own your personal data
Right to access data about you (re-use, sale of data)
Principles of consent
Right to due process (how data is used, ie. how to regulate the algorithm)
Protection from discriminatory uses of data
Right to non-discrimination and equality (how data hides or shows inequalities among subgroups of the population)
WHAT EXISTING RIGHTS REGULATION, POLICIES, OR FRAMEWORKS COULD BE APPLIED TO DATA FOR DEVELOPMENT?

This might include frameworks from other sectors, ie. the right to be counted in the Convention on the Rights of the Child; or from other fields, ie. frameworks for ethical use of DNA data. What gaps should be highlighted in the report, ie. areas where “new data” require altogether new norms, frameworks, and policies for a rights-based approach to the data revolution?

HOW CAN DATA EMPOWER PEOPLE?

Many advocate for an SDG monitoring framework that is participatory and empowering to citizens. Can data provide voice? What IEAG recommendations would ensure that data support the right to participation, both in terms of data collection and data access?

STATISTICAL AVERAGES CAN HIDE INEQUALITIES BUT GRANULAR DATA CAN INFRINGE ON PRIVACY.

As decision-makers use data to target policies and programs, data needs to be disaggregated in different ways—for example by gender, geography, age and income level— to ensure we understand the circumstances of different segments of the population. The more granular the data, the more powerful the potential to address the needs of all. But there is a concern that such disaggregation might infringe on people’s right to privacy. What recommendation should the IEAG make to reconcile this dilemma?

WHAT ARE WE MISSING?

Please tell us any other thoughts you have on a rights-based framework for the data revolution.

Read more

ICANN chief: “The whole world is watching” the U.S.’s net neutrality debate

The Washington Post   By Nancy Scola

Onetime Bell Labs engineer Fadi Chehadé is president and chief executive of the Internet Corporation for Assigned Names and Numbers, or ICANN, the 16-year-old California-based nonprofit that acts as something of a switchboard operator charged with maintaining a stable global Internet.

Named to the post in the summer of 2012, Chehadé has seen his tenure marked by drama, from the impact of the Edward Snowden disclosures, to the ending of a U.S. Commerce Department contract for managing part of the Internet’s naming system, to a debate over where — at ICANN? the United Nations? somewhere else? — decisions about the future of Internet governance should be made.

It’s a heady time in Internet governance, Chehadé said in an interview Tuesday from his Los Angeles office. “I find myself in a unique point in history where either we will be able to succeed as a human race, almost, in maintaining the Internet as a platform for solidarity and for economic progress, or, frankly, we will fail,” he said, “We break it down, and politicize it, and fragment it to the point where it loses the incredible value it has in bringing us together.”

The Switch: We’re talking on the first anniversary, to the day, of the Montevideo Statement on the Future of Internet Cooperation, signed by global stakeholders in the wake of the Edward Snowden disclosures to protest National Security Agency monitoring. What’s different today than it was a year ago?

Fadi Chehadé: The global community was definitely energized by that statement to start the march toward what I would call a working ecosystem of Internet governance that is rooted in two principles: first, that we want Internet governance in a distribute, polycentric way, as opposed to a centralized, top-down way; and, secondly, we’re moving Internet governance decidedly into a moment where all stakeholders are engaged.

I think a year ago we were still seething from a [United Nation’s International Telecommunication Union] meeting in Dubai where it wasn’t clear that we could tell those looking for solutions in Internet governance where to go to in the distributed and multistakeholder Internet governance model we believe in. People stood up and said, “Where do I solve spam?” And most of us said, “Not here!” But this wasn’t sustainable. And what the Montevideo Statement did was to start coalescing the global community to start answering the question.

So, why isn’t the push to give more power to the UN’s International Telecommunications Union the answer?

If we move everything into one organization, suddenly it becomes highly centralized. Now, could the ITU solve a problem or a particular issue? Certainly, if the community decides it’s the best place to do it. But we think that Internet governance should look like the Internet: highly distributed, highly agile and highly effective. Imagine if we had to come up with a treaty to solve spam?

