As the global community grapples with various regulatory frameworks and policy recommendations put forward by states, social media companies, and academia, the pivotal role of traditional media and journalists often slips under the radar. The article discusses information integrity efforts in East Asia, including digital provenance and fact-checking. In specific, considering the vital social responsibility that the media holds in democracy, media organizations in Japan and South Korea have been exploring unique approaches to address the issue of online misinformation in a manner that safeguards freedom of expression with minimal government intervention. The Originator Profile (OP) project, tested and sponsored by the Japanese mainstream media, and the Unfair Election Report, operated by South Korean internet news portals, illustrate how traditional media can practically use existing laws and governance systems to provide more transparent and accurate information during critical national events while minimizing chances of possible government regulatory interventions. The Originator Profile (OP) A noteworthy endeavor in this field comes from Japan, where a novel initiative known as the OP is taking shape. In September 2023, at the World Association of Newspapers and News Publishers (WAN-IFRA) meeting in Taipei, Japan’s largest news media, Yomiuri Shimbun, introduced their sponsorship of OP as a part of the media’s efforts to combat the spread of misinformation. The OP was devised by the researchers at Keio University’s “Cyber Civilization Research Center (CCRC)” in 2022 aimed to provide easy identification of high-quality, third-party verified news articles and media by embedding verifiable information about web content creators and advertisers. The overarching goal of OP is to establish information integrity of online news reports, particularly in the face of challenges posed by false narratives and online propagandists. 

<Source: WAN-IFRA. Shows how the electric identifiers are embodied to the news website>

<Source: Originator Profile. Shows how OP informs corporate stances>

On November 10, 2023, we convened a diverse group of experts at the National Academies of Sciences in Washington D.C. for our 8th Annual Workshop. Our goal? To examine the critical question: what should national security look like in a globally connected digital economy?

Today, we're excited to release a summary report of our workshop discussions. Leading voices in the field provided a range of perspectives and found common ground in recommending the following actions to the United States Government (USG):

1. Move beyond country-of-origin as the primary risk factor for the digital economy. In cybersecurity discussions, the USG should avoid focusing solely on a technology's country of origin as a risk indicator.

2. Prioritize open markets, not mirroring restrictions. When addressing techno-economic security concerns, the USG should aim to negotiate for greater openness in China's ICT and data markets instead of mirroring China's restrictive approach to information flows.

3. Foster real collaboration between national security and economic interests. To ensure a balanced approach, the USG should appoint "dual-hatted" individuals to serve in both the National Security Council (NSC) and the National Economic Council (NEC). This would allow for simultaneous evaluation of potential benefits and risks, informed by appropriate metrics.

We hope the full report can help foster a more nuanced public policy discussion about how to optimize the security-growth equation.

OpenAI's recently launched GPT store potentially marks a significant shift in the global digital economy landscape, presenting a viable competitive threat to established platforms like Apple's App Store. Competition in the global digital economy is all about creating platforms that bring different sides of a market together to create value. These shifts always appear significant with the benefit of hindsight but they start subtly if one knows where to look. Apple launched its App Store in 2008. “Apps” were aggregations of data, compute, and algorithms designed to play nicely in the Apple iPhone ecosystem. Figure 1 below, based on data from Statista, traces the journey of iPhone sales versus the number of apps in Apple's App Store from 2008 to 2022.  The early years witnessed robust growth – iPhone sales and the number of apps grew exponentially. This surge symbolized a booming platform, innovating new technological solutions as more than a billion people became glued to their iPhone devices. However, more recent trends paint a different picture. A noticeable slowdown in growth rates, both in terms of iPhone sales and app proliferation, began in the last decade suggesting a market approaching maturity. The once steep curve of expansion is now leveling off. Stable smartphone penetration rates imply that the majority of potential consumers are already reached, and the focus is shifting from market expansion to market retention (Did you upgrade to the latest iPhone?) and enhancement (How many apps on your iPhone? What new features does iOS offer?). Although the total number of apps continued to grow in the last decade, the rate of growth has decelerated. This slowdown can be attributed to market saturation, where the App Store has already amassed a vast number of applications, covering a wide array of functionalities and user needs. In this context, the technological innovation of generative models based on the transformer architecture and the creation of the GPT store have emerged as significant disruptors. This new platform, bringing together GPT developers and users, is not merely an alternative; it could be a paradigm shift in how digital services are conceptualized, developed, and delivered. Data-driven machine learning techniques and chatbot interfaces providing feedback to natural language queries may come to reign supreme.   The GPT store has several potential advantages. First, by making massive datasets and computational power accessible at reasonable cost, OpenAI's GPT store levels the playing field for developers. This breaks down barriers to entry and fosters innovation, allowing even smaller developers to create sophisticated applications, evident from OpenAI’s claims that more than 3 million users have created custom versions of ChatGPT. Second, ChatGPT-based applications are not tied to a specific hardware or software ecosystem. They can be accessed across various devices and browsers, removing the limitations imposed by platform-specific app stores. Third, the technology's flexibility, from underlying foundational models to finely tuned, specialized instances, means it can be applied across a vast array of domains, from simple task automation to complex problem-solving, making it appealing to a broader audience. The explosive growth of ChatGPT is a testament to the potential of this new platform. It's not just an alternative to traditional apps; it's a new way of thinking about and interacting with digital services. This positions the GPT store not just as a competitor but as a potential market leader, capable of reshaping the landscape of the digital economy even more than regulatory actions, such as the Department of Justice's purported antitrust scrutiny of Apple's App Store. The transformative impact of technological and industrial organizational innovation like the GPT store is likely to be more immediate and profound.

Dispatches from the evolving digital political economy

Is De-Dollarization fueled by the rise of Digital Currencies?

Mastercard enters China

Google's Removal of North Korean YouTube Channels 

Reports on the evolving digital political economy

A Victory for Free Speech on Social Media

• "We find that the White House, acting in concert with the Surgeon General’s office, likely (1) coerced the platforms to make their moderation decisions by way of intimidating messages and threats of adverse consequences, and (2) significantly encouraged the platforms’ decisions by commandeering their decision-making processes, both in violation of the First Amendment." 
• We find that the FBI, too, likely (1) coerced the platforms into moderating content, and (2) encouraged them to do so by effecting changes to their moderation policies, both in violation of the First Amendment.
• We find that, although not plainly coercive, the CDC officials likely significantly encouraged the platforms’ moderation decisions, meaning they violated the First Amendment. …Ultimately, the platforms came to heavily rely on the CDC [and] adopted rule changes meant to implement the CDC’s guidance." 

Google Antitrust and the Ghost of Microsoft 

An “ambitious” technology agenda for the G20 devoid of civil society

Assessing disinformation: Logically’s report on Fukushima 

• Challenged IAEA’s safety report as flawed, and cast doubt on IAEA’s support for Japan’s plan.
• Claimed that the wastewater release will contaminate Japanese seafood.
• Amplified concerns about the plan expressed by Japanese fishermen and South Korean and Chinese people.
• Referred to “treated wastewater” as “nuclear-contaminated water.”

• The Global Times published 126 English articles, and the People's Daily produced 74 articles in English and 60 in Japanese. Between January and August 2023, the Global Times published 126 English articles, and the People's Daily produced 74 articles in English and 60 in Japanese related to Fukushima wastewater release.
• China Central Television, and other Chinese organizations ran at least 22 paid advertisements on Meta on the risks posed by wastewater release.
• There was a 1509% increase in posts mentioning "Fukushima" by Chinese state media, officials, and pro-China influencers.

• “Japan will use 70 billion yen to deal with negative information about nuclear-contaminated water” - 430 million reads.
• “Are China’s Japanese restaurants going out of business in droves?” - 320 million reads.
• “Provinces most affected by Japan's nuclear sewage” - 130 million reads.

Huawei Mate 60 Pro Leaps over the “High Fence” 

Don’t Rely on Foreign Policy Think Tanks for Global AI Governance Advice

In an era where digitalization is rapidly transforming societies and economies, the question of digital sovereignty has taken center stage. How can nations harness the power of technology while safeguarding their autonomy and interests? India, with its burgeoning digital landscape, is at the forefront of this conversation. As part of its G20 presidency, India has been pushing the need for a framework for digital public infrastructure (DPI) and has secured the agreement of all 20 nations to work towards a global framework and the establishment of a global repository of DPI. To delve into this vital topic, we are excited to announce an upcoming webinar where IGP researcher Jyoti Panday will discuss her new research India Stack: Public-Private Roads to Data Sovereignty (September 1, 2023). We will discuss IGP's research on India Stack and the impact of sovereignty on governance of digital technologies and markets. The webinar brings together experts to reflect on the rise of state-market collaboration related to DPIs including identifying shared opportunities, challenges and learnings as well as the trade-offs associated with the emergence of DPIs. Webinar Details:

• Date: 20 September, 2023
• Time: 
  • Asia - New Delhi (6:30 pm)
  • Europe - Berlin (3 pm)
  • Africa - Kenya (4 pm) 
  • United Kingdom (2 pm)
  • South America - Rio (10 am)
  • North America  - Atlanta (9 am)
• Duration: 1.5 hrs 
• Platform: Zoom 

• Dr Pramod Varma, Former Chief Architect Aadhaar & India Stack, CTO EkStep Foundation, Co-Founder FIDE.org and Creator of becknprotocol.io, Co-Chair at Center for DPI (CDPI.dev)
• Anupam Chander, Scott K. Ginsburg Professor of Law and Technology, Georgetown Law
• Smriti Parsheera, Fellow, CyberBRICS Project, Fundação Getulio Vargas (FGV) Law School 

Reports on the evolving digital political economy

Human Authorship and AI Images

Sauron called - He wants his Orb back!

The Camp David Statement

Openness Doesn’t Necessarily Work Against Bigness

a handful of maximally open AI systems exist, which offer intentional and extensive transparency, reusability, and extensibility – [but] the resources needed to build AI from scratch, and to deploy large AI systems at scale, remain ‘closed’—available only to those with significant (almost always corporate) resources.

Amazon Takes Up The Digital Sovereignty Agenda 

15 May, 2023

More Wrong Thinking on Generative AI Risks

GIG-Arts 2023

Oversight Board Consultation 

15 April, 2023

The AI Regulation Frenzy

US Commerce Department RFC on AI

An assault on proof of work: bad policymaking or a power play for ulterior motives?

IMF puff piece praises India Stack

March 16, 2023

New Dutch semiconductor export controls, a global regime grows

1. preventing Dutch goods from contributing to unwanted end use, such as military deployment or in weapons of mass destruction;
2. preventing undesirable long-term strategic dependencies; and
3. maintaining Dutch technological leadership.

A new cyber social contract

India Cracks Downs on Smartphone Manufacturers 

TikTok’s response to USG concerns about the imaginary threat to national security it poses was heard again at State of the Net 2023. It is hard to conceive of a more iron-clad technical solution than “Project Texas,” given the $1.5 billion that was sunk into it. Like the state it is named after, Project Texas is an enormous undertaking, but also a disturbing one.  We can’t really begrudge TikTok for pioneering a new institutional arrangement that (they think) might keep them in the U.S. market. That said, the arrangement sets a terrible precedent for digital media regulation and the global digital economy writ large. The dangers posed by this approach were quickly illustrated on the same day as TikTok’s SOTN presentation when two Senators unveiled the appropriately-named RESTRICT Act, which proposes to generalize the power to ban any apps, services, or software from foreign countries.  Let’s consider some of the potential long-term implications of Project Texas and what the enduring consequences for users and businesses could be. The relevance of Project Texas goes far beyond the fate of one company. 

Summary of Project Texas

Straight out of the Communist Party playbook

Trade protectionism 

Encouraging digital sovereignty

Sets the template for the new US data governance regime

According to the Atlantic Council’s tracker, 17 countries currently have their Central Bank Digital Currency (CBDC) in the pilot phase and 11 countries have rolled it out, with several others in either research or development stage. Three key drivers of interest for the central banks around the world to propose CBDCs have been – increased financial inclusion, improved payment efficiency, and monetary policy and stability. However, for all the stated potential, the adoption rate from the demand side has been painfully slow and limited. Cases in point for this blog post are Nigerian digital currency eNaira, Chinese e-CNY, India’s e-Rupee, Bahama’s Sand Dollar, and Jamaican JAM-DEX.  The e-CNY and e-Rupee are still in the pilot phase and are limited to certain cities, whereas eNaira, the Sand Dollar, and JAM-DEX have been launched at the country level. However, all of these are facing similar setbacks – low adoption on both merchant and customer sides.

The eCNY

The e-Rupee

Nigerian eNaira

The Sand Dollar

Why the low adoption?

What next?

UN IGF meets in Addis Ababa

Dot ORG Snubs Noncommercials

Meet Ophelia

Pushback on US Digital Cold War

New US Bans on Chinese equipment

FTX Debacle

For those of you who prefer text to videos, and the enhanced possibilities of editing for clarity and conciseness, we now make available edited transcripts of two riveting discussions on the definition of the field from our conference in The Hague. This includes the initial panel discussion featuring Tatiana Tropina, Milton Mueller, Jan Aart Scholte, Louise Hurel and Michel van Eeten. It also includes the free-ranging presentation/discussion with Professor Laura DeNardis, one of the leaders of the field. "I like the term Internet governance a lot," DeNardis said. "I think that Russia would love for us to not use the term Internet governance anymore. And I think that China would love for us to not use the word Internet governance anymore." Dr Mueller replied, "I do not share the fear many of the people in the community have about [changing the label]. I know that there are threats of greater state intervention and authoritarianism in the digital world. We have been studying these threats carefully; they are fundamentally geopolitical and political economic. That is why I prefer the term digital political economy." DeNardis_transcript_10_31_2022 IG-2-DPE-transcript

So, is it still “Internet governance” that we do, or is it going to be re-framed as “digital political economy”? IG or DPE? Our conference in The Hague hosted fascinating discussions on this question.   The answer to the re-framing question can be summarized as “Yes, but...” Yes, re-framing IG issues around the broader digital political economy is correct and unavoidable. But we must also recognize that a strong political community devoted to multistakeholder governance of critical Internet resources (CIRs) has been forged around the “Internet Governance” label, and re-framing must not undermine or weaken this community.   Because the Internet is just one component of the digital ecosystem, state-driven geopolitics are already impinging on Internet governance in many new ways, ranging from export controls on semiconductors, to Europe’s attempt to regulate DNS root servers in the name of cybersecurity, to calls for restrictions on trans-border data flows in the name of “digital sovereignty.” In this context, situating the traditional IG community in the broader digital political economy can strengthen it, whereas staying narrowly focused on CIR risks isolation and irrelevance over the long term.  IG advocates must be able to explain the value of openness, interoperability and multistakeholder governance to the entire digital ecosystem. This includes the governance of data, software, digital devices, content and privacy as well as network identifiers.   Amid growing geopolitical conflicts among state actors, the IG community must be able to explain why traditional nation-state governance cannot preserve the interoperability, innovation, economic development and freedom we have come to associate with the Internet. Cooperative, transnational governance by coalitions of civil society, business and liberal-democratic states have the potential to solve new problems in content moderation, privacy and cybersecurity. The IG label narrows the scope of these values to CIR exclusively, but there are many other areas where this approach could be applied. And if the IG community leaves these broader digital economy issues to others, its unique approach to governance will surely be eroded.  The Hague was the perfect site for this meeting both because of its historic status as the site of international peace, and because of the support and participation of the Dutch government and local representatives of the established IG institutions, such as RIPE-NCC and ICANN. In her opening statement to the meeting, A.H.M. Heaver of the Ministry of Economic Affairs made clear the Dutch government’s commitment to multistakeholder IG. Her concerns about the re-framing set the stage for a panel discussion consisting of Milton Mueller, Jan Aart Scholte, Louise Hurel, and Michel van Eeten, moderated by Tatiana Tropina. At the end of the conference, Laura DeNardis weighed in with a wide-ranging talk on the definition of the field, followed by a vigorous discussion. We are preparing a transcript and summary of these discussions that will capture their richness.   To summarize, we recognize that “Internet governance” has become more than just a label for a topic for research and policy analysis. It is the flag under which supporters of more liberal and transnational modes of governance coalesced. There is a global “Internet Governance Forum” in the United Nations. There are national IGFs in many countries. There are many positions in

governmental agencies and intergovernmental organizations based on that label. We support this community and wish to build on it, not disband it. But we remain convinced it can only survive by evolving, not by standing still. 

• Transcript of the initial panel discussion "From Internet Governance to Digital Political Economy," w Tatiana Tropina, Milton Mueller, Jan Aart Scholte, Louise Hurel and Michel van Eeten.
• Video of the panel discussion "From Internet Governance to Digital Political Economy"
• Transcript of the free-ranging presentation/discussion with Professor Laura DeNardis
• Video of the panel on "Industrial Policy and the Digital Economy"
• Video of ICANN's Elena Plexis on "Europe and the Global Governance of Digital Identifiers"
• Video of Peter Swire and Wolf Schuenemann on "The New Transatlantic Data Privacy Framework"

September 30, 2022

ITU Plenipotentiary Conference

US Congress Pressures NTIA on Whois/Privacy

Texas Content Regulation Law Headed to Supreme Court

Pentagon Audits US Info Operations

Spies like US

Twitter's Ex Security Chief Rakes Up National Security Concerns

The 7th Annual IGP Conference in The Hague, Netherlands.

October 17 - 18, 2022, 9:30 am – 4:30 p.m. CEST The Hague Conference Centre New Babylon Anna van Buerenplein 29, 2595 DA Den Haag, Netherlands

RSVP to attend in person

RSVP to watch the webcast

What do you do when the chips are down?

China to classify companies based on "sensitivity of data"

Google kicks 3rd party cookies down the road, again

India reconsidering data localization?

Unpacking the digital political economy

W3C attempts to reinvent itself

India’s new cybersecurity directive under fire

First ever sanctioning of crypto blender provider

The Metaverse will be territorialized 

Censorship Is A Barrier to Digital Trade: USITC Report

Culture of Intolerance: The Spotify-Rogan controversy 

India Moves on Digital Currency

Europe’s industrial policy for recursive DNS

Apple’s privacy initiatives vs. competition concerns

Cyber Incidents in Ukraine 

New IGP White Paper on Multistakeholder Initiatives in Content Governance

Amid Covid concerns, IGF meets in Poland

• On Day 0, IGP researchers will present the paper Making Data Private – and Excludable: A new approach to understanding the role of data enclosure in the digital political economy. The Giganet Annual Symposium will take place Monday, December 6, with the panel starting at 14:00 CET. Register to get your Zoom link for Symposium here.
• IGP and the Free University of Brussels have come together to organize a session titled Beyond hype: what does digital sovereignty actually mean?  As the name suggests, the session will deal with the consequences of widespread use of this contentious concept in policymaking. The session is Town Hall #23 and will take place in Hall A3 on Wednesday, December 8, at 10:45 CET, you can register to join online here.
• IGP is organizing a session, Multistakeholder initiatives in content governance which examines several content governance initiatives including the Christchurch Call, the Facebook Oversight Board, and the Global Internet Forum to Counter Terrorism. These initiatives raise important questions about the relationship between private commercial platforms, governments, law, human rights, and the role of public input in resolving the ongoing tension between freedom of expression and controversial social media content. The session is Workshop #57 and will take place in Ballroom A on Friday, December 10, at 11:15 CET, you can register to join online here.

Insurers and attribution

India and cryptocurrencies

The Chinese Communist Party's focus on building a governance regime for cyberspace has resulted in the rapid introduction of several new laws and regulations on data governance, cybersecurity, the digital economy, and online media content. The targeting of the digital sector with so many new restrictions, laws and regulations is motivated primarily by the state’s security and control concerns. Whatever it’s causes, it is a major pullback from the last 20 years of opening up, and is intended to reassert the Communist Party's supremacy over cyberspace. Below, we break down the regulatory action and its implications for data and platform governance in China. 

Regulating Competition in Digital Economy 

Solidification of the Cybersecurity Law

Personal Data Protection Law Adopted 

Prohibiting Companies from Listing Offshore 

Management of Algorithms 

Migration of Data to State-owned Cloud System

Restrictions on Online Gaming 

Amending the e-Commerce Law 

Data Security Law Kicks In 

Broad Comments: 

Encouraged by the momentum of strengthening the role of the government in the economy, multiple government agencies began waving their sticks against tech companies to gain greater political clout. For example, it was the central bank and other financial regulators that halted Ant Group’s IPO. For Meituan, the General Administration of Market Supervision was the investigator. In the case of DiDi, the company initially received mixed signals from different regulators regarding its IPO decision, and eventually it was the Cyberspace Administration that picked on DiDi, implying an uncoordinated cross-agency regulation. How these power struggles will reshape the landscape of the Chinese tech sector remains to be seen.

From Big Tech to Big Government

In launching a recent wave of actions to redress social inequality and economic disparity, China’s leaders may view themselves as correcting some of the excesses of Deng’s decision to “let some people get rich first.” Such efforts align with Xi’s efforts to recast himself from a princeling to a populist leader. As some of the initial awe of Xi’s anti-corruption efforts begins to fade, his efforts to champion greater equality, including by soaking the rich, presents Xi a new opportunity to align with the people against the powerful. Such efforts also have a corollary benefit of chastening China’s new oligarchs against challenging his authority or that of the Chinese Communist Party in governing China.

