Centre for Internet and Society

The 'Global Multistakholder Community' is Neither Global Nor Multistakeholder

pranesh — 2016-11-03T10:42:53Z

CIS research shows how Western, male, and industry-driven the IANA transition process actually is.

In March 2014, the US government announced that they were going to end the contract they have with ICANN to run something called the Internet Assigned Numbers Authority (IANA), and hand over control to the “global multistakeholder community”. They insisted that the plan for transition had to come through a multistakeholder process and have stakeholders “across the global Internet community”.

Analysis of the process since then shows how flawed the “global multistakeholder community” that converges at ICANN has not actually represented the disparate interests and concerns of different stakeholders. CIS research has found that the discussions around IANA transition have not been driven by the “global multistakeholder community”, but mostly by males from industry in North America and Western Europe.

CIS analysed the five main mailing lists where the IANA transition plan was formulated: ICANN’s ICG Stewardship and CCWG Accountability lists; IETF’s IANAPLAN list; and the NRO’s IANAXFER list and CRISP lists. What we found was quite disheartening.

A total of 239 individuals participated cumulatively, across all five lists.
Only 98 substantively contributed to the final shape of the ICG proposal, if one takes a count of 20 mails (admittedly, an arbitrary cut-off) as a substantive contribution, with 12 of these 98 being ICANN staff some of whom were largely performing an administrative function.

We decided to look at the diversity within these substantive contributors using gender, stakeholder grouping, and region. We relied on public records, including GNSO SOI statements, and extensive searches on the Web. Given that, there may be inadvertent errors, but the findings are so stark that even a few errors wouldn’t affect them much.

2 in 5 (39 of 98, or 40%) were from a single country: the United States of America.
4 in 5 (77 of 98) were from countries which are part of the WEOG UN grouping (which includes Western Europe, US, Canada, Israel, Australia, and New Zealand), which only has developed countries.
None were from the EEC (Eastern European and Russia) group, and only 5 of 98 from all of GRULAC (Latin American and Caribbean Group).
4 in 5 (77 of 98) were male and 21 were female.
4 in 5 (76 of 98) were from industry or the technical community, and only 4 (or 1 in 25) were identifiable as primarily speaking on behalf of governments.

This shows also that the process has utterly failed in achieving the recommendation of Paragraph 6 of the 3 in 5 registrars are from the United States of America (624 out of 1010, as of March 2014, according to ICANN's accredited registrars list), with only 0.6% being from the 54 countries in Africa (7 out of 1010).

45% of all the registries are from the United States of America! (307 out of 672 registries listed in ICANN’s registry directory in August 2015.)

66% (34 of 51) of the Business Constituency at ICANN are from a single country: the United States of America. (N.B.: This page doesn’t seem to be up-to-date.)

This shows that businesses from the United States of America continues to dominate ICANN to a very significant degree, and this is also reflected in the nature of the dialogue within ICANN, including the fact that the proposal that came out of the ICANN ‘global multistakeholder community’ on IANA transition proposes a clause that requires the ‘IANA Functions Operator’ to be a US-based entity. For more on that issue, see this post on the jurisdiction issue at ICANN (or rather, on the lack of a jurisdiction issue at ICANN).

For more details visit https://cis-india.org/internet-governance/blog/global-multistakeholder-community-neither-global-nor-multistakeholder

Multi-stakeholder Advisory Group Analysis

jyoti — 2016-04-12T10:02:31Z

This analysis has been done to see the trend in the selection and rotation of the members of the Multistakeholder advisory group (MAG) in the Internet Governance Forum (IGF). The MAG has been functional for nine years from 2006-2015. The analysis is based on data procured, collated and organised by Pranesh Prakash and Jyoti Panday. Shambhavi Singh, Law Student, NLU Delhi who was interning with CIS at the time also assisted with the organisation and analysis of the data.

The researcher has collected the data from the lists of members available in the public domain from 2010-2015. The lists prior to 2010 have been procured by the Centre for Internet and society from the UN Secretariat of the Internet Governance Forum (IGF).

This research is based solely upon the members and the nature of their stake holding has been analysed in the light of MAG terms of reference. No data has been made available regarding the nomination process and the criteria on which a particular member has been re-elected to the MAG (The IGF Secretariat does not share this data).

According to the analysis, in these six years, the MAG has had around 182 members from various stakeholder groups.

We have divided it into five stakeholder groups, Government, Civil Society, Industry, Technical Community and Academia. Any overlap between two or more of these groups has also been taken into account, for example- A member of the Internet Society (ISOC) being both in the Civil Society and Technical Community.

According to the MAG Terms of Reference[1], it is the prerogative of the UN Secretary General to select MAG Members. The general policy is that the MAG members are appointed for a period of one year, which is automatically renewed for 2 more years consecutively depending on their engagement in MAG activities.

There is also a policy of rotating off 1/3^rd members of MAG every year for diversity and taking new viewpoints in consideration. There is also an exceptional circumstance where a person might continue beyond three years in case there is a lack of candidates fitting the desired area.

However, it seems like the exception has become the norm as a whopping number of members have continued beyond 3 years, ranging from 4 years up to as long as 8 years, this figure rounds up to around 49. No doubt some of them are exceptional talents and difficult to replace. However, the lack of transparency in the nomination system makes it difficult to determine the basis on which these people continued beyond the usual term.

S. No.	Stakeholder	Number of years	Total Members continuing beyond 3 years
1	Civil Society	8, 6, 6, 4, 4,	5
2	Government/Industry	4, 5	2
3	Technical community/ Civil society	8, 8, 8, 6, 6, 4, 4, 4, 4,4	10
4	Industry/ Civil society	8, 6,	2
5	Industry	8, 7, 7, 6, 6, 4,	6
6	Industry/Tech Community/ Civil Society	8,	1
7	Government	7, 7, 7, 6, 6, 6, 6, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4,	19
8	Academia	6, 6, 5,	3
9	Industry/ Tech community	6,	1

The stakeholders that have continued beyond 8 years have around 39% members from Government and related agencies. The next being Technical Community/Civil Society with around 20% representation, followed by Industry at 12%, 10% from the Civil Society, 6% from Academia, 4% from Government/Industry, 4% from Industry/Civil Society and 2% each from Industry/Technical Community and Industry/Technical Community/Civil Society respectively.

Table with overlapping interests merged

S. No.	Stakeholder	Total Members continuing beyond 3 years
1	Civil Society	7 + 9 + 1+1 = 18
2	Government	19
3	Tech Community	9 + 1 + 1+1 = 12
4	Industry	6 + 2 + 1 + 1+2 = 13
5	Academia	3

When the overlap is grouped separately, as in if a Technical Community/Civil Society person is placed both in Technical Community and Civil Society groups individually, then the representation of stakeholder representation is as follows(approximate values)-

Government- 29%

Civil Society- 28%

Industry- 20%

Technical Community-17%

Academia-5%

This clearly shows us that stakeholders from academia generally did not stay on MAG beyond 3 years. Even when all members that have ever been on MAG are taken into consideration, only around 8% representation has been from the academic community. This needs to be taken into account when new MAG members are selected in 2016.

The researcher has also looked at the MAG Representation based on gender and UN Regional Groups. The results of the analysis were as follows-

The ratio of male members is to female members is approximately 16:9 in the MAG and the approximate value in percentage being 64% and 36% respectively.