We don’t want one organization to broaden its remit [mission statement] and become a major central organization. We want many small organizations that address, in a very agile, effective way, the various issues — both technical and nontechnical. Today, ICANN addresses largely technical issues. But who’s addressing nontechnical issues? Where do we go to come up with a global framework for how we do [Web site] takedowns? Where do we go to come up with a global framework for how we protect children on the Internet? Where do we go to deal with issues of privacy?

What, then, is your solution?

There are three parts. First, we needed principles that deal with fundamental things: what are the core values that keep the Internet open, that maintains a basic set of human rights and respect privacy. We didn’t have that. We came up with these principles in Sao Paolo [at the late April NETMundial meeting]. Okay, good, now we have that.

The next thing is coming up with a framework for coming up with solutions rapidly. That’s what [Estonian] President Toomas Ilves’s panel did. It worked for seven months to design such a framework, and it’s a very delicate and important piece of work, because for the first time it describes what a distributed, polycentric model of Internet governance looks like.

The next step is action. The principles are the key specifications of a house. The framework is the actual architectural drawing of the house. Now we need to build it. We will be announcing that later this month: It will be called the NETMundial Initiative.

What we plan to do is to provide an online platform where people who have Internet governance issues, technical or nontechnical, can go and say: “I have this issue. Who has solved this issue?” The minister of [information and communications technology] in Rwanda told me: “Fadi, I want to come up with a policy to protect children online. Can you point me somewhere? Who’s done that? Whom can I contact to tell me how it works?” The first thing this platform does is create that mapping.

The second thing it does is step in where there is no solution yet. Take Web site takedowns. Our government does it. The Russian government does it. Everybody does it. It’s complicated. The president of France, two weeks ago, ordered with a decree the takedown of sites that were inciting French citizens to join ISIS. What is that process? The government issued a decree, but that decree broke legal contracts between the companies that hosted these sites and the people who run them. What if that decree was done in a country where these takedowns were against sites that promoted free expression?

None of those solutions exist today. It’s completely artisanal. We’re essentially going to use crowdsourcing mechanisms to coalesce people to say, “Let’s come up with a process.” The platform is simply going to serve as a canvas for them to do it, in accordance with our principles.

But the NETMunidial Initiative model is nonbinding. Does that satisfy someone like Brazil’s President Dilma Rousseff, who was so angered by the Snowden disclosures that she memorably threatened before the UN’s General Assembly last September to find an alternative means “to ensure the effective protection of data that travels through the Web.”

A government, like Brazil, might take one of those solutions and codify it in a binding way. But if we leave it to every government to codify their own solution, we’ll end up with a fragmented Internet. Here the creation of that solution is decoupled from the implementation of that solution. People can dip into that quote-unquote solution toolbox, rather than creating it on their own.

Did the Snowden disclosures make your job easier or harder?

Both. If the Snowden revelations didn’t happen, it may have been hard for me to lobby in front of Dilma Rousseff’s office for three days until she saw me. I stood there in Brasília and insisted that I wanted to talk to her about this. But it helped, because the issue is already very high on her agenda…

Wait, I’m sorry. You stood outside the president of Brazil’s office for three days?

I did. I insisted to see her, and she saw me. I talked to Kofi Annan after [Rousseff] made the speech at the UN. And Kofi told me, “Fadi, a lot of people identified with what she said.” I went to see her to say, okay, fine. You identified that we don’t have a framework for solving complex issues of privacy, surveillance. But do you really believe that the best place for that to happen is at the UN? It’s important that we, in a positive and constructive way, challenge leaders around the world on how they really plan to solve the issue.

Snowden put the issue of Internet governance more prominently on agendas of global leaders. That’s a good thing and a bad thing. So we used it to advance the distributed, multistakeholder model.

The bad thing that happened in my case is that a lot of people came to ICANN and said, “Stop surveillance.” Well, we don’t do surveillance. We just do [Internet protocol] numbers. So we’ve had to do a lot of work in the last year explaining who does what. But in a way, that’s positive, because it put a spotlight on where there are no solutions. When I explain to people that that’s all we do, the next question is, “Okay, well, who the hell does all these other things?”

Does the United States have an exceptional role in managing the Internet?