Shift to Strategic Industries 

In this top-down view, the government has decided that it wants its economy to be heavy on manufacturing and hard tech — semiconductors, batteries, “industrial internet,” and biotechnologies — and light on the consumer internet. The move is a tacit indictment of the U.S. economy, which has been running largely on the digital fumes of Silicon Valley. “Big Tech continues to find new and profitable ways to sell ads and cloud space,” wrote Derek Thompson in The Atlantic last year, “but it has failed, often spectacularly, to remake the world of flesh and steel.” China is making sure its economy doesn’t make the same mistake.

Changing Concept of National Security

IGP at UN Internet Governance Forum

Fingering China: private, public roles in cyber attribution

Reframing Intermediary Liability 

July 16, 2021

US, EU converge on global taxation

China data paranoia stalls digital expansion

Cuba’s Internet shutdown

Biden didn’t “revoke” the TikTok ban

US-China conference event

El Salvador de Bitcoin

Canada imposes national quotas on user-generated content

Ransomware fuels talk of Bitcoin ban, Russia and the US clash over YouTube, WhatsApp backtracks on enforcing its new privacy policy, and IGP presents at the PLSC for the first time.

Bitcoin and Ransomware

YouTube in the middle of US-Russia conflict 

WhatsApp backs down on controversial privacy update 

IGP Research on data enclosure

This week we cover some of Biden's Cybersecurity Order and a few 5G related developments. 

Biden’s Cybersecurity EO: Encrypted data at rest for me, why not thee?

• No implicit trust granted to assets or user accounts based solely on their physical or network location.
• Authentication and authorization (both subject and device) are discrete functions performed before a session to an enterprise resource is established.

Source: https://www.dvidshub.net/video/759897/norton-outlines-new-cybersecurity-model-army-signal-conference 

Huawei, ZTE Left Out of India's 5G Trials; China Threatens Retaliation against Ericsson unless Sweden Revokes Ban

Facing a hostile U.S. Congress, Facebook proposes “updated Internet regulations” that push more responsibility for content regulation decisions to the government. Europe is already trying to do just that, but civil liberties groups are campaigning against it. India considers a tech nationalist approach to cryptocurrency.

A taste of “updated Internet regulations” 

A European model?

India may block cryptocurrency IP addresses

The Narrative is a twice-monthly survey of key developments in Internet governance. This time we take up competition law activity against platforms, and the EU data governance initiative.

Competition policy and platforms

EU data governance initiative

1. A mechanism for re-using certain categories of protected public sector data which is conditional on respect for privacy and intellectual property rights (Chapter II)
2. Limiting data sharing to “trusted intermediaries” (Chapter III)
3. Creation of a platform for data voluntarily made available by individuals or companies for the common good; a.k.a. “data altruism” (Chapter IV)
4. Creation of a European “Data Innovation Board” (Chapter VI)

The Narrative is a twice-monthly survey of key developments in Internet governance. This time we assess the impact of the U.S. Presidential election on IG, and assess the results of the first virtual UN Internet Governance Forum.

A new U.S. President

The first virtual IGF

Our IGF 2020 workshops

The Narrative is a twice-monthly survey of key developments in Internet governance.  This time we take up Facebook's struggles with content moderation, the geopolitics of 5G, and coordinated efforts by governments to limit encryption.

Platforms and Content Moderation 

The Geopolitics of 5G

Exceptional Access to Encrypted Data

An important discussion of the future of Internet architecture with Dr. Richard Li, of Futurewei Technologies and key proponent of Huawei's "New IP" proposal, and Andrew Sullivan, the President and CEO of the Internet Society. IGP's Dr. Milton Mueller moderates. Click on the image to view the 90 minute recording  

The UN Internet Governance Forum demonstrated its utility as a forum for bringing together relevant parties for negotiations and discussions yesterday. A snap "town hall" meeting convened about 50 civil society members and representatives of the Internet Society (ISOC) and ICANN to express concerns about the sale of .ORG. Notably absent were representatives of PIR and Ethos Capital. The meeting was called after discussions among the leaders of Access Now, the Noncommercial Users Constituency, and IGP. ISOC trustees Walid Al-Saqaf and Mike Godwin made a strong case for the sale from ISOC's perspective. Al-Saqaf said that he had a fiduciary responsibliity to consider the interests of ISOC primarily and that the sale definitely was good for ISOC. It establishes an endowment and gets ISOC out of the business of DNS registry operation so it can concentrate on its core mission. Godwin noted that DNS may not be the long term direction of the internet and that as promoters/advocates of the internet ISOC did not want to have a conflict of interest that tied its revenue stream to a 1980s/90s business (domain name registration) that might prove to be a declining or suboptimal. Though reluctant to step forward and talk initially ("We are just here to listen"), ICANN board members Becky Burr and Chris Disspain quickly came to their senses and explained the process they go through when ownership of a registry changes.  They acknowledged that section 7.5 of the ORG Registry Agreement gives them a role in the transfer of control and that the process associated with that is already happening. They can ask questions of ISOC trustees and PIR about the sale and exchange information. There is no fixed 30-day limit on these exchanges, rather a rolling 30 day limit on each round of questions and responses. Board members acknowledged ICANN's ability to attach conditions to the recognition of Ethos Capital as the new operator of .ORG. Board member Leon Sanchez was also in attendance. The ICANN board members sat through the entire meeting and paid attention, so it should be clear to them that they can enhance ICANN's legitimacy and reputation by taking the right steps in this controversy. They also indicated that concerned members of the community are welcome to send their opinions to the CEO and Board. We would caution anyone who does this to keep in mind the precise nature of ICANN's role in this process, otherwise the advice will not be useful. Trustees received notice of the proposal in the August-September time frame and also claimed that they had more than one offer. A former ISOC trustee asked whether they had considered other financial models such as a leasing arrangement. They say they had. Following the agenda put forward in our previous blog on this topic, Milton Mueller articulated a proposed agenda for modifying the RA:

• Longer term contracts
• Content neutrality
• Ending the URS

This article, based on initial research conducted by recently graduated Georgia Tech Cybersecurity Policy track Masters student Erin Whittaker, looks more closely at indictments in absentia as a way of deterring future attacks and creating accountability in cyberspace.  Over the past half-decade the United States government has used indictments in absentia as a form of deterrent for malicious cyber acts perpetrated by foreign actors who are not subject to U.S. jurisdiction. Arguably, indictments in absentia are one of the best methods for authoritatively attributing a cyber-attack to an actor because of the associated due process involved in collecting evidence and burden of proof standard (i.e., probable cause). However, critics argue that indictments in absentia are not an effective deterrent since it is very rare that the defendants charged appear in U.S. court.   The analysis uses a dataset derived from the United States Department of Justice’s (DoJ) press releases and indictments. Whittaker initially identified 34 indictments in absentia pertaining to cyber hacking, attacks, and espionage. A similar dataset was developed by Garret Hinck of the Carnegie Foundation’s Cyber Policy Initiative and published in a Lawfare blog. The data presented here reconciles and summarizes the datasets.

Figure 1

Figure 2

Figure 3a: Cyber criminal actor indictments

Figure 3b: State-backed actor indictments

The European Commission (EC) has finally weighed in on the recommendations of ICANN's Expedited Policy Development Process (EPDP). The EPDP  is reforming WHOIS to make it consistent with GDPR and privacy rights. The EC comments, we are happy to report, are well aligned with the positions of privacy advocates. This should not be surprising, because the General Data Protection Regulation (GDPR) which is what forced ICANN to reform WHOIS in the first place, is a European law. However, within ICANN's Governmental Advisory Committee (GAC) the EC has not always seemed to fully support GDPR. These comments put those concerns to rest. In this blog, we will detail the important points the EC has raised in its comments.

Disclosure of personal information is not a purpose!

...the European Commission considers that the purposes for processing WHOIS personal data by ICANN and/or the contracted parties should not include enabling access by third parties. This is also at the core of the concerns expressed for some time by the Data Protection Authorities (DPAs) and the European Data Protection Board (EDPB), which have clarified that the purposes of ICANN and contracted parties must not be conflated with the interests of third parties in accessing registration data.

Establishing legitimate interest to access personal information

But, what about law enforcement access? 

Not a day goes by without hearing that Russia wants to nationalize the Internet, fragment the Internet or block its citizens' access to the global Internet. Just yesterday, media sources announced that Russia will be testing its Internet shut down capabilities, which is a rather inaccurate account of Russia’s move towards nationalizing the Internet. In this timely white paper, Ilona Stadnik provides what these Internet analysts really need: a realistic and in depth analysis of what is happening to the Internet in Russia. This paper is particularly important for advocates of global, interconnected Internet.  The Internet community gets involved and even contributes to the hype by predicting what would happen next. But the process of nationalization of the Internet is not a hype. It is a slowly evolving, not so well thought-out process that faces constant trial and error. The danger of such a process should be acknowledged, however. It is going to take time for Russia to nationalize its Internet, align it to its border and even perhaps fragment it. But it will not happen tomorrow by switching the Internet off.  In this paper Stadnik tells us how it might have been happening and where it might be going. Download the paper here.

Facebook did not have a good 2018. Treating its customers' personal information as a commodity, it was revealed by New York Times that  “For years, Facebook gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed, effectively exempting those business partners from its usual privacy rules, according to internal records and interviews.” But Facebook’s approach to privacy goes beyond mere disregard, and it's not only limited to its customers. Facebook has an anti-privacy public policy approach. To shed light on that, we will explain Facebook’s approach to the privacy of domain name registrants and the protection of their data in a directory called WHOIS, which has never been covered before. During the ICANN WHOIS policy meetings, the chair sets an agenda which can be amended or added to by the request of the policy group members. The Facebook representative has never missed a chance to add issues to the meeting's agenda that would weaken the data protection of domain name registrants and help with maintaining a public WHOIS. For example, the Facebook representative has pushed to require additional contacts (admin/tech) to consent to publish their data rather than be redacted; She has insisted on trying to force registrars to differentiate natural and legal domain name registrants and hence not protecting the legal person’s data; she has attempted to put the burden of the accuracy of data on domain name registrars;  and she has pushed to make ICANN fragment its policies by differentiating domain name registrants geographically so that we do not provide protection for those not subject to European jurisdiction.

Facebook and accuracy argument

Fight to limit data protection globally

Facebook anti-data protection advocacy in the name of security

Advocating for data mining

A final reminder

Wow, has 2018 flown by! Hopefully, you're in a restful and reflective holiday mood. We want to look back at the top developments in Internet governance we covered, and offer some thoughts on issues that are heating up and what will be happening in the coming year. In the past year:

• Domain name holders' private registration data was finally redacted and protected by ICANN. We will continue our advocacy to keep it like that
• IGP's educational efforts were expanded to support the curriculum design of the Middle East School on Internet Governance
• Bright students and scholars joined IGP to undertake research on Internet governance. Drop us a line if you want to undertake research on Internet governance at IGP
• We kicked off our Digital Free Trade project last year and made it the focus of several events and our annual workshop. We quickly realized we were in an uphill battle as the "Techlash" against global platforms took place and cyber-nationalist laws and policies took hold in many countries. A special issue on cyber nationalism and digital trade will be published next month by Digital Policy, Regulation and Governance
• We strengthened and developed our work on cyber attack attribution. Watch this site for further developments
• We still believe discussing cyber norms endlessly with soft commitments from the states will not preserve Internet security
• We warned against multilateralization of Internet governance processes at the United Nations
• IGP explored IPv6 and economic incentives for its deployment in 2018. Stay tuned for the final report, to be published very soon

• Discuss and develop our research on cyber attack attribution
• Continue working on digital free trade
• Work closely with the civil society for a coordinated approach in Internet governance
• Monitor States actions that can affect the multistakeholder Internet governance
• Work with more students and IGP fellows
• And continue our usual advocacy at the domain name space and ICANN

The Ostrom Workshop at the University of Indiana carries on the work of the late Elinor and Vincent Ostrom on governance and institutions. I was honored to be invited by the Ostrom Workshop to give the 3rd annual Ostrom Memorial lecture Wednesday, October 3. The lecture challenged the idea of sovereignty in cyberspace. Based on an analysis of the techno-economic features of the domain, it questions the desirability and practicality of sovereignty in cyberspace, and explores the applicability of global commons models to cyberspace. The full lecture, including audience questions, is archived and available for viewing here. The Ostrom Memorial lecture was for me merely the highlight of a week of activities. On Monday we held a colloquium on IGP's paper on institutionalizing cyber-attribution. That discussion, which raised useful questions about legal and incentive issues of an attribution institution, is also archived and available for viewing here. On Thursday and Friday the Ostrom workshop held a small conference on Smart Cities. This was an opportunity to meet a diverse and interesting group of people, including the chief privacy officer from the City of Seattle, a board member of a regional water authority in Virginia, tech journalist Doc Searls and his wife and partner in the Internet Identity Workshop and Sovrin Foundation Joyce Searls. Academics from Indiana U, Georgia Tech, Harvard (Berkman-Klein Center) and Virginia Tech rounded out the discussion. The Ostrom Workshop has become a beehive of governance-related research, workshops, colloquia and lectures. Directed by Lee Alston, it touches on a variety of Internet governance related topics, including Cybersecurity and Internet Governance (with the ubiquitous Scott Shackelford as program director), and Data Management and Information Governance (with Angela Raymond as program director), which includes a blockchain governance initiative.

The expedited policy development group that is trying to reform ICANN’s Whois system post-GDPR met face to face in ICANN's Los Angeles headquarters September 24 – 26. The same old conflicts of interest underlying Whois policy for the last 18 years resurfaced repeatedly, but this time important progress was made. This report is intended to document and clarify the process. We are deliberately giving the reader a deep dive into the details to promote better understanding of the issues and to keep the process accountable.

The divide

Purpose and Access

The Matrix: Red pill, blue pill, painkiller?

A. Establishing the rights of a Registered Name Holder in a Registered Name and ensuring that the Registered Name Holder may exercise its rights in respect of the Registered Name

C. Enable communication or notification of the registered name holder and/or their delegated parties of technical and administrative issues with a registered name

E. Provide mechanisms for safeguarding registered name holders’ registration data in the event of a business of technical failure, or other unavailability of a registrar or registry operator.

F. Handle contractual compliance monitoring requests, audits, and complaints submitted by Registry Operators, Registrars, Registered Name Holders, and other Internet users.

M. Coordinate, operationalize and facilitate ICANN's TLD and domain names dispute resolution policies, namely URS, UDRP, RDDRP, PDDRP and PICDRP

The Conflict 

• Supporting a framework to address issues involving domain name registrations, including but not limited to: consumer protection, investigation of cybercrime, DNS abuse, and intellectual property protection (the language in section 4.4.8 of the temp spec);
• Providing access to accurate, reliable, and uniform Registration Data based on legitimate interests not outweighed by the fundamental rights of relevant data subjects
• Supporting a framework that enables identification of third-parties with legitimate interests grounded in legal bases, and providing these third-parties with access to Registration Data relevant to address specific issues involving domain name registrations related to: consumer protection, investigation of cybercrime, DNS abuse, and intellectual property protection.

The Compromise

B. Provide lawful access for legitimate third party interests to registration data that is already collected and identified herein.

• Registrar/Registry Purpose B - Facilitate lawful access for legitimate 3rd party interests to data that is already collected and identified herein

Happy ending?

• ICANN Purpose A - Establish the rights of a Registered Name Holder in a Registered Name and ensuring that the Registered Name Holder may exercise its rights in respect of the Registered Name
• ICANN Purpose C - Enable communication or notification to the Registered Name Holder and/or their delegated parties of technical and/or administrative issues with a Registered Name
• ICANN Purpose E (Registrar and Registry Escrow) - Provide mechanisms for safeguarding Registered Name Holders' Registration Data in the event of a business or technical failure, or other unavailability of a Registrar or Registry Operator
• ICANN Purpose F - Handle contractual compliance monitoring requests, audits, and complaints submitted by Registry Operators, Registrars, Registered Name Holders, and other Internet users.
• ICANN Purpose M - Coordinate the development and implementation of policies for resolution of disputes regarding the registration of domain names (as opposed to the use of such domain names). 
• ICANN Purpose N - Enabling validation of Registered Name Holder satisfaction (fulfillment) of registration policy eligibility criteria.

Ilona Stadnik and Braxton Moore have recently joined the Internet Governance Project.

Ilona is a Fulbright visiting researcher at Georgia Institute of  Technology, Internet Governance Project. During her stay, she will be focussing on her Ph.D. thesis about Russia-US cybersecurity relations and will also contribute to IGP's cybersecurity research, including cybersecurity governance and nationalization of the Internet, the private sector role in cybersecurity governance and States' international approach to cyber norm-making. Read more about Ilona here.

Braxton Moore, an undergraduate engineering major, joined IGP upon receiving the Presidential Undergraduate Research Award to work on Blockchain Governance. He will be working on Blockchain as the underlying technology for Cryptocurrency and how national regulation and private governance can affect the adoption of cryptocurrencies.

 Read more about Braxton here.

Public attribution of cyber incidents to nation-state actors is increasing. It is a challenging and important accountability function that is often performed by a combination of threat intelligence firms or other private actors and less frequently by states. But is it time to institutionalize cyber attribution? The cybersecurity community has sporadically reflected on the idea. Several calls have been made for domestic or international attribution organization(s) to provide credible processes that go beyond technical measures. The feasibility of these ideas is only beginning to be examined in depth, with no systematic plan to evaluate and discard or to find ways to implement them. In this new white paper by the IGP, we explore the attribution challenge, review proposed models for new institutions, and sketch an agenda for future research. IGP's expertise in the development of transnational institutions in the domain name space has direct policy relevance to this case. A new Transnational Attribution Institution (TAI) may be needed to align actor incentives and serve as a neutral global platform for performing authoritative public cyber-attributions that could hold offensive actors responsible and deter future cyber attacks. Download the white paper here.          

As we anticipated, ICANN the organization, under the pressure of powerful interest groups, decided to come up with its own model for access to personal information of domain name registrants data. It is a draft for "discussion." But there is a timeline as well:

Phase 1: Community discussion and consultations on the Unified Access Model

Phase 2: Consultation with the European Data Protection Board on the Unified Access Model and the approach to develop Code of Conducts for various Eligible User Groups

Phase 3: Further refinement and finalization of the Unified Access Model based on inputs from the community and the European Data Protection Board

It seems  ICANN wants to have a model in place by December 2018. Despite the fact that most registrars are not receiving many requests for access, ICANN insists that a unified access model should be in place by then. The matter of "who" should get access has been delegated to GAC but ICANN has also stated that third parties with "legitimate interest" should have access in compliance with Article 6 (1)(f)  of GDPR. It also mentions that both registries and registrars should provide access to data. This requires Thick registries and the transition of the legacy .com and .net TLDs to thick registries, which are not acceptable requirements. They add that if only registrars should be in charge of giving access, then it should be discussed in a PDP. They believe there should be an authenticating body and GAC should decide on the authenticating bodies. Or some have proposed that organizations such as WIPO which provide dispute resolution should authenticate the legitimate IP interest.

ICANN 62 is going to be filled with GDPR discussions. We need to stop ICANN's unilaterally developed accreditation model and get them to accept what the community develops. How should we approach this?

Understand what access  is about

ICANN's model is about accreditation, not access 

The "authenticating bodies"

Who should be in charge of giving access to personal information

Scope of data

Registries and registrars will be required to give access

The code of conduct elements

Who would enforce the code of conduct?

On May 24-25, 2018, the Internet Governance Project (IGP) at Georgia Tech’s School of Public Policy held its 4th Annual Workshop in Atlanta. This year’s workshop theme was “Digital Free Trade or Cyber Nationalism? Setting the Course for a 21st Century Digital Trade Policy.” The workshop explored the scientific and public policy questions raised around digital trade. This blog covers the workshop proceedings and its outcome.