Now coming to the UN Regional Groups, the results that the analysis yielded were as follows-

The Western European and Others Group (WEOG) has the highest representation in MAG, a large number of members being from Switzerland, USA and UK. This is followed by the Asia Pacific Group which has 20% representation. The third largest is the African group with 19% representation followed by Latin American and Caribbean Group (GRULAC) and Eastern European Group with 13% and 12% representation respectively.

The representation of developed, developing and Least Developed Countries is as follows-

Developed countries have approximately 42% representation, developing countries having 53% and LDCs having a mere 5% representation. There should be some effort to strive for better LDC representation as they are the most backward when it comes to Global ICT Penetration. [2]

[1] Intgovforum.org, 'MAG Terms Of Reference' (2015) <http://www.intgovforum.org/cms/175-igf-2015/2041-mag-terms-of-reference> accessed 13 July 2015.

[2] ICT Facts And Figures (1st edn, International Telecommunication Union 2015) <http://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2015.pdf> accessed 11 July 2015.

For more details visit https://cis-india.org/internet-governance/blog/mag-analysis

Good Intentions, Recalcitrant Text – II: What India’s ITU Proposal May Mean for Internet Governance

geetha — 2014-11-03T07:07:16Z

The UN's International Telecommunications Union (ITU) is hosting its Plenipotentiary Conference (PP-14) this year in South Korea. At PP-14, India introduced a new draft resolution on ITU's Role in Realising Secure Information Society. The Draft Resolution has grave implications for human rights and Internet governance. Geetha Hariharan explores.

Disclaimer and update (2 November 2014): India's Draft Resolution was discussed during the meeting of the Ad Hoc Working Group on Internet-related Resolutions at the ITU Plenipot on the evening of November 1, 2014 (KST). After the discussion, India revised the text of the resolution, seeking to address concerns raised by ITU member states. The revised resolution may be found here. However, this blog post was written with reference to the original text of India's Draft Resolution.

***

As I mentioned in my last post, India’s Draft Resolution on ‘ITU’s Role in Realising Secure Information Society’ raises security and equity concerns. The Draft Resolution has 3 security concerns: (i) security weaknesses in the network architecture that permit “camouflaging the identity of the originator of the communication” and make “tracing of communication difficult”; (ii) non-systematic, non-contiguous allocation of naming, numbering and addressing resources on the Internet, which makes it difficult to identify both the users and what states the IP addresses are located in; (iii) non-local routing and address resolution relating to traffic originating and terminating in the same country. Op. §§1, 3-7 seek to address these. It also identifies the present system of allocation of naming, numbering and addressing resources as inequitable, unfair, unjust and undemocratic (Op. §2 of the Draft Resolution offers a solution). I discussed some human rights implications of India’s Draft Resolution in my last post.

In this post, I explore the implications of the Draft Resolution for Internet governance and multi-stakeholder approaches (most notably, an equal footing model).[1] Given the uncertainties around defining multi-stakeholderism for Internet governance, this is rather ambitious. So I will try to point to concerns with certain textual interpretations of the Draft Resolution, map that against the positions India’s representatives have taken on Internet governance in the past, and the motivations/concerns that underlie the tabling of the Draft Resolution. This Resolution may not be the best way to allay India's concerns, for there are technical and rights implications. But the concerns it raises are worth discussion and knowledge, and at forums where concerns are heard, acknowledged and discussed collectively. The text of the Draft Resolution and its attendant implications are not, then, the sole subjects of this post.

The Draft Resolution and Internet governance:

The text of the Draft Resolution is problematic. Many of its clauses may be seen as taking positions against multi-stakeholder approaches to Internet governance. Introducing such a resolution at the ITU may itself bring back memories of the controversies surrounding Resolution 3 of the World Conference on International Telecommunications (WCIT), 2012.[2] In 3 ways, the text of the Draft Resolution has indications for multi-stakeholder approaches.

First, the Draft Resolution frames issues primarily from the perspective security. In its preamble, the Draft Resolution makes several references to security threats posed by and on the Internet. For instance, it points to the ability of the network to “camouflage the identity of the originator of the communication” (Pream. §(e) [recognizing]), as well as national security concerns in the present-day system of routing Internet traffic through multiple countries (Pream. §§(f) and (g), [recognizing]). The apparent difficulty in tracing IP addresses, due to their random allocation, is another concern (Pream. §(h), [recognizing]). Among the “significant public policy issues” identified in telecom/ICT management, “security and safety of the Telecom/ICTs” is specifically noted (Pream. §(i) [considering]). In the Context note to the Draft Resolution and in several places in the Preamble, there are references to ITU Resolution 130 (‘Strengthening the role of ITU in building confidence and security in the use of information and communication technologies’) and ITU’s Cyber-security Agenda. Given the (legitimate or otherwise) disproportionate involvement of governments and not other stakeholders in matters of cyber-security, the framing of issues from a security perspective may lend itself to worries for multi-stakeholderism. Specifically, the Draft Resolution notes: “ensuring security of ICT networks is sovereign right of Member States” (Pream. §(b) [recognizing]).

Second, the Draft Resolution emphasizes the sovereign right of states to regulate and control telecom/ICT. It says, for instance, “it is the sovereign right of each state to regulate its telecommunication” (Pream. §(b) [considering]). With regard to the Internet, the Context note to the Draft Resolution (page 1) considers the Internet to be synonymous with telecom/ICTs: “the Telecom/ICTs, which in common lexicon is used interchangeably many times as Internet…”. Public telecom networks managed by telecom service providers, interconnected with other networks, are necessary for “proper functioning of a telecom network resources namely, among others, naming, numbering and addressing” (Pream. §(k) [considering]). It is worth noting that the sovereign authority of states over Internet public policy issues is settled text from §35 of the Tunis Agenda, though expressing it as synonymous with telecom may lead to possibilities of licensing and registration, which Bulgaria, for instance, does not do.

Third, the Draft Resolution identifies issues of equity and fairness in the allocation of Internet resources such as naming, numbering and addressing (Pream. §(g) [consdering], Op. §2). It states that to correct this inequity, “facilitation and collaboration among international, inter-governmental organizations and individual member states to ensure planning, implementation, monitoring and cooperation in its policies” is required (Pream. §(g) [considering]). In operative paragaphs, our Draft Resolution calls for collaboration with “all the concerned stakeholders including International and intergovernmental organizations to develop policies for allocation, assignment and management of IP resources including naming, numbering and addressing which is systematic, equitable, fair, just, democratic and transparent” (Op. §2). One may pay attention to the oversight over implementation and the necessity of inter-governmental involvement in planning and monitoring as problematic to iterations of multi-stakeholderism.

These concerns are valid and legitimate, and it is desirable that the text of the resolution be altered to address them. The text should also be altered to address the human rights concerns I point out in my previous post. But human rights enforcement or implementation is within the domain of states, though civil society may be a careful watchdog. The Draft Resolution's text, most certainly, will face certain oppositions: for instance, that it is outside the scope and mandate of the ITU. That the ITU does not deal with content regulation – and this issue touches upon content – will be mentioned. That Internet governance is already being discussed and performed in multiple other multi-stakeholder fora, such as ICANN, the NRO and RIRs, IGF and WSIS, will be emphasized. That the Draft Resolution implicates national security concerns will be mentioned as well. But as an aside, on national security: under international law, states always mention their prerogative over national security, and so as a matter of international custom, national security is outside the scope of agreements unless expressly surrendered.