Today, they do, yes. They have the exceptional role of approving changes to the root zone [part of the Internet’s fundamental Web site naming system], which we do today. That’s an important role. And it’s a role that was always envisaged to go away. Ira Magaziner, who designed all this in the Clinton White House, told me, “Fadi, we designed it so that in 2000, this exceptional role would be gone.” He told me, “You’re 14 years late, but I’m glad you’re finally there.”

But the other exceptional role is the U.S.’s leadership that has been central to keeping the Internet open, central to keeping the Internet accessible to the millions of people in the world who access it today. That’s a role that’s played in three places.

First, there’s the overall leadership of the United States in international fora — in the UN, in the [Organisation for Economic Co-operation and Development], and all the fora that have an impact on cyberspace.

Second the U.S. plays an extremely important role as a role model, as a reference point to the world. You think that how the FCC decides to move forward with net neutrality only affects America? No. The whole world is watching how this country continues to manage its Internet for the benefit of its public. That sends a powerful message to the world.

And the U.S. will continue to build coalitions to promote a version of an Internet that is open, that is diverse, that respects human rights, that enables commerce, that keeps the wheels of the digital economy greased. That’s not going to go away when the U.S. passes the baton to the global community on managing the root.

Read more

National Cyber Security Awareness Month [Press Release]

10/02/14

Every October since 2004, National Cyber Security Awareness Month—administered by the Department of Homeland Security (DHS)—reminds us of the importance of protecting not only our individual identities, finances, and privacy but also our country’s national security, critical infrastructure, and economy. Cyber security is a responsibility shared by all—the public sector, the private sector, and the general public.

Individually, Americans should ensure the security of their own computers and other electronic devices. You don’t want criminals accessing your bank accounts online. You don’t want to become part of a criminal botnet responsible for stealing millions of dollars. You don’t want to unknowingly infect your company’s computer network with a damaging virus.

So how can you protect against those scenarios? Here are a few tips:

Make sure you’ve got updated antivirus software installed;
Enable automated patches for your operating system;
Don’t open e-mail attachments or click on URLs in unsolicited e-mails;
Use strong passwords, and don’t use the same one or two passwords for everything; and
Avoid putting out personally identifiable information on social media platforms.
In other words, make it as difficult as possible for criminals and others to use your digital technology against you, against other innocent victims, and against our nation as a whole.

Read more

Privacy advocates sue Pentagon over Internet voting test results

By Nancy Scola

Privacy advocates, worried that the Defense Department is sinking millions of dollars into unproven online voting systems, are suing the Pentagon for the release of long-promised test results on whether Internet-based voting is safe.

The subtext of the lawsuit is that after spending millions on online voting experiments — in 2010 alone, the Defense Department’s Federal Voting Assistance Program received $9 million from Congress to design and test Internet-based voting — privacy advocates worry that online voting could spread in the United States without proper vetting.

The Electronic Privacy Information Center, a D.C.-based advocacy group, filed a lawsuit last month against the Pentagon, under the Freedom of Information Act, to compel the release of the results of the department’s test of its online voting system.

Ginger McCall is the director of EPIC’s open government project. “Voting is an integral part of our democratic system,” she said, “and it is imperative that the public have information about whether or not e-voting systems are really secure and reliable before they are used or more money is spent on their acquisition.”

Overseas voting for both military personnel and civilians living abroad is handled by the Defense Department. These Americans exist at the experimental edge of efforts to increase access to voting, including through electronic means. That has been especially true, and politicized, since the close 2000 presidential election, which put absentee overseas ballots in the spotlight.

The lawsuit is a ratcheting up of a long-standing dispute, as McClatchy reports. The Defense Department’s Federal Voting Assistance Program has been reviewing its pilot program, known as the Electronic Absentee Systems for Elections, or EASE. The program gives states money to experiment with allowing mock overseas online voting. In some states, voters can fill out a ballot online, but still must print out a physical copy and mail it in. Other states have tested online voting software in mock elections. (“It is important to note,” the Defense Department said in a statement, “grantees were prohibited from using funds for the electronic delivery of marked ballots in a live election.”) In 2012, FVAP acting director Pamela Mitchell told Congress that the test results would be released in the next several months.

In July, EPIC filed a FOIA request to learn more about how the program works and whether it is secure. The group filed the lawsuit on Sept. 11, about two weeks after the legally-mandated 20-day window for federal agencies to respond to FOIA requests had closed.

