Uncategorized

Summary

This discussion focused on the intersection of multi-stakeholder governance and international law in cyberspace, held as part of the Internet Governance Forum (IGF) with input toward the WSIS+20 review process. The panel explored how international law can facilitate and strengthen the multi-stakeholder model of internet governance, making it more efficient, inclusive, and predictable.

Maciej Groń from the Polish Cyber Security Agency emphasized that multi-stakeholder governance is essential rather than optional, noting that national laws are insufficient for addressing global cyber issues like illegal content. He highlighted successful international cooperation through organizations like INHOPE, which operates across 55 countries using common standards and classification schemas.

Anna Podgorska-Buompane discussed the Polish EU presidency’s priorities in digital diplomacy, including strengthening the IGF, promoting human-centric approaches, and defending an open, secure internet through multi-stakeholder governance. She outlined various initiatives, including high-level conferences and coordination among EU member states on WSIS+20 positions.

Elena Plexida from ICANN explained how multi-stakeholder governance operates in practice, describing it as actual decision-making rather than mere consultation. She emphasized that the global internet requires governance that transcends national borders, with technical communities, governments, and civil society participating on equal footing. Plexida noted that international law provides crucial legal frameworks that help technical communities develop sound policies.

Helen Popp from the European External Action Service presented the EU’s common declaration on international law in cyberspace, adopted in November 2024. This declaration establishes shared understanding among EU member states on key legal principles, including due diligence obligations, attribution of cyber operations, and the application of international humanitarian law.

Lukasz Kulaga advocated for more states to develop national positions on international law in cyberspace, explaining that such positions enhance transparency and contribute to legal interpretation. He also suggested alternative approaches for developing international law, including potential involvement of the International Court of Justice and the International Law Commission.

The discussion concluded with practical questions about breaking down silos between different technical communities and ensuring that law enforcement doesn’t circumvent international treaties. The panelists emphasized the need for continued collaboration and the importance of maintaining the multi-stakeholder model while strengthening its legal foundations through international law.

Keypoints

## Major Discussion Points:

– **Multi-stakeholder governance as essential infrastructure**: The panelists emphasized that multi-stakeholder governance is not optional but fundamental for managing global internet resources, with ICANN serving as a key example of how technical communities, governments, civil society, and other stakeholders make collective decisions about internet identifiers and standards.

– **International law as a framework for cyber governance**: Discussion centered on how international law can support and legitimize multi-stakeholder processes, with particular focus on the EU’s recent declaration on applying international law to cyberspace and the need for more countries to develop national positions on cyber law.

– **Breaking down silos between technical and policy communities**: A significant portion addressed the challenge of connecting high-level international law discussions with practical technical implementation, emphasizing the need for better coordination between different internet governance organizations and stakeholders.

– **State responsibility and due diligence in cyberspace**: The conversation explored how traditional international law concepts like state sovereignty, due diligence obligations, and attribution of cyber operations apply in the digital domain, particularly in the context of malicious cyber activities.

– **WSIS+20 and the future of internet governance**: The discussion was framed around the upcoming World Summit on the Information Society review process and how international law frameworks can strengthen and legitimize the continued use of multi-stakeholder governance models.

## Overall Purpose:

The discussion aimed to explore how international law can support and enhance multi-stakeholder internet governance, particularly in preparation for the WSIS+20 review process. The panelists sought to bridge the gap between high-level international legal frameworks and practical internet governance implementation, demonstrating how legal norms can provide stability and legitimacy to bottom-up, collaborative governance models.

## Overall Tone:

The discussion maintained a consistently professional and collaborative tone throughout. Speakers demonstrated mutual respect and built upon each other’s points constructively. The tone was academic yet practical, with panelists sharing concrete examples and actionable insights. There was an underlying sense of urgency about the importance of these issues for the future of internet governance, but the conversation remained optimistic about the potential for international law to support multi-stakeholder processes. The interaction with audience questions added a more dynamic element while maintaining the scholarly and diplomatic character of the session.

Speakers

– **Viktor Skvarek**: Remote participation moderator, managing online participation for the panel

– **Helen Popp**: Cyber policy officer with the European External Action Service, focuses on UN negotiations particularly related to the Open-Ended Working Group on cyber issues

– **Elena Plexida**: Representative of ICANN, has experience in European policymaking and policy development, facilitates cooperation between governments and the broader ICANN community

– **Lukasz Kulaga**: Professor representing the foreign ministry, academic with background in developing national positions on the application of international law in cyberspace (speaking in private capacity)

– **Anna Podgorska-Buompane**: Employee of Polish Digital Affairs Ministry, seconded to Polish permanent representation to the EU as digital and cyber attaché, chairs telecom working party during Polish presidency to the European Council, representative of Poland within the ICANN community

– **Audience**: Participant identified as Wouter Natwies, represents the dynamic coalition on the internet standards security and safety within the IGF system

– **Maciej Gron**: Representative of the Polish Cyber Security Agency, speaking on behalf of research institute NASK, deals with cyber security and works for Polish hotline, attorney at law

– **Joanna Kulesza**: Assistant professor of international law at the University of Lodz in Poland, director of research center Lodz Cyber Hub, on-site moderator for the session

**Additional speakers:**

– **Luke**: Online participant who submitted a question via chat (full name and credentials not provided)

# Multi-Stakeholder Governance and International Law in Cyberspace: A Comprehensive Discussion Report

## Executive Summary

This Internet Governance Forum (IGF) session, moderated by Joanna Kulesza, examined the intersection between multi-stakeholder governance and international law in cyberspace, with particular focus on preparations for the WSIS+20 review process. The panel brought together representatives from technical communities, government agencies, and cybersecurity practitioners to explore how international law can strengthen the multi-stakeholder model of internet governance.

The discussion revealed strong consensus among participants that multi-stakeholder governance represents an essential approach to managing global cyber challenges. Speakers emphasized that cyber threats and illegal content are inherently international problems requiring coordinated responses that transcend national borders, with international law frameworks providing necessary legal basis for effective multi-stakeholder decision-making.

## Key Participants and Their Contributions

### Technical Community Perspective

**Elena Plexida** from ICANN distinguished multi-stakeholder governance from consultation processes, emphasizing that “multi-stakeholder governance in the case of the global Internet is decision-making. You don’t just have stakeholders there who are being consulted. There’s actual decision-making.” She highlighted ICANN’s unique model where technical communities, governments, and civil society participate equally in decisions about internet identifiers.

Plexida explained how ICANN maintains “common technical language” that enables devices worldwide to communicate, noting that “I’m not aware of any other public resource, or public good, that is governed the way the fundamentals of the global Internet are governed.” She acknowledged the need for creative forum-building to coordinate between different technical organizations while operating within ICANN’s specific mission limitations.

### Government and Diplomatic Perspectives

**Helen Popp** from the European External Action Service presented the EU’s recent work on international law in cyberspace, including a declaration establishing shared understanding among member states on key legal principles. She noted that “the key challenge is to ensure that states interpret those rules by and large in the same manner,” while observing that the primary obstacle is that “too many states have thus far remained silent on this question.”

**Anna Podgorska-Buompane** from Poland’s Digital Affairs Ministry outlined her country’s EU presidency priorities, including strengthening the IGF and promoting multi-stakeholder governance. She emphasized that “internet governance and multi-stakeholder processes are the cornerstone of digital diplomacy” and described various initiatives including coordination among EU member states on WSIS+20 positions.

**Lukasz Kulaga**, representing academic perspectives on international law, advocated for more states to develop national positions on international law in cyberspace. He suggested exploring alternative mechanisms including potential involvement of the International Court of Justice and the International Law Commission, and highlighted gaps in current frameworks, particularly regarding protection of subsea data cables.

### Cybersecurity and Law Enforcement Perspective

**Maciej Groń** from the Polish Cyber Security Agency provided a practitioner’s perspective, stating emphatically that “the multi-stakeholder model is not a nice thing to have, it’s a must-have” because “even the best national laws are powerless if they are not required beyond borders.”

Groń highlighted successful international cooperation through INHOPE, which operates across 55 countries using common standards and universal classification schemas. He demonstrated how standardized approaches enable effective cross-border cooperation in addressing illegal content and cybersecurity threats.

## Areas of Strong Consensus

### Multi-Stakeholder Governance as Essential

All speakers agreed that multi-stakeholder governance represents a fundamental necessity for managing cyberspace. This consensus transcended traditional stakeholder boundaries, with technical community representatives, government officials, and cybersecurity practitioners all emphasizing collaborative governance as operationally essential rather than ideologically preferred.

### International Cooperation as Requirement

Participants unanimously agreed that cyber challenges require coordinated international responses beyond individual national approaches. Speakers emphasized that national laws alone are insufficient for addressing cross-border cyber threats, illegal content, and technical vulnerabilities affecting global internet infrastructure.

### International Law as Supporting Framework

Technical and legal experts agreed that international law frameworks provide essential legal basis for effective cyberspace governance. Speakers agreed that international law supports rather than replaces multi-stakeholder governance, providing legal foundation that enables technical communities to develop sound policies while ensuring accountability.

## Interactive Discussion and Key Questions

### Breaking Down Organizational Silos

Audience member **Wouter Natwies** posed a critical challenge about “how do we break the silos and come together to fundamentally rebuild the security of the internet together.” This intervention highlighted the gap between high-level governance discussions and practical security implementation across different technical layers and organizations.

Elena Plexida responded by acknowledging ICANN’s mission limitations while emphasizing the need for creative forum-building. She noted the importance of coordination between technical organizations while respecting existing mandates and structures.

### Preventing Government Circumvention

Online participant **Luke** asked about preventing governments from circumventing international treaties by pressuring private actors directly. Elena Plexida provided a detailed response using the Council of Europe Budapest Convention as an example, explaining how international frameworks can provide legal basis for cooperation while establishing proper procedures and safeguards.

This exchange highlighted practical challenges in implementing international legal frameworks and the importance of having established mechanisms for legitimate cross-border cooperation.

## Practical Examples and Case Studies

### INHOPE Network Success

Maciej Groń detailed how INHOPE operates across 55 countries using universal classification schemas that standardize content legality determinations across different jurisdictions. This example demonstrated practical multi-stakeholder cooperation in addressing illegal content through shared technical standards and coordinated responses.

### ICANN’s Governance Model

Elena Plexida explained how ICANN maintains global internet functionality through multi-stakeholder decision-making that ensures technical interoperability. She emphasized how this model enables equal participation by different stakeholder groups in making decisions about critical internet infrastructure.

### EU Common Positions

Helen Popp described the EU’s approach to developing shared positions on international law in cyberspace, noting that over 100 UN member states have now published positions on international law application in cyberspace, representing significant progress in building consensus.

## Implications for WSIS+20

### Strengthening Existing Structures

Speakers demonstrated preference for building upon existing governance mechanisms rather than creating new institutional structures. This approach reflects practical recognition that the internet governance ecosystem contains numerous organizations and processes that can be enhanced rather than replaced.

### Encouraging State Participation

The discussion emphasized the importance of encouraging more states to develop and publish positions on international law in cyberspace. This approach could help address concerns about legitimacy and representation while building broader consensus on fundamental principles.

### Integrating Legal Frameworks

The session highlighted opportunities for better integrating international law principles with multi-stakeholder governance processes, potentially providing enhanced predictability and legitimacy for collaborative governance mechanisms.

## Key Recommendations

### For States and International Organizations

– States should prepare national positions on international law application in cyberspace to increase transparency and contribute to legal development

– Regional organizations should continue developing common positions following the EU’s example

– Alternative mechanisms like ICJ advisory opinions should be explored when traditional dialogue reaches impasses

### For Technical Communities

– Technical organizations should explore creative forum-building approaches that coordinate across traditional silos

– Technical communities should continue engaging with international law development to ensure legal frameworks support effective technical governance

### For the Internet Governance Community

– The IGF should continue facilitating dialogue between international law experts and multi-stakeholder governance practitioners

– Internet governance organizations should explore better coordination mechanisms to address cross-cutting challenges

## Conclusion

This discussion demonstrated remarkable consensus among diverse stakeholders on the fundamental importance of multi-stakeholder governance for effective internet governance and cybersecurity. The strong agreement on collaborative approaches, international cooperation necessity, and international law relevance provides solid foundation for continued development of the multi-stakeholder model.

The session’s emphasis on building upon existing structures, combined with calls for increased state engagement with international law development, provides clear guidance for WSIS+20 discussions. The practical examples shared by speakers—from INHOPE’s cross-border cooperation to ICANN’s technical governance—demonstrate that multi-stakeholder approaches are not theoretical ideals but operational necessities for managing global internet resources effectively.

As the WSIS+20 review approaches, this discussion provides important evidence that the multi-stakeholder model enjoys broad support across stakeholder communities and can be strengthened through better integration with international law frameworks while maintaining its unique characteristics for governing global cyberspace.

Joanna Kulesza: Good afternoon, everyone. Thank you so much for joining us for this final session for today on multi-stakeholder governance and international law in cyberspace. My name is Joanna Kulesza. I’m an assistant professor of international law at the University of Lodz in Poland, and I have the privilege of directing a research center, the Lodz Cyber Hub, that researches how international law applies in cyberspace. It is my pleasure to be your on-site moderator today. I am joined today by our on-site moderator, the good spirits behind this panel, Mr. Viktor Skvarek, who will be managing our online participation. I welcome those of you who are joining us in the room and online. We have an excellent setup of speakers hosted here today by the Ministry of Digital Affairs, who’s the host for this session, and the Lodz Cyber Hub. For the purpose of time, I shall refrain from individual introductions, and I will ask our speakers to introduce themselves as they take the floor. And I will start by giving you the background for this panel. Why is it that it might be worth our while to discuss the application of international law in cyberspace during an IGF? As I’m certain you have noticed, there is an overarching theme of WSIS plus 20 input, and WSIS happening in a couple of days’ time will be the process where we decide if how we have governed cyberspace thus far through the multi-stakeholder model is indeed the way we wish to continue. As much as there is consensus, it will likely remain the way. There are also enhanced conversations around how international law could help us facilitate that model, make it more efficient, make it more inclusive, make it more predictable. And this is where our panel and our panellists come in. We will discuss broader issues of internet governance and international law. We will also look specifically into individual documents and processes that facilitate building a more resilient and sustainable cyberspace. For the opening remarks, I’m thrilled to share the floor with Mr. Maciej Groń, who’s representing the Polar Cyber Security Agency, and will give us a brief introduction from the governmental side on why it might matter to facilitate the multi-stakeholder model with international law. Sir, the floor is yours.

Maciej Gron: Thank you very much. I’m speaking on behalf of our research institute, NASK. I deal with the cyber security and I work for Polish hotline. Frankly speaking, I was trying to prepare something special, but discussing the topic of multi-stakeholder governance and international law in cyberspace has been discussed extensively, not only this IGF, but many IGFs before. So I can only say that the multi-stakeholder model is not a nice thing to have, it’s a must-have. And it’s not just a good idea, it’s a fundamental condition for our daily work. Even the best national laws are powerless if they are not required beyond borders. So from my perspective, as an attorney at law who’s working for the hotline, we are dealing with the illegal content, as you know. So there’s nothing like, you know, the national illegal content. The content is illegal content, especially the system is always international. So if the problem is international, we need the international solution. Absolutely any national regulation, which is only for one country, is absolutely not enough. But when we’re dealing with illegal content, we have really good examples, because we are not treating, you know, the regulation like traditional criminal codes or civil codes, because on the global level, it’s absolutely impossible. But we have, you know, very good standards, and we are working on the standards absolutely in the multi-stakeholder model. And we have, you know, the great institution which is called INHOPE, and also to this institution belongs 55 countries. So we have, you know, the good examples. And we are absolutely very optimistic that, you know, that this approach, multi-stakeholder approach, and international law, which we understand, you know, not, you know, like our national laws, because it’s… It’s impossible, we don’t have the international courts, which are the same like our national, so we have the good examples. The one example which I want to mention, this is for example the universal classification schema, which can standardize the content, where it’s legal, where it’s not legal. But you know the meaning of this content is always the same. And the cooperation is really very important, because for example the same material can be legal in one country and not legal in the others. Today we have discussed also the problem of deep fakes and deep notes. And this kind of materials are not legal in every country and not illegal in every country, so we have to cooperate somehow. So that’s why our standards which we have, they are helping us very much. And if someone thinks that good standards for one country is enough, I don’t think it’s true. And so I encourage everyone to cooperate with us, with our standards. And what is important, we have the very good examples, but as you know always, the regulation is not enough. So we need the people who will share this regulation and who will first of all respect these standards. But it’s very easy, the willingness is only important. So I think that when the focus is really concrete and the reason why we want to protect someone, in my case children, it’s enough to start and be efficient as much. Thank you very much.

Joanna Kulesza: Thank you. Thank you so much, Maciej. That’s a very important call for the bottom-up cooperation that we need to facilitate the multi-stakeholder approach to Internet governance, an important role for international law to play within that framework. For our panel, I’m pleased to welcome four speakers. We have a good hybrid setup, as you can see. We have some of our speakers joining online and some of them here in the room. The process for this panel shall be for our speakers to take the floor. I will kindly request them to speak for roughly 15 minutes. We have given them specific themes, which I will introduce as we progress. And then we would love to open the floor for your questions and or comments. We do have online participants. We encourage them to post their questions into the chat, clearly highlighting that that is the content of the question and to whom it might be directed. We will then read those questions out aloud. The remote participants are also encouraged to take the floor. And then we have remote mics available here for the participants in the room. So we would like to keep this session interactive, whereas we would kindly ask you to hold your questions and comments until after the presentations from our panelists. As already said, we have a wonderful setup of speakers representing different areas of where international law is being applied to cyberspace. It is my great pleasure to welcome our first speaker, Ms. Anna Podgorska-Buompane, who is representing Poland with the European Commission. Anna also is a representative of Poland within the ICANN community, and we’ve had fruitful conversations around how the work within the European Commission on internet governance and facilitating responsible state behavior in cyberspace could complement the WSIS 20 processes and the work done here within the IGF community. Anna has kindly agreed to offer a glimpse into the Polish presidency with that specific theme, and it is my great pleasure to hand the floor over to her with a brief, kind request for an introduction. Anna, the floor is yours.

Anna Podgorska-Buompane: Thank you very much, Joanna. Good afternoon, colleagues, panelists, and good afternoon to all attendees. First of all, I would like to kindly apologize because I was supposed to be on site, but due to the general strike here in Brussels, which affected basically all sectors, not only transport, the airports are closed and there are no planes taking off today, so that’s why unfortunately I had to join online. I am an employee of Polish Digital Affairs Ministry, but since many years I’ve been seconded to a Polish parent representation to the EU as the digital and cyber attaché, dealing mostly with cyber and digital diplomacy, and during Polish presidency to the European Council, I am chairing a telecom working party, focusing mostly on external relations. So, we thought that it would be a very good occasion to share our perspective on the external policies and multi-stakeholder approaches, including YSYS plus 20 review, since the presidency happens every 13 and a half years, so the next possibility for us would be indeed in so many years. So, just to very quickly sum up what we have introduced during our presidency, it’s to… have a clear view on the external relations of the EU and one of the Polish presidency priorities in the digital sphere was indeed a concentration on internet governance and multi-stakeholder processes which are currently taking place and which are indeed very, very important. So, we have worked within all 27 EU member states and we worked since the 1st of January being involved in elaborating different coordination positions, if I may only cite a couple of them. So, we have discussed EU and its member states together with the European Commission on the YSS plus 20 review. We have within the Council elaborated on different priorities but just to mention a couple of them. These are of course the issue related to straightening the IGF which is the cornerstone initiative on the IG, a human-centric and human rights-based approach, multi-stakeholder digital governance as the core of the UN system, of course straightening crisis to address the digital device and of course defending the open global free interoperable and secure internet through multi-stakeholder governance which is the really a key word for the EU but also for the Polish presidency. We have also provided the input to the ITU questionnaire on YSS plus 20 review and we have been also involved in the consultation of the scientific panel on AI and the global dialogue on AI governance. And just to also flag up that what of course going around the YSS and multi-stakeholder approach, we thought that the involvement of many different players not only member states would be very, very much important. That’s why we have also co-organized with the European Commission in April today a global multi-stakeholder high-level conference on governance of web 4.0 which the main panel was concentrated indeed on the internet governance and we had many distinguished speakers, also representatives of ICANN, governments outside of Europe and the discussion was indeed very good. Then also in Poland under the Polish presidency we have organized in May, the Conference on International Digital Partnerships and Projects, which we also discussed and mentioned the importance of internet and internet governance and the multi-stakeholder approach, also always within the view of the YSYS++20 review process. Our motto, our presidency was building the bridges, connecting the dots, making the and connecting the dots and so avoiding silos. So that’s why we thought that it’s very good also in the discussion to involve not only the experts but also diplomats. So that’s why under the umbrella of the EAS, European External Action Service, there is the digital diplomacy network present, which gathers 27 EU digital ambassadors. So we organized two on-site meetings of this DDN network. One of the teams which were discussed also among the digital ambassadors was also the YSYS++20 review. One meeting took place in Brussels, another back in Poland, in Szczecin, where we had also a good presence from EFTA countries representatives, where we could exchange of the joint approaches and understanding of the ongoing global processes. Last but not least, we have also involved with other stakeholders, very important, which was the ICANN, who kindly provided us with the workshop on internet governance. So we really had a very good turnout from the cyber attaches and telecom attaches. So I’m taking the possibility to thank you also, because I see among the panelists there is Elena, who is a representative of ICANN. And then we had also very good discussion under the roundtable, which we have organized with RIPE NCC back in Brussels on digital and cyber diplomacy, when also the YSYS processes and multi-stakeholderism was mentioned many times. So I would like to also mention that we are also willing to concentrate now, since the elements paper for the YSYS++20 review has been just published five days ago. So, and which address many issues, but also including cyber security being as a critical component to build confidence in the use of the ICT. So now we are analyzing this in details and of course, the discussion on that will follow in the council. And the other thing, which I would also mention and draw to your attention, last year in April, the European Council has asked the European Commission and the European External Action Service for the external strategy to the European Union, which has been published a couple of weeks ago. This is the joint communication from those two institutions. The document is available online and it’s public, so whoever is interested, it can be read through, but there is also indeed a very important component of internet governance in it and multi-stakeholderism. Indeed, it is also worth making familiar with that, apart of course from digital partnerships and cooperating with like-minded countries and other regions and states and organizations, the internet governance also has its place in this external EU digital strategy. Last but not least, I would like to mention also the focus, which we have towards the involvement of youth. So, not only as the country who has organized UN IGF also back in Poland, but also for the different processes and the technology importance, which are now taking place and the influence of the technology over the young people lives and the thinking perception. So, we also put a big and very important stress on that, that the young people who will be the legislators and the future policymakers, they are very important in this ecosystem to play a very active role. That’s why we also during the digital summit, which took place last week in Gdańsk, had the meeting of the very engaging, active and interested in the digital world young people with the high representative of the European Commission, Henna Birkunen. I have to say that the discussion with the executive vice president went very smoothly and it showed only how the young people, they are aware of what’s going on in the internet and how it can influence their life, including subject topics like disinformation, AI and others. So, with that, this was just a brief overview from my side. I’m sure that my other colleagues, they can deep dive on the more legal issues related to cyberspace. So, thank you very much and at the end, I will be open for any questions and comments you may have.

Joanna Kulesza: Thank you. Thank you so much, Anna. That was a very comprehensive overview of both the Polish presidency and its work around the multi-stakeholder model and support for the WSIS Plus20 as well as of the processes themselves. In your intervention, you mentioned ICANN and it is my pleasure to hand the floor over to our next speaker, Ms. Elena Pleksida, who is representing ICANN for the purpose of this conversation. Elena has a long-standing experience in both European policymaking, policy development and most recently, facilitating the cooperation between governments and the broader ICANN community. I have had the pleasure of working with Elena on multiple occasions before. It is my great honor today to welcome you to the panel, Elena. We have kindly asked you for the purpose of this panel to bridge that divide, perceived divide, between Internet governance and international law. It is one of our joint favorite topics and I know you have a very feasible, understandable way of explaining why international law might help with multi-stakeholder governance also from the technical community’s perspective. Thank you so much for finding the time and thank you so much for contributing to the discussion. It is my great pleasure to hand you the floor.

Elena Plexida: Thank you so much, Joanna. Hello to everyone. I hope you can hear me okay. pleasure of hearing Anna, another person which we have worked with fantastically not only during the past six months of the Polish presidency but also before and let me take the opportunity to thank the Polish presidency for setting up this discussion that we’re having today which I personally find very relevant as we’re moving towards the WSIS plus 20 review at the end of the year but also beyond that and also thank the presidency for the work they did on internet governance during the semester for the special care the presidency took to involve all stakeholders and really helping connecting the dots which is necessary I think if you ask me from my from my background both in policy making the classic way in European institutions but also the multi-stakeholder policy making it’s a it’s an actual absolute must so congratulations for the work you did in that in that space overall. Right on the topic at hand multi-stakeholder governance and international law. I think I would say to talk about multi-stakeholder governance and international law we first have to define if you will multi-stakeholder governance what it is that we’re talking about and see how this fits into or not it’s a discussion within the today’s international order within the Westphalian international order that we have today and we do things and then see how it interacts with international law. So let’s do that try to define what is it that we’re talking about what is this governance multi-stakeholder governance that we’re talking about and how it fits into the way we do things otherwise in the world. You know that I work for ICANN it’s been mentioned already it’s ICANN is one of the organizations that help maintain what we know as the global internet. It’s a family of technical organizations you have the IETF and the regional internet registries lots of organizations it’s not just one they do what we say they maintain the fundamentals the those that give you that the network layer of the internet hence you have a global internet. I’m not a technical person hence the way I describe it usually is that we maintain some sort of common technical language so all the machines and all the devices and the other three are in the middle of the screen. The devices that are on the Internet, they use the same language, which is unique. Because there is this uniqueness, and this same technical language, they can find each other, and that’s the way you have a global Internet. Otherwise, we would have different segments of it here, there, left, and right. So this is what we do. Now, how we do it. How we do it goes back to the multistakeholder governance. Let me correct it here. Internet is really a public resource. I said that it’s time to be corrected here, because at least to my knowledge, I’m not aware of any other public resource, or public good, if you will, that is governed the way the fundamentals of the global Internet are governed. Usually what you have is, let’s take the example of Spectrum. You have a global organization composed of governments, sitting there in their sovereign rights to do that, and make decisions about how to govern a public resource. In the case of the global Internet, the fundamentals, the identifiers of the Internet, it doesn’t work exactly that way. We have governments sitting there, but we have everyone else sitting there on an equal footing, so stakeholders such as the engineers, those that know how standards work, civil society, and others. They sit together and they make decisions collectively. The word decisions is quite important in what I’m trying to say. Multi-stakeholder governance in the case of the global Internet is decision-making. You don’t just have stakeholders there who are being consulted. There’s actual decision-making. In the case of ICANN, just to pick up on ICANN as an example, this decision-making that is done by the technical community changes things, can change things, like the very root of the Internet. You can imagine the gravity and the importance. The global Internet, the fundamentals of the Internet, they know no borders, and they should know no borders. otherwise we wouldn’t have a global internet. So you can say in one way that the governance that is applied on the global internet is consistent with the system we’re trying to govern, like it’s a global system. So also the governance, if you will, in a way it’s outside of sovereignty. By not having governments alone making the decisions, it operates in a very different way. It might be an exaggeration when I say outside sovereignty, but that’s the way I perceive it at least, just by the fact that there is no exercise of sovereign right as such. And another reason, to be honest with you, that I think, and that’s my personal take, that we have this special governance, this multi-stakeholder governance model that became the way it is today. I believe it has to do also with the point in time when the internet became what it is today. The internet grew at a point in time when we were moving from nation states to globalization, we liked each other, there was a collaborative atmosphere all over the place. And I think that this is reflected into the internet as an invention and also in its governance, which as I said before, it’s quite special, it’s left outside sovereignty in a way. Now, of course, the world is not the same place as it used to be. There are geopolitical tensions and that in itself is a topic of another panel discussion, so I will leave it here and now continue. I will only suffice to say that the multi-stakeholder governance, when it comes to the global internet, as Matsi said very nicely at the beginning, it’s not a nice to have, it’s a must have, because it enables and it protects the global internet. Now, going to the question of how multi-stakeholder governance affects or how it interferes, intervenes and interplays with international law. As I said, we have this multi-stakeholder governance where everyone is sitting around the table, it’s bottom-up decision-making. Again, I will say it is decision-making. So everything that has to do with the technical standards that run the internet is done through that one. And this is something we should always keep in mind, particularly if we are to design international law frameworks in the future. We have to remember this particularity of how the internet works and how the governance of the internet needs to work. That doesn’t mean that everything is happening in the vacuum and there’s nothing that has to do with international law, like it’s completely separate, no. We don’t have a vacuum, as I said, technical communities are there to, yes, create policies around the standards, which keep the internet stable and secure and global, but they’re not there to interpret or draft international law. International law has to be given by the actors that need to be given. It helps the policymaking of technical communities. Just to give you an example, there are issues that the technical communities are discussing, aside the standards as such, which have to do with registration of IP addresses, registration of domain names, how to uphold privacy when it comes to registration or other issues. how to enable cyber security, how to combat abusive use of domain names, which might be used in phishing, spam, what have you. Having a legal basis by international law is super important to be able to have sound policy also within the technical organizations, because imagine a situation where we have, I don’t know, one jurisdiction looking into an issue in one way and implementing a law, and in the other hand, another jurisdiction implementing the exact opposite. Then the technical community cannot, it will be a madness, they cannot put in place rules that will help. And the other way around, how the multi-stakeholder governance and policymaking would influence, if you will, impact or have some sort of impact on international law. I think I would say here that having international law being incorporated the way it needs to be, case by case, into technical community policymaking means that we sort of have a level setting for international law. It furthers its application globally. And I will again here quote Maciej, who said at the beginning, and I really like that, that laws are not good enough if they do not work beyond borders. And that I would say is something that the multi-stakeholder governance model with its global reach then furthers international law where it is applied in different policies, as Maciej said. I think I will stop here. I’m looking forward to the discussion. Thank you very much. Thank you. Back to you.

Joanna Kulesza: Thank you so much, Alina. That was most insightful and very comprehensive, as per usual. It’s the perfect framework for us to dive deeper into what international law actually means in this context. We have looked at policy development processes. We have looked at internet governance per se. And it is my pleasure to hand off the floor to our next two speakers who will focus on international law indeed. Our first speaker is Ms. Helen Popp, who is the cyber policy officer with the European External Action Service. Helen will focus on a document recently adopted at the end of last year, that is the and Mr. Lukasz Kulaga. Thank you. So, the first thing I want to highlight is the declaration of the application of international law in cyberspace adopted by EU member states. Now, this is a significant achievement, particularly because as much as different states have produced their own understandings, documents where they would identify how they read the application of international law in cyberspace, such a common understanding remained a challenge. Now, we do have that document, so if you’re looking for a one-stop shop for the European perspective on how international law applies in cyberspace, that just might be that document. But I’m thrilled to welcome Helen here, because I know there is so much more substance, both to the document and the context in which it was approved, elaborated, and the steps that will follow. I don’t mean to spoil the surprise, and I will kindly ask you, Helen, to take the floor and tell us as much as your mandate allows you. Thank you so much for joining us.

Helen Popp: Thank you very much, Anna. It’s a pleasure to join this workshop, and I regret that I’m unable to be there in person this time around, but there is always next time. Yes, as you said, I currently serve as a cyber police expert at the European External Action Service. Over the past four years, I have primarily focused on UN negotiations, particularly related to the Open-Ended Working Group on cyber issues, but I will come back to that a little bit later. So, yes, as you mentioned, in November 2024, the European Council approved a declaration by the EU and its member states on a common understanding of the application of international law to cyberspace. The declaration is not legally binding and does not affect the national positions of member states. However, it is the public common political understanding of the EU and its member states on several important legal topics. But most importantly, the declaration signals that international law remains fit for purpose in this digital domain and restates that the European Union states will obey certain rules and obligations when conducting activities in cyberspace. In that sense, the declaration is a political and diplomatic instrument, but carries legal implications. And when it comes to those legal aspects, then EU member states have agreed, first, that states have a legal obligation, not merely a political commitment, to ensure that their territories are not used for malicious cyber operations that violate the rights of other states. This duty prevents states from knowingly allowing actors to operate from or through their territories and instead requires states to engage in their best efforts to stop such conduct. In law, this is commonly referred to as the due diligence obligation. As well, together we have emphasized the application of international humanitarian law and human rights law. Additionally, we stated that in determining the threshold of use of force, the combined effects of several cyber operations can, when taken together, be comparable to a kinetic use of force. This is especially relevant in the cyber context as cyber operations are mostly part of a campaign. EU states have also recognized that states must bear legal responsibility for their unlawful conduct in cyberspace. Importantly, the EU Common Declaration sets out the various legal bases for attributing cyber operations to states. This is an important milestone as it demonstrates that states cannot escape legal responsibility when they, for example, outsource their cyber operations to other states. we reaffirm our commitment to the UN processes on cyberspace and the full applicability of international law to cyberspace. By putting forward this declaration we wanted to incentivize not only EU member states. By the time we started to work on the declaration around half of the EU member states had their national positions. Now there are quite a few more that have put forward their national positions but also encouraged all UN member states to develop and share their understandings of international law and signal that even though states might not agree on all aspects of applicability of international law to cyberspace it is still possible to agree on a set of key legal principles. To that end numerous states individually or collectively have put forward in the current open and effective working group their views on the relevant applicable rules as well as how these rules are to be interpreted in the cyber context. In conjunction with the EU 2024 declaration on a common understanding of the application of international law to cyberspace as well as the African Union common position on the application of international law in cyberspace over 100 UN member states have now individually or collectively published their position on the application of international law in cyberspace which makes a significant and encouraging milestone. It’s a completely different discussion what the current open-ended working group has produced in past four or five years but for me this one really stands out. And as a last point it’s also important to note that for us this declaration is not the end of the road. The declaration will likely be updated in the coming few years possibly maybe a little longer but the next years to come when we can agree on more points or when interpretations have evolved but I will leave it here at this point. Thank you.

Joanna Kulesza: Thank you so much Helen. It’s important to emphasize that this is the toolbox with which we’re trying to facilitate multi-stakeholder governance so all the norms that you kindly mentioned are there to ensure that the multi-stakeholder model the WSIS plus 20 and as you highlighted the further work built on the open-ended working group to zero draft the plan of action remain visible remain valid and they do support us in building this community and these bottom-up processes further. And this brings me to our last speaker Professor Lukasz Kulaga Kuwaga who’s representing the foreign ministry but also is a fellow experienced academic with a background in developing an actual national position on the application of international law in cyberspace. The question is quite simple. Why do states do that? And how does that help us keep the multi-stakeholder model safe and secure? Thank you so much for joining us, sir. The floor is yours.

Lukasz Kulaga: Thank you, Anna, and thank you for the possibility of participating in this panel. Let me also add that I’m speaking in my private capacity here. The question of application of international to cyberspace is intensively debated in the GGE and OEWG processes. Indeed, as I speak, the preliminary works on the report from 2021-2025 session of OEWG is ongoing. The purpose of my short presentation is, first of all, to advocate, particularly to states that have not yet done so, to prepare their national position on application of international law in cyberspace. And secondly, I would like to also mention other possibilities for developing international law in this area. Thus, my aim is to present possible modest steps that can be made to strengthen cybersecurity, which, as mentioned by Elena, is important for multi-stakeholder governance. So, first of all, on national statements. Poland has prepared its position in 2022 after two years of process prolonged due to the COVID epidemic and the aggression against Ukraine, and we have contributed also to the development of the common position of the EU just mentioned. I acknowledge that preparing such a public statement by a state is a challenging task for a different set of reasons. Firstly, the approach presented will affect not only the legal position of a state in a cyberspace, but also, or perhaps mostly, in a kinetic world. Secondly, outside of the courtroom or diplomatic negotiations, states are usually reluctant to present a very specific interpretation of fundamental rules of general international law. And thirdly, their inter-agency process, which usually is required for having a great national position, can be burdensome. It often requires from Ministry of Foreign Affairs lawyers to explain the potential legal consequence of the use of concrete wording to colleagues. and many others from other ministries. All of this is usually time-consuming and results often in a document of rather general than very specific character. Still, having such a position is beneficial for several reasons. They include fostering transparency of the conduct of states in cyberspace. They contribute to interpretation of international law, either treaty, customary or both. Finally, such a position adopted by a government can have also utility for several national procedures. As it usually concerns general international law applicable to all fields, not only to cyber, it can be important point of reference for any discussion and decision-making processes at domestic level. And on the second point, we have to be also aware of the limits of the developing international law through national position. Taking into account the collective position of the African Union member states, the European Union member states, we can identify around 100 states that have already presented their position either individually or collectively. The rather obvious result of this practice is at least to some extent cacophony of variety of interpretations of law. The existing different interpretations of international law offline influence approaches for its online application. Thus, I would like to draw your attention to some ideas discernible in international practice or academia that can also help to develop international law in this area. First, on the hardware aspect of cyberspace, existing international legal regimes do not adequately protect subsea data cables from international damage, nor do they effectively hold perpetrators of such a damage accountable. Thus, negotiating new instrument would be also… process still the new binding instrument even if not accepted by all states can contribute to crystallization of customary international law in this respect. Second, in the UN recent three years showed the advisory competence of International Court of Justice that is used more often to solidify international legal framework in the specific area. In particular currently ICJ is deliberating on question of General Assembly concerning obligation of states in respect of climate change. The resolution formulating the question was the first request for an ICJ advisory opinion to be adopted by a consensus. In the written proceedings 91 written comments have been filed mostly by states. Thus it is another proof that the general questions can be presented to the International Court of Justice for its explanation of existing law in a particular area. And third point also worth reflecting is referring the issue of application of international law in the use of ICTs to the International Law Commission. Already in 2008 International Law Commission working group considered whether to work on the topic Internet and international law. At that time the Commission has not decided to progress on this issue. Certainly the ILC would be an adequate forum to work on the application of international law in the use of ICTs as the topic concerns fundamental principles of international law. In accordance with article 16 and 18 of the ILC statute the General Assembly can refer to the Commission particular topics. The Commission conclusion, the potential Commission conclusion in this respect could contribute to strengthening legal framework. in this area. Thank you one more time for the possibility to participate in this panel and I’m happy to engage in discussion if there’s an interest.

Joanna Kulesza: Thank you. Thank you so much. This brings us to the end of our panel. We’ve heard a plethora of views with regards to the most recent developments on the application of international law and cyberspace on internet governance and this is the time for our audience to chime in. I warmly encourage our participants in the room to use the microphones that you have available. There’s also a roaming mic standing right there. I encourage our online participants to pose their questions in their chat or raise their hands and while you’re pondering on those questions please let me refer a few general points to our speakers. I will ask them to try and answer these scoping questions in the order of their presentations. I believe the questions to pose here obviously reflect around how the internet governance community gathered here in the room can further facilitate bridging this relationship between international law and cyberspace. We’ve heard a lot about how states are working on making sure that international law indeed is a tool to facilitate multi-stakeholder governance and the peaceful use of ICTs. It is therefore for us to try and question how that might be put into practice as we approach WSIS plus 20 and as Helen highlighted the work of the open-ended working group comes to a conclusion. I’m going to ask our speakers to think about this question or these issues but I also see a first question from our floor being addressed so I’m going to give the floor to our participants to kindly introduce yourselves sir and specify who you would like to address your question to. Please go ahead.

Audience: Thank you very much Johanna. Can you hear me? We can hear you. My name is Wouter Natwies and I represent the dynamic coalition on the internet standard security and safety here within the IGF system. I’ve heard the lady from ICANN and ICANN does all sort of decisions on security but they promote mostly DNS security so the domain name system. With the registries they mostly do routing systems so everybody is working in their own silo so that’s comment one. Then you hear the UN system working on high-level security and international law. But the attacks that happen on the internet usually happen through vulnerabilities that are inside of the devices, inside of services, inside of connections. And what my Dynamic Coalition is working on is how do we make sure that these flaws are being ended by the deployment of existing, sometimes decennial existing, new cybersecurity standards that have come into place of the old ones. So the question is why are we not addressing fundamental options to end flaws in our systems, which can be done by industry by using these standards, by deploying DNS security, routing security, building secure websites. But you can’t do that within your silo. So the question is to maybe all panelists, how do we break the silos and come together to fundamentally rebuild the security of the internet together? Because we have to do this together and it’s not a one silo solution. So that’s the question to maybe all of them. How do we get together and make sure that we make sure these flaws are ended? Thank you.

Joanna Kulesza: Thank you so much for that. It’s the perfect question because that’s precisely the purpose of this session. We’re trying to figure out how to bridge those very high-level conversations that aim towards ensuring stability and security of the network with those bottom-up processes that ICANN has managed in facilitating so successfully. Yes, I see Elena’s hand is up and it does feel like the question was primarily addressed to you and I’m happy to give you the floor, but I will give all of our panelists a chance to address that very vital and practical question. Thank you again for posing it. Elena, the floor is yours.

Elena Plexida: Thank you. That is indeed an excellent question and I do think that I might be able to provide an answer, but that’s from a perspective of one of the technical organizations and as the question really highlighted, it’s not one that has to provide an answer. It’s all of us. How are we going to get off our… and Mr. Lukasz Kulaga. Thank you, Mr. Kownacki. Thank you, Ms. Plexida. I would like to start with the technical layer of the Internet, which is where ICANN and the ITF and all of us are working. But when it comes to content, ICANN by its silos cannot get there. In answer to the question, I do agree. This is a very good point. How do we get out of our silos? Obviously, we need to find the space to have these discussions. I would like to give you an example that recently came out, not from the ICANN community, because as I said, ICANN has a very specific mission. So the community that gets together in ICANN, they’re there to make policies for the DNS. And that’s it. But players that are within ICANN, so domain name system operators and IP address operators, they came together in a forum that they created themselves with content providers. And to my knowledge, this is not a dialogue that happens that often. But I’m raising this as an example of what can be done and what can be done. And I would like to give you an example. And to my knowledge, this is not a dialogue that happens that often. And to my knowledge, this is not a dialogue that happens that often. But I’m raising this as an example of what can be done outside or further to think creatively about how to… Because, yeah, it takes all of us. It takes a village. It’s not one thing fits all. It fixes all. Like, for example, if just by promoting DNSSEC and fixing DNSSEC everywhere around the world, that doesn’t mean that we have solved all the problems that cybersecurity is doing. So I would like to give you an example. It takes a village. It’s not one thing fits all. It fixes all. Like, for example, if just by promoting DNSSEC and fixing DNSSEC everywhere around the world, that doesn’t mean that we have solved all the problems that cybersecurity is doing. We have to discuss. Thank you. I hope.

Joanna Kulesza: Thank you. Thank you so much, Elena. This is precisely where we’re having this conversation to make sure that these parallel dialogues I do wear an ICAN at-large hat on regulatory advancements. She has kindly led the work within ICAN, meeting regularly during the face-to-face ICAN sessions, updating us on all the regulation around the globe that might impact the way that the technical community facilitates and operates, and these meetings have, that past year, been happening monthly. So if you’re interested, I’m more than happy to answer questions and provide more details. I’m going to check if any of our other panellists might have an answer for Wout. I feel like he touched directly at the core of our purpose here. How do we bridge the silos? I’m going to check with our on-site, Lukasz Kulaga Maciek, Lukasz Kulaga, please, go right ahead.

Lukasz Kulaga: Thank you. So how do we get together? I would say that my experience of the discussion is rather of more macro level on the fundamental rules of international law than on standards, but what I tried to say is that I see the limits of the dialogue between states as these dialogues are also very politicised, and certainly on fundamental rules of international law, but I would guess that on those detailed technical standards, as you will, they could also be still functional. That is why in my last part of presentation, I tried to indicate that perhaps one way to go forward is to, at least to some extent, transfer the possible answers to other institutions, such as that I mentioned, for example, International Law Commission or International Court of Justice. Thank you.

Joanna Kulesza: Wonderful. Thank you very much. Maciek, please, go right ahead.

Maciej Gron: If I can add just a few words, Anna Podgórska-Bombaner has mentioned, you know, about, you know, the motto of the Polish presidency, let’s build the bridges and connect the spots. I think that it’s, I know it’s only the motto, but it’s not easy, you know, just for this on a general level to say much more, because, you know, the multi-stakeholder model is not about, you know, only the inclusiveness, it’s about effectiveness, and we cannot find, I don’t think that we cannot leave, you know, this multi-stakeholder model. It’s crucial, you know, to be still in this model. Of course, when we are discussing, you know, the things which are very specific, we have to work with professionals, not open, doesn’t mean that everyone can say everything, but this is the only reason how can we cooperate with.

Joanna Kulesza: Wonderful. Great answer. Thank you so much. I’m going to check with our, there you go. I see Helen’s hand is up, and I see Anna’s hand is up. Helen, please go right ahead, and I’m going to give the floor to Anna. I do note we have one question in the chat, I’m going to move to our remote participation moderator next. Helen, go right ahead.

Elena Plexida: Yes, thank you very much. Just to complement what was just said, that the key challenge with respect to the application of international law in cyberspace is the fact that the relevant rules of international law that regulate state conduct in cyberspace are inherently quite abstract, and therefore need to be interpreted in light of their object and purpose. The key challenge is to ensure that states interpret those rules by and large in the same manner. A challenge we face today is not so much that states’ interpretations vary significantly, but rather that too many states have thus far remained silent on this question, and therefore we do not know where they stand on those issues. Therefore, we need the trend of adopting national, regional positions. to continue, and the next logical step will be to streamline views and interpretations where very necessary. Thanks.

Joanna Kulesza: Thank you. Anna, go right ahead.

Anna Podgorska-Buompane: If I may only add, I subscribe under what was said by panelists, but I would like to also say that during the Polish presidency, cybersecurity was very high, if not saying highest on the agenda. So, indeed, we had a lot of discussion in the Council among the member states. And just to draw your attention to the fact that on the 6th of June, Telecom Council has adopted the EU blueprint to better manage European cyber crises and incidents. So, it is public, and it shows how important it is to have the special kind of guidelines to member states to enhance preparedness and detection capabilities and response to cybersecurity incidents. So, I encourage everyone to read it through. But also, what is also very much important that while speaking about some kind of the actions, it is important to stress that we cannot multiply the efforts and having the new structures, but rather to build on the existing and have them working together. So, this is just…

Joanna Kulesza: Thank you. Thank you, Anna. That’s a very relevant point. This is why we’re raising this at the IGF, an existing platform with decades of experience. That’s the appropriate way to do it. My job here today, unfortunately, is also one of a timekeeper. I am mindful of 10 minutes remaining. I have been warned that if we go over time, the lights will just go out. So, we don’t want to do that. What I’m going to do is I’m going to kindly ask our remote participation facilitator, Mr. Wiktor Skwarek, to address the question that is in the chat. So, if you could kindly take us through that query, and then I’m going to solicit the speaker. I’m going to try and find those of you who might wish to address it. Mr. Skwarek, the floor is yours.

Viktor Skvarek: Yes, we have a question online from Luke, and the question reads, how can we ensure that the governments, and in particular, law enforcement agencies, don’t attempt to circumvent the passing of international treaties by forcing private actors to abide by foreign laws and processes?

Joanna Kulesza: Thank you. That is a very interesting, very practical question. I feel like it’s a loaded question as well. There’s a little bit of politics in there. I’m not sure who of our… Elena, thank you so much. The technical community has much more freedom to discuss political implications. Please kindly take the floor.

Elena Plexida: I’m not sure it’s the freedom, or rather maybe speaking from experience. There you go. Maybe you will. The question Luke is bringing up is really relevant, and not that easy to answer. Not a straightforward answer, or might not even be effective. So, I would say, from one hand, you have to make sure that in the dialogue, or whatever it is there, before the policymaking, all the voices are heard. This goes back to the beauty and the relevance of the multi-stakeholder policymaking, or the multi-stakeholder model, or the multi-stakeholder discussions, even if we’re not talking about decision-making, but we’re talking about stakeholder consultation. So, the safeguards that the civil society or academics can bring around human rights, they’re absolutely essential, because imagine a discussion, a debate, leading up to policy that is dominated by law enforcement or by governments only. that you will only have one side of the story, so that’s one way to make sure that things not go in one direction or another direction. You need to maintain the balance. The other thing I would say is the role of the technical community there. There has to be involvement in the sense of technical experts are also needed to explain things, explain how things technically work, because we’ve seen that policymakers are rightfully so trying to address an issue, a problem that is an online problem at the content level by intervening at the technical level of the internet or intervening at the multi-stakeholder policies, which if you ask me, it’s actually not consistent with championing the multi-stakeholder approach. So if we are agile to those things and we give input, I think it’s one way to try to ensure that things do not go south. If I may, just for one more minute, I have an example to say here, which comes from the Council of Europe, I would say. Council of Europe at some point in time, pretty recently, you might recall, worked on the second additional protocol to the Budapest Convention. And that goes back to what I was saying that international law is useful for the multi-stakeholder policymaking. The multi-stakeholder policymaking is there to put policies and standards for the technical foundations of the internet. But we need a legal basis for things to happen beyond what is within our remit. The second additional protocol to the Budapest Convention gave a legal basis which had to do with operators, in case of cyber security problems, being able from one, sorry, law enforcement agencies in one jurisdiction, being able to ask for information relevant to a search from an operator that is in another jurisdiction. That is helpful. That is, that enables also the ICANN community to do things. But without a legal basis, you can’t do that. And why am I raising it as an example? Council of Europe did the whole consultation and the whole drafting of the second additional protocol. Of course, this is just one article that I mentioned is relevant to ICANN. in a way that was just putting in place what was needed to help, i.e. the legal basis, with taking extra care of not intruding the multi-stakeholder policymaking or not circumventing other rights. For anyone who has the time to look at the memorandum, sorry, the explanatory note, it gives the whole thing. But just a shout-out, and it can be done. That’s, I guess, what I’m trying to say with this example. Thank you.

Joanna Kulesza: Great, thank you so much. Again, mindful of the time, I’m just going to check if anyone wishes to chime in on that politically. Lukasz, please, go ahead.

Lukasz Kulaga: So, on the enforcing of domestic law and bypassing treaties, the one issue is that, as Helen mentioned, with respect to the cyberspace, we have only treaties on criminal cooperation. So, we have the Budapest Convention, and we have the just recently negotiated UN Cybercrime Convention. So, there are some treaties. Not all of them are enforced, but there are treaties on cooperation in these matters. But generally, I would say that the answer is of general nature. So, if a state makes an effort to enforce its domestic law, then it is up to the state of the national to protect him against this action of the third state. So, here I would come back with the sovereignty. The sovereignty can be, I understand, problematic for some elements of Internet governance. But with such a situation, it’s also the sovereignty that would protect this national not to be bound by the law of the third state. Thank you.

Joanna Kulesza: Great. Thank you. Wonderful. I think that’s the perfect summary to emphasize how the general links with the very specific, right? We do have the norms in place. Our timer has now gone into a red mode, which implies I should be wrapping this up, and I’m happy to do that. Thank you so much for taking the time to join us. Someone once told me that international law is boring. I refuse to believe that. I hope we’ve been able to convince you that there’s so much potential in those general norms and how they impact the everyday Internet usage of everyday Internet end users. Thank you for taking the time for being here and being here. All of our speakers, I am certain, are available for you to follow up with. Me, myself, personally, I’m more than happy to answer specific, detailed questions. This is what we do, both within the ICANN community and beyond. The Polish presidency has gone a long way, making sure that cybersecurity is relevant to European and international. and Mr. Maciej Kowalski, Mr. Rafał Kowalski, Ms. Anna Podgorska-Buompane, Mr. Lukasz Kulaga and Mr. Lukasz Kulaga. And with that I’ll turn it over to the ministry on behalf of our hosts here. I can add that we should avoid the simplest solution because it’s impossible to find one solution and it’s really not enough. Absolutely, that’s why we’re here at the IGF. Thank you so much to our speakers, please join me in giving them a hand. Thank you everyone. This session is adjourned.

Agreement points

Multi-stakeholder governance is essential, not optional, for effective internet governance

Speakers

– Maciej Gron
– Elena Plexida
– Anna Podgorska-Buompane

Arguments

Multi-stakeholder model is not nice-to-have but must-have for daily work

Multi-stakeholder governance protects and enables the global internet by operating outside traditional sovereignty constraints

Polish presidency prioritized internet governance and multi-stakeholder processes as cornerstone of digital diplomacy

Summary

All speakers agree that multi-stakeholder governance is a fundamental necessity rather than an optional approach for managing cyberspace and internet governance effectively

Topics

Legal and regulatory | Infrastructure | Development

International cooperation is necessary because cyber issues transcend national borders

Speakers

– Maciej Gron
– Elena Plexida
– Helen Popp

Arguments

National laws are powerless if not applied beyond borders, requiring international solutions

Multi-stakeholder governance enables global reach that furthers international law application beyond borders

Over 100 UN member states have now published positions on international law application in cyberspace

Summary

Speakers unanimously agree that cyber challenges are inherently global and require coordinated international responses that go beyond individual national approaches

Topics

Legal and regulatory | Cybersecurity

International law provides necessary framework for cyberspace governance

Speakers

– Elena Plexida
– Helen Popp
– Lukasz Kulaga

Arguments

International law provides necessary legal basis for sound technical community policymaking

EU declaration establishes common understanding that international law remains fit for purpose in digital domain

National positions on international law foster transparency and contribute to legal interpretation development

Summary

Technical and legal experts agree that international law frameworks are essential for providing legal basis and structure for effective cyberspace governance

Topics

Legal and regulatory | Cybersecurity

Building on existing structures is more effective than creating new ones

Speakers

– Anna Podgorska-Buompane
– Joanna Kulesza

Arguments

EU blueprint for cyber crisis management emphasizes building on existing structures rather than creating new ones

International law can make multi-stakeholder model more efficient, inclusive, and predictable

Summary

Speakers agree that strengthening and leveraging existing governance mechanisms is preferable to multiplying efforts through new institutional structures

Topics

Legal and regulatory | Cybersecurity

Similar viewpoints

Both speakers emphasize that effective governance requires genuine participation and decision-making power for all stakeholders, not merely consultation, particularly for addressing cross-border challenges

Speakers

– Maciej Gron
– Elena Plexida

Arguments

Illegal content and cybersecurity threats are inherently international problems needing global cooperation

Multi-stakeholder governance enables decision-making by all stakeholders on equal footing, not just consultation

Topics

Cybersecurity | Legal and regulatory

Both speakers are concerned about inappropriate government intervention and emphasize the need for proper boundaries between different levels of governance and expertise

Speakers

– Elena Plexida
– Lukasz Kulaga

Arguments

Technical expert involvement prevents inappropriate intervention at technical level for content-level problems

State sovereignty can protect nationals from enforcement of foreign domestic laws

Topics

Legal and regulatory | Infrastructure

Both legal experts emphasize the importance of clear state obligations and transparency in how international law applies to cyberspace

Speakers

– Helen Popp
– Lukasz Kulaga

Arguments

States have legal obligation for due diligence to prevent malicious cyber operations from their territories

National positions on international law foster transparency and contribute to legal interpretation development

Topics

Legal and regulatory | Cybersecurity

Unexpected consensus

Technical community and government representatives agreeing on sovereignty limitations

Speakers

– Elena Plexida
– Lukasz Kulaga

Arguments

Multi-stakeholder governance protects and enables the global internet by operating outside traditional sovereignty constraints

State sovereignty can protect nationals from enforcement of foreign domestic laws

Explanation

It’s unexpected that both a technical community representative and a government legal expert would agree on the limitations of traditional sovereignty in cyberspace, albeit from different perspectives – one seeing it as necessary for global internet function, the other as protection against overreach

Topics

Legal and regulatory | Infrastructure

Agreement on the need to break down silos across different stakeholder groups

Speakers

– Elena Plexida
– Anna Podgorska-Buompane
– Audience

Arguments

Coordination between technical organizations, content providers, and other stakeholders requires creative forum-building

Polish presidency prioritized internet governance and multi-stakeholder processes as cornerstone of digital diplomacy

Technical vulnerabilities require breaking down silos between different internet governance organizations

Explanation

Unexpected consensus emerged between technical community, government, and civil society representatives on the need to overcome organizational silos, suggesting broad recognition that current fragmented approaches are insufficient

Topics

Infrastructure | Cybersecurity | Legal and regulatory

Overall assessment

Summary

Strong consensus exists on the fundamental importance of multi-stakeholder governance, the necessity of international cooperation for cyber issues, the relevance of international law frameworks, and the preference for building on existing structures rather than creating new ones

Consensus level

High level of consensus with significant implications for legitimizing and strengthening the multi-stakeholder model as the preferred approach for internet governance, particularly as the WSIS+20 review approaches. The agreement across technical, governmental, and legal communities provides strong foundation for continued development of this governance model.

Different viewpoints

Role of sovereignty in cyberspace governance

Speakers

– Elena Plexida
– Lukasz Kulaga

Arguments

Multi-stakeholder governance protects and enables the global internet by operating outside traditional sovereignty constraints

State sovereignty can protect nationals from enforcement of foreign domestic laws

Summary

Plexida argues that effective internet governance requires operating outside traditional sovereignty constraints to maintain a global internet, while Kulaga emphasizes sovereignty’s protective role against extraterritorial enforcement of laws. This represents a fundamental tension between global governance needs and state sovereignty principles.

Topics

Legal and regulatory | Infrastructure

Unexpected differences

Scope of multi-stakeholder decision-making authority

Speakers

– Elena Plexida
– Maciej Gron

Arguments

Multi-stakeholder governance enables decision-making by all stakeholders on equal footing, not just consultation

Multi-stakeholder approach with international cooperation is fundamental condition for addressing global cyber issues

Explanation

While both strongly support multi-stakeholder governance, there’s an unexpected subtle disagreement about its scope. Plexida emphasizes actual decision-making power shared equally among all stakeholders, while Gron focuses more on professional expertise and cooperation, noting that ‘not everyone can say everything’ and emphasizing the need to work with professionals. This suggests different views on how inclusive and democratic multi-stakeholder processes should be.

Topics

Legal and regulatory | Cybersecurity

Overall assessment

Summary

The discussion shows remarkably high consensus among speakers on fundamental principles, with disagreements primarily emerging around implementation approaches rather than core goals. The main areas of disagreement involve the balance between global governance needs and state sovereignty, and the specific mechanisms for achieving multi-stakeholder coordination.

Disagreement level

Low to moderate disagreement level. The speakers demonstrate strong alignment on the necessity of multi-stakeholder governance, international cooperation, and the application of international law in cyberspace. Disagreements are primarily tactical rather than strategic, focusing on how to implement shared goals rather than questioning the goals themselves. This high level of consensus suggests a mature field with established principles, though implementation challenges remain significant.

Partial agreements

Similar viewpoints

Both speakers emphasize that effective governance requires genuine participation and decision-making power for all stakeholders, not merely consultation, particularly for addressing cross-border challenges

Speakers

– Maciej Gron
– Elena Plexida

Arguments

Illegal content and cybersecurity threats are inherently international problems needing global cooperation

Multi-stakeholder governance enables decision-making by all stakeholders on equal footing, not just consultation

Topics

Cybersecurity | Legal and regulatory

Both speakers are concerned about inappropriate government intervention and emphasize the need for proper boundaries between different levels of governance and expertise

Speakers

– Elena Plexida
– Lukasz Kulaga

Arguments

Technical expert involvement prevents inappropriate intervention at technical level for content-level problems

State sovereignty can protect nationals from enforcement of foreign domestic laws

Topics

Legal and regulatory | Infrastructure

Both legal experts emphasize the importance of clear state obligations and transparency in how international law applies to cyberspace

Speakers

– Helen Popp
– Lukasz Kulaga

Arguments

States have legal obligation for due diligence to prevent malicious cyber operations from their territories

National positions on international law foster transparency and contribute to legal interpretation development

Topics

Legal and regulatory | Cybersecurity

Key takeaways

Multi-stakeholder governance is essential (not optional) for effective internet governance and cybersecurity, enabling decision-making by all stakeholders on equal footing rather than just consultation

International law remains fit for purpose in cyberspace and provides necessary legal framework to support multi-stakeholder governance processes

Over 100 UN member states have now published positions on international law application in cyberspace, representing significant progress in building consensus

Cross-border cooperation is fundamental since cyber threats and illegal content are inherently international problems that cannot be solved by national laws alone

The EU has established a common declaration on international law in cyberspace, including due diligence obligations for states to prevent malicious operations from their territories

Technical communities require legal basis from international law to create effective policies on security, abuse prevention, and domain name management

WSIS+20 review process will determine whether the multi-stakeholder model continues as the primary framework for internet governance

Resolutions and action items

States that have not yet done so should prepare national positions on application of international law in cyberspace to increase transparency and contribute to legal interpretation

Continue trend of adopting national and regional positions on international law, with next step being to streamline views and interpretations where necessary

EU blueprint for cyber crisis management should be implemented, building on existing structures rather than creating new ones

Explore alternative mechanisms like International Court of Justice advisory opinions and International Law Commission work to advance legal framework development

Negotiate new international instruments to protect subsea data cables from intentional damage

Unresolved issues

How to effectively break down silos between different internet governance organizations to address fundamental security vulnerabilities that require coordinated response

How to prevent governments and law enforcement from circumventing international treaties by forcing private actors to comply with foreign laws and processes

How to balance state sovereignty concerns with the need for global coordination in cyberspace governance

How to ensure adequate protection of subsea data cables under existing international legal frameworks

How to address the challenge that cyber operations are mostly part of campaigns requiring combined effects analysis for use of force determinations

Suggested compromises

Use multi-stakeholder consultation processes as safeguards to prevent policy dominance by single stakeholder groups like law enforcement or governments

Build on existing structures and institutions rather than creating entirely new governance mechanisms

Maintain balance between technical expert involvement and policy-making to prevent inappropriate intervention at technical level for content-level problems

Develop creative forum-building approaches that bring together technical organizations, content providers, and other stakeholders outside traditional silos

Transfer some legal questions to established international institutions like International Court of Justice or International Law Commission when state-to-state dialogue becomes too politicized

The multi-stakeholder model is not a nice thing to have, it’s a must-have. And it’s not just a good idea, it’s a fundamental condition for our daily work. Even the best national laws are powerless if they are not required beyond borders.

Speaker

Maciej Gron

Reason

This comment reframes the entire discussion by establishing multi-stakeholder governance not as an idealistic preference but as a practical necessity. It directly connects the abstract concept of governance models to concrete operational realities, particularly in dealing with illegal content that transcends borders.

Impact

This foundational statement set the tone for the entire panel, with multiple speakers (Elena Plexida and others) later referencing and building upon this ‘must-have’ characterization. It shifted the discussion from theoretical benefits to practical imperatives.

I’m not aware of any other public resource, or public good, if you will, that is governed the way the fundamentals of the global Internet are governed… Multi-stakeholder governance in the case of the global Internet is decision-making. You don’t just have stakeholders there who are being consulted. There’s actual decision-making.

Speaker

Elena Plexida

Reason

This observation provides a crucial distinction that challenges common misconceptions about multi-stakeholder governance. By emphasizing that it involves actual decision-making rather than mere consultation, and by noting its uniqueness among global public resources, it elevates the significance of the internet governance model.

Impact

This comment deepened the analytical level of the discussion by providing a comparative framework and clarifying what multi-stakeholder governance actually entails. It influenced subsequent speakers to be more precise about the nature of governance mechanisms they were discussing.

The attacks that happen on the internet usually happen through vulnerabilities that are inside of the devices, inside of services, inside of connections… So the question is why are we not addressing fundamental options to end flaws in our systems… But you can’t do that within your silo. So the question is to maybe all panelists, how do we break the silos and come together to fundamentally rebuild the security of the internet together?

Speaker

Wouter Natwies (Audience member)

Reason

This intervention was particularly insightful because it challenged the entire panel’s approach by pointing out a fundamental disconnect between high-level governance discussions and practical security implementation. It forced speakers to confront the limitations of their respective domains and the need for cross-sector collaboration.

Impact

This question created a pivotal moment in the discussion, shifting it from theoretical frameworks to practical implementation challenges. It prompted all panelists to respond and acknowledge the silo problem, leading Elena Plexida to provide concrete examples of cross-sector collaboration and others to reflect on the limitations of their current approaches.

The key challenge is to ensure that states interpret those rules by and large in the same manner. A challenge we face today is not so much that states’ interpretations vary significantly, but rather that too many states have thus far remained silent on this question, and therefore we do not know where they stand on those issues.

Speaker

Helen Popp

Reason

This comment reframes the international law challenge from one of disagreement to one of silence and uncertainty. It’s insightful because it identifies that the primary obstacle isn’t conflicting interpretations but rather the absence of positions, which creates unpredictability in the international system.