At the same time, debates around the role of ITU in Internet governance are not new, and those familiar will remember the ITU’s views right before the creation of ICANN (also see Mueller, Ruling the Root 145-48 (2002)), Resolution 3 of the WCIT, and the constant tug-of-war since then. The new Secretary-General of the ITU, Mr. Houlin Zhao, wrote a note in October 2004, before the Tunis phase of the WSIS, justifying ITU’s involvement in Internet governance, advocating that IPv6 address blocks be allocated to countries. Mr. Zhao describes, with specific examples, ITU's role in the development and widespread growth of the Internet. He takes the examples of standards developed within the ITU and ITU's policy role in liberalisation and spread of telecommunications (such as Articles 4 & 9 of the 1988 ITRs).

Mr. Zhao’s concrete proposals are rendered inapplicable by the creation of the NRO and RIRs, and the growth and entrenchment of ICANN. But it may be argued that his principled justifications for ITU involvement remain. It is these that India hopes to highlight, I was told, along with the inequities in resource allocation (IPv4 was spoken of), and the disproportionate weight some states enjoy in Internet governance. Her concerns are, I am told, also shared by some other states. Given that the text exhibits a less-than-friendly approach to multi-stakeholderism, India's previous positions on the issue are of interest. While this would not correct the snags in the Draft Resolution's text, allaying these concerns may be ideal to craft an inclusive and transparent multi-stakeholder model for Internet governance.

India and Multi-stakeholderism in Internet Governance:

India’s position on multi-stakeholder models for Internet governance is a matter of some obscurity. Statements at various forums exhibit a certain disagreement – or at the least, lack of engagement – among India’s ministries on our position on multi-stakeholder approaches, particularly the Ministry of External Affairs (MEA), the Department of Telecommunications (DOT) and the Department of Electronics and Information Technology (DeitY), both within the Ministry of Communications and Information Technology (MCIT). While both the MEA and DOT have been cautious supporters of a diluted form of multi-stakeholderism (they have repeatedly emphasized §35 of the Tunis Agenda), DeitY has been more open in entertaining multi-stakeholder approaches for Internet governance.

At the 66^th session of UN General Assembly, Mr. Dushyant Singh, Member of India’s Parliament from the Bharatiya Janata Party, presented our proposal for a Committee on Internet-related Policies. The proposal sought the establishment of a UN committee comprising 50 member-states, with advisory groups including the private sector and civil society, to deal with Internet-related matters.[3] Though India was not opposed to multi-stakeholder advisories in its CIRP proposal, it was less than inviting in this regard.

At NETmundial (April 2014), the Indian government’s contribution document highlighted §35 of the Tunis Agenda, which delineates ‘roles and responsibilities’ of ‘respective stakeholders’ – i.e., governments (with whom reside “sovereign policy authority”), the private sector (technical and economic development of the Internet) and civil society (grassroots participation). At NETmundial, Mr. Vinay Kwatra of the MEA echoed this, also noting the lack of consensus on what multi-stakeholderism means for Internet governance (page 64).

Admittedly, this is a legitimate concern. Internet governance at various fora does not seem to have a clear answer on what multi-stakeholderism means. The debate was/is alive, for instance, at NETmundial 2014, the ICANN-convened IANA transition process, the World Economic Forum’s new NETmundial Initiative, and in the many calls and suggestions (pages 38-46) made over the years on strengthening the IGF (see also, Malcolm, Multi-stakeholder Governance and the IGF (2008), chapter 6). It is hardly surprising then, that India and other states raise this as a concern.

With regard to multi-stakeholderism, the DeitY in India has been the outlier. Speaking at the 2014 IGF in Istanbul, Mr. R.S. Sharma, Secretary (DeitY), expressed “no doubt that Internet Governance mechanism require the involvement of all the stakeholders, since the evolution of Internet has been a product of many different diverse groups working together in a loosely coordinated manner”, advocating strengthening of the IGF and pointing to India’s proposed India-IGF as an example of multi-stakeholderism at home. Most interestingly, Mr. Sharma did not focus on international Internet-related policies being the “sovereign policy authority of states”. Also in the transcripts of the four meetings of the Working Group on Enhanced Cooperation under the Committee for Science, Technology and Development (CSTD), I have been unable to find outright rejections of multi-stakeholder approaches, though India has not advocated multi-stakeholderism unequivocally either.

But this – the emphasis on “sovereign policy authority of states” in Internet governance – has been a consistent position for India, especially the MEA and DOT. Here at the ITU PP-14 as well, members of the Indian delegation also emphasized states’ sovereign monopoly over policy matters. “Why not take this to the ITU”, I was asked, as “many governments are uncomfortable” with the way Internet governance is being conducted at other fora. There are grave concerns, I was told, about the possibility of excessive control some governments have over both user and government data of other states (government-speak, of course, for the Snowden revelations).

These are, of course, concerns similar to those of authoritarian governments, or those reluctant to open up to multi-stakeholderism and looking for excuses to retain/increase government control. But it is equally possible that these concerns need not be limited only to such states. Perhaps for developing countries as well, these are real concerns. In conversation with members of the Indian delegation at the ITU Plenipot, I was able to discern 3 broad concerns. First, the definition of multi-stakeholderism in Internet governance. India has not shown herself comfortable with an all-out endorsement of multi-stakeholderism. This is troubling. Civil society and the private sector in India will attest to the difficulties in engaging with our government at all levels. For instance, seeking a place on India's delegation for the Plenipot proved a disheartening exercise for some members of India's civil society.

But there are also conflicting indications. India is in the process of instituting an India-IGF, and CIS' Executive Director, Sunil Abraham, is on the MAG. India expressed agreement, at least in informal conversation, to opening up ITU documents to the public on grounds of public interest. The Law Commission of India recently conducted a multi-stakeholder consultation on media laws in India, and Telecom Regulatory Authority of India (TRAI) regularly conducts consultations, though the private sector is more active there. What is lacking in India, however, is a set of clear procedures and processes for multi-stakeholder engagement, particularly on Internet issues. Clear, public, accessible, foreseeable and predictable set of rules or processes on participation from civil society, private sector and academia would make a world of difference to multi-stakeholderism within India. But this lack should not blind states or other stakeholders to the genuineness of privacy/security or equity concerns - for instance, of the protection of our information from mass surveillance or the feasibility and actual participation of developing countries at many Internet governance fora.

Second, members of the delegation expressed concern over inequalities in the allocation of naming, numbering and addressing resources. While I am uncertain how IPv6 allocation falls within this concern, the inequalities of IPv4 allocations are well documented. To gather a sense of this, it would be useful to read chapter 5 of Professor DeNardis’ Protocol Politics, and to glance at Figure 5.7 (page 173). Africa controls, for instance, a mere 1% of all available IPv4 addresses, while North America and Europe control about 63%. A study on engagement from the Asia-Pacific in Internet standards organisations shows, for instance, greater participation from Western countries and from some states like Japan.[4] India and other states from Asia and Africa have lesser participation. Even at ICANN, with efforts to increase participation, meaningful engagement is still from a majority of Western countries. Perhaps states and other stakeholders on the other side of the table can address these concerns through clear, inclusive, non-discriminatory commitments and implementation.

