Dispatches from the evolving digital political economy

NETmundial’s 10th Anniversary: Inspiration or Nostalgia?

At the Kyoto Internet Governance Forum, we learned that Brazil’s CGI is thinking about holding an event to commemorate the 10th anniversary of the NETmundial event in April 2014. Netmundial was a transformative moment in global internet governance. Inspired by the Snowden revelations, and amplified by the U.S. government’s announcement that it would relinquish its control of ICANN and the DNS root, the event convened 2,000 people in Sao Paulo, Brazil to develop a consensus statement of Internet governance principles and a road map for moving forward. This was a radically multistakeholder event, as it was convened independently of the United Nations and afforded each stakeholder group equal status. It had the support of Brazil, the United States and many other governments, strong support from the Internet technical community,  and was attended by hundreds of civil society activists mobilized by their opposition to mass surveillance and the opportunity to liberate the Internet’s IANA functions from U.S. government control.

IGP is enthusiastic about the prospect of celebrating the NETmundial moment and carrying on its tradition. Discussions in Kyoto did emphasize the need for careful planning, however. It would be simple and easy to do a commemoration, but many would like to see a more ambitious attempt to convene a NETmundial II that would produce a new Statement that could reinvigorate the institutional innovations of Internet governance. Such a move would be risky, however, as it would require time and energy commitments that, though present in abundance in 2013-2014, might not be there any more. The Brazilian CGI representatives heard from both enthusiastic supporters and cautious nay-sayers in Kyoto. We will keep you apprised of what they decide to do.

Global Encryption Day October 21

Global Encryption Day is October 21, 2023! Organized by the Global Encryption Coalition, which has 350 member organisations and individuals from around the world, the special event is a “day of action” to “to promote, protect and defend strong encryption.” On 19 October 2023, from 11:30 UTC, the GEC will host an Encryption Summit, with five panels on topics such as Encryption and Free Expression in South Asia, Life in a World of Scanning, and Navigating Content Moderation In a World Embracing Encryption, among other topics. You can register here to attend the Encryption Summit. Global Encryption Day comes in the midst of several legal and regulatory efforts to undermine users’ ability to secure the confidentiality of their messages and social media interactions, including the UK’s Online Safety Act, Australia’s TOLA, and India’s encounter with WhatsApp (see below).

India’s Encryption Test: WhatsApp Under Pressure

Meta finds itself at the center of a legal conundrum in India, with law enforcement agencies demanding the company breach its end-to-end encryption policy to trace the origin of problematic messages circulating on WhatsApp, its messaging platform. The case revolves around a screenshot of a forged resignation letter bearing the signature of the Chief Minister of the State of Tripura. The circulation of this image on WhatsApp led the Tripura state police to invoke a contentious clause from the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules introduced in February 2021. Rule 4(2) of the Rules mandate social media platforms to comply with judicial orders and trace the origins of unlawful and potentially problematic content or messages under certain conditions. The traceability provision has been a subject of significant controversy since its inception. One major point of contention is the ambiguity surrounding what precisely constitutes a threat to national security. This ambiguity could potentially allow law enforcement agencies to exploit the law, raising concerns about user privacy and the potential for overreach.

This traceability rule has been invoked for the first time by the Tripura police with the aid of an order from a lower court instructing WhatsApp to divulge information regarding the message’s origin. WhatsApp responded by asserting its inability to trace the message, citing the platform’s privacy features. It applied for a stay on the order. After months of explaining and advocating for its stance, WhatsApp finally received a reprieve on September 26. The Indian case is just one example of the ongoing global debate about the tension between user privacy and national security. WhatsApp’s commitment to end-to-end encryption is a cornerstone of its promise to protect user data and communications. However, cases like this illustrate the complexities faced by both tech companies and governments in navigating the delicate equilibrium where individual privacy is respected while addressing the need for security and accountability. The case serves as a reminder of the critical discussions surrounding encryption and traceability, discussions that will likely continue to shape the future of digital privacy and security on a global scale.