Impact

This observation shifted the discussion toward encouraging more states to develop and publish their positions on international law in cyberspace, rather than focusing solely on harmonizing existing positions. It provided a clearer pathway forward for international cooperation.

How can we ensure that the governments, and in particular, law enforcement agencies, don’t attempt to circumvent the passing of international treaties by forcing private actors to abide by foreign laws and processes?

Speaker

Luke (Online participant)

Reason

This question introduced a critical tension between sovereignty, law enforcement needs, and private sector autonomy that hadn’t been explicitly addressed. It highlighted the potential for governments to bypass formal international legal processes through direct pressure on private entities.

Impact

This question prompted Elena Plexida to provide a detailed example from the Council of Europe’s Budapest Convention, demonstrating how international law can provide proper legal frameworks while respecting multi-stakeholder processes. It elevated the discussion to address real-world power dynamics and potential abuses.

Overall assessment

These key comments fundamentally shaped the discussion by moving it from abstract theoretical frameworks to concrete practical challenges. Maciej Gron’s opening established the practical necessity of multi-stakeholder governance, while Elena Plexida’s clarification about decision-making versus consultation provided analytical depth. The audience interventions, particularly from Wouter Natwies, forced the panel to confront the limitations of siloed approaches and address implementation gaps. Helen Popp’s insight about state silence rather than disagreement reframed the international law challenge, while Luke’s question about circumvention introduced critical power dynamics. Together, these comments created a progression from foundational concepts to practical implementation challenges, ultimately resulting in a more nuanced and actionable discussion about bridging international law and multi-stakeholder governance in cyberspace.

How do we break the silos and come together to fundamentally rebuild the security of the internet together?

Speaker

Wouter Natwies (Dynamic Coalition on Internet Standards Security and Safety)

Explanation

This addresses the critical challenge of coordinating cybersecurity efforts across different technical organizations (ICANN for DNS security, registries for routing systems, etc.) that currently work in isolation, while attacks exploit vulnerabilities across all these systems

How can we ensure that governments and law enforcement agencies don’t attempt to circumvent international treaties by forcing private actors to abide by foreign laws and processes?

Speaker

Luke (online participant)

Explanation

This raises concerns about jurisdictional overreach and the potential for governments to bypass established international legal frameworks by directly pressuring private entities to comply with foreign legal requirements

How can the internet governance community further facilitate bridging the relationship between international law and cyberspace as we approach WSIS Plus20?

Speaker

Joanna Kulesza (moderator)

Explanation

This seeks practical ways for the IGF community to contribute to integrating international law principles with multi-stakeholder governance processes in preparation for the upcoming WSIS Plus20 review

How to streamline views and interpretations of international law in cyberspace where necessary, given that too many states have remained silent on their positions?

Speaker

Helen Popp (European External Action Service)

Explanation

This addresses the challenge that while states’ interpretations don’t vary significantly, many states haven’t published their positions on how international law applies to cyberspace, creating uncertainty about global consensus

How to negotiate new binding instruments for protecting subsea data cables from international damage and holding perpetrators accountable?

Speaker

Lukasz Kulaga (Polish Foreign Ministry)

Explanation

Current international legal regimes inadequately protect critical internet infrastructure like subsea cables, requiring new legal frameworks even if not universally accepted

Whether to refer the issue of application of international law in ICT use to the International Law Commission or seek an ICJ advisory opinion?

Speaker

Lukasz Kulaga (Polish Foreign Ministry)

Explanation

These would be alternative mechanisms to develop international law in cyberspace beyond state-to-state negotiations, potentially providing authoritative legal clarification on fundamental principles

Summary

This discussion focused on interregional connections for information integrity, examining how both authoritarian and democratic governments worldwide are adopting practices that restrict online freedom. The session brought together human rights advocates, researchers, and journalists from Latin America, Africa, Asia, and other regions to explore four key areas where digital authoritarian practices commonly appear: censorship, surveillance, online information integrity, and internet governance.

Participants shared concrete examples of censorship from their respective countries, with Abdullah Ahmadi describing how the Taliban in Afghanistan has imposed formal restrictions on independent media and blocked access to news websites, while also conducting informal intimidation of journalists and activists. Valentina Aguana from Venezuela detailed how internet blocks have become more pervasive, with 61 independent media outlets currently blocked and social media platforms like X (formerly Twitter) permanently restricted. She emphasized that censors are becoming more sophisticated but also more reckless, sometimes blocking critical internet infrastructure that affects millions of users globally.

The discussion on surveillance revealed similar patterns across regions, with Lillian Nalwoga from Uganda highlighting how African governments collectively spent a billion dollars on digital surveillance tools in 2023, often using legally embedded interception powers to monitor activists and journalists. Martha Roldós from Ecuador described how surveillance capabilities built during authoritarian periods continued to be used by subsequent governments, with information weaponized for character assassination campaigns.

Regarding information integrity, participants noted coordinated disinformation campaigns where governments use both bots and paid human networks to spread manipulated narratives, with countries like Venezuela, Cuba, and Nicaragua helping amplify each other’s campaigns. The speakers emphasized that civil society organizations play a crucial role in resisting these authoritarian practices through coalition building, digital security training, and fact-checking initiatives, though they face significant sustainability challenges due to limited funding and geopolitical pressures.

Keypoints

## Major Discussion Points:

– **Censorship and Internet Blocking**: Participants discussed various forms of digital censorship, from formal government restrictions on media and websites to informal intimidation tactics. Key examples included Afghanistan’s post-Taliban restrictions on independent media and Venezuela’s blocking of 61 independent media outlets and social media platforms like X (Twitter), Reddit, and TikTok.

– **Digital Surveillance and Monitoring**: The conversation covered how governments use sophisticated surveillance tools including phone tapping, spyware like Pegasus, and internet interception to monitor and intimidate civil society, journalists, and activists. African countries were noted as collectively spending $1 billion on surveillance tools in 2023.

– **Information Manipulation and Disinformation**: Speakers addressed coordinated disinformation campaigns, particularly in Latin America, where governments use bot networks and paid human coordinators to spread manipulated narratives and conduct smear campaigns against opponents across multiple countries.

– **Internet Governance and Legal Frameworks**: Discussion of how different countries approach digital rights governance, contrasting the U.S. model (which relies heavily on platform self-regulation) with Brazil’s more comprehensive legal framework, and highlighting the lack of adequate legal protections in many regions.

– **Civil Society Sustainability Crisis**: A critical concern raised about the funding challenges facing digital rights organizations globally, particularly in the Global South, threatening the multi-stakeholder model of internet governance due to lack of resources for essential advocacy and protection work.

## Overall Purpose:

The discussion aimed to demonstrate cross-regional collaboration on information integrity issues by bringing together activists, researchers, and advocates from different continents to share experiences, identify common authoritarian digital practices, and explore resistance strategies. The session sought to build bridges between regions and stakeholders working to protect digital rights and civic space.

## Overall Tone:

The tone was serious and urgent throughout, reflecting the gravity of digital authoritarianism globally. While speakers shared concerning examples of repression and surveillance, the tone remained constructive and collaborative, emphasizing solidarity and shared solutions. The discussion maintained a professional, academic quality while being deeply personal as speakers shared experiences from their own countries. The moderator’s closing questions and positive responses from the audience suggested cautious optimism about the potential for continued collaboration despite the challenges discussed.

Speakers

– **Mariví Marín** – Venezuelan Human Rights Advocate, Director of PROVOX (a non-profit working on information integrity in Latin America), Session Moderator

– **Abdullah Ahmadi** – From Afghanistan, Human Rights Advocate focused on digital inclusion and civic space, Director of Afghanistan Democracy and Development Organization

– **Valentina Aguana** – From Venezuela, System Engineer and Researcher at Conexión Segura y Libre, works on internet censorship and digital rights

– **Lillian Nalwoga** – From Uganda, Program Manager at CIPESA, works on internet policy and digital rights in Africa

– **Martha Roldós** – From Ecuador, Investigative journalist, Director of Fundación Milojas

– **Sascha Hannig** – International relations analyst and academic, focused on authoritarian influence and the impact of science and technology on society (participated online)

– **Roberta Braga** – From Brazil and the U.S., Founder and Director of Digital Democracy Institute of the Americas (DDIA), focused on a healthier internet for Latinos across the U.S. and Latin America

– **Iria Puyosa** – From Venezuela and the U.S., Senior researcher/Senior fellow at the Atlantic Council on Tech Initiatives, expert on digital authoritarianism and governance

**Additional speakers:**

– **Participant** – Identified as speaking about disinformation patterns in Latin America, appears to be from PROVOX team (likely Estefania Da Silva based on context, though not explicitly confirmed in transcript)

# Interregional Connections for Information Integrity: Discussion Report

## Executive Summary

This session, moderated by Mariví Marín of PROVOX, brought together human rights advocates, researchers, and journalists from Latin America, Africa, and Asia to examine digital authoritarianism across four key areas: censorship, surveillance, online information integrity, and internet governance. Participants shared concrete examples from Afghanistan, Venezuela, Uganda, Ecuador, Brazil, and the United States, revealing common patterns of digital repression while exploring collaborative resistance strategies. The discussion highlighted the global nature of digital authoritarianism and the urgent need for sustained civil society collaboration to address these challenges.

## Session Structure and Participants

The session was organized around four thematic areas, with speakers presenting regional case studies followed by discussion. Participants included Abdullah Ahmadi (Afghanistan), Valentina Aguana (Venezuela), Lillian Nalwoga (Uganda/Africa), Martha Roldós (Ecuador), Estefania Da Silva (PROVOX), Sascha Hannig, Roberta Braga, and Iria Puyosa. The session concluded with audience interaction about authoritarian trends in participants’ countries.

## Censorship: Afghanistan and Venezuela

### Afghanistan Under the Taliban

Abdullah Ahmadi described Afghanistan’s comprehensive censorship system under Taliban rule, which operates through both formal restrictions and informal intimidation. The Taliban have implemented official media guidelines severely restricting independent journalism while conducting campaigns of intimidation targeting journalists and activists, with women journalists facing particularly severe restrictions.

The regime has systematically blocked access to independent news websites and imposed comprehensive restrictions on media operations. Beyond formal censorship, psychological pressure and threats create a climate of self-censorship among journalists and civil society activists, effectively dismantling Afghanistan’s previously vibrant independent media landscape.

Ahmadi emphasized technical resistance strategies including VPNs, encrypted messaging applications, and mirror sites, alongside social resistance through solidarity networks, diaspora media, and digital security training. However, he stressed these tactical responses are insufficient without broader systemic change and called for “the UN to work towards a legally binding convention on digital rights to protect freedoms like expression, privacy, access to information and encryption online.”

### Venezuela’s Evolving Censorship Tactics

Valentina Aguana reported that Venezuela has entered a new era of pervasive internet censorship, with 61 independent media outlets currently blocked and major social media platforms including X (formerly Twitter), TikTok, and Signal facing restrictions. She explained that internet blocks must be measurable, consistent, and intentional to be classified as censorship.

Aguana noted that censors are becoming both more sophisticated and reckless, moving beyond content blocking to infrastructure-level attacks. Venezuelan authorities have blocked critical internet infrastructure, including Content Delivery Networks (CDNs) like Amazon’s CloudFront and DNS servers, affecting not only Venezuelan users but potentially millions globally.

“We once thought that permanently blocking social media was a red line for censors, but unfortunately we know that that’s not the case anymore,” Aguana observed, reflecting the escalation in censorship tactics. She advocated for “censorship by design” solutions—applications built from the ground up with anti-censorship features, citing Vesinfiltro’s “Noticias Infiltra” app as an example.

## Surveillance: Uganda and Ecuador

### African Surveillance Infrastructure

Lillian Nalwoga presented striking data showing that African countries including Nigeria, Ghana, Morocco, Malawi, and Zambia collectively spent one billion US dollars in 2023 on digital surveillance tools, according to Institute of Development Studies research. These tools, supplied by the United States, United Kingdom, China, European Union nations, and Israel, include phone tapping capabilities, spyware such as Pegasus, and internet shutdown mechanisms.

Nalwoga explained that African governments have embedded legal interception powers within telecommunications frameworks, creating comprehensive surveillance ecosystems with minimal oversight. She noted that “over 21 shutdowns were documented” in 2020, with this infrastructure routinely used to monitor activists, journalists, and civil society organizations.

### Ecuador’s Weaponized Surveillance

Martha Roldós described Ecuador’s comprehensive surveillance system, including man-in-the-middle attacks, Pegasus spyware deployment, and new intelligence laws legalizing surveillance without adequate oversight. She highlighted a critical contradiction, asking “surveillance for what?” when crime has risen exponentially while surveillance mechanisms target journalists and civil society rather than criminal networks.

Roldós revealed that surveillance information has been weaponized for character assassination campaigns and compromised by non-state actors including narcotics trafficking organizations. She noted that the intelligence agency SENAIN was closed and replaced with CIES, but emphasized that surveillance systems persist across different governments, demonstrating the institutional momentum of such infrastructure.

## Information Integrity: Regional Challenges and Responses

### Latin American Disinformation Networks

Estefania Da Silva detailed sophisticated disinformation campaigns operating across Latin America, where governments employ coordinated networks of both automated bots and paid human operators. These campaigns demonstrate cross-border cooperation between countries including Venezuela, Cuba, and Nicaragua, with each nation helping amplify others’ disinformation efforts.

She explained that these hybrid networks combining technological and human resources are more difficult to detect and counter than purely automated systems. The cross-border nature means disinformation campaigns originating in one country can trend in others, creating regional echo chambers that amplify authoritarian messaging.

### Regional Response Gaps

Sascha Hannig observed that disinformation is not taken as seriously by decision makers in Latin America compared to the European Union. She emphasized the importance of context—disasters, uncertainty, and political unrest—in disinformation campaigns and noted that while the region is behind in counter-narrative operations, there is raising awareness of these issues.

## Internet Governance: Models and Sustainability

### Contrasting Governance Approaches

Roberta Braga analyzed different governance models, contrasting the United States’ decentralized approach with Brazil’s comprehensive legal framework. She noted that community-driven content moderation initiatives like Twitter’s Community Notes show mixed results, with significant delays averaging “14 days for a note to go from submission to publication on average,” limiting effectiveness in addressing real-time harms.

Braga mentioned that her team DDIA was “the first team to publish tweets in English and Spanish dated to 2021” with findings to be shared “July 9,” highlighting ongoing research into platform governance effectiveness.

### Civil Society Sustainability Crisis

Iria Puyosa raised critical concerns about the sustainability crisis facing civil society organizations working on digital rights, particularly in the Global South. She warned that “the survival of the Internet multi-stakeholder model of governance is tied to the survival or sustainability of civil society organisations working in this space.”

Puyosa explained that severe funding shortages threaten civil society’s ability to participate effectively in internet governance processes. This crisis is particularly acute for smaller organizations in developing countries, which lack access to major international funding sources and face additional geopolitical pressures and local restrictions.

## Resistance Strategies and Collaboration

### Technical and Social Resistance

Participants identified several resistance strategies currently employed across regions. Technical approaches include VPNs, encrypted messaging applications like Signal and Telegram, mirror sites for blocked content, and development of censorship-resistant applications with privacy built into their architecture.

Social resistance strategies encompass solidarity networks, coalition building, cross-regional collaboration, diaspora media, and digital security training programs. All participants emphasized the critical importance of these approaches in creating support systems for activists and journalists while building collective capacity to challenge authoritarian practices.

### Cross-Regional Learning

The discussion revealed remarkable similarities in digital repression patterns across different regions and contexts, suggesting that coordinated international responses are both possible and necessary. Participants demonstrated strong interest in continued collaboration and information sharing among civil society organizations.

## Conclusion and Audience Engagement

Mariví Marín concluded by asking the audience about authoritarian trends in their countries and key learnings from the session. The discussion demonstrated both the global scope of digital authoritarianism and the potential for effective cross-regional collaboration in addressing these challenges.

The conversation revealed that digital authoritarianism represents a global phenomenon with shared characteristics, tactics, and impacts across different political systems. However, significant challenges remain, particularly the funding crisis facing civil society organizations and the increasing sophistication of authoritarian tactics. Addressing these challenges will require sustained commitment and coordination among civil society organizations, with particular attention to supporting organizations in the Global South that face the greatest resource constraints.

Mariví Marín: Hello everyone Thank you very much for being here This session is called Interregional Connections for Information integrity Across the world, we’re seeing both AUTHORITARIAN governments and Democratic ones with increasingly alarming tendencies adopting practices that restrict freedom online These include laws designed to silence critical voices political motivated surveillance and coordinated online operations that disturb public opinion debate or spread hate At the same time, platforms still struggle to offer consistent responses and meaningful cooperation and with civil society remains weak The people pushing back against these threats are activists, journalists, researchers, civic tech groups and these are often those most affected by this But they are also operating in environments where sustainability is very difficult, especially now What we are doing today, live It’s a demonstration that cross-sector collaboration is possible not only between countries and regions but also across different branches of civil society Whether we come from activism, academia, journalism, or other, our shared work on information integrity connects us, and in many cases, protects the civic space. In this session, we will explore four key areas where digital authoritarian practices most often appear. The first one will be censorship, blocking or controlling access to online information. The second one will be surveillance, monitoring or intimidating people online. Three will be online information integrity, spreading false or hard-found narratives. And the last one will be internet governance, that basically is linked to the policies and systems that shape digital rights. With us, we will have me as a moderator, I’m Venezuelan, I’m a Human Rights Advocate, Director of PROVOX, a non-profit working on information integrity in Latin America. Maríonne Francesco from Costa Rica, she will be online, she’s a Digital Rights Researcher from PROVOX team. Valentina Aguana from Venezuela, she’s a System Engineer and Researcher at Conexión Segura y Libre, works on internet censorship and digital rights. Abdullah Ahmadi from Afghanistan, he’s a Human Rights Advocate focused on digital inclusion and civic space, he’s the Director of Afghanistan Democracy and Development Organization. Lilian Nalwonga from Uganda, she’s Program Manager at CIPESA and she works on internet policy and digital rights in Africa. Estefania Da Silva from Venezuela, she’s a Digital Research Specialist focused on information manipulation, part of PROVOX team. Sascha Hannig, online. She is an international relations analyst and academic, focused on authoritarian influence and the impact of science and technology on society. Iria Puyosa from Venezuela and the U.S. She is senior researcher, senior fellow at the Atlantic Council on Tech Initiatives. She is an expert on digital authoritarianism and governance. Roberta Braga from Brazil and the U.S. She is founder and director of Digital Democracy Institute of the Americas, DDIA, focused on a healthier internet for Latinos across the U.S. and Latin America. And Martha Roldós from Ecuador. She is an investigative journalist, director of Fundación Milojas. And with that, I will start with the first two questions regarding censorship and this will be the following ones. What recent examples of censorship, formal or informal, have affected your country and what resistant strategies, technical, legal, social, have been affected in countering your censorship? With that, I will leave the floor to Abdullah to his first question and then to Valentina. Abdullah, the floor is yours.

Abdullah Ahmadi: Hello, everyone, and thank you for the chance to speak about the situation in Afghanistan, where digital censorship has increased in recent years, and especially the civic space is closed in Afghanistan based according to the CIVICAS report. First, about the recent examples. Since the Taliban takeover in August 2021, Afghanistan has experienced both formal and informal censorship. Formally, the Taliban have restricted independent media by imposing new guidelines that ban critical reporting. Many TV channels and radio stations have been forced to close or deeply self-censor to avoid reprisals. Online, the Taliban have ordered internet service providers to block access to certain news websites and social media pages run by exiled Afghan journalists and human rights groups. They also monitor social media for dissenting voices. Informally, intermediation is widespread. Journalists, activists, and even ordinary citizens risk detention or treat if they share information that criticizes the regime, especially on Facebook and WhatsApp, which are widely used in Afghanistan. Women’s voices are especially targeted. Female journalists face not only censorship but harassment and bans from working abroad. This silencing has had a shocking effect on the flow of reliable information inside and outside Afghanistan. Second, about the resistance strategy, about your second question, despite the Afghan citizens and civil society groups have found a way to resist. Technically, many people rely on the VPNs to access blocked websites and social media platforms. Corrupted messaging applications like Signal and Telegram have become essential for activists and journalists to communicate securely and share information without immediate detection. Some exiled Afghan media outlets maintain mirror sites and distribute news through the WhatsApp broadcast list to reach people inside the country. Legally, while there are almost no functioning legal pathway for media freedom under the Taliban rule, regional and international organizations have stepped in. Exiled Afghan journalists collaborate with international human rights bodies to document press freedom violations, and some cases have been raised at the UN Human Rights Council and other forms of pressure to protect journalists at risk. Socially, one of the most powerful strategies that have been the Solidarity Network, Afghan journalists, especially those now in exile, continue to publish news about the country through their diaspora-run media podcasts and social media channels. Inside Afghanistan, people have access to this information. We also provide training on digital security and censorship escape. This is another strategy that we are using and organizing outside the country, helping local activists and journalists to protect themselves online and find a safe channel to speak out. In closing, censorship in Afghanistan is part of the broad attack on human rights, but despite fear and strict rules, Afghan people continue to resist using technology, solidarity and international support. I believe it is our responsibility as a global community to amplify their voices, share tools and knowledge, and stand with the Afghans defending their right to speak and behave. Finally, I call for the UN to work towards a legally binding convention on digital rights to protect freedoms like expression, privacy, access to information and corruption online with strong safeguard and inclusive governance. Thank you so much.

Mariví Marín: Thank you, Abdullah. Valentina?

Valentina Aguana: Thank you, Mariví. First, thank you. It is a pleasure and a privilege to be here and thank you, Abdullah. I think there is a lot of parallelisms that we can see in Afghanistan right now to what is happening in Venezuela. I’m going to specifically talk about internet blocks and how internet blocks are being used as a mechanism for censorship. I believe it’s important to also have a clear definition of what an internet block is, and we define it as an intentional technical measure for impeding access to a specific service, website or information on the internet. The block, for us, has to be technically measurable. It has to be consistent over time across different access points within the network, and it’s also not the result of a technical problem, therefore intentional. In Vesinfiltro, we have been documenting internet blocks for over 10 years, over a decade, and we have a pretty good understanding about how the internet landscape in Venezuela and the Latin American region has been changing over the years. Just last year in Venezuela, I believe that entered what I call a new era of internet censorship, one that is more pervasive and completely changes the way that Venezuela We have documented that at least 61 independent media sites or independent media outlets in Venezuela are currently blocked. But the raw number itself doesn’t really tell you anything. What we need to understand and we would need to know is that this represents practically the whole independent news media ecosystem in the country. So also civil society organizations have also been affected by these blocks. There are not only news media sites but fact-checking sites and civil society organizations, NGOs, etc. But apart from this, I think one of the more severe things that we’ve seen is that since last year, the Venezuelan government has implemented blocks against social media platforms like Reddit, TikTok, X, formerly Twitter, which by the way is currently still blocked in the country, and even messaging apps like Signal. We once thought that permanently blocking social media was a red line for censors, but unfortunately we know that that’s not the case anymore, not only in Venezuela but in different countries. And we have seen this spreading to other countries within the region, citing disinformation and public safety as an excuse for these internet blocks. Another very serious trend that we’ve seen is the blocking of critical internet infrastructure. We’re talking about public DNS servers like Google servers or CloudSource DNS servers, and also CDNs being blocked. We documented last year the block of CloudFront, that’s the Amazon Web Services CDN, and as we can imagine, this was a disaster. Millions of sites across the globe relied on CloudFront, and we believe that the intention was not to block the CDN itself, but actually a website. This is not only happens in Latin America, right here in Europe, several ISPs in Spain are currently blocking whole IP ranges from Cloudflare, Akamai, Vercel, among other companies, trying to tackle copyright infringements during soccer match, and you can imagine how crazy it is that half of the internet is down in certain ISPs in Spain when this is happening, when a soccer match is happening. So measures to block content or platforms on the internet, this is very important, must be exceptional, proportional, and the least dramatic as possible, only doing what is necessary, and of course, through a legal process. So in summary, the censors are getting more sophisticated with the blocks, but also more reckless on what they are trying to block, and just like Abdullah said, what is happening in Afghanistan, in Venezuela, there is not a clear legal path to challenge these blocks. However, multilateral and international organizations are there for a reason, and we need to keep pressuring these, because we know that the internet is a human right. So I think that this role is very important. Finally, I think that the work of civil society organization is key. We need to keep doing advocacy, we need to keep teaching about securitization techniques. However, this is not enough. I think that other traditional solutions are not enough to fight censorship, and I think the community, we need to invest time and effort and money in new solutions, privacy by design, but also censorship by design. For example, Noticias Infiltra is an app we created as a newsreader app that has a censorship by design approach, which I think this is what we need to do going forward in the future.

Mariví Marín: Thank you very much, Valentina and Abdullah. And with that, I will leave the floor with the second topic ahead, that will be censorship by design. surveillance. And the two questions will be for Martha and for Lillian. What forms of digital surveillance have been used to monitor, intimidate, or silence civil society, journalists, or communities? And how have been affected these groups responding and what protective practices or tools have emerged? With that, I will leave the floor to Lillian first and Martha as a second.

Lillian Nalwoga: Thank you, Mariví. Pleasure to be here. I’ll try to be brief because this is a conversational session. In terms of forms of digital surveillance, what has been used, I think we’ve heard from the previous speakers, it’s no different from whatever is happening in Africa. We are seeing various forms that are being used to monitor, intimidate, or silence civil society, journalists, and most famous, like everywhere, is phone tapping or internet interception, where governments and, of course, other actors for all the other reasons are using wiretapping, interception of calls, texts, and all that. And interestingly, this is well embedded in the legislation, where we have quite a number of countries that, including where I come from, Uganda, whether it’s Tanzania or Kenya, we have interception of communication nodes. And with that, governments are mandated to intercept calls wherever they think there is some sort of harm. Also, we’ve seen deployment of surveillance tools like spyware or malware on people who are targeted, whether it’s activists. And we’ve had reports or seen reports with Citizen Lab, releasing quite a lot of research on the use of Pegasus on opposition. If it was being done for good, and again I put good in quotes, would not be an issue. But what we are seeing is that, yes, governments may want to lawfully have legitimate concerns when it comes to surveillance. But in most cases, the laws and policies that are put in otherwise say something totally different, especially when it comes to undemocratic countries or countries that are really deep down in repression. So there’s a lack of oversight or limited oversight when it comes to how far they can go with this surveillance. And again, I think that is where the issue is. I just wanted to also maybe highlight the amount of money or resources that are being put in these surveillance tools. And in 2023, there was a research by the Institute of Development Studies that documented about, I can’t mention names because the research is there, countries like Nigeria, Ghana, Morocco, Malawi and Zambia collectively spent a billion US dollars in a year on digital surveillance tools. And these tools were being supplied by countries, US, UK, China, some countries in the EU and Israel. And I mean, when you look at this vast amount of money and that state of the countries. All surveillance also in Africa, we also look at surveillance as a censorship tool, especially when it comes to, you know, content filtering, the network disruptions that we are seeing. That is also one form of, you know, surveillance. And we’ve been known like other countries in Asia or in Asia mainly, where internet shutdowns have become a pandemic of its own. And in 2020, last year, over 21 shutdowns were documented. And now you can imagine, if you’re to connect to the internet, then it will kind of prompt how are you connecting, and then that could also, you know, get into that. So in conclusion on this question is, these tactics are usually, they combine technically sophisticated tools that we’ve already had, which have been, you know, legal or extra legal measures that are usually being used to suppress dissent. And it also makes detection very difficult for the targeted individuals, because at times, by the time you get to know you’re surveilled, it’s probably when you’re being arrested, you know, and the content that is showed to you, then that’s when you get to find out what is really happening. So this is a growing concern in Africa, and I think it’s also now becoming a very global concern when it comes to, you know, rights, especially the right to privacy and freedom of expression and access to information. How are the groups being affected? How are they responding and practices? I think what we are seeing is a lot of coalition movement building, you know, within the civic space. We have, for instance, for the shutdowns, we have the Keep It On campaign by Access Now. We have associations like Dictator Resilience Network, which comprises about 10 organizations that are coming around to, you know, say no, push against this kind of, you know, surveillance. And mainly in East Africa, where I’m coming from, we are seeing there’s an organization that I can mention, TATOA, which is in Swahili means solve, brings together organizations to build shared tools, conduct capacity building and all that. And last but not least is researching and documenting and being able to show where surveillance is happening for purposes of policymaking advocacy and other indicators, you know, have the information there so that we can always push against surveillance. Thank you.

Mariví Marín: Perfect. Thank you very much. With that, I’ll leave the floor to Martha. Martha, who is online.

Martha Roldós: Sorry, sorry. I’m connecting. Sorry. Okay. Now I’m ready. Sorry. I would like to say that we have had the same experience that the previous speakers have explained in all those matters. In the case of Ecuador, we have in the matter of surveillance, the questions are surveillance for what? Because we were presented with the idea that surveillance was a tool for security against crime in a country where crime has risen exponentially while the government was applying these mechanisms of surveillance to journalists, to social, to civil society, while the narcos were thriving. So surveillance for what? What is the form of sending to the public the idea of surveillance? I explain this because in our country, it has just been approved a new intelligence law that made surveillance actually legal in every aspect of it. If it is conducted by the government intelligence unit. So that’s a huge preoccupation right now. With the new law, we are not having any kind of register of the intelligence operations for history. They are going to be destroyed. And the intelligence unit is going to oversize themselves. So that’s a step for the worst in the country right now, in the matter of privacy and digital rights. Other aspects that I would like to highlight is that in the past, that’s not just now, we have had since Korea’s government and this implementation of new systems of surveillance, every type of digital surveillance. That also was part of a more broad scheme of surveillance in general, also in the real life. So we have had man-in-the-middle attacks. We have had a pack rat. We have had all our dealings with Pegasus and all these things that are like on trend. Everything that has been trending in the world for surveillance has been used in our country also. You know, hacking team, it’s like, it goes like waves. And also, almost always, mainly journalists, but also activists have been attacked by these instruments. That’s in the things that has been done in Ecuador. Not just while during the authoritarian regime from Rafael Correa, but also the governments that came after it. It was like a built capacity of surveillance that the next government, it was very difficult to restrain themselves from using. There was a brief moment of apparently clarity. The SENAIN, which was the intelligence office, was actually closed, but a new office was opened that was called CIES that had allegedly more controls from the state and from the control organisms. But it hasn’t worked like that, actually. And the problem with surveillance-

Mariví Marín: 30 seconds.

Martha Roldós: Hello? 30 seconds. 30 seconds. Well, that was the first question. In the second question, we have had the, what was the affectation? The affectation was that the people were, not just their privacy was exposed, but the problem was that it was weaponized. The information obtained through surveillance was weaponized by the state in the government from Correa’s regime to pieces for character assassination in the media. And in the following governments, the problem is that also it didn’t obey just to the state. Some non-state actors, like Narcos, had allies in the surveillance community.

Mariví Marín: Okay. Sorry to interrupt. We’re done with that point. Thank you very much. We see more similarities, although we are far away. We see the points of encounter. Now we’re going to the third point that will be information integrity. And with that, I will leave the floor to Estefania to talk about this.

Participant: Thank you Mariví. Well, at PROVOST we have seen several patterns of disinformation and narrative manipulation on social media in Latin America that have been repeating in several countries. For example, in the case of Venezuela, government entities and members of the cabinet spread manipulated information and launch smear campaigns against their opponents by activating not only bots but also networks of coordinated users, real people like you and me, that create several accounts and replicate the same content spread or promoted by the state with little to no modification. And to incentivize the participation in these activities, individuals are paid with state funds, which is a big issue, and given the country’s severe economic situation, this incentive, the creation of these networks, because people see this as a side job, so to speak. And the same pattern has been replicated in countries like Cuba and Nicaragua, where the government initiates a disinformation or a smear campaign and coordinated users replicate the content. And it even goes as far as Venezuelan campaigns trending in Cuba or Cuban campaigns trending in Venezuela. And this happens because these governments help each other to amplify these narratives and create the appearance of widespread support or bots around them. This type of behavior aims to divert the attention from the real events happening in the country, especially given that social media platforms are often used to access unbiased information and to protest against daily occurrences. In fact, the influence and the reach of these platforms are such that there have been cases of people being arrested for social media posts that are contradict the official state narrative. And regarding the second question about the responses that have worked or failed, digital activism has played a vital role in Venezuela. For example, the teachers union is highly organized in the protest to highlight the wage declines or the breaches of contract, and they combine the digital demonstration with protests on the streets. We can say that these much-needed actions have been met with repressive counter measures, such as the implementation of laws like the so-called hate law, which criminalizes the protest and is used to justify the arrest. Another thing that is very important, and with this I’ll be done, is the independent media outlets and the formation of coalitions with fact-checking teams and initiatives and organizations like robots that have become essential and pioneering because these actions aim to analyze the digital content, educate the citizens, and on how to identify disinformation or manipulated narratives, and also to promote digital security practices, as well as tools like the use of VPNs, for example, to avoid censorship. And this work at the end ensures that even though the traditional media is mainly controlled by the state, there remains access to verified and independent information that reflects the true reality of what’s happening in the country.

Mariví Marín: Thank you very much, Stefania. With that, Sascha Hannig, I will ask you to be brief, please.

Sascha Hannig: I’m gonna stick to my time. Thank you so much for your introduction. So when we talk about information integrity, the question is what information we can

Mariví Marín: trust, right? And when we ask ourselves what types of narratives of manipulation or disinformation

Sascha Hannig: are spread in the region, that is a question we actually want to know. And in that regard, I do agree with the previous… speakers on cooperation between actors on the situations in which these campaigns are spread. I only want to add a few points upon that. So the first is concerns over this formation and narrative manipulation not being taken as seriously as they should by decision makers, state actors. Maybe civil society to one extent does care about it, but we see again and again examples that when compared to other regions, such as the European Union, in Latin America in general, this information is not seen as a security issue. It’s seen seen as a distortion of information spreading. As a result, there are many ways in which information is spread. Some of these have already been mentioned. And I would only want to add to the first question, how important is the context? Because when we have disasters, when we have uncertainty, when we have political unrest, when we have domestic controversial issue, those are the areas in which these campaigns thrive. And these are the areas with not only state actors such as Russia or China or any other authoritarian actor or any other actor with an agenda thrives, but also untraceable independent disinformation spreaders. So regarding the second question, what responses from the civil society, media and academia or institutions have worked or failed in restoring narrative integrity? I think there is a lot of work being done by civil society in the region that is obvious, that is strong. The regions, as I mentioned, is a little bit behind in counter-narrative operation. and Marta Roldós. We don’t see a lot of information or disinformation responses, but we do see a raising awareness. And this raising awareness has created a door for discussion. Which in some cases has translated into actual responses. And I just want to mention one case with the 15 seconds I have left.

Mariví Marín: So I’m going to move forward with the last two questions. The first one will be for Roberta and the second one for Iria. Please do three minutes each and we will finish with that. Thank you very much, Roberta.

Roberta Braga: Thank you, Mariví. Good morning, everybody from D.C. So the two countries I can speak most closely to are the United States and Brazil, my two home countries. And here we’re talking about models of governance that the region has been implementing. And in the United States, there really are no central governance mechanisms for things like data privacy, Internet governance. And so by default, not only do the states sort of make a lot of the laws, which can really lead to some decentralization, some difficulties for businesses in adhering to this, some inadequate enforcement, and some diversity in approaches between states. But we also see that the United States prioritizes its core tenant, freedom of speech, which by default puts governance mechanisms almost entirely in the hands of social media platforms. In the U.S. this year, we’re seeing that a lot of the social media companies have moved toward a community-driven mode of content moderation, which I think has its pros and cons and has been really hotly debated here in Washington, D.C. and in California and other places. That model has been tried by other countries, but it’s not been implemented. And so we’re seeing that a lot of the states are trying to create a community-driven mode of content moderation, which by default puts governance mechanisms entirely in the hands of social media platforms. And so we’re seeing that a lot of the states are trying to And we are actually the first team at DDIA to publish tweets in English and Spanish dated to 2021. We will share findings on July 9 if you are interested. But that motto has not met a need for addressing online harms in real time. For example it takes 14 days for a note to go from submission to publication on average. And then Brazil, my other home country, has really taken a bit of a different approach. Brazil has the Marcos de Vila Internatio which is almost our digital civil bill of rights. And it really pushes for net neutrality and privacy and freedom of expression as well as data protection really at its core. It’s something that needs to be updated and is being discussed now. And then we have our general data protection law which I think really mirrors the European GDPR, emphasizes user privacy and data protection. But there is a lot more that needs to be done I think for us to really give these types of mechanisms the teeth they need to ensure our safety online. So Maribi, I will leave it at that.

Mariví Marín: That was fantastic. Thank you very much. I appreciate it. With that, Iria.

Iria Puyosa: Thank you very much for having me. I’m going to try to be very brief. One of the issues I’m concerned about at the moment is the pressures the civil society organizations, digital rights organizations and internet governance organizations are facing given the pressures from the current geopolitical dynamics and the pressures over the multi-stakeholder internet governance model due to the change on the global digital company I’m bringing up. I’m also particularly interested in the way these dynamics are playing on Latin America, Africa and Asia organizations who are also facing a shared economy. Client funding available for the kind of work they are doing, the kind of work my colleagues in the panel have been talking about, censorship, circumvention, disinformation, content disinformation, protecting data, personal data, content surveillance, all that very important roles as well as multi-stakeholder governance role the civil society organizations play, is in danger because of the lack of sustainability in the long term for this kind of organizations, particularly for the smaller organizations in the global south who are losing critical expertise due to the lack of funding. And I think this is a conversation we should be having in the Internet Governance Forum because even though it’s not related with the core resources of the Internet infrastructure, it’s core to the Internet Governance model. So if we want to have a multi-stakeholder model of governance, it requires the presence of civil society organizations, and civil society organizations, since it exists, it’s no way for us to defend the multi-stakeholder model, and it’s going to be a model run only by states and big corporations. So the survival of the Internet multi-stakeholder model of governance is tied to the survival or sustainability of civil society organizations working in this space. That is why my team in the Atlantic Council Democracy and Tech Initiative is aiming to have a systemic assessment of the support need of these kind of organizations working in digital rights and Internet governance, and we are exploring the way to partner with philanthropic donors and right-aligned states in order to identify mechanisms for channeling resources towards civil society organizations. This is part of the mission we are focused on in the coming year, trying to understand what is to support the needs of civil society organizations in Africa, Latin America, and South Asia, developing countries working in meaningful access to Internet connectivity. Digital Public Infrastructure and Internet and Data Governance. To end, very concrete recommendations for governments and funders. It’s important for them to strengthen capabilities for prioritizing partnerships with local civil society in the countries of the Global South, Latin America, Asia and Africa, particularly those organizations working in key areas like connectivity, meaningful connectivity, artificial intelligence, linking to the achievement of the sustainable development goals, which is very, very important for the Global South, particularly for African countries, or the issues of data governance at the Internet Governance Excel. For civil society organizations, initial recommendations is to try to work together, exploring the ways we can foster South-South collaboration in order for organizations from Latin America and Africa, or Africa and Asia, get projects, joint projects, because we are seeing in this conversation that the issues are similar in our regions, but small organizations were isolated, and having coalitions working together would be helpful in order to make the most for the scarce resources we have right now. So, we need to help this organization, this kind of partnership, to collectively navigate this geopolitical shift and this change on the global Internet governance brought by the Global Digital Compact new state of play. Thank you.

Mariví Marín: Thank you very much, Iria, and everyone online and in person. I will leave just two brief questions. Do you believe, for everyone in the audience, in person and online, that there is at least one authoritarian trend in your country? Say yes with the hand. Sure. I see all of us have some, and I see from the audience that there is two. And did you learn something about a tactic, idea, or alliance that you can use today for your own country, in my case, which I did. Some from the audience, too. I’m happy to see. Thank you everyone, thanks for the ones online and in person. By listening to each other, sharing concrete experiences, and reflecting across countries’ role and challenges, we have shown that cooperation to protect information integrity is not just possible, it’s already happening. And this session, this event in general, reminds us that resisting online authoritarian practices for a healthier and safer internet for all is not just about identifying the problems, but it’s also about building these bridges that we were talking about, bridges between regions, between diverse stakeholders, and between different areas of civil society that are the ones leading this fight every day. Let’s carry these ideas forward and keep this collaboration alive. Thank you very much.

Agreement points

Technical resistance strategies using VPNs, encrypted messaging, and circumvention tools

Speakers

– Abdullah Ahmadi
– Valentina Aguana

Arguments

Social resistance involves solidarity networks, diaspora media, digital security training, and coalition building across regions

Technical resistance includes VPNs, encrypted messaging apps, mirror sites, and censorship-resistant applications designed with privacy and anti-censorship features

Summary

Both speakers emphasize the critical role of technical tools like VPNs and encrypted messaging apps (Signal, Telegram) for circumventing censorship and enabling secure communication for activists and journalists

Topics

Cybersecurity | Human rights

Lack of legal pathways to challenge authoritarian digital practices

Speakers

– Abdullah Ahmadi
– Valentina Aguana
– Martha Roldós

Arguments

Taliban have imposed formal censorship through media guidelines and informal intimidation, especially targeting women journalists and activists

Venezuela has entered a new era of pervasive internet censorship, blocking 61 independent media outlets and major social media platforms like X, TikTok, and Signal

Ecuador has implemented comprehensive surveillance systems including man-in-the-middle attacks and Pegasus, with new intelligence laws making surveillance legal without oversight

Summary

All three speakers highlight the absence of effective legal mechanisms to challenge government censorship and surveillance, with legal systems either compromised or actively enabling authoritarian practices

Topics

Legal and regulatory | Human rights

Cross-border cooperation in authoritarian digital practices

Speakers

– Participant
– Abdullah Ahmadi

Arguments

Latin American governments use coordinated networks of real users and bots to spread disinformation, with cross-border cooperation between countries like Venezuela, Cuba, and Nicaragua

Social resistance involves solidarity networks, diaspora media, digital security training, and coalition building across regions

Summary

Both speakers recognize that authoritarian practices and resistance efforts operate across national boundaries, with governments cooperating in disinformation campaigns while civil society builds international solidarity networks

Topics

Human rights | Development

Targeting of journalists and civil society as primary victims

Speakers

– Abdullah Ahmadi
– Valentina Aguana
– Martha Roldós
– Lillian Nalwoga

Arguments

Taliban have imposed formal censorship through media guidelines and informal intimidation, especially targeting women journalists and activists

Venezuela has entered a new era of pervasive internet censorship, blocking 61 independent media outlets and major social media platforms like X, TikTok, and Signal

Ecuador has implemented comprehensive surveillance systems including man-in-the-middle attacks and Pegasus, with new intelligence laws making surveillance legal without oversight

African governments collectively spent $1 billion on surveillance tools in 2023, using phone tapping, spyware like Pegasus, and internet shutdowns as control mechanisms

Summary

All speakers identify journalists, activists, and civil society organizations as the primary targets of digital authoritarianism across different regions and contexts

Topics

Human rights | Cybersecurity

Similar viewpoints

Both speakers describe comprehensive surveillance ecosystems using similar tools (Pegasus spyware, phone tapping) with inadequate legal oversight, showing how surveillance technologies and practices are globally distributed

Speakers

– Lillian Nalwoga
– Martha Roldós

Arguments

African governments collectively spent $1 billion on surveillance tools in 2023, using phone tapping, spyware like Pegasus, and internet shutdowns as control mechanisms

Ecuador has implemented comprehensive surveillance systems including man-in-the-middle attacks and Pegasus, with new intelligence laws making surveillance legal without oversight

Topics

Human rights | Cybersecurity

Both speakers focus on governance challenges and the need for more effective multi-stakeholder approaches, though from different angles – one examining national governance models and the other focusing on civil society sustainability

Speakers

– Roberta Braga
– Iria Puyosa

Arguments

The US lacks central governance mechanisms, relying on state-level laws and platform self-regulation, with community-driven content moderation showing mixed results

Civil society organizations face critical funding shortages that threaten the multi-stakeholder internet governance model, particularly affecting smaller organizations in the Global South

Topics

Legal and regulatory | Development

Both speakers address disinformation as a systematic problem in Latin America, with one highlighting the lack of adequate response and the other detailing the sophisticated nature of government-led disinformation campaigns

Speakers

– Sascha Hannig
– Participant

Arguments

Disinformation campaigns are not taken seriously enough as security issues in Latin America compared to other regions like the EU

Latin American governments use coordinated networks of real users and bots to spread disinformation, with cross-border cooperation between countries like Venezuela, Cuba, and Nicaragua

Topics

Human rights | Legal and regulatory

Unexpected consensus

Infrastructure-level censorship as a new frontier of digital authoritarianism

Speakers

– Valentina Aguana
– Lillian Nalwoga

Arguments

Internet blocks are becoming more sophisticated but also more reckless, with censors blocking critical infrastructure like CDNs and DNS servers

African governments collectively spent $1 billion on surveillance tools in 2023, using phone tapping, spyware like Pegasus, and internet shutdowns as control mechanisms

Explanation

The consensus on infrastructure-level attacks (blocking CDNs, DNS servers, internet shutdowns) represents an unexpected escalation in censorship tactics that goes beyond traditional content blocking to attacking the fundamental infrastructure of the internet itself

Topics

Infrastructure | Cybersecurity

Economic incentivization of digital authoritarianism

Speakers

– Participant
– Lillian Nalwoga

Arguments

Latin American governments use coordinated networks of real users and bots to spread disinformation, with cross-border cooperation between countries like Venezuela, Cuba, and Nicaragua

African governments collectively spent $1 billion on surveillance tools in 2023, using phone tapping, spyware like Pegasus, and internet shutdowns as control mechanisms

Explanation

Both speakers reveal the significant economic dimensions of digital authoritarianism – governments paying citizens to spread disinformation and spending billions on surveillance tools, showing how economic incentives drive both the supply and demand sides of authoritarian digital practices

Topics

Economic | Human rights

Overall assessment

Summary

Strong consensus exists on the systematic nature of digital authoritarianism globally, the targeting of civil society and journalists, the use of similar technical tools and tactics across regions, and the need for international cooperation in resistance efforts

Consensus level

High level of consensus with significant implications – the speakers demonstrate that digital authoritarianism is not isolated to specific regions but represents a global phenomenon with shared characteristics, tactics, and impacts. This consensus suggests the need for coordinated international responses and the sharing of resistance strategies across borders. The agreement also highlights the critical importance of sustaining civil society organizations as the primary defenders of digital rights and the multi-stakeholder governance model.

Different viewpoints

Governance approach – centralized vs decentralized regulation

Speakers

– Roberta Braga
– Iria Puyosa

Arguments

The US lacks central governance mechanisms, relying on state-level laws and platform self-regulation, with community-driven content moderation showing mixed results

Brazil has implemented comprehensive digital rights frameworks including Marco Civil da Internet and GDPR-style data protection laws

Summary

Roberta presents the US decentralized approach as problematic due to lack of central governance and reliance on platform self-regulation, while also highlighting Brazil’s more centralized comprehensive framework. This contrasts with Iria’s focus on strengthening multi-stakeholder governance through civil society support rather than state-led regulation.

Topics

Legal and regulatory | Human rights

Priority focus for addressing digital authoritarianism

Speakers

– Sascha Hannig
– Iria Puyosa

Arguments

Disinformation campaigns are not taken seriously enough as security issues in Latin America compared to other regions like the EU

Civil society organizations face critical funding shortages that threaten the multi-stakeholder internet governance model, particularly affecting smaller organizations in the Global South

Summary

Sascha emphasizes the need for governments to treat disinformation as a security issue requiring state-level response, while Iria focuses on the fundamental need to sustain civil society organizations as the foundation for addressing all digital rights issues.

Topics

Legal and regulatory | Human rights | Development

Unexpected differences

Role of international frameworks vs local solutions

Speakers

– Abdullah Ahmadi
– Valentina Aguana

Arguments

Social resistance involves solidarity networks, diaspora media, digital security training, and coalition building across regions

Technical resistance includes VPNs, encrypted messaging apps, mirror sites, and censorship-resistant applications designed with privacy and anti-censorship features

Explanation

While both speakers face similar censorship challenges, Abdullah calls for UN-led legally binding conventions on digital rights, while Valentina emphasizes that traditional solutions are not enough and advocates for building new technology solutions with censorship-resistance built in from the design phase. This represents a fundamental disagreement on whether to work within existing international legal frameworks or to build alternative technical infrastructure.

Topics

Legal and regulatory | Infrastructure | Human rights

Overall assessment

Summary

The discussion shows remarkable consensus on the problems (censorship, surveillance, disinformation) but reveals subtle yet significant disagreements on solutions and priorities. Main disagreements center on governance approaches (centralized vs decentralized), the role of international frameworks vs technical solutions, and whether to prioritize state-level policy changes or civil society sustainability.

Disagreement level

Low to moderate disagreement level with high strategic implications. While speakers largely agree on the nature of threats, their different approaches to solutions could lead to fragmented efforts. The disagreements suggest a need for more coordination between those advocating for policy/legal solutions, those building technical solutions, and those focusing on civil society capacity building.

Partial agreements

Similar viewpoints

Both speakers describe comprehensive surveillance ecosystems using similar tools (Pegasus spyware, phone tapping) with inadequate legal oversight, showing how surveillance technologies and practices are globally distributed

Speakers

– Lillian Nalwoga
– Martha Roldós

Arguments

African governments collectively spent $1 billion on surveillance tools in 2023, using phone tapping, spyware like Pegasus, and internet shutdowns as control mechanisms

Ecuador has implemented comprehensive surveillance systems including man-in-the-middle attacks and Pegasus, with new intelligence laws making surveillance legal without oversight

Topics

Human rights | Cybersecurity

Both speakers focus on governance challenges and the need for more effective multi-stakeholder approaches, though from different angles – one examining national governance models and the other focusing on civil society sustainability

Speakers

– Roberta Braga
– Iria Puyosa

Arguments

The US lacks central governance mechanisms, relying on state-level laws and platform self-regulation, with community-driven content moderation showing mixed results

Civil society organizations face critical funding shortages that threaten the multi-stakeholder internet governance model, particularly affecting smaller organizations in the Global South

Topics

Legal and regulatory | Development

Both speakers address disinformation as a systematic problem in Latin America, with one highlighting the lack of adequate response and the other detailing the sophisticated nature of government-led disinformation campaigns

Speakers

– Sascha Hannig
– Participant

Arguments

Disinformation campaigns are not taken seriously enough as security issues in Latin America compared to other regions like the EU

Latin American governments use coordinated networks of real users and bots to spread disinformation, with cross-border cooperation between countries like Venezuela, Cuba, and Nicaragua

Topics

Human rights | Legal and regulatory

Key takeaways

Digital authoritarianism is a global phenomenon affecting both authoritarian and democratic countries, with similar tactics being used across different regions including censorship, surveillance, disinformation, and restrictive internet governance

Cross-regional collaboration and information sharing among civil society organizations is not only possible but essential for combating digital authoritarian practices

Technical resistance strategies (VPNs, encrypted messaging, mirror sites) must be combined with legal advocacy and social solidarity networks to effectively counter digital repression

The sustainability crisis facing civil society organizations, particularly in the Global South, threatens the multi-stakeholder internet governance model and requires urgent attention from funders and governments

Censorship tactics are becoming more sophisticated and reckless, with governments blocking critical internet infrastructure and entire social media platforms rather than specific content

Surveillance has become a billion-dollar industry with governments weaponizing collected information for political purposes and character assassination

Disinformation campaigns often involve cross-border cooperation between authoritarian governments and are not being treated with sufficient seriousness as security threats in many regions

Resolutions and action items

Atlantic Council Democracy and Tech Initiative will conduct a systemic assessment of support needs for civil society organizations working in digital rights and internet governance

Explore partnerships with philanthropic donors and aligned states to channel resources toward civil society organizations in Africa, Latin America, and South Asia

Foster South-South collaboration between organizations from different Global South regions to work on joint projects and share scarce resources

Continue advocacy work through multilateral and international organizations to pressure governments on internet rights violations

Invest in developing new solutions with privacy-by-design and censorship-by-design approaches, following examples like the Noticias Infiltra app

Maintain documentation and research efforts to support policymaking and advocacy against surveillance and censorship

Unresolved issues

How to ensure long-term sustainable funding for civil society organizations working on digital rights in the Global South

How to effectively counter the increasing sophistication and recklessness of internet censorship tactics

How to address the lack of legal pathways to challenge surveillance and censorship in many countries

How to make policymakers take disinformation as seriously as other security threats

How to balance platform self-regulation with effective governance mechanisms for addressing online harms

How to prevent the erosion of the multi-stakeholder internet governance model due to civil society funding shortages

How to scale technical resistance solutions to match the growing sophistication of digital authoritarianism

Suggested compromises

Community-driven content moderation as an alternative to both government censorship and pure platform control, though this approach has shown mixed results

Combining technical circumvention tools with legal advocacy and social organizing rather than relying on any single approach

Balancing the need for updated governance frameworks (like Brazil’s Marco Civil da Internet) with protecting core principles like freedom of expression

Leveraging international pressure and documentation when domestic legal pathways are unavailable or ineffective

Abdullah’s call for ‘a legally binding convention on digital rights to protect freedoms like expression, privacy, access to information and corruption online with strong safeguard and inclusive governance’

Speaker

Abdullah Ahmadi

Reason

This comment elevated the discussion from tactical responses to systemic solutions, proposing a concrete international framework that could address the root causes of digital authoritarianism rather than just its symptoms. It demonstrated how extreme repression (Afghanistan under Taliban) can generate innovative thinking about global governance structures.

Impact

This comment established a framework that other speakers built upon throughout the session. It shifted the conversation from country-specific problems to the need for international coordination and legal frameworks, influencing later discussions about cross-regional collaboration and governance models.

Valentina’s observation that ‘We once thought that permanently blocking social media was a red line for censors, but unfortunately we know that that’s not the case anymore’ and her concept of ‘censorship by design’

Speaker

Valentina Aguana

Reason

This insight revealed how authoritarian tactics are evolving and becoming more sophisticated, challenging assumptions about what governments would or wouldn’t do. The ‘censorship by design’ concept introduced a proactive technical approach to resistance, moving beyond reactive measures to preventive solutions.

Impact

This comment fundamentally reframed how participants understood the evolution of censorship, moving the discussion from traditional blocking methods to more sophisticated infrastructure attacks. It influenced the technical direction of the conversation and highlighted the need for more innovative resistance strategies.

Martha’s question ‘surveillance for what?’ in discussing Ecuador’s experience where ‘surveillance was a tool for security against crime in a country where crime has risen exponentially while the government was applying these mechanisms of surveillance to journalists, to civil society, while the narcos were thriving’

Speaker

Martha Roldós

Reason

This comment exposed the fundamental contradiction in authoritarian surveillance – the gap between stated purposes (security) and actual targets (civil society). It revealed how surveillance becomes institutionalized and persists across different governments, challenging the narrative that these are temporary security measures.

Impact

This reframing influenced how other participants discussed surveillance, moving beyond technical aspects to examine the political motivations and effectiveness contradictions. It added a critical analytical layer that questioned government justifications for surveillance programs.

Iria’s warning that ‘the survival of the Internet multi-stakeholder model of governance is tied to the survival or sustainability of civil society organizations working in this space’

Speaker

Iria Puyosa

Reason

This comment connected the immediate funding crisis facing civil society organizations to the broader existential threat to internet governance models. It revealed how economic pressures and geopolitical shifts could fundamentally alter the structure of internet governance, moving from a multi-stakeholder to a state-corporate duopoly.

Impact

This observation shifted the final portion of the discussion toward systemic sustainability concerns, moving beyond tactical responses to authoritarian practices toward the meta-question of whether the current resistance infrastructure can survive. It reframed the entire conversation as not just about fighting authoritarianism, but about preserving the institutional capacity to fight it.

Lillian’s documentation that countries like ‘Nigeria, Ghana, Morocco, Malawi and Zambia collectively spent a billion US dollars in a year on digital surveillance tools’ supplied by ‘US, UK, China, some countries in the EU and Israel’

Speaker

Lillian Nalwoga

Reason

This comment revealed the global economic ecosystem that enables digital authoritarianism, showing how democratic countries profit from supplying surveillance tools to authoritarian regimes. It exposed the contradiction between stated democratic values and actual business practices, highlighting the international complicity in digital repression.

Impact

This data point added a crucial economic dimension to the discussion, showing that digital authoritarianism isn’t just about local government decisions but involves international supply chains and business relationships. It complicated the narrative of ‘democratic vs. authoritarian’ countries by showing how they’re economically interconnected in surveillance markets.

Overall assessment

These key comments transformed what could have been a series of isolated country reports into a sophisticated analysis of global digital authoritarianism. The discussion evolved through several phases: from documenting specific tactics (censorship, surveillance) to revealing systemic patterns (cross-border collaboration between authoritarian regimes, evolution of censorship techniques), to exposing structural contradictions (surveillance justified by security but targeting civil society), and finally to questioning the sustainability of resistance infrastructure itself. The most impactful comments were those that connected local experiences to global patterns, revealed contradictions in official narratives, or proposed systemic solutions. The conversation demonstrated remarkable convergence across different regions and contexts, with speakers building on each other’s insights to create a comprehensive picture of how digital authoritarianism operates as a global phenomenon requiring coordinated international responses.

Need for a legally binding UN convention on digital rights to protect freedoms like expression, privacy, access to information and encryption online with strong safeguards and inclusive governance

Speaker

Abdullah Ahmadi

Explanation

This represents a concrete policy recommendation that requires further development and international advocacy to establish global standards for digital rights protection

Investment in new solutions with privacy by design and censorship by design approaches, moving beyond traditional circumvention tools

Speaker

Valentina Aguana

Explanation

Current technical solutions are insufficient to combat sophisticated censorship, requiring research and development of new architectural approaches to internet infrastructure

Systemic assessment of support needs for civil society organizations working in digital rights and internet governance in the Global South

Speaker

Iria Puyosa

Explanation

The sustainability crisis of civil society organizations threatens the multi-stakeholder internet governance model, requiring comprehensive research to understand funding gaps and support mechanisms

Exploration of mechanisms for channeling resources towards civil society organizations in partnership with philanthropic donors and aligned states

Speaker

Iria Puyosa

Explanation

Addressing the funding crisis requires developing new partnership models and funding mechanisms specifically designed for digital rights organizations in developing countries

Foster South-South collaboration between organizations from Latin America, Africa, and Asia through joint projects

Speaker

Iria Puyosa

Explanation

Small organizations are isolated despite facing similar challenges, and collaborative approaches could maximize scarce resources and share expertise across regions

Research on community-driven content moderation models and their effectiveness in addressing online harms in real-time

Speaker

Roberta Braga

Explanation

Current community-driven approaches like Twitter’s Community Notes have limitations (14-day average for publication) that need to be studied and improved for better harm mitigation

Analysis of cross-border coordination in disinformation campaigns between authoritarian governments

Speaker

Estefania Da Silva

Explanation

The phenomenon of Venezuelan campaigns trending in Cuba and vice versa indicates systematic cooperation that requires deeper investigation to understand and counter

Documentation and measurement of the economic impact of internet shutdowns and infrastructure blocking

Speaker

Valentina Aguana and Lillian Nalwoga

Explanation

The blocking of critical infrastructure like CDNs affects millions globally, requiring comprehensive impact assessment to inform policy and advocacy efforts

Summary

This panel discussion at the Internet Governance Forum focused on global perspectives regarding network fees (also called “fair share” mechanisms) and their relationship to net neutrality principles. The debate centers on whether content providers and large technology companies should pay additional fees to telecommunications operators for data delivery, beyond existing interconnection arrangements.

Professor Kyung Sin Park from Korea University presented compelling evidence from South Korea’s experience with network fees implemented in 2016, demonstrating how even partial sender-pay rules led to dramatically increased transit costs, reduced competition, and the departure of services like Twitch from the Korean market. His data showed Korean internet costs became 8-10 times higher than other developed countries, stifling innovation and forcing content providers to relocate operations abroad.

Konstantinos Komaitis from the Atlantic Council emphasized that this debate has persisted for over 15 years without evidence of market failure, particularly noting that European regulators (BEREC) found the internet interconnection ecosystem functions well. He warned that network fees represent a backdoor attempt to undermine net neutrality and could lead to traffic prioritization based on commercial agreements rather than user choice.

Colombian regulator Claudia Ximena Bustamante shared insights from Latin America’s approach, describing ongoing consultations to understand traffic patterns and ecosystem dynamics before implementing any regulatory changes. She noted that traffic growth in Colombia appeared normal rather than exponential, partly due to increased local content delivery networks and compression technologies.

Tatiana Tropinem from the Internet Society argued that network fee proposals are “solutions in search of a problem,” emphasizing that internet users already pay for data access while content providers invest heavily in infrastructure like content delivery networks. Thomas Volmer from Netflix highlighted how collaborative engineering between content providers and ISPs has successfully managed traffic growth through technical solutions rather than regulatory intervention.

The discussion revealed a clear divide between telecommunications operators seeking additional revenue streams and other stakeholders who view network fees as potentially fragmenting the internet’s open architecture and undermining the fundamental principles that enabled its global success.

Keypoints

## Major Discussion Points:

– **Network Fees vs. Net Neutrality**: The core debate centers on whether content providers (like Netflix, Google) should pay additional fees to telecom operators for network usage, with panelists arguing this would undermine net neutrality principles that ensure equal treatment of all internet traffic.

– **Evidence from South Korea’s Implementation**: Professor K.S. Park presented detailed data showing how South Korea’s partial sender-pay rule led to dramatically increased transit prices (8-10 times higher than other countries), caused services like Twitch to exit the market, and resulted in Korean content being served from outside the country to avoid costs.

– **Lack of Market Failure Evidence**: Multiple speakers emphasized that consultations in Europe, Brazil, and other regions have found no evidence of market failure justifying network fees, with BEREC concluding that internet interconnection is a “well-functioning market” where costs have actually decreased despite traffic increases.

– **Alternative Infrastructure Investment Solutions**: Panelists discussed various ways to address connectivity needs without network fees, including reducing spectrum licensing fees, adjusting tax obligations, promoting competition, targeted subsidies for underserved areas, and recognizing that content providers already invest heavily in infrastructure like CDNs and subsea cables.

– **Regulatory Separation and Governance Models**: The discussion touched on how network fees proposals challenge the traditional separation between internet infrastructure regulation and application layer governance, potentially centralizing control and moving away from multi-stakeholder internet governance models.

## Overall Purpose:

The panel aimed to provide global perspectives on network fees (also called “fair share” proposals) and their relationship to net neutrality, examining evidence from different regions and discussing policy alternatives for addressing connectivity and infrastructure investment needs.

## Overall Tone:

The discussion maintained a strongly critical tone toward network fees throughout, with all panelists opposing such proposals. The tone became somewhat tense when telecom industry representatives in the audience challenged the panel’s composition and arguments, with one noting the lack of telecom operator representation on the panel and another calling the discussion one-sided rather than a true dialogue. The moderator acknowledged this criticism but the panelists maintained their positions, creating a somewhat defensive atmosphere by the end.

Speakers

**Speakers from the provided list:**

– **Fabro Steibel** – Panel moderator/facilitator

– **Kyung Sin Park (K.S. Park)** – Professor of law at Korea University Law School, Director of Openet (digital rights organization)

– **Konstantinos Komaitis** – Resident senior fellow with the Democracy and Tech Initiative at the Atlantic Council

– **Claudia Ximena Bustamante** – Executive Director and Commissioner of the Communications Regulatory Commission (CRC) of Colombia

– **Tatiana Tropinem** – Representative from Internet Society

– **Thomas Volmer** – Head of Global Content Delivery Policy at Netflix

– **Rian Duarte** – Representative from the Brazilian Association of Internet Service Providers

– **Louvo Gray** – Representative from the South African Internet Governance Forum, runs an internet service provider in South Africa

– **Frode Kieling** – Representative from Telco (200 million customers in Asia and Nordic)

– **Pablo Barrionovo** – Representative from Telefonica

**Additional speakers:**

None identified – all speakers mentioned in the transcript were included in the provided speakers names list.

# Global Perspectives on Network Fees and Net Neutrality: Internet Governance Forum Panel Discussion

## Executive Summary

This Internet Governance Forum panel discussion examined the global debate surrounding network fees (also termed “fair share” mechanisms) and their relationship to net neutrality principles. The session featured five main panelists representing diverse perspectives, with additional input from telecommunications industry representatives during the Q&A session. Moderated by Fabro Steibel, who referenced a campaign listing “10 reasons” why network fees are problematic for the internet, the discussion revealed significant disagreement between telecommunications operators seeking additional revenue streams and other stakeholders who view network fees as fundamentally flawed policies.

The debate was anchored by evidence from South Korea’s experience with network fees implementation since 2016, which demonstrated negative consequences including increased costs and service departures. This real-world case study provided crucial context for evaluating arguments about network fees’ potential impacts.