Third, India emphasized how the Draft Resolution does not propose that ITU be involved in content management or resources control, but only seeks to systematize allocation by asking the ITU Secretary General to collaborate and coordinate with other Internet governance organisations to create a set of principles for fair, equitable, transparent and democratic - as well as secure - allocation of resources. ITU Resolution 101 already instructs the Secretary General to collaborate with relevant Internet governance organisations, and the Draft Resolution merely seeks to spell out his tasks. However, as I pointed out in my previous post, the text of the Draft Resolution is at odds with this intention of India's. By dint of its drafting, it gravely implicates human rights, as well as touching upon resource allocation oversight ("needs to be adhere to" in Op. §2). To reflect the above stated intention, the Draft Resolution would need to be redrafted.

Finally, the text of the Draft Resolution exhibits, unfortunately, a certain disregard for existing network architecture and efficiency within the Internet, and to the principles of a free, open and inter-operable and unified Internet, when it seeks to develop a network architecture that facilitates (domestic) localization of traffic-routing, address resolution and allocation of naming, numbering and addressing. An argument may, of course, be made in favour of efficiency and costs, including reduced latency. But it is clear that this has the potential to increase domestic surveillance capabilities and government censorship of content. In any case, traffic localization (if not local address resolution) can be achieved without ITU coordination: through Internet Exchange Points, and through more efficient and better-negotiated peering and transit arrangements (pages 14-17). Internationally coordinated rules for localized traffic routing is not necessary; you just need to have a more efficient Internet Exchange Point. How to get more ISPs to interconnect through India’s National Internet Exchange (NIXI) is one of the very questions that India’s Telecom Regulatory Authority has taken up in its recent consultation on expanding broadband access (page 49). So it is possible that India's concerns could be addressed without ITU involvement, though I am unsure of its impact on the global Internet.

The Draft Resolution will be discussed at the ITU Plenipot today. The discussion will allow India and sympathetic countries to raise several of their concerns relating to the present system of Internet governance, and the direction of its progress. I will report on these discussions upon their completion.

A Note on Limitations:

The aim of this post is to clarify. I would caution against its being the last word on anything, much less India’s positions on Internet governance. An issue as important as this needs far greater access to and confirmation from India’s government – and a more in-depth understanding of the politics – than I do, at the moment.

At the same time, India has not been a model for civil society engagement, as illustratively, the Narmada Bachao Andolan and/or P. Sainath’s evaluation of government policies in Everybody Loves a Good Drought reveal. It has been harder to effectively engage with India’s government than in many states in North America, Latin America and Europe. But I believe the complex dynamics of that is not unique to India. The NSA and GCHQ revelations (as an example of governmental trust deficit of unmatched proportions) have shown that where governments want to keep everyone out and oblivious, they do it well.

I am not in favour of a purely multilateral approach to Internet governance. But at the same time, I share concerns over definition and the evolution of processes as well, as I am sure others in civil society also do. Particularly on the issue of Internet governance and multi-stakeholderism, evidence reveals inconsistency among India’s various ministries. Until this is addressed by our government (hopefully in consultation with all concerned stakeholders), an open mind would probably be the best thing we - including states - could keep.

Acknowledgements: I would like to thank Sunil Abraham, Pranesh Prakash, Rishabh Dara, Arun Sukumar, Anja Kovacs and Parminder Jeet Singh for the freedom to bounce ideas, feedback and the many discussions about multi-stakeholder approaches and Internet governance. I also wish to acknowledge Samir Saran’s article in CFR, which offers an interesting perspective on India’s Draft Resolution.

[1] For this post, I will use ‘multi-stakeholder approaches’ as an umbrella term, but would urge readers to keep in mind the many uncertainties and disagreements about defining multi-stakeholderism for Internet governance. These disagreements exist among and within all stakeholders, including government and civil society. In addition to various iterations of the ‘equal footing model’, the model proposed in §35 of the Tunis Agenda is also multi-stakeholder, albeit in a different – and for many in civil society, less desirable – sense.

[2] For those unacquainted with WCIT, see Mueller, ITU Phobia: Why WCIT was derailed, Internet Governance Blog (18 December 2012), http://www.internetgovernance.org/2012/12/18/itu-phobia-why-wcit-was-derailed/; Kleinwächter, WCIT and Internet governance: Harmless resolution or Trojan horse?, CircleID Blog (17 December 2012), http://www.circleid.com/posts/20121217_wcit_and_internet_governance_harmless_resolution_or_trojan_horse/.

[3] For a commentary, see Mueller, A United Nations Committee for Internet-related Policies? A Fair Assessment, Internet Governance Blog (29 October 2011), http://www.internetgovernance.org/2011/10/29/a-united-nations-committee-for-internet-related-policies-a-fair-assessment/.

[4] Contreras, Divergent Patterns of Engagement in Internet Standardization: Japan, Korea and China. I am unable to find this paper online. Please email me for information.

For more details visit https://cis-india.org/internet-governance/blog/good-intentions-recalcitrant-text-2013-ii-what-india2019s-itu-proposal-may-mean-for-internet-governance

Good Intentions, Recalcitrant Text - I: Why India’s Proposal at the ITU is Troubling for Internet Freedoms

geetha — 2014-11-02T15:13:45Z

At the 2014 Plenipotentiary Conference (‘PP-14’ or ‘Plenipot’) of the International Telecommunications Union (ITU), India has tabled a draft proposal on “ITU’s Role in Realising Secure Information Society” [Document 98, dated 20 October 2014] (“Draft Resolution”). India’s proposal has incited a great deal of concern and discussion among Plenipot attendees, governments and civil society alike. Before offering my concerns and comments on the Draft Resolution, let us understand the proposal.

Our Draft Resolution identifies 3 security concerns with exchange of information and resource allocation on the Internet:

First, it is troubling for India that present network architecture has “security weaknesses” such as “camouflaging the identity of the originator of the communication”;[1] random IP address distribution also makes “tracing of communication difficult”;[2]
Second, India is concerned that under the present allocation system of naming, numbering and addressing resources on the Internet, it is impossible or at the very least, cumbersome to identify the countries to which IP address are allocated;[3]
Third, India finds it insecure from the point of view of national security that traffic originating and terminating in the same country (domestic traffic) often routes through networks overseas;[4] similarly, local address resolution also routes through IP addresses outside the country or region, which India finds troubling.[5]

In an effort to address these concerns, the Draft Resolution seeks to instruct the ITU Secretary General:

First, to develop and recommend a ‘traffic routing plan’ that can “effectively ensure the traceability of communication”;[6]
Second, to collaborate with relevant international and intergovernmental organisations to develop an “IP address plan” which facilitates identification of locations/countries to which IP addresses are allocated and coordinates allocation accordingly;[7]
Third, to develop and recommend “a public telecom network architecture” that localizes both routing[8] as well as address resolution[9] for local/domestic traffic to “within the country”.

Admittedly, our Draft Resolution is intended to pave a way for “systematic, fair and equitable allocation” of, inter alia, naming, numbering and addressing resources,[10] keeping in mind security and human rights concerns.[11] In an informal conversation, members of the Indian delegation echoed these sentiments. Our resolution does not, I was told, raise issues about the “concentration of control over Internet resources”, though “certain governments” have historically exercised more control. It also does not, he clarified, wish to make privacy or human rights a matter for discussion at the ITU. All that the Draft Resolution seeks to do is to equip the ITU with the mandate to prepare and recommend a “roadmap for the systematization” of allocation of naming, numbering and addressing resources, and for local routing of domestic traffic and address resolution. The framework for such mandate is that of security, given the ITU’s role in ‘building confidence and security in the use of ICTs’ under Action Line C5 of the Geneva Plan of Action, 2003.