Understanding the nature of digital trade

Data localization and digital trade

Digital trade in geopolitical context

Cybersecurity and digital trade

Rights and Trade – IPR and Privacy

Where to go from here

Using WTO dispute resolution process (DRP)

Link cross-border data flows to HR

Make better bargains for the public

Retaliate against China

Voluntary adoption of harmonized privacy rules

"Geneva Convention on the Status of Data"

Move to bilateral approaches

Final remarks

What can we do to stop the militarization of cybersecpace by States? One answer might be convening a transnational cyber attribution organization. States need to be held accountable if they carry out cyber attacks. However, up until now, this has not been feasible. The infeasibility does not mean that cyberattribution does not take place at all. Cyberattribution is not impossible anymore. There are cyberattribution efforts in place carried out by various nations and security firms. However, such processes might not be seen as legitimate internationally since the attribution is carried out by the institutions of the attacked nation states. To overcome this hurdle, scholars, as well as the private sector (mainly Microsoft recently), have been discussing the possibility of convening such an organization. As one of its main research topics, IGP is carrying out research and organizes sessions about cyberattribution. One of our recent papers, presented at the International Studies Association showed empirically that nonstate actors might not have enough incentives to carry out cyberattribution. We are continuing our research on cyberattribution and focussing on more scholarly work but we also engage in organizing sessions at various Internet governance events to help with advancing this discussion further. At RightsCon, we have organized a session that will discuss the idea of cyberattribution organization. Join us on Thursday 17 May at 12 pm. For more information about the session, go to http://sched.co/EHn5

Last week, a 3-day conference was held at Harvard University’s Belfer center focused on fortifying election security and digital democracy. IGP contributors Karim Farhat and Karl Grindal competed in an Information Operations hackathon, winning first place in the policy category. The panel of judges was comprised of former Secretary of Defense and Belfer Center Director Ash Carter and former Pentagon “cyber czar” and current Defending Digital Democracy Project (D3P) Director and Belfer Center Co-Director Eric Rosenbach.  [caption id="attachment_6067" align="alignright" width="317"] Entrants to the Defending Digital Democracy Project's Hack-a-thon present their ideas to former Secretary of Defense Ash Carter prior to winners being announced.[/caption] The motivation for this project was to find a solution that maintains the US’s commitment to an open Internet while protecting elections from foreign interference. The 2016 Russian information operation campaign had three distinct tactics: sockpuppets, strategic leaks, and political advertising. While these strategies represent the present day challenge, our hackathon proposal sought to prepare for a future where bot-based communications amplify existing capabilities. What follows is an overview of these recommendations. While Facebook has preemptively committed to adopting many of these recommendations, what is legally required of them and other online platforms is another question entirely. This proposal addresses shortcomings in the Honest Ads Act and the Draft FEC Strategic Plan, FY 2018-2022. Justification Why these proposals? It’s important to first diagnose the problem. By acknowledging that information operations use distinct tactics and that responses should be tailored to these specific actions we are hopefully addressing the most significant dimensions of the campaign. These proposals are designed so that if replicated by any other state, democratic or authoritarian, the response would be consistent. Were the United States to adopt this proposal, it would be setting a global norm for campaign transparency as these policies could easily be adopted by other countries. Countries with overburdensome election regulations may lack the market to shape novel disclosure requirements. These provisions would inhibit information operations while protecting innovative platforms and free expression rights.    Election advertising Campaigns are expensive. In the past much of this money went to television broadcasting. Yet, estimates suggest almost $1 billion campaign dollars went towards online ads in 2016, and this number will certainly grow. Although broadcasters are already regulated when it comes to election advertising, social media platforms are not. Campaign spending consequently provides a unique opportunity. We propose that federal regulations on political advertising only apply to communication platforms that accept Federal Election Commission (FEC) regulated advertisements from political campaigns and Political Action Committees (PACs). Existing broadcast regulations provide ready made definitions and precedent. Startups and companies that prioritize anonymity over verified identity can choose to be exempt, but will lose out on political advertising. There are different rules for broadcasters, cable and satellite but the political file that is kept on hand for purchased ads is the same. Our proposed provision would only apply to direct political electioneering i.e. excluding opinion and issue-based campaigns. Political ads are those that directly mention a candidate, legislation or particular party. For instance, an ad stating “I love polar bears" is fine but “vote Clinton because she likes polar bears” applies as direct political electioneering. These broadcaster regulations should be extended for online electioneering, which includes: a transparency mandate (who is buying ads), domestic origin requirements and non-discriminatory pricing policy — is relevant because of Facebook’s ad auction environment. Wired Magazine reported that the algorithm for Facebook’s ad auction sets lower prices for divisive and inflammatory content because of the higher click through rate. In contrast, broadcaster must offer the same price to all political ads. The above disclosure regulations would include sockpuppets and bots as explained in the subsequent sections. Sockpuppets We define sock puppets as a network of fraudulent online identities that are intended to spread the same message. These fake identities tend to create ‘echo chamber’ effects. It’s our belief that anonymity is not inherently wrong and has legitimate uses: it’s frequently used for parody accounts and by dissidents in oppressive regimes. From the perspective of election campaign law, however, sockpuppets can be construed as a fraudulent form of in-kind contributions that violates election law and should therefore be monitored by the FEC. An army of sockpuppets masquerading as genuine political discourse may be more effective in swaying elections than a third-party ad buy. An organization that promotes a candidate by secretly paying sockpuppets to lambast the opposing candidate would, in effect, be in violation of federal law. Under Citizens United v. FEC the Supreme Court declared their support for disclosure stating it “is a less restrictive alternative to more comprehensive regulations of speech”. Consequently, this provision would segment the market between platforms selling anonymity vs. credibility to their users. This provision may expand the already established norm of verified-identity which has obvious consequences to anonymous speech. Today’s leading social media platforms, such as Facebook, already require real identity, which would make this kind of regulation less burdensome. Clearly, the monitoring of sockpuppets might make some platforms less welcoming to dissidents. However, an opt-in mechanism is better for anonymous speech than say a blanket provision applying to all public communication. With a few short lines in their contractual language, platforms that value anonymity such as Reddit and Imgur would clarify that campaigns and PACs are NOT eligible to post advertisements. Since platforms have an incentive-based choice on opting-in, users will also have the choice to use the service that best suits their preferences. Bot identifier     Sockpuppets will be nothing compared to bots in the future. One sockpuppet can only manage so many social media accounts but the process of posting disinformation, including fake videos (courtesy of Google’s open source engine TensorFlow), will be increasingly automated and large scale in the future. We are proposing that a bot identifier be developed to provide transparency. Human users should be able to make the distinction between when they’re communicating with something that is human and something that isn’t. This identifier scheme could be created in collaboration with industry and only applied to FEC regulated platforms. A bot identifier tag could find a broader audience as a norm, especially since bots are increasingly able to pass the Turing test. Strategic leaks The principal challenge faced by the DNC throughout the 2016 election was not one of the Russian sock puppets, but rather establishment media reporting on documents shared through Wikileaks and DCLeaks. By using anonymizing third parties, the Russian espionage campaign strategically released selective but factual information about DNC activities to exploit America’s constitutional prohibition on prior restraint of media. Established since the 1925 Supreme Court case Near v. Minnesota, this protection of press freedoms supports the Fourth Estate. As such, the news media is right to investigate alleged abuses, but is also setting the agenda for national discourse. With respect to strategic leaks, a culture change is needed within the American media. At the core of the problem is the economic incentive that journalists have to publish breaking news first. So how do we reconcile disclosure norms against a very compelling force in the opposite direction? There is no proper government role here, the response should lie in self-regulation. Ethical restraint by the media is needed when it comes to nation-state leaks. Organizations like the International Federation of Journalists, the National Writers Guild, and the Accrediting Council on Education in Journalism and Mass Communications ought to develop trade specific codes of ethics to guide journalists in the use of leaks from foreign powers or other potential purveyors of disinformation. As national trust in the mainstream media has dropped in recent years, context about the substance and origins of leaks is important to maintain objectivity and retain public trust. Concluding Remarks Having identified a plan for strategic leaks, political ads, sockpuppets, and bots, we believe these provisions might inhibit information operations while protecting innovative platforms and first amendment rights. We would like to thank Ishan Mehta who made invaluable additions to this proposal.

Background The international trade in hardware, software, and content complicates many cybersecurity challenges. Domestic regulations and enforcement may fall short of their intended aims when foreign criminals and governments are out of their jurisdiction, and cheap insecure technologies proliferate worldwide. In response, some security experts have looked to restricting trade as a mechanism to promote cybersecurity, or to implement some form of arms control. And yet, as with any restriction on trade, these proposals have major, potentially detrimental economic consequences. What follows is a typology of trade regimes, and the expected economic challenges associated with their use. Many of these ideas were formulated at the 2018 Harris School's Inter-Policy School Summit which this year focused on the topic of Trade and Cybersecurity. I would like to thank my team members from the Workshop: Erik Ernesto Bacilio Avila, Edgar Braham, Luis Gonzales Carrasco, and Lina Skoglund. Mechanisms for Restricting Trade Trade restrictions have been used for a wide variety of purposes: promoting nascent industries, protecting politically influential sectors, and regulating the spread of dangerous goods. What makes cybersecurity such a difficult topic for trade restrictions is the degree to which it serves dual-use purposes (military and civilian). For example, intrusion software can be used by an enterprise for security, and by a government for surveillance. And yet, the mechanisms to limit trade are not new, but grounded in existing organizations and processes. While not intended to be comprehensive, the following framework attempts to explore the various mechanisms that are or could be used to restrict trade either of cybersecurity products or general IT products for cybersecurity reasons. - Export Controls The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods provides a 42-country wide multilateral export control regime. This successor to the Cold War era technology export control program started in 1996, Wassenaar tried to upgrade its standards with a 2013 amendment that added an export restriction to internet based surveillance systems. The Missile Control Technology Regime (MCTR) is not a treaty, but "an informal political understanding" that controls exports of missile technologies through established Guidelines. These Guidelines reference specific equipment, software and technologies that could proliferate missiles with greater range and payload capacity. This informal restraint of trade, has not had a significant effect on cybersecurity products. - Tariffs Article XXI security exception is a World Trade Organization mechanism which allows an exception to the Non-Discrimination principle in the General Agreement on Trade and Tariffs (GATT) allowing a country to raise trade barriers against a partner or import flow based on a National Security threats. Similar security exceptions are made to the General Agreement on Trade in Services (GATS) where Article XIV bis allows for the “protection of essential security services.” On March 1^st, President Trump stated that he would use the GATT exception to promote the US Steal and Aluminum industry. By default, the WTO Information Technology Agreement sets the tariffs on IT products to zero for over fifty participating countries including the US, EU, Russia, and China. For now, the ITA appears to have limited the use of tariffs to promote a domestic cybersecurity industry. - Investment Restrictions As a US-specific inter-agency body, The Treasury-led Committee on Foreign Investment in the U.S. (CFIUS) reviews the national security implications of acquisitions of US businesses by foreign actors. Upon review, CFIUS can then recommend that the President block these acquisitions. Cybersecurity, with its dual use potential, increasingly has been cited as a factor in CFIUS decisions. This blog has previously noted how concern about Chinese access to US markets, has led CFIUS to make anti-competitive blocks. The US program is not unique, other nations including Canada and Germany have similar review processes. China’s Cloud Computing Regulations present another kind of investment restriction with significant impacts on cybersecurity. With regulations requiring local partners and requirements to reveal proprietary code, the country maintains strict control over cloud services. While this control may have certain cybersecurity intentions, its ends are more likely to enable domestic surveillance while hindering foreign surveillance. - Localization Requirements While the cloud computing requirements in China emphasize ownership limitations, localization requirements have been adopted more widely, either deployed in a specific sector like telecommunications metadata in Germany, or all personal data in Russia. More informal targeted localization requirements have also been propagated in the United States. The federal government efforts to prohibit Kaspersky Antivirus and Huawei have been banned from bidding for US government contracts after accusations of enabling foreign espionage. These government actions have led to American companies responding in kind resulting in a de facto ban. A Typology In an attempt to clarify analysis of trade-related cybersecurity restrictions, I have developed a table which relates the different trade control mechanisms to the following dimensions: 1) their effect on cybersecurity; 2) the distribution of costs; 3) how targeted or generic the restrictions are; and 4) the opportunities for retaliation or fragmentation they create. - Cybersecurity Effect The purported cybersecurity effect of the policies described above is limited. Rather than directly providing information assurance to domestic consumers or enterprises, these policies instead seek to limit proliferation, protect domestic industry, or limit foreign espionage. And yet many of these policies may have a net negative effect on the domestic populace. If the expense of cybersecurity products rises, or domestic espionage is made easier, the net effect would be to undermine security. - Targeted or Generic The effect of these policies can be considered to be either generalized through a widely applicable standard, or targeted (as with Investment Restrictions) at a specific enterprise. The scope of these policies has clear consequences on the likely impact for security, potential costs, and long-term effects on norms. -  Costs Who bears the brunt of the cost of trade restrictions? The subsequent chart is intended to address how producers, consumers, and governments might distribute the costs. Producers in this context represent the global IT industry (including the cybersecurity sector). Consumers are those individuals and enterprises that use these goods. Governments will face administrative costs in the enforcement of these provisions. - Retaliation and Fragmentation National decisions about trade restrictions do not occur in a vacuum. Nations will respond to each other in their interest. Particularly with arbitrary tariffs, the likelihood of retaliation with counter tariffs is high. In contrast, other policies might not result in retaliation, but might lead to norms which will further fragment the Internet. As countries seek to align the Internet with nation specific rules, they are likely to inhibit the cross-border flow of goods and services and change the character of the Internet from one country to another. Table: Classification of Trade Regimes This framework helps to clarify some of the tradeoffs and consequences of regulating cybersecurity through existing trade regimes. There are important distinctions of purpose, how targeted the program is, who will bear the costs, and how other countries might respond. While no program is without some cost, these factors should bring pause to anyone hoping to leverage the international trade regime as a mechanism to bring peace. Lessons For example CFIUS, while unlikely to affect domestic producers, has a high risk of trade backlash and creating restrictive norms, while export control regimes are unlikely to see trade retaliation but do punish the domestic industry of cybersecurity services if they limit legitimate research and sale. The costs will be faced by someone in the market. At present, the potential benefits of these proposed trade regimes seem to fall mostly to governments under a national security paradigm. However, even if these programs were targeted to limit the flow of vulnerable software, the typology above would remain true. By limiting the consumer choice to use foreign goods, governments are making critical value judgements on behalf of their citizens.

My last blog emphasized the importance of defining a purpose for Whois consistent with ICANN’s mission. It is impossible for ICANN to comply with GDPR unless this is done. Why doesn’t ICANN already have a defined purpose for Whois? Therein lies an interesting story - a story with a hero, a villain, a betrayal and an unhappy ending. A tragedy according to the Greek definition. Way back in 2003 – 15 years ago – ICANN formed a Whois Privacy Steering Group. That was its first response to growing concern about the tensions between its newly-implemented Whois policies and privacy law concerns. The Steering Group eventually came to the same conclusion that ICANN seems to be reaching now: before it could decide what data to make public or nonpublic, it had to define the purpose of Whois. So on 2 June 2005 it created a GNSO Task Force on The Purpose of Whois and the Whois Contacts. The task force was mandated to:

(1) Define the purpose of the WHOIS service in the context of ICANN's mission and relevant core values, international and national laws protecting privacy of natural persons, international and national laws that relate specifically to the WHOIS service, and the changing nature of Registered Name Holders.

(2) Define the purpose of the Registered Name Holder, technical, and administrative contacts, in the context of the purpose of WHOIS, and the purpose for which the data was collected.

Formulation 1

Formulation 2

The Internet Governance Forum (IGF) is convened under the auspices of the United Nations and holds annual meetings. It is an important event because it brings together various Internet governance stakeholder groups to talk about their activities, hold debates, plan for future projects and have intra-stakeholder group dialogue. Although the IGF meetings do not yield  any binding outcomes and are civil society dominated, they provide the rare opportunity of gathering various stakeholder groups in one place and giving the United Nations the pleasure of hosting a diverse, non-hierarchical community. This blog post showcases some of the activities of IGP at IGF 2017. At IGF, IGP pursued its focus on civil society engagement, digital trade, online content regulation and Internet of Things. The civil society day As is customary, various civil society groups and digital rights activists get together two days before IGF to prepare themselves for IGF but also to discuss and debate Internet governance issues. At the joint civil society meeting, we were featured in a debate on economic nationalization and digital trade. Civil society activists who favor trade agreements that liberalize digital services exchanged views with those who think digital trade agreements are inimical to privacy rights. IGP is of the opinion that trade agreements can be a vehicle to advance Internet rights, especially to combat data localization laws, and can even be leveraged to improve privacy protection. Some argue that e-commerce chapters in intergovernmental trade agreements encroach upon Internet governance issues that are now resolved through multistakeholder processes. This concern is not very well backed up, however. The issues addressed in trade agreements have never been resolved by multistakeholder processes. Privacy protection has become a national issue and many governments have passed data localization measures already. It is time to find effective avenues to address these issues. IGP also presented its paper on domain name registrars and their terms of service, as a part of a broader session about private regulation on the Internet. Our paper was written after a white supremacist website's domain was cancelled by GoDaddy based on a terms of service prohibition on "immoral" use of a domain. Our paper surveyed the morality provisions in terms of service of registrars.  We are still working on the idea of registrars’ neutrality when it comes to content regulation issues in domain names. The topic of domain names and content regulation was also taken up by a workshop organized by the ICANN Noncommercial Users Constituency. IGP was represented on this panel. IoT Security, will regulation save the day? During IGF, IGP organized a workshop on IoT security, titled “IoT security: Will regulation save the day?” The workshop was a debate between those who are for greater regulation of IoT security and those who are against it, and think current practices can resolve IoT security issues. The panelists discussed the definition of  regulation when it comes to IoT, considered product liability in IoT and debated who we are going to regulate and what are we protecting, consumers or networks? We will do a report on the outcome of the workshop soon. In the meantime, watch the session video and read a paper IGP co-authored with the R Street Institute.   Digital Trade The last day of IGF, we participated in a main session about digital economy and trade at IGF. Along with Dr. Badiei from IGP, the main session included government representatives, international organizations such as UNCTAD and Internet corporations such as Facebook. IGP contributed to the main session in the first segment, arguing that WTO has not been proactive in facilitating digital trade and that trade agreements might have positive effects for combating data localization. Video is available here: And we had a booth!  [caption id="attachment_5813" align="alignleft" width="288"] Ian was not there to pick up his book so his famous friend Sophie Kwasny from the Council of Europe picked it up.[/caption] IGP had a  booth at IGF 2017 and we raised awareness about our digital free trade project which you can read more about here. We also told IGF participants about our research and activities at IGP. To stir things up and make the booth more exciting, we had a contest. The IGF attendees who answered the  Internet governance questions correctly could win a signed copy of the book 'Will the Internet fragment?' by Milton Mueller. Only three contestants answered all the questions correctly (a significant portion of quiz-takers thought that Milton Mueller was a co-founder of the IETF). Unsurprisingly, one of the winners was Ian Brown, an Internet governance expert. In 2018, we will continue our activities and research on digital trade, online content regulation, IoT security, cybersecurity and other emerging Internet governance issues. Stay tuned and let us know what you think about our work!

2016 was an eventful year in Internet governance. This year-end overview reveals a year of transition, both for the field and for IGP as an organization.

ICANN and the historic IANA transition

Academic Research

Education

IG: fragmentation, trade and cybersecurity

The recent appeals court decision in the Microsoft – Ireland case was a milestone in Internet governance. If it is not challenged, or if it is appealed and holds up in the U.S. Supreme Court, it will mark an important turning point in the attempt to subject the Internet to sovereign states. Recently there has been a lot of froth about the “fragmentation/balkanization” of the Internet. But this debate is not really about splintering the Internet into disconnected pieces; it is about what I call alignment. Alignment is the attempt to subjugate the cyber domain to existing political-legal jurisdictions. It is about superimposing the authority of territorial states over the global virtual space created by the Internet. This happens through various technical and legal measures designed to confine services and information flows to national territories; e.g., by filtering or blocking access to content from outside the country (e.g., the Chinese Great Firewall); through data localization laws; and through geo-blocking. Most of these things are bad – they undermine or destroy the value of the Internet. But those who think they are re-establishing “national sovereignty” by means of alignment face a major problem. Alignment creates a profound jurisdictional conundrum. When governments seek to assert sovereignty over globalized information they have two basic choices. Either 1) isolate themselves completely by requiring every Internet service to keep all of their facilities and data in their jurisdiction and completely regulating all cross-border movements of data; or 2) extend their jurisdiction beyond their territory and try to regulate services globally. The first option, taken to its extreme, ends the Internet – it destroys the network effects and efficiency of the global Internet and creates a set of national walled gardens. The second option destroys the whole model of national sovereignty, and opens up Internet services to a welter of conflicting jurisdictional requirements. Currently, we see both sides of this conundrum being played out. In Microsoft v. USA, alignment was the underlying issue. Under the Stored Communications Act of 1986, the U.S. government claimed that it can direct a company to disclose records within its “possession, custody or control,” anywhere in the world if that system is operated by a US-based company – even when disclosure would violate the laws of the country where the data was located. The USA Patriot Act of 2001 relaxed and broadened the standards under which the US government could request information. This is an example a government reacting to the jurisdictional paradox by making their laws globally applicable. A great deal of the momentum for “data sovereignty” came from other countries reacting to these U.S. assertions of extraterritorial jurisdiction. In its current dispute with Microsoft over a customer whose records were stored in Ireland, the U.S. Justice Department argued that the Stored Communications Act does not “limit the ability of law enforcement agents to obtain account information from domestic service providers who happen to store that information overseas.” Microsoft, on the other hand, argued that data stored in Ireland is not subject to US jurisdiction and that it may be contravening Irish law if it hands over the requested data. The same problem is posed by a proposed change in Rule 41 of the Federal Rules of Criminal Procedure. Under Rule 41’s current incarnation, federal magistrate judges can only authorize searches and seizures within their own jurisdiction, with a few exceptions. The amendments promoted by the U.S. Justice Department would allow a magistrate judge to issue a warrant to hack into and seize data stored on a computer anywhere in the world if the computer’s actual location “has been concealed through technical means.” Civil liberties groups complained that the rule change would be a license to “get a warrant locally, hack globally.” A judge complained that the Justice Department's interpretation of Rule 41 would effectively “permit FBI agents to roam the world in search of a container of contraband, so long as the container is not opened until the agents haul it off to the issuing district.” Thus we see how the U.S. government has chosen to respond to the uniquely globalized character of Internet services by asserting global authority, a major deviation from traditional notions of sovereignty.