## Key Participants and Perspectives

### Academic Analysis

**Professor Kyung Sin Park** from Korea University Law School provided detailed evidence from South Korea’s unique experience implementing partial sender-pay rules. Park presented data showing transit costs 8-10 times higher than other developed countries, services like Twitch exiting the Korean market, and Korean content being served from abroad to avoid domestic fees. Park framed network fees as fundamentally undermining democratic participation by “taxing people for speaking online.”

### Civil Society and Technical Community

**Konstantinos Komaitis** from the Atlantic Council emphasized that this debate has persisted since 2012 without evidence of market failure. He referenced European regulators (BEREC) finding the internet interconnection ecosystem well-functioning, with a recent report showing decreasing data costs. Komaitis characterized network fees as “lazy policy” and warned that dispute resolution mechanisms could serve as a “backdoor to network fees.”

**Tatiana Tropinem** from the Internet Society argued that network fees are “solutions in search of a problem,” noting that users already pay for data access while content providers invest heavily in infrastructure. She emphasized that traffic is requested by users who pay for access, not created unilaterally by online services.

### Regulatory Perspective

**Claudia Ximena Bustamante**, Executive Director of Colombia’s Communications Regulatory Commission, described ongoing consultations to understand traffic patterns before implementing regulatory changes. She reported traffic growth of 1.7 times over two years, which she characterized as normal rather than exponential, partly due to local content delivery networks and compression technologies. Bustamante mentioned a recent Constitutional Court decision against ISP-chosen differentiated service plans that may require regulatory framework updates.

### Content Provider Perspective

**Thomas Volmer** from Netflix highlighted collaborative engineering between content providers and ISPs, noting Netflix’s infrastructure investments including content delivery networks with global server locations. He explained how “cold potato routing” brings content close to users, reducing rather than increasing network burden. Volmer referenced BEREC findings that interconnection markets function well and warned that network fees would create tolls limiting user choice.

### Industry Challenges

During the Q&A session, telecommunications industry representatives challenged the panel’s composition and arguments. **Frode Kieling**, representing a telecommunications company, argued that fundamental internet principles assumed equal traffic sharing, which no longer exists with 70-80% of traffic from content delivery networks. He contended that telco revenues are declining while content provider revenues increase.

**Pablo Barrionovo** from Telefónica criticized the panel’s lack of telecommunications operator representation, arguing for more balanced multi-stakeholder dialogue. He maintained that sustainability problems exist in the current model.

**Rian Duarte** from the Brazilian Association of Internet Service Providers noted that over 20,000 small ISPs in Brazil oppose network fees, revealing divisions within the telecommunications sector.

## Evidence and Case Studies

### South Korea’s Experience

Professor Park’s analysis of South Korea’s implementation revealed several concerning outcomes:

– Transit prices 8-10 times higher than other developed countries

– Major services like Twitch exiting the Korean market

– Korean content providers serving content from outside Korea to avoid fees

– Korean esports teams moving abroad due to latency issues

– Reduced innovation and competition

### Regional Findings

**European Analysis**: BEREC studies found no evidence of market failure in internet interconnection, with recent reports showing decreasing data costs despite traffic increases.

**Brazilian Consultations**: Two separate consultations revealed large telcos supporting network fees while other stakeholders opposed them, with law proposals prohibiting the practice under consideration.

**Colombian Investigation**: Ongoing consultation examining traffic patterns and ecosystem dynamics, with Bustamante advocating evidence-based policy making.

## Technical and Economic Arguments

### Infrastructure Investment

The discussion revealed disagreement about internet infrastructure investment. Content providers like Netflix invest significantly in content delivery networks, challenging narratives that only telecommunications operators invest in internet infrastructure. Multiple speakers noted that various players including CDNs, cloud providers, and edge nodes contribute to internet infrastructure.

### Traffic Management

Several speakers explained how modern internet architecture handles traffic growth efficiently. Local CDNs and compression advances have made traffic growth manageable, while CDN architecture legitimately changes traffic patterns for technical reasons rather than creating unfair advantages.

### Economic Sustainability

Telecommunications representatives raised concerns about revenue sustainability, with declining telco revenues alongside growing content provider revenues. Other speakers argued this reflects normal market evolution rather than market failure requiring regulatory intervention.

## Net Neutrality and Democratic Implications

Multiple speakers emphasized that network fees contradict net neutrality principles by allowing ISPs to prioritize traffic based on payment rather than user choice. Park argued that net neutrality is essential for democratic participation, preventing regression to telephony-style systems that tax online communication.

Volmer compared potential network fee systems to cable TV, where ISPs control content access through special deals, directly contradicting net neutrality principles that users should control their content access.

## Alternative Approaches

Speakers proposed various alternatives to network fees:

– Reducing spectrum licensing fees

– Adjusting tax obligations and coverage requirements

– Providing regulatory flexibility

– Implementing targeted subsidies for underserved areas

– Promoting competition and technical collaboration

The discussion highlighted successful technical collaboration between content providers and ISPs through CDN deployment and traffic engineering without requiring regulatory intervention.

## Areas of Disagreement

### Historical Internet Principles

Significant disagreement emerged about internet traffic exchange foundations. Kieling claimed equal traffic sharing was a founding principle, while Park disputed this characterization. The debate revealed different interpretations of how modern CDN architecture relates to historical internet design.

### Market Failure Evidence

Sharp disagreement existed about whether current conditions justify regulatory intervention. Telecommunications representatives argued that revenue imbalances demonstrate sustainability problems, while others maintained that studies show well-functioning interconnection markets.

### Multi-Stakeholder Representation

Telecommunications representatives criticized the panel composition as one-sided, while the moderator noted that consultations consistently show most stakeholders opposing network fees except large telcos.

## Global Development Concerns

**Louvo Gray** from the South African Internet Governance Forum, who operates an ISP, raised concerns about network fees impacting efforts to connect over one billion unconnected people in Africa. He noted shifts from telco-owned to content provider-owned undersea cables and worried about new barriers for African-owned networks and content creators.

## Regulatory Separation Issues

The discussion touched on concerns about network fees challenging traditional separation between internet infrastructure regulation and application layer governance, potentially centralizing control and moving away from distributed governance models.

## Conclusion

The panel revealed fundamental disagreement between telecommunications operators seeking additional revenue and other stakeholders opposing network fees based on evidence from South Korea and various regional studies. The weight of evidence presented, particularly regarding negative outcomes in South Korea, suggests significant challenges for network fee proposals.

The discussion emphasized the importance of evidence-based policy making, with ongoing consultations in various regions examining these issues. Alternative approaches to addressing infrastructure investment concerns were proposed that would not undermine internet openness or net neutrality principles.

The debate appears likely to continue across multiple jurisdictions, with the fundamental tension between telecommunications revenue concerns and broader stakeholder opposition remaining unresolved. However, the evidence presented suggests that network fees face substantial policy and technical challenges in gaining widespread acceptance while maintaining the internet’s open architecture.

Fabro Steibel: So, hello everyone, welcome to the panel Global Perspectives on Network Fees and Net Neutrality. I really enjoy this panel because we have been talking about this for some years now. So I’ll make a short introduction. We have five speakers. Each one will have a slot of one minute to present himself, 12 minutes to address the topic and then we open for questions and comments from the audience online and on site. So if you’re unaware of network fees are, some will call them fair share, some will call them internet tools, so some will support, some will not support. The idea is that the price, the cost that you use for connectivity can or cannot vary according to the telco decision and the service provider. This has been a topic for consultation in Europe, in Brazil, in South Korea, in US and other places and in some countries they have experienced the network fees impact like South Korea. We did a campaign, we call it the Internet Tool, and we gave 10 reasons why we believe it’s against the past for the Internet. So there you have your issues of consumer rights, you’ll have issues of data costs, and others. It’s of particular interest the report from BEREC that will say that the cost for data has been decreasing the past years, which does not justify the introductions of new fee systems. That said, telcos will support that they need more proportional contribution to the networks, governments will say that they need more investments for connecting the unconnected, and it’s a topic of different size and contradictions. So I’ll give here the floor, one minute for each one to introduce. So K.S. Park. K.S. Park is professor of law at Korea University Law School, and director of Openet. Welcome.

Kyung Sin Park: Yes. I don’t think at IJF, especially at IJF, we should not be afraid of talking about not just the economic significance of net neutrality, or other norms or practices by which we have financed the data delivery around the world to make the Internet possible. I’ll get into that, and I’ll talk about how even a small departure from that golden rule, the golden practice, will cause disasters on the Internet ecosystem as seen in South Korea.

Fabro Steibel: Thank you, K.S. We move now to Konstantinos Komatis, resident fellow. with the Atlantic Council Democracy and Tech Initiative.

Konstantinos Komaitis: Hi. Hello, everyone. Good morning. So glad to see so many of you here. Interested in this topic, as Fabro said, my name is Konstantinos Komaitis. I am a resident senior fellow with the Democracy and Tech Initiative at the Atlantic Council. I have spent pretty much 20 years discussing this issue, so I can’t believe that we’re still discussing this issue, frankly. I was in Dubai when this was a thing in 2012. Then I was part of the conversations in Brussels when the open internet regulation was being discussed in 2015. And then since 2021, I believe, if I remember correctly, we have been discussing it again in Europe, and I have been engaging in those conversations as well, and also in some conversations that are happening in Brazil. So very much looking forward to this.

Fabro Steibel: Thank you, Konstantinos. So we move now online to Claudia Ximena Bustamante. She’s Executive Director, Commissioner of the Communications Regulatory Commission, CRC, of the government of Colombia. Welcome, Claudia.

Claudia Ximena Bustamante: Hello, everyone. Thank you for having me in this space. I’m Claudia Ximena Bustamante, Executive Director and Commissioner of the Communications Regulatory Commission of Colombia. We have been studying this topic since last year and working on net neutrality more than a decade. It would be a pleasure to discuss with all the panelists today.

Fabro Steibel: Thank you, Claudia. So now, we move to Tatiana Tropinem from Internet Society.

Tatiana Tropinem: Thank you very much for having me here, Tatiana Tropinem, Internet Society. In a society we have been engaged with this debate very closely, because various proposals, not only on network fees, I will speak later about how this debate has been shifting, taking different directions and different angles, but how ultimately there is no indication that there is any problem that actually needs to be solved. In fact, all these proposals on network fees are more solutions in search for a problem, and how they ultimately can fragment the Internet, disadvantage consumers and have quite a detrimental impact on Net Neutrality. Thank you.

Fabro Steibel: Thank you, Tatiana. And now we move to Thomas Volmer, Head of Global Content Delivery Policy at Netflix.

Thomas Volmer: Thank you, Fabro. And hi, everyone. It’s great to have such a nice attendance early in the day. Hopefully if we put on a good show, more people will also walk into the room. So thank you all for making it. So I’m Thomas Volmer. I represent Netflix today and the so-called private sector. But you know, it’s been 20 years in this great community of IGF. We’re all part of this multi-stakeholder process. And, you know, from event to event, sometimes we represent different organizations. And so I think I’ll bring that perspective also as a practitioner of IP interconnection. I’ve been doing this for 15 years on the telecom side and then on the hyperscale, on our content side. And yeah, I look forward to a great discussion. I’m a little bit intimidated because I see Professor Park has prepared a slide deck. So yeah, I’ll just talk through the issue.

Fabro Steibel: Park always have good decks. We should all be intimidated. So I think there is a higher issue here. So we have been discussing network fees for a few years. But directly related to that is how do we govern, how do we regulate the Internet? So in the past, we make a distinction between how we serve the Internet and how we use the Internet. two layers of the internet that we keep separate, at least in terms of regulation. In Brazil, for example, the telecom agency is allowed to rule the infrastructures of the internet but not the application layers. In other countries this happens as well, in the EU and others, and this has been questioned. And this is directly related to the idea of network fees, so it’s very good to discuss this, because beyond the idea of network fees per se, there is a discussion here on how we regulate the internet and how many people, how many agencies we have involved in that. So KS, would you like to start?

Kyung Sin Park: Yes. That’s me, that’s my contact information in case you want to take it down. So I’m a professor at the school and also directing open net digital rights organization that have been fighting for various golden digital norms, including net neutrality. Now, you all know that the sender pay rule that was proposed by telcos at ITU 2012 was roundly rejected by all stakeholders, and you already know why they were rejected, because there is this canonical relationship between net neutrality and information revolution. Under the net neutrality regime, where traffic is not discriminated for content, device, application, or whether the traffic was paid for, under that regime everyone has a chance to spread his or her message to everyone else without having to worry about the cost of data delivery. You can just put up one video revealing, say, police brutality, and one billion people can watch it. The photo that you see is the statue of democracy fighters who worked around the time of Gwangju Massacre of 1980, which was a really important event in the modern history of Korea. They are risking their lives in printing leaflets, asking people to come out for demonstration, and passing those leaflets out, they’ll have to risk their lives, otherwise risk of being caught by the police and being tortured. And these days, the protest organizers, they don’t have to go through this risk. They can just put on one video, one message, and people will come out. And that’s how you see the massive demonstrations in South Korea these past few decades. So fight for net neutrality is not just to fight to continue information revolution, but also not to regress back to the world of telephony or postage, where the sender, whoever is speaking, has to pay the cost of delivering their messages. The sender payroll exactly undercuts this pro-democratic effect of the internet by taxing people for speaking online. So the internet was built on this idea that we can all crowdsource our connections with one another for free. Because everyone pays for local connection, no one has to pay for the global delivery of data, no matter where you are. And standard payroll undercuts that. So we have had this system where everybody’s paying for local connection, but really don’t have to pay anything for actual delivery of the data. Now network fee proposer, which was revived a few years ago, is something different. It seems to apply only to the cross-border data traffic. It has nationalistic character to it. So what telcos are saying is that they’re spending money to maintain the domestic network. So whoever is sending data into the network, thereby burdening the domestic network, needs to pay the telcos who are maintaining it. But what telcos are forgetting is that the traffic route of any internet communication has the overseas segment and the domestic segment. Who is paying for the overseas segment? Big techs are investing in subsea cables and content delivery networks. Now telcos, they can charge their customers the monthly fees, exactly because the customer exactly because their customers can receive the data from overseas big techs delivered through these subsea cables and CDNs. So, telcos are benefiting from the big techs’ overseas infrastructure as much as the big techs are benefiting from the domestic infra. So, it is this mutual beneficial relationship. So, internet communication has this beneficial relationship and that’s why the early internet framers, the early framers of the internet decided not to charge one another and that decision really made the information revolution possible. Actually, telcos already know this because, you know, telcos, when they receive the traffic through the hierarchical, the normal hierarchy before the big techs began delivering the traffic at their doorstep through subsea cables, they actually paid money to the higher-tier telcos. But now, by receiving traffic directly from the big techs, they are actually saving money. Again, a mutually beneficial relationship. Now, you already know that when there is this mutual benefit, usually peering takes place on a settlement-free basis. Now, net neutrality does not require peering to be settlement-free. Peering can be paid for and net neutrality does allow that, but the problem with the network fee law, the fair sale deal or, you know, network fee law in other countries is that it mandates paid peering. Think about it. If the law And I would like to ask you, what do you think will happen if one party requires one party to pay, and the other party to get paid? What do you think will happen in that relationship? There will be abuse. The party entitled to payment will abuse the relationship to charge as much as possible, and the other side will have to succumb to whatever the demand is. Why? Because they have a legal obligation to make the payment. Now, how do I know this? You don’t need a thought experiment to do this, because the real experiment happened in South Korea in 2016. You will see that even small departure from this mutual beneficence principle causes a huge problem. So in South Korea in 2016, the government instituted a partial sender pay rule. So under this rule, only among the telcos, only among the ISPs, the sender had to pay. What happened? Telcos, you can see the image, you can see the picture above, the telcos hosting popular contents like Facebook cash server or Naver, Korea’s number one platform. By definition, because they were popular to all the users of the internet, they became the net sender of the traffic, and they had to pay other telcos. Which means hosting popular contents became a burden for the telcos, so the competition among the ISPs to host popular contents disappeared. And because the competition disappeared, Korea became the only country that the transit prices, which is really the internet access fees on the supply side or data supply side, did not fall unlike all other countries where the transit prices fell by at least 5 to 10 percent each year. Already in 2017, you can see that Korea’s transit prices is 8.3 times Paris, 6.2 times London, 4 or 5 times New York and L.A. And this trend continues to 2021 when the Korea prices became 8 times London and 10 times Frankfurt. And this, of course, makes the network environment toxic for Korean content providers. Which explains why you don’t see successful startups from Korea after Naver and Kakao. Even public interest apps like COVID-19 contact tracing apps, the operators complained to the media that network fees are restricting their ability to meet the demand. Many Korean content providers ended up leaving Korea to avoid exorbitant access fees and this affects the foreign content providers as well. It has exerted upward pressure on paid peering fees that Korean ISPs charged on foreign content providers. So Twitch, the premium game video platform, pulled out of Korea in 2022 citing, quote-unquote, network fees 10 times more expensive than other countries. 10 times Frankfurt, you see it? And, you know, when this happens, you think that, oh, okay. So, today, Naver has a domestic platform, Naver has a game platform, so they should welcome this, because now one competitor is eliminated. No, Naver also opposes this law, because they know that if this law is accepted, it will consolidate the system where the content providers always have to pay to send traffic. And Cloudflare gave up serving Korea content from Korea, instead they are serving it from Hong Kong or Tokyo, making Korea the market with the most latency among OECD countries. Now, probably there is a nagging argument that, you know, still, we should do something about big techs, because their traffic accounts for like 40% of the entire traffic volume. But the argument is really unfounded and almost childish. I mean, if NVIDIA chips cover 90% of the AI chips market, does NVIDIA have to pay something back to the customers, right? We have to think about the cost, right? Whether the traffic actually increases the cost of network maintenance. Now, okay, well, does traffic really cause congestion? No. I mean, you see, on the left side, if ISP provides 50 Mbps, then it can be distributed to five houses, but if the ISP provides only 30 Mbps, you know, it will cause problems for all the households. Now, what’s going to happen? So, this means that no matter how much each household, no matter how much a single household tries to use data, it cannot use more because the pipeline is already fixed for each household. So, the real responsibility for removing congestion comes from ISP who are laying the regional line, whether it would be 50 Mbps or 30 Mbps, whether it’s enough to supply all the households.

Fabro Steibel: Now, I like that even the dog is upset in the right hand side.

Kyung Sin Park: Yes, okay, I’m almost done. So, this is the graph showing how over the four years of the pandemic, the traffic increased five times, and yet the green bars representing not just network maintenance cost, but also capex, capital cost, has remained the same over the years. So, I’ll stop there, and then I’ll answer any questions you may have.

Fabro Steibel: Thank you, KS, and the discussion is particularly important now. I welcome you to see either in the ISOC report or KS publications the graph on the first days of implementation of the network fees in Korea. You see a spike of internet flowing outside of Korea to come back to Korea. In the current state where we need kind of AI fabrics, we need data centers, we must remember that this kind of data flow is the milk way, is the basis of how we fund data centers. If we make data be processed elsewhere, our data centers will become less cheap to process or own.

Konstantinos Komaitis: Thank you Fabro. So it’s a very hard task to follow KS because she has been literally doing this for such a long time and he has the data. I’m going to give a little bit of the European perspective here which actually is in some ways the reason we are still having this conversation globally because telcos, European telcos, and a small number of them really started this conversation. I’ll focus on predominantly four points. So one of the key arguments that we have been hearing in Europe is the fact that this idea of network phase is necessary because it is required to finance the increasing demands over infrastructure in Europe. And of course we all know that the internet infrastructure is not just limited to access networks because actually the internet is not really a monolith and it consists of many different players that are invested heavily in order to make sure that this infrastructure expands and is able to meet the demands of users. As I said in the beginning this is really not new. We have been having this conversation for 15 years at least and for 15 years we have been having reports suggesting that actually the internet model of traffic exchange is responsible for producing lower prices, promoting efficiency and innovation, and attracting investment that is necessary to keep up pace with the demand. So over the years of course and because the internet has changed and because the demands of users have also changed we have seen this increasing number of new players entering the infrastructure to facilitate the higher demands of traffic. You have content delivery networks, you have cloud providers, you even have community networks, satellite networks, data center, edge nodes and content caches are just a few of the new infrastructures that have developed to support internet communications. So the reality is that there is really not just one way to finance infrastructure and I think that it would be really naive to believe that. However, you know, telcos are fixated in just one way, direct payouts, give us money and we promise that we are going to address your infrastructure’s needs. The second point that I want to raise is really about what KS was also talking about, this idea of network neutrality and what such a system could do to this very basic yet fundamental principle that exists in the internet. So we all know that the internet is a network of interconnected networks, when data moves from point A to point B it is routed through these networks and now different companies own and manage different parts of the network. So the fact of the matter is that, you know, ISPs are really the gatekeepers to the content users to access and ISPs have a lot of power, if you think about it, at their disposal. They can mess up with traffic, they can degrade your traffic, they can change your quality, they can do a bunch of different things. So the idea of network neutrality is that they are not allowed to do that and we need to make sure that this continues to happen because if we give them any indication that the rules are a little bit flexible they will be able to mess up with the way traffic is delivered and the experience that users end up having. So imagine an environment where telecom operators are able to negotiate deals for infrastructure development. with certain companies within the Internet’s value chain. So logic dictates here that there must be some sort of a trade-off. We cannot expect money just to be handed out to telcos from Google or any other big company. So the possibility is, and that could happen, that a telco may end up prioritizing traffic or allowing content from certain companies. And that is a real issue. The other thing that needs to be pointed out, especially in the context of Europe, is that no one has ever proven that there was ever a market failure. Literally. I mean, there have been studies after studies after studies that actually say it is the contrary. There is no market failure in Europe. So when we have been asking for evidence that, you know, why do we need this change in order to be able and support a market, we have not been getting that evidence. And this now is on top of a global pandemic where we saw a massive increase in traffic. If there was ever a period in time where we could have had market failure, it would be during that one year in Europe when we were all locked up in our houses and the only thing that we were doing was accessing the Internet. So another point. Moving money from one private actor to another is really not a good idea. It’s actually a pretty lazy idea, if you think about it. So the Internet is made up of independent networks and each network joining the Internet is responsible for their own policies, their maintenance and upgrades. Any proposal now that suggests a forced subsidy from one part of the Internet’s value chain to another through undue… The European Commission should really focus more on incentivizing investment in innovation rather than trying to transform the way those networks interconnect. And the last point that I want to make, and I will just wrap up, is that I find it very ironic that in Europe we are talking a lot about competition and the fears of market concentration, and here, you know, we should be asking ourselves how sustainable really is a model where big technology companies will be paying off telcos? And I have been asking that question. I mean, how long do we think this is going to be happening if it goes through? Five years? Ten years? Fifteen years? When is going to be the point before big technology companies say, you know what, I don’t want to pay anymore, I’m just going to start providing my own, you know, become an ISP and start providing my own Internet access? And then you really talk about Internet concentration, market concentration, sorry. Before closing, right now in Europe we are at a place where we sort of phased off discussing network fees, but we are entering a place where we’re discussing dispute resolution mechanisms. So we’re not using the term network fees, but we’re really talking about other ways in order to make sure that this money flows from one private actor to another. And we’re even discussing perhaps reopening again the conversations around the open Internet regulation which has affected the network neutrality conversations. Let me make something very quick. I want to be very clear, a dispute resolution mechanism is a backdoor to network fees, it is exactly the same. The idea is again not new, it has been borrowed from the publishers and we saw it happening in the context of in Australia and in France where some deals have been made between big technology companies and publishers. Unfortunately we don’t have a lot of visibility in how that works simply because those agreements are covered by NDAs so they are not transparent and the only thing we know however is that they don’t cover smaller publishers. These are literally deals between huge publishers and technology companies. So again, we need to rethink what we want to create, if it is literally about innovation and investment and ensuring that infrastructure develops, this is really not the way to do it and happy to discuss further.

Fabro Steibel: Thank you Konstantinos and that reminds two big gaps in the network fees mechanism. The first one is, if you transfer funds from the private sector to another private sector, you cannot make sure that that funds will be used for connectivity, for connecting the unconnected or innovation. Basically you just transfer from the same sector one place to another, you don’t pass through the government, you don’t even have this and the second one is transparency. If you increase the need to have private contracts, you can have NDAs and you can have less transparency on how these costs are shared and how this is impacting the internet. So Claudia, we go online to you. Welcome.

Claudia Ximena Bustamante: Okay, regarding this discussion, I want to address first the net neutrality as a principle. In Latin America, many countries have adopted that there is no neutrality in their laws. For instance, in Colombia, since 12 years ago, neutrality is applied in Colombia. For that reason, we need to have an open internet without discrimination related to the type of traffic or company, or any sector. I think this helps to foster innovation and to continue the evolution of the ecosystem. When we talk about network fees or fair share, it’s a discussion that is brought to the table mainly by the telecom operators who control the access networks. And they indicate that there are huge investments needed in the years forward. And they need that all parts in the ecosystem contribute to the sustainability. From the regulator perspective, we need first to identify if there is a problem, if there is a market failure. For the reason in Colombia, at the end of the last year, we opened a consultation to all the stakeholders, but not focused on fair share specifically, but in the whole ecosystem to understand better… In Colombia, how is the functioning between access networks, content networks, and all of the agents of the value change of internet for mobile and for fixed telecom networks? In that council, we ask for information about traffic evolution, ARPUs, infrastructure provided by the different actors, the content access providers and the telecom, and we are gathering this information to have a real diagnosis of what’s happening here, because as we heard before, the Europe and the South Korea approaches are very different, and we cannot only bring that experience directly to the Latin region. We need to understand what is happening in Latin America, having in mind that we have multinational companies also working here. In the first analysis that the CRC has taken, we saw growth of the traffic in 1.7 times in the last two years. We think this is a normal growth. There is no exponential growth of the traffic that sometimes was mentioned by some actors, and we think this could be due to main assets. One of them is the distribution that has been made for the content. We have more CDNs and caching installed inside our country, and this helps to have the local or domestic traffic instead of overseas. And the other is the technical advances made in compression. Some content providers have been working on that, and in the LATAM region we have news about agreements between big tech companies and big ISPs in different countries like Mexico, for instance. This will help to lower the need for traffic, for networks, lower the pressure for the network that is handling that traffic. Of course, we understand that there’s a great pressure for investment and for connecting users. We have now a lot of users that have not been reached by any network at the moment. We have a connectivity gap in Colombia and in different regions, and as a strategy and as a public policy, we need to address that. In that aspect, different discussions have been taken. to have more actors, more stakeholders contributing to universal service funds, to have more resources to address this connectivity gap. This is a topic that has been discussed by many public policy government agencies around the region, and it’s a way to have more services, more reach of the services for the users. But at this moment, we don’t think there is a specific solution for this discussion that has been taken mainly in the last two years for Latin region. We know BEREC, like Konstantinos said before, has more years discussing this, and we know we have studied their experiences about the conclusions of the functioning of the IP interconnection and how the peering and the agreements are still working for the European context. We hope to have the results of our analysis related to this open consultation of the Internet ecosystem in Colombia in the next month. And also, we have a new legal aspect to review, because our constitutional court recently took a decision about our net neutrality law, and maybe as a regulator. We need to make a review of the current regulatory framework related to neoneutrality, because the Constitutional Court considers that offers differentiated plans to the users with specific applications or contents chosen by the ISP, not by the user directory. It’s against the neutrality principles. For that reason, we will have to study that decision when it’s fully published in the coming month. Maybe we have in the next year an updated regulatory framework for neoneutrality and for this discussion.

Fabro Steibel: Thank you very much, Claudia. It’s very interesting that the results of the consultations are coming in the next month. Brazil has done a consultation twice. We have evaluated all contributions and split from those supporting network fees and rejecting network fees. Basically, big telcos are one side, the others are in the others, which reinforces an Internet Society report from two years ago that I think was named Telcos versus the World. So, Tatiana, please feel free.

Tatiana Tropinem: Thank you very, very much. I just want to start with a very brief reflection that these debates are developing and there are some shifts. As Konstantinos said, there is not one way to finance the infrastructure development, and there are certainly various and very creative ways on how big telcos push this idea. Konstantinos Komaitis, Claudia Ximena Bustamante, Paula Bernardi, Thomas Volmer, Claudia Ximena We are witnessing various debates and discussions about regulating platforms through quality standards, which again is a backdoor to network fees. And what does it show? To us, it shows that it is not about these initial concerns about the lack of infrastructure investments. So far, we don’t see any indication that there is a problem that needs to be solved with the network fees or fair share. As I said at the beginning, in fact, it’s like a solution, various solutions have been proposed in search for a problem. It is my understanding, of course, we will look forward to see the outcomes of the consultation in Colombia, but various debates in Latin America found no marked failure. The consultations in the European Union also failed to provide any evidence of a problem that needs any regulatory interventions like that. And even more, the European body of regulators for electronic communication, BEREC, already mentioned here, has concluded that Internet’s interconnection ecosystem is a well-functioning market. It has very good dynamics with very balanced bargaining powers. And BEREC also said that the introduction of these cost-sharing mechanisms would, in fact, have very negative consequences on the Internet ecosystems. So, it’s basically all about the telecom operators generating revenue. And to us, the reference to content providers being traffic generators is the flawed premise that BEREC has already debunked, at least in the EU. So following these developments and following these narratives in the EU, in Latin America and also in South Korea, basically lets us witness how the big telecom operators are trying to break the net neutrality frameworks. And they are even saying it openly, that hello, hey, this is the time to review the net neutrality. And as I said already, the premise that content providers or platforms are traffic generators, that they generate the traffic, is fundamentally flawed. The traffic is not created by the online services. It is requested by internet users. It is this traffic that those very users already pay for in the internet subscription and just as online service pays for their own internet access to send it. So to put it simple, there is no service free riding on the internet because data access and fees have already been paid. There have already been factors at the cost. And in addition to telecom operators, for example, content generators have their own investments. I’m pretty sure Netflix could tell us how much they invest in this content creation. It’s also millions. So from our perspective, any solutions that would introduce network fees would first of all disadvantage the smaller players by creating much higher entry barriers. They will risk fragmenting the internet by conditioning this connectivity on prior contracting with the user’s network. And ultimately, these costs are going to be passed on the end users, which contradicts that very principle of. And this is the kind of fairness that these proposals seem to be motivated by. But more importantly to us, to our mission, these solutions can fragment the open and globally connected Internet because the current global connectivity is based on voluntary inter-networking agreements that allow network operators to optimize their connectivity to meet their customer needs. And this is basically a cornerstone for the Internet to be an efficient network, resilient network that is able to host new applications, deploy these innovative services. And this happens without prior contracting with everyone in the system. And these arrangements foster innovation, they foster development. So how these network fees solutions will break the Internet? Simply speaking, and I’m really saying it simply, they can turn the idea of the Internet into a telephone system. The same regulation. And again, talking about the development of this debate, as Fabio mentioned already, in Brazil there is a proposal to revoke the norm that clearly separates telecom services from value-added services as the Internet. And this distinction allowed Brazilian Internet to grow as a decentralized competitive ecosystem. We recently published an open letter for Brazilian lawmakers and regulators highlighting the threat that this proposal of separation creates. Centralizing Internet control, weakening market diversity, disrupting current governance model which is based on public interest and multi-stakeholder input. So to sum up, if we stop treating the Internet as technology-neutral, general-purpose network, we will just lose it. And we will rebuild it. We already witnessed the evidence, like for example when KC spoke about South Korea, and anecdotally also, but importantly for users and services, when you look at Korean markets, you see that teams playing big esports in Korea do not play from South Korea anymore. They move to other countries to avoid playing because of disadvantage in network latencies that are basically unbearable for their activity. And I know that for some regions it might be irrelevant, but in South Korea it’s a very big issue. And as I said before, the consultations in Latin America and the EU didn’t find any market failures to justify such interventions in the traffic. And just to wrap up, if we continue these debates that connect the issue of investment to telecom infrastructure, to this flawed premise of traffic generators, we will always get nowhere, we will get stuck at best, and at worst we’ll have fragmented internet. Exactly because the initial premise in this discussion is absolutely flawed. And in this context, any solution, if we think that okay, maybe the investment in the infrastructure is a problem, but any solution that connects network infrastructure investment to traffic generator is not a proper solution, because it does not solve the root of the problem. Thank you.

Fabro Steibel: Thank you, Tatiana. And I think I can bring another topic to the table, which is freedom of expression. There is a big policy framework that we need a huge sheriff in the internet, that the open and safe internet needs limits to be enforced, and then we need sheriffs. And network fees are not content neutral. They might imply on what is distributed and how. So let’s say I have Netflix, a documentary in favor of free internet. I am a believer of myself and I have a documentary against myself. If I can make a distinction on how both of them, each of them, reach the audience, there is a direct impact on freedom of expression amongst others. So, Thomas, moving to you.

Thomas Volmer: Yeah, I don’t know if the documentary is for or against you, Fabro, so I haven’t seen it yet, so maybe it will come soon. No, thanks. A lot has been said already, of course, so I’ll try not to repeat what many of you have said. Maybe just to start looking at the evidence, good policy is always grounded on evidence. The discussion, of course, has been rebooted in the past two years, but it’s not been years, it’s been decades. We have decades of perspective on Internet traffic growth. And in the past, what, let’s say 25 years, since the Internet has gone really commercial and mainstream, traffic has probably grown 500 or 1,000 times. Is this out of control? Is the Internet breaking? No, it’s thriving, it’s doing great, because that growth is absolutely sustainable. And the reason for that is that it’s managed really well in a collaborative manner by the stakeholders, many of which are in the room today. In the interconnection space, what does that mean? That means that content providers, such as Netflix and ISPs, large or small, work together to make the traffic flow in an efficient manner. It’s in both of our interests, because our joint consumers, our customers, consumers, want access to great content and are willing to pay for good quality broadband to access great content. So what does it mean in practice? Netflix has invested over a billion dollars in its own content delivery network, Open Connect. We have over 6,000 server locations around the world, which means that when you press play on Netflix, you’re actually streaming from right around the corner. It means no terabits of streaming over a long distance. and I’m here to talk about the long-distance network, no congestion of the long-distance backbone and unhappy dogs in the Korean households thanks to that. And to be clear, it’s not Netflix doing it on our own. It is working with ISPs to do it. It’s literally engineers sitting down in the same room, drinking coffee, sometimes drinking beer, and figuring out network planning together. And so it’s that joint work of the community that has achieved this important project, and we can talk about this now. We’re always competitive, sometimes, sometimes. I just wrote it down because the quote I couldn’t have written it better myself. Network use cylinder had increased, but due to technology development as well as competitive pressure, marginal network costs are observed to have declined to the point that they outweigh any increased costs associated with increasing network use. And the internet has, since it was created, managed to cope with traffic growth and more accentuated traffic peaks, all of which reflect changes in usage patterns as well as increased diffusion of internet access throughout societies. Bayreg considers that due to competition as well as technological progress, there is currently no indication that this is likely to change in the future. Okay. I think I’ve said my piece. I think it’s pretty self-explanatory. Just addressing the net neutrality point, I think if we boil it down very simply from a consumer perspective, net neutrality is about paying for one single broadband access and being able to access any content of your choice, whether it’s on Netflix, any other service. And network fees directly turn this principle upside down, because if there’s a toll at the entrance of your ISP network, then you don’t have the choice of the content. You can only access the content that has a special deal with your ISP. So, the user is not in control anymore, the gatekeeper is in control. That’s the fundamental contradiction. And by the way, in the entertainment world, we know exactly what it looks like when there’s no such neutrality. It’s called cable, and it sucks. That means that you’re buying a cable broadband and you’re subject to carriage disputes. Oh, the carriage provider don’t get along, you don’t have this channel or that channel. On the Internet, it’s simple, you pay for your broadband, you pay for your Netflix or your Disney or anything else, and you have the choice. I think it’s a much better system. So, in our engineering discussions, you know, between ISPs and content to figure out the servers and the interconnection, yes, there’s one moment at the end of the meeting, you figure the plan out, you drink all the coffee, and there’s, oh, by the way, my boss says, you need to pay for this interconnection. And maybe the other side will be, well, we think maybe you should pay for the interconnection and access the content. Is that a good model? Yeah, no, that’s not a good model. All right, let’s move on. That’s hardly a market failure. It’s just the way the business is done. Now, I wanted to address, I think Claudia mentioned a lot of interesting points, right? I don’t mean to say that everything is fine on the Internet, there’s no issue to resolve. I think, you know, we’re gathering at IGF every year because there are still very interesting questions to resolve. And I want to mention a few of them, right? Websites are still being throttled today, even including in developed nations. There’s a net neutrality case in Germany happening at the moment. We still have unconnected people, billions of people around the world that are still not connected to the Internet. And geopolitical risk is creating risk of splinternet. Those are the real issues, not the network fees, right? And so the good news is that there are existing good solutions that work for many of those problems. I’ll mention some of them. The first one is the most obvious. First, do no harm, right? I’m often asked, like, well, yeah, but isn’t there a compromise to be found in this fair share? Let me be crystal clear, if you are looking to solve a problem that does not exist, there is no compromise to be made. That’s a solution in search of a problem. Now on the supply side for connectivity, competition has been proven over and over again to be a great way to stimulate investment and stimulate affordability. Pro-competitive policies should be considered whenever they are helpful, of course. And then there’s potentially a coverage gap that can be addressed through subsidies. I think even bigger is a demand gap. We were talking about Latin America. I’m always fascinated by the figures that GSMA releases for Latin America. I may be misquoting the numbers, but directionally, I think there’s over 90% of people covered by 4G networks and I think only around 60% adoption. That means people are covered by the network. However, either they choose or they cannot afford to actually subscribe. That is the adoption gap. And that is a demand gap. Streaming services like Netflix contribute to demand, of course, to the Internet. There’s a causal link between the availability of video on demand and then broadband adoption, adoption of faster speed, willingness to pay, and consumer surplus. So that is a way to address the demand gap. Of course, that is not the only way because, as you well know, it’s not just about entertainment on the Internet. It’s also about access to information, access to public critical infrastructure, and so on and so forth. And so in terms of policies, I think if I want to quickly recap, and I know we need time for the questions as well, discard the false good ideas, do no harm, move on from the debates of the past. Pro-competitive policy to stimulate the supply side, potentially targeted subsidies, but also pro-demand policies. And the demand, again, is generated by the content, by the availability of the online services. Nobody buys a broadband connection to see the little blinking lights on their router. Well, actually, maybe I do. I like to have a super fast fiber at home in Paris and see those light blink really, really fast. But I don’t think that’s the majority of people. And so there’s often this idea of, well, shouldn’t we tax the online companies to fund the infrastructure? That’s looking at the problem exactly backwards, because you’re going to compress the demand by suppressing taxing the demand for the thing you actually want to stimulate adoption of in the first place. That’s not going to work. Thank you.

Fabro Steibel: Thank you, Thomas. Now we have 13 minutes. By the end of it, they cut my mic. So we need around 10 minutes for the table to reply to a question. So we have three minutes for collecting questions. We can start here. Please be aware of the person next to you.

Louvo Gray: Thank you very much and much appreciated for facilitating this very important discussion. My name is Louvo Gray. I am from the South African Internet Governance Forum. And I run an internet service provider in South Africa. So given Africa’s urgent need to expand affordable internet access to over 1 billion unconnected people, how do we then ensure that the global network fee models do not create new financial barriers for African-owned networks, content creators, and also users trying to participate meaningfully in the digital economy? Because I think one of the discussions we are not having is that traditionally, the undersea cables were owned by your Dacha telecoms, which are consortiums of telecommunications companies. And most of those cables have reached end of life, are now reaching end of life. And the new generation of undersea cable owners are the very same content creators we’re trying to influence. The telcos want to introduce network fees for.

Fabro Steibel: Thank you very much, we go for the next one on site.

Rian Duarte: Hello, my name is Rian Duarte, I’m from the Brazilian Association of Internet Service Providers. We have been an active voice against network fees in Brazil. We represent small ISPs and small businesses in Brazil. We have been working with the Brazilian government for a number of years. We have been working with the Brazilian government for a number of years. We represent small ISPs and small and medium operators in Brazil. As you may know, Brazil has a rich ISP system with over 20,000 small and medium companies holding over 60% of fixed broadband market share. Unfortunately, as has been shown by the panel, our regulator continues to hold debates on this topic, even though big telcos have not been able to produce concrete evidence of a problem to be solved. But on the other hand, we are happy to see a push against network fees from our parliament with law proposals prohibiting this practice and we would urge other countries to follow suit. And my question is a very simple one, what else is there to be done to overcome this debate so we can focus on actual solutions for connectivity?

Fabro Steibel: Thank you very much, we go for the last question.

Frode Kieling: Yes, I’m Frode Kieling from Telco, 200 million customers in Asia and in Nordic. I’m surprised about the panel here, we have just one side presented here, one view. So, next time I suggest to get some, we’ll talk about the challenges that the telcos and the ISPs see. Because the fundamental principle in Internet was that there was an equal share of traffic. I send as much traffic as I receive from you. And that was the founding principle. Today, it’s about maybe 70-80% of the traffic I’ve seen in some operations. It comes from a handful of big CDNs, Netflix, Google. and some others. So it’s very unbalanced. But the thing here is that the revenues for the telcos is sinking. And that is the perceived challenge that the telcos experience. And we see the revenues created on the content providers, like Netflix, is going straight up. But the infrastructure needs to be paid for. And there are three ways to do this. You can have network fees or you can break the net neutrality to get some extra revenues. And the third option is to lay all the costs on the customers. And that is an issue when you at the same time talk about the connected and unconnected. So what I hear from you, you want the customers to take all the costs.

Fabro Steibel: Yes, thank you. Sorry, we have nine minutes, so no time for new questions. Let’s go.

Pablo Barrionovo: Thank you. My name is Pablo Barrionovo from Telefonica. I think it would have been interesting to have a telecom operator seated in this table when talking about network fees. Sometimes the multi-stakeholder model is not so multi, I see. In my opinion, we may agree that we have a problem. There is a problem. And the problem is the sustainability of the model. And of course, it is always interesting to talk, to try to find solutions to the problems we have. But sincerely, I’m not sure that what has happened here today can be considered a dialogue. Thank you very much.

Fabro Steibel: Thank you. J.S., do you want to go for concluding remarks?

Kyung Sin Park: Well, I’ll answer one question. I don’t, I mean, I’ve read a lot on the principles of the Internet, but I’ve never heard about equal share of traffic. I mean, when, when, I mean, the ISPs don’t, I mean, there is no cost differential whether traffic is going one way or the other. I mean, there is no increase in cost. So, I don’t know why you think that there has to be, on any road, why should the data travel, you know, equal amount of data should travel both ways.

Thomas Volmer: I can comment on this one, the point about traffic ratios. I think it’s important to be addressed because it’s part also of the history of transit and interconnection negotiations. I think, historically, Internet traffic has been routed on a hot potato basis. That means that if you have, let’s say, a French network and an American network interconnecting on both sides of the Atlantic, if you’re the net sender, you’re dropping, let’s say the French is the net sender, you’re dropping the traffic to the American network in Paris, and the American network has to carry it long distance. And vice versa, if you’re sending from the US, the French has to carry it long distance. So, there used to be on multi-location interconnect, hot potato routing, a benefit to being a net sender and a disadvantage to being a net receiver. That’s why, oftentimes, on long distance networks, you have ratio settlements agreements, and I think that’s fine, as you said, you know, it’s okay to have those agreements. That’s why, you know, it’s a well-functioning market because you have deals that reflect the underlying economics. However, the modern Internet does not function like that, certainly not for content delivery. What we do with OpenConnect, for example, is the opposite of hot potato routing. It’s actually the equivalent of cold potato routing, meaning that we bring the traffic all the way next to the user, to those networks. 6,000 Open Connect locations around the world. And so when you’re on a cold potato routing, whether the traffic flows in and out locally to Oslo does not make a difference. And this is why for such agreements, agreements typically between CDNs and operators, there’s no ratio concerns. And they are just the bits flow freely on a settlement-free basis. But to your point, long distance, backbone network, tier one networks, they typically would enforce ratio agreements. But if it comes from a terminating ISP wanting to charge CDNs on the basis of ratio, then you almost always know that this is a fake argument and more like a network fee type of, hey, I want to exploit my termination monopoly and violate net neutrality doing it.

Fabro Steibel: Thank you. So we have Claudia online. We go to Costas and then to Claudia.

Konstantinos Komaitis: Just very quickly, and Thomas just literally talked about and KS responded to the traffic question. One of the things that really surprises me in this conversation is, especially when I hear about the traffic, is that we’re talking, yes, there is a change in traffic. But then no one continues to say, oh, but some companies have actually built data centers and content delivery networks to ensure that actually this traffic does not become burdensome for ISPs. And the other point, we are literally, both in Europe and in Brazil, we are hearing small ISPs telling large telco operators that they don’t want this, that this system is going to disadvantage them. And we continue to beat the same drum. There are five companies in Europe that continue to beat the same drum saying, oh my god, but yes, we used to be so big. And right now, we’re not as big as other companies. Well, I’m sorry. They had 20 years to invest. They had 20 years to innovate. And we have not seen that. Literally, we have not seen that, and I still cannot understand why we need to be excusing the lack of innovation and start moving money around just because we have telcos being extremely unhappy with not being as big as they used to be.

Fabro Steibel: Thank you, Kostas. Claudia, online?

Claudia Ximena Bustamante: Yes. Regarding the questions, I want to address first that the sustainability issues that the telco operator has can be addressed in different ways. In the different spaces that we share with them here in the LATAM region, they indicate that there are different ways that could help them to grow the networks and to have better solutions for the users. For instance, reducing spectrum licensing fees, reducing the taxes that they are being charged by different laws, and reducing or adjusting the obligations for specific coverage in far and difficult access regions. Those are measures that the government could take to help them grow and to have more focused services and investments in the region. For that reason, there is no one specific answer to the discussion that we are having with them. Another thing that I would like to mention is that the regulatory framework they could develop in an experimental way that need a flexibilization of some specific regulations in place. In that context, we could help them to develop new services, new process to have better quality of service and adjust and change our regulatory framework if it’s needed. For that reason, I think as a government institution, we need to have these kind of spaces and explore different approaches to help the ecosystem growth. And I think the discussion is not only for one specific solution, but have different ways. And of course, multinational, multilateral cooperation in forums like Regulatel, for instance, that is our LATAM forum for regulators, could help us to find these different approaches.

Fabro Steibel: We have five seconds. Thank you very much for your participation. Sorry, Tatiana. Thank you for the words.

Agreement points

Network fees lack evidence of market failure and are solutions in search of problems

Speakers

– Kyung Sin Park
– Tatiana Tropinem
– Konstantinos Komaitis
– Thomas Volmer

Arguments

Network fees are fundamentally flawed and create disasters in internet ecosystems, as demonstrated by South Korea’s experience with partial sender pay rules

Network fees proposals are solutions in search of a problem, with no evidence of market failure in various consultations

European telcos have been pushing network fees for years despite studies showing no market failure and well-functioning interconnection markets

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Summary

Multiple speakers agree that network fees are not justified by evidence and that current internet interconnection systems work well without regulatory intervention

Topics

Economic | Legal and regulatory

Network fees threaten net neutrality principles

Speakers

– Kyung Sin Park
– Konstantinos Komaitis
– Thomas Volmer
– Claudia Ximena Bustamante

Arguments

Net neutrality is essential for democratic participation and information revolution, preventing regression to telephony-style sender payment systems

Network fees would allow ISPs to prioritize traffic based on payment deals, undermining the principle that users should control content access

Network fees directly contradict net neutrality by creating tolls that limit user choice to content with special ISP deals

Net neutrality has been law in Colombia for 12 years, fostering innovation and open internet without discrimination

Summary

Speakers consistently argue that network fees would undermine net neutrality by giving ISPs control over content access and creating discriminatory treatment of traffic

Topics

Infrastructure | Human rights | Legal and regulatory

Multiple stakeholders invest in internet infrastructure, not just telcos

Speakers

– Kyung Sin Park
– Konstantinos Komaitis
– Thomas Volmer

Arguments

Content providers like Netflix invest heavily in CDNs and infrastructure, creating mutually beneficial relationships with ISPs

Multiple players invest in internet infrastructure including CDNs, cloud providers, and edge nodes, not just telcos

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Summary

Speakers agree that internet infrastructure investment is shared across multiple stakeholders, with content providers making significant investments in CDNs and other infrastructure

Topics

Infrastructure | Economic

Small ISPs oppose network fees

Speakers

– Rian Duarte
– Konstantinos Komaitis

Arguments

Small and medium ISPs in Brazil oppose network fees as they would disadvantage smaller operators

European telcos have been pushing network fees for years despite studies showing no market failure and well-functioning interconnection markets

Summary

Both speakers note that small ISPs are opposed to network fees, with only large telcos pushing for these mechanisms

Topics

Economic | Legal and regulatory

Similar viewpoints

Both speakers emphasize the collaborative nature of internet infrastructure management and the mutual benefits between content providers and ISPs through technical cooperation and shared investment

Speakers

– Kyung Sin Park
– Thomas Volmer

Arguments

Content providers like Netflix invest heavily in CDNs and infrastructure, creating mutually beneficial relationships with ISPs

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Topics

Infrastructure | Economic

Both speakers warn that network fees would fundamentally change the internet’s architecture and governance model, giving ISPs excessive control over content access and potentially fragmenting the global internet

Speakers

– Tatiana Tropinem
– Konstantinos Komaitis

Arguments

Network fees could fragment the internet by turning it into a telephone-like system requiring prior contracting

Network fees would allow ISPs to prioritize traffic based on payment deals, undermining the principle that users should control content access

Topics

Infrastructure | Legal and regulatory

Both speakers advocate for alternative policy approaches to address telecom sustainability concerns rather than implementing network fees

Speakers

– Claudia Ximena Bustamante
– Thomas Volmer

Arguments

Alternative approaches like reducing spectrum fees, taxes, and regulatory flexibility could better support telecom growth

Competition and pro-demand policies are more effective than network fees for stimulating investment and adoption

Topics

Economic | Legal and regulatory

Unexpected consensus

Evidence-based policy making approach

Speakers

– Claudia Ximena Bustamante
– Thomas Volmer
– Tatiana Tropinem

Arguments

Colombia is conducting comprehensive consultation to understand the ecosystem before determining if there’s a real problem requiring intervention

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Network fees proposals are solutions in search of a problem, with no evidence of market failure in various consultations

Explanation

Despite representing different stakeholder groups (regulator, private sector, civil society), these speakers all emphasize the importance of evidence-based decision making and comprehensive analysis before implementing policy changes

Topics

Legal and regulatory | Economic

Recognition of traffic management evolution

Speakers

– Claudia Ximena Bustamante
– Thomas Volmer
– Konstantinos Komaitis

Arguments

Traffic growth in Colombia has been normal (1.7 times in two years) due to local CDNs and compression advances

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Multiple players invest in internet infrastructure including CDNs, cloud providers, and edge nodes, not just telcos

Explanation

Speakers from different backgrounds acknowledge that modern internet architecture has evolved to handle traffic growth efficiently through technological advances and distributed infrastructure

Topics

Infrastructure | Economic

Overall assessment

Summary

There is strong consensus among most speakers against network fees, with agreement on lack of evidence for market failure, threats to net neutrality, and the collaborative nature of internet infrastructure investment. The main areas of agreement include opposition to network fees based on evidence, support for net neutrality principles, recognition of multi-stakeholder infrastructure investment, and preference for alternative policy approaches.

Consensus level

High level of consensus among the majority of speakers (6 out of 8 substantive speakers) opposing network fees, with only telecom industry representatives supporting them. This strong consensus suggests that network fees face significant opposition from diverse stakeholders including academics, civil society, regulators, content providers, and small ISPs. The implications are that network fees proposals may struggle to gain broad support in policy discussions, and alternative approaches to addressing connectivity and infrastructure challenges may be more viable.

Different viewpoints

Fundamental premise of network fees and traffic imbalance

Speakers

– Kyung Sin Park
– Thomas Volmer
– Frode Kieling

Arguments

Park: I don’t, I mean, I’ve read a lot on the principles of the Internet, but I’ve never heard about equal share of traffic. I mean, when, when, I mean, the ISPs don’t, I mean, there is no cost differential whether traffic is going one way or the other.

Volmer: However, the modern Internet does not function like that, certainly not for content delivery. What we do with OpenConnect, for example, is the opposite of hot potato routing. It’s actually the equivalent of cold potato routing, meaning that we bring the traffic all the way next to the user

Kieling: Because the fundamental principle in Internet was that there was an equal share of traffic. I send as much traffic as I receive from you. And that was the founding principle. Today, it’s about maybe 70-80% of the traffic I’ve seen in some operations. It comes from a handful of big CDNs

Summary

Kieling argues that the internet was founded on equal traffic sharing and current imbalances justify network fees, while Park and Volmer dispute this historical claim and argue that traffic direction doesn’t create cost differentials in modern internet architecture with CDNs and cold potato routing.

Topics

Infrastructure | Economic

Evidence of market failure and need for regulatory intervention

Speakers

– Tatiana Tropinem
– Konstantinos Komaitis
– Pablo Barrionovo
– Frode Kieling

Arguments

Tropinem: Network fees proposals are solutions in search of a problem, with no evidence of market failure in various consultations

Komaitis: European telcos have been pushing network fees for years despite studies showing no market failure and well-functioning interconnection markets

Barrionovo: In my opinion, we may agree that we have a problem. There is a problem. And the problem is the sustainability of the model.

Kieling: Telcos face revenue challenges while content providers’ revenues grow, creating sustainability concerns for infrastructure investment

Summary

Tropinem and Komaitis argue that consultations and studies show no market failure exists, while Barrionovo and Kieling contend there are real sustainability problems with telco revenues declining as content provider revenues grow.

Topics

Economic | Legal and regulatory

Multi-stakeholder representation in the debate

Speakers

– Pablo Barrionovo
– Frode Kieling
– Fabro Steibel

Arguments

Barrionovo: I think it would have been interesting to have a telecom operator seated in this table when talking about network fees. Sometimes the multi-stakeholder model is not so multi, I see.

Kieling: I’m surprised about the panel here, we have just one side presented here, one view. So, next time I suggest to get some, we’ll talk about the challenges that the telcos and the ISPs see.

Steibel: Brazil has done a consultation twice. We have evaluated all contributions and split from those supporting network fees and rejecting network fees. Basically, big telcos are one side, the others are in the others

Summary

Telecom representatives criticized the panel for being one-sided against network fees, while Steibel acknowledged the clear division between big telcos supporting network fees and most other stakeholders opposing them.

Topics

Legal and regulatory

Unexpected differences

Historical principles of internet traffic exchange

Speakers

– Frode Kieling
– Kyung Sin Park
– Thomas Volmer

Arguments

Kieling: Because the fundamental principle in Internet was that there was an equal share of traffic. I send as much traffic as I receive from you. And that was the founding principle.

Park: I don’t, I mean, I’ve read a lot on the principles of the Internet, but I’ve never heard about equal share of traffic.

Volmer: I think it’s important to be addressed because it’s part also of the history of transit and interconnection negotiations… However, the modern Internet does not function like that

Explanation

This disagreement was unexpected because it revealed fundamental differences in understanding internet history and technical architecture. Park, a law professor specializing in internet governance, directly contradicted Kieling’s claim about equal traffic sharing being a founding principle, while Volmer provided technical context about how modern CDNs have changed traffic patterns. This suggests deeper disagreements about the technical and historical foundations underlying the network fees debate.

Topics

Infrastructure | Legal and regulatory

Small ISP perspectives on network fees

Speakers

– Rian Duarte
– Frode Kieling

Arguments

Duarte: Small and medium ISPs in Brazil oppose network fees as they would disadvantage smaller operators

Kieling: Telcos face revenue challenges while content providers’ revenues grow, creating sustainability concerns for infrastructure investment

Explanation

This disagreement was unexpected because it revealed a split within the telecom sector itself. While Kieling represented large telco concerns about revenue sustainability, Duarte showed that small and medium ISPs (representing 60% of Brazil’s broadband market) actively oppose network fees, suggesting the issue is not universally supported across the telecom industry but may primarily benefit large incumbent operators.

Topics

Economic | Legal and regulatory

Overall assessment

Summary

The discussion revealed sharp disagreements on three main areas: whether network fees address a real problem or create new ones, the historical and technical foundations of internet traffic exchange, and the adequacy of multi-stakeholder representation in the debate.

Disagreement level

High level of disagreement with significant implications. The debate appears polarized between large telcos seeking new revenue streams and most other stakeholders (including small ISPs, content providers, civil society, and some regulators) opposing network fees. The disagreements go beyond policy preferences to fundamental questions about internet architecture, market functioning, and democratic participation in internet governance. This polarization suggests that compromise solutions may be difficult to achieve and that the debate will likely continue across multiple jurisdictions.

Partial agreements

Similar viewpoints

Both speakers emphasize the collaborative nature of internet infrastructure management and the mutual benefits between content providers and ISPs through technical cooperation and shared investment

Speakers

– Kyung Sin Park
– Thomas Volmer

Arguments

Content providers like Netflix invest heavily in CDNs and infrastructure, creating mutually beneficial relationships with ISPs

Internet traffic growth over 25 years has been sustainable through collaborative stakeholder management

Topics

Infrastructure | Economic

Both speakers warn that network fees would fundamentally change the internet’s architecture and governance model, giving ISPs excessive control over content access and potentially fragmenting the global internet

Speakers

– Tatiana Tropinem
– Konstantinos Komaitis

Arguments

Network fees could fragment the internet by turning it into a telephone-like system requiring prior contracting

Network fees would allow ISPs to prioritize traffic based on payment deals, undermining the principle that users should control content access

Topics

Infrastructure | Legal and regulatory

Both speakers advocate for alternative policy approaches to address telecom sustainability concerns rather than implementing network fees

Speakers

– Claudia Ximena Bustamante
– Thomas Volmer

Arguments

Alternative approaches like reducing spectrum fees, taxes, and regulatory flexibility could better support telecom growth

Competition and pro-demand policies are more effective than network fees for stimulating investment and adoption

Topics

Economic | Legal and regulatory

Key takeaways

Network fees are fundamentally flawed solutions seeking problems that don’t exist, with no evidence of market failure found in consultations across Europe, Latin America, and other regions

South Korea’s implementation of partial sender pay rules in 2016 serves as a cautionary example, resulting in 8-10 times higher transit prices than other countries and driving services like Twitch to exit the market

Network fees directly undermine net neutrality principles by allowing ISPs to prioritize traffic based on payment deals rather than user choice, potentially fragmenting the internet into a telephone-like system

The internet’s current interconnection model is well-functioning, with multiple stakeholders (content providers, ISPs, CDNs) collaboratively investing in infrastructure through mutually beneficial relationships

Content providers like Netflix invest heavily in their own infrastructure (over $1 billion in CDNs with 6,000 server locations globally), reducing network burden through local content delivery

Small and medium ISPs oppose network fees as they would create disadvantages for smaller operators, with Brazil’s 20,000+ small ISPs holding 60% of the broadband market strongly opposing such measures

Alternative solutions exist for telecom sustainability concerns, including reducing spectrum fees, taxes, regulatory flexibility, and pro-competitive policies rather than forced money transfers between private actors

Resolutions and action items

Colombia will publish results of their comprehensive internet ecosystem consultation in the coming month to determine if regulatory intervention is needed

Colombia’s regulator will review their net neutrality regulatory framework following a Constitutional Court decision on differentiated service plans

Brazil’s parliament is pushing forward with law proposals to prohibit network fee practices

Continued monitoring and evidence-gathering on internet interconnection markets to inform policy decisions

Unresolved issues

The fundamental disagreement between telcos claiming revenue sustainability problems and other stakeholders arguing no market failure exists

How to address legitimate infrastructure investment needs without implementing harmful network fee mechanisms

The lack of transparency in private interconnection agreements covered by NDAs, making it difficult to assess true market dynamics

Balancing the need to connect the unconnected with concerns about creating new financial barriers through network fees

The ongoing shift in undersea cable ownership from traditional telcos to content providers and its implications for internet governance

How to ensure multi-stakeholder representation in policy discussions, as telcos felt underrepresented in this particular panel

Suggested compromises

Exploring alternative regulatory approaches such as experimental frameworks that allow flexibility in specific regulations to help telecom growth

Implementing targeted subsidies for infrastructure development rather than forced private-to-private money transfers

Focusing on pro-competitive policies and demand-side stimulation rather than supply-side taxation

Addressing telecom sustainability through government policy changes (reducing spectrum fees, taxes, coverage obligations) rather than network fees

Developing transparent, evidence-based approaches through comprehensive market studies before implementing any regulatory changes

The sender payroll exactly undercuts this pro-democratic effect of the internet by taxing people for speaking online… Fight for net neutrality is not just to fight to continue information revolution, but also not to regress back to the world of telephony or postage, where the sender, whoever is speaking, has to pay the cost of delivering their messages.

Speaker

Kyung Sin Park

Reason

This comment reframes the entire network fees debate from a technical/economic issue to a fundamental democratic rights issue. By connecting network fees to freedom of expression and comparing it to authoritarian control of information, Park elevates the stakes of the discussion beyond mere business models to core democratic values.

Impact

This framing influenced the entire panel’s approach, with subsequent speakers like Fabro explicitly connecting network fees to freedom of expression issues. It established the moral and political foundation that other panelists built upon throughout the discussion.

So when this happens, you think that, oh, okay. So, today, Naver has a domestic platform, Naver has a game platform, so they should welcome this, because now one competitor is eliminated. No, Naver also opposes this law, because they know that if this law is accepted, it will consolidate the system where the content providers always have to pay to send traffic.

Speaker

Kyung Sin Park

Reason

This insight reveals the counterintuitive reality that even companies that might benefit from network fees in the short term oppose them because they understand the systemic damage. It demonstrates sophisticated strategic thinking about long-term consequences versus short-term gains.

Impact

This comment shifted the discussion from a simple ‘big tech vs. telcos’ narrative to a more nuanced understanding of how network fees create systemic problems that even potential beneficiaries recognize as harmful. It influenced later speakers to focus on systemic rather than partisan concerns.

Moving money from one private actor to another is really not a good idea. It’s actually a pretty lazy idea, if you think about it… Any proposal now that suggests a forced subsidy from one part of the Internet’s value chain to another through undue… The European Commission should really focus more on incentivizing investment in innovation rather than trying to transform the way those networks interconnect.

Speaker

Konstantinos Komaitis

Reason

This comment cuts through complex technical arguments to expose the fundamental policy flaw: network fees are essentially forced wealth transfers between private companies without addressing underlying issues. The characterization as ‘lazy’ policy is particularly provocative and memorable.

Impact

This framing influenced subsequent speakers to focus on alternative policy solutions rather than defending against network fees. It shifted the conversation from reactive defense to proactive policy alternatives, with later speakers like Claudia discussing spectrum fees and regulatory flexibility as better approaches.

The traffic is not created by the online services. It is requested by internet users. It is this traffic that those very users already pay for in the internet subscription and just as online service pays for their own internet access to send it. So to put it simple, there is no service free riding on the internet because data access and fees have already been paid.

Speaker

Tatiana Tropinem

Reason

This comment fundamentally challenges the core premise of network fees by reframing who ‘generates’ traffic. It’s a crucial conceptual clarification that exposes the logical fallacy underlying the entire network fees argument.

Impact

This reframing became a central theme that other panelists referenced and built upon. It provided a clear, simple counter-narrative to the ‘traffic generator’ argument that telco representatives later tried to defend, creating a clear conceptual battleground for the debate.

Nobody buys a broadband connection to see the little blinking lights on their router. Well, actually, maybe I do. I like to have a super fast fiber at home in Paris and see those light blink really, really fast. But I don’t think that’s the majority of people.

Speaker

Thomas Volmer

Reason

While humorous, this comment makes a profound economic point about demand creation and value chains. It illustrates how content drives infrastructure demand, not the reverse, which directly contradicts the logic of taxing content providers to fund infrastructure.

Impact

This comment provided a memorable way to understand the economic relationship between content and infrastructure, influencing the discussion toward demand-side solutions rather than supply-side subsidies. It helped crystallize the counterintuitive nature of taxing the very thing that drives infrastructure demand.

I’m surprised about the panel here, we have just one side presented here, one view… the fundamental principle in Internet was that there was an equal share of traffic. I send as much traffic as I receive from you. And that was the founding principle. Today, it’s about maybe 70-80% of the traffic… comes from a handful of big CDNs

Speaker

Frode Kieling

Reason

This comment introduced genuine opposition perspective and challenged the panel’s composition, forcing panelists to address the strongest version of the pro-network fees argument. The claim about ‘equal share’ as a founding principle was particularly provocative as it challenged historical narratives.