Unfortunately, the text of our Draft Resolution, by dint of imprecision or lack of clarity, undermines India’s intentions. On three issues of utmost importance to the Internet, the Draft Resolution has unintended or unanticipated impacts. First, its text on tracing communication and identity of originators, and systematic allocation of identifiable IP address blocks to particular countries, has impacts on privacy and freedom of expression. Given Edward Snowden’s NSA files and the absence of adequate protections against government incursions or excesses into privacy,[12] either in international human rights law or domestic law, such text is troublesome. Second, it has the potential to undermine multi-stakeholder approaches to Internet governance by proposing text that refers almost exclusively to sovereign monopolies over Internet resource allocation, and finally, displays a certain disregard for network architecture and efficiency, and to principles of a free, open and unified Internet, when it seeks to develop global architecture that facilitates (domestic) localization of traffic-routing, address resolution and allocation of naming, numbering and addressing.

In this post, I will address the first concern of human rights implications of our Draft Resolution.

Unintended Implications for Privacy and Freedom of Expression:

India’s Draft Resolution has implications for individual privacy. At two different parts of the preamble, India expresses concerns with the impossibility of locating the user at the end of an IP address:

Pream. §(e): “recognizing… that the modern day packet networks, which at present have many security weaknesses, inter alia, camouflaging the identity of originator of the communication”;
Pream. §(h): “recognizing… that IP addresses are distributed randomly, that makes the tracing of communication difficult”.

The concerns here surround difficulties in tracking IP addresses due to the widespread use of NATs, as also the existence of IP anonymisers like Tor. Anonymisers like Tor permit individuals to cover their online tracks; they conceal user location and Internet activity from persons or governments conducting network surveillance or traffic analysis. For this reason, Tor has caused much discomfort to governments. Snowden used Tor while communicating with Laura Poitras. Bradley (now Chelsea) Manning of Wikileaks fame is reported to have used Tor (page 24). Crypto is increasingly the safest – perhaps the only safe – avenue for political dissidents across the world; even Internet companies were coerced into governmental compliance. No wonder, then, that governments are doing all they can to dismantle IP anonymisers: the NSA and GCHQ have tried to break Tor; the Russian government has offered a reward to anyone who can.

Far be it from me to defend Tor blindly. There are reports suggesting that Tor is being used by offenders, and not merely those of the Snowden variety. But governments must recognize the very obvious trust deficit they face, especially after Snowden’s revelations, and consider the implications of seeking traceability and identity/geolocation for every IP address, in a systematic manner. The implications are for privacy, a right guaranteed by Article 17 of the International Covenant on Civil and Political Rights (ICCPR). Privacy has been recognized by the UN General Assembly as applicable in cases of surveillance, interception and data collection, in Pream. §4 of its resolution The Right to Privacy in the Digital Age. But many states do not have robust privacy protections for individuals and data. And while governments may state the necessity to create international policy to further effective criminal investigations, such an aim cannot be used to nullify or destroy the rights of privacy and free speech guaranteed to individuals. Article 5(1), ICCPR, codifies this principle, when it states that States, groups or persons may not “engage in any activity or perform any act aimed at the destruction of any of the rights and freedoms recognized herein…”.

Erosion of privacy has a chilling effect on free speech [New York Times v. Sullivan, 376 U.S. 254], so free speech suffers too. Particularly with regard to Tor and identification of IP address location and users, anonymity in Internet communications is at issue. At the moment, most states already have anonymity-restrictions, in the form of identification and registration for cybercafés, SIM cards and broadband connections. For instance, Rule 4 of India’s Information Technology (Guidelines for Cyber Cafe) Rules, 2011, mandates that we cannot not use computers in a cybercafé without establishing our identities. But our ITU Draft Resolution seeks to dismantle the ability of Internet users to operate anonymously, be they political dissidents, criminals or those merely acting on their expectations of privacy. Such dismantling would be both violative of international human rights law, as well as dangerous for freedom of expression and privacy in principle. Anonymity is integral to democratic discourse, held the US Supreme Court in McIntyre v. Ohio Elections Commission [514 U.S. 334 (1995)].[13] Restrictions on Internet anonymity facilitate communications surveillance and have a chilling effect on the free expression of opinions and ideas, wrote Mr. Frank La Rue, Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression (¶¶ 48-49).

So a law or international policy for blanket identification and traceability of IP addresses has grave consequences for and prima facie violates privacy, anonymity and freedom of speech. But these rights are not absolute, and can be validly restricted. And because these human rights are implicated, the ITU with its lack of expertise in the area may not be the adequate forum for discussion or study.

To be valid and justified interference, any law, policy or order interfering with privacy and free speech must meet the standards of reasonableness and proportionality, even if national security were the government’s legitimate aim, laid down in Articles 19(3) and 17 of the Covenant on Civil and Political Rights (CCPR) [Toonen v. Australia, Communication No. 488/1992, U.N. Doc CCPR/C/50/D/488/1992 (1994), ¶6.4]. And as the European Court of Human Rights found in Weber & Saravia v. Germany [Application no. 54934/00, 29 June 2006 (ECHR), ¶95], law or executive procedure that enables surveillance without sufficient safeguards is prima facie unreasonable and disproportionate. Re: anonymity, in Delfi AS v. Estonia [Application no. 64569/09, 17 February 2014, ¶83], while considering the liability of an Internet portal for offensive anonymous comments, the ECHR has emphasized the importance of balancing freedom of expression and privacy. It relied on certain principles such as “contribution to a debate of general interest, subject of the report, the content, form and consequences of the publication” to test the validity of government’s restrictions.

The implications of the suggested text of India’s Draft Resolution should then be carefully thought out. And this is a good thing. For one must wonder why governments need perfect traceability, geolocation and user identification for all IP addresses. Is such a demand really different from mass or blanket surveillance, in scale and government tracking ability? Would this not tilt the balance of power strongly in favour of governments against individuals (citizens or non-citizens)? This fear must especially arise in the absence of domestic legal protections, both in human rights, and criminal law and procedure. For instance, India’s Information Technology Act, 2000 (amended in 2008) has Section 66A, which criminalizes offensive speech, as well as speech that causes annoyance or inconvenience. Arguably, arrests under Section 66A have been arbitrary, and traceability may give rise to a host of new worries.

In any event, IP addresses and users can be discerned under existing domestic law frameworks. Regional Internet Registries (RIR) such as APNIC allocate blocks of IP addresses to either National Internet Registries (NIR – such as IRINN for India) or to ISPs directly. The ISPs then allocate IP addresses dynamically to users like you and me. Identifying information for these ISPs is maintained in the form of WHOIS records and registries with RIRs or NIRs, and this information is public. ISPs of most countries require identifying information from users before Internet connection is given, i.e., IP addresses allocated (mostly by dynamic allocation, for that is more efficient). ISPs of some states are also regulated; in India, for instance, ISPs require a licence to operate and offer services.

If any government wished, on the basis of some reasonable cause, to identify a particular IP address or its user, then the government could first utilize WHOIS to obtain information about the ISP. Then ISPs may be ordered to release specific IP address locations and user information under executive or judicial order. There are also technical solutions, such as traceroute or IP look-up that assist in tracing or identifying IP addresses. Coders, governments and law enforcement must surely be aware of better technology than I.

If we take into account this possibility of geolocation of IP addresses, then the Draft Resolution’s motivation to ‘systematize’ IP address allocations on the basis of states is unclear. I will discuss the implication of this proposal, and that of traffic and address localization, in my next post.