The court decision confines governments to their territorial jurisdiction – which is appropriate – but does not in any way confine the Internet to a territorial jurisdiction.

The Internet Governance Forum, held this year in the Brazilian beach resort town of João Pessoa, completed its 10^th annual meeting Friday November 13. The IGF Secretariat claims that nearly 5,000 people attended. Moreover, it looks as if its existence will be continued for another 10 years when the UN meets in New York later this year. Vint Cerf declared it “the best IGF ever” in the closing open microphone session. But how good is “best?” [embed]https://www.youtube.com/watch?v=WYByxPODLf4[/embed]

Video from Elon University's Imagining the Internet Center provides an overview of the environment and some comments from IGF 2015

Numbers up, but...

IANA transition workshops

Thanks to DomainMondo for extracting IGF video

Reforming main sessions – will it even happen?

You may have noticed the hiatus in our coverage in July and early August. The reason? IGP has moved. After more than a decade at Syracuse University, the Internet Governance Project is now part of the School of Public Policy at the Georgia Institute of Technology. The move comes as a consequence of the Georgia Tech’s recruitment of Dr. Milton Mueller, who departs from the Syracuse School of Information Studies to join the School of Public Policy at Georgia Tech in Atlanta. Postdoctoral researcher Dr. Brenden Kuerbis, one of IGP’s key contributors, will also be working for Georgia Tech as of mid-August. IGP will continue to be independently funded and operated center that bridges scholarship and participation in Internet institutions. Yet at Georgia Tech's School of Public Policy, IGP will be in a much richer environment for public policy-related research and analysis. We will be able to work more closely with one of IGP’s original partners, Dr. Hans Klein, and we will have stronger connections to Tech’s world-renowned computer science researchers, policy researchers in other schools such as Peter Swire, and international relations scholars. Plans are underway for a seminar series and workshops in the fall of 2015 and the spring of 2016. Stay tuned.

In a good-natured response to a blog post accusing him of digital Bonapartism, ICANN CEO Fadi Chehadi sent me a Christmas present, pictured above. We are forced to admit that with the proper attire, Bonapartism can be fun! But we still don't recommend it as a mode of Internet governance.

The Global Internet Governance Academic Network (GigaNet) is seeking submissions of research to be presented at its Seventh Annual Symposium to be held on 5 November 2012, one day before the United Nations Internet Governance Forum (IGF) in Baku, Azerbaijan. Since 2006, GigaNet has organized an Annual Symposium to showcase research about Internet Governance. The GigaNet scholarly community is interdisciplinary, and includes computer science, law, political science, economics, communications, information studies and others. As in previous years, the symposium will provide room to discuss current and future questions as well as the challenges encountered and results achieved in Global Internet Governance. GigaNet is interested in receiving abstracts related to the following topics:

• Internet policies on freedom of expression (censorship, kill-switches, filtering, policies that promote free expression, corporate social responsibility)
• Internet freedom and governance in regions in transition (Arab region, etc.)
• From PIPA to ACTA: National and international agreements on online copyright enforcement
• Cyber-security, the state and international relations
• Dataveillance and privacy - the economic perspective
• Global Internet infrastructure policy (net neutrality, peering and interconnection, ASN assignment, routing infrastructure security, etc.)
• Innovative methods for Internet Governance research
• The role of the UN and intergovernmental institutions in global Internet Governance
• Research on the implementation or effects of ICANN’s new gTLD program
• IP addressing: economic and technical challenges of scarcity and governance
• Internet governance and development

The Stop Online Piracy Act (SOPA) and its defeat call attention to a delicious irony in public discourse on Internet governance. Even those who don’t want the Internet to be an exception from traditional forms of regulation and law are forced to admit that something new and exceptional must be done to bring it under control, such as massive departures from traditional concepts of territorially bounded sovereignty through the use of in rem jurisdiction. Reinforcing the irony, these attempts by the anti-exceptionalists to subordinate the Internet to established institutions immediately locks them into conflict with a highly mobilized, highly transnational community of Internet users and service providers who vow to resist those controls. The resistance comes precisely because the mobilized community believes that the controls cannot be applied to the Internet without threatening to fundamentally alter its status as an open, innovative and – dare we say it – exceptional space. In other words, we are all Internet exceptionalists now. You know that the anti-exceptionalists have raised the white flag of surrender when they are forced to whine that the thousands of web publishers who went dark are "abusing their power" - thus admitting that a critical mass of Western society's eyes are turned toward the Internet and that the people who occupy and publish and interact in that globalized space constitute enough of a cohesive community to collectively turn against those who threaten them. It doesn’t matter whether one is on the pro-control or anti-control side of the spectrum; governing the internet forces a choice upon one: either go for new and unprecedented forms of technical intervention and transnational political cooperation, or go for some kind of ratification and institutionalization of the Internet’s special status as a zone for the free flow of information and a diminished role for territorial government and traditional informational property rights. Mind you, one needn't be a cyber-utopian to be an Internet exceptionalist. In other words, you don't have to believe that the Internet will by its very nature make politics fair and democratic and that the good guys will always win. SOPA or some equivalent could rise again, in some other form. Some key actors could be bought off with some concessions in the new legislation. The mobilized community's resolve could weaken over time, as it grows accustomed to things. We need to be heedful of Benkler's warning that as the networked environment resists control, there will be strong pressures to suck ever more of it into the law enforcement vortex. But surely, after 15 years of these battles (starting, roughly, with the CDA mobilization of 1996) we can dismiss these jaded admonitions that Internet regulation is just business as usual. If the Internet stops being an exception, we will have no one but ourselves to blame.

Not much. We searched for copyright and Internet, ICANN and cybersecurity. Almost all of the cables are unclassified but there is the odd secret or confidential memo. Mostly the documents are useful to confirm and add detail to what the US government has been doing in those sphere.

On copyright and Internet, there is a February 2010 cable in which the Economic Office laments the fact that motion picture studios lost a landmark case on intermediary responsibility in Australia. An earlier 2008 cable about the initiation of the suit notes that while it was filed by a local organization, the Australian Federation Against Copyright Theft (AFACT), it was done "on behalf of the Motion Picture Association of America (MPAA) and its international affiliate, the Motion Picture Association (MPA), but [AFACT] does not want that fact to be broadcasted." When the lawsuit failed, the cable notes that "The hope for AFACT  and the big studios was that a favourable decision would have established an international precedent that could have forced ISPs to tightly police the activities of their customers." Although we all knew that "international precedent," and "tight policing by ISPs" were the intent of these and similar actions, its rare to see the USG admit it so openly.

On the other hand a Feb 2010 cable discussing Italian Prime Minister Silvio Berlusconi's media and Internet regulation law in notes that "Provisions contained in the bill would make Internet service providers (ISPs), and hosting sites such as Blogspot and YouTube, liable for content in the same way a television station is. The writer seems concerned about the outcome, saying "if this bill were to become law as it is currently written, little would change immediately in the way Internet sites operate in Italy, and the average 11th grader uploading video to his blog would never be targeted for legal action. It would, however, provide a basis for legal actions against media operators that proved to be commercial or political competition for government figures." The memo concludes that "Advocates of Internet freedom have repeatedly warned us that Italy's traditional elites -- on both sides of the political spectrum -- are very uncomfortable with the Internet's ability to bypass the traditional media that they control. Because this new bill seems to address these kinds of concerns, and because it also serves Berlusconi's business interests, it is conceivable that this seemingly improbable legislation might actually come into force in Italy."

Reagrding ICANN, the leaked cables are from the foreign policy branches rather than the Commerce Department, so most of the juicy ICANN-related stuff is not in there. Searching for "ICANN" produces 39 documents, all but two of them unclassified. Some of the most interesting date back to the World Summit on the Information Society (WSIS) and the debate it sparked over US control of the root.

In a cable from July 6, 2005, shortly after the Bush administration released its DNS principles saying that it would never, ever let go of the root, the Tunisian Minister of Communication Technologies Montassar Ouaili confides to U.S. Ambassador Gross that it "has no problem with" US oversight and veto power over ICANN. The now-deposed Tunisian government was more concerned about whether US-Europe feuding would "damage common interests" and "needlessly create competing Internet standards."

After WSIS, in 2006, when the European concept of "enhanced cooperation" still had some viability, there are mildly interesting memos regarding meetings between the US and European governments. The USG made the rounds trying to get Europeans  to comment on the 2006 renewal of the ICANN MoU (without much success). In discussions with the Government of Austria, Christian Singer explained why they supported the European WSIS proposal to create a stronger role for governments and a more multilateral approach to political oversight of ICANN. One reason for concern, he said, came when the network provider KPN Qwest went bankrupt in 2002: "there was an imminent danger of the shutdown of the Domain Name System (DNS) server." "The Austrian registration authority (nic.at) had major discussions with ICANN on data protection issues before being able to receive the go-ahead for the required changing of the root-zone file." Around the same time, the Dutch govt said that while it agrees with increased private sector management, the MOU should "evolve from the responsibility of one government to the responsibility of all governments on an equal footing." The Norwegian Government stated that "the GAC is currently not structured nor mandated to take the role of an accountable body in matters concerning public policy issues" (an unusually sensible comment from a government). But "in the longer term, and as a response to the Internet being vital to every country and a global public good, [Norway] would like to see an evolution towards internationalization of this relationship between ICANN and government."

Europe's position on the US role seemed to become more frayed as time went on. When Information Society Commmissioner Vivane Reding issued her famous press release in 2009 calling for separating ICANN from the US Commerce Department, and for the G-12 to exercise oversight authority, the Swedish, German and French representatives said "they perceive the Commission positions to be 'extreme', and have been at pains to distance their governments from the Commissioner," according to the cable of August 21, 2009. 

Paul Vixie, a renowned Internet pioneer who runs the Internet Systems Consortium, has written an article in ACM Queue attacking "those who would unilaterally supplant or redraw the existing Internet resource governance or allocation systems." The publication of this article is a sign of a growing policy debate around the reform of IP address registries in the age of IPv4 exhaustion.

Vixie defends the Regional Internet Registries monopoly on IP address registration services and its current, needs-based policies toward address transfers. I am sure that Paul sincerely believes in the arguments he makes, but it's also true that Vixie is the chairman of the Board of The American Registry for Internet Numbers (ARIN), the regional address registry for North America. When Vixie argues that ARIN's exclusive control over Whois and address transfer services is beneficial and "in the physics" he is also defending the authority and revenue model of his own organization against a perceived threat.

And that takes us to another relevant fact. The argument Vixie makes is cast in generalities, but he is really attacking a specific firm, a holding company known as Denuo. Denuo has formed both a secondary marketplace called Addrex for the legitimate trading of IPv4 number blocks, and an IP Address Registrar company known as Depository. Let's set aside Depository for the moment (I will come back to it) and concentrate on Addrex, which has become the first end-to-end platform for legacy address holders to sell their IPv4 number blocks.

Famously, Addrex scored a major success as the intermediary for the Nortel-Microsoft trade. But Nortel-Microsoft was unusually visible because it had to go through bankruptcy court. Is anything else happening? I spoke to Addrex’s President Charles Lee since then to find out. "We are very busy signing up a growing number of global corporate and governmental customers to sell their unused assets,” he said. I asked him what the buyer side of the marketplace was beginning to look like and he said “Our value proposition to large Asian network operators has resonated quite effectively and we expect to enter into many agreements with them over the coming months.”  Surely Vixie and the ARIN Board have gotten wind of this. So when Vixie begins a public attack on this company and its business model, he is signaling to the rest of us that ARIN is worried.

It should be. Vixie's article is premised on a stretched, invalid comparison of Denuo to the proponents of competing DNS roots. But alt.root proponents were almost always lightweight rebel-operators who could never, as Vixie correctly points out, make a stable, serious value proposition to end users. Even New.net, the alt.root blessed with millions in venture capital, never came close to success, because there was just not much value in offering someone registration under a top level domain that only one tenth or less of the Internet could see. (To salvage its unviable business model Net.net was pushed into a number of questionable tactics.)

Denuo/Addrex is most emphatically not like that. They have a simple, valuable business proposition to make to buyers and sellers of legacy address blocks: entities with surplus addresses can profit from them, entities who need more can get them. Businesses who use their services do not cut themselves off from part of the Internet - on the contrary, they help to maintain and secure their connectivity. And they do it without subjecting themselves to the uncertainty and bureaucracy of an ARIN "needs assessment." Moreover, although Denuo will no doubt benefit handsomely by being the first mover in this market, its success in no way depends on being the only person who ever pursues this business model. There is no reason why there could not be as many address brokers as there are real estate brokers.

But Vixie says this will all end in tears. Shorn of hype and rhetoric, Vixie's argument amounts to this: if people are allowed to trade addresses outside of ARIN's control, then we cannot have an accurate registration database that tells us who holds which address block.

That argument is obviously wrong. It would be a simple matter for ARIN (and other RIRs) to set up procedures to recognize and record transactions conducted by external parties - if they were willing to surrender pointless "needs assessments." We have thousands of stock brokers and dozens of exchanges independently trading shares, but somehow the world manages to keep track of who does and does not own a specific quantity of critically important stock certificates. So ARIN does not need to control, mediate and set policy for all IP address transfers in order to maintain an accurate database of who holds which address block. It simply needs to serve as a title agency where people come to record their transactions. It is in the self-interest of both sides of an IP address transaction to ensure that their transfer of rights was recorded and is published in a common, authoritative global Whois database. Think of your local county or village property recorder. They do not insist on being a real estate brokerage in their territory - much less the only brokerage. There are many parties who can independently engage in property transactions and then bring them to the property registry for verification and recording.

Vixie is not appealing to the "physics" of registration and database economics - indeed, Vixie's belief that industrial organization is explained by "physics" rather than economics is a bit odd. What's really happening here is that Vixie and others at ARIN realize that the only way to shield themselves against losing control over and revenue from the IPv4 address market is to leverage their monopoly over the IP address registration database. What they would like to do is discourage competing and independent address trading and registration firms by refusing to make changes in their Whois database to reflect independent transactions. In antitrust/economics terms, they are tying registration records, which do need to be integrated and uniform, to another potentially competitive service, address brokerage and post-allocation registration services, so that it can continue to enjoy a monopoly in both. The penalty for trading addresses outside of its transfer regime is to be banished from or ignored by ARIN's Whois database.

This is a risky strategy, and the community that ARIN claims to represent should question it. There are powerful economic incentives for legacy holders and companies that need more addresses to trade. Those trades are going to happen. There are also strong economic incentives for those holding legacy resources to avoid contracting with ARIN and other RIRs. Those companies could choose to sign up with Depository and other companies like it. If ARIN refuses to record them because it doesn't approve of the company or is not in control of the transaction, ARIN will be the one responsible for fragmenting and corrupting the IP address registration database.

Vixie's argument about Whois fragmentation is doubly wrong when one realizes that the Whois database ARIN runs is actually a mess when it comes to pre-1997 address blocks (slightly over 40% of the available space). There are hundreds of firms that no longer exist listed there, and thousands of registration records that have not changed in fifteen years. I reached out to Charles Lee of Addrex about Vixie’s article to get his comments on it. He first issued a disclaimer that “generally, we…do not engage in public debates about Internet governance. We prefer to focus on our clients and serving their needs.” But he felt that Vixie’s posting contained “misleading inaccuracies” that required some comment.

“The present Whois system which Mr. Vixie defends with such verve absolutely cannot be relied upon. That is not a personal position or opinion. It is a fact. As an illustrative example let’s use the now famous Nortel/Microsoft deal which was brokered by Addrex Inc. In that transaction not one of the 38 number blocks transferred from Nortel Networks Inc. to Microsoft Inc. were appropriately listed in any Whois database in the name of Nortel Networks Inc. It took hundreds of man-hours and over two thousand pages of documentation to reconcile the fiction of the Whois system entries to the reality of Nortel Networks. Unfortunately that now famous case is not the exception to the rule but rather the reality of the situation. For Mr. Vixie to even suggest that Network operators could, or should, rely on an identification system rife with such gross errors is unconscionable.”

To conclude, Internet elders such as Vixie have done a wonderful job writing software and defending the Internet's standards and architecture against various threats. For this, we can be respectful and grateful. But expertise in technology does not necessarily translate into expertise in economics and public policy. Vixie's polemic in ACM queue shows us that expertise in one domain often becomes blind arrogance in another. Only someone determined to preserve ARIN's monopoly would ever make the claims he makes.

The Global Internet Governance Academic Network (GigaNet), in co-operation with the Research ICT Africa (RIA), is seeking submissions of research about Internet Governance to be presented at the Sixth GigaNet Annual Symposium, held on 26 September 2011, one day before the United Nations Internet Governance Forum (IGF) in Nairobi, Kenya.

Since 2006, GigaNet has organized an Annual Symposium to showcase research about Internet Governance, focusing on an interdisciplinary approach. Prior successful symposia took place in Greece (2006), Brazil (2007), India (2008), Egypt (2009) and Lithuania (2010).

In 2011, the Internet Governance Forum has entered its second phase, after having reached the end of its first 5-year mandate. This year’s event will provide room to discuss the challenges encountered and results achieved during the first five years of IGF. As in previous years the GigaNet Symposium will further discuss current and future questions of Global Internet Governance.

GigaNet is interested in receiving abstracts related to Internet Governance themes, especially those containing innovative approaches and/or emerging research areas. We encourage submissions on the following topics:

• The first 5 years of the IGF: Taking stock and the way forward
• Developing countries perspectives on internet governance
• New approaches to theorizing internet governance
• Between global and local: the question of territory in internet governance
• Freedom of Expression / Right to Information
• New approaches to Human Rights on the Internet
• Internet governance and political uprising
• International relations and cyber-security
• Online privacy and dataveillance
• Cloud Governance

The Internet’s status as a communication medium that is decentralized, scalable and global continues to pose challenging new problems in governance and regulation. GigaNet, an international scholarly community created in 2006, holds a two-day conference to explore issues such as IP address scarcity, ICANN accountability, the role of social media in toppling dictatorships, censorship, privacy online, and the tensions between national security and Internet freedom.  Assistant Secretary for Commerce Larry Strickling (NTIA) will provide the keynote speech during lunch on Thursday, May 5. Day one engages policy makers, academics and civil society at large in dialogue on policy issues in global Internet governance.  The goal is to facilitate informed dialogue on policy issues and related matters between scholars and Internet governance stakeholders. Day two features presentations of scholarly research based on peer reviewed papers. The goal is to support scholarship and advance theoretical and applied research on Internet governance. Date: May 5-6, 2011 Location: American University School of International Service, Abramson Family Founders Room, Terrace Level (Washington, DC) View the program and register for the event

Global Internet Governance: Research and Public Policy Challenges for the Next Decade

Deadline for abstract submissions is February 25, 2011!

May 5 and 6, 2011
American University, School of International Service, Washington, DC
Fifth Regional Workshop of the Global Internet Governance Academic Network (GigaNet)
[pdf]

Internet Governance is an emerging international field of scholarship, public interest advocacy, diplomacy, governmental and corporate policy-making, and philanthropic investment. The problem of how or whether we should control or regulate a communication medium that is decentralized and global is critically important to anyone who relies on the Internet to communicate, mobilize political action, run online businesses, purchase products and services or access critical information services.

GigaNet is a scholarly community initiated in spring 2006 in conjunction with the UN Internet Governance Forum. Its four principal objectives are to: (1) support the establishment of a global network of scholars specializing in Internet governance issues; (2) promote the development of Internet governance as a recognized, interdisciplinary field of study, (3) advance theoretical and applied research on Internet governance, broadly defined: and; (4) facilitate informed dialogue on policy issues and related matters between scholars and Internet governance stakeholders (governments, international organizations, the private sector, and civil society).

Building on the success of its first four regional workshops in Paris, France (2008), Brussels, Belgium (2009), Seoul, So. Korea (2009) and Montreal, Canada (2010), the purpose of the Washington, DC regional GigaNet workshop is twofold:

May 5. The first day is dedicated to outreach sessions exploring issues in global Internet governance among policy makers, academics and civil society at large. The goal of the sessions on this day is to facilitate informed dialogue on policy issues and related matters between scholars and Internet governance stakeholders (governments, international organizations, the private sector, civil society, and funders). Issues being considered include but are not limited to governance of critical Internet resources, surveillance and privacy, Wikileaks, copyright protection laws such as the "Combating Online Infringement and Counterfeits Act" (COICA), network transparency and net neutrality. Presenters in these sessions will be invited by the program committee. To propose speakers or ideas, contact any member of the Program Committee listed below.