Impact

This intervention forced the panel to engage with the strongest counter-arguments rather than debating among themselves. It led to Park and Volmer providing detailed technical rebuttals about internet history and modern CDN architecture, elevating the technical sophistication of the discussion and exposing weaknesses in the telco argument.

But the thing here is that the revenues for the telcos is sinking… And we see the revenues created on the content providers, like Netflix, is going straight up. But the infrastructure needs to be paid for. And there are three ways to do this. You can have network fees or you can break the net neutrality to get some extra revenues. And the third option is to lay all the costs on the customers.

Speaker

Frode Kieling

Reason

This comment starkly frames the telco perspective as a zero-sum game and explicitly connects network fees to net neutrality violations. The honesty about breaking net neutrality as an option is particularly revealing and thought-provoking.

Impact

This comment forced panelists to address the economic sustainability concerns directly rather than dismissing them, leading to more nuanced responses about alternative policy solutions. It also made explicit the connection between network fees and net neutrality violations that had been implicit throughout the discussion.

Overall assessment

These key comments fundamentally shaped the discussion by establishing it as a debate about democratic values and systemic internet governance rather than merely technical or economic issues. Park’s framing of network fees as threats to democratic communication set the moral stakes, while technical interventions from industry representatives forced the panel to engage with the strongest counter-arguments. The most impactful comments either reframed fundamental assumptions (like who ‘generates’ traffic) or forced participants to address uncomfortable truths (like the economic pressures on telcos). The discussion evolved from a somewhat one-sided presentation to a more robust debate when challenged by telco representatives, ultimately demonstrating both the strength of the anti-network fees arguments and the genuine economic concerns driving the pro-network fees position. The interplay between these provocative comments created a more comprehensive and nuanced exploration of the issues than would have occurred without such challenges.

How do we ensure that global network fee models do not create new financial barriers for African-owned networks, content creators, and users trying to participate in the digital economy?

Speaker

Louvo Gray

Explanation

This addresses the specific impact on Africa’s urgent need to expand affordable internet access to over 1 billion unconnected people, considering the shift in undersea cable ownership from traditional telecoms to content creators.

What else can be done to overcome the network fees debate so we can focus on actual solutions for connectivity?

Speaker

Rian Duarte

Explanation

This seeks practical steps to move beyond the ongoing debate toward addressing real connectivity challenges, particularly relevant given Brazil’s rich ISP ecosystem.

How can the multi-stakeholder model be improved to ensure genuine representation of all perspectives, including telecom operators?

Speaker

Pablo Barrionovo

Explanation

This highlights concerns about balanced representation in policy discussions, suggesting the current panel lacked telecom operator perspectives.

What are the results of Colombia’s consultation on the Internet ecosystem and how will they inform policy decisions?

Speaker

Claudia Ximena Bustamante

Explanation

Colombia’s regulator indicated results would be available next month, which could provide important evidence for Latin American policy decisions on network fees.

How will Colombia’s Constitutional Court decision on net neutrality affect the regulatory framework for differentiated plans and network fees?

Speaker

Claudia Ximena Bustamante

Explanation

The court ruled against ISP-chosen differentiated plans, potentially requiring updates to Colombia’s net neutrality regulatory framework.

What alternative solutions exist to address telecom sustainability concerns without implementing network fees?

Speaker

Claudia Ximena Bustamante

Explanation

This explores various approaches mentioned by telcos including reducing spectrum fees, taxes, and coverage obligations, as well as regulatory flexibility for experimental services.

How can dispute resolution mechanisms be prevented from becoming backdoor network fees?

Speaker

Konstantinos Komaitis

Explanation

This addresses the concern that Europe is shifting from direct network fees discussions to dispute resolution mechanisms that could achieve the same result.

What will be the long-term sustainability of forcing big tech companies to pay telcos, and when might they choose to become ISPs themselves?

Speaker

Konstantinos Komaitis

Explanation

This explores potential market concentration risks if large technology companies decide to provide their own internet access rather than pay network fees.

Summary

This discussion focused on integrating UNESCO’s Internet Universality Indicators (IUIs) into Schools of Internet Governance (SIGs) curricula. The session brought together representatives from UNESCO, various SIGs, and other stakeholders to explore collaboration opportunities.

Participants discussed the importance of multi-stakeholder involvement in both IUI assessments and SIGs. They highlighted the value of SIGs as platforms for diverse stakeholder engagement and capacity building in internet governance. The potential of using IUIs as a framework for SIG curricula was explored, with suggestions to incorporate IUI concepts into existing modules or create dedicated sessions.

Several challenges were addressed, including the time-consuming nature of IUI assessments and the need for specialized knowledge to facilitate IUI-related content. Participants proposed solutions such as creating simplified simulations or using imaginary countries for educational purposes. The importance of balancing technical and social aspects of internet governance in SIG curricula was emphasized.

The discussion also touched on the role of civil society organizations in promoting digital inclusion and rights-based approaches. Participants shared experiences from different regions, highlighting the adaptability of both IUIs and SIGs to various contexts.

Key outcomes included suggestions for developing guidelines on integrating IUIs into SIG curricula through the Dynamic Coalition on Schools of Internet Governance. Participants agreed on the need for continued collaboration between UNESCO and SIGs to enhance internet governance education and promote the use of IUIs globally.

Keypoints

Major discussion points:

– Integrating Internet Universality Indicators (IUIs) into Schools of Internet Governance (SIGs) curricula

– Challenges and opportunities of conducting IUI assessments at national levels

– The importance of multi-stakeholder participation in both SIGs and IUI processes

– Ideas for simulating IUI assessments as learning exercises in SIGs

– Potential for collaboration between the IUI and SIG communities

Overall purpose/goal:

The discussion aimed to explore ways to incorporate UNESCO’s Internet Universality Indicators framework into the curricula and activities of Schools of Internet Governance, in order to enhance understanding of internet governance issues and promote multi-stakeholder approaches.

Tone:

The tone was collaborative and constructive throughout. Participants were enthusiastic about the potential for cooperation between the IUI and SIG communities. There was a sense of excitement about new ideas being proposed, balanced with pragmatic considerations about implementation challenges. The tone remained positive and solution-oriented as participants worked to identify concrete next steps.

Speakers

– Anriette Esterhuysen: Convener of the African School of Internet Governance, collaborator with UNESCO on Internet Universality Indicators revision

– Olga Cavalli: Involved with European Summer School on Internet Governance and South School on Internet Governance

– James Kunle Olorundare: President of Internet Society Nigeria, involved with Nigerian School on Internet Governance

– Tatevik Grigoryan: UNESCO, leads activities on ROAM-X IUI and coordinates Dynamic Coalition on Internet Universality Indicators

– Avri Doria: Dynamic Coalition on Schools of Internet Governance

– Ariunzul Liijuu-Ochir: Led IUI assessment in Mongolia, works with ADINA Equal Opportunity NGO

– Sandra Hoferichter: European Summer School on Internet Governance

– Fabio Senne: Brazil, NIC.br

– Ileleji Poncelet: Lead researcher for IUI assessment in Gambia

– Abdelaziz Hilali: From Morocco, involved with North African School of Internet Governance

Additional speakers:

– Luis Martinez

– Dr. Jose Fisata

Revised Summary: Integrating Internet Universality Indicators into Schools of Internet Governance

Introduction

This discussion brought together representatives from UNESCO, various Schools of Internet Governance (SIGs), and other stakeholders to explore opportunities for integrating UNESCO’s Internet Universality Indicators (IUIs) into SIG curricula. The session aimed to enhance understanding of internet governance issues and promote multi-stakeholder approaches through collaboration between the IUI and SIG communities.

1. Overview of Internet Universality Indicators (IUIs)

Tatevik Grigoryan from UNESCO explained that the IUI framework is based on the ROAM-X principles: Rights, Openness, Accessibility, Multi-stakeholder participation, and Cross-cutting issues. The framework has been implemented in over 40 countries and provides a comprehensive tool for assessing internet development at the national level. Grigoryan also mentioned recently launched enhanced indicators and her coordination of the Dynamic Coalition on Internet Universality Indicators.

2. Potential Integration of IUIs into Schools of Internet Governance (SIGs)

Participants broadly agreed on the benefits of incorporating IUIs into SIG curricula. Anriette Esterhuysen, convener of the African School of Internet Governance, shared their experience with integrating IUIs, emphasizing that SIGs are an excellent platform for promoting and implementing the framework. Olga Cavalli, involved with the European and South Schools on Internet Governance, suggested that integrating IUIs could enhance content and student learning.

James Kunle Olorundare described the Nigerian School on Internet Governance’s approach, which includes virtual sessions and colloquiums. He proposed making IUIs a specific module in SIG curricula. Sandra Hoferichter from the European Summer School on Internet Governance suggested using simulations of IUI assessments as learning exercises, proposing the use of imaginary countries to avoid potential political sensitivities. This idea received positive responses from other participants.

3. Multi-stakeholder Collaboration in Internet Governance

The importance of multi-stakeholder collaboration was a recurring theme. Olga Cavalli noted that SIGs help create networks between diverse stakeholders. Anriette Esterhuysen acknowledged that involving government representatives in SIGs is important but takes time. James Kunle Olorundare suggested that National Internet Governance Forums can facilitate multi-stakeholder collaboration. Tatevik Grigoryan emphasized that the IUI framework itself fosters multi-stakeholder cooperation and discussions.

4. Challenges and Opportunities in Implementing IUIs

Participants discussed various challenges and opportunities associated with implementing IUIs. Fabio Senne from Brazil noted that while first IUI assessments can be time-consuming, subsequent ones become easier, highlighting the importance of follow-up assessments. Poncelet Ileleji, lead researcher for the IUI assessment in Gambia, highlighted the difficulty of obtaining data from government agencies.

James Kunle Olorundare emphasized the crucial role of multi-stakeholder advisory boards for successful IUI implementation. Tatevik Grigoryan explained that UNESCO provides technical support and capacity building for IUI assessments, addressing concerns about expertise and capacity. Abdelaziz Hilali from the North African School of Internet Governance pointed out that IUIs can help address basic connectivity issues in underserved regions. Ariunzul Liijuu-Ochir, who led the IUI assessment in Mongolia, highlighted the important role of NGOs in implementing IUI recommendations.

5. Future Considerations and Action Items

Several key takeaways and action items emerged from the discussion:

1. Develop guidelines for integrating IUIs into SIG curricula, as suggested by Olga Cavalli

2. Explore the creation of simulations using imaginary countries for IUI assessments as learning exercises in SIGs

3. Use the Dynamic Coalition on Schools of Internet Governance to facilitate collaboration between SIGs and the IUI framework

4. Consider including IUIs as a specific module in SIG programmes

5. Address challenges in streamlining the IUI assessment process and obtaining data from government agencies

6. Explore the development of specialized thematic SIGs for specific internet governance topics

7. Balance core SIG curriculum with regional focus areas and emerging topics

Conclusion

The discussion demonstrated strong interest in collaboration between the IUI and SIG communities to enhance internet governance education and promote the use of IUIs globally. Participants were enthusiastic about the potential for cooperation and proposed several concrete steps for moving forward. The overall tone was collaborative and constructive, with a focus on finding practical solutions to integrate IUIs into SIG curricula and activities, ultimately aiming to improve internet governance education and assessment processes worldwide.

Anriette Esterhuysen: Okay, let’s see. Hi everyone, we’ll just open the event and then I’ll hand over. My name is Anriet Esterhuyzen, can you all hear me? And I guess I’m kind of, I’m from the Association for Progressive Communications, but I’m actually the convener of the African School of Internet Governance, and I have had the privilege of collaborating with UNESCO and CETIC and NIC.br in the revision of the Internet Universality Indicator, so I should be sitting in the middle. So, as you probably all know that this Dynamic Coalition session is being co-organized by two Dynamic Coalitions. You know what has happened here, why I have a weird expression on my face is that my channel switched to another workshop. Let me take this off. So the background to this session is that two Dynamic Coalitions are co-organizing it. The Internet Universality Dynamic Coalition, which was established in 2021, I think, launched at the Poland IGF, which is made up of a community of stakeholders from countries that have applied or would like to apply the UNESCO Internet Universality Indicators, which is a self-organized bottom-up framework for assessing the state of Internet universality at a national level that was launched by UNESCO in 2018. And then the other Dynamic Coalition that is organizing this session together is the Dynamic Coalition… on schools of internet governance and on this note I’m actually going to hand over to Olga and James and James is the co-facilitator of Tatavic and they will tell you more about the session and what to expect. So over to the SIG side of the SIG of the DC.

Olga Cavalli : Thank you very much Henriette and thank you very much for the for allowing us to do this co-hosted workshop of these two dynamic coalitions. I think they perfectly match. I started with one Euro SIG leaded by professor Wolfgang Klangwächter and Sandra Hoffenrichter. That was the first one almost 20 years so far. Yes and then we started in Latin America with the South School on Internet Governance. We will organize our 17th but after that there are many other initiatives. The African School of Internet Governance that has been organized for 10 years, 11 years and then many other national initiatives like the Brazil Internet Governance. I saw our colleague from Brazil over there and some other. I will hand out to James to speak more in especially in Africa. There are several national initiatives. I was invited to speak at the Afghanistan School on Internet Governance two weeks ago. I woke up at 2 a.m. and in my home Buenos Aires to participate. I was really very honored to be invited to share our experiences which is the purpose of the schools is to train about all aspects related with Internet Governance and fundamentally open the door to people who are not so much included in this community, explain which are the policy issues, the technical concepts that they must have and which are the spaces where they can participate so they can bring home in relation with their own interests what is important to have in mind at the national or regional level and also what we have learned and I think other colleagues from other SIGs should know is the fantastic network that is created in between the fellows and fellows and experts and I will hand over to James maybe he can share with us some comments.

James Kunle Olorundare: All right thank you very much Olga and I think it’s a pleasure to to be here on this session and I’m so much excited about the school on internet governance. One thing that I’m so much happy about the school is the fact that we are able to do capacity you know development and that has been one of the pedestals through which we’re able to reach out to other stakeholders especially when it comes to issue of internet governance and in Africa a lot of school has sprung up a very good example is of course the Nigerian school on internet governance. We had a fifth session you know this year and of course we’ve been we’ve been consistent with that and apart from that I know that other schools you know abounds in Africa another one is the Ghanaian school on internet governance. I know about the Kenya school on internet governance that is from the east eastern parts of Africa and yesterday I think my colleague from Niger was also in the annual meeting and he shared his experience that is Nigerian school on internet governance. As a matter of fact I see a link between you know by the way I’m from internet society I’m the president of internet society in Nigeria so I see a link between you know internet society to a large extent and the school because we observe that that is a very good initiative for us to push you know capacity building and that has been working. I’ll give you an example take for example last year after the school in Nigeria what we normally do is that we tell the fellows look it is not just about acquiring the knowledge what do you do with the knowledge you need to start to engage within the ecosystem and I think that is very important that should be one of the takeaways for each and every one of us after you know the school just let the fellows lose let them start to engage within the ecosystem that is one of the things we normally in fact we I’m thinking now that probably we’re going to make it like a model in our curriculum to see how we can showcase some of those niches, some of those ecosystems where they can start to engage within the bigger internet space. And I think that’s helped us last year, because the feedback I’m getting. And as a matter of fact, I now observe that that may be a very good indicator for us to have feedback. OK, how much engagement have you had even within the last one year after you’ve been a fellow, after you’ve come out of the School on Internet Governance? So last year, I observed that some of our fellows that we advised that, look, you need to engage. It’s also a matter of just acquiring certificate. No. It’s about using that knowledge within the ecosystem. I observed that some of them have started engaging within the ecosystem, and we’re getting a very good report from their performances. And even this year, I think this year we had a session in October. And after that, this December, October, November, December, after that, we’ve started getting information about the kind of engagement they’ve been involved in. And some of them have been organizing events on cybersecurity, talking about child online safety, human rights issues, and so on and so forth. How I got to know is based on the fact that in most of those events, they do send invitations to me, oh, please, can you come and attend that event? Although I may not be able to attend all the events, but I think that feedback mechanism has shown me that, OK, look, I think the school is working. And I believe that this is one of the things that probably we need to take away from this session, that, OK, even after the school, the fellows, well, we call them fellows in NSIG. I wouldn’t know if there’s any other parlance that is being used in other jurisdictions. The fellows should engage in the industry, within the ecosystem. And even in the IGF space, I believe that some of them should be around here to have conversations on some of those hot topics, which I think is going to be a way of advancing the same conversation all about internet governance. So without wasting time, I think this afternoon, we’re going to be having conversations about the school. And of course, we want to see how we can now synergize between the school coalition and the IUI. And for me, I think we should start to think about… how we can integrate some of the IUIs, you know, as part of the modules that can be, you know, taught in the school. As a matter of fact, when we were having our discussion yesterday, you remember that I made mention of the fact that, okay, we should be looking at, okay, IUI being a module as part of the school. However, since we are trying to look at, okay, there are national schools, there are regional schools, you know, we are thinking there should be some form of handshake, right? So maybe we have, like, primary modules, right? So but what I’m not too sure of now is this IUI module that I’m proposing, I don’t know probably if it should be part of the primary module, or probably maybe something that we need to take a second look at, okay, this should be around it. So I think that’s some of the things we need to, you know, have conversations on. So let me open the floor, right?

Anriette Esterhuysen: I think Tatevic is next.

Avri Doria: If I may, if I may jump in, this is Avri. Yes, just very glad that you’re, that the two groups came together. As far as the agenda goes, just to let people know, having done these quick introductions, the first thing was to get a quick introduction to IUI, which Tatevic will go. And then there were basically two discussions planned on the agenda. The first one is to talk about existing teaching experience. So this is something, for example, Henriette has done, Ariunzo, if I’ve pronounced it correctly, has also done. And then a roundtable of those of you that are there and online, of anyone that has been teaching it, or has been looking at it. And then go into looking at curricula and IUI, and how we fit that in. And then Aga will lead off that discussion, with Henriette leading off the one before. And then again, going to a roundtable. So at this point, I’d really like to pass it off to Tatevik and thank you all for the introductions. Thank you all for having come to this joint. I’m really quite excited that it was able to come together. Thank you.

Tatevik Grigoryan: Thank you very much Avri and James and Olga for the introduction and Avri for the clarification. As Avri mentioned, my name is Tatevik Krikorian and I work for UNESCO. I am leading the UNESCO’s activities on ROAM-X IUI as well as I’m coordinating the Dynamic Coalition on the Internet Universality Indicators. I’m very happy that we could come, these two Dynamic Coalitions could come together to discuss what I see as a further cooperation or we are already cooperating with, working with some schools, including Africa School on Internet Governance. But I wanted to give a quick introduction on the ROMEX very quick because our Dynamic Coalition is basically based on Internet Universality of ROMEX Indicators. We basically provide, including through this Dynamic Coalition, provide this tool for analysis on Internet development as well as we use it as a method sort of to foster multi-stakeholder cooperation and discussions and contributions. Very quickly, why we’re using, why do we have this tool? It was following UNESCO’s governing body decision endorsement of Internet Universality and its four principles which state that the Internet should be based on rights, should be open and accessible to all. and nurtured and governed by multi-stakeholder participation and following the endorsement of these principles we then created this framework but then we thought that in addition to these principles an important issue is the cross-cutting issues that we should consider such as gender equality safety and security online and so we did that and added the x category which is stands for cross-cutting issues so this framework what is this framework this framework is a set of indicators based on these principles and thematic areas in each principle which help the stakeholders that use the framework to assess the development of their internet development at the national level without doing any ranking or any comparison to see where the gaps are and where it is in the country at the national level and all of this is happening under together with the multi-stakeholder advisory board which is set up at the initial stage of the assessment that brings together different diverse stakeholder groups, government, private sector, civil society organizations, academia to contribute to the research and then at a later stage to validate it so this is how the final product work looks like following the completion of the assessment I must say that the IUI’s have been conducted in over 40 countries and you can see the distribution for region and countries. Countries, I think the leading region is Africa. So far, 17 African countries have done the assessment with support from UNESCO and Kenya being one of the first country to do a follow-up second assessment to see and monitor the progress. So we’ve had this framework since 2018. And as we reached the, which was when we reached the five-year mark and it was already envisaged that UNESCO started the revision process to make sure that the indicators remain relevant to incorporate the lessons learned from all these countries, make sure that both the relevance and more faster implementation of the IUIs implementation and then publication and to see and incorporate this new thematic area. So we initiated the work and we worked together with CETIC.br and NIC.br and we have Fabio and the critical role in meeting together with UNESCO the revision process. We have Anette who has been essential. She was the member, she was managing the project when we initially were creating the IUIs and also she’s been in the steering committee for the revision. And of course she’s been doing lots of other things to support and promote both the revision and the framework. So after wide consultations, public consultations and also targeted interviews. I’m very happy to say that last year, not last year, sorry. On Sunday, we launched the enhanced indicators and you can see, unfortunately or fortunately, the indicators were really popular, so we ran out of copies, but I’m more than happy to share the link with you. I am cautious of time, but just to give you a look of some key figures here, we maintain the ROAM-Xprinciples and indicators as the basis because they remain relevant, they remain essential, but we reduced the number of indicators and the questions. You can, here you can see, and share with you and on this slide, I’m just demonstrating the creation of two new topics, advanced digital technologies, mainly focusing on AI and also. And of course, my contact number, I’m happy to liaise and give more information. I think my presentation of the IUIs end here, but I continue with the conversation. I’d like to give the floor now to Agnieszka. I gave a very brief introduction to Agnieszka, but in addition to what I’ve mentioned already, And yet, we’ve been also working with Andiette. She’s the convener of the African School on Internet Governance. And I think it’s been the second year, Andiette, no, no, since you talk about, since we have IUI, no? At least it’s the second year for me. Just ask me the question. Okay. I’ll answer that question, but ask me the question in the agenda. I think you have the question. I just basically wanted to speak. We’ve been, we had the IUIs in the, I’m just trying to stop my presentation, stop sharing. Yes.

Anriette Esterhuysen: So the question is, well, I’ll answer the question. So the question is how, you know, what have we learned from this, in the case of the African context, and I think we’ll have the same question going to Brazil, from having this kind of collaboration between the IUIs and the school. And I think, Tadevic, something that didn’t occur to me until right this minute is that, in fact, the collaboration goes back to before the IUIs existed. And I think in that sense, at AFRICYC, we actually are fairly privileged in that way because when the Rome X, so UNESCO, as Tadevic explained, the indicators are based on these principles of internet universality, which actually emerged from the IGF. And I think that’s something UNESCO brought to the Internet Governance Forum in 2013. Initially, that was the first public exposure of the idea of rights, openness, accessibility, and multi-stakeholder being core principles for internet universality. The internet governance community liked the idea, and UNESCO then worked with it, and they convened this huge big event in Paris in 2015, where people from all over the world could participate, a little bit like NetMundial in 2014, they could submit textual inputs, and they could also participate in the event to take these principles and work with them as a framework for actually collaborative assessment of where are we going with the internet? Are we moving towards more internet universality or less, but at a national level? And because the African school, I think it was in 2015 that UNESCO first used the African school as a platform for sharing. Schools of IG, a useful platform for UNESCO in this case, but I think it applies to other people as well. It’s a platform where you get a cross-section, as James was saying, it’s a cross-section of people from different stakeholder groups. They are intergenerational. Some are professionals. I see James there, we have a senior government official from Zimbabwe, who’s an alumni of AFRICIC, and we have people that are starting their careers as well. It gives you that opportunity, and because it’s smaller than a whole IGF, you’re able to have, I think, more focused discussion. I think one of the things that then emerged when we developed the indicators was that rights, openness, accessibility, and multi-stakeholder are not enough. X, the cross-cutting issues. There are so many and they’re so important. Gender equality, children’s rights, security and safety and stability. I think now I’m looking there at Fabio, we’re looking at artificial intelligence and emerging technologies, climate change. The number and the range of cross-cutting issues also are growing. There again, I think, the schools of Internet governance gives UNESCO an opportunity to get feedback on the way you’re thinking about this. Then I think the big learning really is that, I think we’ve learned in the schools of Internet governance that convening a multi-stakeholder event is not easy. You need to do it with care, with thought. We use devices such as some of us use the idea of the practicum, where you have role-play or negotiated output from the different stakeholders. Some schools of Internet governance use small group discussions. But I believe they are extremely powerful in breaking through the gloss, the veneer, the surface, the kumbaya surface of the wonderful multi-stakeholder process. I think in schools of Internet governance, where people are in a safe, small, more Internet space, you get a much better understanding. of the tensions that are between stakeholder groups, the different interests, the different understandings. And because the indicators are so deeply committed to strengthening the multi-stakeholder process, I think that’s also very useful for the multi-stakeholder process. For the indicators, sorry.

Tatevik Grigoryan: I think, yes, you made references, but you talked about how SIGs are an excellent platform for the IUIs, which we acknowledge and appreciate a lot. How about you reflect on the other way around?

Anriette Esterhuysen: The schools for the IUIs?

Tatevik Grigoryan: The IUIs for schools.

Anriette Esterhuysen: The IUIs have been useful for schools, and I think maybe that responds quite a bit to the second question, which is how can we use the Internet Universality Indicators as we think and plan and evolve our curriculum? I think one of the challenges, I can speak for AFRI-SIG, a little bit for EUROSIG, because I sometimes am faculty, sometimes at the North African school as well, but I think in the schools, we have to respond to a change in context. The Internet governance environment isn’t static, and the challenges that we face and that we try to address with Internet governance evolve as well. I’m not sure how many schools of IT are dealing with climate change. In AfriSIG, we’ve started for the last few years adding a module on Internet governance and environmental sustainability, for example. I think the role X-Principles gives us is a framework to look at how we balance that fairly technical baseline curriculum that we need to keep doing well, how the Internet works, how Internet governance takes place, where and by whom, what kind of decision and how to participate, with more of the social implications, the social environmental challenges that digitalization of the Internet addresses. I think for us in AfriSIG, we’ve always had a very strong focus on digital inclusion and rights, but I think that rights, openness, multistakeholder accessibility, it’s a useful checklist. Now, for example, if you look at openness, openness involves competition. Competition is trade. I mean, for this year at AFRICEC, we focused on the African Union’s African Continental Trade Area’s digital protocol, supposed to make it much easier for African businesses trade across borders, deal with data flows across borders, but in ways that do not violate national sovereignty or security or personal data protection. And I think it’s that sort of broad overview that invites openness, accessibility, and multi-stakeholder, plus the cross-cutting, that for us has been quite a useful frame of reference. Even if we don’t use it always consciously, I think it creates a useful frame of reference for assessing whether your school’s curriculum is succeeding in balancing and combining both the more traditional IG topics and the emerging IG topics, but also allows you to localize them, to approach your curriculum in a way that is not imported from somewhere else, but that is relevant to your region and to the people in your school. So for us, that I think has been quite useful. And the partnership for UNESCO has been useful in that respect. So just having the UNESCO staff in the room is useful as well. Thank you very much, Annette. And it’s very delightful to be in the same room with all these wonderful people from diverse backgrounds. And actually now, thank you for that comprehensive remarks. I wanted to, we talked about the multi-stakeholderism, I wanted to turn to Adil Zuhl, who not only has led, who is joining us online, she not… only led the IUI assessment in Mongolia, but I wanted her to bring the viewpoint from the NGO. She’s working on ADINA, Equal Opportunity NGO, and I just wanted to ask you, Agyemzul, to give your experience in an NGO-led efforts to promote digital inclusion and right-based approaches, and I wanted you to reflect, please, on why do you think the promotion of IRS rule, the schools of the Internet governance, could be important for NGOs? Agyemzul, can you hear us? Is she unmuted? I see that she is online, but I see that her microphone is still muted, as is her camera. Adi, can you unmute your camera to speak, please? Okay, I think perhaps, in the interest of time, we could move to the next speaker while she would try, perhaps, to solve the issue, yes? Last call, Agyemzul.

Ariunzul Liijuu-Ochir: Oh, oh, sorry, I was unmuted, and now I think it’s working.

Anriette Esterhuysen: Did you, did you hear?

Ariunzul Liijuu-Ochir: Yeah, yeah, yeah. Yeah, yeah, I can hear you.

Anriette Esterhuysen: Over to you. Can you hear me? Yes, yes.

Ariunzul Liijuu-Ochir: Okay, so, hello all. I’m very happy to be a part of this event, and again, congratulations for the UNESCO team, and also the other steering committee to launching the updated IEI. And as I led the international National Assessment Team to conduct IEA and Mongolia first time in 2021, I realized that NGO and especially also the civil society organizations’ role to implement and enforce the recommendation from the IEA findings are very crucial. Because NGOs and civil society organizations have better understanding about their community needs, what works in the field and what doesn’t work in the grassroot level compared to the government, right? So in the Mongolian case, IEA was led and conducted by the NGO. Therefore, I believe we included more voices from the diverse groups, such as communities who work with the human rights, communities who work with the blind community, NGOs working for the deaf community, NGOs and civil societies who work also and collaborate with the older communities as well as we also include the Kazakh community whose first language is not Mongolian. And findings of Mongolian National Assessment of IEA suggested that there were many rooms to improve in all role mix pillars, of course. So we have been promoting the findings throughout our work. For example, together with currently our team, we are creating a website where secondary school teachers can learn about how to work with the children with disabilities, including the children with visual impairment, children with hearing impairment, children with speech impairment, children with autism or children with ADHD and so on. So we have also assumed among the teachers who use our website, they may have a certain impairment which can also restrict their access to use our website. So we co-designed our website with the IT guys and also teachers. teachers and teachers with old age and teachers with low digital literacy as well as persons with disability. And then because the Mongolian IELTS report displayed that government websites were not really accessible for everyone, especially for the persons with disability and all the senior citizens, I would say, we want to show, we want to make our website as a good example for the government agencies and public school principals and teachers. Because back in time, back in 2021, we even couldn’t find the single website which is accessible for everyone. So with this, our current initiative, we really want to show the best example and also the model for the government officials, especially for the secondary schools, especially during this time, they were using a lot of, you know, the digital training module and the digital training modules, which is not yet accessible for everyone. We changed their mindset and we changed their attitude and we changed the way to work on it. So the website will be launched in, we hope it will be, we will launch it in the mid-January in 2025. And then that website will be also used in the nationwide for all of the secondary school teachers who work with the children with disability and also school principal itself. I hope they will learn from our initiative and the practices to produce and create their own, you know, the online learning platform to be more accessible for everyone. Because if the school, you know, the resource material is not accessible and not user-friendly for its users, then it’s, what’s the meaning, right? So that’s what we want to promote in Mongolia at the moment. And I’m aware of that. There is very…

Anriette Esterhuysen: less time. So that’s it from my side. If there is any question, I’m happy to answer it. Over to you, Dr. Devik.

Tatevik Grigoryan: Thank you very much, Adi. I forgot to mention that in addition to her role and her work on the IUS, she also contributed greatly to the revision of the IUS. She was a member of the steering committee for the revision. And thank you, Arjunzul, for your great contributions to the revision and the new enhanced indicators. I think I will not ask you the follow-up question, Arjunzul. Cautious of time, I will now hand over. Thank you so much. I will hand over. I’m not sure that we’re that short on time. Correct me, but this is a 90-minute session, I believe. And so there is some time. Everybody keeps worrying about time, but I just want to make sure that we’re okay on time and we’re only about halfway through at this point. We were supposed to finish at 1.45. I think everyone is desperate for the IGF to end because it’s the last day and we’re all exhausted. Okay, fine. If it’s self-generated, I just wanted to make sure we’re feeling limited by the schedule. I’ll hand over. Okay. There’s a question, please.

Sandra Hoferichter: Thank you, Sandra Hoferichter from the European Summer School on Internet Governance. Is it the right time to ask questions or was there a plan to do it at the very end of the session? It’s always the right time. Thank you very much. I think it comes very timely because Tadej just described the revision of the indicators. And I have two questions and they are… fairly related but go in the same direction. I’ve heard from several governments, even those who did the first assessment of the Rome Indicators, that this is such a lengthy process and that it takes so much time, that for some governments or for some nations it will be hard to do it for the first time, and those who did it already will possibly not have the resources to do it for a second time. But I understood, on the other hand, that the benefit of those indicators are only developed or only being seen when you are doing it several times, so that you see how your country is developing. So my question here, and that’s the first, would be in the revision or later on, is this on your radar that this process should be streamlined a little bit more, so that it is not so exhaustive and that it can be done by several governments that at the moment struggle with resources? And a little bit related to that, at the moment it’s not existing, and we had the Rome Indicators at the summer school not this year but last year, but it was merely a presentation of that it exists, and since the practicum is regarded a very useful element in all these schools, is there a way or can we maybe start thinking about how we do a mini-assessment provided by and facilitated by UNESCO in those schools, so that basically when we are doing the practicum, this Rome assessment could be the practicum, but of course that needs to be a very kind of trial or just to show how it works, and then the multipliers that are attending the SIGs could then maybe lobby to include it in the several countries. So these were the two questions. Thank you.

Tatevik Grigoryan: Thank you, Sandra, for these questions. I think Adyat really wants to answer the second question and Adyat really wants Fabio to answer the first question. I won’t monopolize it. Fabio, please, do you want to take the first question or do you want to start with the second?

Anriette Esterhuysen: Fabio, did you hear the question? Were you listening? Good. Now you can answer.

Fabio Senne: No, thank you, Adyat. No, I’m Fabio Sena. I’m from Brazil, from nick.br, and I can talk about the Brazilian experience. I cannot talk for all the countries, but I agree with you that, yes, the first assessment was really time-consuming. First, because you had to mobilize the stakeholders that are needed for the process, and then you have to understand what are the sources that are available or not available in your country. So, I agree that there is a process that is more time-consuming, but we had the revision of the IY take this into consideration, so we had a reduced number of questions and indicators in the second version, which is, I think it’s more accessible to a group of different countries. The second thing is that when you are doing the second assessment, you can also take into advantage what you did in the first one. So, first, legal aspects that don’t change like each year or each five years, you can use the same material to rely on, and you can just update the more quantitative and the aspects that are more dynamic into the process. So, I do think that a group of countries can do the second version in a more easy way. And finally, just to mention that this framework has proven to be very effective in very different contexts. So, if you take G20 large countries, as Germany, Brazil, and Argentina did the process, as well as small islands in the Pacific region, so it’s very flexible to be adaptable to the context of the different countries. So, I do think that this is a good contribution.

Avri Doria: Thank you. I also wanted to point out that we do have We have a question from consulate online with his hand up. So please fit him into your queue.

Anriette Esterhuysen: And should we take his question And should we take his question before we respond. Every, maybe we should. Yeah

Avri Doria: Every, maybe we should. Yeah, I think we should his hands. So thank you.

Anriette Esterhuysen: So let’s hear you. So let’s hear you. Except now we have to go because

Ileleji Poncelet: I think our tech support don’t really follow the. Yeah, yeah, that’s fine. So, thank you for allowing me to speak So, thank you for allowing me to speak on I wish to thank all the speakers, our first like to all the speakers, our first, like to, to States. First, as the lead researcher for the recently completed iUi for the Gambia. That one thing that was good for the success of that the iUi for the Gambia was the ability that we had an advisory body that comprised of a number of institutions and a number of institutions and organizations who have been part of national internet governance initiative. So, that was a success but it was also difficult sometimes getting data for from our Ministry of Finance, that, and to input some certain data governments were not able to do it so I were not able to do it so I would like to hear advice from UNESCO how do you go about that and how do you go about that and how do you go about that and how do you go about that and how do you go about that and how do you go about that and how do you go about that. And I will, I want to commend it for what she has been doing with the African school of Internet governance but there’s something I would like to throw to her like to get our government’s more involved is idea possibilities like example interest in this issue and the current one since the last day. In simple and transparency. Africa. Next time, North African countries will be nominated. So we’ll have governments also being involved in this school. They are young professionals. Thank you. I’m sorry for taking your time.

Anriette Esterhuysen: Can I respond? Thanks very much, Poncelet. Actually, we had a fantastic young woman from the Gambian government who was nominated by the Gambian government this year. And so I think we also had, we had Cameroon, we had Zambia. We had about five governments this year. And then we had about seven parliamentarians, including a senator from Nigeria, who’s here. So we do do that, Poncelet, and we always have government participation. I think the response from governments, many of the governments that we invite to nominate don’t always respond. But the ones that do remain partners for life. So it’s really good. So it’s, and I think you’re absolutely right. I don’t think you can have an effective multi-stakeholder leadership development event if you don’t have government in the room. I just want to respond to Sandra’s. I think it’s a fantastic idea, Sandra. And I think a national school could do it at a national level. And if the school, like I know some, I think, James, you said the Nigerian school is three days. Now, some schools are not as long as AfriSig or EuroSig. I’m not sure how long the South School is. But you could then have your practicum be that advisory committee, because as Poncelet said, that’s not easy, but it’s very important. And as Fabio also mentioned, the IUI methodology is that you establish a multi-stakeholder advisory board. So your role play or your practicum exercise at the school could either to have maybe an imaginary country, and you assess that imaginary country, that could be really quite fun. And the people in the school have to be national statistical agencies, internet service providers, associations, researchers, teachers, child rights activists, feminist activists, you know, whatever. You can really play with that idea if it’s a kind of imaginary country. But if it’s a real country, you can actually make it focused on how do you convene the MAB? How do you identify data sources? So, Sandra, I really love that idea. I think I’d be very happy to do that, actually. I think it would be good for the IUIs, because the IUIs will also learn from that. UNESCO will learn from that as well. Plus, it will be a great exercise for the school, particularly because I think it will make the technical people it will force them to think a little bit about what are the social impact, what are the gender equity components of a universal interoperable Internet. And likewise, it will make the social people, the human rights people, or the content people think a little bit more about the infrastructure, its security, you know, how stable it is, and so on. So I really love that idea.

Tatevik Grigoryan: Thanks very much for the questions and answers. I think I’ll hand over now to James and Olga to move forward with the rest of the agenda.

James Kunle Olorundare: All right. Thank you very much. Thank you for those brilliant ideas. All right. Before we advance, I just want to quickly add something, because I now realize that if you really want to do a very good assessment of IUI, right, I think you need a very good time. It’s not something that you can say, okay, you want to do in three days, right? And take, for example, like in the Nigerian School of Internet Governance, like I explained yesterday, what we normally do, right, apart from the intensive classes, right, that we do in three days, we do have, you know, like a virtual session. And even this year, we had it for like five weeks, right? And I realized that that has helped a lot. Why? Because we’re able to organize something like, we call it colloquium, right? Well, you can call it symposium, you can call it anything. But we call it colloquium. Just like Harriet was saying the other time, as she was talking about it, I was just figuring out what we did in line with that. So we call it colloquium, right? So we created four groups, okay? And in each group, we have to have people that we act roles, okay? So and I think this is going to be a very good model if we want to do this IUI thing, and the paraventures will be in need of data. And data is not something that you can just get at the snap of a finger, especially when you’re talking about the government, you know, the bureaucracy and all of that. So by the time we start, if we start, let’s say, maybe like three weeks, right? Even when we want to start, I think we would have even maybe made request of the kind of data we would need from the government so that by the time the data is coming in, it will fit into our program. I know quite well that, yeah, we may not have so much time to run, you know, the School of Internet Governance as a physical because of resources and so many other things. But integrating these virtual classes into it as part of the preliminary process, right, I think will help a lot. And right from the beginning, when you’re starting the virtual classes, would have known that, OK, yeah, whatever we’re going to do, if it’s going to be the IUI, if it’s going to be the IIB, like we call it in Internet Society, that is impact assessment brief, right? We’re going to start from the beginning. We have figured this out. We have a theme that we’re working with. So I think this may work in the case of IUI, too. But what I may want us to also deliberate on is if we really want to get a very good result from these, right, so that means we need to get all the stakeholders together, right? So we need to involve the government, even right from the beginning. Because for us to get a very good result, the government must be involved. So if we want to contribute, so that’s one perspective I want you to throw into this discussion, why I hand over to you.

Olga Cavalli : So I think it’s a good place to think about new ideas to bring to the schools. But I think at the same time that all the schools have been going through all these different concepts like access, multi-stakeholder, environment, human rights, cross-cutting things, and environment. And the experience in the South School of Internet Governance is that we could perfectly blend it into now we have three parts in the school. So the school is not one week. It’s like six-month program. We have a pre-training that it’s online and self-assisted. Perfectly would fit in there some videos and some important information. And thank you for inviting me to the NetMundial meeting that you presented the indicators there. Thank you for that. I was present there. And Riet was there as well. in Brazil, in Sao Paulo, and that could perfectly fit in this self-assisted part of the training that we do through two months before the school. Then it’s the five days hybrid training, and then there is the research with the university. All this program is also supervised by a university in Argentina that we have partnered with. So I think we can work in including it very deeply into the program of the school. We also run the School of Internet Governance in Argentina, which is shorter, it’s a three days program, more focused on the Argentina issues. The relevance of multi-stakeholder, I think that the revision and bringing to our memory the principles of NETMundial has been for all of us very, very important. Organizing a multi-stakeholder environment is not easy. It’s much easier to do a multilateral one where all the governments sit together with their advisors and they talk among them and they do a paper or whatever, which is perfectly important. Really doing a relevant multi-stakeholder space needs a lot of time in bringing the right stakeholders. And for the schools, it’s also very interesting to build a group of fellows that it’s really a multi-stakeholder itself. So for having a governmental representative, as you were rightly mentioning, in Africa and Argentina, we have the same important mission to bring them. And once they get engaged, as Anri rightly mentioned, they always get engaged in the program because they love the interaction with the fellows from different stakeholders and from experts also from the different stakeholders. But it takes time. It takes time to build a group of fellows. it takes time to build a program. So that is the part of the work of the schools and the beauty of one of the schools that we organize. And each one has its own particularities and its own focuses. But I think that the match with all the work that UNESCO is doing with the indicators is perfectly good. So, and now Avri especially, she is leading various activities that will focus on and other things that as a dynamic coalition, which is very important for all the schools. So I think it’s a perfect moment. So once I knew that we were going to do this blend workshop, I think it’s a start of a new initiative that will enhance the content of all our schools. I will stop here and maybe I can add something in a moment.

Avri Doria: Hi, this is Avri. Jumping in now as I don’t see any hands and while you’re figuring out where to go next. I think that some ideas that have been brought up here are great, especially the idea of as the dynamic coalition itself starts to look at its curriculum, because we had talked about, one of our ongoing activities is to have sort of sample curricula online. And we realized that we need to update them this year or starting this year is to actually bring this IOI element and how one would do it there into that particular document, which would then give a hand and a starting place to many of the schools that do look at that sample curriculum when they’re starting up. So, I think at this point, we’ve got a bit of time left and I think it’s- Sorry. You can go on with discussion, but please.

Anriette Esterhuysen: Yes, we have a contribution from the room. Good. Sorry.

Abdelaziz Hilali: Thank you very much. Sorry, Avri. I am Aziz Hileri from Morocco. And I want, if I may, just to give an example from North Africa, where it has been six since 2018 each year. And when we choose, it’s from seven countries of North Africa. And we try to have a multi-stakeholder, even within the three participants from each country. So the last SIG we organized, it was in Mauritania. And each time, we have meetings with the government, with all stakeholders, private sectors, and governments, to speak about the problem of North Africa, but particularly in Mauritania. Because in North Africa, we have the Sahara, is the biggest desert in the world. It’s taken, I think, 30% from Africa. And we try to have some. So I have a question for the panel. Is how this AI, dedicated to work with the global group, and improve connectivity in this area, like the Sahara that I said, because we have communities, is related, and lack of telecommunication infrastructures? Thank you.

James Kunle Olorundare: So sorry. I think that’s because you see I have work to do here. Because I think the question is actually directed to you. Yeah. Yeah. And for you to just expand on that more, I think we also need to talk about, OK, yeah, we want to integrate IUI into the SIG module, or curriculum. I beg your pardon. So what? What do you think we should do? Because now IUI is a new concept, right? Which is just coming out. And yeah, it’s been around, right? But we just, it’s new to the SIG. That’s what I mean when I say it’s new. New in the sense that we are just integrating it into SIG. I guess, I know that Areth has worked with that before. Maybe the first time, and probably maybe she’ll be going for the second one now, right? But like in some of the national schools, I’m sure we’ve not done that. So I’m telling you from Nigerian experience. So, but I’m not thinking, I mean, it’s time for us to look at how we can integrate that into the national school. Although we have agreed that, right? We should have like a cascaded model, okay? For the national, then going to the region, it should be more encompassing. But then you know that even if you want to carry out IUI, it’s still going to be at the national level. So I think the SIG at the national level should be involved in the sense that, okay, we need to let people be aware of what is going on, that is one. Then if you want to do this assessment, I think somebody will, I think it was Areth that mentioned the fact that probably we need to do like a simulation, you know, even in the school, you know? So as to bring people up to speed with how IUI can be conducted. So I think we need to start looking at that and of course, the issue of, you know, faculty talking about somebody that’s going to facilitate that. Of course, if you say, I should go and facilitate something on IUI now, I have to start reading and reading. But for somebody like you, for being part of the system, you know so much about it. So what will be your advice in terms of getting faculty, you know, to facilitate that? Yeah.

Anriette Esterhuysen: So very, sorry, did you want me to be very quick? I wanted to respond to, sorry, so just a quick response. First to, that’s a very good question, James, but just to Aziz. Aziz, I think your question is how do the IUIs actually help us deal with some of the basic problems, such as the lack of connectivity? I mean, and that’s an, an IUI question, not necessarily a SIG question. And I think the idea of the IUIs is that once the national assessment has been made, that it comes up with recommendations and that there are actions that are identified to be addressed. But it does then remain up to the country to decide how to do that. And what we feel it does though, is that because you do the assessment in a collaborative multi-stakeholder way, that creates a very good basis for which to collaborate on identified, implementing and addressing identified priorities. And James, just in response to your question, I think it’s a really good question. I think Sanda made the brilliant suggestion that we can do simulations. I think you are pointing out that if we wanna do them well, we need the people who can do them well. And maybe this is something that can come out of this recommendation, some form of guideline on how that can be done. I think the one thing though I would caution is to separate simulation from real assessments. Assessments are also political. They are political at a national level. It’s not always easy, as Poncelet also said, to get agreement, to get the data. So I think one would have to be fairly cautious that if you are using the IUIs in SIGs, that you’re sensitive to that. And that’s why maybe having at a national school, deciding how you do it would have to be sensitive and careful. And maybe having made up imaginary countries might in fact sometimes work better. Still serve the same pedagogic purpose, but I do think one would have to be careful that you don’t unintentionally undermine the opportunity to do an actual national assessment because you’ve used it in a school and somehow it has raised concerns. Sorry, that just occurred to me while you were talking.

Tatevik Grigoryan: I just wanted to add about people who don’t know about the IUIs and would be willing to do the IUIs. Just to let you know. that this IUI framework, it contains a very detailed step-by-step guidelines on how to implement the indicators, but UNESCO’s support doesn’t stop by just providing the guidelines. UNESCO provides technical support at every step of the assessment. Since this inception, we do build the capacity. We know that it’s not something taught at schools or it’s a new idea for many countries, and the way we work, we provide the technical support, we do capacity building for the research team that wants to carry out the assessment, we work with the multi-stakeholder advisory board, and we basically accompany the research team and the country at every step of the assessment. So this is something that we’ve been doing and we will continue to do so. Yes, and in addition to also to react on what you said about the national schools, I think, you know, as I mentioned, the multi-stakeholder advisory board is an integral part of the assessment, and in some ways, if a country has not yet engaged or started the assessment, in a way the AFRI-SIG as a multi-stakeholder group, if we can call it like that, could be the core of the multi-stakeholder advisory board that can then steer and guide the assessment with support from UNESCO. Thanks.

Avri Doria: This is Avri, if I can jump in for a second. I just want to add a comment that was on the chat and not everybody’s being able to read the chat, but I think fits into this discussion, and this was from Luis Martinez. Is it time to have specialized IG schools, meaning SIGs on single themes such as human rights or connectivity? And I would add in the context that you are all talking about in terms of the URI. I think the idea, by the way, of using an imaginary country instead of your actual country is an excellent one, having designed many of these exercises at the time. And there was a question, an answer from Henriette, and then she can follow through on it. I think it is. AfriCIG is already doing that. So I’ll put my hand down now, but I just wanted to make sure I got the online comments in. Thank you.

Olga Cavalli : Thank you. I think, Avri, this is the perfect starting point to build guidelines from our coalition to all the schools. And then each school has its own way of organizing the group of fellows, to call the experts, to build a real multi-stakeholder program. So with these guidelines, perhaps not that as an assessment, that could be a little bit more into the particularities of each region country, but to build from the dynamic coalition a group of guidelines so we can use the indicators within blended into the program. And responding to my dear friend, Luis Miguel, in our school, every year we have a special point of focus on the program. It’s cyber security or development goals, or every year we find a focus, which is not the only thing that is included in the program, but there is a special emphasis. And it changes every year depending, last year was artificial intelligence and cyber security. It depends on what is happening in the internet environment.

James Kunle Olorundare: Just to add one point and to confirm what Olga said. So I think that’s the right way to go in terms of for every session of the school we are going to have, there should be a focal theme, a thematic area that you want to focus on. However, of course, you are still going to deal with other modules that are relevant to the school, but there should be a focus and the focus will be what you will be building your output document on, be it a policy brief, be it internet assessment brief, be it the IUI, like this one we’re talking about. So I think that is very important. But for me, the issue of having specialized school on internet governance, well, I think, well, I don’t know how that is going to work out. What I’m saying that is because now we’re talking about having something like a syllabus, right, something that can work for all school, which would be like, okay, first there must be basic fundamental modules that you need to take, right, before you now talk about where you’re focusing on based on your environment or based on those hot topics that are coming up within your environment. So I think we should focus more on that for now, right, because that will help, you know, this coalition. Thank you very much. And I don’t know if anybody wants to make any…

Tatevik Grigoryan: Okay, Avery. No, there was a question in the audience.

Audience: Good afternoon. My name is Dr. Jose Fisata from CHAT. I co-ordinate the CHAT this year. Well, in terms of collaboration, artistic engagement in these processes, I think CSO play a very important role, I mean, creating awareness, et cetera. So I think it’s quite important to employ, I mean, civil society organizations to be able to address these issues together and contribute in the process. So how does the SIG can enable us to have a program that will bring together all the SIGs in countries that we have even not yet are conducting national assessment, talent development to have a framework or let’s say formal guidelines to work on together in collaboration? Thank you.

James Kunle Olorundare: If I may just make a comment on that before, maybe if you want to make a comment on that. Yeah, so let me use our model as an example. So in Nigeria, we have the NTX and NITF. that is Nigeria Internet Governance Forum, it is the KUDA advisory group, that group consists of the civil society, of course represented by Internet Society, by the way I’m the president of ISOC in Nigeria, so ISOC is a primary member of the NIGF MAG in Nigeria. However, we have other members too, right, we have the relevant government agencies that are members of the same MAG I’m talking about, and now we’ll just go straight, we have the National Information Technology Development Agency, because of its role within the IG space, we have the Nigerian Communications Commission, as a member of the NIGF MAG, okay, then we have the NIRA, that is the Nigeria Internet Registration Association, that’s also a member, then we have other members too, the academia, yes, academias too are nominated into the NIGF MAG, so if we want to have even the school, what we normally do is we have to collaborate with the NIGF MAG, we carry them along, as a matter of fact, any time we are, the year is going to start in a matter of weeks now, so the process starts all over again, so when we start the process, we have meetings, as we are having the meeting with the NIGF, the NSEG, that is the Nigerian School on Internet Governance, do give reports at every NIGF meeting to show that, okay, this is where we are, this is what we are doing, and this is where we want you to come in, so it’s more like a collaborative effort to work together, so that multistakeholderism has been established, so we already have a structure that we are working with, so it’s just, okay, yeah, ISOC is the convener of the school, so we work with all these guys, and in fact, when we want to make a call for application too, we do let them know that we want, you know, fellows that are going to participate in the school, that is the cohort for that year, to be from all those places too, in addition to that, of course, we make it like, okay, let everybody participate, that means it’s thrown open, the youth, especially the youth, the youth and the aged ones, interestingly, this year, when we finish the school, we have one very old man in the school, and I was like, okay, of course, I want to know what is going on within the IG space, you know, thank you very much.

Avri Doria: seem to have any hands up on the online space. With 10 minutes left, perhaps people want to take a little chance to sum up and such. I have been working since we have to have almost already contributed our takeaways and our calls to action. I’ve been trying to pick those up as you all spoke. But please, as I say, don’t have any online requests to speak, but you’ve got a few minutes left to do any summing up and such that you would like.

Anriette Esterhuysen: Thank you very much, Avri. I don’t have much. I think just in terms of the comment from Chad, I think we should discuss that. I think you are raising good suggestions, which also I think we can use the dynamic coalition to have those discussions. I think these are fantastic ideas. It just also makes me realize that, and this is my takeaway, is that I think most schools are operating on a fairly shoestring budget. The dynamic coalition. Avri for doing that work. I think if we do have more capacity as a community of SIGs, that will also make it easier for us to partner with other initiatives like the IUI-1. I don’t think it will happen overnight, but I do think there’s a need and a demand and a will to kind of partnership. So just thanks to. everyone, to UNESCO, to AVRI, to the SIGs and the IUIs, and everyone for coming to the session. Over to you.

Olga Cavalli : This session will be recorded and also will be available for the schools that were not participating today and were not here on the IGF or online, so it’s a reference just from our school, regional and national, we offer our help in sharing experiences and I think that the coalition is the perfect space for work together with the other coalition and build upon all the work that AVRI is doing in framing all these indicators into our curricula and our activities, so feel free to contact us even though if you are not in this in this room, virtually or on site, and if you look at this recording afterwards, and thank you all for and thank you AVRI for being there. What time is it there AVRI? Is it very early for you now?

Avri Doria: Oh it’s morning, you know, it’s 6.30 in the morning, it’s nothing compared to the one o’clock in the morning session I did earlier. So very much, I totally believe in living a flexible schedule as I can and moving my schedule around to suit the place I am online participating in. I really appreciate, you know, all the contributions and the talk that came in. I appreciate having received the points that I’m now trying to put in edit into the report. We’ll be going out with a report on this. I’ll be consulting you all and thank you AVRI very much and especially as this was the last of the regular sessions or in the last of the regular sessions. slots before the end. I understand how you’re all eager to get yourself to the final sessions, the closing sessions, and thank you so much, and thanks for helping me do this from an online perspective. So I’ll pass it back to people on stage to end it, to close it, but thank you very much.

Tatevik Grigoryan: Thank you very much. I don’t have much to add. I just need to say that I really enjoyed this discussion and the concrete suggestions that came out of this discussion, and we’re willing and ready to continue the cooperation from UNESCO on the IUIs with the SIGs. Thank you so much, Avri, for coordinating and organizing this session. Thank you to Andiet, Arjun Zool online, and Olga, James, and the contributions from the audience. Thank you so much, and I look forward to working with many of you. Thank you.

James Kunle Olorundare: All right, so on behalf of the SIG Coalition, we want to thank you, Tatibi, for a good job well done. We appreciate this, and I hope this is just going to be the beginning of the collaboration. So we’re just starting, and we want it to continue. So please be available anytime we call, and of course, I’m sure any moment from now, you’ll be receiving calls from even the national schools, especially with respect to the IUI. All right, ladies and gentlemen, I think we have come to the end of this session, and I think we should give ourselves a round of applause. Thank you. I wasn’t on this panel. I’m not in the photograph. So we can take you you you you

Agreement Points

Integration of IUIs into SIG curricula

Tatevik Grigoryan

Anriette Esterhuysen

Olga Cavalli

Sandra Hoferichter

IUIs provide a useful framework for assessing internet development at national level

SIGs are an excellent platform for promoting and implementing IUIs

Integrating IUIs into SIG curricula can enhance content and student learning

Simulations of IUI assessments could be valuable learning exercises in SIGs

Speakers agreed that integrating Internet Universality Indicators (IUIs) into Schools of Internet Governance (SIGs) curricula would be beneficial for enhancing learning experiences and promoting the use of IUIs.

Importance of multi-stakeholder collaboration

Anriette Esterhuysen

Olga Cavalli

James Kunle Olorundare

Tatevik Grigoryan

Involving government representatives in SIGs is important but takes time

SIGs help create networks between diverse stakeholders in internet governance

Multi-stakeholder advisory boards are crucial for successful IUI implementation

The IUI framework fosters multi-stakeholder cooperation and discussions

Speakers emphasized the importance of multi-stakeholder collaboration in both SIGs and IUI implementation, highlighting the need for diverse perspectives and engagement from various sectors.

Similar Viewpoints

Both speakers highlighted challenges in implementing IUIs, particularly regarding the time and effort required for data collection and stakeholder engagement.

Fabio Senne

Ileleji Poncelet

First IUI assessments can be time-consuming but subsequent ones are easier

Obtaining data from government agencies for IUI assessments can be difficult

Both speakers advocated for flexible and adaptable SIG curricula that can address both core topics and region-specific issues, with the potential for extended learning through virtual components.

James Kunle Olorundare

Olga Cavalli

SIGs should have a core curriculum with flexibility for regional focus areas

Virtual components can extend SIG programs beyond short in-person sessions

Unexpected Consensus

Use of imaginary countries for IUI simulations in SIGs

Anriette Esterhuysen

Sandra Hoferichter

Care must be taken not to undermine actual national IUI assessments when using them in SIGs

Simulations of IUI assessments could be valuable learning exercises in SIGs

While discussing the integration of IUIs into SIGs, there was an unexpected consensus on the potential use of imaginary countries for simulations. This approach could provide valuable learning experiences while avoiding potential political sensitivities associated with real national assessments.

Overall Assessment

Summary

The main areas of agreement centered around the integration of IUIs into SIG curricula, the importance of multi-stakeholder collaboration, and the need for flexible and adaptable approaches in both IUI implementation and SIG programs.

Consensus level

There was a high level of consensus among speakers on the potential benefits of integrating IUIs into SIGs and the importance of multi-stakeholder engagement. This consensus suggests a strong foundation for future collaboration between IUI implementers and SIG organizers, potentially leading to more comprehensive and effective internet governance education and assessment processes.

Different Viewpoints

Integration of IUIs into SIG curricula

Anriette Esterhuysen

Sandra Hoferichter

Care must be taken not to undermine actual national IUI assessments when using them in SIGs

Simulations of IUI assessments could be valuable learning exercises in SIGs

While Sandra Hoferichter suggests using IUI simulations as learning exercises in SIGs, Anriette Esterhuysen cautions about potential negative impacts on real national assessments.

Unexpected Differences

Overall Assessment

summary

The main areas of disagreement revolve around the implementation of IUIs in SIG curricula and the structure of SIG programs.

difference_level

The level of disagreement among speakers is relatively low, with most differences being nuanced rather than fundamental. This suggests a general consensus on the importance of integrating IUIs into SIGs and enhancing multi-stakeholder collaboration in internet governance. The minor differences in approach do not significantly impact the overall goals of improving internet governance education and assessment.

Partial Agreements

Both speakers agree on the need for flexible and comprehensive SIG curricula, but differ in their approaches. James emphasizes a core curriculum with regional adaptations, while Olga focuses on extending programs through virtual components.

James Kunle Olorundare

Olga Cavalli

SIGs should have a core curriculum with flexibility for regional focus areas

Virtual components can extend SIG programs beyond short in-person sessions

Similar Viewpoints

Both speakers highlighted challenges in implementing IUIs, particularly regarding the time and effort required for data collection and stakeholder engagement.

Fabio Senne

Ileleji Poncelet

First IUI assessments can be time-consuming but subsequent ones are easier

Obtaining data from government agencies for IUI assessments can be difficult

Both speakers advocated for flexible and adaptable SIG curricula that can address both core topics and region-specific issues, with the potential for extended learning through virtual components.

James Kunle Olorundare

Olga Cavalli

SIGs should have a core curriculum with flexibility for regional focus areas

Virtual components can extend SIG programs beyond short in-person sessions

Key Takeaways

Internet Universality Indicators (IUIs) provide a valuable framework for assessing internet development at the national level

Schools of Internet Governance (SIGs) are an excellent platform for promoting and implementing IUIs

Integrating IUIs into SIG curricula can enhance content and student learning

Multi-stakeholder collaboration is crucial for successful implementation of IUIs and internet governance processes

SIGs play an important role in capacity building for internet governance

Resolutions and Action Items

Develop guidelines for integrating IUIs into SIG curricula

Explore the possibility of creating simulations of IUI assessments as learning exercises in SIGs

Use the Dynamic Coalition on Schools of Internet Governance to facilitate collaboration between SIGs and the IUI framework

Consider including IUIs as a module in SIG programs

Unresolved Issues

How to effectively streamline the IUI assessment process to make it less time-consuming and resource-intensive

How to address challenges in obtaining data from government agencies for IUI assessments

Whether specialized thematic SIGs should be developed for specific internet governance topics

How to balance core SIG curriculum with regional focus areas and emerging topics

Suggested Compromises

Use imaginary countries for IUI assessment simulations in SIGs to avoid potential conflicts with real national assessments

Implement a cascaded model for IUI integration, with different levels of depth for national, regional, and global SIGs

Combine in-person SIG sessions with virtual components to extend program duration and allow for more in-depth coverage of topics like IUIs

I think it’s a fantastic idea, Sandra. And I think a national school could do it at a national level. And if the school, like I know some, I think, James, you said the Nigerian school is three days. Now, some schools are not as long as AfriSig or EuroSig. I’m not sure how long the South School is. But you could then have your practicum be that advisory committee, because as Poncelet said, that’s not easy, but it’s very important.

speaker

Anriette Esterhuysen

reason

This comment introduced a creative way to incorporate the Internet Universality Indicators (IUIs) into the curriculum of Schools of Internet Governance (SIGs) through practical exercises.

impact

It sparked discussion about how to integrate IUIs into SIG curricula in a meaningful way, leading to further ideas about implementation and considerations of different school formats.

I think at this point, we’ve got a bit of time left and I think it’s- Sorry. You can go on with discussion, but please.

speaker

Avri Doria

reason

While brief, this interjection was important in guiding the flow of the discussion and ensuring all voices were heard.

impact

It opened up the floor for additional comments and questions from participants, leading to a more inclusive discussion.

So I think we need to start looking at that and of course, the issue of, you know, faculty talking about somebody that’s going to facilitate that. Of course, if you say, I should go and facilitate something on IUI now, I have to start reading and reading. But for somebody like you, for being part of the system, you know so much about it. So what will be your advice in terms of getting faculty, you know, to facilitate that?

speaker

James Kunle Olorundare

reason

This comment raised an important practical consideration about the expertise needed to teach IUIs effectively in SIGs.

impact

It led to a discussion about capacity building for SIG faculty and the need for guidelines on how to incorporate IUIs into curricula.

UNESCO provides technical support at every step of the assessment. Since this inception, we do build the capacity. We know that it’s not something taught at schools or it’s a new idea for many countries, and the way we work, we provide the technical support, we do capacity building for the research team that wants to carry out the assessment, we work with the multi-stakeholder advisory board, and we basically accompany the research team and the country at every step of the assessment.

speaker

Tatevik Grigoryan

reason

This comment provided crucial information about UNESCO’s role in supporting IUI implementation, addressing concerns about expertise and capacity.

impact

It clarified the level of support available for implementing IUIs, potentially alleviating concerns about the complexity of the process and encouraging more SIGs to consider incorporating IUIs.

Overall Assessment

These key comments shaped the discussion by moving it from theoretical considerations of incorporating IUIs into SIG curricula to practical implementation strategies. They highlighted the need for creative approaches to integration, raised important questions about faculty expertise and capacity building, and provided information about available support from UNESCO. The discussion evolved from simply considering the idea of using IUIs in SIGs to exploring concrete ways to make it happen, considering challenges, and identifying resources and support mechanisms. This progression led to a more nuanced and actionable conversation about the potential collaboration between IUIs and SIGs.

How can the Internet Universality Indicators (IUI) assessment process be streamlined to make it less time-consuming and resource-intensive for countries?

speaker

Sandra Hoferichter

explanation

This is important to enable more countries to conduct initial assessments and repeat assessments over time to track progress.

How can a mini-assessment or simulation of the IUI process be incorporated into School of Internet Governance (SIG) programs?

speaker

Sandra Hoferichter

explanation

This would help familiarize participants with the IUI framework and potentially encourage its adoption in more countries.

How can artificial intelligence be leveraged to improve connectivity in remote areas like the Sahara desert?

speaker

Abdelaziz Hilali

explanation

This addresses the challenge of providing internet access to isolated communities lacking telecommunications infrastructure.

How can Schools of Internet Governance (SIGs) create a framework or formal guidelines for collaboration among SIGs in countries that have not yet conducted national IUI assessments?

speaker

Dr. Jose Fisata

explanation

This would help standardize approaches and facilitate knowledge sharing among SIGs, particularly for countries new to the IUI process.