[1] Pream. §(e), Draft Resolution: “recognizing… that the modern day packet networks, which at present have many security weaknesses, inter alia, camouflaging the identity of originator of the communication”.

[2] Pream. §(h), Draft Resolution: “recognizing… that IP addresses are distributed randomly, that makes the tracing of communication difficult”.

[3] Op. §1, Draft Resolution: “instructs the Secretary General… to collaborate with all stakeholders including International and intergovernmental organizations, involved in IP addresses management to develop an IP address plan from which IP addresses of different countries are easily discernible and coordinate to ensure distribution of IP addresses accordingly”.

[4] Pream. §(g), Draft Resolution: “recognizing… that communication traffic originating and terminating in a country also many times flows outside the boundary of a country making such communication costly and to some extent insecure from national security point of view”.

[5] Pream. §(f), Draft Resolution: “recognizing… that even for local address resolution at times, system has to use resources outside the country which makes such address resolution costly and to some extent insecure from national security perspective”.

[6] Op. §6, Draft Resolution: “instructs the Secretary General… to develop and recommend a routing plan of traffic for optimizing the network resources that could effectively ensure the traceability of communication”.

[7] Op. §1, Draft Resolution; see note 3.

[8] Op. §5, Draft Resolution: “instructs the Secretary General… to develop and recommend public telecom network architecture which ensures that effectively the traffic meant for the country, traffic originating and terminating in the country remains within the country”.

[9] Op. §4, Draft Resolution: “instructs the Secretary General… to develop and recommend public telecom network architecture which ensures effectively that address resolution for the traffic meant for the country, traffic originating and terminating in the country/region takes place within the country”.

[10] Context Note to Draft Resolution, ¶3: “Planning and distribution of numbering and naming resources in a systematic, equitable, fair and just manner amongst the Member States…”

[11] Context Note to Draft Resolution, ¶2: “…there are certain areas that require critical attention to move in the direction of building the necessary “Trust Framework” for the safe “Information Society”, where privacy, safety are ensured”.

[12] See, for instance, Report of the Office of the High Commission for Human Rights (“OHCHR”), Right to Privacy in the Digital Age, A/HRC/27/37 (30 June 2014), ¶34-35, http://www.ohchr.org/EN/HRBodies/HRC/RegularSessions/Session27/Documents/A.HRC.27.37_en.pdf. See esp. note 30 of the Report, ¶35.

[13] Many thorny political differences exist between the US and many states (including India and Kenya, who I am told has expressed preliminary support for the Draft Resolution) with regard to Internet governance. Irrespective of this, the US Constitution’s First Amendment and judicial protections to freedom of expression remain a yardstick for many states, including India. India, for instance, has positively referred to the US Supreme Court’s free speech protections in many of its decisions; ex. see Kharak Singh v. State of Uttar Pradesh, 1963 Cri. L.J. 329; R. Rajagopal v. State of Tamil Nadu, AIR 1995 SC 264.

For more details visit https://cis-india.org/internet-governance/blog/good-intentions-going-awry-i-why-india2019s-proposal-at-the-itu-is-troubling-for-internet-freedoms

An Evidence based Intermediary Liability Policy Framework: Workshop at IGF

jyoti — 2014-07-04T06:41:10Z

CIS is organising a workshop at the Internet Governance Forum 2014. The workshop will be an opportunity to present and discuss ongoing research on the changing definition of intermediaries and their responsibilities across jurisdictions and technologies and contribute to a comprehensible framework for liability that is consistent with the capacity of the intermediary and with international human-rights standards.

The Centre for Internet and Society, India and Centre for Internet and Society, Stanford Law School, USA, will be organising a workshop to analyse the role of intermediary platforms in relation to freedom of expression, freedom of information and freedom of association at the Internet Governance Forum 2014. The aim of the workshop is to highlight the increasing importance of digital rights and broad legal protections of stakeholders in an increasingly knowledge-based economy. The workshop will discuss public policy issues associated with Internet intermediaries, in particular their roles, legal responsibilities and related liability limitations in context of the evolving nature and role of intermediaries in the Internet ecosystem. distinct

Online Intermediaries: Setting the context

The Internet has facilitated unprecedented access to information and amplified avenues for expression and engagement by removing the limits of geographic boundaries and enabling diverse sources of information and online communities to coexist. Against the backdrop of a broadening base of users, the role of intermediaries that enable economic, social and political interactions between users in a global networked communication is ubiquitous. Intermediaries are essential to the functioning of the Internet as many producers and consumers of content on the internet rely on the action of some third party–the so called intermediary. Such intermediation ranges from the mere provision of connectivity, to more advanced services such as providing online storage spaces for data, acting as platforms for storage and sharing of user generated content (UGC), or platforms that provides links to other internet content.

Online intermediaries enhance economic activity by reducing costs, inducing competition by lowering the barriers for participation in the knowledge economy and fuelling innovation through their contribution to the wider ICT sector as well as through their key role in operating and maintaining Internet infrastructure to meet the network capacity demands of new applications and of an expanding base of users.

Intermediary platforms also provide social benefits, by empowering users and improving choice through social and participative networks, or web services that enable creativity and collaboration amongst individuals. By enabling platforms for self-expression and cooperation, intermediaries also play a critical role in establishing digital trust, protection of human rights such as freedom of speech and expression, privacy and upholding fundamental values such as freedom and democracy.

However, the economic and social benefits of online intermediaries are conditional to a framework for protection of intermediaries against legal liability for the communication and distribution of content which they enable.

Intermediary Liability

Over the last decade, right holders, service providers and Internet users have been locked in a debate on the potential liability of online intermediaries. The debate has raised global concerns on issues such as, the extent to which Internet intermediaries should be held responsible for content produced by third parties using their Internet infrastructure and how the resultant liability would affect online innovation and the free flow of knowledge in the information economy?

Given the impact of their services on communications, intermediaries find themselves as either directly liable for their actions, or indirectly (or “secondarily”) liable for the actions of their users. Requiring intermediaries to monitor the legality of the online content poses an insurmountable task. Even if monitoring the legality of content by intermediaries against all applicable legislations were possible, the costs of doing so would be prohibitively high. Therefore, placing liability on intermediaries can deter their willingness and ability to provide services, hindering the development of the internet itself.

Economics of intermediaries are dependent on scale and evaluating the legality of an individual post exceeds the profit from hosting the speech, and in the absence of judicial oversight can lead to a private censorship regime. Intermediaries that are liable for content or face legal exposure, have powerful incentives, to police content and limit user activity to protect themselves. The result is curtailing of legitimate expression especially where obligations related to and definition of illegal content is vague. Content policing mandates impose significant compliance costs limiting the innovation and competiveness of such platforms.

More importantly, placing liability on intermediaries has a chilling effect on freedom of expression online. Gate keeping obligations by service providers threaten democratic participation and expression of views online, limiting the potential of individuals and restricting freedoms. Imposing liability can also indirectly lead to the death of anonymity and pseudonymity, pervasive surveillance of users' activities, extensive collection of users' data and ultimately would undermine the digital trust between stakeholders.

Thus effectively, imposing liability for intermediaries creates a chilling effect on Internet activity and speech, create new barriers to innovation and stifles the Internet's potential to promote broader economic and social gains. To avoid these issues, legislators have defined 'safe harbours', limiting the liability of intermediaries under specific circumstances.