May 6. The second day features presentations of scholarly research based on a rigorous peer reviewed selection process. The goal of the second day is to support scholarship and advance theoretical and applied research on Internet governance. Scholars are invited to submit 2-page abstracts describing recently completed research or work in progress on any aspect of Internet Governance. In order to provide a survey of current academic activities in the field, share ideas and forge possible collaborations, presentations will focus on problematics, research designs, preliminary empirical results and conclusions in the aim of stimulating reflection and discussion amongst the audience. Any theme or topic relevant to global Internet governance is welcome.

Deadline for abstract submissions is February 14, 2011. Submissions can be made through the Easy Chair web site.

Decisions will be made by March 15, 2011.

Manuscripts expected by April 18, 2011.

Program Committee members include:

• Derrick Cogburn, American University and Syracuse University, Chair
• Milton Mueller, Syracuse University, Vice-chair
• Leo van Audenhove, Free University of Brussels
• Laura DeNardis, Yale University
• Nanette Levinson, American University
• J.P. Singh, Georgetown University

Judging from IGP blog's readership, which grew by about 25% compared to last year, the most interesting and important topics we covered were China's impact on Internet governance and the nexus between internet censorship and new Top-Level Domains. Wikileaks was third, with ICANN accountability rounding out the top of the pack. Individual posts on COICA, the Bredolab botnet prosecution, vertical integration and the move away from multistakeholderism at IGF also found their way into IGP's most popular blog posts (see below for a list of the top 15).

Our 8 December post framing the Wikileaks controversy as an Internet governance issue was the single most-read blog post in 2010 by far. Apparently, our emphasis on the continuing tension between nation-states and networked information via the Internet struck a chord.

But the "cyberwar" over Wikileaks only happened in the last month of the year. China and the Internet, on the other hand, was an unfolding series of events we covered throughout the year, and generated more traffic. Readers flocked to our discussion of China's attempt to implement "real name registration" requirements for online bulletins, especially after Blizzard Entertainment, producer of World of Warcraft, tried to follow their precedent (and backed off). But the Google-China and US-China conflicts also contributed great interest to this topic.

The TLD/censorship story was also an ongoing story only marginally less popular than China. It dealt with the the fate of the .xxx domain - still controversial and still targeted by some governments - as well as the attempt of the GAC to impose more general "morality and public order" restraints on new TLD applicants. We think we've made substantial progress in convincing more people that institutionalizing censorship via ICANN is an important - and potentially dangerous - precedent for global governance of the Internet.

Our blog post on the historic Independent Review Panel decision overturning the ICANN Board's rejection of the .xxx domain was the third most popular blog post. Our more detailed report on ICANN's accountability deficit, "ICANN, Inc.," though released in October 2009, was the most popular publication download in 2010. Attesting to the staying power of our publication reports, our 2007 paper "Net Neutrality as Global Principle for Internet Governance" not only is still being downloaded -- it attracted more downloads in 2010 than it did in 2009.

Interestingly, papers and blog posts on IP addressing and the RIRs, while attracting a strong following, are markedly less popular than the other topics, probably due to their technical nature. Popular or no, IGP will continue to track those issues carefully due to their critical importance to the future of the Internet.

Thanks and a happy new year to all our readers and supporters.

#1. Why Wikileaks polarizes America's Internet politics Milton Mueller dissects the (over)reaction to Wikileaks by the US foreign policy establishment and argues that it shows that the world's most powerful nation-state is learning that Internet freedom can bite it as well as rival states.

#2. China: Real-name registration required in online bulletins Sophie Wu explains how China tries to make the Net more managable by linking online posting to state-issued forms of identification.

#3. Accountability wins! Independent Review Panel upholds ICM Registry - .XXX is alive. A summary of the IRP decision that ICANN's Board broke its own process and made a discriminatory decision when it voted down the .xxx domain in March 2005.

#4. Google's Leaving China-What do Chinese People Think? Sophie Wu provides a Chinese perspective on the public relations battle in China over Google's threat to leave China.

#5. ICANN and GAC discuss censorship Writing from the Brussels ICANN meeting, Milton Mueller reported on how the U.S. government led an attempt by ICANN's Governmental Advisory Committee to revise ICANN's "morality and public order" objections process.

#6. US-China Conflict: The Problem of Inadequate Institutions Hans Klein argues that the Google/US-China conflict reveals that we have not settled core issues of global Internet governance, which leads to instability.

#7. A new era in domain name economics? Milton Mueller summarized the positions and support levels of the contentious working group that tried to revised policy on vertical integration between domain name registries and registrars.

#8. Kleinwachter: Don't move backwards on Internet governance A re-posting of Wolfgang Kleinwachter's warning that the internal wranglings within the UN over how to manage the IGF represent an attempt to move away from multi-stakeholderism.

#9. COICA amended, still threatens Internet security Brenden Kuerbis tracks the US attempt to block domain names in the name of copyright protection.

#10. US and Canadian Governments support Chinese-style censorship of DNS in ICANN A blog prompted by the Canadian GAC Chair's August letter warning ICANN's Board that it should create procedures to censor any "controversial top level domains".

#11. There’s more to the Google-Italy case than meets the eye Part of the broader debate about intermediary responsibility, this post tried to fathom what was going on behind the scenes in Italy's conviction of a Google executive.

#12. Dutch Police Inflates Bredolab Botnet Success by Factor of Ten, and Then Some Michel van Eeten dissects the relationship between national law enforcement and botnets, noting that while one botnet manager was successfully prosecuted, the botnetting continues.

#13. ICANN does the right thing on .xxx - but will the GAC? Covers the Board resolution accepting the findings of the Independent Review Panel but noting that it leaves the ball on GAC's court.

#14. .EU registry asks: Who owns the Internet? A link to a .EU registry-produced video made at the Brussels ICANN meeting. Popularity must be explained by the star quality of MM head shots.

#15. Could Google-China smackdown lead to WTO complaint? Brenden Kuerbis on how the WTO may become one of the arenas where Internet governance concerns over access to information are played out.

The U.S. Internet Governance Forum is convening in Washington DC July 21 (Wednesday) to discuss the challenges of Internet governance. It will cover key areas such as privacy, openness, security, critical internet resources and child online safety. Launched in 2009, the IGF USA’s purpose is to engage US-based civil society, government, technologists, research scientists, industry and academia, to cultivate partnerships, build coalitions and facilitate dialogues that demonstrate best practices and facilitate participation of all stakeholders at a national and global level.

The one-day event will focus on the changing Internet and the way forward for the international Internet Governance Forum, an initiative facilitated by the United Nations. Key speakers will include Markus Kummer of the UN Secretariat for IGF, Larry Strickling, administrator of the National Telecommunications and Information Agency, Andrew McLaughlin, White House Deputy Chief Technology Officer for Internet Policy, Ambassador Phil Verveer, U.S. State Department and key leaders from the technical, business and civil society sectors. Workshops and special sessions cover topics such as cyber security, critical internet resources, cloud computing, global governance of the Internet; the role of users in defining a future for Internet governance, e-crime and malicious conduct in the domain name system, and a best practice forum on child safety challenges in the always-on world that youth and children experience today. For more information, see: http://www.igf-usa.us

Yawn.

Just as WSIS represented a discovery by the UN that we were in an information society about 30 years after it happened and 10 years after its basic institutional parameters had been set, now the UN has discovered that broadband is important, a decade after everyone else. So it assembles a blue-ribbon commission with no capital and no authority, based on the assumption that collecting the pictures of as many status-quo luminaries from industry and government as possible onto a web site will actually accomplish something. Your tax dollars at work...

The Global Internet Governance Academic Network (GigaNet) is seeking submissions of research about Internet Governance to be presented at the Fifth GigaNet Annual Symposium, on 13 September 2010, held one day before the United Nations Internet Governance Forum (IGF), in Vilnius, Lithuania. GigaNet is a scholarly community that promotes the development of Internet Governance as a recognized, interdisciplinary field of study and facilitates informed dialogue on policy issues and related matters between scholars and governments, international organizations, the private sector and civil society. Since 2006, GigaNet has organized an Annual Symposium to showcase the research about Internet Governance, focusing on an interdisciplinary approach.

GigaNet is interested in receiving abstracts related to Internet Governance themes, especially those containing innovative approaches and/or emerging research areas related to the following topics:

1. Assessing the results, effectiveness and renewal process of the Internet Governance Forum;
2. The ICANN Affirmation of Commitment and its implications for the accountability of ICANN;
3. Policies for governing critical internet resources, such as IDNs, gTLDs, IPv4 and IPv6 addresses;
4. Intermediary responsibility in the Internet environment;
5. How copyright and trademark protection relate to Internet Governance, including new treaties such as ACTA;
6. Cyber-security and cyber-crime;
7. Implications of Internet Governance mechanisms and processes for development and developing countries;
8. Balance between openness, privacy and security from the Internet Governance perspective;
9. Innovative methods for Internet governance research;
10. Globally-applicable principles on public policy issues for Internet Governance in the context of the Tunis Agenda and Geneva Declaration of Principles;
11. Multistakeholderism in Internet Governance: stakeholders, strategies of participation and collaboration including national and regional level

Please review the entire Call for Papers for more information on requirements and evaluation process.

Interested scholars should submit abstracts of research papers no later than July 15th, 2010, through the EasyChair platform. Attending the GigaNet Annual Symposium is free of charge, although a registration process will be required close to the event. Please visit the GigaNet website or subscribe [RSS] [email] [twitter] for continued updates.

Two presentations at the recent IETF meeting in California underscore the way the Internet’s architecture is being shaped increasingly by advertising-driven content distribution networks. 

A research report by Craig Labovitz of Arbor Networks finds that this has major effects on the basic structure of Internet traffic flows: “the majority of inter-domain traffic by volume now flows directly between large content providers, data center/CDNs and consumer networks.” Those conclusions are echoed by Bill St. Arnaud’s recent paper on what he calls “application content infrastructures” (ACIs). 

In the same same Thursday session, Balachander Krishnamurthy of AT&T Labs examined how information related to individual users is aggregated by these increasingly concentrated networks as they browse seemingly unrelated Web sites. Thousands of Web sites across numerous categories, countries, and languages are connected through advertising intermediaries which collect and aggregate information about online behavior via the use of cookies.

These two phenomena are related, of course. Internet-based services exhibit a growing reliance on advertising as a revenue source, and as this happens a growing proportion of total expenditure on advertising is drawn to the online world. The growing reliance on ad revenue places a premium on the possession of detailed information about Web users and what they do online. Of course, the majority of users are uncomfortable with, if not downright hostile to, the online surveillance required to aggregate and deliver behaviorally targeted ads. (See the survey by Turow et al, in 2009) These observations point to an intensifying tension between economic pressures and user privacy.

Slides from these presentations were available on the web a while ago but seem not to be now. Labovitz made a similar presentation to NANOG 47 a few months ago which is available online.

There is so much going on this week and next week in Internet governance and IGP is so involved that we barely have time to blog about it. Here is a quick summary and some links to more information. First, in Internet addressing policy there is an intense buzz of controversy around a March 15-16 workshop of the International Telecommunication Union on two proposals to change the way we allocate IPv6 addresses. The Regional Internet Registries' are riled up about this, seeing it, correctly, as a challenge to their exclusive control of address policy, but there are also signs of an improving dialogue between ITU and RIRs. You can see this reflected in an interesting transcript of the APNIC meeting last week and in the ARIN public policy list.

Second, the quarterly ICANN meeting is taking place in Nairobi. One of the key decisions that will take place at that meeting involves how ICANN will respond to the Independent Review Panel ruling that its treatment of the .xxx top level domain application was unfair and discriminatory. The obvious response to this ruling would be to turn the clock back to August 9, 2005, and sign the contract awarding ICM Registry its TLD, as ICM has requested. But there is still strong opposition to an .xxx domain, so ICANN is presented with a tough choice: either adhere to its policies and principles, create .xxx, and make some stakeholders unhappy, or ignore its independent review panel and reveal to all the world that its accountability mechanisms are toothless and can be ignored. A real test of ICANN's mettle. Also on the agenda for Nairobi: creating a working group on vertical integration of registries and registrars, and a decision whether the Board will agree to create an "expression of interest" for new TLDs.

Earlier this week, the Council of Europe's Ad hoc Advisory Group on Cross-Border Internet held its first meeting in Paris March 1 and 2. This working group is taking up some interesting issues regarding the "mutual responsibilities of states in ensuring that critical Internet resources are managed in the public interest," and "proposals relating to the prevention and management of ...malicious acts [e.g., DDoS attacks], falling within member states’ jurisdictions or territories, which could block or significantly impede Internet access to or within fellow members of the international community."  

Finally, on the Google front, Google has ratified Brenden Kuerbis's prediction that its conflict with China will become a trade dispute -- see our Twitter links. And an Italian blogger has provided a more detailed explanation of how Google's conviction in Italy could have been based on the fact that the E-Commerce directive's safe harbour does not apply to privacy and data protection issues. We will have more to say about this.  

The Global Internet Governance Academic Network (GigaNet) invites you to participate in its third scholarly workshop to be held in Montreal (QC), Canada, on 30-31 May 2010. This workshop is organized in cooperation with the Canadian Communication Association and Media@McGill, during the Canadian Federation for the Humanities and Social Sciences (CFHSS) 2010 Congress week in Montreal.

Building on the success of its first two editions, respectively in Paris, France in June 2008 and in Brussels, Belgium in May 2009, the purpose of this third GigaNet workshop is twofold:

The first day will be dedicated to outreach sessions aimed at increasing the interest in the global Internet Governance field among both various academic disciplines and the civil society at large, including but not limited to NGOs and civil society groups active in related fields.

The second day invites scholars to present and discuss their work-in-progress in Internet Governance-related research, with the aim to identify emerging research themes and design a research agenda. The workshop aims at providing a survey of current academic activities in the field, in order to share ideas and forge possible collaborations. Submissions are expected to focus on presenting problematics, research designs, preliminary empirical results and conclusions in the aim of stimulating reflection and discussion amongst the audience. Submissions may address, but are not limited to, the following topics: involved actors and their interactions; Internet governance institutions and regimes; legal, socio-economical, behavioral and technical regulation means; Internet governance policy issues.

Submissions in view of thematic presentations should be sent by 20 March 2010 to Meryem Marzouki (Meryem.Marzouki [at] lip6.fr). They should be written in English and include the name, affiliation, e-mail address and short bio of author(s), along with no more than 500 words of research work description. The program committee will notify applicants by 20 April 2010. To encourage knowledge dissemination, relevant submissions will be published on the workshop website. Authors of selected submissions will be invited to present their work in the workshop thematic sessions.

View the entire call for papers here.

TPRC is now soliciting abstracts of papers, panel proposals, and student papers for presentation at the 2010 conference. Proposals should be based on current theoretical or empirical research relevant to communication and information policy, and may be from any disciplinary perspective. TPRC seeks submissions of disciplinary, comparative, multidisciplinary or interdisciplinary excellence. Subject areas of particular interest include, but are not limited to the following:

• Network Competition, Policy and Management
• Broadband Deployment, Adoption and Measurement
• Spectrum Policy
• Societal Issues: Universality and Affordable Access
• The Transformation and Future of Media
• The Transformation and Future of Intellectual Property and
• Digital Rights
• Privacy, Security, Identity and Trust
• Internet Governance and Institutional Strategies for Information Policy
• Advanced Mobile Services:  Broadband, Video and New Applications
• The Internet Ecosystem

The International Telecommunications Society has published a call for paper and panel sessions for it's Regional European ITS Conference, to be held in Copenhagen from September 13-15, 2010.

The local organizer is Center for Communication, Media and Information Technologies (CMI), which is a research and teaching unit at Aalborg University in Copenhagen.

Topics at the conference will be – but not limited to:

• NGN and NGA – economics and regulation
• Investment and innovation
• New players and platforms in telecommunications
• User roles and social networking
• Regulatory separation
• Universal access/service
• Internet governance
• Media convergence
• Media economics and regulation
• PPP in telecoms
• Regulatory institutions

Many thanks to our readers, both old and new, from civil society, industry and governments all over the world. Interest in IGP's work continues to grow dramatically, visits were up over 70% in 2009. Reflecting the growth of the Internet and those impacted by its governance, two-thirds of IGP's visitors come from outside the United States (although Washington DC is definitely following us). The greatest growth is among the BRICs, with visits from China up over 8000%. Here's to another year of in-depth coverage and analysis of global Internet governance developments!

Top 10 IGP Blog Posts

1. Revenge of the .xxx domain? (23 January)
2. Top Internet Governance Issues to Watch in 2009 (9 January)
3. A more detailed look at the proposed Cybersecurity Act of 2009 (3 April)
4. Taking a Hard Look at the "Affirmation" (30 September)
5. ICANN gets "securitized" (2 April)
6. Under pressure from trademark interests, ICANN undoes the GNSO reforms (13 July)
7. The IGF and the Internet Society-ITU rivalry (20 November)
8. Will Rod Beckstrom replace Twomey? (10 June)
9. Consumer Fraud (22 September)
10. WIPO the cybersquatter (5 March)

1. Comments of the Internet Governance Project on the ICANN transition
2. Net Neutrality as Global Principle for Internet Governance
3. Internet Governance: the State of Play
4. Regional Address Registries, Governance and Internet Freedom
5. Comments of the Internet Governance Project on Enhancing the Security and Stability of the Internet's Domain Name and Addressing System
6. Scarcity in IP addresses: IPv4 Address Transfer Markets and the Regional Internet Address Registries
7. Appraising the Success of the Internet Governance Forum
8. ICANN, Inc.: Accountability and participation in the governance of critical Internet resources
9. Political Oversight of ICANN: A Briefing for the WSIS Summit
10. Securing The Root: A Proposal For Distributing Signing Authority

1. United States
2. United Kingdom
3. Canada
4. France
5. Netherlands
6. India
7. Australia
8. Germany
9. Switzerland
10. Belgium
11. China
12. Egypt
13. Spain
14. Brazil
15. Romania
16. Japan
17. Russia
18. Turkey
19. Italy
20. South Korea

IGP Scientific Committee members were prominent in all phases of this year’s Internet Governance Forum meeting in Sharm-el-Sheik, Egypt.  The IGP brought expertise in political science, economics, sociology and other disciples to bear on discussions ranging from cyber security and critical Internet resources to institutional governance.

Giganet continues to grow

Traditionally held the day before the IGF, the Global Internet Governance Academic Network (GigaNet) annual symposium brought together more than 90 people, including remote participation facilitated by IGP’s Derrick Cogburn.

Hans Klein chaired the opening session, entitled "What is Internet governance?" This topic sparked a spirited discussion between IGP’s Michel van Eeten and William Drake of the Graduate Institute of International and Development Studies.  Van Eeten presented his paper, Where is the Governance in Internet Governance? and argued that researchers should be focused on places other than the IGF and ICANN (especially, Internet service providers) if they want to learn how actual governance of the Internet works. Drake suggested that the field would benefit from integrating approaches used in more established disciplines like political science, e.g., rational choice decision-making models.

Derrick Cogburn, chair of Giganet’s Communication Committee and a Steering Committee member, presented a conceptual framework for evaluating the IGF as a “whole network.”  Hans Klein’s poster presentation, "Comparing Internet Governance and Telecoms Governance: The Internet Revolution and the Ancien Regime" provided an opportunity for interaction with attending practitioners, including some staff from the European Commission and the International Telecommunications Union.

In the afternoon emerging issues panel, IGP’s Jeanette Hofmann presented her paper, Before the Sky Falls Down: A ‘Constitutional Dialogue’ Over the Depletion of Internet Addresses.  Her paper examined the debate over the emergence of market-based transfer mechanisms and the risks the technical community perceives in doing nothing, or making major changes. Hofmann’s paper attracted most of the audience questions in the final session.

The Giganet community is already evaluating this year’s event in anticipation of next year.  IGP’s Milton Mueller, the current Chair of the GigaNet Steering Committee, believes that there is a need to continue to improve the overall academic quality of papers, expand the number of senior scholars involved, and adjust the format to encourage more audience engagement.

IGF main sessions and workshops

IGP’s experts participated widely in this year’s IGF.  In addition to participating in a consultation with the European Commission, Multistakeholder Advisory Group member Jeanette Hofmann co-chaired the Day 2 Main Session on critical Internet resources.  As reported previously, contention over the institutional structure of IPv6 address allocation was a hot topic and drew strong remarks from ITU supporters and ICANN CEO Rod Beckstrom.  In this writer’s opinion, what was most fun was watching some of the ICANN staff cringe as Beckstrom pushed forcefully in what are usually staid, diplomatic like main sessions. The audience seemed engaged in the forthright debate, but perhaps ICANN staff were worried Beckstrom was burning the hard-earned social capital ICANN developed over the past few years at IGF.  Additionally, while there were congratulatory statements about the Affirmation of Commitments all around, there were calls by governments and civil society for discussions to begin regarding the current IANA contract between the U.S. Commerce Department and ICANN, which will expire in 2010.

The discussion around critical Internet resources continued in the workshops on Day 3, with Milton Mueller participating in a panel on the adoption by the regional Internet registries of transfer mechanisms for IP address blocks.  What became clear in a debate with ARIN’s John Curran was that route aggregation, not conservation, is the predominant constraint going forward. Because it is ISPs that actually determine how and when route aggregation occurs, some participants in the debate wondered what exactly the role of RIRs will be in a world of plentiful IPv6 address blocks with no needs-based assessment.