How can the Internet Universality Indicators (IUI) be integrated into national School of Internet Governance (SIG) curricula?

speaker

James Kunle Olorundare

explanation

This would help raise awareness of the IUI framework and potentially increase its adoption and implementation at the national level.

Is it time to have specialized Internet Governance schools focusing on single themes such as human rights or connectivity?

speaker

Luis Martinez (via chat)

explanation

This could allow for more in-depth exploration of specific internet governance topics.

Summary

This discussion, led by Stanford Law School professor Brittan Heller, focuses on the privacy implications of emerging 3D computing technologies, particularly extended reality (XR) and spatial computing. Heller explains how these technologies, which blend physical and digital realms, collect deeply personal data including body movements, eye tracking, and physiological responses. This data collection is far more extensive than traditional computing platforms and poses significant privacy risks.

Heller highlights that current privacy laws are ill-equipped to handle the nuances of immersive technologies. For instance, opt-out mechanisms are ineffective as spatial computing relies on body-based data for basic functionality. Recent studies have shown that behavioral data from XR devices can uniquely identify individuals and reveal sensitive information about age, gender, and even political affiliation.

The discussion delves into the potential misuse of this data, including targeted advertising based on involuntary bodily responses and the extraction of medical information unknown even to the user. Heller emphasizes the need for new privacy frameworks that address these unique challenges, including protections for environmental and body-based data.

The talk also touches on recent developments in generative AI for creating 3D virtual worlds, which while exciting, further complicate privacy concerns. Heller advocates for integrating privacy by design principles into these technologies as they evolve. She concludes by calling for proactive measures to develop legal, technical, and ethical standards that ensure user control over personal data in this new “embodied web” era.

Keypoints

Major discussion points:

– The rise of spatial computing and extended reality (XR) technologies that blend physical and digital realms

– Privacy risks associated with XR devices collecting deeply personal biometric and behavioral data

– Gaps in existing privacy laws and frameworks in addressing XR-specific data collection and use

– Recent developments in generative AI for creating 3D virtual environments

– Need for new privacy frameworks and safeguards to protect user rights in spatial computing

Overall purpose:

The purpose of this discussion was to raise awareness about the privacy and ethical implications of emerging 3D and spatial computing technologies, particularly extended reality (XR) devices. The speaker aimed to highlight the unique challenges these technologies pose to existing privacy frameworks and advocate for proactive development of new safeguards and regulations.

Tone:

The overall tone was informative and cautionary. The speaker presented the topic with a sense of urgency, emphasizing both the exciting possibilities of these technologies and the critical need to address their potential risks. While highlighting concerns, the tone remained optimistic about the potential to develop responsible and ethical approaches to spatial computing if action is taken proactively.

Speakers

– Brittan Heller: Professor at Stanford Law School

– Nouha Ben Lahbib: Project manager for an incubator for creative startups using new technology like VR and XR

Extended Reality (XR) and Privacy: Navigating the Challenges of Spatial Computing

This discussion, led by Stanford Law School professor Brittan Heller, explores the privacy implications of emerging 3D computing technologies, particularly extended reality (XR) and spatial computing. The conversation emphasizes the urgent need for new privacy frameworks and safeguards in light of these technologies’ unique data collection capabilities and potential risks.

Introduction to XR and Spatial Computing

Heller introduces the concept of the “embodied web,” where our physical bodies become the interface for digital interactions. This new paradigm of computing blends physical and digital realms, creating immersive experiences characterized by presence, immersion, and embodiment. While offering exciting possibilities, these technologies also present unprecedented privacy challenges.

Key Privacy Concerns in XR Technologies

XR devices collect deeply personal data far more extensive than traditional computing platforms, including body movements, eye tracking, and physiological responses. The privacy risks associated with this data collection are significant:

1. Unique Identification: Recent studies have shown that behavioral data from XR devices can uniquely identify individuals and infer over 40 personal attributes, including age, gender, substance use, and political affiliation.

2. Sensitive Information Extraction: Eye tracking data can reveal highly sensitive medical and personal information, including truthfulness, sexual attraction, and preclinical signs of physical and mental health conditions.

3. Targeted Advertising: The potential misuse of involuntary bodily responses for targeted advertising, as illustrated by Heller’s scenario of receiving car insurance advertisements after playing a virtual reality racing game.

Challenges in Regulating XR Technologies

The discussion highlights several key challenges in regulating and protecting privacy in XR environments:

1. Inadequacy of Current Laws: Existing privacy laws are ill-equipped to handle the nuances of immersive technologies.

2. Essential Data for Functionality: XR devices rely on body-based data for basic functionality, complicating privacy protection efforts.

3. New Data Categories: Environmental and body-based data collected by XR devices are not adequately covered by existing regulations.

4. Limitations of Opt-Out Mechanisms: Traditional opt-out approaches are ineffective in XR environments due to the essential nature of data collection for device functionality.

Advancements in Generative AI and 3D Environments

Recent developments in generative AI have revolutionized the creation of 3D virtual worlds. Heller notes that companies like NVIDIA, MIT, and Google have made significant strides in this area, allowing for the rapid generation of navigable 3D environments from text prompts. While these advancements open up creative possibilities, they also further complicate privacy concerns in XR environments.

Psychological Impact and Legal Implications

The immersive nature of XR experiences necessitates considering them as extensions of lived reality. Heller cites the example of a UK public prosecutor investigating sexual abuse in the metaverse, highlighting the need for strong safeguards to protect users’ rights and safety in virtual spaces.

Approaching XR Privacy Issues

Heller suggests four steps for addressing XR privacy concerns at home:

1. Understand the technology and its implications

2. Identify personal boundaries and comfort levels

3. Research privacy settings and options on XR devices

4. Advocate for privacy protections and responsible development

The Future of Privacy Forum has also introduced the concept of “bot-based data” to describe the unique data generated in XR environments.

Awareness and Education

Both Heller and Nouha Ben Lahbib, a project manager for an XR startup incubator, stress the importance of awareness and education regarding XR privacy for developers, users, and the general public.

Conclusion

While XR technologies offer exciting possibilities for innovation and creativity, they also present significant privacy challenges that require urgent attention. The discussion concludes with a call for proactive measures to develop legal, technical, and ethical standards that address the unique challenges posed by XR technologies. As these immersive technologies continue to evolve, it is crucial to ensure responsible development and use that prioritizes user privacy and safety in the emerging landscape of the embodied web.

For further information or inquiries, Brittan Heller can be contacted at bheller@law.stanford.edu.

Brittan Heller: I am a professor at Stanford Law School. I teach international law and study new forms of computing hardware like 3D computing, spatial computing, and AI. I’ve done so for about eight years at this point. What I’m going to talk to you about today is what happens when AI grows legs and starts walking around amongst us. I know this is a little different than most of the content that we get at IGF, but I think that this is a forum where we can talk about the future of computing and the type of privacy. Imagine this. The three of us are playing a car racing game in virtual reality. So we put on the headsets and what car do you pick? What type of car do you pick? So you pick a Volkswagen buggy. You do? What kind of car do you pick? A Bugatti. That’s a good one. Maybe something fast and pure like car racing or something. I don’t know. I pick a cherry red McLaren. And when I see that car, I race and I beat your VW buggy and even your Ferrari, I think you said, but I really like this car. And what happens is that my heart starts to race and my pupils dilate, my voice, these bodily reactions to the data because I really like what I’m seeing. Later on in virtual reality, I start checking my email and I get messages that tell me why now is a great time to renew my auto insurance. I go into… Later on in virtual reality, I go about my day. I check my email and I see I’ve gotten advertisements about why is a great time to renew my auto insurance. I go into a social club and I see somebody who looks like a person that I find to be very attractive ask me what car I drive. Finally, I go back into the game and I see the red McLaren go by driven by somebody who looks more than a little bit like me. This sounds like science fiction, but all of the capabilities I talked about are already present and deployed to some extent in virtual reality environments. The hardware tracked my heart rate increase, my body’s instinctual reactions when I saw something I liked, my pupil dilation rate and my gaze vectors in particular. And so these type of preferences and behaviors are the type of data that can be shared with advertisers and data brokers in most jurisdictions. So it’s not distant. It’s not virtual reality. It’s actual reality and not hypothetical happening now. We’re transitioning away from traditional… What this shift belies is a critical issue, making sure that our frameworks match the sophistication of the new 3D computing technologies. So over the last few years, we’ve seen the rise of spatial computing. And when I say spatial computing, I mean technologies that blend physical and digital realms. And these are called a couple things. The term that seems to be winning is extended reality or XR. You can see that with legislation going out. You can see that with the types of hardware that are getting the most investment. They’ll call it extended reality. But you’ll also see terms like virtual reality, augmented reality, or to a lesser extent now mixed reality. Companies that were selling what they called mixed reality headsets are now being phased out. But XR is the term that seems to be winning. And these allow for immersive experiences and it transforms industries like gaming and healthcare and education in particular. This is because unlike traditional computing platforms, the XR devices collect deeply, deeply personal data, including body movements, eye tracking, and your physiological responses to stimuli. But they also create a record of the stimuli itself that you are reacting to. And this makes it the most rich of any other data flows that we’ve experienced in a computing platform. It’s the same reason that people get excited about XR stuff, where they say this is the best tool for learning we’ve ever developed. A study just came out from Harvard Business School verifying that. But that’s the reason. Because there are these reciprocal data flows from your body to the computer and back again. It also creates really significant privacy risks that were not contemplated when we were writing laws for the traditional flat screen internet. Some of the challenges to traditional privacy protections are that basically, I’m a professor of international law. These laws around the world are not equipped to handle the nuances of immersive technologies. One example is that opt out mechanisms were kind of the standard that many legal regimes relied on, that you could opt out of your data collection. But that’s not effective when you’re looking at a 3D computer. Spatial computing relies on body-based data for functionality. The way these headsets are built, you have six cameras facing in, six cameras facing out. And you need that to position yourself in physical space to put the digital overlays on it. You also need it to calibrate the device so that you don’t feel nauseous or seasick when you’re using it. So if you take out this eye tracking information, you can’t use the computer. So having these opt out mechanisms for sharing your biometric data, which I’ve seen a lot of legal proposals sort of contemplate, just won’t work based on the way the computers actually function. Binary biometric responses can also be exploited for targeted advertising without users being fully aware of what’s going on. Behavioral data, like head and hand motions, is actually unique enough to identify individuals. And when I started doing this work, I was saying that privacy law may not be the best regime to handle these data flows. Because what that meant was privacy law is premised on personal identifying information. And until about two years ago, you couldn’t uniquely identify a person from these data flows. But last year, there was a study that came out from Berkeley. And it used VR motion data from Beat Saber, which is the most popular video game you can play in XR. If you haven’t tried it, it’s actually really fun. Blocks come at you and you chop them to music. Great exercise. There was a publicly available data set with the locomotion of how people were playing the game. The study was by Vivek Nair and it demonstrated how over 40 personal attributes, including age, gender, even substance use and political affiliation could be inferred from motion patterns alone. And it was accessible by a publicly available data set. There were other studies that were done by both Stanford and Berkeley that found that the way you tilt your head and point was as physically identifying as your fingerprint. By that, there was again the same data set was used to try to identify one. It took 90 seconds of recorded data with the way you tilt your head and your point. And a data set, first Stanford did it with about 2000 people and they were able to uniquely identify one person. Berkeley redid the study with 55,000 people. So not one person in a university class, but one person in a football stadium. And they were able to, based on the way you moved, identify one person out of the crowd by your teletromy. So in many privacy laws, we talk a lot about our digital fingerprints, but when you look at a 3D version of the internet, the way you move is as fundamentally identifying as what you say and the kind of mosaic of information available about you. The move to 3D technology also brings different risks that extend beyond traditional concerns. I think foremost, based on what I described, is the privacy invasion. Sensitive data can be obtained from the eye tracking information that you need to calibrate these devices. And by that, the example that I gave at the beginning about the car racing game, the way that your eyes react to the light. You have six cameras in, six cameras out, and it’s It’s normally an infrared camera looking at your eyes. It gauges the way your pupils dilate in response to stimuli, and that can also give you medically significant data that most people and most legal structures don’t understand is that rich. Through your pupillometry information, I could tell you whether or not you were likely to be telling the truth. I interviewed one of the first creators of these headsets who worked for the U.S. military and he asked me why I wanted to put a camera, a polygraph with six cameras on my face. You can tell whether or not somebody has, is sexually attracted to a person that they’re looking at, which is why I had the example of the very sexy person at the bar. So you can tell somebody’s protected characteristics like their sexual orientation through their involuntary bodily responses to what they’re looking at. There’s no way to control your eyes dilating when you see a person you like. Finally, there are other physical and mental health indicators that are contained in these datasets and they are preclinical signs, so they’re things your doctor does not know about you yet. They’re things your doctor doesn’t necessarily know to look for at this point, and a lag in your pupil dilation can be a sign of Parkinson’s disease, Huntington’s disease, autism, schizophrenia, or some forms of ADHD. So very rich data, significant to me, data that is protected by human rights laws and is supposed to be protected data in many, many jurisdictions around the world. In many jurisdictions, there is also not a bar on this type of personal information being shared or sold without consent. So there’s a possibility that this could be misused and abused by creating targeted advertising to you based on personal characteristics you weren’t aware you were giving away or things that you and your doctor don’t know about you yet. Profiling and surveillance risks can also increase with the granularity of data protected. XR is not just the self-contained headsets, it’s also how many people have tried a virtual reality headset? A couple people. How many people have used a Snapchat or an Instagram, a lens or a filter on your pictures? How many people have used a QR code to order food at a restaurant? So congratulations, you’re all part of the embodied web, and if you think about it, digital overlays on physical space, not necessarily a self-contained, Tron-looking video game playing headset. That’s the type of hardware that we need to be aware, thinking about for encompassing these new privacy risks. With the profiling and surveillance risks, we’ve actually seen this come mostly out of the video game context, where some video game companies who had massively popular games around the world were criticized by users as developing real-time location-based devices. So when you played their game, it showed where your location was in relation to other people playing the game, and users were not aware that that was being transmitted as they were playing a game like Pokemon Go. So people talked about it as a new form of stalkerware, where as you were playing the game and using the digital overlays, it was actually transmitting your physical location to other people with minimal levels of consent. That may be the way that some of the games operated, but that is a risk when you are playing with something that has the physical-digital hybrid information. I think the real risk is that, I come from an American jurisdiction, so at least under American law, behavioral and inferential data is just starting to be included in privacy law. It’s not a very common thing, and it’s really not common around the world unless you live in a jurisdiction that focuses on neuro-rights. So unless you’re from Chile, basically, it’s not necessarily going to be covered. There are people who argue that it is covered under GDPR and in European contexts, but it’s not clear that these applications are contemplated in the formation of the law, and sometimes the laws are… Hopefully, we’ll get there. …the overlays or the headsets are actually going to look like. Behavioral and inferential data can be exploited and used to influence users or push people towards purchases or beliefs, and there’s a high risk of targeted manipulation when you’re looking at this type of a context. It would not be a tech talk today if we weren’t talking about generative AI. So recent developments for generative AI in 3D environments. Go back and see if I… In the last few weeks, we’ve actually seen some pretty cool developments using generative AI to create content for 3D virtual worlds, and I think this is really exciting. I know I talk a lot about the risks of this, but this is the stuff that creates the future of the internet and makes it accessible to people without an engineering background. NVIDIA has tools that can now automate the creation of virtual worlds from a text-based input. MIT’s diffusion models transform 2D images into realistic 3D shapes just based on a description. ThinAI has SHAP-E, so Shape E, which enables 3D model creation from text or image inputs, making 3D design even more accessible. Google’s DeepMind Genie builds interactive 3D environments from text prompts, and this enhances training and immersive experiences. Basically, at this point, if you are familiar with generative AI tools, you can go from a text-based prompt to a navigable 3D world in a way that used to take video game studios six months to 18 months to build. It’s really impressive. I think it was two weeks ago we saw the advent of the creation of a 3D world from one still photographic image. So this is not something that is a future concern if you’re actually looking at the trajectory of the hardware. This is something that is incumbent on us now to look at when people can create these type of worlds through a narrative. They open up creative possibilities, but again, it also will result in new privacy or ethical concerns. So the way that we should look at this is trying to integrate privacy by design principles into these technologies as they continue to evolve. I could throw at you more developments, more companies, but unless they’re thinking about privacy and safety concerns at this point, it dampens my enthusiasm for the creative possibilities. What this means is that we have a need for new privacy frameworks. We need new measures to address the unique challenges that come with 3D spatial computing. So first is identifying gaps in existing laws. Like GDPR has limited coverage of XR-specific data. I think this is a very critical first step. Solutions from jurisdictions around the world should include protections for environmental data and body-based data. And when I say environmental data, it’s because of the way the hardware works, like we described at the beginning. Six cameras in, six cameras out. Or with other headsets, more sensors out so you don’t even need a controller. You can use your hands to navigate the world. Yeah, I see you used it. Or the absolute newest ones use your eyes, so eye tracking, or can even use your thoughts to control the controllers in kind of a very rudimentary form of brain-computer interfaces. So you see we’re getting into the land where privacy concerns will be more serious when we look at the way that the hardware will develop in new forms. Solutions need to include protection for environmental data. When we’re looking at the way that trust and safety regimes will work in this, normal flat-screen trust and safety regimes look at conduct and content of a world. These need to encompass conduct, content, and environment. And all the examples I just gave you about generative AI being able to create your immersive world really make that clear now that the environment is another vector that traditional content moderation systems don’t look at. They haven’t had the technical capability to do that in the past, but now that computer vision-based systems are getting better and are helping generative AI walk off the screen and into the world, we are going to have to think about different ways to help keep those environments safe and to provide adequate controls to help companies meet their legal obligations if content moderation is found to apply to 3D worlds in addition to 2D platforms. I say body-based data because there’s there’s another legal hole where biometric data does not necessarily include some of the risk factors that I’ve talked about in every jurisdiction yet. So certain groups like the Future on Privacy Forum have started saying bot-based data, which does not have a legal definition as opposed to biometric data, which does. I think looking at this in a comparative law perspective, you may be able to say biometric data depending on the jurisdiction you’re from, but that means you have to really look at what is encompassed under those type of protections in your home state. I would also see the way your home jurisdiction looks at sort of new challenges like neural data. I described how the cutting edge systems will let you control through either your thoughts or your eyes the way you interact through the environment. If neural data is not included as a protected category of data in your jurisdiction, you will have a problem. So you need to start thinking about this stuff now and not just in the limited context of brain computer interfaces, but looking at it as more of a general type of data category and include eye tracking in it because your eyes are not just the window to your soul in poetry. That is the way that you identify and access your central nervous system when you’re looking at the sensors that we need for 3D computing. It’s not as sophisticated as reading your thoughts. That’s basically reading your thoughts. So looking at some of the further implications for rights and safety, the type of things we’re looking at with spatial computing actually affect our fundamental human rights. So we have to have strong safeguards to protect data from unauthorized use. And with this, technological innovation can align with individual rights to assure ethical deployment. In the last panel that I was privileged to speak on, I said that it’s like we have a second bite at the apple. All puns intended if you work for Apple. But we have a chance to look at this new ecosystem and create laws and standards, both technical, legal, and ethical standards that will really ensure that users have control over their personal data in a different way than we saw with the evolution of the flat screen internet. And I think that’s really exciting. But it does create an obligation to look at this proactively in a way that so far we haven’t. Transparency and user control over our personal data will be integral in building trust. But this trust is important because then we can support broader goals like some of the strategic development goals through the UN. So that can be a wider application of this if you need to have some sort of, if you want to have sort of a further point to developing these types of standards in your jurisdiction. It can work under reducing inequalities, which is strategic development goal number 10. Maybe fostering strong institutions for justice, strategic development goal 16. There’s lots of ways that you can look at the uses of 3D computing now, which are fundamentally looking at industry and education and creativity and sort of see how that intersects with your national plans. Oh, and strategic development goal 9, industry, innovation, and infrastructure. All of this comes together in what I’ve been calling the embodied web. And that’s because of this reciprocal relationship with information gathered from your body by sensors. And it’s the sensors that separate it from the traditional flat screen web. And computers. And how you feed your information to the computer, it calibrates and sends it back to you. And it’s this circular relationship. Both are needed to create the environment that you want to live in. And relationship. Both are needed to create this new type of web, which is why I’m calling it the embodied web. And it won’t just be virtual reality. You’ll see lots of things. I just had a 20-minute conversation with a robot down the street. Or I guess down the road. So, it’s coming. And it’s exciting. But it’s also means we should be mindful. There are factors in immersive computing. Presence, immersion, embodiment. I could go into what those mean. But basically, these are all psychological characteristics that work together. That also make virtual reality different than flat screen computing. Because it feels real to your cognition. You process it through your hippocampus. All of your interactions in VR. It is your actual reality when you’re in it. And you respond to it like your actual reality. Which make any of the harms that you experience in there even more acute. To the point where the UK public prosecutor’s office has opened an investigation into the sexual abuse of a minor in the metaverse. Because of the psychological impact on the victim. So, states are slowly starting to look at this as not a separate reality, but an extension of people’s actual lived experience. Because it feels real, it fundamentally changes how users perceive and interact with content. And this transition creates immense opportunities across industries. But we will have to prioritize user rights and human dignity. Spatial computing must evolve responsibly and balance innovation with ethical considerations. So, if you’re looking for kind of four steps into how to start approaching this at home, you can do research on XR privacy implications based on how you see it being deployed by your companies and your government. You can collaborate and really engage with user groups and policy discussions. You can innovate and look at privacy preserving XR technologies. So, it may not be limiting access to data like we have done for flat screen computing, but developing privacy preserving technologies on the other end that allow the technologies to be used and calibrated, but still protect people’s right to not be personally identified. And to educate, to raise awareness about 3D computing risks and benefits. Because it’s not science fiction, the time for 3D computing is here. So, we should start thinking about it now to get ahead of all of these risks so that we can maximize the benefits. I know my time is almost up. I wanted to leave a few minutes for questions if we have any, and I’m happy to stay afterwards if that’s more comfortable for people.

Nouha Ben Lahbib: Thank you for this insightful session and information. I’m Nouha, I’m project manager for an incubator for creative startup that’s using new technology like VR and XR technology. And today, when I’m hearing about what’s the challenge, especially with data, we are just pushing them to develop this such experience. And special because they’re enhancing our art culture identity. And the data that they are looking for, also it’s, how to say it, it’s not available in this AI tool or in the digital space. So, today that I know that maybe you need to be aware what type of data and how you can provide for your customer as a developer of immersive experience that you can offer privacy for the data and they need to manage this. Like, they need to inform their client and their customer about this important remarks because, yes, they are doing now using the AI to develop 3D modeling and using this VR experience for special for events. So, a lot of people are using their VR headsets and collecting. So, this is like now, wow, they are collecting data from other people, our people are aware about it. So, maybe not a question, but, yeah, I want to know more about this subject that I can, when I give them, I have a program, let’s talk, and we can offer them this insightful topic to talk about it. It’s important to be aware that you are, sure, developing a new experience, but also you need to be aware about what type of data, how to manage this data for your client and for customer.

Brittan Heller: Thank you. I think that’s really insightful. I’ve done a lot of workshops for national governments with groups of their top content creators in 3D to actually talk about, have people think about privacy and safety, and if they use cloud computing, how they’re exposing people’s data elsewhere, and also talking to startups and hardware providers in the country’s home jurisdiction so that they look at privacy-developing technologies so that people, individuals don’t have to take this burden. They can be aware of the risks and see the ways to mitigate it, but it kind of makes it a more responsible ecosystem. It looks like our time is up. Thank you very much for coming today. My email is britain.heller at stanford.edu, and I’m very happy to continue the discussion later. Thank you.

Agreement Points

XR technologies collect sensitive personal data

Brittan Heller

Nouha Ben Lahbib

XR devices collect deeply personal data including body movements, eye tracking, and physiological responses

Developers need to be aware of data collection and management in XR experiences

Both speakers acknowledge that XR technologies gather highly sensitive personal data, which requires careful management and awareness from developers and users.

Need for awareness and education on XR privacy

Brittan Heller

Nouha Ben Lahbib

Need for education on 3D computing risks and benefits

Importance of informing clients and customers about data privacy in XR

Both speakers emphasize the importance of educating developers, clients, and users about the privacy implications and risks associated with XR technologies.

Similar Viewpoints

Both speakers recognize that the current understanding and regulation of data privacy in XR technologies are inadequate, and there’s a need for increased awareness and potentially new frameworks to address these challenges.

Brittan Heller

Nouha Ben Lahbib

Current privacy laws are not equipped to handle nuances of immersive technologies

Developers need to be aware of data collection and management in XR experiences

Unexpected Consensus

Psychological impact of XR experiences

Brittan Heller

Psychological impact of XR experiences necessitates considering them as extensions of lived reality

While not explicitly agreed upon by multiple speakers, Brittan Heller’s point about the psychological impact of XR experiences being treated as extensions of real life is an unexpected and significant consideration in the discussion of XR privacy and regulation.

Overall Assessment

Summary

The main areas of agreement revolve around the sensitive nature of data collected by XR technologies, the need for increased awareness and education on XR privacy, and the inadequacy of current privacy frameworks to address the unique challenges posed by these immersive technologies.

Consensus level

There is a moderate level of consensus between the two speakers on the importance of addressing privacy concerns in XR technologies. This agreement implies a growing recognition of the need for new approaches to data protection and privacy in the context of immersive technologies, which could potentially drive future policy discussions and technological developments in this field.

Different Viewpoints

Unexpected Differences

Overall Assessment

summary

The speakers shared concerns about privacy implications of XR technologies and the need for awareness and education.

difference_level

Minimal to no disagreement. Speakers were largely in agreement, with Nouha Ben Lahbib’s question reinforcing Brittan Heller’s points about the importance of data privacy awareness in XR development.

Partial Agreements

Similar Viewpoints

Both speakers recognize that the current understanding and regulation of data privacy in XR technologies are inadequate, and there’s a need for increased awareness and potentially new frameworks to address these challenges.

Brittan Heller

Nouha Ben Lahbib

Current privacy laws are not equipped to handle nuances of immersive technologies

Developers need to be aware of data collection and management in XR experiences

Key Takeaways

Resolutions and Action Items

Unresolved Issues

Suggested Compromises

Imagine this. The three of us are playing a car racing game in virtual reality… Later on in virtual reality, I go about my day. I check my email and I see I’ve gotten advertisements about why is a great time to renew my auto insurance.

speaker

Brittan Heller

reason

This opening scenario vividly illustrates how XR technologies can collect and use personal data in ways users may not expect, making abstract privacy concerns concrete and relatable.

impact

It set the tone for the discussion by immediately highlighting the privacy implications of XR technologies in a way that captured attention and made the topic feel relevant and urgent.

Spatial computing relies on body-based data for functionality. The way these headsets are built, you have six cameras facing in, six cameras facing out. And you need that to position yourself in physical space to put the digital overlays on it. You also need it to calibrate the device so that you don’t feel nauseous or seasick when you’re using it. So if you take out this eye tracking information, you can’t use the computer.

speaker

Brittan Heller

reason

This explanation reveals a fundamental challenge in protecting privacy in XR – that the very data that raises privacy concerns is essential for the technology to function properly.

impact

It deepened the discussion by highlighting the complexity of the issue and the need for novel approaches to privacy protection that go beyond simple opt-out mechanisms.

There was a study that came out from Berkeley… It used VR motion data from Beat Saber, which is the most popular video game you can play in XR… The study was by Vivek Nair and it demonstrated how over 40 personal attributes, including age, gender, even substance use and political affiliation could be inferred from motion patterns alone.

speaker

Brittan Heller

reason

This reference to scientific research provides concrete evidence of the extent to which seemingly innocuous data can reveal sensitive personal information in XR environments.

impact

It elevated the discussion from theoretical concerns to documented risks, underscoring the urgency of addressing privacy in XR technologies.

Through your pupillometry information, I could tell you whether or not you were likely to be telling the truth… You can tell whether or not somebody has, is sexually attracted to a person that they’re looking at… Finally, there are other physical and mental health indicators that are contained in these datasets and they are preclinical signs, so they’re things your doctor does not know about you yet.

speaker

Brittan Heller

reason

This explanation of the depth and sensitivity of information that can be gleaned from XR data reveals privacy risks that go far beyond what most users might expect.

impact

It significantly expanded the scope of the privacy discussion, moving it from concerns about targeted advertising to potential impacts on personal relationships, health privacy, and even human rights.

In the last few weeks, we’ve actually seen some pretty cool developments using generative AI to create content for 3D virtual worlds, and I think this is really exciting… Basically, at this point, if you are familiar with generative AI tools, you can go from a text-based prompt to a navigable 3D world in a way that used to take video game studios six months to 18 months to build.

speaker

Brittan Heller

reason

This comment highlights the rapid pace of technological development in XR and AI, showing how quickly the landscape is changing and potentially outpacing regulatory efforts.

impact

It shifted the discussion to consider not just current privacy concerns, but also the need for forward-looking policies that can adapt to rapidly evolving technologies.

Overall Assessment

These key comments shaped the discussion by progressively revealing the depth and complexity of privacy issues in XR technologies. Starting with a relatable scenario, the speaker built a comprehensive picture of the unique challenges posed by XR, from the necessity of collecting sensitive data for basic functionality to the unexpected insights that can be gleaned from this data. The inclusion of scientific research and recent technological developments grounded the discussion in concrete realities while also emphasizing the urgency of addressing these issues. Overall, these comments transformed what might have been a speculative discussion about future technologies into a pressing examination of current and imminent privacy challenges.

How can privacy-preserving technologies be developed for XR that allow the technologies to be used and calibrated while still protecting people’s right to not be personally identified?

speaker

Brittan Heller

explanation

This is important to balance the functionality of XR devices with user privacy, as current opt-out mechanisms are not effective for spatial computing.

How can existing laws and regulations be updated to address the unique challenges of 3D spatial computing and XR technologies?

speaker

Brittan Heller

explanation

Current legal frameworks are not equipped to handle the nuances of immersive technologies, creating gaps in protection for users’ sensitive data.

How can environmental data and body-based data be effectively protected in XR contexts?

speaker

Brittan Heller

explanation

These types of data are fundamental to XR functionality but also pose significant privacy risks not covered by existing regulations.

How can trust and safety regimes be adapted to encompass conduct, content, and environment in 3D virtual worlds?

speaker

Brittan Heller

explanation

Traditional content moderation systems are not designed to address the environmental aspects of 3D worlds, creating new challenges for safety and moderation.

How can neural data and eye-tracking information be protected as categories of sensitive data in various jurisdictions?

speaker

Brittan Heller

explanation

These emerging forms of data collection in XR pose significant privacy risks but may not be covered by existing legal definitions of protected data.

How can XR developers and companies be educated about the types of data they are collecting and the importance of managing this data responsibly?

speaker

Nouha Ben Lahbib

explanation

Many developers may not be aware of the extent and sensitivity of the data they are collecting through XR experiences, highlighting a need for education and awareness.

How can the psychological impact of experiences in virtual reality be addressed in legal and ethical frameworks?

speaker

Brittan Heller

explanation

The immersive nature of VR can make experiences feel real, potentially leading to psychological harm that current frameworks may not adequately address.

Summary

This discussion focused on the importance of youth participation in shaping the data economy and digital policies. Speakers from various organizations highlighted the challenges and opportunities in engaging young people in these crucial conversations. They emphasized that youth, comprising a significant portion of the global population, bring unique perspectives and innovative ideas to the table.

Key issues discussed included the need for digital literacy, data privacy concerns, and the importance of contextualizing data solutions for diverse youth communities. Speakers stressed the importance of addressing intersectionality, particularly considering the challenges faced by young women and marginalized groups in accessing and benefiting from digital technologies.

The discussion highlighted several good practices for youth engagement, such as ITU’s Generation Connect Leadership Program and regional youth-focused events like YouthLock IGF. Participants emphasized the need for intergenerational collaboration and the integration of youth voices into governance structures and decision-making processes.

Challenges in youth participation were also addressed, including the scheduling of youth-focused sessions at major forums and the need for more funding to support youth-led initiatives. Speakers called for raising awareness among policymakers and other stakeholders about the value of youth contributions to the data economy.

The conversation concluded with a call for broader inclusion of diverse youth voices, emphasizing the importance of moving beyond tokenism to meaningful engagement. Participants agreed that youth involvement is crucial for creating a more equitable, innovative, and sustainable digital future.

Keypoints

Major discussion points:

– The importance of including youth voices in shaping data and digital policies

– Challenges in defining “youth” and addressing intersectionality within youth groups

– The need for digital literacy and skills development for youth, especially in rural/marginalized communities

– Creating incentives and mechanisms for meaningful youth participation in policymaking

– Building trust through inclusive approaches to technology development and governance

Overall purpose:

The discussion aimed to explore ways to bridge the gap between youth and decision-makers in the data economy, highlighting the importance of youth perspectives in shaping digital policies and technologies.

Tone:

The tone was collaborative and solution-oriented throughout. Speakers shared insights from their work engaging youth, while also acknowledging challenges. There was a sense of urgency about the need to better include youth voices, balanced with optimism about youth potential to drive positive change. The tone became more reflective towards the end as participants considered next steps and key takeaways.

Speakers

– Sophie Tomlinson: No specific role mentioned

– Mariana Rozo-Paz: Moderator, from the Datasphere Initiative

– Celiane Pochon: Senior Policy Advisor at the Swiss Federal Office of Communications, International Relations Department

– João Moreno Falcão: Lead facilitator for the Youth Standing Group from Internet Society

– Jenny Arana: Program manager at International Telecommunication Union, working on digital inclusion and Generation Connect initiative

Additional speakers:

– Francola John: Caribbean Telecommunications Union

– Gregory Duke Dey: Member of Internet Society, works with Be Tech Connected

– Melody Musoni: Digital policy officer at European Centre for Development Policy Management

– Emad Karim: UN Women regional office for Asia and the Pacific, leads innovation portfolio

– Online Audience (Advocate Zainouba): Cyber lawyer from South Africa

Youth Participation in Shaping the Data Economy and Digital Policies

This discussion, moderated by Mariana Rozo-Paz from the Datasphere Initiative, focused on the critical importance of youth participation in shaping the data economy and digital policies. Speakers from various organisations highlighted both the challenges and opportunities in engaging young people in these crucial conversations.

Importance of Youth Participation

There was strong consensus among speakers on the value of youth involvement in digital governance. Mariana Rozo-Paz emphasised that youth are early adopters and innovators of digital technologies, while also facing unique vulnerabilities in the digital age. Jenny Arana from the International Telecommunication Union’s (ITU) digital inclusion area highlighted youth as catalysts for innovation and social movements, bringing fresh perspectives and creativity to the table. Celiane Pochon from the Swiss Federal Office of Communications noted that youth are aware of topical issues and advocate for important values.

The speakers agreed that youth, comprising a significant portion of the global population, bring unique perspectives and innovative ideas that are crucial for creating a more equitable, innovative, and sustainable digital future. João Moreno Falcão from the Internet Society’s Youth Standing Group stressed the importance of youth expertise in shaping policies that will affect their futures.

Challenges in Youth Engagement

Despite the recognised importance of youth participation, several challenges were identified:

1. Digital Literacy: João Moreno Falcão pointed out a significant gap between using technology and meaningful participation in digital governance.

2. Trust Issues: Celiane Pochon highlighted a lack of trust in data governance arrangements, which hinders digital inclusion and innovation.

3. Intersectionality: Emad Karim from UN Women emphasised the need to address intersectionality, particularly considering the challenges faced by young women in accessing and benefiting from digital technologies.

4. Defining ‘Youth’: Melody Musoni raised an important point about the varying definitions of youth across different cultures and regions, ranging from 18-35 years in Europe to up to 70 years in some countries.

5. Digital Divide: Gregory Duke Dey from Be Tech Connected stressed the need to address digital inclusion challenges in rural areas.

6. Lack of Representation: Melody Musoni pointed out the lack of youth representation at the IGF itself, highlighting a broader issue of youth inclusion in important forums.

7. Understanding Emerging Technologies: Advocate Zainouba emphasized the importance of youth understanding emerging technologies in the context of territorial integrity and data sovereignty.

Strategies for Meaningful Youth Engagement

Speakers proposed several strategies to enhance youth participation:

1. Institutionalisation: Jenny Arana advocated for institutionalising youth participation in governance structures and showcased ITU’s Generation Connect Leadership Program as an example.

2. Multi-stakeholder Inclusion: Celiane Pochon suggested including youth in multi-stakeholder forums and consultations.

3. Education: Enhancing data literacy programmes in schools and universities was proposed as a crucial step.

4. Diverse Representation: João Moreno Falcão emphasised the need to broaden reach to include more diverse youth voices.

5. Context-specific Approaches: Mariana Rozo-Paz stressed the importance of contextualising data solutions for diverse youth communities.

6. Prioritizing Youth Sessions: Melody Musoni suggested scheduling youth sessions earlier in conferences like IGF to ensure better participation.

Youth for Data Future Project

Mariana Rozo-Paz detailed the Youth for Data Future project, an initiative by the Datasphere Initiative. The project aims to engage youth in data governance discussions through three phases:

1. A global survey to understand youth perspectives on data issues.

2. Regional workshops to dive deeper into specific concerns.

3. A policy hackathon to develop concrete policy recommendations.

The project has reached over 500 young people from 80 countries and has already influenced policy discussions at various levels.

Thought-Provoking Insights

Several comments sparked deeper reflection:

1. Celiane Pochon highlighted trust as a fundamental issue, connecting individual empowerment to broader societal outcomes in the digital space.

2. João Moreno Falcão shared a striking statistic: one child accumulates 72 million pieces of personal data by their 13th birthday, raising important ethical questions about youth data rights and privacy.

3. Ahmed Karim challenged assumptions about young women’s participation in digital spheres, noting that while many are fighting for space, the sector is not providing equal opportunities.

4. Sophie Tomlinson pointed out that 90% of AI datasets come from Europe and North America, with less than 4% from Africa, highlighting the lack of global representation in AI development.

5. João Moreno Falcão emphasized the importance of youth understanding what they are dealing with in terms of digital policy to participate meaningfully.

6. Celiane Pochon stressed the importance of returning to core questions about why youth voices are important in these discussions.

Conclusion and Future Directions

The discussion concluded with a call for broader inclusion of diverse youth voices, emphasising the importance of moving beyond tokenism to meaningful engagement. Participants agreed that youth involvement is crucial for creating a more equitable, innovative, and sustainable digital future.

Several follow-up questions emerged, including how to effectively define youth in the context of digital inclusion, strategies for engaging rural communities, addressing the gender gap in digital transformation, and ensuring AI and language models reflect local cultural heritage.

The conversation highlighted the complex, multifaceted nature of youth engagement in the data economy and digital policy-making. It underscored the need for nuanced, context-specific approaches that consider various cultural contexts and intersectional identities when addressing youth engagement in digital policy and technology development.

Mariana Rozo-Paz concluded by mentioning the Datasphere Initiative’s commitment to the UNICEF data governance initiative, further emphasizing the organization’s dedication to youth inclusion in data governance discussions.

Sophie Tomlinson: sure. Oh yeah, thank you. Yeah, I was saying yes, so great. Great. Brilliant. And we have, so we can see Mariana who’s our moderator, but can also the videos of Celiane and Jenny be activated by the sound technicians? I’m not sure if they can turn on their videos. I can’t turn on mine. But perhaps, yeah, we can have online participants’ videos activated so the people in the room can see us. That would be, that would be great. Celiane and Jenny, are you able to unmute yourselves? And also, I can see we’ve got participants Gregory and Lawrence as well. It’d be great to have your insights for the discussion. So if you can also unmute yourselves. No, they can’t unmute themselves. So yeah, if we can, I see Jenny’s now a co-host, so hopefully she’ll be able to. Okay, I think you’re okay. Yeah, so now I can have my video and now we can see Jenny too. Great. And yeah, so if we can also have the same for Celiane and Gregory and Lawrence, if you’re okay with that, we’d love to see you as well, since we’re quite a small group. Be nice to have as many participants as possible.

Mariana Rozo-Paz: But actively influence the policies and innovations that will define their future. We’re seeing lately that we’re living in a time where youth and various youth communities are more connected to digital technologies than any generation before them. Yet, they’re paradoxically the most disconnected from the decision-making spaces that govern those technologies. They are, in a way, the early adopters, the innovators, and in so many ways, the ones that are most deeply impacted by digital transformation. But not having them in the conversation is creating a series of challenges, both for them and for other actors and stakeholders. This gap is definitely not sustainable. And we’re also seeing that youth are facing unique vulnerabilities in the digital age, from the risks of social media dependency and online abuse, to also being disenfranchised as data subjects. of experiencing both the promise and the perils of digital transformation. So while this is happening, we’re also seeing that policies and technologies that shape their lives are often being designed by those who may not fully understand or prioritize their needs. So we’re seeing different platforms creating services that they’re hoping young people to be utilizing as main users, but they’re not being included as one of the main stakeholders in the conversation. So at the Datasphere Initiative, we believe that to unlock the true value of data and digital technologies for everyone, we must assign much more bolder, inclusive, and creative solutions to engage young people in these conversations. And that means building spaces where their insights, their ideas, their concerns can truly shape data policies and technological innovations to make them more equitable and effective, and actually make sense for the context of young people. So this panel today is an invitation to explore how can we really bridge this gap. And we hope to be discussing issues that matter most to young people today, from the rise of artificial intelligence and generative AI, to climate change, mental health, education, and the urgent need to reskill for the future. We’ll also examine how we can create pathways to engage youth from every region in the world in these crucial conversations. And now before I turn it to our amazing speakers today, which I thank again for joining, I just want to share very briefly about our Youth for Data Future project at the Datasphere Initiative, which has been one of our flagship initiatives over the past two years. So to give everybody some context, around 2023, at the beginning of the year, last year, the Datasphere Initiative was one of the winners of the Future of Data Challenge, which was a challenge put out by the Meteor Network. And we were selected to be able to materialize our youth project, which pretty much sought to address this gap that I was mentioning before. So we’re really seeing that youth are absent from these conversations, and we wanted to explore ways in which we could really bring them in and get them familiarized with the data governance conversation, with data and digital policies, and create spaces for them to engage safely and to be able to voice their experiences and their concerns about how digital technologies are being both developed and governed. So the project has had two phases. The first phase, which was a social media campaign. You can actually, I think, look for us both on Instagram and TikTok as the Youth4Data project. And you’ll see that we launched a social media campaign that sought to engage young people in this conversation. So there are different fun videos. and funny videos, pretty much talking about various data governance topics and really how are young people being impacted and could be engaged in this conversation. And then after that social media campaign, for the past year, we have been engaging youth in the conversation around how would they like new policies to be shaped. So we have engaged young people through a series of youth labs that we have hosted in different parts of the world. And that has also been a very rewarding experience. And our workshop today marks pretty much the end of a very exciting year in terms of engagement. So let me just share some, and I hope that people, so in the room and everybody can see my screen. So this is pretty much a summary of what has been going on with the Youth for a Data Future project. I can share the link to our website in the chat a bit later, or maybe Sophie can post that so that you can all access that. So over the past two years, we have engaged over 15,000 young people through our social media campaigns, through the workshops that we have been hosting and the labs that we have been able to organize. We’ve hosted over seven youth labs and workshops over the year. And as you can see, we have two pictures here. The first picture is from the UN World Data Forum a couple of weeks ago in Colombia that brought together the data community, the global data community. And we were able to engage youth, particularly coming from Africa and Latin America in this conversation. And then the picture from below is from a workshop that we hosted at the COP16, which was focused on biodiversity. It was organized in Colombia this year, and we brought together over 90 young people to think about how data and AI could be better leveraged to address biodiversity change. challenges. And what to me is most exciting and valuable about the project has not only been able to talk to youth directly. And this first picture that you have down here on amplifying youth voices to shape the data future was a campaign in which we engage young people from all of the regions in the world to pretty much share their experiences with data. And what I’m mentioning regarding the most exciting thing is actually being able to translate all of the insights from the project into concrete policy recommendations. So we have been able to engage with the G20. And the process that has been led by Brazil this year, and as well, who’s one of our speakers today can speak more about this. But we drafted together a policy brief, sharing more about the challenges and the concerns that young people are experiencing in the online era. And at the same time, the solutions that they’re thinking about and the possibilities to really create solutions that make sense for the context of various youth communities. And we’re also very proud to announce that we have joined UNICEF data governance fit for children commitment, which is bringing together various partners working on data governance, that response to the context of children and youth. So hopefully, we’ll also be able to share more insights about that in the coming months. And if there is anybody interested in joining that commitment, we will be happy to share more details later. And with that, I I’ll finish my monologue. And I’d love to give the floor to our amazing speakers, I’d love to also give them the chance to introduce themselves and maybe briefly tell us what what what work are they doing with young people, maybe how they ended up working in this topic. And I know that the majority of our speakers were also pretty young. So that’s one of the reasons, but yeah. So for now, I’d like to give the floor to Céliane, who’s the first person that I have right here next to me. So Céliane, thank you. Welcome, and yeah, please introduce yourself. Thank you so much for your introduction. So my name is

Celiane Pochon: Céliane Pochon. I’m joining you today from Switzerland. I’m a Senior Policy Advisor at the Swiss Federal Office of Communications in the International Relations Department, and we mainly work on internet governance, AI governance, and data governance. So that is why I’m here to talk today, and I think I am still considered youth, so I think I can also give my insight working in this field, and I’m very happy to be here today. Thank you.

Mariana Rozo-Paz: Thank you. Amazing. Thank you for joining us. And now I see that João is also in the room, but now we can see his face online, which is great. So João, over to you.

João Moreno Falcão: Hello, everyone. Thank you for joining. Well, my name is João. I’m Brazilian, and I’m the lead facilitator for the Youth Standing Group from Internet Society. There, we work to empower young voices inside of internet governance-related events through engaging with them, making them create connections inside this ecosystem and last their views and share what they want to the internet of today and tomorrow.

Mariana Rozo-Paz: Amazing. Thank you. And now, over to you, Jenny.

Jenny Arana: Thank you so much, Mariana, and nice to meet you, everybody. Nice to see all the speakers and participants today. So my name is Jenny Arana. I’m also joining from Switzerland, by the way, from Geneva. I’m from the International Telecommunication Union and working specifically in the area of digital inclusion. So, I’m a program manager and specifically for this, I’ve been working on youth for the past five to seven years as part of the Generation Connect initiative of ITU, which is an initiative that’s been in place since before the year 2020 and aiming to engage global youth and encourage their participation as equal partners alongside the leaders of today’s digital change. We work together with young people, empowering young people, but hearing the voices of young people, but empowering with skills and opportunities to advance the vision of young people for a connected future. So, thank you very much and looking forward to the conversation.

Mariana Rozo-Paz: Love this, amazing. All right, well, fantastic. You’ve heard from our amazing speakers and now I’d like to kickstart the conversation, maybe venturing much more into the challenges. As you can see, we have a diverse and exciting pool of speakers. So, I’d love to ask each of you what issues related to the data economy and youth are you most concerned about? And this can be from like the different emerging technologies that we’re seeing to also development challenges that we’re experiencing as pretty much humankind. So, that can be like climate change or education, but I’d love to hear about your experiences and then what issues related to the data economy are you most concerned about? Let’s start with that question. I don’t know if anybody would like to jump. Joelle, maybe you can start. Oh, Jenny, go.

Jenny Arana: Thank you, Mariana. Thank you so much. Yeah, yeah. So. From the perspective of the International Telecommunication Union, we recognize several pressing issues related to data economy and use, including the rapid development of AI, which raises concerns about ethical usage, as we all know, data privacy, but also potential biases in algorithms that we find that disproportionately impact use, as many other groups as well that are traditionally disadvantaged, let’s just say. But this is not just based on, you know, it’s actually even based on consultations. Recently, we led some consultations with our youth networks, the Generation Connect Youth and Boys, and specifically I’ll talk about one of the groups, the group of, the regional group of Africa, you know, shared their insights and what they consider are the issues that need urgent action and the challenges and opportunities that need to be addressed. So they found that cyber security is a critical issue. The rise in cyber attacks and online threats highlights the need for stronger measures to ensure digital safety, and the youths are disproportionately affected by cyber crime, online harassment and privacy violations as well. So they see the need for enhanced education to build awareness and skills, particularly, of course, among underserved communities. Cyber security frameworks have to, they said, must align with international standards, but also reflecting local realities and focus on gender diversity in cyber security careers is also essential to foster inclusivity. Artificial intelligence they saw, it represents a double-edged sword. Specifically, this group for Africa mentioned that it offers vast opportunities, but also, sorry, vast opportunities such as healthcare, improving healthcare diagnostics, optimizing agriculture, accelerating economic development, but it also introduces challenges, challenges that include ethical concerns and the risk of biased algorithms. So these consultations really highlighted the need for AI systems that are inclusive, ethical, and reflective of the unique context and values of specific regions. And in this case, they talked about the Africa continent. And this requires significant investments in local AI research and development to really ensure that African perspectives shape the technology. Also, to fully harness the potential of AI, they saw that there is a need to develop data science capacity across the continent. And this involves improving infrastructure for data collection and management and fostering a culture of data-driven decision-making. And you were talking about, you know, the example of good practices. And I think that we believe that from the IT, as I mentioned, I just briefly mentioned the ITU Generation Connect initiative. And we have some practices that we believe have demonstrated, you know, how we can meaningfully engage youth participation to really drive impactful change. And some of these examples are youth engagement in policy discussions. For example, through this initiative, we really make efforts to integrate youth perspectives in global policy dialogues by giving these young leaders a seat at the table in high-level discussions. At ITU, what we try to do is ensure that their voices contribute directly to shaping policies that are more inclusive. on the data economy, and obviously this for us includes active participation in forums and consultations, I was just mentioning the consultations that were run in the past two months, where young people can really provide input on their pressing issues, and the pressing issues for their communities, for their regions, such as data privacy, equitable access, ethical AI, and for example these young leaders have shared their views during the different ITU consultations, conversations, and intergenerational dialogues with ITU member states, resulting really in useless, co-created policy recommendations that really we hope is going to influence global agendas. So thank you very much, Mariana.

Mariana Rozo-Paz: I love this answer, Jenny, thank you, very, very comprehensive. Now I’d like to turn over to João, please.

João Moreno Falcão: Thank you, Mariana. Well, I would like to bring two issues, actually, to start. The first one is also in our policy paper we wrote to the T20, but they measured that one child from his birth to his 13th birthday will gather 72 million pieces of personal data. So before you grow, you will already have a huge digital footprint, and we need to bring awareness about this, because they aren’t able to agree on it, and the implications of this amount of data will be seen. well, will be available for their whole life, and the other thing that I really wanted to stress on my talk is regarding the, sorry, I closed the thing, so it’s regarding the digital literacy, so when we have young adults and we usually take for granted their capabilities with technology since we’re already born with like a cell phone laying around, maybe a computer, and the truth is that it’s very different to use it as a tool to communicate and to use it in a meaningful way to be part of the digital economy, so this really needs to be worked on, especially when we think that more than 50% of the global population is less than 25, 24 years old, so well, to me, I would like to give these two provocations about the issues that we face.

Mariana Rozo-Paz: Fantastic, João, I think this is going to be very relevant, and I agree, this whole assumption of digital native, or like youth being digital natives is one of the big challenges, so Liane, would you like to share your insights regarding challenges?

Celiane Pochon: Yes, thank you so much, and I think what João said about half of the world being youth is a very big number, and actually, according to research, it’s been the largest generation of youth in history, and I think it will only keep on growing, and youth is very present everywhere, whether we’re just scrolling through social media or studying on digital platforms, we generate massive amounts of data. but there’s a big problem and we have little say on how our data is used or who profits from it, and I think this brings me to the point I want to make and one of the issues I see and we see here in Switzerland is trust. Trust in data governance arrangements and empowering young people and individuals in the digital space is key for the data society we want to have. Without the control over our data we lose trust in institutions and companies and technologies themselves which hinders digital inclusion, innovation and all the other topics that Jenny and Joelle already mentioned. So here in Switzerland we attach great value to inclusive global data governance arrangements and they’re based on the notion of digital self-determination of individuals and stakeholders which means that citizens, businesses, young people, everyone should be given the opportunity to decide for themselves how their data is being used and we want to underline the importance of trust and adaptability from all sectors including public-private partnerships to help address these critical issues. And maybe an example I can give you is that in Switzerland we have set up a national network on digital self-determination and it consists of public administrations so the government, me for example, universities where we find a lot of young people not surprisingly, but also industry and civil society and in this network all these people work together to develop shared approaches on how to give maximum control on data to citizens and the individual organizations and we’re very happy to share that we have many young people, many young students involved in this network who can give their very own perspective

Mariana Rozo-Paz: on this. Thank you. This is very very valuable, thank you Celiane, and in a way the fact that, yeah, what you were mentioning, trust is kind of like the foundation of the challenges that we’re seeing. And it’s kind of like something that’s not only present when it comes to digital technologies, but also in terms of how we’re addressing various sustainable development challenges. This is something that we’re hearing from climate and nature activists on how they want to trust the people that are making the decisions. But for that to happen, they want to be involved in that conversation and they want to see how are they really bridging the gaps that they’re experiencing in their communities and really addressing the challenges that they are facing or that they see other people are facing. So I think that you’re highlighting a very, very important point. And I think that given that point, I think we can actually think about potentially the good practices to engage youth effectively, to be really able to advocate for their perspectives on the data economy. I think that the majority of you have already touched on the solutions that in your context are being developed to be able to include youth much more effectively. But coming back to this issue of trust, I think it would be very interesting if you could maybe highlight again or highlight an example of good practices that you’re seeing out there in your context or maybe that you’re aware of that are really engaging youth so that they can effectively advocate for their perspectives on the data economy and that are contributing to fostering trust. So, yeah, Jenny, why don’t we start with you again for this one?

Jenny Arana: Thank you. Thank you so much, Mariana. Absolutely. Yeah. And as I was mentioning before, you know, bringing really young people to the table and having those policies. This discussion is very, very important and as we mentioned before, we must first of all recognize that young people are not just beneficiaries of policy but essential contributors and practices that provide a model for other organizations and stakeholders to ensure that young voices shape the future of the data economy are very important. I’d like to highlight a program that we are leading at ITU that’s called the Generation Connect Leadership Program. This is a very exciting program, I believe, that aims to engage, empower, and inspire young digital leaders and change makers and leaders in their own communities. So through this program, we are supporting young visionaries from around the world that have really come up with proposals for creative, far-reaching, innovative, and feasible community-driven projects that are aimed at creating a more inclusive and empowered digital future for their people, for their communities. So in partnership with other organizations such as Huawei, we are providing guidance, training, financial support to 30 young fellows that, per year, we help them to practically implement these digital development projects in their diverse communities across the world. And of course, through the program, besides taking their own projects to the next level, we’ve found an opportunity to bring them to the core of policy and digital development discussions that happen at ITU year by year and the connections that they can make with all sorts of stakeholders that attend our meetings. So I think that it’s very, very, very important, as we mentioned and as others have mentioned before, to really find these intergenerational opportunities. for dialogue exchange and for proposal of solutions to digital development issues. So, thank you, Mariana.

Mariana Rozo-Paz: So important and thank you for highlighting that, Jenny. João, is there anything you’d like to point us to?

João Moreno Falcão: Yeah, definitely. I would like to talk about an example of a project that helped to empower the young voices. It’s the YouthLock IGF. The YouthLock IGF is a project co-organized by the Youth Standing Group. Our last event happened in November. We had three days, 117 people from all over Latin America together in Santiago to discuss and think of the internet future and how we can fit our imagination, our plans inside of the digital economy. It was really enriching. It was the biggest one that we made so far and we had 15 on-site countries represented there and 43 if we count online too. So, this kind of events really can foster further discussion into how we can better participate and also share the perspectives from different regions.

Mariana Rozo-Paz: This is fantastic. Thank you for highlighting that. As a fellow Latin American, I pretty much appreciate those efforts. So thank you for pointing that. And so Leanne, what about you? Is there anything you’d like to share with us?

Celiane Pochon: Yes, I think one very topical example is what we’re doing here today, actually engaging in different for us. For example, here, the Internet Governance Forum at the global level, but also as Joao mentioned, at regional and national level. So in Switzerland for our last Swiss IGF, which was last summer, we had more young voices around the table and young people are interested and want to be part of the conversation. So I think opening up the space to them is key and including them in these multi-stakeholder forums, technology summits, and in all policymaking consultations, we can allow them to not only be consumers of the technologies, but also contributors to them to have a fairer and more equitable data economy and governance landscape in a whole. So I think that’s a first thing we could do. And Switzerland very much believes in the multi-stakeholder fashion. So we also want to include all these voices. And then again, maybe to link with what Joao said previously on data literacy and digital skills, enhancing programs in schools and universities. For example, in Switzerland, we have two universities, the EPFL in Lausanne and the ETH in Zurich, where there are programs that focus on building data literacy and critical thinking amongst young people. And we want to prepare them, or the professors want to prepare them to engage meaningfully in the conversations about the data economy, about AI and digital transformation as a whole. So we can see that all these different initiatives that happen at different levels, which is also very important, they combine capacity building, they combine education, and they give young people, youth a platform to participate. And it’s about giving young people the tools to participate, but also ensure that their voices are included in the policy dialogues and in the decision-making processes. Thank you.

Mariana Rozo-Paz: I love this, Liliane. Thank you so much for pointing it out. And I feel that I’m going to kind of take the freedom, because I’m moderating, to also answer my own question. I just wanted to highlight something that’s actually very important or that we’re seeing much more often. Because we’re seeing big organizations like the ITU being able to establish these programs, right? And that is very valuable. But then we’re also seeing that there are many different youth local experiences and projects and initiatives that are pretty much being born all across the world to tackle very specific challenges that youth are facing with technology. And one of the challenges that we’ve been identifying at the Diaspora Initiative is the funding gap that exists to really be able to translate all of these small initiatives into bigger impact projects, so that people can really have the sustainability to have their projects and to impact the communities that they want to impact or somehow touch upon. So I wanted to point out to one funding effort. I just pasted the link on the chat, which is the Responsible Technology Youth Power Fund, which was put out by the Amedia Network, but also a coalition of funders that are interested in funding young people to really drive a much more inclusive and equitable technology ecosystem. So it’s a very interesting philanthropic initiative that is aiming to support youth and intergenerationally led organizations that are seeking to shape a much more responsible technology movement. And that can be either at the design of technologies. but also at the policy level. So this is just something that I wanted to highlight because in a way, I feel that these policy spaces are also key spaces for us to be discussing what else do we need? And in order for all of these good examples that our great speakers have highlighted, how could we really bring in the resources that are needed to make sure that not only the, as Salim was pointing out, the global or the regional efforts are funded and supported, but also how could we translate all of these multi-stakeholder collaboration and efforts into funding and support for all of these youth initiatives that are in the end responding to a very specific context and bringing value to very specific communities that are in many cases, not including in this global governance conversations and are equally important to be able to learn from them and really shape the conversation at the global, regional and national levels. And so with that, I would like actually to, and I think as Sophie mentioned at the beginning, we want this to be an interactive conversation. We’re a close, small, nice community in this session today. So I’m seeing that Francola is also pointing to a youth corner on the chat. I don’t know if maybe Francola could be granted Coho’s rights so she could maybe speak about this. And I know that we also have Gregory in the room who was sharing some insights earlier. So I don’t know if any of you or anybody else joining us in person or online would like to chip in in terms of any initiatives that you are aware of or challenges that we have definitely not mentioned because I think that, yeah, we have not been fully exhaustive. So yeah, Francola, I don’t know if you can unmute. yourself. I think I’ll ask you to unmute.

Sophie Tomlinson: Yeah, sorry, Mary. I’ve been told by the people who are the technical teams that are in the room at the moment that they can’t unmute anyone who wasn’t listed as a speaker, unfortunately, because they’ve had some security kind of just challenges throughout the IGF that they need to stick to this policy. So it looks like unfortunately, we can’t hand the mic to Frankola, because it would be great to actually hear you and you’re sharing all these very I managed to, to, to give her

Frankola Chan: I forgot. Okay, so I can’t speak now. Are you all hearing me? Oh,

Mariana Rozo-Paz: amazing. Great. There you go. Try again, Frankola. I think you’re mute again.

Frankola Chan: Okay, can you hear me now? Yes. Okay, good. So I am Frankola Chan from the Caribbean Telecommunications Union. And the CTU is a CARICOM organization with 20 member states in the Caribbean. So we do fall under the Latin American and Caribbean bracket, but we’re focused mainly on the Caribbean and we work very closely with the ITU and CTEL. So even this year, I was highlighting that we had the Secretary General of the ITU in the Caribbean attending our ICT week. And I am the focal point for the CTU’s network of for the ITU network of women, and we just recently established our own Caribbean CTU network of women. And that focuses also there’s an overlap with the youth. So we also have a youth envoy in the person of Ms. Nia Nannan.

Mariana Rozo-Paz: Fantastic. Thank you for sharing that. That’s amazing. In a way, as a gender activist myself, I’m always very happy to hear about all of these women’s initiatives. So thank you for sharing that. I don’t know, Gregory, if you want to maybe speak out loud about your comment that you posted in the chat, because I think that participants in person cannot read that. Maybe we can try to do something similar as we did with Fran Cola, asking you to potentially unmute. If not, yeah. Can everyone hear me? Yes. Great. Yeah, that’s good. Thank you for the opportunity. Yeah, once again,

Gregory Duke Day: my name is Gregory Duke Day. I’m a member of the Internet Society. And I also work with a group called Be Tech Connected. Ideally, most of the points that I’ve put together is in the chats, but I was looking specifically at policymaking. And I gather from a previous session on how quick or how fast these policies go in terms of its approval, looking through it, trying to understand the various parts of this policy and how that works to our effect. Ideally, I believe that as the future or as people with great sensibilities, we have knowledge, we have skills of all of these important technologies, it is important that we are also included in policymaking across various levels. That way, we are able to relate with the kind of activities that go on, the kind of challenges that have been shared across many, many times, and that we’re able to contribute meaningfully to all of these policies. Ideally, we would grow to a point where we would also have to share all this knowledge to those who are coming behind us, and it would be important for us to understand and start to educate people around all these policies. So once we are giving, or within the process that we have been given, chances to contribute meaningfully to these policies, we’re also able to carry them into the future, and we’re able to give back to those who are coming with us. And finally, speaking to the inclusion aspect, well, some of these are governmental, but for the most part, it has to do with rural areas and infrastructure that is bridging the digital divide or the digital gap between those areas. Also, the accessibility of these technologies to persons with disabilities, that way we’re not leaving them out, we’re also including them, because they also have some skills, some knowledge to share on all these phenomenons that are happening, really. And then finally, around creating something that is relatable to countries. So ideally, creating or bringing about certain technologies or elements within those technologies that can help in creating some context-specific. So for example, languages, in terms of the technologies that we create, once we’re able to try and fashion or create these technologies within certain languages for certain countries, we are able to have a unified force, I would say, for the future of technology. Right. Thank you.

Mariana Rozo-Paz: Thank you, Gregory. That was very valuable. This is really great. And I think that you’re raising a very important point regarding also the digital divide and what real digital inclusion means and how, of course, that means something very different in different communities, in different regions, depending on the specific context of the community that we’re thinking about. I’ll actually share on the chat the link to one blog that we drafted lately based on some of the conversations that we have been having with young people, particularly in Africa and Latin America. And one of the things that they highlight, I mean, actually two things that they highlight. First is the importance of contextualizing data and how sometimes even if we do have data about young people, we need to make sure that we’re really contextualizing and having context-specific data solutions that reflect the challenges and needs of the diverse youth communities. And then the other thing that they have highlighted extensively is how rural communities are facing barriers to digital inclusion and data access and how, in the end, including rural communities is not only a matter of building the connectivity infrastructure, but also designing tools so that in terms of literacy and education, people have the skills. And as I think Solian was pointing earlier, even the critical thinking skills and kind of the soft skills so that they can navigate technology with much more awareness. So I wanted to highlight that and thank you everyone for participating in that first section. Now I want to dive deeper into the challenges that we’re facing in terms of international and global policy to really bring young people together. We’re seeing in many cases…

Sophie Tomlinson: Sorry, Gerard was just trying to speak, I think.

João Moreno Falcão: Sorry, Mariana, for cutting you, but we have a non-site participant that wants to speak too.

Mariana Rozo-Paz: This is fantastic. Yeah. Great.