Online intermediaries do not have direct control of what information is or information are exchanged via their platform and might not be aware of illegal content per se. A key framework for online intermediaries, such limited liability regimes provide exceptions for third party intermediaries from liability rules to address this asymmetry of information that exists between content producers and intermediaries.

However, it is important to note, that significant differences exist concerning the subjects of these limitations, their scope of provisions and procedures and modes of operation. The 'notice and takedown' procedures are at the heart of the safe harbour model and can be subdivided into two approaches:

a. Vertical approach where liability regime applies to specific types of content exemplified in the US Digital Copyright Millennium Act

b. Horizontal approach based on the E-Commerce Directive (ECD) where different levels of immunity are granted depending on the type of activity at issue

Current framework

Globally, three broad but distinct models of liability for intermediaries have emerged within the Internet ecosystem:

1. Strict liability model under which intermediaries are liable for third party content used in countries such as China and Thailand

2. Safe harbour model granting intermediaries immunity, provided their compliance on certain requirements

3. Broad immunity model that grants intermediaries broad or conditional immunity from liability for third party content and exempts them from any general requirement to monitor content.

While the models described above can provide useful guidance for the drafting or the improvement of the current legislation, they are limited in their scope and application as they fail to account for the different roles and functions of intermediaries. Legislators and courts are facing increasing difficulties, in interpreting these regulations and adapting them to a new economic and technical landscape that involves unprecedented levels user generated content and new kinds of and online intermediaries.

The nature and role of intermediaries change considerably across jurisdictions, and in relation to the social, economic and technical contexts. In addition to the dynamic nature of intermediaries the different categories of Internet intermediaries‘ are frequently not clear-cut, with actors often playing more than one intermediation role. Several of these intermediaries offer a variety of products and services and may have number of roles, and conversely, several of these intermediaries perform the same function. For example , blogs, video services and social media platforms are considered to be 'hosts'. Search engine providers have been treated as 'hosts' and 'technical providers'.

This limitations of existing models in recognising that different types of intermediaries perform different functions or roles and therefore should have different liability, poses an interesting area for research and global deliberation. Establishing classification of intermediaries, will also help analyse existing patterns of influence in relation to content for example when the removal of content by upstream intermediaries results in undue over-blocking.

Distinguishing intermediaries on the basis of their roles and functions in the Internet ecosystem is critical to ensuring a balanced system of liability and addressing concerns for freedom of expression. Rather than the highly abstracted view of intermediaries as providing a single unified service of connecting third parties, the definition of intermediaries must expand to include the specific role and function they have in relation to users' rights. A successful intermediary liability regime must balance the needs of producers, consumers, affected parties and law enforcement, address the risk of abuses for political or commercial purposes, safeguard human rights and contribute to the evolution of uniform principles and safeguards.

Towards an evidence based intermediary liability policy framework

This workshop aims to bring together leading representatives from a broad spectrum of stakeholder groups to discuss liability related issues and ways to enhance Internet users’ trust.

Questions to address at the panel include:

1. What are the varying definitions of intermediaries across jurisdictions?

2. What are the specific roles and functions that allow for classification of intermediaries?

3. How can we ensure the legal framework keeps pace with technological advances and the changing roles of intermediaries?

4. What are the gaps in existing models in balancing innovation, economic growth and human rights?

5. What could be the respective role of law and industry self-regulation in enhancing trust?

6. How can we enhance multi-stakeholder cooperation in this space?

Confirmed Panel:

Technical Community: Malcolm Hutty: Internet Service Providers Association (ISPA)
Civil Society: Gabrielle Guillemin: Article19
Academic: Nicolo Zingales: Assistant Professor of Law at Tilburg University
Intergovernmental: Rebecca Mackinnon: Consent of the Networked, UNESCO project
Civil Society: Anriette Esterhuysen: Association for Progressive Communication (APC)
Civil Society: Francisco Vera: Advocacy Director: Derechos Digitale
Private Sector: Titi Akinsanmi: Policy and Government Relations Manager, Google Sub-Saharan Africa
Legal: Martin Husovec: MaxPlanck Institute

Moderator(s): Giancarlo Frosio, Centre for Internet and Society (CIS) and Jeremy Malcolm, Electronic Frontier Foundation

Remote Moderator: Anubha Sinha, New Delhi

For more details visit https://cis-india.org/internet-governance/blog/igf-workshop-an-evidence-based-intermediary-liability-policy-framework

WSIS+10 High Level Event: A Bird's Eye Report

geetha — 2014-06-20T15:57:32Z

The WSIS+10 High Level was organised by the ITU and collaborative UN entities on June 9-13, 2014. It aimed to evaluate the progress on implementation of WSIS Outcomes from Geneva 2003 and Tunis 2005, and to envision a post-2015 Development Agenda. Geetha Hariharan attended the event on CIS' behalf.

The World Summit on Information Society (WSIS) +10 High Level Event (HLE) was hosted at the ITU Headquarters in Geneva, from June 9-13, 2014. The HLE aimed to review the implementation and progress made on information and communication technology (ICT) across the globe, in light of WSIS outcomes (Geneva 2003 and Tunis 2005). Organised in three parallel tracks, the HLE sought to take stock of progress in ICTs in the last decade (High Level track), initiate High Level Dialogues to formulate the post-2015 development agenda, as well as host thematic workshops for participants (Forum track).

The High Level Track:

Opening Ceremony, WSIS+10 High Level Event (Source)

The High Level track opened officially on June 10, 2014, and culminated with the endorsement by acclamation (as is ITU tradition) of two Outcome Documents. These were: (1) WSIS+10 Statement on the Implementation of WSIS Outcomes, taking stock of ICT developments since the WSIS summits, (2) WSIS+10 Vision for WSIS Beyond 2015, aiming to develop a vision for the post-2015 global information society. These documents were the result of the WSIS+10 Multi-stakeholder Preparatory Platform (MPP), which involved WSIS stakeholders (governments, private sector, civil society, international organizations and relevant regional organizations).

The MPP met in six phases, convened as an open, inclusive consultation among WSIS stakeholders. It was not without its misadventures. While ITU Secretary General Dr. Hamadoun I. Touré consistently lauded the multi-stakeholder process, and Ambassador Janis Karklins urged all parties, especially governments, to “let the UN General Assembly know that the multi-stakeholder model works for Internet governance at all levels”, participants in the process shared stories of discomfort, disagreement and discord amongst stakeholders on various IG issues, not least human rights on the Internet, surveillance and privacy, and multi-stakeholderism. Richard Hill of the Association for Proper Internet Governance (APIG) and the Just Net Coalition writes that like NETmundial, the MPP was rich in a diversity of views and knowledge exchange, but stakeholders failed to reach consensus on crucial issues. Indeed, Prof. Vlamidir Minkin, Chairman of the MPP, expressed his dismay at the lack of consensus over action line C9. A compromise was agreed upon in relation to C9 later.

Some members of civil society expressed their satisfaction with the extensive references to human rights and rights-centred development in the Outcome Documents. While governmental opposition was seen as frustrating, they felt that the MPP had sought and achieved a common understanding, a sentiment echoed by the ITU Secretary General. Indeed, even Iran, a state that had expressed major reservations during the MPP and felt itself unable to agree with the text, agreed that the MPP had worked hard to draft a document beneficial to all.