The appeal of online voting is obvious, particularly for those in the military who might be stationed in places beyond regular mail services. But there are worries about whether it can be made safe. That’s especially true given that individual states, which operate elections within the United States, could be more vulnerable than Defense Department systems to hacking or other incursions — concerns that look different in the wake of everything from the Edward Snowden disclosures to the recent Apple iCloud breaches.

A group of computer scientists and other technologists, including Princeton’s Ed Felten, Stanford’s David Dill, and Johns Hopkins’s Avi Rubin have issued a statement urging caution on the spread of online voting until those worries can be addressed.

“Election results must be verifiably accurate — that is, auditable with a permanent, voter-verified record that is independent of hardware or software,” reads the statement.

“Internet voting should only be adopted after these technical challenges have been overcome,” it continues, “and after extensive and fully informed public discussion of the technical and non-technical issues has established that the people of the U.S. are comfortable embracing this radically new form of voting.”

Those academics, computer scientists and others who closely track the process of voting have been eager to receive the results of what is arguably the largest-scale study of online voting that has taken place.

“Currently, FVAP expects to release all reports related to electronic voting systems in late 2015,” the Defense Department said in a statement. “These reports contribute to the larger, ongoing decision-making process regarding the conduct of FVAP’s congressionally mandated electronic voting demonstration project requirement, thus they are currently considered pre-decisional and not available for public release.”

Washington Post

Banks launch fresh drive against cyber crime

The banking industry is teaming up with more than a dozen government and law enforcement agencies to establish a new platform that will warn institutions of the latest threats from financial criminals.
The Financial Crime Alerts Service is designed to allow banks and other financial groups to react faster to major incidents and to learn of the latest techniques being used by fraudsters, cyber criminals and terrorists. Banks have pushed cyber security up their list of priorities as they encourage customers to do more of their banking via smartphone applications while criminals become more sophisticated in the ways they operate.

Concern about a possible state-sponsored attack on financial systems has been heightened after this summer’s infiltration and theft of data from computer systems at JPMorgan Chase, the biggest US bank by assets, which according to some reports had its origins in Russia.
The British Bankers’ Association said it was working with its preferred technology partner, BAE Systems Applied Intelligence, to launch the new service early next year and would aim to sign up as many of its members as possible.

“This alerts system is a powerful new weapon against fraudsters, cyber criminals and other crooks intent on stealing our clients’ money,” said Anthony Browne, BBA chief executive, calling it “a shining example of how banks and government can work together to benefit all customers”.

The new platform will build on the existing scheme between the banks and the National Fraud Intelligence Bureau, which has already prevented more than £100m of fraud losses through information-sharing, according to the BBA.

Concern about the issue has been partly fuelled by high-profile incidents such as last year’s arrest of eight men on suspicion of stealing £1.3m from a Barclays branch in London when one member of the gang posed as an IT engineer.

The new alerts system will pool intelligence from 12 government and law enforcement agencies, including the National Crime Agency, and share it with the teams working inside the banks to combat fraud, cyber crime, terrorism financing, money laundering and bribery.

“Collaboration between law enforcement and the private sector is key to reducing the impact of economic crime,” said Donald Toon, director of the economic crime command at the National Crime Agency.

“Alerts to industry are a key part of this.”

The US Federal Bureau of Investigation and the US secret service have announced an inquiry into recent cyber attacks against several financial companies, including JPMorgan. Benjamin Lawsky, head of the New York Department of Financial Services, told a Bloomberg conference this week that the prospect of an “Armageddon-type cyber event” is one of the most significant issues he plans to address in the next year.

Mr Lawsky compared the threat of a cyber attack on the financial system to the terrorist attacks on the World Trade Center in 2001. “I worry about the same thing here: that an event will happen and we’ll all look back at it and say, ‘how did we not do more?’” he said.

The financial sector is a main target for cyber criminals, whether they are seeking to make a profit from customer data or confidential information about dealmaking, or are “hacktivists” or nation states wishing to make a political point. But the banks are also some of the best protected companies against cyber crime, with large numbers of security staff and customised software that many other companies cannot afford.

A recent paper from the Bank of International Settlements found that the UK financial sector was spending more than £700m annually on cyber security.