Melody Musoni: Thank you so much. My name is Melody Msoni. I work as a digital policy officer for a think tank called the European Centre for Development Policy Management, or ECDPM. So mine, it’s more of observations. Maybe let me start with one question, define youth, because I’m coming from a country where people who are in their 70s, they still qualify as youth. And then living in Europe, normally it’s between 8 to 18 years to 35. So that’s the first question I have. And then when it comes to my observations, we are here at the IGF. I was expecting this room to be full. There is two of us here on site. But if you go outside, there are so many young people who are sitting in the lobby right now. So I was wondering, like, why is that there are not a lot of young people in the room? And why is it more people are participating? Young people I see is that 42 participants online instead of being here. So it’s just an observation. I hope you’ll be able to look into that to see what are the reasons. And just thinking about that, I also thought perhaps for future platforms and engagements like this, it helps if your session is to be prioritized, maybe the first or the second day of IGF, because the last day, it’s very difficult to rope people in. And then having these discussions, I think it also helps if we have more senior policymakers who are also part of the conversation. Because they also have that pool to bring people in into the conversations. So I think those were my two observations. And I also wanted to say that perhaps that could be an additional question that can also help you in future engagements to say what is exactly different about the youth. Because all the issues that you are raising, they apply to women, they apply to everyone. So why exactly is it important for us to talk specifically about youth and issues on inclusion and data? So I think being very clear in articulating why it’s important for us to focus on youth, it actually helps in pushing the agenda and pushing the, I guess, achieving the objectives that you have to, that you intend to achieve. And then there was a comment again that I also agree with, issues on rural communities and engagements. I think just from listening from all the conversations here at IGF, people tend to be very superficial when it comes to marginalized communities. I’m originally from a very marginalized community, even up to now. It takes me so long for me to get hold of my family because they still don’t have access to the internet. And some of the people in my village, they still don’t have phones, so they have to use someone else’s phone. So when we are saying that we need to engage rural communities, what exactly do we mean by that? So at least if we start thinking about what role can secondary schools in these communities play? Because a lot of people in rural areas, they go to school very late. So you find someone is in their 20s, but they are still in high school. And that’s youth. And you should be engaging with them, not just engaging with people who are already in college or who are already in universities. So I think that there is more that can be unpacked and trying to pull in the senior policy makers to be in the room and actually demanding that your sessions must be prioritized because if we have it on the last hours of IGF, there will be less interest in people participating in your… in your session, thank you. We have another question.

João Moreno Falcão: Hello, so do you think we have enough time for another intervention from one of our colleagues here?

Mariana Rozo-Paz: I think we do, that’s all right. Maybe we should address these first three questions and then we can answer the others because I see someone online has a comment too. So actually, thank you for that. I absolutely loved your comments. Regarding youth kind of age and range, I agree that it’s a pretty diverse group and I’ll hand it over to our speakers so that they can also share with us how they see this. And I think that in a way, every organization or community or forum even is defining youth in a very different way. So, and in a way, I think there are some like policy interests behind that, either because you want to expand the pool and be able to include much more people or even if you’re thinking about engaging them in the conversation, if you have people under age that involves additional challenges of getting parents approval. So I think that it kind of depends, at least in the Data Sphere Initiative, we have been involving youth or considering that youth are those people from around 13 or 15 years old up to 25 or even 29. So it can be a pretty broad range. Thank you for your comment regarding the time and day of the event. And as Sophie was pointing on the chat, this is a challenge that we have been witnessing that’s not only true for the IGF, but actually for many other forums on internet and data governance. For the UN World Data Forum. actually, our youth workshop was barely the last session on the last day, last time. And that is a challenge that I think we can all advocate together for, to make sure that we really can have a much more meaningful participation, not only of policymakers, but also of the youth, so that they are aware of what are the sessions they can also participate in, and will actually be hopefully harnessing their voices. But I want to stop here, because I know that we have an amazing pool of speakers. So I don’t know if anybody has any comment regarding the conversation around digital inclusion, or how we’re defining youth, or rural communities, and also why are youth particularly important, which I feel is kind of the key question that we don’t only want to answer today, but the policymakers are trying to answer worldwide, in terms of which communities to involve in the conversation and why. So yeah, this is kind of free. So I don’t know if Joao, Silviane or Jenny have any comments in that regard.

João Moreno Falcão: Okay, so I can go. About why we need to include youth specifically, not only like specific marginalized communities, is that they have a very, when we talk about like the most stakeholder approach, we are a group with specific characteristics, like, how can you define someone that is it’s just started in the internet governance space without a proper stakeholder group, like, we will call them researchers because they were in college, we will call them private sectors, because they just got into a job. So this really showcases that this group isn’t already included in the multi stakeholder approach. And about the aspirations are different too, because the things that I suffer are completely different than the issues that a woman suffers because she is a woman. So it’s good to have this difference, because we cannot put everything in one place and say that we will address it. And yeah, I believe this is it.

Jenny Arana: If I may, can I? Yes, of course. Yeah, thank you, Mariana. No, I mean, I think, of course, you know, when looking at every group, you know, the work that somebody mentioned, women’s empowerment, gender, etc., there’s intersectionality everywhere. And it’s important to take that into consideration. But here, why are you so important? Well, there’s a very important reason. There’s a demographic power, 1.2 billion people across the world, you know, that’s power. There’s a lot of people that, you know, are a significant demographic group. And in some regions, particularly in developing countries, they actually form the grand majority of the population. Young people are also, you know, and in the topic that we’re discussing today, they’re catalysts for innovation, you know, bringing fresh perspectives, creativity, technological fluency, and are found to be key drivers of innovation. But also, as we have seen across, you know, generations and historically, young people have also been at the forefront of social movements and advocating for the rights of everyone, not only their own rights, but the rights of a lot of, you know, older people, women, etc. And I think that that’s a very important, you know, thing to keep in mind when we are discussing these issues. And yes, of course, we can always look at intersectionality. I think when I introduced myself, I said that I work on digital inclusion and we actually look at this from the perspective of different target groups, but there are intersectionalities. For example, we work on the topic of ICT accessibility, but we’re not only looking at persons with disabilities, we’re looking at all sorts of people, looking at older persons that perhaps can no longer hear well and there are many, many different technologies that can put, can help them better integrate and better take advantage of what’s today, what the benefits are of today. For example, let’s talk about e-health, let’s talk about different areas of life and, you know, education, having access to digital skills, et cetera. So I think that, yes, we have to look at intersectionality, but also there has to be space for specific groups and for us to look at their specific needs. Yes, there will always, you know, many of the issues in the world are important to be looked at through the perspective of different groups, but why not give each of these groups a specific focus so that we can actually look at the possibilities that we have to tackle them. So thank you, Mariana.

Mariana Rozo-Paz: I absolutely love your answer, Jenny. I really have nothing else to add. I love this notion of intersectionality and I feel that that’s literally it when it comes to thinking about digital inclusion. So thank you. Now, I know that we have another question from somebody in person, so maybe we can get that draw and then we can, the organizers have asked me to tell people online that if anyone wants. to talk, you need to put your camera on and write your full name and that’s the only way in which they will allow you to speak. But for now we can have the participant in person to ask the question. Thank you.

Ahmed Karim: Thank you so much, everyone. My name is Ahmed Karim. I’m from UN Women, regional office for Asia and the Pacific, and I lead on innovation and the US portfolio in the office. Just adding into the conversation of intersectionality, and I think it’s one of the challenges when we talk about youth issues, that we talk about youth as a homogenous group. And with that intersection between youth and gender, bring in the angle of young women, which is half of the population of youth, that is kind of, you know, discredited and kind of seen as part of that bright future of digitalization and youth. And I think when we look at that bright future of young people are the most avid and take saving and like leading on the innovation, it’s like, it’s also like shades light and that young women are also part of that, which is not true. I think there are a lot of amazing women leading in the digital spheres, they’re fighting really hard to find the space, but the sector is not really giving them that full space or an equal space. I’m just going to mention three, like, you know, either new studies that were saying first one from the World Economic Forum, women are going to be the most affected by job loss due to digital transformation. The second one is that women are less likely to use AI and emerging technology in the workspace because of all of, you know, access, work environment, male dominated sectors and all of those kind of thing. And the third one is that women are also the most affected by the misuse of technology and AI for technology-facilitated violence. This is just like a glimpse of the reality of what young women are dealing with in this sector and I think they are not well represented in the conversation where it’s really bright and futuristic and shows that technology is working for young people. It’s not for everyone and that intersectional angle that you can go even deeper and you’re going to uncover an ugly reality of digital transformation, the more you go to more intersectional layers. A young woman with disability, a young woman with disability in a rural area, a young woman with disability from a minority. So it’s really hard just to see a lot of this conversation within IGF and within international communities and talking about the potential without having to put that angle into perspective. I look into specific programming, resources, funding, policy changes that is more specific, more gender-specific, more targeting young women and I wonder if you have some reflection on what could be done to accelerate that progress. We missed an opportunity when the internet came out. We missed an opportunity when social media revolution came out and we left a lot of women behind with a wider gap that is getting even wider with the AI revolution. So how can we catch up, making sure that women, other genders, other marginalized groups like young women are catching up with that technology and benefiting from that sector, not just as a user, but also shaping the infrastructure of this new revolution. Thank you.

Mariana Rozo-Paz: Absolutely fantastic question. Thank you so much for that. I am going to hand it over to Nosipo. I think you can unmute yourself now so that you can ask your question and then we can take questions.

Online Audience: Thank you very much. I’m Advocate Zainouba from South Africa. I’m running a practice that focuses on intellectual property, cyber law, ICT law, that is now small-scale mining, and international trade law. Of course, AI is included there. And I’ve done a lot of research. In fact, I’m a cyber lawyer by education and by profession. I also have been part of lecturing at UNISA, the Faculty of Law, the oldest university in South Africa, and I’m responsible for the same. But the reason I felt I need to participate here is because I’m part of the South Africa IGF. Probably, in line with what my colleague was talking about, you might have to look at how we are dealing with IGF in South Africa. We open the curtain with youth. What that does, it gives the traction across the whole program, and it makes them to participate right through the program. So the focus, and it’s informed by our understanding of the sacrosanctcy and the role youth play in everything that we do, because the youth are the ones that must be made through social cohesion to understand that emerging technologies for Africa must emerge from Africans for Africa. And that is part of the indoctrination that we need to do as part of data sovereignty and as part of AI sovereignty. Yesterday, we were in a session where we were talking about all the capabilities that are coming from other jurisdictions being coming to the South. And it is important for the youth to be able to understand what that means. in terms of territorial integrity. I happen to be in the military, so for me territorial integrity is a non-negotiable. And for as long as our youth have not got into what that means in terms of technologies, in terms of systems, in terms of infrastructure, because we do have youth that has brains, youth that understands technology, and in the deep rural you have youth that is having so much creativity. We have youth that is able to generate energy from back of trees, as we speak. But if we don’t harness that by making sure that they are in the forefront and they are made to understand that the future is in them, we will miss the game. But my question then is, how do we ensure that our youth are able to to utilize the skill sets that they have, right, to improve the home ground? Because for me the challenge we have at this point is our youth that acquires the skills and then they go and use it somewhere. Europe is full of youth from South Africa. How do we enable the youth to be able now to, yes, act globally, but ensure that they embrace where they come from, so that we are able then to improve even the LLMs that we’re talking about, because those LLMs must talk to our cultural heritage, and the cultural heritage is embedded in those engineers that are currently in Brazil, in Asia, in Europe, in Australia, but they are from South Africa. How do we deal with that? Thank you.

Mariana Rozo-Paz: Thank you very much for that question. I want to turn it back to our speakers to see if any of you would like to answer one or the two questions. If you have any insights or anything you’d like to share, any thoughts regarding those very thoughtful questions.

Celiane Pochon: I think maybe if I may, just without answering the question, but just thanking everyone for all of these statements, questions, interrogation, provocative thoughts. And I think, at least for me, these are things I will take back and try and reflect on. And I can’t answer them in a, you know, thought out manner right now. But they’re definitely things I will take back with me and think about and try to act on in, you know, our everyday work. Thank you for that. Jenny, Joao, anything you’d like to share? Sophie, would you like to share that out loud, potentially?

Sophie Tomlinson: Yeah, sure. No, thank you so much, everyone, for these invites and Nospio for what you were saying. I’m just sharing a study in the chat that came out this week that looked at the types of data. What is the data that’s building AI right now? I think some of the findings are things that we know, but it’s nice to have concrete evidence emerging to show this. That it’s pretty shocking how 90 percent of the data sets for AI are coming from Europe and North America and less than 4 percent coming from Africa right now. So I think these points of. the need for inclusive approaches, and also the point of intersectionality to how is AI going to actually fit the needs and resonate with young women in Africa, for example, or as the speaker from UN Women was saying, how is, to his point, what even about young disabled women from a rural part of Africa, if we can’t even get the data that’s built into AI right now, just reflect the whole world, we’re in deep trouble. So I think this is something to further discuss.

Mariana Rozo-Paz: I agree. And I absolutely love that, Sophie. Yes. And in a way, that is the big challenge that we have right now, in terms of coming back to Sulian’s point at the beginning, how can we build technologies in a way that we’re fostering trust. But in order to foster trust, we need to think about all of these intersectionalities, all of these communities, and how they relate in the end. And if we have this very big percentage of the population worldwide nowadays being youth, knowing that it is a very diverse pool of people, and it is not just young people with the same level of privileges and opportunities and challenges, but that the youth community is actually a very diverse community, not even worldwide, but like just even thinking about one country, we cannot even categorize youth as just like, oh, the, I don’t know, Swiss youth, but it’s actually very different and diverse communities within one country. And this is something for us to keep on thinking about. So thank you for bringing it up. I wanted to ask one last question to the speakers before we wrap up. And I think this connects to everything that we have been discussing regarding incentives and the need to actually raise awareness among this adult community, and this adult community can be policymakers, governments, private companies, international organizations, and the importance of youth voices and to enhance their participation in policies and the design of data-driven technologies. So I’d like to ask our speakers what incentives are needed to raise awareness among this community about the importance of involving youth. And if you have any examples of efforts that could be implemented by different types of stakeholders to make sure that in the end we can really build technologies in this base foundation of trust, because I know that this is pretty much one of the challenges that we’ve been discussing, and how can we really raise awareness and have the right incentives. So, João, why don’t we start with you with that question?

João Moreno Falcão: I’m sorry, I had to help with something. I need one second to think.

Mariana Rozo-Paz: No worries, no worries. Maybe, Jenny, would you like to take that question first regarding incentives to the adult community?

Jenny Arana: Yes. Are you hearing me well, Mariana?

Mariana Rozo-Paz: Yes, we can.

Jenny Arana: Okay, I lost you for a little bit, but thank you so much. So, all the incentives, right? So, I think that to really foster meaningful recognition of youth contributions to the data economy, it is truly essential to provide targeted incentives that bridge generational gaps in the understanding and engagement of youth. First, policymakers, governments, and private sector really have to acknowledge the unique expertise and innovative perspectives that youth bring and the unique views. And by highlighting the creativity, the insight, and the perspectives, stakeholders can really recognize young people as valuable contributors in the digital transformation. One way is to institutionalize youth participation. That’s a crucial step. This can be achieved by integrating young voices into governance structures, and there are policy working groups, committees, advisory boards, but of course we have to avoid that these mechanisms become something where youth participation and use are tokenized, but that actually become a core part of decision-making processes, and it’s important, I think, when we can think about funding and resources, and specifically for youth-led initiatives, to really provide a tangible incentive for the active involvement of these youth networks. I think that showcasing success stories of youth-led initiatives, and I think we all have shared from the different organizations that we represent and the different work that we do, these success stories can really serve as a powerful evidence of the positive impact of youth involvement, and really highlighting these achievements should inspire confidence among what we’re calling the adult community, and encourage broader support for integrating youth perspectives into the economy, and so various stakeholders can take concrete actions to empower youth and ensure the inclusion of these demographics in shaping the data economy. And from the side, I think, of international organizations, we can make efforts to foster this intergenerational collaboration and equipping young people with the knowledge and the experience that is required, ultimately, to influence global digital policies and the conversation on digital development as a whole. So thank you so much, Mariana.

Mariana Rozo-Paz: That was great. Thank you so much, Jenny. So Leanne, I’ll turn it over to you.

Celiane Pochon: Yes, thank you. And I’ll build this on what Jenny just said, because it really inspires me. I think we also need to highlight the intergenerational impact of the digital decisions and provide clear examples how youth participation enhances innovation, enhances equity, enhances confidence, enhances positive outcomes, not to only focus on the challenges and maybe the more negative side, which is also very important, but also to see how we can highlight innovation. And everything I just mentioned, I think this could talk to the adult community and help them decide in what way they want to shape the policies and different designs for the technologies. And I think one thing also the youth community, we have, which is very important, is that we’re aware of topical issues in the world and the problems the world faces. We have a very raised awareness of social justice, equality, inequality, and we can also help to have this be at the forefront of new policies, to have this aspect be taken into account. And I think we have very important values that young people, we advocate for, and I think we can really put them in the forefront. And I think just ensuring youth voices are heard and are heard. in the discussions and the development is only ensuring the future generation has access to the knowledge and to the tools to continue innovating while preserving core values such as human rights. And I think this approach of including youth now for the future can only lead to a fairer and more innovative and equitable data economy that can benefit everyone now but also in the future. Thank you.

Mariana Rozo-Paz: Thank you. Thank you, Zilian. That’s very, very valuable. João, over to you.

João Moreno Falcão: Thank you. So, yeah, we definitely I will speak complimenting again what has already the other panelists has already said but we need to bring awareness about the advantages of having youth on board in the decision making, in the policy making about the digital economy because, yeah, we can bring novelty, we can bring other points of view that are very, very important to develop a specific direct policy. So, in this sense having a more diverse participation and, well, when we are thinking of developing projects to youth they are the group that better understands what they are dealing with. So, it’s definitely a group that needs to be included in this process.

Mariana Rozo-Paz: You’re right. Thank you, João. Well, I want to thank everybody for joining us. Thank particularly our speakers who have been amazing in sharing their work and insights. Thank you for agreeing to joining us. And thank you everybody for participating. Just to wrap up I’d like to ask one final mini question to our speakers, but it’s more of like, could you please maybe share with us one final takeaway in maybe 30 seconds, one minute each of a final message or highlight that you’d like to share with people. And with that, we can wrap up. I don’t know if anybody would like to start actually.

Celiane Pochon: Maybe I can jump in. I think for me it was something that was very valuable is that we also need perhaps to go back to the core questions. Why are youth voices important? And maybe we’re already two steps ahead in tackling these very important questions as well. But maybe for next sessions or something else, start back from the basics to really state why youth voices are important. And maybe also I think intersectionality has really been brought up a lot in this discussion, also to see how that can be brought into the conversation. So I think we’re already two steps ahead. So maybe to include more people to have these starting basic questions, but I for sure have gained a lot of insights. And this has been a very, very good discussion. And I want to thank everybody for that.

Mariana Rozo-Paz: Thank you, Celiane. Thanks to you for your wonderful contributions. Jenny, do you want to go next?

Jenny Arana: Yes, thank you, Mariana. Yeah, I just think that, you know, the issues we’ve touched on today, AI, education, you know, skills, etc., are just not challenges. They are also opportunities for innovation. And youth not only bring these fresh perspectives that we were talking about, but also a sense of urgency to these issues, the needs that we have right now. But we also need to ensure that the voices of youth are not only heard, but integrated into governance structures, into policy discussions, and the design of data-driven technologies. And to raise awareness, again, among this adult community, it is essential to recognize that, you know, these values and these perspectives and contributions of youth invest in their initiatives and create platforms where they can lead. It’s important to highlight the importance of youth-driven solutions to bridge the gap between policy and implementation, and we must stress the need for multi-stakeholder collaborations involving governments, private sectors, civil society, and these youth organizations. We want them at the center of this discussion, so I think this is my takeaway, and I hope that we can continue more of these fruitful discussions in the future. Thank you, and thank you all.

Mariana Rozo-Paz: Thanks to you, Jenny, this is amazing, and João, over to you, you have the big responsibility of wrapping it up.

João Moreno Falcão: Okay, so, to me, the main takeaway here is that how we need to broaden our reach, so we are discussing here about including the young people in the digital economy and how to do this, and, yeah, so I think for our next discussion, our next step is to get the people involved that we are talking about. So we have a lot of interesting and very important initiatives here that could also be part of this, like we can include the people that we work together, I believe this.

Mariana Rozo-Paz: Thank you, João, that’s very good. So thank you everyone again for joining us, thank you to the organizers, to the IGF for helping us host this, and, yeah, I think as one of our contributors mentioned today, let’s keep pushing to make sure that these sessions are scheduled earlier in the program, and let’s also advocate to have, hopefully, much more funding to keep leading these initiatives with very diverse youth communities. Thank you again so much for joining us. Have a nice rest of your days, both in the IGF or wherever you are in the world. Wishing you a very good rest of the IGF and happy holidays to everybody who’s taking some time off because I know that it’s pretty much Christmas now. So thank you everyone. Thank you. Thank you so much for the organization and happy holidays to everyone. Bye everybody. Thank you so much. Thank you so much everyone, bye.

Agreement Points

Importance of youth participation in digital governance

Mariana Rozo-Paz

Jenny Arana

João Moreno Falcão

Celiane Pochon

Youth are early adopters and innovators of digital technologies

Youth have fresh perspectives and creativity to contribute

Youth are catalysts for innovation and social movements

Youth have unique expertise and innovative perspectives

Youth are aware of topical issues and advocate for important values

All speakers emphasized the crucial role of youth in shaping digital policies and technologies due to their unique perspectives, innovative thinking, and awareness of current issues.

Need for inclusive and diverse youth engagement

Mariana Rozo-Paz

Jenny Arana

João Moreno Falcão

Celiane Pochon

Create pathways for youth from all regions to participate

Institutionalize youth participation in governance structures

Broaden reach to include more diverse youth voices

Include youth in multi-stakeholder forums and consultations

Speakers agreed on the importance of creating inclusive mechanisms to ensure diverse youth participation in digital governance across different regions and forums.

Similar Viewpoints

Both speakers emphasized the importance of empowering youth through education and highlighting successful youth initiatives to encourage their participation in digital governance.

Jenny Arana

Celiane Pochon

Showcase success stories of youth-led initiatives

Enhance data literacy programs in schools and universities

Unexpected Consensus

Addressing trust issues in data governance

Celiane Pochon

Mariana Rozo-Paz

Lack of trust in data governance arrangements

Youth face unique vulnerabilities in the digital age

While most speakers focused on youth participation, Pochon and Rozo-Paz unexpectedly highlighted the importance of addressing trust issues and vulnerabilities in data governance, which is crucial for meaningful youth engagement.

Overall Assessment

Summary

The speakers largely agreed on the importance of youth participation in digital governance, the need for inclusive engagement strategies, and the value of youth perspectives in shaping digital policies. There was also consensus on the need to address challenges such as digital literacy and trust in data governance.

Consensus level

High level of consensus among speakers, with strong agreement on core issues. This suggests a unified approach to youth engagement in digital governance, which could lead to more effective policies and initiatives for involving youth in shaping the digital future.

Different Viewpoints

Definition and scope of youth

Melody Musoni

Jenny Arana

Define youth, because I’m coming from a country where people who are in their 70s, they still qualify as youth.

Youth have fresh perspectives and creativity to contribute

There was a disagreement on how to define ‘youth’, with Melody Musoni pointing out that the definition varies greatly between countries, while Jenny Arana focused on youth as a group with fresh perspectives, implying a younger demographic.

Unexpected Differences

Digital literacy assumptions

João Moreno Falcão

Jenny Arana

Digital literacy gap between using technology and meaningful participation

Youth are catalysts for innovation and social movements

While Jenny Arana emphasized youth as catalysts for innovation, João Moreno Falcão unexpectedly highlighted a significant digital literacy gap among youth, challenging the assumption that all young people are equally capable of meaningful participation in the digital economy.

Overall Assessment

summary

The main areas of disagreement centered around the definition of youth, approaches to youth inclusion in governance, and assumptions about youth digital literacy.

difference_level

The level of disagreement was moderate. While speakers generally agreed on the importance of youth participation, they had different perspectives on how to achieve it effectively. These differences highlight the complexity of engaging youth in data governance and the need for nuanced, context-specific approaches.

Partial Agreements

All speakers agreed on the need for youth inclusion in governance and policy-making, but had different approaches. Jenny Arana suggested institutionalizing youth participation, Celiane Pochon advocated for including youth in existing forums, while João Moreno Falcão emphasized broadening the reach to more diverse youth voices.

Jenny Arana

Celiane Pochon

João Moreno Falcão

Institutionalize youth participation in governance structures

Include youth in multi-stakeholder forums and consultations

Broaden reach to include more diverse youth voices

Similar Viewpoints

Both speakers emphasized the importance of empowering youth through education and highlighting successful youth initiatives to encourage their participation in digital governance.

Jenny Arana

Celiane Pochon

Showcase success stories of youth-led initiatives

Enhance data literacy programs in schools and universities

Key Takeaways

Resolutions and Action Items

Unresolved Issues

Suggested Compromises

Trust in data governance arrangements and empowering young people and individuals in the digital space is key for the data society we want to have. Without the control over our data we lose trust in institutions and companies and technologies themselves which hinders digital inclusion, innovation and all the other topics that Jenny and Joao already mentioned.

speaker

Celiane Pochon

reason

This comment highlights trust as a fundamental issue underlying many challenges with youth engagement in the digital economy. It connects individual empowerment to broader societal outcomes.

impact

This shifted the discussion to focus more on trust as a core issue, leading to later comments about building technologies in a way that fosters trust across diverse communities.

One child from his birth to his 13th birthday will gather 72 million pieces of personal data. So before you grow, you will already have a huge digital footprint, and we need to bring awareness about this, because they aren’t able to agree on it, and the implications of this amount of data will be seen.

speaker

João Moreno Falcão

reason

This statistic provides a striking illustration of how pervasive data collection is for youth, even before they can consent. It raises important ethical questions.

impact

This comment deepened the conversation around youth data rights and privacy, leading to further discussion about digital literacy and empowerment.

Define youth, because I’m coming from a country where people who are in their 70s, they still qualify as youth. And then living in Europe, normally it’s between 8 to 18 years to 35.

speaker

Melody Musoni

reason

This question challenges the fundamental assumptions of the discussion by pointing out how ‘youth’ is defined differently across cultures.

impact

This led to a more nuanced discussion about how youth is defined in different contexts and the need to be specific when discussing youth engagement.

Young women are also part of that, which is not true. I think there are a lot of amazing women leading in the digital spheres, they’re fighting really hard to find the space, but the sector is not really giving them that full space or an equal space.

speaker

Emad Karim

reason

This comment introduces an important intersectional perspective, highlighting the specific challenges faced by young women in the digital sphere.

impact

This shifted the conversation to consider more deeply the intersectionality of youth issues, particularly gender disparities in tech.

90 percent of the data sets for AI are coming from Europe and North America and less than 4 percent coming from Africa right now.

speaker

Sophie Tomlinson

reason

This statistic starkly illustrates the lack of global representation in AI training data, which has profound implications for AI’s applicability and fairness globally.

impact

This comment deepened the discussion on the need for inclusive approaches in AI development and highlighted the importance of diverse data representation.

Overall Assessment

These key comments shaped the discussion by broadening its scope from general youth engagement to more specific issues of trust, data rights, cultural definitions of youth, intersectionality, and global representation in tech development. They moved the conversation from abstract concepts to concrete challenges and potential solutions, emphasizing the complexity and diversity of youth experiences in the digital economy. The discussion evolved to recognize the need for more nuanced, inclusive approaches that consider various cultural contexts and intersectional identities when addressing youth engagement in digital policy and technology development.

How to define youth in the context of digital inclusion and data governance?

speaker

Melody Musoni

explanation

Different regions and organizations define youth differently, ranging from 8-18 years to up to 35 or even 70 in some countries. A clear definition is important for targeted policies and initiatives.

Why is it important to focus specifically on youth in discussions about data and digital inclusion?

speaker

Melody Musoni

explanation

Understanding the unique aspects and importance of youth engagement can help in articulating and achieving objectives related to youth inclusion in the digital economy.

How can we engage rural communities more effectively in digital inclusion efforts?

speaker

Melody Musoni

explanation

Many discussions about marginalized communities are superficial. There’s a need to explore specific strategies for engaging rural youth, such as through secondary schools.

How can we accelerate progress in addressing the gender gap in digital transformation, particularly for young women?

speaker

Emad Karim

explanation

Young women face specific challenges in the digital sphere, including job loss due to digital transformation, lower likelihood of using AI in the workplace, and increased risk of technology-facilitated violence.

How can we ensure that youth utilize their skills to improve their home countries rather than migrating to use their talents elsewhere?

speaker

Advocate Zainouba

explanation

There’s a need to address the brain drain of skilled youth from countries like South Africa to ensure local development and preservation of cultural heritage in technological advancements.

How can we create AI and language models that reflect local cultural heritage?

speaker

Advocate Zainouba

explanation

Current AI systems often don’t reflect diverse cultural perspectives, particularly from regions like Africa. There’s a need to involve local talent in developing culturally relevant AI.

Summary

This session at the Internet Governance Forum focused on the intersection of quantum encryption, Resource Public Key Infrastructure (RPKI), and IoT security in shaping the future of internet security. Experts discussed how quantum technologies are revolutionizing fields like communication and sensing, with potential applications in healthcare, defense, and environmental monitoring. However, they also highlighted the threat that quantum computing poses to current cryptographic standards, emphasizing the urgent need to develop and implement quantum-resistant encryption methods.

The discussion then shifted to RPKI, a security extension for internet routing. Speakers explained its importance in preventing route hijacks and misconfigurations, while noting challenges in adoption and implementation. They stressed the need for widespread adoption to maximize RPKI’s benefits and protect against routing vulnerabilities.

The session also touched on IoT security, particularly the challenges of implementing robust security measures in resource-constrained devices. Experts emphasized the need for lightweight, quantum-resistant protocols for IoT devices to ensure their protection in the face of advancing quantum capabilities.

A significant portion of the discussion focused on the global disparities in adopting these security measures, particularly in the Global South. Speakers highlighted the need for capacity building, resource allocation, and policy harmonization to ensure equitable adoption of advanced security protocols across different regions.

The session concluded by underscoring the critical importance of collaboration among stakeholders in addressing the challenges and opportunities presented by these emerging technologies. Participants agreed that proactive measures and international cooperation are essential to secure the digital ecosystems of the future against evolving threats.

Keypoints

Major discussion points:

– The potential impacts and security implications of quantum computing on current cryptographic systems

– The importance of implementing post-quantum cryptography and quantum-safe security measures proactively

– The role of RPKI (Resource Public Key Infrastructure) in securing internet routing and challenges with its adoption

– The need for capacity building and resources, especially in developing regions, to implement advanced security measures

– Considerations for securing IoT devices against quantum and other emerging threats

Overall purpose:

The goal of this discussion was to explore the intersections between quantum technologies, internet routing security (RPKI), and IoT security. The speakers aimed to highlight current developments, challenges, and future considerations in these areas to help prepare for a more secure digital ecosystem.

Tone:

The tone was primarily informative and forward-looking, with speakers providing technical explanations as well as policy and practical considerations. There was a sense of urgency in addressing these issues proactively, balanced with acknowledgment of the challenges involved, especially for regions with fewer resources. The tone remained consistent throughout, maintaining a focus on collaboration and the importance of multi-stakeholder efforts in addressing these complex technological challenges.

Speakers

– Nicolas Fiumarelli: Moderator

– Maria Luque: Expert in technology foresight, corporate diplomacy and quantum technologies; Managing Director of the Future of Literacy Group

– Sofia Silva Berenguer: RPKI Programme Manager at APNIC

– Wataru Ohgai: Representative from JPNIC with expertise in RPKI operations

– Athanase Bahizire: Online engagement assistant

Additional speakers:

– Yug Desai: Rapporteur from South Asian University

– Wout de Natris: Consultant for the Dynamic Coalition on Internet Standards, Security and Safety Wout de Natris

– Michael Nelson: Commenter (mentioned in chat)

Revised Summary of IGF Session on Quantum Encryption, RPKI, and IoT Security

Introduction:

This Internet Governance Forum session explored the critical intersection of quantum encryption, Resource Public Key Infrastructure (RPKI), and IoT security in shaping the future of internet security. Experts from various fields discussed current developments, challenges, and future considerations to prepare for a more secure digital ecosystem.

Quantum Technologies and Cybersecurity:

Maria Luque, an expert in technology foresight, opened the session by highlighting the rapid advancement of quantum technologies and their implications for cybersecurity. She emphasized that quantum sensing and communications are maturing quickly, with potential applications in healthcare, defense, environmental monitoring, and space exploration. Luque painted a picture of a future where global communications, both terrestrial and space-based, are integrated through optical networks.

The discussion emphasized the urgent threat that quantum computing poses to current cryptographic standards. Nicolas Fiumarelli, the moderator, stressed that post-quantum cryptography standards need to be implemented now, rather than waiting for quantum computers to become a reality. This sentiment was echoed by Sofia Silva Berenguer, who highlighted the vulnerability of current cryptographic systems to quantum computing threats.

Luque underscored the immediacy of the quantum threat, stating, “My message today is that not only a cryptographically relevant quantum computer and its advent is a threat to this future that I just pointed out to you, to how we leverage this data for good, not only Harvest Now and Decrypt Later is a threat to this vision alone, the threat is up today.” This statement shifted the discussion towards more urgent consideration of quantum-safe security measures and their implementation.

RPKI Adoption and Challenges:

The conversation then moved to the importance of RPKI in securing internet routing. Wataru Ohgai, representing JPNIC, reported that global IPv4 ROA coverage has exceeded 50%, indicating progress in RPKI adoption. He also noted that Tier 1 networks like Google are pushing for RPKI readiness, which is encouraging wider adoption.

Sofia Silva Berenguer highlighted that RPKI adoption faces a collective action problem, particularly for smaller network operators. She discussed the RPKI program and its challenges, emphasizing the need for capacity building and support for smaller ISPs. Berenguer also mentioned the development of ASPA (Autonomous System Provider Authorization) as a complementary security measure.

Ohgai provided a real-world example of vulnerabilities in current security systems, stating, “ROA revalidation is done based on what is written in ROA. So the trust in ROA is a considerably big issue. This year, one of the large network operator in the world located in Spain, which is a ripe region, had their online account used to creating or modifying ROA taken by bad actor.” This comment grounded the theoretical discussion in practical concerns, leading to more focus on operational challenges and the need for robust authentication methods.

IoT Security and Global South Challenges:

Nicolas Fiumarelli highlighted the importance of creating lightweight post-quantum cryptography protocols for IoT devices, given their resource constraints. This led to a discussion on the specific challenges faced by IoT devices in implementing advanced security measures.

Athanase Bahizire, the online engagement assistant, stressed the need for harmonization of cybersecurity policies across regions. He pointed out the challenges faced by developing regions, particularly in Africa, in implementing advanced security measures. Bahizire commented, “We tend not to take very seriously cryptography as what I was giving examples whereby you know putting in place to filter authentication in your database and some other very little best practices. We are not adopting them. We are waiting for when it’s like mandatory or it’s like as a regulation to adopt it’s what is not really a good practice and it doesn’t have that much in securing our system.” This observation shifted the conversation towards discussing capacity building and the need for proactive security measures, especially in the Global South.

Future Internet Security Measures:

Looking towards the future, the speakers agreed on several key points. Ohgai emphasized the need to develop quantum-safe RPKI protocols. Fiumarelli highlighted the importance of post-quantum cryptography standards, mentioning Crystal Deletion, Crystal Kyber, and Sphinx as examples discussed during the Q&A session.

The role of the Dynamic Coalition on Internet Standards, Security and Safety (IS3C) in supporting work on quantum computing and security was also discussed, as mentioned by Wout de Natris during the Q&A.

A notable point raised during the Q&A was the potential vulnerability of blockchain and Bitcoin to quantum computing attacks, further emphasizing the need for quantum-resistant cryptography across all digital technologies.

Conclusion and Future Directions:

Yug Desai, a rapporteur from South Asian University, emphasized the crucial role of multistakeholder collaboration in addressing these complex security challenges. Nicolas Fiumarelli concluded the session by reiterating the importance of collaboration in tackling the challenges posed by quantum computing and in implementing robust security measures.

The session identified several unresolved issues, including effectively implementing quantum-safe cryptography for resource-constrained IoT devices, overcoming the collective action problem in RPKI adoption, and ensuring equitable adoption of security protocols in regions with limited resources.

Overall, the discussion highlighted the need for proactive measures, international cooperation, and continued research to secure digital ecosystems against evolving threats, particularly those posed by quantum computing advancements. The session underscored the urgency of implementing post-quantum cryptography standards and the importance of capacity building initiatives to ensure global preparedness for the quantum era of cybersecurity.

Nicolas Fiumarelli: Good morning, everyone. Good afternoon. Good evening, wherever you are in the world. Let’s proceed. Okay. Welcome to our session on quantum encryption, RPKI, that is resource public infrastructure, and IoT, Internet of Things, security. We are going to tackle intersections on these future challenges. My name is Nicolas Fiumarelli. I came from a tiny country that is called Uruguay in South America. I am pleased to serve as the moderator today. Assisting with the online engagement is Athanasi Vajisiri, ensuring that both virtual and in-person participants are fully integrated in our discussions. The session will tackle three essential pillars for the future of the Internet security. One, the first one is quantum security, which is redefining cryptographic protocols to withstand the power of quantum computing. Just a note here, because this is the only one session about quantum computing in the entire ICF. As you may know, next year is called the year of the quantum, because of the recent advancements on this technology from the different big tech giants around the world. So, this is an important topic for us, and we needed to include it in the ICF. So, the second topic will be on the RPKI, the resource public infrastructure, that is about securing the integrity of the Internet routing. You know, this protocol that is used for routing, that is BGP, or the Gateway Protocol. And finally, the third topic will be IoT security. We will address unique vulnerabilities. and availability of billions of interconnected devices worldwide. So it’s a challenge this session. So our objective is to examine the intersection of these three technologies, right? The challenges and the opportunities, particularly in shaping secure and inclusive digital ecosystems. So the format for today will include individual presentation for our expert panelists, each from each of the topics. We are offering 15 minutes of deep insights into the areas of expertise. So following these initial presentations, we will open the floor for a 30 minutes discussion and questions and answers. One of the ideas to address policy questions and take input from both on-site participants and virtual participants. And finally, our rapporteur, Yuke Desai from the South Asian University will summarize the session and share some insights about his research on the internet engineering task for the mappings. So let me now introduce our speakers and the flow of the contributions. The first speaker is… Okay. First, first speaker. Okay. Okay, first speaker is Maria Luque. Maria Luque is an expert in technology foresight, corporate diplomacy and quantum technologies. She is also the managing director of the Future of Literacy Group. She has extensive experience in creating cross-national innovation schemes to advance the integration of quantum technologies in strategic sectors. So Maria will begin the session with a presentation on cybersecurity for a quantum future, presenting a comprehensive vision of the place of quantum technologies in our shared future, highlighting development in post-quantum cryptography and quantum key distribution. So Atanasis, you can confirm that Maria is online. Okay, so Maria, the floor is yours. She has a presentation to share, so maybe the technical team will help her to share screen. Maria, can you confirm you can speak? Hello? Okay, while the technical team help us to put Maria on the floor. Okay, we are waiting for the presentation. Good afternoon, can you hear me?

Maria Luque: Yes, we can hear you but we cannot see your presentation, so please wait some seconds. Some technical issues here at the stage. Can you see my screen now? Yes, we can see your screen. If you want, you can also open your camera or if you already open, we’ll tell the technical guys to put you on the screen. Let me try that. First the presentation, then you can hear me. You need to allow me to open my camera. Allow her to open the camera. You can start my presentation and then later they will allow you to. put your camera down. Okay, okay. Thank you. So, good afternoon to all of you. Good afternoon, Nico. Good afternoon to those in the audience. Clever enough to pay attention to this presentation right before the closing of the IGF this year. Thank you for being here. I really want to do a brief exercise to start the session. And this is on pair with you not being able to see me through video, that’s very timely, because I’m going to ask you to close your eyes, if you may, those of you in the audience. I want to paint the picture, why we think about quantum technologies today at the IGF, and go a little bit forward. So, eyes closed. By 2045, the world looks nothing like it does today. Profound transformation has taken place, and all global communications, both terrestrial and space-based, they are somehow integrated through optical networks. It is a rather sophisticated infrastructure, born from decades of collaboration and innovation, and it enables real-time data transfers at great speeds, allowing instantaneous communications across the globe, and into the farthest reaches of our solar system missions. The integration of quantum communications, in this time, has extended our reach even farther, and is facilitating secure, near instantaneous transmissions across Earth to the Moon and Mars. This breakthrough is paving the way for us humans to explore and inhabit even other planets, while advancing how we understand the cosmos. But what’s more important, in this age, mature quantum sensing and computing. computing technologies have helped us unlock a new era of capabilities, of possibilities. We now have distributed quantum sensing networks, and they provide us with extreme precision in environmental monitoring, in space exploration, and early warning systems for disaster in every location. This is enhancing our quality of life and our ability to protect both Earth and our expanding presence in space. Quantum computing now is deeply integrated into this global network, and it enables the confidential processing of highly, highly sensitive data, securing information that is critical to national security, to finance, and to global governance. Our relationship with trust in this era is definitely changed. These technologies have transformed sectors, ranging from healthcare to defense, enabling the secure integration of intelligence, of military and defense efforts, and it’s making it possible to effectively confront asymmetric, cyber, and kinetic threats to our infrastructures and well-being. Well, now those of you who share the audience with us can open your eyes, and you can tell them. This picture of 2045 is a bit of a yes, but it’s one of the possible futures I’d like you to start betting for starting today. Now, we set our eyes on 2045 today, but some nations and cutting-edge RTOs are getting ready for 2030. For example, the way we understand smart cities is changing with the introduction of quantum technologies, such as quantum sensing. Quantum sensing is a very mature technology, and it allows us to sense the air. the electromagnetic fields way beyond the scope of today’s parameters. Here at my presentation, you can see a crystal clear bed by TNO in the Netherlands of quantum technologies to help up communities with the energy transition. In this picture, quantum sensors can optimize the efficiency of power grids. They can enhance battery performance and they can improve the detection of leaks in pipelines. And since sensors are abundant in every domain on the energy transition, there are countless opportunities where they can be employed to gather critical data. For example, heat and carbon uptake in industrial environments, to have better models of our reality so that we can choose to make it more sustainable. So if we are lucky, five years from today, most of the critical data that we will gather will be gathered through quantum technologies. And to make that happen, quantum computing and all applications of quantum tech are precise. We mentioned applications for environmental and climate modeling, but we can also think of wearable IoT devices with a quantum sensor transmitting live and critical biomedical data from a soldier to a logistic base. This critical data will become increasingly valuable because they say they’re going to give us a competitive advantage for the industry, a strategic advantage, for example, for defense, or more quality of living, just as we saw. And this data is going to be needed to compute and craft the knowledge models of the future. As we all know that synthetic data is short-lived. So in a few words, the learning curve of future knowledge models, AI models, to compute solutions for the energy. transition, for defense, for field security, depends on this high quality data. So we can expect in the near future that quantum technologies gathered data will be feeding up these models, first through AI power compute, which is happening today, later through quantum plus AI compute, which will be happening in the next five years, and ultimately through quantum computing. That leaves us in a scenario where this exchange coin for our well-being, which is data, is going to circulate all over Earth and space. And my message today is quite different from the one that I gave the last IGF in Kyoto last year. My message today is that not only a cryptographically relevant quantum computer and its advent is a threat to this future that I just pointed out to you, to how we leverage this data for good, not only Harvest Now and Decrypt Later is a threat to this vision alone, the threat is up today. I mean, the current standards for our IT and OT cybersecurity in our industry environments, in our critical infrastructures, these standards and measures are very low-key, very unclear in most cases. Some of them still operate on cybersecurity by obscurity. And the bad news is that it’s only going to get worse, because on the one side, there’s this trend of AI sub-organization of everything that is going to expose our critical infrastructure to more and more blind spots, and also our definition of critical infrastructure is growing in assets. For example, we now have satellites in LEO and ground stations for science and optical communications. So, my bet is that to protect the future that we are trying to build, that we are talking about throughout the entire IGF these years, to protect all of our collective investments in AI, in compute, in quantum, in space, a new framework of cybersecurity and networking is essential. And for this, or to make this happen, quantum security is essential. Now this year, we’re going to make it easier, I’m giving a very high-level and zoom-in and zoom-out overview of cybersecurity in the quantum era, given that today is about a multi-stakeholder future for all, I’m going to give you an overview of what we need to focus on today, tomorrow, or let’s say the day after, to unlock the kind of secure communications that we need for the next set of quantum plus AI progress in our industries. Today, the new normal of today has a focus on protection regarding quantum security. This means that we are working on integrating what are called post-quantum cryptography standards and quantum cryptography algorithms, such as those approved by North America’s NIST, into our existing digital and physical infrastructures. Under the belief that under a quantum computer attack, these algorithms will resist for the most part and not unveil the underlying information behind the data. We are working means with the help from the tech industry and building common understanding for this, such as under the GSMA post-quantum crypto task force, our national governments are issuing guidelines to help us start our migration. to post-quantum cryptography frameworks. And most hyperscalers, such as Amazon, Google, Apple, with their iPhones, are introducing them into our daily cloud-based platforms. Also during November this year, we have seen the mandate to work on RSA keys by 2030, by North America’s needs, and some similar statements in the European Union’s Cyber Resilience Act. So today, well, diagnosing the problem is the easy part, and we have done that. But aligning national and international policies is much harder, and we are on those efforts right now. In the meantime, if the future is quantum, as I presented earlier, the present is hybrid. The new normal of tomorrow, two day and three years from now, the focus is to gather very mature advances in quantum communications, such as quantum key distribution, which promises to render the data unusable impact to the interaction with the physical properties of light, to start hybridizing it in classical telco networks and infrastructures. The advances in QGD and quantum communications we shared last year, I can tell that they keep upscaling. For example, this last week in the European Union, we just signed a contract for the IRIS-2 constellation, and this constellation will be ready for optical communication links. So we will ensure with it the space segment of the European quantum communications infrastructure. Regions worldwide are very active in proof of concepts of the integration of QGD into classical telco. networks, for example, and again, MatQCI, the Madrid Quantum Communications Infrastructure, those in the Netherlands, or for example, GovNQ, which is a network in New York. This today, two years from now example of what we need to do to start integrating quantum communications in existing infrastructures is undergoing a lot of challenges. First one is the challenge of standardization, and this might be the second most important message of the session today for me. The challenge of working on interoperability of these technologies with existing operators and infrastructures. Also the challenge of starting the substitution of RF for optical communication ground stations globally, or even how to develop quantum memory so that we can make quantum networks with size beyond the regions that we’re working with now. Now the day after tomorrow, and this is the part where we collide with the vision at the start, to be really in 10 to 15 years we have projects such as the Quantum Internet Alliance, which is in the European Union striving to mature quantum internet working capabilities to start deploying these dreamy applications that we started the session with. Distributed quantum sensing networks, decentralized and blind computing of data between actors who don’t necessarily have to trust each other to make joint decisions. Thanks to this technology, you name it. We also have statements from NASA’s CAM program speaking about the US-led global quantum network by 2035, but we don’t have much more than that. And for global benefits to occur for this scenario of 2045 to occur, we need to build these networks. as jointly as possible with interoperability as a key priority. Otherwise, the bright promise of the quantum future will turn into a zero-sum nightmare between societies. We need to start with quantum security today, right where you are. Remember that global investment in quantum reached 42 billion in 2024, and it’s outpacing historical tech projects like the Polar project. Many people speak of a quantum Manhattan project in different countries and nations among them, China. My final message in this very high-level overview that I’m presenting today is that quantum-gathered data is needed for all of the knowledge models that we want to advance with artificial intelligence and high-performance computation. In a very short time, we’re going to deal with very sensitive data in our communication infrastructures and our critical infrastructures affecting us personally. So the time to start investing in quantum security is today, right where you are. Thank you so much, Maria. It was very clear. Your message, I think, is a huge moment we are having now in the era of the internet future. It’s important to see that the first approach is to have… I am in… Sorry, my microphone. Sorry. Okay. Can you hear me? Yes. Okay. Thank you. Thank you.

Nicolas Fiumarelli: Thank you. Thank you. Okay, sorry. What I was saying is that the first step, as Maria mentioned, is to have post-quantum cryptography. What is that? It’s to have the algorithms that we have today like RSA, AES, etc., are not quantum resistant. That means that when you send a WhatsApp message, for example, from your phone to another phone, you can see that the message is encrypted from end to end, right? But for the most powerful classical computer nowadays, it will take like 200,000 years to decrypt any WhatsApp message. But for a quantum computer, it will be so rapid, like seconds, right? So with the post-quantum cryptography algorithms, we are having a way that quantum computers will take hundreds of years to also decrypt this new cryptography. So that is like the first step, right? To have post-quantum cryptography algorithms in all the corridors of the internet and ICTs. Then the next step, if I remember from Maria’s presentation, was about the quantum key distribution. It’s a technique that uses the quantum physics to send information in a way that is teleporting information. It’s a property of the quantum physics and in this sense, no one will know your key. So once you exchange this key via the quantum network or the quantum facilities, then you can encrypt your messages with this key in the classical internet. So that is the second step. And the third step is about the quantum internet, that is that everything goes in this new model of the quantum. And the last mile is the quantum internet working session because with these sensors and with distributed quantum computing, you could have more calculations and you could have a lot more features that uses this technology. So now I am heading to Sofia. to introduce the second topic of today, that is the RPKI, and then later in our session we will address some policy questions. So we will return to you, Maria. Sofia, Sofia Silva-Berenguer is the RPKI Programme Manager at APNIC. She is specialising in securing internet routing and improving the adoption of cryptographic frameworks across regions. Sofia will delve into the critical role of the RPKI. RPKI is Resource Public Infrastructure. It’s a security extension for the internet routing. You know that the internet goes with packets, and these packets are being routed by something that is called autonomous systems. So Sofia will delve into the important critical role of the RPKI, explaining about route origin authorisations, there is a concept, route origin validation, that’s safe word against route hijacks and misconfigurations. She will also highlight some about regional adoption challenges, ongoing capacity building efforts, and some solutions that at the IETF, you know there is a company that is, there is a standardisation body that is called the Internet Engineering Task Force, where every protocol you have heard about, HTTP, DNS, FTP, everything was made that, in that standardisation body. And they are every day having new discussions in mailing lists about different new security extensions. One of those is ASPA, Autonomous System Provider Authorisation, that is looking to secure routing paths. So with that, Sofia, the floor is yours for your presentations. Thank you.

Sofia Silva Berenguer: Thanks so much, Nico, for the introduction, and thanks for having me today. Hello, everyone. I’m connecting from Uruguay today, although I’m normally based in Australia. I’m originally from Uruguay, Semblan. Nicolás and visiting family. So as Nicolás mentioned, I will be talking about securing the internet routing. But I want to start by briefly sharing why we need to do that. So internet is not just a network. Internet is the network of networks in which networks learn where other networks are using the border gateway protocol that Nicolás mentioned, BGP. So basically networks exchange BGP announcements where they tell each other you can reach these prefixes through me. But the thing is that this protocol was designed under the assumption of trust. Back in the day when the internet started, everyone knew each other. They could trust what everyone else was saying. But then in the 80s when the internet was open to the commercial sector and it started growing exponentially, this assumption of trust didn’t work that well anymore. And it started to become clear that security needed to be addressed in some way. The problem was that the internet was already working. We could not just replace the routing protocol with a new one. So new layers had to be built on top of existing protocols. And RPKI was one of those layers to add security. So I will be talking a bit about RPKI today. So you may have heard about route hijacks. And that’s one of the incidents that can happen in the internet nowadays. In particular, back in 2008, there was a big incident where the Pakistan government instructed Pakistan Telecom to not allow traffic towards YouTube. And in trying to do that, there was an accident in the configuration where routes were leaked and went beyond Pakistan. The idea was to keep that. local but it went outside of the Pakistan borders and it cost an availability of YouTube for a little while. And that is just one big incident that made the news, but there have been other incidents that have been quite big and could have been avoided. So sometimes those incidents are malicious, are a proper attack, but in some cases they are what we call fat fingers. So it could be someone that mistyped something, for example, or in the case of YouTube and Pakistan Telecom was an error in configuration. And so I will be talking a bit more about adoption in a moment in a couple of my slides but the good news is that incidents like that that happened in 2008, there were a few back then that made the news, and were quite big. And we hear less and less about those incidents in the news, and that’s a good thing. So I’ll tell you more why we’re hearing more about that. So as I mentioned RPKI is that like layer of security that has been added on top of BGP, and how that works is that RPKI allows network operators to make statements of what are the routing intentions. In terms of what is the origin autonomous system that is allowed to originate the prefixes that they are responsible for. And that is in the case of route origin authorization sorry I kind of skipped about. RPKI in general allows for statements on routing intentions that are cryptographically verifiable. And the most popular the most popular type of object. Nowadays, is route origin authorizations that is to authorize a specific origin as to originate a set of prefixes. And that is one side of RPKI that is like creation of ROAS allows to to make those statements. But then on the other side, someone needs to use that information. And so on the other side, what we call route origin validation is using the information in ROAS to decide what to do about BGP announcements. So what my very simple diagram in this slide is trying to show here is that when a router, that black thing in the middle, receives a BGP announcement, based on what they see in the RPKI system, based on the RPKI data, they can decide whether to use that BGP announcement to create a new entry in the routing table and learn maybe a new path, or if they just ignore it and discard that BGP announcement. So where are we on this journey to securing the internet routing? ROAS, this particular object type that as I mentioned is the most popular nowadays. It was standardized more than 10 years ago. And at first, like any technology, it took a little while for it to start being used. But as you can see in the last five years or so, it has been more quickly being used. And these charts in particular are from NIST, from the US government. And it shows the percentage of unique prefix origin pair that are covered by ROAS. And you can see that for IPv4 and for IPv6, we are in a very similar situation right now where it’s 54% for IPv4, it’s 60% for IPv6. But as I mentioned, creating ROAS is just one side of RPKI. The other side is using that information to do validation. And this is where it gets a bit tricky to answer the question where we are on the journey. And actually, I recently saw an article from RIPE Labs, the blog from one of the regional internet registries that was talking about IPv6 adoption. I will be not talking about IPv6 today, but it mentioned Schrodinger’s cat and how IPv6 exists in these two states at the same time. And I feel that it’s very similar with RPKI, depending on who you ask. Some people may tell you, adoption of RPKI has been a success. Recently, there was an article from Job Snyder’s who is very active in the technical community. He works for Fastly and was describing an incident that was kind of similar to the YouTube versus Pakistan telecom incident that I mentioned, but this time the incident didn’t make the news. And that is because there was no real consequence or bad consequence of that incident because of RPKI. So in his article, he thinks that RPKI adoption is a success and this is proof that RPKI works. But I’ve also seen presentations, for example, Jeff Houston, who some of you may have heard of, just recently presented about RPKI and DNSSEC. And from his perspective, he sometimes uses the expression even market failure. He believes RPKI should have been adopted much more quickly. So again, there’s different measurement projects. So depending on where you look, you may find different stats and depending on who you ask, the perception on whether we are at a good level of adoption or not may change. It’s a bit subjective, but one of the projects is RoVista. And I like this project because they have an academic paper. So if you go to that URL of the project, you can check the methodology. There’s also particular challenges on how to measure RoV. I feel with other technologies that stop attacks or that. mitigate risk, it’s hard to measure things that don’t happen. So I will not go into the technical details on how this is measured, but there are challenges on how to measure route origin validation. So according to this particular methodology, one of the charts on my slide here, the one on the left, shows the percentage of autonomous systems that are protected by route origin validation. And they split this into partially protected and fully protected, because network operators may decide to do route origin validation on some of their interfaces and not all of them. So partially protected is when there’s at least one interface where they do route origin validation. And you can see that that number, when I got this chart, and it was just a few days ago, was around 90%. So that’s pretty good. But if you look at fully protected, where all the interfaces are doing route origin validation, that’s just a bit below 25%. I also included a chart, I will not go into the detail of how economies are doing comparing to each other. But I thought it was interesting that Rovista also defines this ROV score. And in this particular chart, they do kind of a weighted average based on the cone size. So it’s based on the customers and customers of customers that an autonomous system has. And so you can see how different economies are at different stages of deployment of this. As Nicolas mentioned, there’s also ASPA. So I wanted to briefly touch on, as I said, route origin authorizations. They prevent some types of attack, but it’s just based on the origin autonomous system used on a BGP announcement. But in order to protect the rest of the path, there’s a new object type that is being discussed in the ITF. That also, thanks to your introduction, Nico, people know now that the ITF is the body that standardized protocols in the Internet. So there is a discussion that is actually has made a lot. of progress, and it’s quite close to being completed and ASPA becoming a standard, but it’s still being discussed. ASPA stands for Autonomous System Provider Authorization, should soon become a standard. And it has already been implemented in a way. So I included a couple of links, if anyone is interested. There was an article about a first route leak that was prevented by ASPA. And also earlier this year, Hurricane Electric announced that they already support ASPA. As I mentioned, depending on who you ask, you may be told that RPKI is going great. Some people think that adoption should have been faster. And I wanted to touch on what are some challenges of, in particular, route original authorizations and validation adoption. As we mentioned, there’s the signing part, creating ROAS, the validating part, ROV. And there is a concept in social sciences that I think may help understand part of the challenge for adoption. And it’s that for RPKI to provide maximum benefit

Nicolas Fiumarelli: to the internet, to everyone, we need each autonomous system in the internet to do their part. We need each autonomous system to create ROAS for all their space, but also to start doing route origin validation. And at some point, there was a bit of a chicken and egg situation, where if there’s not enough ROAS out there, why would I do validation? But also the other way around, why would I create ROAS if no one is doing route origin validation? I personally believe we are past that point, as you have seen from the statistics. I think there is enough level of adoption that there should be more motivation nowadays to create ROAS to do validation. But also a bit of a challenge that I’ve heard sometimes is that technical people do understand the importance of this. But when non-technical decision makers are involved, it may be hard sometimes to justify. the work required to implement best practices because sometimes the commercial benefit cannot immediate. And to that, what I want to say is that we need to keep in mind that by implementing best practices and not just RPKI, but best practices in general, what we’re basically doing is preventing reputational damage. So that should be enough for justification. I know I’m running out of time. So I’ll just try to pick up the pace, Nico, sorry to try to keep on time. Because I am the program manager for the NRO RPKI program, I wanted to briefly touch on what we do to encourage adoption of RPKI. So first, very generally some approaches to encouraging adoption, one is providing support. So by raising awareness, building capacity, engaging with organizations and those that are responsible for implementations, working on system improvements is a way that we can encourage adoption. And then there’s also two big approaches that you may have heard of that is based on reputation. There’s an example of MANRS, which is the Mutually Agreed Norms for Routing Security, where there’s different aspects of routing security that are described as best practices and network operators can subscribe to MANRS and then become part of kind of this ranking on how much they implement those best practices.

Sofia Silva Berenguer: But there’s also regulation-based approaches where you may have heard earlier this year, the United States, for example, is the big example of publishing a roadmap to enhancing internet routing security by which governmental agencies are now mandated to create routes for the space and to start doing route origin validation. And there’s also a similar example from Finland. So as I mentioned, I’m directly involved with the Regional Internet Registry. I work for the NRO, which is the number resource organization that brings together the five RIRs and what the RIRs do to support RPKI adoption. is to organize training events. They have e-learning platforms where they help with that like capacity building side of things. They engage with member organizations, with governments and other entities to support them in the adoption of RPKI. And we have recently launched, actually just in January this year, we launched the RPKI program that I am a program manager for to create more consistency across the RIRs. Because each RIR is an independent organization that has implemented RPKI in their own way. It has become more and more important strategically to create more consistency among the five of them. And a geographically relevant example is the RIPE NCC, that is the RIR that covers this part of the world. In 2023, worked closely with the Saudi Arabia government organizing workshops, both for decision makers and for technical people. And that showed an immediate increase in the uptake of RPKI. So I think that that’s a good example of how we support RPKI adoption. As I mentioned, I’m the program manager for the NRO RPKI program. And what we want to do is to bring more consistency to the RPKI implementations of the five RIRs. But most importantly, we want to create this space of more structured coordination and collaboration. Historically, the RIRs do coordinate and collaborate. But for RPKI in particular, we wanted to create this like more structured with like clear priorities. And we have some specific objectives that we want to achieve in 2025. And I’ve left a couple of links there so that if you want to learn more about the program or if you want to get in touch, you can do that. So in bringing my presentation to a close and trying to connect with the previous topic that is quantum, I am no expert in quantum, but my reflection is. As I mentioned, the statements that we produce through RPKI rely on cryptography, they can validate them cryptographically. And as quantum computing represents a disruptive force that could undermine the current cryptographic standards, RPKI may be affected. So my question for reflection is whether the cryptographic algorithms that are used nowadays by RPKI could eventually be replaced once there’s suitable post-quantum algorithms that are standardized, whether the ones we use nowadays in RPKI could be replaced with those new ones. So I’ll leave the question out there, we can come back in the discussion, I guess. Thanks everyone for your time and thanks again for having me today.

Nicolas Fiumarelli: Sofia, thank you so much for your contributions. RPKI can sound very strange for non-technical persons, but basically this is a security extension of the Internet, right? And one thing that I would like to highlight here is that these technologies in general, the security extensions, are optional, right? It’s something that the operator needs to deploy, this technology, and also the operator needs to deploy the validation of this technology, the routing validators. So there are several reasons for that, right? While we are having enforceable mechanisms like Sofia mentioned in the USA, different countries mandating for deploying these security extensions, you know, there is a topic that is very highlighted in the Internet society that is about fragmentation, right? So what happens, if you mandate that everyone needs to have RPKI, you can be disconnecting networks in some manner, because for the ones that does not implement RPKI. But on the other side, you will be exposed to high-sharking and route high-sharks, so we need to have a balance. And I think these approaches we are seeing… in different countries and Saudi Arabia example that Sophia mentioned is some of the examples that ways to go. So now continuing with RPKI, we have Wataru Ogai, that is from JPNIC, from the Japan ICF. We knew Wataru last year when we went to the Japan Global ICF. He is a representative from JPNIC with the extensive expertise in RPKI operators and he has been instrumental in advancing this routing origin validations adoption in the Asia-Pacific region. So Wataru will present about the global movement of policy and operators in RPKI, discussing some milestone on the global IPv4 ROA coverage, and he will address different aspects of RPKI, also articulating more on the quantum, post-quantum cryptography and RPKI. But yes, let’s talk more, Wataru, about this, how to deploy, what are the strategies of deploying RPKI and about this global movement. So the floor is yours, Wataru. Thank you, Nico, for the introduction and hi everyone.

