[Briefing #18] Internet governance in September 2015

The digital policy developments in September were dominated by the UN Summit to adopt the post-2015 development agenda, and the USA-China meeting from which a cyber arms deal emerged. Other developments were also important, such as the non-binding opinion of the Advocate General to the European Court of Justice on European data transfers to third countries, and the French data regulator’s decision on the right to be forgotten.

The developments were discussed last Tuesday during the Geneva Internet Platform’s monthly briefing on IG developments. Dr Jovan Kurbalija presented a round-up of the main developments, and the findings of the IG Barometer for September.

Main events in September

Some of the main events that took place in September were:

• 1-3 September: 3rd AfICTA Summit – ICT: Lighting the way to Development and Prosperity Across Africa (Johannesburg, South Africa)
• 2-4 September: IGF 2015 Third Open Consultations and MAG meeting (Paris)
•  9-10 September: Global Cyberspace Cooperation Summit VI (New York)
• 14 September – 2 October: UN Human Rights Council – 30th regular session (Geneva)
• 15 September: UNGA 70th session starts today (New York)
• 18-19 September: IANA ICG Face-to-Face Meeting (Los Angeles)
• 25-27 September: United Nations Summit to adopt the post-2015 development agenda (New York)
• 28-29 September: European Cybersecurity Forum (Kraków, Poland)
• 30 September – 2 October: 3rd Europol-INTERPOL Cybercrime Conference (The Hague)

The main developments

The IG Barometer for September – which captured the ‘pressure’ of several digital policy areas in comparison with the previous month – showed that cybersecurity once again ranked high on digital policy agendas.

The US-China ‘G2’ summit was one of the most important developments in September. The USA (home to the strongest Internet industry) and China (with the highest number of Internet users) agreed that ‘neither the US or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.’

‘In addition’, President Obama said, ‘We’ll work together, and with other nations, to promote international rules of the road for appropriate conduct in cyberspace. So this is progress. But I have to insist that our work is not yet done. I believe we can expand our cooperation in this area, even as the United States will continue to use all of the tools at our disposal to protect American companies, citizens and interests.’

Dr Kurbalija explained that the meeting did not feature any major breakthrough, and that we are now waiting to see whether the US government will introduce sanctions against cyberattackers.

An extortion scam on Wikipedia, which targeted small businesses and celebrities, saw rogue editors take advantage of the collaborative nature of Wikipedia. In the UK, Lizard Squad cyber-attackers disrupted the National Crime Agency website after teenagers were arrested and released on bail over an alleged Lizard Squad cyberattack. The cyberattacks in previous months have demonstrated a higher level of sophistication, and as US National Intelligence director James Clapper said recently, cyber threats are evolving into operations that manipulate information in order to compromise its integrity.

The main development to the global IG architecture was the UN Summit to adopt the Sustainable Development Goals. Among the 17 goals adopted unanimously, Goal 9c commits to ‘significantly increase access to ICTs and strive to provide universal and affordable access to the Internet in least developed countries by 2020.’

Dr Kurbalija explained that we can expect the Internet to play an important role when it comes to the implementation and monitoring of the SDGs, and in this context, in digital policy and Internet governance.

Meanwhile, during an open business forum on ICT, technology and foreign policy in Berlin, German Foreign Minister Steinmeier stated that ‘the Internet is a global public good that we need to protect’. A constant in German digital policy, we can expect the concept of global public goods to come more into focus in the coming months.

With regards to the IANA Transition, a face-to-face meeting of the Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability), , triggered a discussion on whether it will be possible to achieve external accountability and whether ICANN’s internal accountability structure worked well. Both the CCWG-Accountability and the IANA Stewardship Transition Coordination group (ICG) ran a 40-day comment period on the CCWG’s  second draft proposal and the ICG’s Interim Final Proposal.

During the past few weeks, the focus on ICANN and new domain names was more or less neutral, when compared to previous months. One important case was the GoDaddy Inc case, in which the company won a cyber-squatting lawsuit brought by the Academy of Motion Picture Arts and Sciences.

The American Registry for Internet numbers (ARIN) extinguished its final block of IPv4 addresses from its free pool. While this development will not undermine the functionality of the Internet, as there are many mechanisms in place, it is a symbolic development in the transition towards IPv6.

Online privacy and data protection has been high on agendas since the beginning of the year. European Court of Justice advocate general Yves Bot issued a non-binding opinion in which he said that a ‘deal easing the transfer of data between the United States and the EU is invalid’, and that ‘the surveillance carried out by the United States is mass, indiscriminate surveillance’. Dr Kurbalija explained that the US-EU Safe Harbor Agreement provided for particular treatment of the data of European citizens according to EU law. While negotiations on updating the agreement are ongoing, there are also criticisms that this represents a failed attempt to coordinate between two different legal systems.