Hans Klein chaired a panel examining "Governance Issues of Country Code Top Level Domains.”  Klein observed that an earlier workshop had been held on the same topic, and that there seemed to be two views of ccTLD issues, with often competing versions of historical delegation events.  Klein’s panel included two senior ITU officials and included a lively discussion between ICANN-affiliated attendees and the ITU panelists.   If anything this demonstrated, yet again, the need to bring diverse viewpoints into workshop formulations.

Day 3 also saw Michel van Eeten as a panelist in the workshop, Cyber Security: Strategy for the Future, which was co-organized by IGP, TechAmerica and Nominet.  DNS and IP address registries, ISPs, software providers, legislative bodies and regulators were also represented, and shared their perspectives on efforts to address problems.  While most called, as expected, for continued and improved collaboration efforts, van Eeten (who has done extensive research for OECD on the economics of malware) suggested that none of the current efforts scale to level of current problems faced.  Van Eeten also startled the group by suggesting that the efforts of formal law enforcement agencies in cyberspace were of limited relevance. Instead of myopically focusing on making the Internet secure, he said there should be more efforts to find optimal levels of insecurity, with solutions taking into the account the cost incentives of each actor.

Another session examined "Implementing the WSIS Principles: A Development Agenda for Internet Governance." Hans Klein stood in for Prof. Hong Xue, and elaborated on some of Hong’s ideas during the discussion period. And Derrick Cogburn shared work examining how remote collaboration can broaden participation from developing countries.  Hofmann also presented at a UNESCO workshop on “Promoting freedom of Information in Internet Governance,” where she used Google Books as an example to suggest that new metaphors are necessary in the public debate on the regulation of access to knowledge.

On Day 4, Hofmann and Kuerbis convened a break out group as part of a discussion on the "Code of Good Practice on Information, Participation, and Transparency in Internet Governance" – an effort put together by the Council of Europe, UNECE, and the Association for Progressive Communications.  The document is envisioned as “best practice” guidelines for institutions engaged in Internet governance.  Kuerbis noted that while participation guidelines are beneficial, the omission of accountability from the document was problematic.  At a minimum, the code could ask institutions to identify types of accountability they practice and how it’s implemented, following a typology outlined in the new IGP paper, “ICANN, Inc.: Accountability and Participation in the Governance of Critical Internet Resources,” released during the IGF.

The first IGF-USA will take place this Friday, Oct 2 from 8:45-5:30 at the Center for Strategic and International Studies, located at 1800 K Street, NW, in Washington, DC.  The forum will engage civil society, government, industry, technology/research and academia in workshops and plenary sessions covering a variety of Internet issues including: The Future of the Internet, GenNext's Online Future; Cyber Security; Freedom of Information in a Web 2.0 World; Critical Internet Resources; Privacy and Security Implications for Web 2.0; and Access Perspectives, Challenges and Opportunities. 


Speakers in the morning plenary session will include Markus Kummer of the UN Secretariat for the global IGF, Larry Strickling of NTIA and Lee Rainie of the Pew Internet & American Life Project, with participants such as Marc Rotenberg, Electronic Privacy Information Center; Phil Bond, TechAmerica; Lee McKnight, Internet Governance Project and others. The closing plenary will include Ambassador Phil Verveer and Richard Beaird, U.S. State Department, as well as other participants from business and civil society including IGP's Milton Mueller. This plenary will address the upcoming deliberations regarding the future of the global Internet Governance Forum - a process now in its fourth year that was originally chartered for an initial five-year period and whose future is being debated.

Registration for the event is free and can be done on the IGF-USA website.  Remote participation is also available.

The Korean Journal of Policy Studies (KJPS) at Seoul National University (SNU) and the Global Internet Governance Academic Network (GigaNet) invite you to a Regional Conference on global Internet governance. The one-day event sponsored by Korea Internet & Security Agency (KISA) will be held in Seoul, Korea at Seoul National University on October 23, 2009 – the Friday before the Seoul ICANN meeting (25 October - 30 October) from 2:00 to 6:00 pm. View the program.

The KJPS is published biannually by the Advanced Center for Administrative Development (ACAD), Graduate School of Public Administration, Seoul National University, to provide an international forum for academics and practitioners who are interested in public administration and policy. The KJPS publishes articles that examine a broad range of issues in public administration and public policy, drawing on a wide range of disciplinary perspectives and on both theoretical and empirical research. Although there is no limitation on subject areas, papers focusing on the East Asian countries and/or adopt a comparative perspective are particularly welcome.

The Global Internet Governance Academic Network (GIGANET) is a scholarly community that promotes the development of Internet Governance as a recognized, interdisciplinary field of study and facilitates informed dialogue on policy issues and related matters between scholars and governments, international organizations, the private sector and civil society.

The Association for Progressive Communications (APC) is seeking to fill a senior position for a “Global Policy Advocacy and Networking Coordinator” to manage and facilitate APC's participation in global public information and communication policy processes.

APC is a global network of civil society organisations whose mission is to empower and support organisations, social movements and individuals in and through the use of information and communication technologies to build strategic communities and initiatives for the purpose of making meaningful contributions to equitable human development, social justice, participatory political processes and environmental sustainability. www.apc.org

The Global Policy Advocacy and Networking Coordinator will join APC's Communications and Information Policy Programme (CIPP). For more information about the CIPP programme, please visit: http://www.apc.org/en/about/programmes/communications-and-information-policy-programme-ci

View the full job description

Application deadline: 31 July 2009

The Global Internet Governance Academic Network (GigaNET) is a scholarly community that promotes the development of Internet Governance as a recognized, interdisciplinary field of study and facilitates informed dialogue on policy issues and related matters between scholars and governments, international organizations, the private sector and civil society. On behalf of the Program Committee, we are pleased to announce the Call for Papers to the IV Annual Giganet Sympoium which will take place on November 14, 2009 - one day before the fourth UN Internet Governance Forum, in Sharm-El Sheik, Egypt. This year's symposium will cover such topics as:

• What is Internet Governance?
• Internet Governance, International Law and Multistakeholderism
• Cyber-security and the Internet
• New Approaches to Internet Governance and Social and Economic Development

Please join the monthly ICANN Noncommercial Users Constituency (NCUC) meeting:

Date: Monday 1 June 2009

Time:
07:00-09:00 California
10:00-12:00 New York
14:00-16:00 UTC
15:00-17:00 London
16:00-18:00 Geneva
21:00-23:00 Phnom-Penh
22:00-24:00 Singapore

Via: Attendee(s) may join the meeting online using Elluminate online meeting software. Please click on this link to access the meeting. This is an open meeting. Attendees will need to provide their name, but won't need a password to login. (If this is your first time using Elluminate, view support information here.)

Agenda:

Draft Discussion Agenda for June NCUC Monthly Meeting

I. Substantive Policy Discussions
1. GNSO Restructuring Discussion
2. Introduction of New gTLD Policy Concerns (IRT "team", MAPO)
3. Registrant Rights Charter Discussion
4. Update on other GNSO teams (whois, post-expiry domain names recovery, travel policy, RAA)

II. NCUC Administrative / Constituency Business
1. NCUC Representation on GNSO Committees / Working Groups
2. Recruiting New NCUC Members & Participants
3. Planning for 21-26 June Sydney ICANN Meeting
4. Next NCUC Monthly Meeting: 23 JUNE 2009 (Tuesday "Constituency Day" at ICANN Meeting)
5. Any Other Business

Mad props to IGP's Milton Mueller, who has been selected to receive the 2009 International Telecommunications Education and Research Association (ITERA) Outstanding Research Award. ITERA presents the award to individuals who have demonstrated excellence in academic research related to the telecommunications disciplines through publication, peer-review, and international recognition over time. And also a tip o' the hat to Milton's colleague, Martha Garcia-Murillo, director of the M.S. in Telecommunications and Network Management program at Syracuse's iSchool, who cited the founding of the Internet Governance Project, where "researchers can follow the discussion and decisions that are made at the international level on Internet governance," among the many reasons Milton deserved this special award. Way to go!

Think for a moment of the enduring legacy of African slavery in America. Think of the way it tainted this country's culture and politics; think of the bloody Civil War, the ghettos and race riots after emancipation, the distorted interpersonal relations, the segregated housing patterns. What if we could roll back the clock and ensure that our society was "designed" so that slavery was never permitted and never happened?

Would you give me 20 million dollars to conduct research on that possibility? Would you think I was an honest man if I implied that my research would "fix" racism?

Probably not.

But what if I told you that my computer science lab was working on a "new Internet" that would solve all the terrible security and privacy problems of the existing one? Would you find this claim more credible than a proposed retroactive solution to the problem of slavery?

We all know that the Internet has problems. But the recent discourse around a new Internet, which reached its peak with a New York Times article by John Markoff a few weeks ago, seems to be based on similar false premises. I don't think it is unfair or too much of a stretch to suggest that the "we need a new Internet" folks are holding out the promise of a historical re-do.

The TCP/IP protocols were (as the Economist wrote about a decade ago) an "accidental information superhighway." Society converged on the Internet as the basis for data communications because the information economy was at a critical juncture in its history. Personal computers were just beginning to spread. There were numerous competing technologies. Most of the serious contenders were proprietary standards. The 800 pound gorilla in this fight was IBM, and no one (save IBM itself) wanted it to dominate data communications with its proprietary protocols. Open source software communities or alternatives did not exist (or to put it more accurately, the Internet technical community was the first globally organized open source software development community). There was a pressing and immediate need for an open data communications standard. The OSI standards failed to meet that demand. So TCP/IP filled the gap. It became the victor in a global standards competition. We all converged on the protocols and benefited from the network effects.

It was a set of historical conditions that cannot ever be reproduced, that cannot ever be "done over."

Any "new" standards for data networking will not occupy a virgin field, as TCP/IP did. It will have to intervene into a global economy deeply locked into the old TCP/IP Internet; it must overcome massive inertia and convince people to assume additional cost burdens associated with migration to a new standard. Technological improvements in the Internet protocols are possible, of course, but they can only be implemented on a piecemeal basis, as they piggyback on existing protocols and networks. Any realistic estimate of the time scales for such a migration process should be placed in the range of 30 - 50 years. If you don't believe me, look at the progress of the existing "next generation" Internet protocol, IPv6, which is on its second decade. This is a standard that comes from the same community and is an evolution of the existing internet protocols - not a radically new one.

One of the related fallacies of the "new Internet" argument is its assumption that the problems of Internet security are exclusively technological in origin and can only be fixed by changes in standards and protocols. But the stark fact is that there are known technological solutions to most if not all existing security breaches. The problem is that they are not implemented by people who don't know about them, or they are implemented incorrectly, or they are too costly, or they are incompatible with other applications or solutions. The same problems would face any new Internet protocols. And we haven't even mentioned the possibility that a new standard would be confronted with unanticipated security flaws.

So here's the punchline: people who say that we can fix the problems of the Internet by developing a "new" Internet are saying, in effect, that we can undo history and start over again. Well, heck, if we can do that, why concentrate on little problems like Internet security? Let's take on the big ones. Let's develop a "new Europe" and avoid the slaughter of World War 2; let's develop a new America and erase slavery.

Like it or not, there is no replacement of the old Internet with a new one. Promising it may be a great strategy for generating piles of government funding. But it ain't honest.

Preliminary Announcement and Call for Contributions

The Global Internet Governance Academic Network (GigaNet) invites you to participate in a scholarly workshop to be held in Brussels, Belgium, on 11 May 2009. This full day workshop is organized in cooperation with three thematic sections of the European Communication Research and Education Association (ECREA): International and Intercultural Communication (IIC), Communication and Democracy (CD), Communication, Law and Policy (CLP) sections.

Building on the success of its first edition in Paris, France, in June 2008, the purpose of this workshop is the presentation and discussion of work-in-progress in Internet Governance-related research with the aim to identify emerging research themes and design a research agenda. We are interested in exchanging information and ideas about national and regional projects and networks currently pursuing research on global Internet governance, but also in identifying academic syllabi or other education programs dedicated to these issues, in order to share ideas and forge possible collaborations. Scholars from various academic disciplines and all regions of the world are welcome to contribute to this reflexive exercise, with the long-term objective of collectively building this interdisciplinary research field.

Rather than featuring academic paper presentations, the workshop aims at providing a survey of current academic activities in the field of global Internet governance. Submissions may address, but are not limited to, the following topics: involved actors and their interactions; Internet governance institutions and regimes; legal, socio-economical, behavioral and technical regulation means; Internet governance policy issues.

Submissions should be sent by 20 March 2009 to Meryem Marzouki (Meryem.Marzouki [at] lip6.fr). They should include the name, affiliation, e-mail address and short bio of author(s), along with no more than 500 words of research work description. The program committee will notify applicants by 15 April 2009. To encourage knowledge dissemination, all relevant submissions will be published on the workshop website. Authors of selected submissions will participate at the workshop panel discussions.

Program Committee
Bart Cammaerts (ECREA-CD), London School of Economics, UK; Raquel Gatto (GigaNet), Pontifícia U. Católica de São Paulo, Brazil; Nanette S. Levinson (GigaNet), American U., USA; Meryem Marzouki (GigaNet), CNRS & U. Pierre et Marie Curie, France; Luciano Morganti (GigaNet & ECREA-IIC), Vrije U. Brussel, Belgium; Katharine Sarikakis (ECREA-CLP), U. of Leeds, UK; JP Singh (GigaNet), Georgetown U., USA; Leo Van Audenhove (GigaNet & ECREA-IIC) , Vrije U. Brussel, Belgium.

There is no registration fee for this event. A registration form will be circulated with the program. Practical information on accommodation and low cost travel to Brussels are available on the workshop website.

Here it is: IGP's contribution to the beginning of the year forecasting. Note well: these are not predictions of outcomes but designations of critical areas of change and decision in Internet governance, where the outcome is still unknown. We are sure we've overlooked some critical arenas -- use our comments to tell us what they are!

1. ICANN and its relationship to the USG
A shift from Republican Party conservative nationalism to Democratic Party liberal internationalism, along with the expiration of the Joint Project Agreement between ICANN and the U.S. Commerce Department on September 30, makes 2009 a watershed year for ICANN’s tether to the U.S. government. Moves toward internationalization by the Obama administration could break policy logjams that date back to 2003 (if not earlier); on the other hand, reassertion of the status quo would put an end to the original Clinton Administration plans for a “transition” once and for all. As Harold Feld put it in a notable blog post, the USG has to “quit playing games” and fish or cut bait on the “transition” to nongovernmental adminstration of DNS. A lot of subtle repercussions will be felt either way; for example, international acceptance of a method for signing the root so that secure DNS can be widely implemented could depend on how the ICANN-USG relationship is reformed. It is also likely that there will be agency turf battles over ICANN policy within the US government.

2. Deep Packet Inspection in the service of Internet control
Concerns about copyright protection, terrorism, illegal content, efficient bandwidth management, intrusion detection, botnets and viruses are all converging to tempt various parties to experiment with Deep Packet Inspection (DPI). DPI is the technology that automatically opens all your packets in real time and looks inside them before it decides whether to forward them or not. Will 2009 be the year that DPI starts to settle into place as an integrated infrastructure of Internet control – the ultimate man-in-the-middle solution to Internet governance problems? Or, conversely, will it be the year that we learn it doesn’t really work as well as we think it does; that it can’t handle the capacity of higher speed networks; that principled ISPs and digital rights groups take DPI off the agenda by highlighting its hostile relationship to privacy and network neutrality? The Comcast incident and the Belgian court case were only the opening shots in this battle. DPI vendors take note: this is the year we will find out which of these scenarios is true (or, if we land somewhere in the middle, we should get a good glimpse of which end of the spectrum we end up on).

3. The new Internet Protocol: Can the Net reproduce itself?
Forget all that talk about a "clean slate Internet;" we're having enough trouble implementing a new IP standard that developed a decade ago. 2009 will mark a turning point in the most important technical standards migration on the Internet since its opening to the public in 1991 – the transition from IP version 4 to IP version 6. IPv4 is the original Internet protocol but it is running out of address space. IP version 6 is a new standard with a much bigger address space, but it’s incompatible with the older standard and has no major advantages over IPv4 other than its more capacious address space. For many years incompatibility, the lack of a reliable gateway protocol making v4 and v6 compatible, and the additional expense, risk and trouble of shifting to a new standard have created a “you first” game in which ISPs wait for someone else to take the lead. If that pattern breaks this year we could see a stampede toward IPv6. But if the holding pattern doesn’t break, then the regional address registries will be forced to make major changes in their policies to head off IPv4 address shortages in 2010 and 2011: legalized address transfer markets, tougher reclamation policies, pressure on pre-RIR legacy holders, higher fees, reservation policies, and so on.

4. ICANN’s abysmal new gTLD process
On December 18, the U.S. government gave ICANN a Christmas present: a letter containing a thorough trashing of its plan to open the DNS root to lots of new top level domains. The U.S. letter joined a chorus of big business and trademark interests who have always been against any new TLDs, but it also made some valid criticisms about the proposal’s incredible attempt to set up ICANN as global arbiter of “morality and public order,” suggesting that that function might be better left to local laws. Will the U.S. move succeed in intimidating the ICANN Board? It already seems to have produced a 4 month delay. Bad as the policy is, derailing it opens up a huge can of worms. While no one will rush to passionately defend a policy that institutes global censorship of TLD strings, imposes outrageously high entry costs, and gives any organized group in the world a hecklers veto, the fact remains that this Rube Goldberg contraption emerged (more or less legitimately) from ICANN’s policy process. The policy took full account of the “Principles regarding new TLDs” given to ICANN by its Governmental Advisory Committee (which includes the US) and bent over backwards to accommodate the concerns of the trademark owners who are now complaining about it. And what about the long-delayed internationalized domain names? If ICANN can’t close the deal on this one, people would have to start asking whether ICANN can succeed in making public policy about anything related to DNS or internet identifiers; one would have to conclude that there is something fundamentally unworkable about ICANN.

5. IGF renewal
By the end of this year it should be clear whether the Internet Governance Forum was a short, not too unpleasant footnote in the history of Internet governance or a relatively permanent feature of it going forward. The World Summit on the Information Society’s Tunis Agenda gave the IGF a five-year initial life span; by the end of 2010, the UN Secretary-General must “examine the desirability of the continuation of the Forum, in formal consultation with Forum participants,” and “make recommendations to the UN Membership in this regard.” This means that consultations on the future of IGF will take place in the second half of 2009, and that the issue of continuation will probably form a major part of the discussions at the Cairo IGF in November 2009. By the end of this year if should be clear whether anyone out to kill the IGF or not. We suspect that the IGF will be renewed; the more important issue, of course, is whether the IGF evolves into a more influential and meaningful forum. We have published some analysis of that question.

6. VoIP and the mobile Internet
2009 will be the year that the inherent tension between the broadband mobile internet and traditional mobile voice revenues becomes fully evident and starts to have major effects. The maturation of open source mobile platforms, such as G1 Android or OpenMoko, coupled with the spread of WiFi compatible phones, high-speed mobile networks, the explosion of the netbooks market this year and the greater adoption of data communication capabilities by consumers in developed countries, all will force mobile carriers to make a fateful choice. Either adopt net neutrality principles and allow widespread adoption of VOIP clients (e.g., Fring), or depart from NN principles and try to preserve the remnants of their higher-margin circuit-switched voice traffic. That policy issue will play out more in national arenas than in global ones, which means that the results will be diverse, but an increasingly globalized advocacy of NN as a principle could play an important role in the mix.

7. Can the ITU World Telecom Policy Forum revive WSIS?
The ITU is as determined as ever to retain its relevance in an Internet-dominated world. Its World Telecom Policy Forum, to be held in Lisbon, Portugal April 22-24, 2009, plans to deal extensively with Internet governance issues. If the ITU is smart, it will try to open these proceedings to civil society and lure other new actors into its venues, actors who may be less than thrilled with the progress of the Internet Governance Forum and less than supportive of ICANN. The WTPF could become a place for governments and other actors unsure about or dissatisfied with the IGF/ICANN-centered regime to air their grievances and attempt to develop an alternative center of policy discourse, if not policy power. Can the ITU really become multistakeholder? Granted, that will take more than one year…

8. Will Governments make ISP intermediaries for security?
Over the past years, there have been increasing calls for governments to put more pressure on ISPs to improve their security practices. After years of focusing on end users with awareness raising campaigns and education, it has become clear that such efforts cannot keep up with the changes in internet abuse and cybercrime. Now the focus is shifiting to intermediaries. ISPs are at the top of the list. The Dutch regulator OPTA threatened to introduce regulation, then backtracked and talked about a quality mark or certification scheme. The British House of Lords made similar recommendations. In Australia, ACMA already has enforceable codes of conducts for ISPs. It also notifies ISPs directly about abuse and requires them to act on these notifications. These examples are just the first steps of governments exploring what role they can have or want to have when it comes to internet security.