Wataru Ohgai: My name is Wataru Ogai from Japan Network Information Center, JPNIC. From me today, let me talk about the global movement of policy and operation in RPKI world in 2024. For those who may not know, JPNIC is a national internet registry for Japan, which is a kind of like a national version of the RIR. And we are not the one operating .jp domain name, but instead we manage IP addresses and AS numbers in Japan, and of course, running on RPKI repository based on the registry database. Oh, it’s already December, and let me… Let’s first look back on what RPKI related matter happened in this year. The biggest news was that the global IPv4 ROA coverage have exceeded 50% in NIST RPKI Monitor and other global measurement platforms. This was the first time in this history for exceeding the 50% more than the half of the global network is covered by ROA. An IPv6 has been already achieved a few years ago. So that means over how the internet is now ready to protect it by RPKI. This is not just a wonderful achievement, but it also means that we are already in the next stage, the ROV. Regardless of tier one or not, applying ROV in the network is becoming no longer optional. Over half of the world is ready to go and there is no reason anyone can stop it. The stage of maybe or considering for ROV is already a past. Why can I so sure? Let me explain some background in the next slide. The first one, and it’s also a big step for BGP world, is that one of the tier one network operator, Google, is now phasing out route server based peering in IX, Internet Exchange Point. And moving forward for bilateral direct peering strategy. This affects many networks who have been peering with Google via route servers to shift their peering plan and also requires them to be RPKI ready. In Google’s peering policy, there is no clear sentence for that, but they apparently agree. requires ROA assurance for any direct bilateral peering network as the best current practice, refusing everyone peers with Google to be RPKI, resulting everyone peers with Google to be RPKI ready. This could be an implication that the tier networks like Google is now gearing up for full scale ROV and of course Google and other big parties are already studying ROV in their networks. And the second background is the national security. We’ve talked about the importance of RPKI in private sector so far. The same thing can be also applied for the government who wants to protect the whole environment of the country. The United States are considering seriously about ROV implementation mandatory not only in the federal government organization but also big companies in the country, business sectors for the national security. The U.S. is not only a country but some other countries are also presenting their interest on ROV this year. Thus in some day, whether we like or not, some countries will force domestic companies to do ROV but clearly the internet persons don’t like governments to decide what we do or what we don’t for security so we should go do this by our own hands before they force us. So far, I’ve talked about what happened and what is going on. Then let’s see what will happen or what could happen in the near future. The first ballpoint there is a dedicated, decided future as I talked. In the future, implementing ROV will be just one of the other normal operations, nothing special. Then the not found routes, which have no ROA for associating it, no RPGA ready routes will be vanished from the global routing entry. Of course, not to mention the invalid routes vanishing from the table. In the second bullet, there will be the operational challenges. As you may know, ROV is in fact not a predefined term like ROA. If you say we are doing ROV, then you can handle invalid routes to be rejected, or give some lower local preference value so that they are not likely to be used for routing. That’s your organizational matter, not a predefined matter. This year, we, JPNIC, in collaboration with Japanese government authority and experts from private and academic sector, published operational guidelines for both corporate executives and engineers with command-by-command reference, which I hope contribute to this situation, but it’s still your choice. Another concern is SLAM. SLAM is a way to intentionally ignore some ROV results based on the other trust. Technically, if someone issued an invalid ROA by mistake, and you notice that the ROA and actual routes coming from BGP-PRT first, you can just apply SLAM to ignore that operational failure. But how do you know if it’s SLAM? just an operational failure. Well, how can you tell the incident from malicious attack or even the intended changes of network? We already have a technical protocol slum, but we still in need of the operational policy. We are also facing the trust issue in the ROA itself. ROA revalidation is done based on what is written in ROA. So the trust in ROA is a considerably big issue. This year, one of the large network operator in the world located in Spain, which is a ripe region, had their online account used to creating or modifying ROA taken by bad actor. And that bad actor modified their ROA so that the original routes advertised in BGP to be invalid in ROV result. The recovery took a few hours and the rest of the world are forced to trust the forged ROA. The company already changed their password and recreated that genuine ROA after the incident. And RIPE also responded quickly to this incident and they introduced two-factor authentication on their platform and PASCYs, the newer authentication methodologies for their entire customer account in a few months to prevent further attacks. As I talked in previous slides, we have technological slum, but handle this type of incident from the viewpoint of non-victimized network operators, we still don’t know when to apply slum. The current answer to this scenario is double-checking the information in several community mailing lists. However, I believe there is more sophisticated ways to be able to evolve. Let’s move on to the brighter future now. And there is another technology based on RPKI, which is Asper. Current ROA and ROV is basically just a matching of the IP address prefix, and it’s already originated as but as many of you may know, the internet, the BGP is consisting consists of the exchanging route information. So there should be a certain path that the packet should go this network through this and through this like that. And ROA and ROV is not sufficient to do that. And currently Asper has finished the most standardization process in the IETF and we are seeking for the implementation and actual operation. Post quantum cryptography is another topic of this session. Yes, we are talking about the post quantum cryptography implementation in RPKI world. The current situation in PQC is like something that they can adapt after the actual compromisation to ROA or other algorithm happen by quantum computers. And others like thinks that they need to implement PQC before something is destroyed. One key, I think, to end this binary trade off is to implement quantum quantum safe RPKI today, the day before the entire world is done in ROV implementation. So this is my last slide. And the ultimate question for me is that, who can you trust? Why are they trustworthy? What mechanisms established a necessary trust? Things all is all about the trust cryptography RPKI, PQC, the internet, everything is about the trust. Policymakers and engineers are now required to collaborate to design flexible policies as a way to answer these questions. Thank you and I’m giving it back to you, Nico.

Nicolas Fiumarelli: Thank you so much, Wataru. You made very interesting points. I was wondering why this could happen, right, that you have a password for accessing your RIR platform to create this and route origin validations and once ROV, it says the validators will go to validate you, your routes. This is a huge problem because what happens is someone tamper with your login credentials and then change, as you say, the ASN of origin that is intended to be the origin. So you, the clear effect here is that you will be out of the internet. Your entire network will be fragmented from the rest of the internet and that will be a very complicated thing. So yes, I think that managing credentials of the RPKI systems is something that is very important. And also interesting that you mentioned that there are some quantum safe RPKI way. In my opinion, that needs to be before that everything explodes on the internet when the quantum computer develops and finally develops. So that are some of the challenges that we have for the future now. So heading to our other part of the session today. Sadly, some of our speakers, that is Sorina Sefa from UNECA wouldn’t make it, but Atanase that is with us here will cover her part. The idea was to focus now. Now we have established a about RPKI, about, you know, quantum computing and we need to talk about how to integrate it in governance frameworks, right, across the different regions. So, Atanasi will briefly talk to us about some advanced security measures or how this can be integrated into multi-stakeholder efforts or governance frameworks, particularly in the Global South. So, how can Atanasi address these challenges in harmonising policies across diverse regions? The floor is yours, please.

Athanase Bahizire: Thank you so much, Nico. Yeah, thank you so much, Nico, and this is a very important topic and particularly in Africa, is the capacity of different regions are different and with the advance of quantum technologies, you see, we need actually enough resource to whether host a quantum computer, which resource some of the time we don’t have actually in Africa till now one quantum computer, but the idea is that we should be proactive and what Taru was talking about it again, we don’t have to wait for till we will have the full capacity to start leveraging on this technology and I’m going to share some of the great things that are being done in Africa in order to embrace actually these emerging technologies. One of the things when you’re talking about actually the measures that are being put in place, the UN Economic Commission for Africa, which is the ECA, has brought a programme to build capacity of different governments in Africa when it comes to security measures and in these security measures, we tend to go around some of the DNA-seq, which is very important and how we can secure systems and at this level, we are building the capacity of the different governments so they can understand these techs, but then we didn’t manage to get to very technical aspects such as RPKI and quantum encryption, which I believe we should incorporate in these capacity building initiatives. We also have now the MANRS and what is happening with the MANRS is that it’s voluntarily, so there is no obligatory measure that says to the ISPs that you need to implement the MANRS and which is kind of becoming challenging and we have tried to discuss with the ISPs and you see they will tell you that to deploy these technologies, it’s additional resources and additional technical stuff and some of the time, we can’t see the emergent needs for it now, that’s why we put it for later, but then again, I’m emphasising on why we need to be proactive and start thinking, having an idea of the future when we are developing our solutions, when we are securing our system and when it comes to harmonisation of policies, many of the African countries are developing their cyber security. policies and legislations but not all of them have actually ready policies that are ready. In our country we have a bill that is actually being examined in the parliament but yet we haven’t seen a very much involvement of the technical community in country in the development of this and we have a framework at the African level but whereby technical community have had enough space to influence actually what is entering in this legislation but at the country level we haven’t seen this much involvement of the technical community, the technical community that actually has the capacity and the technical understanding. So that why it’s I believe it’s very important to harmonize what is being done in country with the different aspect, the different aspect that are regional, the African level or the different protocols that are being adopted by whether the ITF and extra level but then again our big challenge is resources for our technical community to be able to keep the pace in the advancement of these technologies, the advancement of the cryptography. We need capacity and some of the time we don’t have the capacity. So we are really calling for more investment in capacity to the technical community actually to be able to strengthen our country’s strategies and also the collaboration between the government and the legislation that are putting in place cyber security strategies with the technical community and various stakeholders. And there is also one thing I wanted to mention here when it comes to the security measures we are having now. We tend not to take very seriously cryptography as what I was giving examples whereby you know putting in place to filter authentication in your database and some other very little best practices. We are not adopting them. We are waiting for when it’s like mandatory or it’s like as a regulation to adopt it’s what is not really a good practice and it doesn’t have that much in securing our system. So I believe it’s time for us to embrace with our low resources as we are still building our resources but also to embrace the benefits that these technologies are bringing to us, embrace the best practices in security and that will be really very helpful. And one other thing you asked Nico it’s about capacity building in to ensure equitable adoption of all these security protocols. There are some organizations that are working in capacity building Africa like we have the Internet Society that has done a lot of workshops with policy makers, with IXP operators and ISPs for around the miners, the mutual agreed security. And what is happening here is we have seen quite an increase in adoption of the miners after these capacity building initiatives. But I believe we need to do more. This capacity building initiative sometimes doesn’t touch those communities with very low operators, operators who have very low capacity, who are managing very small network. So I believe we need to increase this capacity building initiative and go up to reaching the various actors who are into playing this. And that where it comes into play, the different stakeholders here. If the IETF has programs like this to build capacity or other organizations, if they do have these initiatives, I believe Africa is very open to embrace and collaborate in order to all go together in these technologies that are coming very fast. I’m going to stop here, Nico, and back to you. Thank you.

Nicolas Fiumarelli: Thank you so much, Atanase. You raised a lot of different points, very important ones. One thing to mention from my side is that in August this year, the National Institute of Standards and Technologies created three standards for the post-quantum cryptography that are Crystal Deletion, Crystal Kyber, and Sphinx. Sorry for the technical words, but these algorithms are already prepared to be deployed. There are some challenges like the length of the key that is a little longer than the previous algorithms such as RSA and AES. But as the spokesperson from NIST said, there is no need to wait. We need to start deploying these standards now to be more on the proactive way, as Guattaro said. And also, you mentioned, Atanasia, about the costs, right? I think that one of the main objectives maybe of the ANARA or RPKI program, with having these unified global platforms or, I don’t know, documentation or manuals on how to use these interfaces, sometimes provided by the RIRs or by the ANARA IRs like JPNIC, could help people have more capacity building on this. You know that the regional registries are doing the regional meetings every year and they do tutorials about this and everything. But yes, I think that you also mentioned something important that is about the small and medium operators. These ISPs that some kind attend a low portion of population in isolated places, they would be being outside of these efforts and maybe they are the ones that have not this RPKI prepared yet. So another thing that I want to mention is about the IoT, right? We missed also one of our speakers today, that is Shoao, because he had a collision with other session. But what happened with the IoT Internet of Things, you know, it’s about these constrained devices that sometimes has constraints in battery, constraints in energy, and also in memory. So these devices cannot rapidly implement this post-quantum cryptography that demands more and more power computation to do the encryption. So the IETF, that is the standardization body, is looking for a lightweight protocols that could be post-quantum cryptography, post-quantum resistant. I mean, that is something that we need to take a look of, because there are millions and billions of devices, IoT devices, coming around. And if these devices are not fully protected, we will be in a very huge problem, right? So that is another thing to look for, to how to have a hybrid approach on post-quantum cryptography in the IoT. And now is the part of the session when we open the floor for questions for the on-site and online speakers here. Also, the panelists, if you have been, if you have something in your mind you want to also say after all this conversation, please, Atanasis will be looking forward for the hands on the online and also the hands here on site. So we have at least 15 minutes for the Q&A part. So just go with this. I will give the floor then to Atanasis to moderate this part of the Q&A. So we will be receiving questions and our panelists will be responding. Yes, thank you so much. We have one question already in the room. So we are

Audience: going to start by one. Good afternoon. My name is Wouten Atres. I’m a consultant in the Netherlands, but also here at the IGF as the consultant for the Dynamic Coalition on Internet Standards, Security and Safety. And what we’ve been doing in the past, sort of, and are going to do in the near future, encompasses everything that we heard today. And my question to the panelists after I finished is how can we actually as a Dynamic Coalition help you with the situation that you have been describing? Last year at the IGF, we presented a report on IoT security by design. And Nico was the project lead for that as our working group chair for that topic. But we’re going to start a new iteration this year and present that in Liljestrøm near Oslo in June 2025, which combines the post-quantum cryptography and the state that that is at the moment with IoT security. But what we’re going to look in also is the societal implications when things go wrong, the political implications go wrong, and a bit more that the people who are leading are better in voicing than me as coordinator. But the fact is that we’ve been looking at this comprehensively. And my final comment is on RPKI, with thanks to ICANN and the RIPE NCC, we presented here at the IGF a document that helps the technical people convince their bosses to deploy DNSSEC RPKI, but by default all other internet standards, by providing them with arguments that are not technical, but exactly the sort of arguments the CEOs and CFOs want to hear what the implication for a company is if you don’t have that, the implications for your reputation, the implications for your customers or your own employees. So that is what we produced this year, but what I would like to hear is what can you do with us, because we invite you to join. You can go to our website is3coalition.org and we’re going to ask Nico to put it in the chat for me please, our website, but also what could we do for you, because we want to be as relevant as possible. So that’s an invitation, but also perhaps that some of the panelists can reflect on it and from there we can take that with us. Thank you. Anyone who wants to comment on that, my panelists please.

Nicolas Fiumarelli: Yes, Sofia. Thanks for that comment and I guess from my side what I wanted to comment that in terms of answering the question of what can be done, my final question of my presentation, inviting for reflection, can also be extended to an invite for some more work as we discussed the…

Sofia Silva Berenguer: ITF is a space where internet standards are developed. And currently, although there is an RFC describing, I think it’s called Algorithm Agility RFC, but it’s quite old and it has never been implemented. And so if there is kind of a theoretical framework for replacing parts of RPKI, but it has never been put in practice and some people believe it wouldn’t really work. So there is room there for anyone who wants to be more involved in the ITF or who is already involved in the ITF, but wants to be more involved in this space to do work on how to actually impractice the cryptography in RPKI could be replaced for like something that is post-quantum state. So I guess that that’s my only comment. I’m no expert in that space. So I’m not the person to help in the actual work, but I’m just pointing out an opportunity for some work that anyone interested could be involved in. Thank you.

Athanase Bahizire: Thank you. And actually, thank you all for mentioning the work you’re doing at the ISTC. We believe more people need to hear about the work you do. And as for us in Africa, we believe your resources might be very helpful to us. Thank you for sharing these resources. We have a thought in the chat, by Mike Nelson. After Google’s announcement of the Willow quantum computing chip, there was speculations that someday soon Google would use the chip to break the obsolete encryption used to protect the huge stash of Bitcoin created and controlled by Satoshi. He’s wondering, is the only one fascinated about this possibility, or is it that important? Anyone want to comment on this?

Nicolas Fiumarelli: Well, I think… We didn’t include a blockchain and Bitcoin at this session and panel, but blockchain is at risk as well. Because if quantum computing can proceed, if you have your public key from your wallet at the Bitcoin, you will definitely get your private key very instantly. So that means that you will have the money of that wallet. But yes, we are talking about a near future, right? Every day we see a new quantum development on the superconductors, on the different parts of the quantum chain. There was some news recently about quantum annealing. That is a new technique. So you don’t need to have millions of qubits to perform the quantum computation. Now with some thousands of qubits, and Google is close, right? They have this Google Seeker with 1,000 qubits machine already happening. They cannot maintain the state of the photons a lot of time, but they are close to reach these gaps. In my opinion, when people say 10 to 15 years, for me it’s like five years. I think that Maria stated very well in their graphic and statistics about this development. Just leaving with this to answer the question of the blockchain in that. Please, if you have another question, I’ll return to Atanasis. Yes, thank you. Nico, if you have any other question in the chat or in the Zoom room, you can raise your hand, we will give you the floor. In the room, do we have a question? No question for now. There is a comment on the Bitcoin case saying the advancements are important. signify what is to come.

Athanase Bahizire: But at this point, it is mostly hype. There is little practical than they can achieve right now. But yes, Niko said it, maybe not right now, but in the very coming, we may see a big change in this. Yuke, do you want to take the floor and comment on this one?

Audience: Yuke, can you hear me? Yes, I see you are unmuted. Sorry, Yuke needs the permission to speak. Hi, can you hear me now? Yes, sure. Yeah, so quantum is a very new technology and as is the case in any new technology,

Yug Desai: there’s going to be a lot of hype in addition to the actual technological advancements that are happening. And it is important to separate the hype from what is real because that is where the policy interventions will come from. And in case of a lot of the advancements that these big companies are making, they have to hype it up because a lot of investment is going into these areas. So it is important that we take a measured approach when we see these announcements and focus on what the practical implications are and take actions according to that. So, we are going to the conclusion of this session, yeah, okay, Wout, you can have a comment. Yes, Wout Naats is again of IS3C, I have a question to Maria Luka that I just am reminded of myself. You are doing a lot of work on both quantum and on quantum computing and we are going to do that as IS3C in the coming six months, where do we supplement each other or perhaps are we doing double work, what is your impression and how can we potentially cooperate in the coming months? Thank you. I don’t see Maria online anymore, I think, so I will translate this question to her, but I will let our rapporteur, Hugues, to also summarise on the key takeaways from our session, because we are running out of time, Jacques will highlight on the topic, actionable insights and then we are going to conclude, please, Hugues. You have, now you have permission to, to unmute yourself. Okay, yes, thank you, Nicolas. So what I’ve been talking about and great insights by our speakers that I’ll try to quickly summarise so that we have good takeaways to take and think about from this session. So Maria started with the revolutionizing power of quantum technology, especially in fields of communication and sensing, which are relatively more mature technologies, and have great potential in making precise measurements of the electromagnetic field, for instance, they have Hi, Nicholas, can you hear me? Okay. Yeah. So I’ll start again. Actually, I’m speaking. So yeah, so Maria told us about the revolutionizing power of quantum technologies and the more mature fields of quantum communication and quantum sensing, and how they promise to transform industries like healthcare, defense and military infrastructure security. The critical challenge of course lies in reaching cryptographically relevant quantum computers, which would threaten the current security frameworks that we have, especially in in deployed industrial environments. The risk is also particularly acute as we begin to collect data using these quantum instruments and use them to advance AI and existing knowledge models. The global response is already underway and governments are already providing information on how to migrate to quantum secure technologies. hyperscalers like Amazon and Google are already implementing quantum security in their platforms. And a lot of effort is also underway in making sure that the new technologies can integrate with existing technologies so that you don’t have to create everything a new the quantum investments in the quantum space are also at increasing year by year. And this is the exactly the reason why we cannot wait in in moving towards quantum secure technologies. Then we also had a very good discussion on RPKI and how the protocol, the BGP protocol was created with the assumption of trust, but we don’t really live in that reality. So RPKI was created as a secure layer on top of BGP and it has two key components, ROAs and ROVs, but the adoption has not exactly been heterogeneous, is actually heterogeneous, not homogenous across the world. And depending on who you ask, they will tell you that whether it is having the desired impact or not. The main challenge stems from the collective action problem where networks need widespread adoption to see the benefits creating this sort of a chicken and egg situation. Additionally, the non-technical decision makers often struggle to justify the investment that is needed in this transition. However, adopting RPKI is absolutely crucial and many tier one ISPs are making this their priority. And in future soon, it will become important to have RPKI deployed to connect to some of these networks. Also, RPKI is also under threat from quantum computing because it uses cryptography that is vulnerable to potentially cryptographically relevant quantum computers. So we’ll also need to work on making sure that RPKI also becomes quantum safe in the future. I also want to highlight what Anthony has mentioned about the situation in Africa and how capacity building is really important when we are trying to ensure security in this age of emerging internet technologies and posing newer risks to security, the technical communities in Africa and global south alike. need to need more resources to combat these emerging threats and also more capacity building to make sure that the networks of the future remain secure. I will end at that.

Nicolas Fiumarelli: Thank you so much, Yu. And well, I would like to thank you. We are just in time to thank our distinguished panelists for the invaluable contributions they have made, as well as all of you both on site and online. Well, I think with today’s session, we demonstrated the critical importance of collaboration in addressing different challenges and opportunities presented by these three technologies, quantum encryption, RPKI, and IoT security. I think that you at least will bring something to your home from all these learnings by exploring this intersection of technologies. I think we could be better prepared to secure our digital ecosystems of tomorrow. So hope you ensure the rest of the IGF 2024. Thank you so much. Applause.

Agreement Points

Urgent need for post-quantum cryptography implementation

Maria Luque

Nicolas Fiumarelli

Sofia Silva Berenguer

Post-quantum cryptography standards need to be implemented now

Quantum computing poses a threat to current cryptographic systems

There is a pressing need to implement post-quantum cryptography standards to protect against future quantum computing threats to current cryptographic systems.

RPKI adoption is crucial for internet security

Sofia Silva Berenguer

Wataru Ohgai

RPKI adoption faces a collective action problem

Global IPv4 ROA coverage has exceeded 50%

Tier 1 networks like Google are pushing for RPKI readiness

While RPKI adoption faces challenges, it is crucial for internet security, and progress is being made with major networks pushing for its implementation.

Similar Viewpoints

There is a need for increased collaboration and capacity building, especially in developing regions, to address emerging internet security challenges.

Athanase Bahizire

Yug Desai

Africa needs more resources and capacity building for quantum security

Multistakeholder collaboration is crucial for addressing security challenges

Unexpected Consensus

Immediate action required for quantum-safe technologies

Maria Luque

Nicolas Fiumarelli

Sofia Silva Berenguer

Wataru Ohgai

Post-quantum cryptography standards need to be implemented now

Quantum computing poses a threat to current cryptographic systems

Quantum-safe RPKI needs to be developed

Despite representing different aspects of internet security, all speakers agreed on the urgency of implementing quantum-safe technologies, which is somewhat unexpected given the typically slow pace of adopting new security measures.

Overall Assessment

Summary

The main areas of agreement include the urgent need for post-quantum cryptography implementation, the importance of RPKI adoption for internet security, and the necessity for increased collaboration and capacity building in addressing emerging security challenges.

Consensus level

There is a high level of consensus among the speakers on the urgency of addressing quantum computing threats and improving internet routing security. This strong agreement implies a clear direction for future internet security measures and highlights the need for immediate action in implementing post-quantum cryptography and expanding RPKI adoption.

Different Viewpoints

Urgency of implementing post-quantum cryptography

Maria Luque

Nicolas Fiumarelli

Quantum-gathered data is needed for all of the knowledge models that we want to advance with artificial intelligence and high-performance computation.

Post-quantum cryptography standards need to be implemented now

While both speakers emphasize the importance of post-quantum cryptography, Maria Luque focuses on the future need for quantum-gathered data, while Nicolas Fiumarelli stresses the immediate necessity to implement post-quantum cryptography standards.

Unexpected Differences

Focus on regional challenges vs. global solutions

Athanase Bahizire

Maria Luque

Africa needs more resources and capacity building for quantum security

Quantum sensing and communications are maturing rapidly

While Maria Luque focuses on the rapid advancement of quantum technologies globally, Athanase Bahizire unexpectedly highlights the specific challenges faced by African countries in terms of resources and capacity building for quantum security. This difference in focus reveals a potential gap between global technological progress and regional readiness.

Overall Assessment

summary

The main areas of disagreement revolve around the urgency of implementing post-quantum cryptography, the current state and challenges of RPKI adoption, and the focus on global technological advancements versus regional capacity building needs.

difference_level

The level of disagreement among the speakers is moderate. While there is a general consensus on the importance of quantum security and RPKI adoption, the speakers differ in their perspectives on implementation timelines, regional challenges, and the current state of adoption. These differences highlight the complexity of addressing global cybersecurity challenges while considering varying regional capacities and needs. This has implications for developing comprehensive and inclusive strategies for future internet security measures.

Partial Agreements

Both speakers agree on the importance of RPKI adoption, but they differ in their assessment of its current state. Sofia Silva Berenguer highlights the challenges in adoption due to the collective action problem, while Wataru Ohgai emphasizes the progress made with global IPv4 ROA coverage exceeding 50%.

Sofia Silva Berenguer

Wataru Ohgai

RPKI adoption faces a collective action problem

Global IPv4 ROA coverage has exceeded 50%

Similar Viewpoints

There is a need for increased collaboration and capacity building, especially in developing regions, to address emerging internet security challenges.

Athanase Bahizire

Yug Desai

Africa needs more resources and capacity building for quantum security

Multistakeholder collaboration is crucial for addressing security challenges

Key Takeaways

Quantum technologies are advancing rapidly and pose both opportunities and threats to cybersecurity

RPKI adoption is progressing but faces challenges, especially for smaller network operators

Post-quantum cryptography standards need to be implemented proactively

Multistakeholder collaboration and capacity building are crucial for addressing emerging security challenges

IoT devices require specialized lightweight post-quantum cryptography solutions

Resolutions and Action Items

Implement post-quantum cryptography standards now rather than waiting

Increase capacity building efforts for RPKI adoption, especially for small and medium ISPs

Develop quantum-safe RPKI protocols

Harmonize cybersecurity policies across regions

Integrate technical community input into national cybersecurity legislation

Unresolved Issues

How to effectively implement quantum-safe cryptography for resource-constrained IoT devices

How to overcome the collective action problem in RPKI adoption

How to ensure equitable adoption of security protocols in regions with limited resources

How to balance mandatory security requirements with avoiding network fragmentation

Suggested Compromises

Adopt a hybrid approach for post-quantum cryptography in IoT devices

Use reputation-based approaches like MANRS alongside regulation to encourage security best practices adoption

Implement RPKI in phases, starting with larger networks and gradually including smaller operators

By 2045, the world looks nothing like it does today. Profound transformation has taken place, and all global communications, both terrestrial and space-based, they are somehow integrated through optical networks.

speaker

Maria Luque

reason

This comment paints a vivid picture of a potential future transformed by quantum technologies, challenging participants to think long-term about the implications.

impact

It set the stage for discussing the far-reaching potential of quantum technologies beyond just cryptography, broadening the scope of the conversation.

My message today is that not only a cryptographically relevant quantum computer and its advent is a threat to this future that I just pointed out to you, to how we leverage this data for good, not only Harvest Now and Decrypt Later is a threat to this vision alone, the threat is up today.

speaker

Maria Luque

reason

This comment highlights the immediacy of the quantum threat, challenging the common perception that it’s a future problem.

impact

It shifted the discussion towards more urgent consideration of quantum-safe security measures and their implementation.

ROA revalidation is done based on what is written in ROA. So the trust in ROA is a considerably big issue. This year, one of the large network operator in the world located in Spain, which is a ripe region, had their online account used to creating or modifying ROA taken by bad actor.

speaker

Wataru Ohgai

reason

This comment introduces a real-world example of vulnerabilities in current security systems, highlighting the complexity of trust in digital infrastructure.

impact

It grounded the theoretical discussion in practical concerns, leading to more focus on operational challenges and the need for robust authentication methods.

We tend not to take very seriously cryptography as what I was giving examples whereby you know putting in place to filter authentication in your database and some other very little best practices. We are not adopting them. We are waiting for when it’s like mandatory or it’s like as a regulation to adopt it’s what is not really a good practice and it doesn’t have that much in securing our system.

speaker

Athanase Bahizire

reason

This comment highlights a critical issue in cybersecurity adoption, especially in developing regions, pointing out the reactive rather than proactive approach.

impact

It shifted the conversation towards discussing capacity building and the need for proactive security measures, especially in the Global South.

Overall Assessment

These key comments shaped the discussion by broadening its scope from purely technical considerations to include long-term societal impacts, immediate security threats, practical operational challenges, and regional disparities in adoption. They moved the conversation from theoretical possibilities to urgent practical needs, emphasizing the importance of proactive measures and global cooperation in addressing quantum and routing security challenges.

How can the cryptographic algorithms currently used in RPKI be replaced with post-quantum algorithms once they are standardized?

speaker

Sofia Silva Berenguer

explanation

This is important to ensure RPKI remains secure against future quantum computing threats.

How can we develop operational policies for SLAM (Selective Lifting of Anomalies in MANRS) to distinguish between operational failures and malicious attacks?

speaker

Wataru Ohgai

explanation

This is crucial for properly implementing SLAM and maintaining network security.

How can we develop lightweight post-quantum cryptography protocols suitable for IoT devices with limited computational resources?

speaker

Nicolas Fiumarelli

explanation

This is essential to protect the growing number of IoT devices against future quantum computing threats.

How can the Dynamic Coalition on Internet Standards, Security and Safety (IS3C) collaborate with and support the work being done on quantum computing and security?

speaker

Wout de Natris

explanation

This collaboration could help advance the development and adoption of quantum-safe security measures.

How can we increase capacity building initiatives to reach smaller network operators, particularly in Africa and other developing regions?

speaker

Athanase Bahizire

explanation

This is important to ensure widespread adoption of security measures like RPKI across all levels of network operators.

Summary

This workshop focused on balancing encryption, privacy rights, and public safety, particularly in relation to child protection online. Experts from various fields discussed the challenges and potential solutions to this complex issue.

The discussion highlighted the tension between privacy and security, with some arguing that privacy concerns are sometimes weaponized at the expense of child safety. Participants emphasized the need to reject framing this as a choice between privacy and security, instead advocating for solutions that address both.

Key challenges identified included global inconsistencies in laws and standards, rapidly evolving technologies, and the difficulty of protecting against online abuse while maintaining privacy. The importance of international collaboration was stressed, with calls for finding common ground and developing harmonized legal and technical standards.

Participants suggested several approaches, including client-side scanning for known child sexual abuse material, age verification tools, and considering sub-contexts for different user groups. The need for public awareness and education about encryption and its impacts was emphasized.

The discussion also touched on the role of internet standards bodies like the IETF, with calls for greater multi-stakeholder engagement in these technical forums to ensure societal implications are considered. Participants agreed that finding solutions requires input from diverse stakeholders, including government, private sector, and civil society.

Overall, while acknowledging the complexity of the issue, the panel expressed optimism that balancing encryption, privacy, and public safety is a “mission possible” with continued dialogue and collaborative efforts.

Keypoints

Major discussion points:

– Balancing encryption, privacy rights, and public safety, especially regarding child protection online

– The need for multi-stakeholder collaboration and international cooperation on encryption policies

– Challenges of evolving technologies and inconsistent global regulations around encryption

– Educating the public and raising awareness about encryption’s impacts

– Engaging technical standards bodies like IETF to consider societal implications of encryption decisions

The overall purpose of the discussion was to explore the complex challenges of balancing encryption, privacy, and public safety, and to identify potential paths forward through multi-stakeholder collaboration and public education.

The tone of the discussion was thoughtful and solution-oriented. While speakers acknowledged the difficulty of the issues, there was an emphasis on finding pragmatic ways to make progress rather than viewing it as an impossible task. The tone became more optimistic and action-oriented by the end, with calls for stakeholders to get involved in technical standards bodies and educate the public.

Speakers

– David Wright: Director of the UK Safe Internet Centre and CEO of UK charity SWGFL

– Andrew Campling: Director of 419 Consulting

– Taddei Arnaud: Deputy Director, Cyber Information Development Bureau, Cyberspace Administration of China

– Makola Honey: Manager of policy research and development unit at Independent Communications Authority of South Africa, vice chairperson of ITU-T study group 17

– Boris Radanovic: Head of engagements and partnerships at SWGFL

– Alromi Afnan: Vice chairman of ITU-T study group 17, director of cyber security operations centre at CST

Additional speakers:

– Cynthia Lissoufi: Works with ITU, from South Africa

– Catherine Bielek: Infectious disease physician at Harvard Medical School

Balancing Encryption, Privacy Rights, and Public Safety: A Multi-Stakeholder Approach

This workshop, part of the Internet Governance Forum (IGF), brought together experts from diverse backgrounds to discuss the complex challenges of balancing encryption, privacy rights, and public safety, with a particular focus on child protection online. The discussion highlighted the tension between privacy and security concerns, while emphasising the need for collaborative, multi-stakeholder solutions to address these interconnected issues.

Key Challenges and Framing of the Debate

The participants identified several key challenges in addressing encryption and privacy:

1. Global inconsistencies in laws and standards

2. Rapidly evolving technologies

3. Difficulty in protecting against online abuse while maintaining privacy

4. Balancing various human rights and interests

A significant point of contention emerged regarding the framing of the debate. Andrew Campling, Director of 419 Consulting, argued that privacy rights are sometimes weaponised at the expense of child safety, stating, “In my view the weaponization of privacy is being used and has been and is continuing to be used to override all of the human rights of children and other vulnerable groups and I think that’s a fundamental problem.” Campling also highlighted the scale of the issue, noting, “We’re seeing roughly 100 million reports of CSAM images and videos every year and that’s roughly three new images being found every second.”

In contrast, Boris Radanovic, Head of Engagements and Partnerships at SWGFL, advocated for rejecting the framework of privacy versus security altogether. He used a vivid analogy to illustrate his point: “We should utterly reject the framework of conversation of having privacy versus security. And if we reject it, I’ll just remind everybody that most of us flew to this wonderful country, and what if 90% of our flights had 90% of a chance to land in Ankara, maybe in Zagreb, maybe in London? None of us would take that option or those odds.” This reframing encouraged participants to think about achieving both privacy and security simultaneously rather than trading one for the other.

Proposed Solutions and Approaches

The discussion yielded several proposed solutions and approaches to address the challenges:

1. Technical Solutions:

– Client-side scanning for known child sexual abuse material (CSAM) images, as suggested by Andrew Campling

– Consideration of sub-contexts with different encryption requirements for various groups, proposed by Arnaud Taddei, Global Security Strategist at Symantec by Broadcom

2. International Collaboration:

– Makola Honey, Manager of Policy Research and Development Unit at Independent Communications Authority of South Africa, emphasised the importance of international collaboration to find common ground

– Alromi Afnan, Vice Chairman of ITU-T Study Group 17, highlighted the need to address global inconsistencies in laws

3. Public Awareness and Education:

– Boris Radanovic stressed the need for adaptable education for different capabilities and age groups

– Alromi Afnan noted that public awareness is a key part of online safety

– Panelists suggested developing targeted educational programs to help users understand the complexities of encryption and privacy

4. Engagement with Technical Standards Bodies:

– Andrew Campling called for civil society groups to engage with technical standards bodies like the Internet Engineering Task Force (IETF)

– Campling also highlighted how changes in underlying technology can affect parental controls and other safety measures

5. Learning from Other Models:

– Some participants suggested using the COVID-19 pandemic response as a model for balancing individual privacy and public safety needs

Multi-Stakeholder Approach and International Cooperation

A key area of agreement among participants was the need for a multi-stakeholder approach involving diverse perspectives. Speakers emphasised the importance of international collaboration and the development of harmonised legal and technical standards. Makola Honey suggested that international bodies can convene neutral dialogues to find balanced solutions, stating, “We need to find common ground, and international bodies can facilitate these discussions in a neutral way.”

The role of internet standards bodies like the IETF was highlighted, with calls for greater multi-stakeholder engagement in these technical forums to ensure societal implications are considered. Andrew Campling emphasised this point, stating, “What I think we need to do is to get people from the groups that are here, at least some of them, to engage over there, so civil society groups, governments, regulators, others who have got sufficient technical knowledge to engage in the standards bodies need to attend and pay attention to what is happening there, and the implications for some of the decisions being taken.”

Unresolved Issues and Future Considerations

Despite the productive discussion, several issues remained unresolved:

1. Developing global standards that balance needs of different regions and technical capabilities

2. Effectively educating the public about complex encryption issues

3. Addressing challenges posed by emerging technologies like quantum computing

4. Resolving conflicts between different legal and regulatory frameworks across countries

Arnaud Taddei contributed significantly to the discussion by emphasizing that security is not provable, stating, “Security is not provable. We can only prove insecurity.” This perspective added depth to the conversation about the challenges of implementing robust security measures.

Conclusion

While acknowledging the complexity of the issues at hand, the panel expressed optimism that balancing encryption, privacy, and public safety is a “mission possible” with continued dialogue and collaborative efforts. The discussion emphasised the need for ongoing multi-stakeholder engagement, international cooperation, and public education to address these challenges effectively. As the digital landscape continues to evolve, finding solutions that protect both privacy and public safety remains a critical goal for policymakers, technologists, and civil society alike.

David Wright: is now 1.45 here. We will make a start if that’s okay with everybody. And a very warm welcome to this workshop, workshop number 125. And here we are looking at balancing acts in terms of encryption, privacy, and public safety. My name is David Wright. I’m director of the UK Safe Internet Centre and CEO of a UK charity, SWGFL. And I’m delighted to be able to introduce you to the panel that we have today, both here and online as well. This is obviously the last workshop of this IGF, and it’s a real pleasure to be able to close out this IGF ahead of the closing ceremony with this particular subject. So it is, we are going to be looking at this complex balance between encryption, privacy rights, and public safety, and the needs for structured multi-stakeholder discussion. We have an hour with you, so we are going to have to keep comments, questions, perhaps brief, but it is such an important subject that we see. I’m just first of all going to introduce the panel to you. And for the panellists, I’m going to have to probably just condense some of the bios just because of time. And I’m going to run through them in terms of the sequence of questions as well. So I’d like to welcome Andrew Campling, who’s here with us. Andrew is Director of 419 Consulting, a public policy and public affairs consultancy focused on the tech and telecom sectors. He has over a decade of non-executive experience. experience backed by nearly 40 years of experience in a wide range of increasingly senior roles in a mainly business-to-business technology context. It’s been engaging in initiatives linked to encrypted DNS, encrypted SNI and related developments in internet standards, primarily to understand their impact in real-world deployments. It’s worthwhile pointing out Sir Andrew is a trustee of the Internet Watch Foundation, which is a global charity, one of our partners within the UK Safe Internet Centre and holds an MSc in strategic marketing management and an MBA. Andrew is currently studying in his spare time, studying law and plans to complete his LLM in the next couple of years. Online joining us is Arnaud Taddy. If we might be able to bring up Arnaud onto the screen. Arnaud is a global security strategist semantic by Broadcom. He’s an executive advisor of security strategy and transformation for the top 150 semantic customers. As part of his mission, Arnaud participates in specific standardization defining organizations and in particular, and this warrants congratulations Arnaud, elected chair of the ITU SG17 representing the UK and works at the IETF. He started his career in 1993 at the famous CERN IT division in Geneva, which created the World Wide Web and where he led the team responsible for communication, authentication and authorization. In 2000 joined Sun and became one of the 100 elected global principal engineers. In 2007 he joined Symantec and hold chief architect roles up to director of research as direct report to Dr Hugh Thompson, Symantec CTO and actual RSA conference chairman. I’d then also like to move on to the next panelist, which we can also bring Honey onto the screen, please. So Honey McCulloch is. the manager of the policy research and development unit at the Independent Communications Authority of South Africa where she guides the regulator in navigating its evolving roles across various aspects of ICT developments including cyber security. She also serves as a vice chairperson of the ITU-T study group 17 which focuses on setting international standards for cyber security. Within study group 17 Honey co-convenes the correspondence group on child online protection working to identify gaps in technical measures and promote initiatives that create safer online environments for children. If I can now draw in back into the room if I can introduce Afnan. Afnan Alromi is an accomplished cyber security leader with over 12 years of experience in managing complex projects and shaping cyber security strategies. As vice chairman of the ITU-T study group 17 cyber security and director of the cyber security operations centre at CST she plays a key role in advancing cyber security resilience locally and globally. Afnan holds advanced degrees in software engineering and computer science along with several industry professional certifications and is known for her expertise in strategic planning, vulnerability management and fostering international collaborations. Afnan welcome. Finally if I can welcome my colleague Boris. Boris Rudanovich is an expert in the field of online safety and currently serves as the head of engagements and partnerships at SWGFL the UK-based charity. Like me he also works with the UK Safe Internet Centre which is part of the European InSafe network. His work involves educating and raising awareness about online safety for children, parents, teachers and other stakeholders across the world. Boris has worked extensively with various European countries including Croatia where he worked at the Safe Internet Centre and he’s been involved in numerous missions to countries like Belarus, Serbia, Montenegro, North Macedonia. to present online safety strategies to government officials and NGOs. His focus is on protecting children from online threats, such as cyberbullying, child sexual exploitation and scams, as well as empowering professionals through workshops and keynote speeches. So I would just like to welcome the panel, and also this afternoon, forgive me, I’m joined by my colleague, Niels here is going to moderate the online conversations for when we get through to chats. If I can just invite the panellists just to give a quick opening couple of sentences. Andrew, if we can start with you, please.

Andrew Campling: Good afternoon, everyone, and also hello to everyone online. As David said, my name is Andrew Campling. I’m a trustee of the Internet Watch Foundation, amongst other things. I think this is an incredibly important issue, which we’ll get into in a moment. And I think, although we’ve focused on the trade-offs and specifically talk about privacy, as I’ll expand on it in a short while, I really want to get into the debate about privacy versus other human rights. Because I think we over-inflate the importance of privacy and completely ignore often all of the other human rights, including fundamental rights, as opposed to privacy as a qualified right. But that’s something we’ll come on to when David asks us questions, I’m sure.

David Wright: Thank you, Andrew. Arnaud, if I can throw it to you, please.

Taddei Arnaud: Yes, can you hear me correctly? Yes? Yes, we can. Thank you for the chance to be in this workshop. The topic is really heartbreaking when you start to… understand what is at stake. It’s both concerning to see the level of harm that is increasing, perhaps accelerating, and at the same time we are facing a real design issue and we need to make trade-offs that are really difficult for a number of humans. So observing this from ITU and SG17 is an interesting journey and hopefully we are maturing and putting ourselves in the conditions where we can have a meaningful discussion. Thank you.

David Wright: Thank you. If I can now just turn to Hani.

Makola Honey: Yes, thank you. I just wanted to draw attention a little bit to the work that I do as the convener of the correspondence group, where we are focusing on identifying and addressing gaps in child online protection standardization within the study group 17. We have done a lot of work in reviewing the regulations, the standards that are currently in place, and you know the work has progressed well and we are on our way in identifying the gaps. But I would also like to take this opportunity please to invite the people in the group, as well as online, to please join the correspondence group on child online protection. This can be done through subscription on my workspace, but for the purpose of today’s meeting, for me, I think encryption is a very important and powerful tool that can help us safeguard communications and information, but it also creates significant challenges in protecting children online. So for the purpose of today’s meeting, I just want us to try and find a balance between privacy on the other hand, and other issues such as the protection of children online. It’s a challenging balance. But one, I believe that it is essential for the effectiveness of child online protection, and I look forward to the engagements this afternoon.

David Wright: Thank you. Honey, thank you very much. Now turning back to the room, Naftali, if I can hold it to you, please.

Alromi Afnan : Good afternoon, everyone, and looking forward to this wonderful discussion today and engaging in this topic, and looking forward to discuss the challenges that just my colleague Honey just discussed that are to be discussed today, and also see how we can succeed with balancing the encryption and privacy rights and at the same time public safety. So looking forward for this discussion, thank you.

David Wright: Thank you, Afnan. And finally, Boris, if you can introduce.

Boris Radanovic: Thank you very much. I appreciate the invitation and ability to contribute, especially from a diverse set of points looking at this. And I love the title. It says encryption, privacy, and public safety, and I think that is the framework of conversation that I think we should all have and support. And one of the questions in my mind that we can later hopefully answer is how do we create meaningful and impactful discussions on these topics that takes into account a wide array of different perspective needs and abilities and representation, but equally respecting the direction that we all want to take to a better and safer world, which includes protections of children in itself. So really proud to be here.

David Wright: Thank you, Boris. Okay. So moving on to the particular questions that we’re going to pose, and then panelists will share and discuss with everybody, after which point we will then open the floor and the virtual floor to questions. So please do hold on to questions. There will be a time. Because of timing as well, I’m going to keep panelists to perhaps four minutes. So please keep contributions succinct. So Andrew, I’m going to turn to you without any further delay. further ado first, and I wonder if you could elaborate a little on how should governments and tech companies approach the creation of lawful access mechanisms without infringing on privacy rights, straight into this point.

Andrew Campling: Fantastic, thank you David for the question and to provoke hopefully a response from some of the participants in the room and online. In my view the weaponization of privacy is being used and has been and is continuing to be used to override all of the human rights of children and other vulnerable groups and I think that’s a fundamental problem. As I said earlier, remembering that privacy is a qualified right and we need to think about all of the human rights and also again to provoke a response, encryption let’s remember is not the same as security, they’re fundamentally different things but they’re often conflated and for example if you begin as is happening increasingly in the internet standards world to encrypt indicators of compromise and metadata, you end up with weakened security and if you weaken security you have no privacy but you think you have and that’s also a big problem. So very briefly let’s put a scale to the problem and I’m going to focus on child sex abuse because that’s what the Internet Watch Foundation does. We’re seeing roughly 150 million victims of child sexual violence every year around the world and we actually are recording in the order of 100 million reports of CSAM images and videos every year and that’s roughly three new images being found every second, new images or videos. So even in the course of this workshop that’s a scary number of images and videos being found. The internet has magnified the scale of the problem of CSAM significantly. It happened pre-internet, but the ability to publish and share the images globally means, and remembering every time an image is shared that’s a crime and there’s a victim, the scale of the problem is huge compared to what it was pre-internet. We know from research that end-to-end encrypted messaging platforms are widely used to find and share CSAM and there’s a very large sample size behind that research. But to get directly to the problem, in terms of things like lawful interception, you don’t need to backdoor encryption to help solve this problem. Client-side scanning for known CSAM images would immediately reduce the size of the problem. It doesn’t break encryption, it doesn’t break privacy, so that’s an easy way to make an impact, as would be the use of tools like age estimation and age verification to keep adults off of platforms intended for children and children off of platforms intended for adults to try and keep the victims away from the criminals. So those would be my suggestions, places to start, and hopefully that will provoke a response from people in a few minutes. Thank you.

David Wright: I’m pretty sure it will do, Andrew, thank you. Just can I ask a follow-up question, just to prime the microphone again. Are developments in internet standards helping or harming human rights? So in my view, the increased use and requirement to use encryption

Andrew Campling: in some of those standards, I could give examples but probably that’s too much detail for here, is making the problem worse, not better. It’s making it harder to find where the crimes are happening and it’s making it easier for the criminals to hide. So some of the developments are actually problematic in the standards bodies, an area where I’m active, and they also coincidentally weaken security as well. So I think that’s why we need civil society to engage in places like the standards bodies. It’s mainly technologists making these decisions and we need, dare I say it, multi-stakeholder engagement to actually shine a light on things that are causing huge societal problems.

David Wright: Thank you. Thank you very much. Okay. I’m going to move on now to Arnaud, if I can, please, onto the screen. So Arnaud, the question that we would pose to you. So what technical innovations or solutions do you see as viable for achieving a balance between privacy and public safety?

Taddei Arnaud: I like the mission impossible. It’s a very difficult problem. So in one hand, one of the issues is that we have only one model for internet as we know it today. And so anything we do is going to impact various communities. So far, so good, until some versions of TLS and other considerations, we sort of managed to keep the community together and everybody could find what it needed from the setup. But for various reasons, some directions were set and for good, bad and ugly reasons, it’s not a judgment. It’s just that they were set in a certain direction and now it is pushing the solution for one specific part of the spectrum. all the humans. So that means that now we have situations where some are going to get benefits and some are going to have a problem with what is happening. So this is very difficult to move from there because we have only one design where and it’s difficult to get out of this thing. So now that doesn’t mean we cannot be creative. For other areas we started to realize that maybe the problem is the fact that we have in the background of that the anthropological assumption that was made behind was one model for all the humans. That means a very narrow model for all the humans to make sure it fits the maximum. But when you do that you lose the fact that there are sub-contexts that are very specific needs. Child land protection is one sub-context, education is one of those sub-contexts. I would add elderly people is another sub-context. And all these sub-contexts have different requirements and needs and when we have to take a step back and make better, let’s say, when we have to make design choices, the issue of a design is always the trade-offs. Which trade-offs are you going to do for a specific set of use cases and requirements? That’s what the engineer will think. So when you go in this approach perhaps the direction we could consider is sub-context. So it’s not related here to child land protection but I see for example sub-contexts that may be already happening. I discovered the event of what we call enterprise browsers that allow specific requirements for enterprise use cases. Equally you see more and more family solutions by some hyperscalers. So the question I have is, is the premise of the solution not to consider that we should perhaps re-highlight the concept of sub-context and from there we could start to envision perhaps some technical solutions. I will stop at that, thank you.

David Wright: Thank you, thank you very much for trying to take on Mission Impossible. Okay, moving swiftly on to Honey, which we can’t see you at the moment Honey, but if I can, there we go, there we go, if I can pose you the question, so how can international collaboration improve or complicate the encryption debate, especially when balancing privacy

Makola Honey: with cross-border safety issues? Thank you for the question, so I have a lot of experience in international collaboration and also having recently checked the cybersecurity resolutions of the WTSA 2024. I want to draw a little bit on that experience, right, and I would like to start with what complicates the debates in the collaboration. First of all, the participants come to the collaboration table, if I may, with different legal and regulatory frameworks. They could be divided into the ones that are pro-data protection and privacy, then you get the ones that are for government control, for national security purposes, then you get the ones that want balance, so those differences make it very difficult to agree on a unified approach to encryption across borders, so you can even imagine for the frustration for the companies operating across borders regarding encryption. Then there’s also the imbalance in cybersecurity capabilities across the different nations. You get nations with advanced cybersecurity capabilities that may argue for stronger encryption to protect the critical infrastructure. which is fair. And then on the other hand, for example, at the moment, a priority for Africa could be the protection of children online versus individual privacy. And that is understandable because currently Africa has the highest dividend when it comes to young people. So you would understand why from this perspective, protecting the children online now is actually protecting the future economy and protecting everything. And then you get the MOUs and the multilateral treaties and so forth. But from the readings, it could be said that this can be quite slow and cumbersome when issues need to be dealt with right away and governments are seeking swift access. And then there’s the geopolitical tension and distrust as well that we witness. And from my work with the ITU so far, there’s also a question of how do you develop global standards that are balanced in addressing the needs of the different regions, taking into account the imbalances in technical capabilities, the skills that different countries are having, and the level of skills actually, and the culture of privacy in itself. But the complications are just the negatives. Moving to how it can improve, taking into account obviously having what complicates it in the background. I think the starting point in the encryption debate is that there are two sides, but how do we develop common ground? And that is what the international collaboration can improve. It has the ability to facilitate dialogue between nations with the different stance on encryption. And moving from that established common ground, countries can then establish harmonized legal and technical standards. There will be compromise. to be made by different groups, but remembering or recalling that the common ground is important for facilitating the debate. And I personally believe, and from my experience, that it’s during this international dialogue where innovative solutions can be birthed. For example, if you cannot compromise, what do you do? You look for solutions. And that can be in the form of research into privacy preserving technologies, which is what the work of the CG Correspondence Group on Travel and Protection of the ITU Study Group 17 is doing. You know, we’re looking for the solution that balances the two public-private partnerships, you know, development, the work that is done by the ITU development sector in sharing information and also capacity building. But the most important thing to also remember in all of this improvement that can be brought about by international collaboration, it requires active participation and contribution from the private sector as well, not just government and regulators. So what makes the collaboration work is everybody finding that common ground first and then starting to move on there and see how they can compromise. Ani, thank you very much. And I very much share the hope that we will find solutions at events like this, despite it, as Arnaud was saying, being mission impossible.

David Wright: Okay, I’m next going to go back to the room and to Afnan. Afnan, if I can pose to you from your perspective, what are the most critical challenges in balancing encryption with public safety and privacy rights? Thank you, David.

Alromi Afnan : First of all, before I go into answering your question, I would like to thank my colleagues here in this panel discussion for their great insights and the points they brought in. They’ve actually pointed out a couple of challenges that I was hoping and planning to discuss in this talk. Although, as we say, encryption is an important tool and aspect that helps us to secure and our sensitive data and to have it more safe, although, yeah, it poses a couple of challenges. And in today’s session, although we have a little time, I’m going to discuss just a couple that are most likely those with us and the attendees are more familiar with. The first challenge that we can sense and see is when it comes to global inconsistency, and I think Arnold and Hani mentioned a couple of points on that aspect, and also the conflicting international laws, where it brings it more challenging to discuss this. For example, countries having varied legal standards and laws and regulations, and when we see international companies working in those different countries, they have to comply with each standard and they have to fulfill all those standards as well. So this brings a hard challenge in that aspect. Another challenge is when it comes to the evolving technologies, and we’ve discussed this as well in SG17, and we have a specific question to emerging and evolving technologies in that aspect. Evolving technologies and the rapid pace of technology advancements means that we have to keep up with them and we have to address those encryption standards that bring in, and one of the evolving technologies that we are considering or are discussing is the processing in SG17 is quantum computing, and quantum computing in the future will most likely break some of the encryption standards that we have today, and this poses a challenge that we need to consider or start the transition to secure quantum infrastructure. Another challenge, and it’s very important, and we have a couple of initiatives in Saudi Arabia that is looking into that aspect, which is the challenges of protecting against abuse online, and as we see, some of the tools or the applications that we have today, or even chatting applications that we use in a day-to-day life, they have a lot of encryption or they have encryption implemented to secure our communication, and although this is vital and important, however, it creates a challenge for law enforcement to help secure or have public safety more safe in the environment, and most importantly, children, where we cannot see what type of text that is being communicated and the abuse that could happen in that discussion. So these are just some of the challenges that we need to consider when we balance between encryption and also public safety and privacy rights as well. So I think this is just something that we need to consider, and the only way to reach a collaboration is to have feedback either from both, from different areas, either from the government, from the private sector, from civils, and all parties that could collaborate in that discussion and try to find a way to reach a balance in that aspect.

David Wright: So thank you. Thank you very much. That’s the ensuing conversation afterwards, which I’m going to encourage everybody to to think about questions, then when we open the floor, it does appear we’ve got some questions online too. So I say that just before I throw it over finally to my colleague, Boris. And so my question here, Boris, is what role should the public play in this discourse and how can awareness be effectively raised on the impact of encryption policies on privacy and security?

Boris Radanovic: Thank you. Short answer, education. But how to do it properly is a much longer discussion. And I think we should start with defining frameworks for meaningful discussions that allow us a communication goals and structure that allow exactly these kinds of discussions on a multiple levels of representation, diversity, and abilities and disabilities that could contribute to these conversations that I might not be able to do now. But on a broader point, I think we should all be aware that vision can only pull as hard as reality can follow. And the current reality that in these chairs around us is not 150 million children across the world being sexually abused every year, and that number is rising. That is a reality we need to face. And while the vision we can all agree is magnificent, the reality is something that we need to take into account. And thinking about the discussions, I’m gonna raise more questions than answers here, but I think this is the perfect space, is how do we make sure that we do not allow dominance and dominant discussions or part of this discussion to be apart from a certain area, agenda, stakeholder, or interest? And how do we have a meaningful level playing field for anybody contributing to this discussion? How do we make sure that we develop initially technological solutions that take into the account of the benefit of the user or the benefit of the child first and foremost, and then we continue developing those solutions? And I think all of that builds up into our, what I personally consider our principle. duty as adults to create a better and a safer world for people and young children following in our footsteps. And I’ll come back to our nod and say, I love the movie, Tom Cruise and Mission Impossible, our nod, but I don’t know if you remember that in each of those movies, a great team of people working towards their own abilities and capabilities, working together, make the movie, in the end, Mission Quite Possible. I know that doesn’t make a good marketing title, but I think that should be a good notion. And just to come on with something that Honey said, which I think is important, what we are trying to do is not easy, but we have to ask ourselves, what is easy and what is right? And Lean, I would suggest on the side, what is right and finding solutions for that. To just come back on that point for my final, we need to be able and find a way to develop global standards with local sensitivities that respect many of the things that I mentioned. And I wholeheartedly ask all of you today listening to us online and here, do ask us questions. We have a discussion on so many levels and so many representations that we all need to understand, but if we can all take into account that all of us, at one point, I don’t know if you remember, were a child and we all needed somebody to stand up for us and defend what is the benefit of us. So I ask you today to look to that prism while we are discussing this topic. Thank you very much. Okay. So that concludes the contributions from

David Wright: the panellists to set the scene as well for everybody. I am going to ask, if somebody behind me puts their hand up, can you help me out? I haven’t got eyes in the back of my head. I do also like, as well, this theme of mission possible or mission impossible, depending on which one perhaps we should be reaching out to the producers or Tom Cruise to find us a way through here. So I open the floor to any particular questions if anyone anyone has. I can see behind me, yes. Okay, if I can ask if you could just introduce yourselves, that would be helpful to start with, too. Thank you.

Audience: Yes, thank you for giving me the floor. My name is Cynthia Lissoufi. I come from South Africa and I work with most of the panelists in this session at the ITU, and it’s quite refreshing to listen to the diverse views of different stakeholders on this important topic, which is quite dear to South Africa, but not only South Africa, but many of the countries that participate in the ITU work, and specifically in the study group 17, which is the technical study group of the ITU when it comes to issues of standard and security. For me, specifically as South Africa, we believe that actually we stand a good chance, and why we are saying this is because we are looking at the upcoming WSIS plus 20 review process, where we are also bringing in the issue of the global digital compact, and we believe that some of these issues we can, as I would say a community of stakeholders that are concerned with this particular issue, we find ways, because what I’m actually picking up here today is that we are all concerned, but as we’ve said, the issue is how do we deal with this? And I’m also hearing that we need this continuous discussion, and for us to continue with this, we also need to take advantage of all the processes that are currently happening, to make sure that this issue is not pushed at the back of other priorities, because different stakeholders will fight for their priorities. So all I’m pleading for, for all the stakeholders in this room, let us take advantage of the processes. that are happening, and we make sure that the issue of the child online protection also takes the forefront in all of these decisions, especially at the UN level. Thank you.

David Wright: Okay, yeah. What we’ll do is we’ll take three questions, and then we’ll come to the panel. So,

Audience: thank you. Thank you. My name is Catherine Bielek. I’m an infectious disease physician at Harvard Medical School. And not to add another layer of complexity to this, but I certainly wonder if public health and pandemic response might balance this a little bit as well. There are some lessons I think that we can pull from how we navigated the COVID-19 pandemic in terms of data privacy, security, and public health and safety. There’s perhaps a little bit simplified, but when we did contact tracing for the COVID-19 pandemic, people can give up their own right, their qualified right to privacy. They can volunteer that information. And then certainly, how much is surveilled, it does not necessarily dictate how much data is kept, how it’s kept and where it’s kept. I think that is important too for other pandemics or syndemics, which are overlapping pandemics, especially as related to HIV, which is my area, can carry a lot of stigma or criminalization laws. So, when that information is kept, there is surveillance related to that. But in the United States, that’s kept in a secure encrypted facility at a state health department, for instance. And the amount that you surveil is not necessarily proportional to the amount that you keep. So, my question perhaps is related to how these lessons might apply to this discussion

David Wright: in other areas as well. Online, I’m seeing a lot of interaction, a lot of compliments for the speakers as well. I’ve got a question here from Cheryl. Does balancing necessarily mean we need to rank rights and risks to properly weigh them against each other? If not, how do we begin an objective comprehension? comprehensive review. If so, how do we do this on a global level? There was another question which basically comes up to, can somebody please clear the air because there’s a lot of misinformation, a lot of discussion where there’s also a lot of fake news in there. For example, when we are talking about privacy versus child protection, how can we, is it true that if we want to go towards child protection that we are giving up on privacy, I think there’s a lot of questions there to solve that one. Nils, thank you. Okay, so those three questions addressed to the panel. I’m gonna go to Andrew first.

Andrew Campling: So let me have a go at two of those, but briefly. Firstly, on the weakening of encryption question, I would argue, and I’ll be as precise as I can without hopefully getting too detailed, that specifically to detect known child sex abuse material, that needs to have no impact whatsoever on encryption. Again, to expand that ever so slightly, if in the end-to-end messaging applications, if they agreed to scan any images before they were uploaded to see if they contained known CSAM and then encrypt, there are no privacy implications to that because you don’t learn what the image is. You simply learn that it isn’t known CSAM by something called hash matching. Matching, for those of you that have knowledge in that area, you don’t need to look at the content of the message either. So you’re simply saying, does this image in a mathematical sense match a database of known CSAM? So that doesn’t, in my opinion, have any privacy implications, unless there’s a match. And if there’s a match, then you’ve committed a crime and you’re. qualified right to privacy is surrendered anyway. So that’s fine. And then just briefly the other point on the sort of, I think the question was ranking or trading off different rights. Yes, and I would always say that if you have to trade rights, you ought to bias towards the most vulnerable in society. And at the moment, in my opinion, the weaponization of privacy is largely benefiting privileged adults at the expense of lots of different vulnerable groups. And that is an unacceptable trade off. So if we have to make trade offs, we should bias the vulnerable or advantage the vulnerable, not the privileged. That’s the wrong way around, in my view. Andrew, thank you. Thank you very much. Arnaud, if I can just bring you in here.

David Wright: Yes, thank you. Thank you to Boris about Mission Impossible or Mission Possible. I like it,

Taddei Arnaud: but I had to be provocative, of course. No, I think to come back on the issue, it’s a real design problem in the sense of theory of design. And I really like the previous intervention, I could not capture the name of the person who made the analogy with the COVID-19 learnings. That’s exactly what we should do. We should learn from others and other areas where they have resolved the problem. Because sometimes there is a lot of hype about issues of, and this is not private and the data are not secure and people are losing their rights and so on. There are areas where no. The problem of why the Mission Impossible is because of something else. The problem that is underlying behind the scene is the fact that very few people realize that security cannot be proven. At the low level, altitude level on encryption, yes, you can perhaps prove mathematically some cryptography and other things. But the moment you elevate the you lose the possibility to prove that your system is secure. And if you ask anybody about is whatever control I put is secure can I trust it the answer is fundamentally no. You cannot. And that’s the problem of who guards the guards behind the scene and there is no way or I could not find a way that we can resolve the problem. In fact it’s not even the problem. The problem is not that that this is impossible per se. The problem is that few people missed that point. So when security discusses privacy it’s an unequal battle because security has little to offer to the privacy side. So we are we are turning into circle with some people trying to split us for dogmatic reasons versus let’s recognize things how they are and let’s be pragmatic and let’s recognize the design problem. If we get it back to a design problem we would then include back the ethics, the anthropology, the experience, the law. We could do something about it. That’s where the mission becomes possible. So one approach of breaking the problem in pieces of getting a subcontext could back to the question should we have different weight between people. Of course not. That would be terrible. If we end up in a place where we have to put priorities of some humans versus some others I don’t think that we have done the job. It has to be equal. All humans should be respected in this story. So if we could take a step back, understand perhaps from others, I really like the example of the COVID-19 and regroup all the possibilities with a strategy of perhaps divide to conquer so that we can split the technical design and open the options. So I believe the risk of doing this is more a problem of is going to impact significantly the way that we have built and developed our entire Internet at the moment, from the browsers to the CDNs, the servers, to all things, because now we would need to represent a richer human. I think the problem is that today the underlying problem is that the human model behind this whole design is very, very, very narrow. And we are locked. We can’t do anything, because if we help one now, we lose properties for the other one. So what if we would re-enrich the model behind the scene? How many possibilities we would create? That would be something I could propose.

David Wright: Anna, thank you very much. Boris?

Boris Radanovic: Thank you. I’ll try my best to cover it all. Thank you so much for the questions, and I’ll come to the first one, and Cynthia, bringing child learning protection to the highest levels. I full-heartedly support you and Ben at SD17, and if I can do anything as well to support more to keep this, and this is one of the places to do it, absolutely. Yes, I love the idea of using COVID learnings, especially about volunteering rights and seeing how that works in a different space and impact. I think, as well with Arnaud, I would be interested to see how that works. And on the question of how do we balance that risk in the global, I think that is the challenge. That is the biggest challenge that we have to do, but I have to agree with Arnaud. We cannot be the ones that have conflicting things and have to decide one from the other, which brings me to the point that I want to make, with no disrespect to the person asking that question. We should utterly reject the framework of conversation of having privacy versus security. And if we reject it, I’ll just remind everybody that most of us flew to this wonderful country, and what if 90% of our flights had 90% of a chance to land in Ankara, maybe in Zagreb, maybe in London? None of us would take that option or those odds. So let’s reject the framework of conversation of privacy versus security and focus on the title. that is privacy and security. They are solutions, they are ways we can achieve that. They might be difficult, they might be hard, and I’ll come back, what is easy and what is right. And I think we should, to answer the question of the online speaker, absolutely detest and reject the notion that that is the discussion we are having. None of us wanna go back on our privacy, but none of us as well wanna see the thing that as well are not mentioned, that we cannot fully trust that any system is secure. But what I can tell you that we know and have referenced and have research and evidence that they are currently unintended consequences. They are doing harm to the often unheard, unseen and unsupported people and young children across the world. So I go back and ask the question, what is right and what is easy, and let’s start doing the right thing, even though, and I still hope are not, we will find the mission quite possible in the end, and maybe laugh at this in one day, but I am worried about quantum computing and making this whole discussion basically pointless,

David Wright: but yes. I feel that’s an entirely different workshop. Okay, Afnan, do you wanna go first? I know I’ll come to you next.

Alromi Afnan : Thank you, I’ll make it very short. I just want to thank the floor for bringing those great questions. And just to come back to the pandemic and the COVID, I think one aspect that from the lesson learned brought up from this is having public awareness. I think this is big part of it that you have a right, and it’s part of the online safety that you should be granted to have since the pandemic made us all become most of our time remote. So I think part of the lesson learned here is awareness of the public community and what is right for them and what they can subscribe or work to. So this is just a comment, thank you.

David Wright: Thank you, Afnan. Arnaud?