In New York, activists have proposed the International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers, or the ‘Snowden Treaty’, while in Thailand, a cabinet resolution shows the country’s intention to create a national firewall – or a ‘single internet gateway’, which would be used ‘to control inappropriate websites and to control the flow of information into the country from overseas via the internet’.

Also relevant to privacy and surveillance is a new US Justice Department policy which will require federal law enforcement officials to obtain warrant before using Stingray technology to surveil mobile communications. However, the policy does not apply to state and local agencies, or federal agencies using the device abroad.

Net neutrality – an issue which gained momentum in February and March with the US Federal Communications Commission’s new net neutrality rules – has diminished in public visibility on the media, Dr Kurbalija explained. In response to several suits filed against the FCC, the Electronic Frontier Foundation (EFF) has invited network engineers and computer scientists to sign a statement defending net neutrality which will be attached to an amicus brief.

Jurisdiction is picking up momentum, especially after the French data regulator, the Commission Nationale de l’Informatique et des Libertés (CNIL), rejected Google’s appeal against the global enforcement of the right to be forgotten. Since the appeal has been rejected, CNIL has stated that Google must now comply with the formal notice. The regulator followed the reasoning of the Licra vs Yahoo! case (2000) in which the French court required Yahoo! to prevent access to Nazi memorabilia materials by Internet users in France. The consequences of this latest ruling are enormous, and could increase fragmentation of the Internet.

In a case which is being heard in New York, Microsoft has challenged the US government’s request for emails from a Hotmail account hosted in Ireland over a 2013 drugs case. Microsoft is arguing that the US government has no authority over data centre in Dublin, while the US government is arguing that since Microsoft is a US company, it is subject to US laws. It will be interesting to examine how far jurisdiction can extend beyond national borders.

With regards to e-commerce, the anti-trust practices battle between Google and the European Commission continues, while the company is now also being investigated for anti-trust practices by the US Federal Trade Commission.

In the past months, ride-sharing service Uber has been mainly challenged by European regulators, but a development in the USA has exposed the company to potential class action litigation by thousands of Californian drivers.

Dr Kurbalija explained that new business models are bringing about major legal challenges, as they are reshuffling economic space, and introducing new services. Regulators are now faced with even more complex challenges.

The most important update from the Geneva Internet Platform and DiploFoundation was the launch of the GIP Digital Watch, earlier this week. The GIP Digital Watch is a new online tool which empowers diplomats and other Internet policy participants by providing a concise overview of policy issues, participants and ongoing developments. At launch, the observatory featured 42 issues, 158 organisations and entities, 335 policy instruments, 291 events, 1,638 cross-links among issues/actors/instruments/events, and 28,862 articles and documents gathered for data analysis. Learn more.

Ahead in October

October will be a busy period for Internet governance. A number of events and deadline are scheduled for the next few weeks, which include:

• 1 October: Internet as a Commons: Public Space in the Digital Age (Brussels)
• 1 October: Netherlands IGF (The Hague)
• 1 October: IGF Bosnia and Herzegovina (Sarajevo)
• 1-2 October: 6th Meeting of CWG on Int’l Internet-related Public Policy Issues (Geneva)
• 3-5 October: Port Hackathon at CERN
• 6-7 October: Australian IGF (Melbourne)
• 7-8 October: Annual Privacy Forum 2015 (Luxembourg)
• 8 October: ISOC Q4 Community Forum (online)
• 9 October: TEDxCERN: Breaking the Rules (Cessy, France)
• 10-18 October: Europe Code Week 2015 (various)
• 12-15 October: ITU Telecom World 2015 (Budapest)
• 13-14 October: CoE Conference on Freedom of Expression: New Battlefronts (Strasbourg)
• 17-21 October: 133rd Assembly of the Inter-Parliamentary Union (Geneva)
• 18-22 October: ICANN54 (Dublin)
• 19 October: Second WSIS+10 Informal Interactive Stakeholder Consultations (New York)
• 19 October: Forum on Internet of Things: Empowering the New Urban Agenda (Geneva)
• 20-21 October: The GSMA Mobil 360 Middle East (Dubai)
• 20-22 October: ICT 2015 Innovate, Connect, Transform (Lisbon)
• 23-26 October: Amsterdam Privacy Conference (Amsterdam)
• 26-27 October: Internet of Things Global Summit (Washington)
• 27-29 October: Open Government Partnership Global Summit (Mexico City)  
• 27-29 October: GSMA Mobile 360 North America (Atlanta, GA) 
• 28-30 October: 2015 World Internet Conference (Zhejiang Province, China)
• 29-30 October: OSCE CBM meeting (Serbia) (TBC)

The next webinar briefing – Internet governance developments in October – will take place on Tuesday, 27th October.

View the recording of the briefing:

Download the presentation. The recording includes a discussion based on the round-up of developments for October.

 

Join us for the next briefing on 27 October; registrations are now open. The briefing will be delivered live in Geneva, and online for remote participants.