While the uncertainty surrounding attendance at this year’s IGF was mostly unfounded (there were more than 1200 attendees despite the Mumbai attack, an amount comparable with previous years IGFs), the usual doubts surfaced about what the Forum is accomplishing. Nonetheless, it seems that more participants are pushing the Forum to engage in substantive policy debate, and to identify a process for producing tangible outputs.

IGF Purpose: Education or policy debate?

The quality of the workshops and main sessions continues to vary widely. Some were organized by likeminded entities intent on presenting an overview of an issue to educate its audience, while others assumed that bringing together participants with diverging opinions and engaging in an open and frank discussion of conflicting policy views could lead to greater understanding of an issue. (see this exchange between IGP's van Eeten/Mueller and Patrik Fältström) If one believes audience size to be an accurate reflection of the better approach, then the later format won hands down. For example, the ICANN-organized workshop where the speakers consisted only of a few members of its own Presidential Strategy Committee (which deals with internal reforms for improving accountability of the organization) drew few attendees, while the panelists of the IGP co-sponsored “After the JPA, What?” workshop, which included multiple independent perspectives, attracted nearly 100 attendees. Workshop moderator Lee McKnight even conducted a straw poll (see the results and the workshop report) among the audience on whether the JPA should expire, pushing expectations of what Forum workshops could actually do.

It is clear that Forum attendees, while they are appreciative of informational efforts, are more inclined to hear about and discuss substantive policy debates. This feeling was also apparent in comments heard about workshop topics. Participants expressed a desire to move on from “hot-button” issues where there is largely consensus (e.g., child pornography is bad), to other issues within the ambit of the Tunis Agenda that are more controversial. The most notable of these, the control of critical Internet resources, was raised forcefully by the Chinese delegation in a main session. Going forward, Forum participants would be well advised to pressure the Secretariat to scrutinize and select workshop and main session proposals that support open and substantive policy discussion.

IGF Outcomes: A push for consensus and beyond

In the closing session, the representatives of three governmental bodies (Brazil, European Union, and Switzerland) clearly expressed their desire that the Forum identity those issues upon which there is “sufficient consensus,” and move beyond consensus to pursue some sort of output. Brazil’s Everton Lucero identified that the greatest challenge to, and in fact the future of, the Forum is related to its ability to identify “mature enough” discussion that could then “shift towards practical measures.” Bernard de le Chapelle, representing the French presidency of the European Union, suggested moving from “the mapping stage, where we explore the different dimensions” to “developing consensus” within a formalized group discussion, with the idea that this exchange could lead to better cooperation outside of the Forum. Thomas Schneider of Switzerland recognized the value of the Forum remaining “an open discussion platform” but argued its “outreach should be strengthened.”

As one would expect, the current regime of Internet governance institutions took issue with any hint of broadening the Forum’s influence. In the words of ICANN’s Jean-Jacques Subrenat, the specific characteristic that “this Forum doesn’t lead to recommendations or resolutions” [has] “allowed everyone to speak frankly and openly.” While perhaps partly true, one must recognize that the current governance institutions will instinctively push back on any Forum outcome that might interfere with or threaten the status quo.

In closing, Chairman Nitan Desai recognized the participants’ desire that the Forum evolve and suggested that it is already having influence. He summarized that the Forum should now “consciously focus on searching for consensus, on trying to narrow differences through our processes of discussion and dialogue” because this “process of dialogue and discussion helps in reaching decisions elsewhere.” But he asked participants if they could formalize the process, and “design something where, at least in a few limited, well-defined areas where a process has succeeded in narrowing differences, finding consensus, we can come up with something which carries a certain legitimacy because it has come from a broader multistakeholder process.” And, perhaps in attempt to defuse tension over control of CIRs, Desai suggested that any Forum outcome “must be a product which the people who have responsibility for decision take seriously”…and that “those people may well be Internet Service Providers rather than governments.”

IGF 2009: What’s next?

Regarding this last point, intermediary enforcement may become a point of contention at next years Forum. The pressure and burden currently being placed on ISPs by intellectual property rights interests to enforce copyright violations is enormous. And a large number of civil society groups are now pushing the theme of a rights-based approach to Internet governance. CS has consistently argued that there must be a balanced approach to IPR that takes into account fundamental, well-established rights, for instance freedom of expression and privacy. Interestingly, because IPR interests are largely absent from the Forum, a rights-based approach to intermediary enforcement might be an area where common ground could be forged between private sector ISPs, governments and civil society.

So far the Forum has shown itself to be a valuable discussion space, bringing many parties together that would not otherwise interact regularly. However, if the Forum is to remain relevant, it will need to 1) consistently address and openly discuss issues that highlight substantive policy disagreements among the parties, and 2) where sufficient consensus is achieved in discussions, generate some sort of output that can be referenced by parties engaged in the relevant policy-making institutions.

The 3rd meeting of the UN Internet Governance Forum is now underway in Hyderabad, India, beginning with the Annual Symposium of GigaNet (Global Internet Governance Academic Network). Attendance has been affected by the violence in Mumbai, which is 700 km away. Life in Hyderabad, however, is quite normal, attendees are moving about the city and the suburban “Cyberabad” area where the Forum is being held with no problems, other than the sometimes horrific road traffic. The presence of Indian security forces at the hotels and conference venues is noticeable. Many Indian commentators take the same attitude toward avoidance as was taken by New Yorkers after 9/11: it is important to not be intimidated and to insist on going on with one’s life. I was especially moved by an opinion piece by Suketu Mehta in the Times of India: “The terrorists’ message was clear: Stay away from Mumbai or you will get killed. But the best answer to the terrorists is to dream bigger, make even more money, and visit Mumbai more than ever. If the rest of the world wants to help, it should run towards the explosion. It should fly to Mumbai, and spend money. … I’m going to go get a beer at the Leopold, stroll over to the Taj for samosas at the Sea Lounge and watch a Bollywood movie at the Metro.” Hyderabad is not Mumbai, but I can say that we are running to it and are not intimidated.

The Information Society Project (ISP) at Yale Law School is seeking applicants for 2009-2010 postdoctoral fellowships. The ISP resident fellowships are designed for recent graduates of law or Ph.D. programs who are interested in careers in teaching and public service in any of the following areas: law and innovation; Internet and telecommunications law and policy; intellectual property law; access to knowledge; first amendment law; media studies; privacy; civil liberties online; cybercrime and cybersecurity; social software; standards and technology policy; bioethics, biotechnology, and law and genomics; and law, technology, and culture generally.

Information about applying is available at the ISP web site at: http://www.law.yale.edu/intellectuallife/6523.htm. Applications for 2009-10 ISP fellowships must be postmarked no later than Feb. 1, 2009.

Date: Nov 6th, 2008
Time: 16:00-17:00
Location: ICANN Cairo, Room TBD (if you're on the ground in Cairo, contact Robert Guerra, guerra at freedomhouse.org)

The Noncommercial Users Constituency (NCUC) and The Public Interest Registry (PIR) invite you to attend a reception to meet Cairo based bloggers and local Internet users and experts who will discuss and share their perspectives and views of week's events at the ICANN meeting.

In addition, a locally produced video, "Internet Freedom in Egypt," will be shown. The short piece explains how blogs are being used in Egypt to expose human rights abuses, and how Facebook and Twitter have been used to organize pro-democracy demonstrations and strikes. It also looks at the gov't crackdown and surveillance of bloggers.

The Internet Governance Project has awarded two fellowships to young scholars from Poland and China to enable them to attend the Hyderabad Internet Governance Forum and present their research at the 3rd annual Symposium of GigaNet (the Global Internet Governance Academic Network).

Dr. Joanna Kulesza, of the University of Lodz Faculty of Law and Administration, will present a paper titled "Internet governance and the jurisdiction of states." Kulesza's paper discusses the traditional principles of international jurisdiction, shows their practical applications and contrasts them with the new circumstances of the Internet. The paper analyses the principles of territoriality, effects, active and passive personality, protective principle and the universality principle and examines each of the discussed principles for their applicability to the Internet.

Dr. Zhuo Zhang, of the Wuhan University School of Journalism and Communication, China, will present her paper (co-authored with Handong Wang): "Two Kinds of Violence: Internet Governance and Internet Mob in Mainland China." This paper probes the relationship between the Chinese government's attempts to control the internet and the formation of "internet mobs" among Chinese users. It argues that the peremptory blocking of international information sources functions objectively to promote excessive, "violent" reactions by internet users in China.

"We were impressed with these paper proposals and the commitment of the applicants to engage with the international community forming around Internet governance," said Milton Mueller, chair of the IGP Scientific Committee.

The GigaNet Symposium is in its third year and has quickly become one of the leading venues for presenting academic research on the Internet and its governance. Held the day before the annual UN Internet Governance Forum, the Symposium features a program of 15 paper presentations and several poster presentations.

The fellowships were made possible by a grant from the Ford Foundation, Peace and Social Justice Program, Governance unit, and the Knowledge, Creativity and Freedom program, Media unit.

Several papers on Internet governance will be presented during the 36th Research Conference on Communication, Information and Internet Policy (TPRC), which will be held September 26 - September 28, 2008 at The National Center for Technology & Law, George Mason University School of Law, Arlington, VA. IGP's Milton Mueller will be moderating the "The Future of Internet Addressing" session (Saturday 2:00 PM EST) and Brenden Kuerbis will be presenting a paper, "Regional Address Registries: The New Center of Global Internet Governance" (Sunday 11:10 AM). In addition, there will be panels Friday on Jon Zittrain's recent book and the "Future of the Internet Economy: Developing a Medium Term Policy Research Agenda," as well as work presented on Saturday looking at the "Internet and Fundamental Human Rights" as well as "The Political Economy of Internet Governance." View the entire program.

IGP's Milton Mueller, Jeanette Hoffman and Brenden Kuerbis will be attending the Internet Governance Forum open consultations that will take place on 16 September, in room XIX in the Palais des Nations. These consultations will be followed by a meeting of the Multistakeholder Advisory Group (MAG) on 17-18 September. View the meeting agenda.

The invitations for the third Internet Governance Forum in Hyderabad were signed, on behalf of the UN Secretary-General, by Mr. Sha Zukang, the Under-Secretary-General for Economic and Social Affairs, rather than the Secretary-General as had been the case at the two previous IGFs. Some have asked whether this represents a reduction in the importance of the Forums. The answer, like most for the United Nations, is yes and no. Or, more precisely, no and yes. Whenever the Secretary-General takes on a responsibility, its implementation on his behalf is assigned to a regular Secretariat department. From the very beginning, the IGF, while formally convened under the authority of the SG and having a small secretariat in Geneva, was actually supported by the Department of Economic and Social Affairs (DESA). The Secretary-General's designated representative has been Nitin Desai, the former Under-Secretary-General (USG) for DESA, on a part-time basis. The IGF Secretariat reports to the Secretary-General through DESA. When Mr. Sha was appointed USG for DESA in July 2007, he replaced Mr. Jose Antonio Ocampo, who was less engaged with ICT. Mr. Sha has a personal interest in Internet Governance having been China's permanent representative to the UN in Geneva. He has obviously wanted to be more involved in the decision-making and it has been delegated to him. Initially, the DESA office through which IGF Secretariat reported was the Office for Economic and Social Council Support and Coordination. Mr. Sha has shifted the headquarters contact point to the Division for Public Administration and Development Management, which is the most Internet-involved Division in the Department, since it is responsible for e-government work. Does that mean that IGF has been downgraded? Here the answer is no. The substantive interest of the United Nations in the IGF is clearly greater. The change is more of form -- an invitation signed by a USG rather than the SG -- than of substance. On the whole I think it represents a greater institutionalization of the Forum in New York, while maintaining the general flexibility that has been achieved by the IGF Secretariat in Geneva.

[Editor's note: IGP graduate intern Mark Costa, a doctoral student at Syracuse University's School of Information Studies, joins us today as a guest blogger. Mark recently returned from the 2008 National Conference on Media Reform, one of the largest annual gatherings of domestic media advocates in the United States.]

I just got back from the National Conference for Media Reform, where the mood was vibrant and optimistic, yet filled with a deep sense of concern about the current state of the U.S. media industry and the administration in Washington. The general consensus among the conference goers was that the major media corporations trivialize issues of national concern and frequently disseminate incorrect information to their audiences. Bill Moyers spoke Saturday morning and summed up well what people were feeling when he said: "media consolidation is a corrosive force that trivializes democracy." In order to counter those trends, many people have taken the entrepreneurial route and begun providing alternative news services. While several of the entrepreneurs are using traditional media outlets (television and radio), a majority of them have opted to use the Internet to spread their message.

Because of the increasing importance of the Internet in this movement, there is an increasing interest in concepts such as network neutrality. There was at least one session specifically about NN, with Susan Crawford and Tim Wu presenting. Additionally, Bill Moyers mentioned NN, referring to Comcast’s attempts to pack the FCC meeting this past year as an excellent example of corporate America's attempts to suppress alternative voices. Despite the attention given to NN debate by the presenters, very few of the conference attendees that I spoke to demonstrated much interest in the debate. I didn’t attend the sessions, so it is difficult to gauge the responses of all of the attendees, but based on the discussions I had at the booth, not many people consider the debate to be immediately relevant.

I was able to generate some interest in the IGP's work by discussing the increased role of governments and corporations in Internet governance. I had the opportunity to discuss with several people how policies set in international forums could impact domestic policies and agendas and why that impact is important. This involved explaining basics of political economy (i.e., who is interested in the Internet as a manageable resource, what their objectives are, and how they plan on achieving them), as well as some additional concepts such as policy laundering. Once again this met with only moderate success, which I believe is primarily due to the fact that many of the attendees were more interested in addressing the content of the messages being disseminated by the large media corporations versus being interested in the political, economic, and institutional factors that impact communication infrastructures. That was somewhat disappointing because, as the IGP members and other scholars have demonstrated, regulatory frameworks can have a significant impact on what information does get published.

Initiated in spring 2006 in conjunction with the UN Internet Governance Forum, the Global Internet Governance Academic Network (GigaNet) is hosting several events this year, including an upcoming international workshop on "Global Internet Governance: An Interdisciplinary Research Field in Construction" in Paris, 23 June 2008, from 08:30 to 13:30, concurrent with the ICANN-Paris meeting. [invitation-fr] [invitation-en]

The program includes scholars from around the world and several academic backgrounds. The registration form is now available online. Attendance at the workshop is free and open to all interested parties, but registration is required. Please send completed registration forms to Meryem.Marzouki@lip6.fr

The purpose of the workshop, the first of its sort, is to allow scholars involved in Internet Governance related research to describe their ongoing research projects to other scholars in the field, in order to share ideas, forge possible collaborations, and identify emerging research themes in the field. Scholars from various academic disciplines and all regions of the world are expected to contribute to this reflexive exercise, with the long-term objective of collectively building this interdisciplinary research field.

Rather than featuring academic paper presentations, the workshop aims at providing a survey of current academic activities in the field of global Internet governance. The workshop is mainly organized around 3 roundtables, fostering lively and fruitful discussions. Panelists selected among the authors of submitted contributions will discuss global Internet governance research activities dealing with: models, players and democratic principles; regulation policies and regulatory issues; and regional perspectives and sociocultural issues.

Visit the workshop website for more detailed information, including directions, maps and other practical information. French co-organizers and sponsors are: GDR-CNRS TICS, DEL-CNRS network, Sciences Po, Univ. Paris 3 Sorbonne Nouvelle, Univ. Pierre et Marie Curie and LIP6 Laboratory.

Call For Papers: Third GigaNet Annual Symposium
2 December, 2008
Hyderabad International Conference Center (HICC)
Hyderabad, India
Call For Papers [pdf] [html]

The Global Internet Governance Academic Network (GigaNet) is a scholarly community that promotes the development of Internet governance as a recognized, interdisciplinary field of study and facilitates informed dialogue on policy issues and related matters between scholars and governments, international organizations, the private sector, and civil society.

Each year, GigaNet organizes a one-day research symposium in conjunction with the United Nations Internet Governance Forum (IGF) and in the same premises. After the first two editions in Athens, Greece (October 2006) and Rio de Janeiro, Brazil (November 2007), the third GigaNet Annual Symposium will be held on December 2, 2008, in Hyderabad, India, the day before the 3rd IGF meeting. Attendance at the Symposium will be open to all and free of charge. The Symposium will be at the same location as the IGF and registration with the UN as an IGF participant may be necessary to gain entry to the building.

This is a call for papers from scholars interested in presenting an original research paper at the conference.

Important dates:

• 15 July 2008: abstract submission deadline (to be sent to: Meryem.Marzouki@lip6.fr)
• 15 September 2008: notification to applicants
• 10 October 2008: full papers due
• 15 October 2008: 2008 GigaNet symposium program finalized
• 2 December 2008: 2008 GigaNet symposium, HICC, Hyderabad, India

Submission topics:

In addition to papers on methodological aspects of Internet governance-related studies, this year's Symposium particularly encourages submissions on the following themes, which are described in more detail below:

1. Comparing Internet Governance to other Global Governance Domains
2. Networked Governance Theories and the Institutionalization of Internet Governance
3. The Role of NGOs, Social Movements and Civil Society in Internet Governance
4. Year 3 of the UN Internet Governance Forum: Assessing its Structure, Process and Impact
5. Law and Jurisdictions in Internet Governance
6. Copyright Protection, Internet Service Providers and Technical Mechanisms of Control
7. Internationalized Domain Names: Expanding Access or Tower of Babel?

Submission requirements:

Applicants should submit: 1) an abstract of 800-1000 words, in English, of the proposed paper that describes the main research question(s), methods employed, and the paper's relevance and value to the thematic area; and 2) a one page summary curriculum vitae listing in particular the applicant's current institutional affiliation(s), advanced degrees, scholarly publications relevant to Internet governance, and web sites, if available.

Submission materials should be emailed directly to the chairperson of the 2008 Program Committee, Dr. Meryem Marzouki, at Meryem.Marzouki[at]lip6.fr by no later than July 15, 2008, midnight GMT.

Members of the 2008 program committee will review submissions according to the same criteria. In order to ensure fairness of the evaluation process, submissions that do not conform to the requested format will not be considered.

The Program Committee will notify applicants of its decisions via email by September 15, 2008.

A full paper upon which oral or poster presentation will be based must be delivered to the same address by October 10, 2008, midnight GMT in order for the author(s) to be included in the program.

While GigaNet asserts no copyright to authors' work, it is expected that the version of the paper presented orally or as poster will be made available for posting on the GigaNet website.

Travel scholarships for a few outstanding accepted papers may be available for scholars who would otherwise be unable to attend. Applicants who are accepted will be informed of these opportunities after September 15.

2008 GigaNet Symposium Program Committee:

• Ana Abreu, Labeurb/Unicamp and Paulista University, Campinas (SP), Brazil
• Slavka Antonova, Massey University, Auckland, New Zealand
• Meryem Marzouki, LIP6/PolyTIC-CNRS Laboratory, Paris, France (Chair)
• John Mathiason, Maxwell School of Citizenship and Public Affairs, Syracuse University, Syracuse (NY), USA
• Milton Mueller, Syracuse University School of Information Studies, Syracuse (NY), USA
• Max Senges, Universitat Oberta de Catalunya, Barcelona, Spain
• Rolf H. Weber, University of Zürich, Zürich, Switzerland

Topics Description:

1. Comparing Internet Governance to other Global Governance Domains
The concept of global governance has flourished in a number of fields: trade, security, environment, development -- as well as Internet. However, most general analyses of global governance ignore global Internet governance. Conversely, very few Internet governance analyses are conducted through comparative frameworks. Submissions are invited to help frame Internet governance in a broader, global governance perspective. What could be learnt from experiences of global governance in other fields? Are there any general instruments and methods of global governance, irrespective of the domain area it addresses? Could some similarities or invariants of a global governance process be identified?

2. Networked Governance Theories and the Institutionalization of Internet Governance
The global policy discourse on Internet governance involves more diverse actors and newly created institutions. There is a need to explore the dynamics of this changing institutionalization process through theoretical and empirical analysis. Recent work explores network forms of organization in political and governance contexts, at national and international levels, most notably with the concept of "transgovernmental networks" to solve sector-specific problems. We call for papers that apply, test and criticize ideas of "networked governance" in the context of global Internet governance. We encourage submissions that analyze collaborative policy-making in related institutions and interactions between them. We are especially interested in papers that critically analyze these forms of governance in terms of fairness and accountability and their relationship to democratic principles. Can presently excluded or minority communities enhance their participation? Beyond the expert discourse and the interplay amongst dedicated stakeholders, can networked governance represent people, rather than just established interests and agencies? What are the available tools and practices to facilitate their participation and deliberation, in terms of discourse, collaboration and decision-making?

3. Role of NGOs, Social Movements and Civil Society in Internet Governance
Important but subtle transformations have occurred in the role and participation of non-governmental and non-business actors in the 6 years since the World Summit on Information Society (WSIS). WSIS witnessed a somewhat usual situation, where organized social actors participated from inside the process through structured non-governmental organizations, and social movements exercised some more radical pressure from the outside. Since the creation of the UN Internet Governance Forum (IGF), this mode of participation has turned into a "consensus-based cooperation", where civil society actors are supposed to contribute on equal footing with governments and business actors, in most cases in their individual capacity and rather disconnected from social movements. We seek papers that analyze the evolution of involved social actors and their structuring, especially with regards to the historical evolution of the concept of civil society, and to explore in which ways and to what extent these transformations may be related to the move from government to governance.