Concerns around the MPP did not affect the review of ICT developments over the last decade. High Level Panels with Ministers of ICT from states such as Uganda, Bangladesh, Sweden, Nigeria, Saudi Arabia and others, heads of the UN Development Programme, UNCTAD, Food and Agriculture Organisation, UN-WOMEN and others spoke at length of rapid advances in ICTs. The focus was largely on ICT access and affordability in developing states. John E. Davies of Intel repeatedly drew attention to innovative uses of ICTs in Africa and Asia, which have helped bridge divides of affordability, gender, education and capacity-building. Public-private partnerships were the best solution, he said, to affordability and access. At a ceremony evaluating implementation of WSIS action-lines, the Centre for Development of Advanced Computing (C-DAC), India, won an award for its e-health application MOTHER.

The Outcome Documents themselves shall be analysed in a separate post. But in sum, the dialogue around Internet governance at the HLE centred around the success of the MPP. Most participants on panels and in the audience felt this was a crucial achievement within the realm of the UN, where the Tunis Summit had delineated strict roles for stakeholders in paragraph 35 of the Tunis Agenda. Indeed, there was palpable relief in Conference Room 1 at the CICG, Geneva, when on June 11, Dr. Touré announced that the Outcome Documents would be adopted without a vote, in keeping with ITU tradition, even if consensus was achieved by compromise.

The High Level Dialogues:

Prof. Vladimir Minkin delivers a statement. (Source)

The High Level Dialogues on developing a post-2015 Development Agenda, based on WSIS action lines, were active on June 12. Introducing the Dialogue, Dr. Touré lamented the Millennium Development Goals as a “lost opportunity”, emphasizing the need to alert the UN General Assembly and its committees as to the importance of ICTs for development.

As on previous panels, there was intense focus on access, affordability and reach in developing countries, with Rwanda and Bangladesh expounding upon their successes in implementing ICT innovations domestically. The world is more connected than it was in 2005, and the ITU in 2014 is no longer what it was in 2003, said speakers. But we lack data on ICT deployment across the globe, said Minister Knutssen of Sweden, recalling the gathering to the need to engage all stakeholders in this task. Speakers on multiple panels, including the Rwandan Minister for CIT, Marilyn Cade of ICANN and Petra Lantz of the UNDP, emphasized the need for ‘smart engagement’ and capacity-building for ICT development and deployment.

A crucial session on cybersecurity saw Dr. Touré envision a global peace treaty accommodating multiple stakeholders. On the panel were Minister Omobola Johnson of Nigeria, Prof. Udo Helmbrecht of the European Union Agency for Network and Information Security (ENISA), Prof. A.A. Wahab of Cybersecurity Malaysia and Simon Muller of Facebook. The focus was primarily on building laws and regulations for secure communication and business, while child protection was equally considered.

The lack of laws/regulations for cybersecurity (child pornography and jurisdictional issues, for instance), or other legal protections (privacy, data protection, freedom of speech) in rapidly connecting developing states was noted. But the question of cross-border surveillance and wanton violations of privacy went unaddressed except for the customary, unavoidable mention. This was expected. Debates in Internet governance have, in the past year, been silently and invisibly driven by the Snowden revelations. So too, at WSIS+10 Cybersecurity, speakers emphasized open data, information exchange, data ownership and control (the right to be forgotten), but did not openly address surveillance. Indeed, Simon Muller of Facebook called upon governments to publish their own transparency reports: A laudable suggestion, even accounting for Facebook’s own undetailed and truncated reports.

In a nutshell, the post-2015 Development Agenda dialogues repeatedly emphasized the importance of ICTs in global connectivity, and their impact on GDP growth and socio-cultural change and progress. The focus was on taking this message to the UN General Assembly, engaging all stakeholders and creating an achievable set of action lines post-2015.

The Forum Track:

Participants at the UNESCO session on its Comprehensive Study on Internet-related Issues (Source)

The HLE was organized as an extended version of the WSIS Forum, which hosts thematic workshops and networking opportunities, much like any other conference. Running in parallel sessions over 5 days, the WSIS Forum hosted sessions by the ITU, UNESCO, UNDP, ICANN, ISOC, APIG, etc., on issues as diverse as the WSIS Action Lines, the future of Internet governance, the successes and failures of WCIT-2012, UNESCO’s Comprehensive Study on Internet-related Issues, spam and a taxonomy of Internet governance.

Detailed explanation of each session I attended is beyond the scope of this report, so I will limit myself to the interesting issues raised.

At ICANN’s session on its own future (June 9), Ms. Marilyn Cade emphasized the importance of national and regional IGFs for both issue-awareness and capacity-building. Mr. Nigel Hickson spoke of engagement at multiple Internet governance fora: “Internet governance is not shaped by individual events”. In light of criticism of ICANN’s apparent monopoly over IANA stewardship transition, this has been ICANN’s continual response (often repeated at the HLE itself). Also widely discussed was the role of stakeholders in Internet governance, given the delineation of roles and responsibilities in the Tunis Agenda, and governments’ preference for policy-monopoly (At WSIS+10, Indian Ambassador Dilip Sinha seemed wistful that multilateralism is a “distant dream”).

This discussion bore greater fruit in a session on Internet governance ‘taxonomy’. The session saw Mr. George Sadowsky, Dr. Jovan Kurbalija, Mr. William Drake and Mr. Eliot Lear (there is surprisingly no official profile-page on Mr. Lear) expound on dense structures of Internet governance, involving multiple methods of classification of Internet infrastructure, CIRs, public policy issues, etc. across a spectrum of ‘baskets’ – socio-cultural, economic, legal, technical. Such studies, though each attempting clarity in Internet governance studies, indicate that the closer you get to IG, the more diverse and interconnected the eco-system gets. David Souter’s diagrams almost capture the flux of dynamic debate in this area (please see pages 9 and 22 of this ISOC study).

There were, for most part, insightful interventions from session participants. Mr. Sadowsky questioned the effectiveness of the Tunis Agenda delineation of stakeholder-roles, while Mr. Lear pleaded that techies be let to do their jobs without interference. Ms. Anja Kovacs raised pertinent concerns about including voiceless minorities in a ‘rough consensus’ model. Across sessions, questions of mass surveillance, privacy and data ownership rose from participants. The protection of human rights on the Internet – especially freedom of expression and privacy – made continual appearance, across issues like spam (Question 22-1/1 of ITU-D Study Group 1) and cybersecurity.

Conclusion:

The HLE was widely attended by participants across WSIS stakeholder-groups. At the event, a great many relevant questions such as the future of ICTs, inclusions in the post-2015 Development Agenda, the value of muti-stakeholder models, and human rights such as free speech and privacy were raised across the board. Not only were these raised, but cognizance was taken of them by Ministers, members of the ITU and other collaborative UN bodies, private sector entities such as ICANN, technical community such as the ISOC and IETF, as well as (obviously) civil society.

Substantively, the HLE did not address mass surveillance and privacy, nor of expanding roles of WSIS stakeholders and beyond. Processually, the MPP failed to reach consensus on several issues comfortably, and a compromise had to be brokered.

But perhaps a big change at the HLE was the positive attitude to multi-stakeholder models from many quarters, not least the ITU Secretary General Dr. Hamadoun Touré. His repeated calls for acceptance of multi-stakeholderism left many members of civil society surprised and tentatively pleased. Going forward, it will be interesting to track the ITU and the rest of UN’s (and of course, member states’) stances on multi-stakeholderism at the ITU Plenipot, the WSIS+10 Review and the UN General Assembly session, at the least.

For more details visit https://cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report