4. Year 3 of the UN Internet Governance Forum: Assessing its Structure, Process and Impact
The WSIS created and mandated the IGF to address critical, value-adding global Internet governance functions that cannot be entirely performed by any existing institution. This includes: highlighting emerging issues, assessing the embodiment of WSIS principles, and strengthening the participation of stakeholders in Internet governance mechanisms. Furthermore, the IGF was defined as "multilateral, multi-stakeholder, democratic and transparent" body; it has been structured through a Secretariat, a multi-stakeholder advisory group (MAG), and a special advisory group to the MAG's chair; and for 3 years, it has been operating as an open discursive space, prepared through open consultation sessions. Submissions are invited to explore whether the IGF has fulfilled its mandate at this step, which difficulties can be identified and how they could be solved. Has the IGF structure, management and advisory mechanisms proven to be adequate and compliant with the WSIS Tunis Agenda requirements? What strengths could be reinforced and weaknesses overcome?

5. Law and Jurisdictions in Internet Governance
The Internet must now be considered a major factor when elaborating regulatory principles to deal with the circulation of content and data and with the protection of the general communications infrastructure. This is not an easy task because of its implications on the respect for universal human rights, fundamental freedoms and the rule of law, where States differ widely on their implementation of these international standards, even among coherent regional entities. The task becomes even more complex due to conflicts of competences among overlapping jurisdictions. We seek papers that identify and explore conflicts among national laws and attempts to harmonize them. We also seek papers that explore the relevance to the global Internet of public and private international law currently in force or being considered in ongoing international negotiations. Submissions analyzing the role and positions of various players in these processes are also encouraged.

6. Copyright Protection, Internet Service Providers and Technical Mechanisms of Control
We encourage papers that examine attempts to impose copyright protection on the Internet through the intermediary of Internet service providers. This theme bridges the topics of network neutrality and intellectual property, inspired by recent incidents, such as a Belgian ISP's order by a court to use deep packet inspection to catch copyright infringement in transit, and Comcast's notorious interference with BitTorrent, which also was probably stimulated in part by copyright protection concerns. Papers can explore the feasibility and "state of the art" of packet inspection and other relevant techniques, analyze copyright industry and ISP industry interactions from a political economy standpoint, or examine appropriate policy responses to new and powerful packet inspection techniques.

7. Internationalized Domain Names: Expanding Access or Tower of Babel?
We encourage papers on the economic, cultural and compatibility issues raised by the migration to a new standard for Internet domain names that allows them to reflect non-Roman scripts such as Chinese or Cyrillic. Internationalized domain names (IDNs) have a double-edged effect: they widen access for non-English or ASCII readers by making domain names easier to use, but they also introduce compatibility problems among people communicating across language boundaries, as one party may not know how to read or input the address of the other party. There are also interesting questions of competition policy, as the Internet Corporation for Assigned Names and Numbers (ICANN) must decide whether to give new generic top level domains (TLDs) in IDN scripts to incumbents operating ASCII TLDs with similar meanings, or to new competitors. Issues of consumer confusion and cross-linguistic disputes can also arise.

The final of three panels at the 2007 GigaNet Annual Symposium was convened to address the distinct set of policy issues critical to the global Internet Governance debates. GigaNet Steering Committee member, Seiiti Arata, Jr., moderated the panel, and it consisted of four excellent papers (Ian Brown/Chris Marsden were not present).

The first paper was presented by Virginia Paque from Argentina, who stood in for a DiploFoundation colleague, Alfonso Avila, on his paper, "Identity Theft in Developing Counties' Banking Industry." This fascinating paper raised the issues about the far-reaching impact of identity theft, and addressed the perspective that identity threats and phishing scams are coming primarily from developing countries. Paque presented empirical evidence that the vast majority of identity theft scams are coming from the developed countries (with only Nigeria and South Africa figuring at all). IGP Partner Milton Mueller, from the School of Information Studies at Syracuse University, presented his paper on, "Net Neutrality as a Global Norm for Internet Governance," simultaneously released as an IGP Issue Paper. Dr. Mueller re-defined Net Neutrality and sketched its progression from national policy spaces to global spaces. Leo Van Audenhove from the Department of Communication Studies at the Vrije Universiteit in Brussels, presented an empirical co-authored paper on the mechanisms for regulation and self-regulation in the cultural industries. Finally, Adilson Cabral, from the Universidade Federal Flumienense, presented a co-authored paper entitled, "Broadening Voices: Grassroots Tech Groups and Policy Objectives for Internet Governance."

Audience questions included questions about how can national Net Neutrality principles coexist at the global level; how do we deal with the coordination issues at a global level; how do we deal with the issue of Google as a dominant player in this space?

The 2nd Annual Symposium of the Global Internet Governance Academic Network (GigaNet) is now underway in the Windsor Barra Hotel in Rio de Janeiro Brazil. About 100 scholars and interested participants from around the world are participating in the all day meeting.

Development was the focus of the first panel was on the creation of a "Development Agenda" for Internet Governance, one that draws upon previous relevant examples such as the WIPO Development Agenda, the WTO Doha Round Development Agenda, and other relevant processes. IGP Partner, Derrick Cogburn, served as moderator for the first panel, which included four outstanding papers/presentations (most of which are available on the GigaNet portal (http://www.igloo.org/giganet).

The first paper/presenter was William Drake from the Graduate Institute of International Studies in Geneva, Switzerland. Dr. Drake helped to shape the framework for the panel by laying out the overarching rationale for creating a Development Agenda for Internet Governance. He particularly highlighted the lessons learned from the Doha Round within the WTO, which focused on the better inclusion of developing countries into the benefits of global trade, including trade in services. He also raised the question about what institutional configuration within the IGF would be most appropriate for advancing this Development Agenda for Internet Governance, and suggested that perhaps a Dynamic Coalition for Development within the IGF framework might be the most appropriate way to proceed.

Next, Viviana Munoz Tellez, from the South Centre, also based in Geneva, further illustrated the potential of this "Development Agenda" approach by highlighting ten lessons from the corresponding process within WIPO. She highlighted in great detail her analysis of ten key components of the process of creating the WIPO Development Agenda, and their relevance for the IGF and Internet Governance. These ten components included: (1) building momentum; (2) conceptual framework; (3) identification of key problems; (4) leadership; (5) sustained commitment; (6) Coordination amongst developing countries; (7) prioritization and focus of initiatives; (8) the role of civil society; (9) collaboration amongst developing countries and civil society, both North and South; and (10) the strategic choice of forum for the agenda.

Deepening the analysis, Laura DeNardis, from the Yale University Law School, Information Society Project, focused her analysis on the impact of the formal and informal standards setting processes on development interests. She highlighted the potential importance of multiple devices, including multimedia handheld computing devices, for promoting and sustaining development. She illustrated the process of standards setting, including the informal market entry/dominance approach to establishing de facto standards. She highlighted the political effects on development of these processes and explored how it might be possible to get greater and more diverse development interests "at the table" during the standards setting processes. In closing, she advocated an "openness" approach; meaning that both the standard setting processes should be more open in terms of allow for greater participation - including civil society and developing countries - and that they should attempt to harmonize their processes and standards where possible.

Finally, Olga Cavalli, from the Universidad de Buenos Aires and the Instituto Technologico de Buenos Aires, Argentina, illustrated the perspectives of the Latin American and Caribbean Region towards a development agenda. She used data from Telegeography and the World Bank to highlight the disparities in bandwidth and income inequalities in the world. She also asked about how to get rural considerations into the development agenda process. Interestingly, she raised the issue of telecenters, and their impact on the enabling public inclusion in formulating the development agenda for Internet Governance, and the degree to which they can be made more economically sustainable. On this latter point, she highlighted some of the successes and failures of Universal Service funds. In closing, she highlighted some of the activities to build capacity for Internet Governance, including within ICANN and their fellowships and the DiploFoundation training processes.

The audience raised important questions for the panel, including the "real" relevance of the WIPO and WTO processes for Internet Governance, the potential challenge of fragmentation in these processes, and the degree to which these multiple actors with divergent political perspectives can be harmonized and included in the same process.

Q: When is a policy adopted unanimously in ICANN not really a consensus policy?
A: When the US Government says it isn't.

Case in point. A new top level domain registry, TELNIC, has been authorized to run the .tel domain. Their idea is that .tel will "allow and encourage individuals and corporations to manage a universal identity" on the Internet. If its idea works, lots of ordinary people will register under the .tel domain and combine their telephone numbers, email addresses, and other identifiers. The company is based in the UK.

TELNIC has a problem: ICANN's contracts require it to display all the personal contact data of its registrants through a service known as "Whois." But unrestricted access to personal contact data, aside from being a rather bad idea, is against the law in the UK. It follows European, not American, privacy and data protection rules. So after consulting with the UK's data protection authorities, TELNIC asked ICANN to modify its Whois requirement.

One would think that that request would be easy to honor. ICANN has, after all, already passed a Whois Procedure for Conflicts with National Laws" that allows registries to apply for such exceptions. In December 2003, the second Whois Task Force of the GNSO recommended the development of a procedure to allow gTLD registries and registrars to demonstrate when they are prevented by local laws from fully complying with the provisions of ICANN contracts regarding personal data in Whois. The policy was passed by the GNSO Council, ICANN's domain name policy development organ, in November 2005. In May 2006, the ICANN Board adopted the policy and directed ICANN staff to develop and publicly document a conflicts procedure. In both cases, the policy was passed unanimously.

Fast forward to the middle of 2007, when TELNIC actually attempted to get an exception. Out of the blue, we were told that "The Whois Procedure for Conflicts with National Laws is not yet implemented pending GAC input." GAC is the "Governmental Advisory Committee," ICANN's liaison with the world's governments. But what is the hold up, what is stopping GAC from its input? Any idea that the the world's governments as a group want to stop the national exceptions policy is obviously false. The GAC has already adopted a set of public policy principles on Whois that stated bluntly, "gTLD Whois services must comply with applicable national laws and regulations."

No, it is only one government -- the USA -- that doesn't like its implications. US policy has always been that all personal contact data must be open to anyone on the Internet who wants to view it, for any purpose. Any why does the USG feel that way? When TELNIC applied to restrict access to its registrants' private data, the trademark and copyright interests kicked up a huge fuss. They bullied TELNIC into making major concessions -- allowing, for example, trademark lawyers to get much broader access to registrant records. No other constituency, such as privacy advocates, were allowed to enter into these negotiations. Still, they were not satisfied. They know that any exception to Whois, no matter how small, sets a precedent and confirms what everyone else in the world knows -- that ICANN's contracts violate national privacy laws around the world.

In other words, the consensus policy is not really a policy. Why? Because the USG (and the trademark lobby that dictates its policy on these matters) doesn't want it to be a policy. These kinds of manipulations confirm the world's worst fears about Internet governance and the American role in it. We are presented with a frighteningly clear picture of a rigged game, a violation of the credible commitment to rules and process that must underpin international institutions. For years now, the US government and the trademark lobby have been trying to play a "heads I win, tails you lose" game with Whois. This is just the latest, albeit one of the most blatant, examples. Sustained protests of this policy are expected at ICANN's upcoming annual meeting in Los Angeles.

As most of you know, the Inaugural Internet Governance Forum (IGF) in Athens spawned a number of "Dynamic Coalitions.” These multisakeholder Dynamic Coaliations (DCs) were designed to include all interested parties from both developed and developing countries, and to advance the work of the Forum.  One of these DCs, the Online Collaboration Dynamic Coalition (OCDC), has developed a suite of collaboration tools to facilitate a degree of online participation at the upcoming Internet Governance Forum in Rio.  While there are still some ongoing debates about the specific modalities for remote participation, the site is designed for all IGF stakeholders, and registration is open to any interested party from around the world. For more information, or to register for the site, go to: http://igf-online.net; or see the attached flyer (in pdf). For additional means of participating remotely in the IGF Workshops co-sponsored by the Internet Governance Project and other partners, please check the IGP events page.

On 13 February 2007, the Internet Governance Forum (IGF) will convene a "stock-taking" session, which is open to all stakeholders who were WSIS accredited, and to individuals with "proven expertise and experience in Internet Governance related issues. The meeting will be held at the Palais des Nations, United Nations Office in Geneva (Room XX) from 10:00-13:00 and 15:00-18:00 hours. Interpretation in all UN languages and real-time transcription will be available during the meeting. For more information and to register for the session, download the IGF registration form. Also, at the closing of the session, we will host a brief wrap-up discussion with colleagues on the ground in Geneva. Cotelco Research Associate and intern at the IGF Secretariat, Sonia Arenaza, will host the webconference and provide feedback from the stocktaking session. Participants from IGP Partner Derrick Cogburn's Globalization Seminar will also participate in the session from South Africa, Syracuse, and other parts of the world. To join the webconference, held from 10:00 - 11:00 EST, please go to the Cotelco Web Conferencing Server and click on the link for the meeting when active. Please use your firstname and lastname as username, and no password.

Last week was a busy one for the US National Science Foundation (NSF).  In addition to the meeting reported on by IGP Partner Milton Mueller, NSF also convened a major conference from 29-30 January entitled, "Designing Cyberinfrastructure for Collaboration and Innovation."  The meeting, organized by Brian Kahin and sponsored by the Committee for Economic Development, Council on Competitiveness, National Science Foundation, Science Commons and the University of Michigan, was held at the National Academy of Science in Washington, D.C.  The meeting focused on using the Internet to create geographically distributed environments for collaborative research, and the soci-technical challenges involved in such approaches.  The program, which featured an interesting array of speakers from industry, academia, government, and international organizations, was organized around five themes: (1) Infrastructure for Knowledge and Innovation; (2) Designing the Virtual Organisation; (3) Technology-Enabled Knowledge; (4) The Ecology and Design of "Open," and (5) Public and Private Cooperation.  Most of the slides, supporting documents, and additional resources are also made available on the conference website.  The meeting was attended by IGP Partner Derrick Cogburn, as well as GigaNet member Nanette Levinson. Interestingly, at one point a speaker from the audience expressed his desire to "keep fighting those who want the UN to take over the Internet," which was met with limited applause from the participants.

On 31 January the National Science Foundation (NSF) and the OECD held a joint conference on "social and economic factors shaping the future of the Internet." Attendance was restricted to about 20 full participants selected by OECD/NSF and another 30 attendees who were allowed to ask questions.

For NSF, the meeting promoted their effort to incorporate "social and economic factors" into the research around their Global Environment for Network Innovation (GENI) initiative. GENI is a major new NSF initiative to fund a "clean slate" redesign of the Internet. The intellectual driver of this initiative seems to be David Clark, who was also one of the leading protocol architects of the old Internet. Suzi Iacono, the NSF program officer who concentrates on the social, economic and behavioral aspects of information systems within the NSF's CISE division, believes that GENI can create a "testbed" that will allow social scientists to experiment with the way various protocol or network designs interact with social factors.

My first observation about this meeting is that aside from David Clark's always-interesting ruminations on what problems a clean-slate resdesign of the Internet might involve, very few new ideas were bruited. Almost all of the discussion revolved around the social, economic and political problems of the "old" Internet. More importantly, I wonder whether the desire to link analysis and understanding of social problems to the engineering or redesign of a new Internet is unambiguously a good thing.

The tension between the desire to "design" a new Internet and at the same time take into account social and economic factors was confronted directly at one point. Clark was asked by Harvard's Jonathan Zittrain about the ITU's Next Generation Network (NGN) initiative. An excellent question -- isn't that also an attempt to do a clean slate redesign?  Clark answered that the ITU's effort was "doomed" because "people are watching." By that he meant that the basic design issues that would really have an effect on social factors would be "torn apart by advocacy." In other words, assuming that social effects can be controlled by means of technical design (a very big and mostly false assumption) interested social actors will not stand passively by and let those design decisions be made without their input.

Now if the outcomes of NGN will be torn apart by advocacy, why not also the results of GENI? All Clark could say was that one should "design the levers of control so that you've got the right balance of power over the controls." But won't those design decisions be influenced by existing inequalities in political and economic power?

My point is not that we should throw up our hands and say that nothing can be done or that none of this should be carefully studied. Rather, my target is the assumption that one can "design" large-scale technical systems in ways that avoid future political and economic problems. If engineers try to take "social and economic factors" fully into account as they design technical systems, it is inevitable that the design will reflect a status quo oriented equilibrium among existing vested interests. The technological design will embed rules and restrictions based on protection of today's business models and political interests.

Engineers and scientists can be much more revolutionary (in both a good and bad sense) by solving technical problems in complete disregard of their social and economic consequences. Or by paying attention to some social factors and disregarding others. This is what as happened with the original Internet. It is the job of social, political and economic institutions, not technologists, to respond to the problems of technological innovation as they arise. It is a false and technocratic assumption that engineers and social scientists can embed these decisions in technological design. Indeed, this widespread belief that beneficial social consequences can somehow be "embedded" in technological design is one of the truly bad consequences of the Lessig meme that "code is law."

The Internet Governance Project was prominent at the Forum. Below is a summary of our activities.

IGP partners Mueller, Hofmann, Mathiason and Cogburn participated in the successful pre-Forum conference of the Global Internet Governance Academic Network (GigaNet). See story below.

IGP partner Jeanette Hofmann was selected by civil society groups to speak in the slot for civil society at the concluding session of the Forum. Her comments can be seen here. Hofmann also co-facilitated, with Elizabeth Longworth of UNESCO, the joint IGP-UNESCO workshop on content filtering and blocking.

IGP partner Milton Mueller moderated the intense and exciting workshop on DNS root zone file management. A short written summary of the DNS workshop is available here.

IGP partner Derrick Cogburn made it possible to include remote presenters in both of our workshops. Professor Ron Deibert participated in the Freedom of expression panel from Toronto, and technologist Thierry Moreau participated in the DNS workshop from Montreal. The experience provided valuable lessons on enhancing virtual participation in global policy dialogues. Further refinements in implementation will be made in Rio. While the sessions that IGP co-sponsored were not recorded due to technical difficulties, furture sessions will be archived on the IGP website.

IGP partners Derrick Cogburn and Lee McKnight linked the IGF in Athens with the Caribbean Internet Forum in Grenada. The session, "Building Bridges from Athens to Grenada to Syracuse" had five speakers from Athens -- Dr. Cogburn, Dr. Alex Trigona (Diplo), Jenniffer Britton (Caribbean Telecommunications Union), Theresa Swinehart (ICANN), Ambassador Clark (Barbados) -- providing an overview of the substantive discussions and tone of the Athens meeting; one speaker from Grenada, providing feedback on what was happening in Grenada; and questions from students and faculty from Syracuse.

IGP partner John Mathiason spoke at the Framework Convention Workshop, and IGP partner Milton Mueller was a panelist on the main plenary session on Access, where he discussed issues of telecommunication policy.

GigaNet is the "global internet governance academic network," a new network of researchers in the field of internet governance. GigaNet plans to hold annual conferences preceding the forum and engage in research collaboration and discussion around IG issues. The first GigaNet pre-conference vastly exceeded the expectations of its organizers, filling the room to capacity (80+ people) and provoking many compliments about the value and quality of the presentations and discussions.

About 40 eligible academic members will be added to the group as a result of the meeting. At the business meeting, chaired by William Drake, important decisions regarding the governance of the group were mooted for final confirmation on the group's listserv. The meeting proposed to use the IGLOO content sharing tool as its public face and space for private interaction for a year. It will retain its current mail list and add all members meeting the eligibility requirements quickly. Eligibility will be for individuals, not institutions, although methods of cooperation with organizations were discussed. In particular, UNESCO expressed considerable interest in working with the group.

The need to set up a decision making structure or "executive officers" was discussed. W. Drake suggested a number of committees or sub-areas, such as a web space mgmt group, membership, constitutional. Nanette Levinson proposed to make the existing startup group, plus some new volunteers, as the Executive committee for another year.

IGP Partners John Mathiason and Derrick Cogburn will serve in a high-level Panel of Advisors, providing policy and expert advice to the Steering Committee and Strategy Council of the UN's newly created Global Alliance for ICT and Development. The Strategy Council consists of 60 members representing governments and non-governmental stakeholders and will identify priorities and themes to be addressed. The mission of the Global Alliance is to facilitate and promote integration of ICTs into development activities by providing a platform for open, inclusive, multi-stakeholder cross-sectoral policy dialogue, thereby linking the outcomes of the WSIS with the broader United Nations development agenda.

[Abstract]

IGP Partner Jeanette Hoffman was selected to serve on the Multistakeholder Advisory Group (MAG), which will assist the Secretary-General's Special Adviser Nitin Desai in convening the Internet Governance Forum (IGF), a new forum for a multi-stakeholder dialogue on Internet governance. The Advisory Group will meet on 22 and 23 May in Geneva, following an open consultation on 19 May, also in Geneva. Its main task is to prepare the substantive agenda and program for the first meeting of the Internet Governance Forum, which is to be held in Athens from 30 October to 2 November.

[Abstract]

  [Abstract]