Taddei Arnaud: Yes, very quick to come back on something I need to probably. re-qualify a bit. When I point to the fact that we cannot trust security, let’s say, I totally agree with you, Boyd. It’s exactly where I want us to go. We need to stop this debate about privacy versus security. And the fact is that at the moment security cannot be trusted and we have nothing to offer to privacy. I see it as an opportunity. Now, to come back on the person that took the analogy with health, this is exactly the same thing. We forget that in the real world your immune system has defects. You will miss a virus, you will have an auto-immune disease. Can I trust my security by design? No. And that’s why we created the health system. But can I trust the health system? Absolutely not either. If the surgeon makes a mistake, I die. If I take too many medicines, I die. So the point is that it is a paradox. But I would like people to consider it as a positive paradox, that if we would precisely heal our security and privacy people together, let’s do something about it. And then we can re-establish perhaps a new approach that could be fruitful for not prioritising humans versus each other, and on the contrary having the right design for each of our different contexts. And they can evolve over time from when people are children up to when they are elderly. That’s it. Thank you. Anna, thank you very much. Honey?

Makola Honey: Yes, thank you. And I just want to echo what my colleagues were saying about the very purpose of this workshop, right? We are here to find balance, so it’s not necessarily weighing one against the other. But the letter part of it is that we are here to find balance, and we are here to find part, the last part of the question asking how do we begin an objective, comprehensive review and how do we do that on a global scale? In my opinion, there is a need for a global body responsible for the global framework and at the moment we have at regional level, the African Telecommunication Union and other regional bodies, but internationally we have the International Telecommunication Union and I think those international bodies then have a responsibility to ensure that they become neutral conveners of the differing stakeholders with their differing viewpoints so that there can be an unrestricted dialogue regarding finding the balance in the solution because ignoring any of the views, whether extreme or on the extreme side or on the other without really looking at the matter and really discussing the situation can oversimplify the issue of encryption and that’s not what we want. So I think that to answer the question, bodies such as the international

David Wright: regulatory bodies are very important in creating that space for that dialogue. Okay, thank you very much and hopefully in terms of those questions posed, there was a suitable and adequate responses to that. We have just a little over five minutes left. Are there any other questions that anybody has? Any more questions online? Okay, I’m going to perhaps then, this question could be one to close us with given, say, just a few minutes left, and it’s one about public awareness. Public understanding of encryption is often limited. I think we’ve kind of heard about that. How can stakeholders better educate citizens, everybody, about the impacts of encryption on privacy and public safety? Who wants to take that? I’ll try and shorten it. Again, it’s about the same word I use is education,

Boris Radanovic: but more so to the fact is adaptable education, because different levels and different capabilities of people need to understand this topic from a different way. I think somebody much, much smarter than me said, if you cannot explain your topic in five minutes to a five-year-old, you might not be an expert in the topic. We need to find sensitive local environments to expand on the topics that are way too complex for the smartest people in the world. That either means that we don’t understand the field well enough, or don’t we have the right people to expand that. Yes, awareness campaigns. Yes, stakeholders who genuinely take effort of educating the people in the right way without the agenda leaning left or right is important. Having a body that can assess that and tell us who is doing it better or worse and kind of being inspired about it. We have been doing decades of awareness-raising from child sexual abuse, for intimate image abuse, for work of child online protection in general. SWGFL alone is 25 years old next year, so we know the principles that can build that and do that, but all of those principles fall on education. Sometimes it took us a decade to educate a whole nation of the importance of why do we need to do one thing or another. It will take us time, so the short answer is to educate the general public and raise their awareness. We need right people in the right place educating them and allow for some time to pass so we can do that on a global scale or a much larger scale. I hope that answers the question enough.

David Wright: That’s a good go, Boris. Andrew? Yeah, so to…

Andrew Campling: I think I would start by being less ambitious, and dare I say, repeating a point I made earlier, where a lot of the decisions about encryption are made are not here, they’re in some of the standards development organisations such as the ITF, I’m active in the Internet Engineering Task Force, which makes design choices about the underlying internet standards. What I think we need to do is to get people from the groups that are here, at least some of them, to engage over there, so civil society groups, governments, regulators, others who have got sufficient technical knowledge to engage in the standards bodies need to attend and pay attention to what is happening there, and the implications for some of the decisions being taken, because otherwise I think what we risk is developing internet standards which create societal problems, not because the people behind the standards are bad or evil, but because they don’t have the necessary knowledge. So dare I say it, and it’s probably appropriate to finish on the point here, multi-stakeholder approach, that is the way forward, and then obviously through our different communities we can then spread the message backwards into the others that we engage with, but I’d like to get, at least introduce some element of the multi-stakeholder approach into the technical bodies first, and then work backwards.

David Wright: Just before you put the microphone down there, Andrew, so can you give us an example about one of those underlying technology changes that may well have an impact, and how would that, what would that look like, just in case, assuming that not everybody has a technical understanding about, so a real life case example. Okay, and again I’ll keep this hopefully at a high level, so some of the current changes

Andrew Campling: that have been made in the underlying standards, something called Encrypted Client Hello, for example, will make it increasingly difficult for parental controls to work. So for those of you that rely on parental control, to stop your children being able to access adult type content or indeed in schools similarly use the same sort of controls potentially those that those systems will stop working not because you’ve stopped using them but because the underlying technology has changed so that will be an example where because there’s a lot of multi-stakeholder discussion it’s being overlooked so

David Wright: that’s why we need that multi-stakeholder approach so I guess there’s a there’s a point for everybody here both in the room and online as well that sounds a bit of a call to action to that if you if you weren’t aware of or indeed if you have the opportunity to engage with the IETF and have as Andrew said that level of technical understanding then please do please go and understand you know how your browser and the internet is being designed in terms of some of those those those standards and perhaps the unintended consequences that you may well see within white well perhaps white while you’re here but those views as has been widely said I think there’s this multi-stakeholder approach a really important aspect so there’s a call to action for everybody about the IETF so we have literally a couple of minutes left and I am going to just have a look around if there are any particular closing remarks anyone may well have amongst the panelists I would go around but we don’t have time to do that if anyone has any concluding concluding remark okay thank you very much so in 60 seconds we clearly did cover a lot of subjects here and I’ve got already pages of notes I think so definitely Andrew the the term that was really opened the responses about the weaponization of the weaponization of privacy to override and impact children’s safety was a bold statement to open. I think we’ve very much heard as well that this is not a privacy against security, this is a privacy and security is one thing that I think we’ve come across as well. This does require multi-stakeholder, this is not one-dimensional and it does require all of us to get involved so that the output is going to be reflective of that multi-stakeholder contribution as well. But I will finish with this is not mission impossible. Arno, Boris, this is mission possible. I think we’ve concluded with seeing the way through. So in that regard, honey, we have found a particular solution at this particular workshop. So thank you very much, everybody, for those questions as well. It’s a real pleasure to be able to moderate this panel of such amazing, esteemed and really world-leading experts here as well. So I would like you to join me in thanking them for their contribution just as we close out. Thank you very much. Thank you.

Agreement Points

Need for multi-stakeholder approach

Andrew Campling

Taddei Arnaud

Makola Honey

Boris Radanovic

Civil society groups should engage in technical standards bodies

Need to consider sub-contexts with different requirements

International collaboration can help find common ground

Need adaptable education for different capabilities

Speakers agreed on the importance of involving various stakeholders in discussions and decision-making processes related to encryption, privacy, and public safety.

Balancing privacy and security

Andrew Campling

Taddei Arnaud

Boris Radanovic

Encryption should not override other human rights

Consider sub-contexts like child protection, education

Should reject framing of privacy vs security

Speakers emphasized the need to balance privacy rights with other important considerations such as public safety and child protection, rather than treating them as mutually exclusive.

Similar Viewpoints

Both speakers highlighted the need for technical solutions to address specific challenges in balancing encryption, privacy, and public safety.

Andrew Campling

Alromi Afnan

Client-side scanning for known CSAM images

Address challenges of quantum computing

Both suggested learning from health and pandemic response models to inform approaches to balancing privacy and security in the context of encryption.

Taddei Arnaud

Audience

Learn from health/pandemic response models

Use COVID-19 pandemic response as model

Unexpected Consensus

Importance of public awareness and education

Boris Radanovic

Alromi Afnan

Need adaptable education for different capabilities

Public awareness is key part of online safety

Despite coming from different backgrounds, both speakers emphasized the critical role of public awareness and education in addressing encryption and online safety challenges.

Overall Assessment

Summary

The main areas of agreement included the need for a multi-stakeholder approach, balancing privacy with other rights and considerations, and the importance of technical solutions and public education.

Consensus level

Moderate consensus was observed among speakers on the need for balanced approaches and multi-stakeholder involvement. This implies a recognition of the complexity of the issue and the need for collaborative efforts in addressing encryption, privacy, and public safety challenges.

Different Viewpoints

Approach to balancing encryption, privacy, and public safety

Andrew Campling

Boris Radanovic

Encryption should not override other human rights

Should reject framing of privacy vs security

Andrew Campling argues that privacy rights are being weaponized to override other human rights, particularly those of children, while Boris Radanovic emphasizes the need to focus on achieving both privacy and security rather than treating them as mutually exclusive.

Approach to technical solutions

Andrew Campling

Taddei Arnaud

Client-side scanning for known CSAM images

Consider sub-contexts like child protection, education

Andrew Campling proposes specific technical solutions like client-side scanning, while Taddei Arnaud suggests a more context-based approach considering different requirements for various groups.

Unexpected Differences

Framing of the encryption debate

Andrew Campling

Boris Radanovic

Encryption should not override other human rights

Should reject framing of privacy vs security

While both speakers are concerned with balancing various rights and interests, their framing of the issue is unexpectedly different. Andrew Campling’s approach of prioritizing certain rights over others contrasts with Boris Radanovic’s rejection of the privacy vs. security framing altogether.

Overall Assessment

summary

The main areas of disagreement revolve around the approach to balancing encryption, privacy, and public safety, as well as the specific technical and policy solutions proposed.

difference_level

The level of disagreement among the speakers is moderate. While there is a general consensus on the importance of addressing the issue, there are significant differences in the proposed approaches and solutions. These differences reflect the complexity of the topic and the need for continued multi-stakeholder dialogue to find effective and balanced solutions.

Partial Agreements

All speakers agree on the need for broader engagement and collaboration, but they differ in their specific approaches. Andrew Campling focuses on engaging with technical standards bodies, Makola Honey emphasizes international collaboration, and Boris Radanovic stresses the importance of adaptable education.

Andrew Campling

Makola Honey

Boris Radanovic

Civil society groups should engage in technical standards bodies

International collaboration can help find common ground

Need adaptable education for different capabilities

Similar Viewpoints

Both speakers highlighted the need for technical solutions to address specific challenges in balancing encryption, privacy, and public safety.

Andrew Campling

Alromi Afnan

Client-side scanning for known CSAM images

Address challenges of quantum computing

Both suggested learning from health and pandemic response models to inform approaches to balancing privacy and security in the context of encryption.

Taddei Arnaud

Audience

Learn from health/pandemic response models

Use COVID-19 pandemic response as model

Key Takeaways

The discussion should focus on balancing encryption, privacy and public safety rather than pitting them against each other

A multi-stakeholder approach involving diverse perspectives is crucial for addressing these complex issues

Technical solutions like client-side scanning for CSAM could help balance privacy and safety

International collaboration and common standards are needed, while accounting for local contexts

Public education and awareness about encryption impacts is important but challenging

Resolutions and Action Items

Stakeholders should engage with technical standards bodies like IETF to provide input on encryption standards

International bodies like ITU should convene neutral dialogues to find balanced solutions

More research is needed into privacy-preserving technologies that also enable child protection

Unresolved Issues

How to develop global standards that balance needs of different regions and technical capabilities

How to effectively educate the public about complex encryption issues

How to address challenges posed by emerging technologies like quantum computing

How to resolve conflicts between different legal/regulatory frameworks across countries

Suggested Compromises

Consider sub-contexts (e.g. child protection, education) with different encryption requirements rather than one-size-fits-all approach

Use client-side scanning for known CSAM images before encryption to balance privacy and safety

Learn from pandemic response models on balancing individual privacy and public health needs

In my view the weaponization of privacy is being used and has been and is continuing to be used to override all of the human rights of children and other vulnerable groups and I think that’s a fundamental problem.

speaker

Andrew Campling

reason

This comment challenges the common narrative around privacy and frames it as potentially harmful to vulnerable groups, particularly children. It introduces a provocative perspective that privacy rights may be overemphasized at the expense of other human rights.

impact

This comment set the tone for much of the subsequent discussion, prompting other participants to consider the balance between privacy and other rights, particularly child protection. It led to a deeper examination of the trade-offs involved in encryption policies.

Client-side scanning for known CSAM images would immediately reduce the size of the problem. It doesn’t break encryption, it doesn’t break privacy, so that’s an easy way to make an impact.

speaker

Andrew Campling

reason

This comment offers a specific technical solution to address child sexual abuse material (CSAM) without compromising encryption or privacy. It provides a concrete example of how technology could be used to balance competing interests.

impact

This suggestion sparked further discussion about technical solutions and their potential impacts. It shifted the conversation from abstract principles to practical implementations.

For other areas we started to realize that maybe the problem is the fact that we have in the background of that the anthropological assumption that was made behind was one model for all the humans. That means a very narrow model for all the humans to make sure it fits the maximum.

speaker

Taddei Arnaud

reason

This comment introduces the idea that the current approach to internet design may be based on an overly simplistic model of human needs and behaviors. It suggests that a more nuanced approach might be necessary.

impact

This perspective broadened the discussion beyond technical solutions to consider the underlying assumptions of internet architecture. It led to considerations of how to design systems that can accommodate diverse needs and contexts.

We should utterly reject the framework of conversation of having privacy versus security. And if we reject it, I’ll just remind everybody that most of us flew to this wonderful country, and what if 90% of our flights had 90% of a chance to land in Ankara, maybe in Zagreb, maybe in London? None of us would take that option or those odds.

speaker

Boris Radanovic

reason

This comment challenges the framing of the debate as a trade-off between privacy and security. It uses a vivid analogy to illustrate why this framing is problematic and unacceptable.

impact

This reframing of the issue shifted the discussion away from seeing privacy and security as opposing forces. It encouraged participants to think about how to achieve both simultaneously rather than trading one for the other.

What I think we need to do is to get people from the groups that are here, at least some of them, to engage over there, so civil society groups, governments, regulators, others who have got sufficient technical knowledge to engage in the standards bodies need to attend and pay attention to what is happening there, and the implications for some of the decisions being taken.

speaker

Andrew Campling

reason

This comment highlights the importance of multi-stakeholder engagement in technical standards development. It points out a gap in current processes where important societal implications may be overlooked.

impact

This suggestion provided a concrete action item for participants and shifted the discussion towards practical steps for improving the decision-making process around internet standards and encryption policies.

Overall Assessment

These key comments shaped the discussion by challenging common assumptions, introducing new perspectives, and shifting the focus from abstract principles to practical solutions. They encouraged a more nuanced understanding of the complex interplay between privacy, security, and other human rights, particularly in relation to child protection. The discussion moved from identifying problems to proposing solutions, with an emphasis on multi-stakeholder engagement and the need for more diverse representation in technical decision-making processes. The overall tone shifted from seeing encryption as a binary choice between privacy and security to exploring ways to achieve both simultaneously.

How can we develop global standards with local sensitivities that respect diverse needs and capabilities?

speaker

Boris Radanovic

explanation

This is important to ensure that encryption and privacy standards can be applied effectively across different countries and contexts while respecting local needs.

How can we address the challenge of protecting against online abuse while maintaining encryption for secure communication?

speaker

Alromi Afnan

explanation

This is crucial for balancing the need for privacy and security with the protection of vulnerable groups, especially children.

How can we apply lessons from COVID-19 pandemic response to balance data privacy, security, and public health/safety in other contexts?

speaker

Catherine Bielek (audience member)

explanation

Learning from past experiences in managing sensitive data during a crisis could inform approaches to balancing privacy and security in other areas.

How can we objectively rank rights and risks on a global level to properly weigh them against each other?

speaker

Cheryl (online participant)

explanation

This is important for developing a framework to address conflicts between different rights and risks in encryption policies.

How can we better educate citizens about the impacts of encryption on privacy and public safety?

speaker

David Wright (moderator)

explanation

Improving public understanding of encryption is crucial for informed debate and policy-making on these issues.

How can we ensure multi-stakeholder engagement in technical standards bodies like the Internet Engineering Task Force (IETF)?

speaker

Andrew Campling

explanation

This is important to ensure that societal implications are considered when developing internet standards that affect encryption and privacy.

Summary

This panel discussion focused on promoting children’s rights and inclusion in the digital age, addressing the challenges and opportunities of ensuring child online protection. Panelists from various countries shared insights on their national strategies and initiatives to safeguard children in the digital space.

Key topics included cyberbullying prevention, online harassment, and digital literacy programs. Participants highlighted the importance of multi-stakeholder approaches involving governments, tech companies, civil society, and children themselves. Several countries reported efforts to implement digital literacy curricula in schools and provide training for law enforcement agencies on cyber-related crimes against children.

The discussion emphasized the need for culturally appropriate and locally relevant interventions, including resources in local languages and consideration for children with disabilities. Panelists stressed the importance of empowering children with digital skills while also protecting them from online threats.

Emerging technologies like artificial intelligence were discussed as both potential tools for enhancing child online safety and as sources of new challenges. The panel emphasized the need for safety-by-design approaches in developing new technologies and digital platforms.

Recommendations for the Internet Governance Forum (IGF) included prioritizing global collaborations to develop localized digital safety resources, encouraging more youth participation in policy discussions, and implementing a global accountability mechanism for countries’ efforts in child online protection. The panel concluded by calling for greater inclusion of children’s voices in future IGF discussions and policy-making processes related to their digital rights and safety.

Keypoints

Major discussion points:

– Strategies and initiatives in different countries to protect children online and promote digital literacy

– Challenges in implementing child online protection, including infrastructure limitations and lack of awareness

– The need for multi-stakeholder collaboration and localized approaches

– Importance of addressing mental health impacts of social media on children

– Recommendations for IGF to promote child safety and inclusion

The overall purpose of the discussion was to examine current efforts to protect children’s rights and safety in the digital age, share best practices from different countries, and provide recommendations to the Internet Governance Forum (IGF) on promoting child online safety and inclusion.

The tone of the discussion was collaborative and solution-oriented. Participants shared insights from their countries and organizations in a constructive manner. There was a sense of urgency about the importance of the issue, but also optimism about the potential for positive change through coordinated efforts. The tone became more focused and action-oriented towards the end as participants provided specific recommendations.

Speakers

– Radhika Gupta: Podar International School

– Gabriel Karsan: Coordinator of the African Parliamentary Network on Internet Governance, founding director of Emerging Youth Initiative

– Speaker 1 (Ahitha): Coordinator of India Youth IGF

– Aishath Naura Naseem: Representative of Women in Tech Maldives, part of Maldives IGF

– Speaker 3 (Janatu): Department of Public Administration, Kumile University

– Samaila Atsen Bako: Director of communication at Cyber Security Experts Association of Nigeria

Additional speakers:

– Madhav Pradhan

– Mary Uduma

– Sasha Nandlal

Child Online Protection and Digital Inclusion: A Global Perspective

This panel discussion, moderated by Radhika Gupta, brought together experts from various countries to address the critical issue of promoting children’s rights and inclusion in the digital age. The conversation focused on the challenges and opportunities in ensuring child online protection, with participants sharing insights on national strategies and initiatives to safeguard children in the digital space.

Key Themes and Initiatives

1. Digital Literacy and Education

A primary focus of the discussion was the importance of digital literacy initiatives. Ahitha highlighted India’s National Digital Literacy Mission and Information Security Education and Awareness Program. Naza emphasised community-based training for children, parents, and teachers in the Maldives. Samila Asembaku shared Nigeria’s approach of creating cyber clubs and ambassadors in schools, as well as efforts to provide power to universities using solar panels. Gabriel Karsan discussed Tanzania’s last mile connectivity program and school connectivity initiatives, stressing the implementation of competency-based digital literacy skills in education across Africa.

The panel agreed on the crucial role of digital literacy in empowering children to navigate online spaces safely. However, there were differences in the specific approaches proposed, reflecting the need for tailored strategies in different contexts.

2. Legal and Policy Frameworks

The discussion highlighted various legal and policy initiatives across countries:

– India’s POCSO Act 2012 for protecting children from sexual offenses

– Nigeria’s Cybercrime Act

– Tanzania’s strategy 2050 and its focus on youth empowerment in digital structures

– The importance of adopting the UN Convention on the Rights of the Child General Comment No. 25

Panelists stressed the need for comprehensive legal frameworks that address the rapidly evolving digital landscape and protect children’s rights online.

3. Multi-stakeholder Collaboration

The discussion emphasised the necessity of collaboration between various stakeholders. Examples included:

– India’s partnership with Women in Tech Org Northeast chapter

– Nigeria’s collaboration with UNICEF for the Digital Transformation Project

– Maldives’ work with UNICEF and UNDP for awareness programs

Gabriel Karsan highlighted the importance of public-private partnerships and engaging telecom companies and academia in community-driven approaches. The audience contributed to this point, stressing the need for collaboration between corporate and public sectors in education. There was broad agreement on the value of multi-stakeholder approaches involving governments, tech companies, civil society organizations, and children themselves.

4. Mental Health Concerns

An unexpected point of consensus emerged around the need to address mental health issues related to children’s social media use. An audience member raised concerns about the lack of government focus on this issue, while Samila Asembaku emphasised the importance of observing behavioural changes in children and encouraging more physical engagement with peers. This highlighted a potential gap in comprehensive approaches to child online protection.

5. Localisation and Cultural Relevance

The panel stressed the importance of culturally appropriate and locally relevant interventions. This included developing resources in local languages and considering the needs of children with disabilities. Gabriel Karsan and Naza partially agreed on the need for localised approaches, with Karsan focusing on infrastructure development and Naza emphasising the development of localised digital safety resources through global collaborations.

6. Challenges in Implementation

Several challenges were identified in implementing effective child online protection measures:

– The rapid pace of technological change outpacing policy development

– The need for more widespread awareness and education

– The challenge of reaching rural and underserved areas

– The issue of shared devices and the generational digital divide

– The need for capacity building for law enforcement agencies to better handle cyber cases involving children

Recommendations for the Internet Governance Forum (IGF)

The discussion concluded with several recommendations for the IGF:

1. Adopt global standards for child online protection, based on frameworks like the UN Convention on the Rights of the Child General Comment No. 25.

2. Prioritise global collaborations to develop localised digital safety resources.

3. Encourage more youth participation in policy discussions.

4. Implement a global accountability mechanism for countries’ efforts in child online protection.

5. Create working groups for inclusive and safe technology development, considering accessibility design.

6. Include children’s voices directly in future IGF discussions.

7. Implement mandatory rights audits for digital platforms to ensure child safety.

8. Promote the use of correct terminology, such as “child sexual abuse material” instead of “child pornography.”

9. Encourage limits on children’s screen time and enforce age restrictions on digital platforms.

10. Support ongoing research and dialogue as the digital landscape continues to evolve.

Conclusion

The panel discussion highlighted the complex and multifaceted nature of child online protection. While there was broad agreement on the importance of digital literacy, multi-stakeholder collaboration, and the need for both global standards and localised approaches, differences emerged in the specific strategies proposed. The conversation emphasised the urgency of action, with Radhika Gupta powerfully stating, “We cannot afford to fold our arms or throw them in the air in despair. The stakes are too high and the future of our children demands action, innovation and accountability.”

The discussion underscored the need for a paradigm shift towards “safety by design, privacy by design, child rights by design” in digital spaces. It also highlighted the importance of distinguishing between children and youth in digital policies, recognising the unique vulnerabilities and rights of children.

As the digital landscape continues to evolve, ongoing dialogue, research, and collaborative action will be crucial to ensuring that children can safely and meaningfully participate in the digital world while being protected from its potential harms. The role of initiatives like India’s I4C (Indian Cybercrime Coordination Center) in nationwide coordination efforts for cybercrime prevention was noted as an example of proactive measures in this direction.

Radhika Gupta: one. Good afternoon, everyone. It is an honor to welcome you to this very important discussion promoting children’s rights and inclusion in the digital age. Today, we address one of the most urgent challenges and opportunities of time, ensuring that children who are the most vulnerable members of our society are protected, empowered, and are included in the ever-evolving digital landscape. The journey towards child online protection has been one of the progress, progressive one, and very awakening. The Child Online Protection Initiative by the ITU laid a foundation with its five strategic pillars which were inspired by the global cyber security agenda. This was followed up by the We Protect Alliance which provided a critical framework in a form of model national response, helping member states and countries to develop the necessary capabilities to tackle online threats against children. A ground-breaking milestone came in 2022 with the release of the UN Convention on the Rights of the Child, general comment number 25, on children’s rights in the digital environment. This document effectively dispelled the notion often cited in developing countries that child online safety is an emerging issue. It’s offered as a global standard to reframe child online protection as a universal and agent obligation. However, as we reflect on the last two decades of digital transformation culminating into the next year’s WSIS plus 20, we must acknowledge that child online safety is now critical than ever. At the beginning of digital age, the issue was not as pronounced as it is now. Today, however, the risks are real, persistent and evolving. We cannot afford to fold our arms or throw them in the air in despair. The stakes are too high and the future of our children demands action, innovation and accountability. We already possess the tools, the frameworks and the collaborative mechanism to protect children online, but these must be implemented with the intentionality and commitment thereof. The way forward requires a paradigm shift towards safety by design, privacy by design, child rights by design, those forming the fundamentals. These efforts cannot succeed in isolation. The complexity of the digital landscape demands robust multi-stakeholder approach, bringing together governments, tech companies, civil society, the community or the society at large and the children as main stakeholders to the discussion table. At the same time, we must resist the tendency to combine children with youth. Children require unique protection, tailored strategies and recognition of their peculiar vulnerabilities and rights. So, to help us unpack this conversation this afternoon, we have five aspects for the panel discussion. We have, I will give them the floor to introduce themselves, a minute each. We have some online, so it’s a hybrid format we’re using. We have Naha, Janatu, Gabrielle, and Samayla. So, Ahitha first.

Speaker 1: Thank you so much. Hi, everyone. Good afternoon. Good to see you all post-lunch. I am Ahitha. I’m the coordinator of India Youth IGF. It’s a platform recognized by the UN IGF that works extensively on empowering young people in the space of Internet governance in the country, in India. And in that regard, there’s been a lot of interaction with young individuals across the country from different cultures and economies. And I hope to present that perspective today in our discussion.

Radhika Gupta: Thank you. Yeah.

Aishath Naura Naseem: Hi, I’m Naura from Maldives. I’m representing Women in Tech Maldives, an NGO, a civil society organization in Maldives. Also, I’m a part of Maldives IGF, which we recently was established. We are working, a community group, yeah, actually, so we are also working to establish, strengthen, formulated, sort of trying to establish a safer digital environment, especially for the kids as well. And the thing is that since we are a geographically disposed island, our component in the awareness section is quite high. So looking forward for this panel discussion.

Radhika Gupta: Right. Thank you. Janalchoo? Good afternoon, everybody. I’m Janalchoo. I’m representing Women in Tech Maldives, an NGO, a civil society organization in Maldives. Also, I’m a part of Maldives IGF, which we recently was established. So looking forward for this panel discussion. Right. Thank you. Janalchoo?

Speaker 3: This is the Department of Public Administration, Kumile University.

Radhika Gupta: Okay, Gabriel.

Gabriel Karsan: Salaams, everybody. My name is Gabriel Karsan. I’m the coordinator of the African Parliamentary Network on Internet Governance, but also active in the space of the Africa Youth IGF, as well as the founding director of the Emerging Youth Initiative. My work intersects in policy, society, as well as the role of young people and children in shaping the digital institution. I’m looking forward to our discussion.

Radhika Gupta: Right. Samayla.

Samaila Atsen Bako: Thank you very much. My name is Samaila Atsen Bako. I am the security evangelist at Code for Africa, which is an African-wide nonprofit. I’m also the director of communication at the Cyber Security Experts Association of Nigeria. So most of my work revolves around user awareness, education, training, policy development, and things like that. I’m looking forward to learning from everyone here in this session. Thank you.

Radhika Gupta: Okay. So thank you, my wonderful panelists. We all come from different backgrounds and all that. We would like to understand what actually is happening in your country to ensure that children and young people are safeguarded. For instance, Maldives, what strategies do you have in place to check cyberbullying, online harassment in general, online grooming, and every other thing? Thank you. They didn’t hear? It’s not working. It’s working. Okay. So, who is taking first?

Aishath Naura Naseem: I’m fine. Okay, that’s fine. In the context of Maldives actually, everything is sort of new over there because we are still on the, you know, the baby steps. Like, we are growing our cyber space over there. So, like I said before, as we are dispersed in, you know, small islands and all, reaching out to our communities is always a challenge for us. So, we are trying to formulate or come up with programs that we can actually accommodate our women and children. So, my organization is also mostly a part of this. We are working on conducting different awareness sessions on cyber safety, online safety, how to secure their digital devices, how to make sure that the internet that they are browsing is safer for them, and also to empower women in the island communities as well. And apart from that, for children also, we are actually, as a government, is working on implying, you know, formulating the strategies that are required for the cyber space and the digital space. As an organization of a community-led organization, we are working with, you know, our schools, our education system to make the children understand, like, what is there out in the digital space, actually. How they can be, how can they identify if they are being targeted for cyber bullying, how they can identify if they are being, you know, like perpetrators are waiting for them out there, and how they can identify if they are being targeted for cyber harassment or any such, because reaching out to our communities are challenging as well. always because we literally have to travel to islands in order to aware these kids and parents and teachers and local communities as well. So as an organization, a community-led organization, we work, we have been actually working with these UNICEF, UNDP, such organizations to conducting different awareness programs and such STEM related programs where we are educating our kids to, you know, how they can come up with critical thinking solutions like through coding and simple programmings and stuff. Yeah, that’s it.

Radhika Gupta: Smila, am I putting you on the spot?

Samaila Atsen Bako: I was just gonna say I wasn’t expecting myself to go next, but it’s fine. It’s fine. So I didn’t mention this earlier apart from Nigeria. So in our country, I would say it’s a bit similar to what the previous speaker just said. We still have a bit of foundational layers being put in place. So for instance, about six months ago, if I recall correctly, we had a session with one of the, with the telecoms industry regulator, what we call the National Communications Commission, sorry, Nigerian Communications Commission, and they’re putting together like, operating procedures basically for child protection and they wanted external stakeholders to be involved. So civil society, the industry experts and so on to contribute to the drafting of those processes. And so we’re part of that session. But even before then, I would say about, if I’m not mistaken, two or three years ago, we had a session with, organized by META, MTN, I think it was NICMEC or ICMEC. and it’s a global organization that does stuff around child and women protection and stuff like that. So we’ve had some of these engagements. And so from my organization’s perspective, and by organization I mean the Sabah Security Exposition of Nigeria, we tend to be involved in these conversations to provide our insights from the Sabah Security perspective as professionals. But then again, as internet users and as parents or elder siblings or guardians, we do have kids that were aware of using the internet and we tend to know some of the things they experience. So even outside the Sabah Security perspective, we also have that end user perspective. So we try to share from these areas and we go a step further. So we also engage students. We tend to go to schools. I mean, we’ve been doing this since maybe, I think 2015 or so, going to high schools, also universities to engage with the students, but also to engage with their teachers. Because what we’ve found out now is that especially the kids in the private school, they tend to get easier access to gadgets and the internet at a younger age because they are more likely from well-to-do homes. And so we go to those private schools, we engage with them. And we try to explain to the students, these are some of the things you need to be aware of. Internet is nice and fun, but they are disissued. So we’ve done that, we’ve tried to engage the government. And I think those are the little contributions we’ve done from our perspective and we continue to do in the near year as well.

Radhika Gupta: Okay, I don’t see that to be little, that’s some progress, so thank you. Gabrielle? If we don’t have Gabrielle ready, can we have Janatu? Hello everyone, this is Janatu for Dose. When it comes to our case. in this digital age, the whole stratosphere of technology and the Internet. Hello? Hello. Is that Gabriel speaking? Yes, I was speaking. Gabriel, can you please pause? Janatu has taken the floor, so wait for her to finish, then you take it up. Thank you. Okay.

Speaker 3: Hello, everyone. My topic is the future of learning digitalization in primary education for sustainable development in Bangladesh. Here, I would like to express the entire challenges regarding digitalization in primary education, and globally, the digital transformation of education is changing the learning experiences, pedagogical approaches, and institutional administration, integrating the newest digital resources into the educational institutions aims to establish a networked environment that enables students to learn in a digital format. Therefore, digitalization information facilitates students’ ability to responsibly protect the environment and the economy and to base their judgments on factual knowledge. This relationship supports a comprehensive and transformative high-quality education that affects learning outcomes and content. ICT contributes to education and human capital development. Furthermore, the challenges occur due to COVID-19, which broke out in Bangladesh in March 11, 2020. In that sense, since then, the widespread closure of schools in response to COVID-19 has hindered traditional modes of education and the focus of… institutional activities has switched to the online approach. In the recent years, actually, there has been widespread recognition of the need of digital competency at different educational levels. With its creative solution to enduring problems in education, such as access to high-quality education, unequal student-teachers ratio, and geographic constraint, this digital revolution is significant for poor nations like Bangladesh. As a part of National Digital Bangladesh Goal, actually, this is the election manifesto of our previous government, that is Awami government, which was introduced in 2009. Bangladesh has started towards full digital integration in education. My paper actually explores how digital technologies can improve the learning results and democratize the access to education resources and transform education delivery. And now, I would like to focus on the digitalization of education. In modern society, heavily relies on technology. The digital revolution of the, actually, in Bangladesh perspective, it was 1990. Here, in that year, in the education system, digital transformative approach were taken into account. Digital education integrates electronic content, e-learning, VR, and social media to modernize teaching and foster digital maturity. Innovations like…

Radhika Gupta: Janatu? Janatu? Okay. Yes, I think you would have to pause there for now. We’re focusing on what strategies are in place to ensuring that… Children and young people are not taking advantage of by predators. So what strategy do you have in Bangladesh? That is seen to cyber bullying that is seen to exploitation and abuse and all other forms of abuse to you Do you have? An intervention on that to share with us. Yes. Yes. I can you go to that for us. Thank you. Okay

Speaker 3: You know each each every each and every issue educational institution there must be a sexual harassment prevention cell And through this it was actually Developed in 2009 through a high court directives that each and every institution must have a sexual harassment prevention cell and through this each and every organization forms a sexual harassment prevention cell with five to nine members where majority majority are female and in most of the case the cyber bullying is done on on the perspective of the female and and harassment cell always working on this to resolve this issue and Actually, this is the gender issue and in in other sense we have lots of challenges like infrastructure It’s it’s it’s a pressing issue in for in perspective of Bangladesh because the infrastructural capacity is not so good good here and in if the government arrange a computer and Internet package, but there is lack of electricity in the rural areas of Bangladesh. There’s a great challenge for Bangladesh. Okay

Radhika Gupta: Thank you so much. I’m not to Gabriel Thank you so much for being with me, yes, just hang in there we’re coming back to you with two other submissions

Gabriel Karsan: Yes, thank you very much Children in Africa are increasingly exposed to elements of cyber bullying online exploitation as well as harmful content So I think it’s very important for us to be aware of this I might say, this is a global issue. We are not immune, even though we are in baby steps of creating our infrastructure and our policies, we are not immune to the different vulnerabilities of the cyberspace, especially towards children. Now we have almost 25, under 25 Africans who use the internet deeply in their day-to-day activities. It’s shaping the culture, and this is seen with post-modernism as well as with social media. In Tanzania, we are still developing a framework, but what has been done is that we have a strong regulatory authority that has deep technical standards that align with the global cross-border and online protection mechanism. Examples, an infrastructure that has IPsec, open communities, as well as a DNS protection system that really aligns with the local sector of protecting the content, but also we have a content policy that aligns on who has access to the internet and in what particular perspective, because it’s still a developing country with the infrastructure still being built. So in our child online protection framework, the critical step which has been done is merging lit-based community, where parents and educators and policy makers can just come together and exchange a particular real case scenario in that manner, because the first thing is that it’s also an issue that aligns the issue, because we have seen that with digital literacy and inclusion, particularly to young women, the cascading effect has been great. Even in rural areas where the internet is coming now, the access comes with a little new information of breaching the divide. And Tanzania has a school connectivity program, and the school connectivity program is a package that comes with. with digital literacy, where they have seen that protecting the child is important, but this is also done through giving them the skillset, giving them languages, so that when they partake or communicate and interact with technological systems, they have an awareness system. But also, we are building feedback loops, which should be open based on different demographics. And I think this is something that’s still in discussion for policy. I think I’ll end there now as we follow our discussion.

Radhika Gupta: Thank you, Gabriel. We’ll come back to you later. I heard you.

Speaker 1: Yes. So hi, everyone. When we talk about child rights online, so I’m gonna bring in a little bit from the harm’s perspective. But before that, Gabriel pointed out a lot around meaningful inclusion and what has already been, you know, with respect to access, that the challenge that we face. So this perspective that I’m going to share is through the interaction with the young people through the YIGF network in India. And a lot of the young people, I’m sure the issues also overlap to other countries, talk about how there is, of course, exposure to inappropriate content online. They do experience cyberbullying extensively. But there’s also unauthorized collection of their personal data. So there’s a lot of privacy violations. So what is the consent mechanism? Is there enough mechanisms to ensure that it’s clearly explained to them as to what is the data, why is it being used, and what kind of control that they have over it? In addition to this, we do see there could be situations of predators, you know, manipulating the mindsets. And then also we also come across targeted advertisement and a lot of misinformation. The other concern we see is for young people to like meaningfully be there on the online space, you need the right amount of digital literacy aspects. And I think that is something that a lot of the panelists before me have highlighted. So in India, from a cyber harm perspective, there are two key things that I want to highlight that the country is currently. doing in the I4C which is our Indian Cybercrime Coordination Center under the Ministry of Home Affairs is currently aimed at tackling cybercrime in a more coordinated aspect so they have a nationwide coordination where they have also come up with a cybercrime reporting portal which targets this is an accessible platform is something that you can also look up on the cybercrime.gov.in where individuals can report cybercrimes including those that are targeting young children around child pornography, online harassment and exploitation and cyberbullying. Further there are also dedicated resources that you can look into that provide you information on how to handle crimes around child abuse and grooming, trafficking among others. Then from a capacity building perspective they also provide training to law enforcement personal prosecutors and the judicially judicial officers and how to handle cybercrime investigations. Among this of course we do require collaboration with global organizations so they do ensure that there is best practice exchange with cross-border cybercrime developments. The last thing I want to highlight is the POSCO Act 2012 in India which is protecting children under 18 from sexual offenses including abuse, exploitation and harassment but I want to highlight the aspect that relates to the digital threats that young children the children pose that falls under this act which is which mentions that it criminalizes the use of children for creating, distributing and accessing child sexual abuse material as CISA material and includes various provisions for online grooming, harassment and cyber exploitation. Thank you.

Radhika Gupta: All right thank you for your interventions in that regard. I don’t know if I should probe further but then for the sake of time we’re going to go further but I just want to correct an impression there in terms of the terminology we no longer have child pornography. An abuse is an abuse. A child does not engage in pornography. So as much as possible, let’s change out. This is a platform we are educating people, so I just thought that I’ll bring that to the fore. So we go with our next round of submissions, but then I’m going to merge the two questions. So if you give us what your country, for instance, what’s India doing specifically to promote digital literacy among young people, then you also tell us what, maybe there’s an intervention to leverage on emerging technologies. What are some of those things? So you’re giving me two perspectives. You’re giving me digital literacy initiatives at country level to empower young people, because when we’re talking about child online safety and we’re just talking about protection, protection, protection, we are leaving out the provision and the participation aspect of things. So as much as possible, we need to take care of the three Ps as involved in child protection, just to make sure that we’re doing the right thing. So much as we are treating the harms and the threats to children, we need to also take care of empowerment. We need to take care of their skill sets in order for them to engage responsibly. So I’m coming to you. I don’t know who wants to take it first. I don’t want to be biased. Should I put you on the spot? Are you okay? So tell us, what digital literacy initiatives do you have in your country? And what are some of the emerging technology leverages that you’re doing in Maldives? Thank you.

Aishath Naura Naseem: In terms of promoting the digital literacy, I think like every other country, we are also still struggling to put the right thing in the right place as a country, because the technology is expanding way too fast,

Speaker 1: then we can reach it out. But as I mentioned before, my organization, the Women in Tech Maldives over there, we have… a huge role in establishing digital literacy among our people, our country, throughout. So we have, for kids, it’s like that you just can’t go and directly reach out to the kids. So we have to pass, you know, level by level, like just go and first educate their parents. What are the digital norms? How can you maintain safety? How can you ensure that the network that you are in connected is safe? How can you ensure that your devices are connected to safe networks? How you can ensure the security of the devices that you are eventually giving out to your child to use? So we have programs that we run across the country that we educate our community, we educate our parents, we educate our students, and I mean the kids, along with the teachers that they are daily life, maybe communicating with. So it’s like, it’s not easy because the whole thing becomes quite new for the community as well, because when we go and say our digital spaces, you have this and this and that over in the digital space, it is harmful. So to identify or to recognize the harmfulness in that particular area is quite challenging for the community people because obviously not enough literate in the digital space. So to literate them in the digital space, how they can identify that they are being targeted, how they can actually monitor the devices that the kids are using, how they can ensure the safety.

Aishath Naura Naseem: We do run several programs in our place to ensure the safety are maintained within the community itself.

Radhika Gupta: Okay, thank you. Gabriele, we’re coming to you, but then I’m also interested in hearing these initiatives that are even in the local language, because sometimes it’s not always English that the children understand. Do we have some of them in the local language? Do we have it in an accessible format, say, taken into consideration? children with disability. Those initiatives, if they are happening in your country, we would like you to share light on that. Then we can pick lessons from it going forward. We can work with that. Gabriel, over to you. Thank you. Okay, if I don’t have Gabriel, could we have Samaila, Nigeria?

Samaila Atsen Bako: Sure. Thanks for the question. I think the question is in two parts. Maybe I start with maybe what some of the things that I know the government has started doing around digital literacy and even emerging tech. I think a few years back, there was some effort to – there was some effort to do some level of digitization when it comes to the schools we have. Some of these interventions are not necessarily targeted towards just kids. It may also be the older children. I know there’s been effort, for instance, to provide power to universities using solar panels so that they can then leverage the technologies that have been provided in the school to improve their digital literacy. The current Minister of Communication and Digital Economy has been pushing for a lot of effort around the adoption and familiarity with AI. I know there’s a scheme, I think it’s the National AI Research Scheme, that was launched a few months ago. There’s been other efforts by him to pull together resources from the private sector and other places and even foreign people to support those efforts. I guess maybe it’s a bit soon to say how effective it has been or the results of such interventions, but I know that they exist. There are others by the National Information Technology Development Agency and other government processes trying to make things work somehow in terms of providing gadgets because they are not so affordable, providing even internet connectivity to some of these areas outside the main urban areas. I think another laudable effort by the government in Nigeria was when, I think about three years ago or so, when the sub-national governments, that is the state governments, came to an agreement to reduce the cost of the right-of-way, that is when, like the money you pay to lay fiber optic cables, and the goal was to slash the price from about 6,000, I think 6,000 Naira per, from as high as 6,000 Naira per meter to a maximum of 145 Naira per meter, and that obviously would lead to better internet penetration because the telecoms companies and the internet service providers can lay their cables to more areas and to spread connectivity to people living outside the urban centers. So I think those are some of the efforts by the government. Generally speaking, from the, what would I say, from the Sim Society perspective, where I come from, I know quite a number of organizations that are doing different kinds of digital safety, let’s say courses or trainings or webinars or sharing flyers, some level of awareness and education, and the goal is just to make sure people do understand more about technology, but also now learn about this side of things. And I think even from the, if you look at law enforcement now, there’s a bit more knowledge, you know, about electronic crime or online fraud and cyber crime and all that, but also from the digital harms perspective, where we have cyber bullying and online harassment, so there’s a bit more knowledge, although we’re hoping for better and more widespread awareness and even prosecution and things like that. to come on board. I think in Nigeria right now, the main laws that may be used when these things come up have to do with cybercrime acts that we have, as well as maybe the Child Rights Act and one or two others. But we’re hoping that this issue of digital literacy, you know, from the angle of the laws, of using technology, of being safe online, addressing these different stakeholders, we are hoping that things improve as time goes on. All right, thank you.

Radhika Gupta: I would have put you on the spot if you were from government, but it’s okay. Gabriel, are you ready? Yes, I’m ready. All right.

Gabriel Karsan: Yes, thank you. Based on our side, I think Tanzania has been going through a big reform in terms of building its strategy 2050, and they have highlighted the importance of having core agency of youth empowerment in the digital structure empowerment programs. So right now, we have a last mile connectivity program where we have tried to have 70% of the B country have fiber optic cabling, and these pass through schools, because in our culture, we come from a very oral culture, it’s still under the communal side of things to pass on knowledge. So school connectivity has come to enhance and more participation of the community, because it has boosted the centers where we are not only equipping children with the digital skills, but now also the teachers and the community members come to interact with technologies, because it is a big strategy that has been pushed by the government. But also in terms of pushing public partnerships, private, public, private partnerships. Now we have been working with different organizations, example, like China mobile, where they’re building a big backbone for connectivity to come to the country, but also with a simple start-up which is building an open-source technological system called KaiOS. This is in Swahili, and it has all the local initiatives including access to literacy materials online and can be used on a simple feature phone. This has been a project that has been able to reach almost a million young people. With the use of the local language and the community element and the funding mechanism that has some subsidies from the government, it has boosted more inclusion. But in terms of the human rights angle of equipping children’s rights such as privacy and freedom of expression and access to information, we still have a big technical gap because we are still building quite the foundation of the framework. And if we are to be realistic in this digital realm, the emerging technologies example, artificial intelligence and the high computational needs, they will need us to really catapult fast and a big investment has to be made in the core infrastructure which is the young children. Tanzania also has pushed for a change in competency-based digital literacy skills being part and parcel of every educational program starting from next year. So I think these are things that maybe in five years we might see catapulate. But in terms of good policy, I also come from the age where there was a subsidy in connectivity elements where I also got to enjoy the benefits of cheap connection and affordable internet. This has given me the privilege of addressing you all today. So I think these policy intersections with a very local lens tend to breed fruits.

Radhika Gupta: All right. Thank you. I like the way you situated in this conversation. Do we have you? Can you take the floor? Okay.

Speaker 1: So I think a lot of very good points have already been covered. So I was just trying to take a note of… what exactly I could add, which is a little more from, in terms of the initiatives that are happening. Okay, so some of the things which have been talked about are happening in India. Yes. We need you to reiterate it, because we are looking at countries and what they are doing. All right, all right. So we, I think Gabrielle also spoke about digital literacy programs. So when we look at India, right, there has been, in the last couple of, in the last decade, for example, the internet adoption has increased tremendously. And especially with, right now, we have the unified payment system, payment interface, UPI is what we call it, and a lot of the transactions in the country are online. So I don’t mean talking, here I don’t talk about just supermarkets, for example, or some kind of transactions with malls. I’m talking about even the street hawkers, for that matter. Everybody does transactions through the unified payment interface. So everything is digital. And that brings us to the main concern about does everybody have the right set of digital skill sets to ensure that they are safe, they are secure, and they’re meaningfully accessing the internet in the country. So just recently, we have the National Digital Literacy Mission, NLDM is what we call it. And this initiative was launched to ensure that the citizens, especially those in rural and underserved areas, have the necessary skills to access digital technology and participate overall in the digital economy. But since earlier in the first question that was addressed to me, I spoke about threats. I also want to highlight from a cyber security skill set perspective. There is the Information Security Education and Awareness Program, which is actually a free of cost bunch of courses for you to have the right set of skills to navigate the internet safely. And if you are interested in developing a little more in the technical skills, you might as well do that through the program. One thing I want to highlight is not just having these skills in any. in English, what we at Youth IGF India, very recently in fact, we had done a partnership with the Women in Tech Org, the Northeast chapter. So, our idea was to ensure that we teach relevant cybersecurity skill sets to young women in the Northeast of India, in a language that they are comfortable with, and content that they are comfortable with to address their relevant concerns of the region around cybersecurity. So, what I’ve realized in this process of this partnership, and among the other initiatives that we’ve been running as a civil society body, that there are a lot of civil society bodies out there, not just focusing on mentoring the young, but also mentoring the educators, the researchers, as well as the, how do I say, judiciary and the police in the country to handle these issues. Thanks.

Radhika Gupta: All right. Thank you. On the note of law enforcement being empowered to do their work, I like open mic situations, because I know there are so many expertise in the room. So, we will pause the panel session now. My panelists be thinking about one recommendation, one key recommendation to IGF, as far as promoting child online safety and inclusion of rights is concerned. So, be thinking about that whilst we give the mic to anyone in the room who would like to make an intervention in this regard. Hello?

Audience: Hi. I also hail from India. So, thank you for putting those points together. I just wanted to make an addition to what she mentioned, that on the efforts by the government, in terms of like, India has, the I4C department has actually adopted a mission to train 5,000 commandos, cyber commandos as well, where they’re training these law enforcement agencies to look… into cyber cases in India, which also looks into child safety. So that’s an addition in terms of what the government is doing. But in terms of population, that’s we feel, as a civil society organization, that’s way too less. But coming from an organization that does a lot of digital literacy programs in India, we do train children about cyber safety from a very young age, basically from children below six up till class 12, as well, to talk about how you need to navigate the digital spaces more safely and securely. Also, the interaction with parents are really high, because the whole generational digital divide is one big issue in India. Also, the issue of shared devices. So putting all those together, of course, the missions are way too high. And a lot of civil society organizations, along with the government, are doing a lot of efforts. But then again, in proportion to the population, I think so it’s still way too less. But yes, of course, I’m sure with more efforts and missions, we’ll be able to do that.

Radhika Gupta: Thank you. I wish we have the whole day. We would have packed teleworking and everything.

Speaker 3: I would like to add something, if you allow me.

Radhika Gupta: Who is it?

Speaker 3: This is Dr. Jannath.

Radhika Gupta: Please hold on for us. We have an open mic session now. So just hold on. Hello, everybody.

Audience: Namaste. I’m from Nepal. I’m Madhav Pradhan. And actually, we are working with the children. We incorporate in the curriculum, because in Nepal, we have access to the children, how children can safely use the internet. And if they are cyberbullied, we are very closely working with the cyber bureau. Cyber bureau is very controlling. And if children have a problem, they can complain in the child help line. Because in child help line, if they have a problem, mentally health is linked with the hospital. And if they have online cyberbullying, link with the cyber bureau. That’s where we are working. And I want to know in other country how they are incorporating the curriculum. Because from one class to 12 class, how children can safely use the internet. And other country, how they can complain that we are now working in Nepal.

Radhika Gupta: Thank you. In the country I come from, online safety has become part of the lessons for ICT. So from the scratch, they have it as a content that they engage with.

Audience: Hello, I am from Bangladesh. In Bangladesh, our government has created our administrative committee for teenagers in locally, district level, as well as in central level. In central committee, there are 11 ministries, as well as police, cyber security, crime related agencies are there. And in the district level, there are district collector, police, super, medical officers, educational officers, and as well as all the society related co-workers are there. And they are actually working for preventing cyber crime for teenagers. So there could be an idea for everyone. So they could do that locally to prevent cyber crime, cyber bullying perfectly. I guess that could be an idea.

Radhika Gupta: Thank you for your intervention. Janatu, could you speak now? Hello? While we wait for her.

Audience: Thank you so much. And like, I mean, Haitha has like added everything, but like, I just very quickly wanted to like come in. Oh, that’s fine now. Yeah, coming on the point that you were mentioning in terms of the local language, right. So one initiative, which is very commendable that the Indian government is trying to do is Bhaashini. So Bhaashini is AI integrated tool, which the government is developing to like actually translate various, you know, digital platforms or the digital services into the vernacular languages so the individuals across India can actually like access them in a more like, you know, meaningful way. In addition to that, like also wanted to like mention a little bit when we are talking about digital literacy, it’s also important to like, look at from the emerging technology perspective. India is like working on something called India AI mission. And one of the key pillars is the, you know, AI future skills. So where they’re actually developing courses and like, you know, developing modules within the, you know, curriculums of the schools and colleges, and also which is actually within the tier two and tier three of the, you know, cities. And finally, one more point, which I wanted to add, like, I think, like, there’s a long curve to go in terms of like, you know, also sensitizing the government in terms of like enforcement, when it comes to all of these aspects, when we talk about like, you know, child abuse and everything, but government is also like very actively working on that there’s a department within the METI, which is the, you know, electronics and information technology Ministry of India, NEGD, which actually looks specifically into like sensitizing how the, you know, the public sector can also like, understand what’s really happening within this ecosystem to act better. Yeah. Maybe I could just add an international perspective. So I was a delegate to the 93rd child rights convention in Geneva. And the primary issue discussed was, of course, all of these serious issues that your governments have been addressing, but a major overlap is the mental health issues caused by social media to children. So it evolves from false body images to several psychological problems. So what do these governments do actually, beyond just teaching children how to use the internet and how to be safe on the internet from a mental health perspective? That is so an open question.

Radhika Gupta: That’s a question. He’s talking. about what governments are doing. I don’t think I’ll limit it to just the panelists. Anybody who has the response could take up the mic. What governments are doing in order to safeguard young people from mental health concerns and body image issues?

Audience: Thank you. Can you hear me? All right. My name is Mary Uduma. I’m from Nigeria. And the panelists from Nigeria have done some intervention on what has been happening in my country. Apart from the government, there are other organizations, other non-governmental organizations that are also involved in capacity building when it comes to child online protection, as well as advocacy group for the children. And my own organization, Ndukwe Kalo Foundation, we are interested in that. And we do capacity building for teachers, engaging them so that they can also engage the students. And also, we’re establishing what we call ambassadors within the school setting so that children, they talk to their peers. They may not speak to the adults, but they can actually confide in their peers. So we’re trying to set up that so that it can happen. As for mental health, I’m not sure there’s a government organization that is looking at mental health. But it’s something we can take back home to make sure that we look at that to include it in our engagement with the caregivers, the teachers, the parents, and then even the law enforcement agent, and also the health care organizations. We’ll take that home and we’ll try to implement it.

Radhika Gupta: Thank you. And let me just reiterate the fact that if country-level strategies are being developed using the general comment number 25, all these things would have been taken care of. But if we develop the country’s strategies without the global standard, it would be very difficult for us to take care of issues that will come up. And it will not be future-proof enough. We will design a solution after one year. We’ll have to now review it in order to come up with other things. So as much as possible, take the message home. The general comment is there for countries to use in order to design solution or strategies that will help protect children effectively in the digital space. Is Janatu available now? Oh, there’s a question online. Okay. Who is our moderator online then? Are you doing that? I can’t see the question.

Audience: The lady’s name is Sasha. Okay, Sasha, could you unmute yourself and ask the question? Hello, can you hear me? Yes, we can hear you. Okay, I tried to put on the video as well. However, it’s not working. So my name is Sasha Nandlal. I’m from Trinidad and Tobago. I’m currently in Canada pursuing my PhD, and my comment and question is based around the second point, digital literacy and inclusion, from the perspective of empowering all students within the process of education and retaining their backgrounds, as well as being mindful of their socio-economic standings. And with that in mind, within Trinidad and Tobago, we have the Digital Transformation Project through UNICEF as well. But it’s been part of our practice to look at the infrastructure, as it would be with most organizations, and consider the policy, the hardware, and building teacher awareness. And I think that’s one of the major parts that we haven’t touched on as much, is that teachers’ attitudes play a role in terms of what morals, values, ethics, and practices are going to be reciprocated throughout the veins of society and the way in which we promote change and change management processes from the generation moving forward. When we consider the formal and hidden curriculum, formal curriculum-wise we consider systemic when it comes to concepts that are going to be developed and the skills that are going to be developed from early childhood years to adulthood. Within that hidden curriculum, as well, we have to consider the effective domains of the students and the teachers and how does that bridge of using technology and using and developing the digital literacy for education and the future work environment, how important is that, and the interjection of AI within that equation. So it’s a very delicate space to be in and when we consider accessibility design, in most cases when it comes to the drive of technology, it starts from the private sector and most times private sectors don’t consider the user at the center of the element that they’re creating. They think about the student after this software has been developed and now we have to go back and weave those pieces through that technology. And so having a strong relationship between corporate and public sectors when it comes to education would be tantamount to its success. And if we have more grants gathered into that space where we could bridge these gaps, bridge that digital divide, and have technology going from one space of private sector to government sector, we’ll find that even the students who didn’t have internet at home could still have access to certain ways of learning, whether it be asynchronous, working from that device home and then plugging into it. to these sessions when they come to school. And so accessibility design might be central to that particular field. I just wondered from the speaker’s perspective and from their own personal experiences, how has that perspective of accessibility played into the role of education development when it comes to digital literacy and inclusion? Thank you.

Radhika Gupta: Right, thank you. You want to take that?

Speaker 1: I think I’m sure somebody else would like to take in a deeper context, but I’ll just give a quick example of how an emerging technology like the internet of things, that’s something we’ve used in India to connect with schools. So especially during the COVID time, a lot of the high school science experiments that could be around titrations or focal length, et cetera, was a project that I worked on, where we worked with an NGO and we also connected with a lot of rural schools in India. They were able to perform the science experiments that was placed in a city, sitting in their schools in the remote part of India. And they had a dashboard, they had an interface, and in real time they were able to conduct these experiments remotely. And there was a queuing mechanism, and that ensured that even, and of course we wanted to ensure there was seamless internet, that is what enabled it. But this is one way to ensure that technology is used in the education sector to ensure that the education is continuous and the learning is continuous. Just wanted to add that, I’m sure somebody else would like to take the question.

Radhika Gupta: Okay, even if nobody adds anything. Her question actually presents the real picture of the complexities involved in doing child online protection. There’s no way we can have one stakeholder have all the solutions or have a system that is foolproof. It’s important that we come together, we bring collective knowledge. And like she said, sometimes businesses. choose profit over protection and well-being. However, if we engage them at the early stage, we are going back to the basics, doing the right thing, we will not have to be there and be retrofitting, but then industry will take into consideration the standard tools in their design and making sure that whatever they’re putting forward has the interest of the child at heart and they are doing the right thing. So which is why, again, country level strategies are very, very important. If we have them in place, you can call the industry player to book in order for them to do what they have to do. So we need to take our country level designs very seriously and make sure we are designing them with the right frameworks in mind. So I’ll give the panelists the last opportunity. Each of you is giving us a recommendation to IGF going forward as to how we can promote child safety and inclusion in IGF. So, Janatu, are you with us? Okay. Samayla? Gabriel? Thank you.

Samaila Atsen Bako: That’s an interesting question because, can you hear me?

Radhika Gupta: Yes, Gabriel. Hello. Oh, that’s Samaila.

Samaila Atsen Bako: Okay. Okay, I think there’s a lag on the call, but no problem, I’ll still go ahead. So I was just saying that that’s an interesting question because I was thinking more from the perspective of the human and societal diversity factors that come into play. So let me start with that and then I’ll give my recommendation. So what I would say is that there are things that are human nature, right? There’s that need to interact with people. So you can’t stop. they’re obviously curious as well. The other answer is that what can we do, you know, knowing that they’re going to go online at some point, what can we do to either help, I think we discussed the helping parts, but what can we do maybe as parents and guidance to be more aware. I think the first thing is to observe behavioural changes. When an outgoing kid, for instance, becomes a bit more reserved or doesn’t want to go to a particular place anymore, that should make us ask questions to become more curious. I think we also need to encourage more physical engagements with their peers as opposed to throwing gadgets at them because you just want some some peace of mind and things like that. And then obviously that means we should now also limit their screen time as well as take into cognizance the age limits that are set on some of these platforms. You know, we shouldn’t be allowing kids that are not up to the right age to be joining some of this platform because they are just exposing themselves to dangers they don’t even understand at the time. Now that being said, in terms of recommendations, again I can’t speak for government but I’ll speak from the non-profit perspective. One of my senior colleagues earlier in the hall, Mrs Mary Uduma mentioned she’s looking into ambassadors in schools. Our association, the Cyber Security Association of Nigeria, has actually recently launched cyber clubs and we started with Caleb University and we’re in talks with about two other universities as well. And the idea is to help with awareness raising within those environments because we know some of these digital harms and security concerns tend to happen in schools. And by virtue of doing that, we’re also hoping that we build more interest in cyber security so we have more people hoping to study cyber security as opposed to getting involved in cyber harms and cyber crime as well. So those are some of the things we are doing. I think you already gave a key recommendation for the government or for IGF to push governments to do, which is the adoption of global standards. about that.

Radhika Gupta: Thank you very much. All right, can I unmute Gabriel? He’s ready to speak.

Gabriel Karsan: Thank you very much. For me, Matthew, since I would urge everybody in the multi-stakeholder approach to understand that the times we are living in, based on a simple African proverb, is we say that it takes the village to raise a child. But in the internet age, it takes the globe, because it’s everybody, almost 5.3 billion lords actively engaging, shaping a culture. So everybody in the multi-stakeholder approach, whether policymaker, educator, technologist, academia, we should champion inclusive, culturally grounded, and child-centered digital practices. Because this is the only way we can create a digital, safer future. We have to understand that childhood is a phase. And in the principles of any community, when a child is born, there’s a particular shift in how you interact to ensure that the child gets to be protected and to enjoy sustainability. And this should be extended in our digital scope, that these are the elements that should be highly put in how we decide policy. And this is based on the inclusivity principles. But also, in best practices, we need a lot of public and private partnerships, because this is the only way we could reach localized communities, with the telecos, with the academia, also with the society participants in itself, in a very community-driven approach. Because local organizations often are the ones who raise our children, and they are the ones who bear as safe guardian people in how they get to evolve. So we should empower them as well. And regional cooperation is still very important, because the African Union has a digital strategy, transformative strategy, and also the Malabo Convention. I think when we use regional integration as well, under strict standards, we can push for our countries to be more compliant in enforcing that a child… is the property of all of Africa and it’s our responsibility and moral obligation that we push for these digital spaces inclusively. All right, thank you Gabriel. Naza?

Aishath Naura Naseem: Before concluding, I would like to thank Mr Das for giving us this last minute opportunity to be among this panel discussion with such insightful things that I’m taking from here and to give the key recommendation I noted down so that I don’t forget that. I just want to mention everything for IGF in the context of a developing nation actually. I would like to mention that to ensure a safer digital environment for our children, for IGF to prioritize on global collaborations to develop localized digital safety resources so that maybe the one of the main component that we were discussing today that for the local contents for that’s being used in the social platforms because that’s one thing that all of our countries I think are facing and along with that I would like to recommend also that to bring out policies or strategies that would actually protect our childs and maybe strengthen the digital literacy among the parents. That’s it, thank you.

Radhika Gupta: Thank you.

Speaker 1: You have a right. So first of all it’s been a very incredible panel because I’ve been constantly noting down points from different countries. Sorry if you’ve just seen me typing throughout. So when we there was a point mentioned about technology developments and how that relates to child safety and I think that is a very critical area of concern that we should all be looking into. So we I think from a standardization perspective since I come from technical community I think we need more working groups to encourage inclusive and safe tech focused on child safety and one more recommendation to the IGF would be that there are the current young people are born into the digital era so I think more participation or some kind of a prior consultation with school students so that an agenda item is set for the IGF making sure that their concerns are part of the agenda of the overall multi-stakeholder discussions that take place

Radhika Gupta: thank you all right thank you all I don’t know if I should have the last last words because we have just two minutes to get out of here so yes let me add my voice to what has been said by our panelists country level strategies are very important and they should be designed based on the right principles stated in a general comment number 25 there’s also the need for mandatory and right audit for digital platforms just to ensure that they’ve taken into consideration rights privacy and safety by designing to consideration capacity building for law enforcement agencies just to make sure that they are prosecuting what needed to be prosecuted digital literacy and awareness programs for children and parents to position them well enough and there should be a global accountability mechanism which will take into consideration what countries are doing and if a country is not up to date you can indirect name and shame for countries that are not working to protect children and then there’s the need for inclusivity in policymaking and maybe the last one I will say that maybe the next IGF we should be having the voice of children in the room and not being represented by youth or adults that’s my last on this note thank you so much for enduring and then we are grateful and we hope that this discussion will be carried forward in our various countries and spaces and we become ambassadors for child protection in the digital space in our various endeavors. Thank you. God bless you. Thank you. Bye everyone. Bye bye. You see you have been forgotten. Thank you. Thank you Gabriel. Thank you Janatu and thank you Samayla. Thank you very much. you

Agreement Points

Importance of digital literacy initiatives

Speaker 1

Aishath Naura Naseem

Samaila Atsen Bako

Gabriel Karsan

Launching National Digital Literacy Mission

Providing digital literacy training for children and parents

Creating cyber clubs and ambassadors in schools

Implementing competency-based digital literacy skills in education

Multiple speakers emphasized the importance of digital literacy programs for children, parents, and educators to promote safe and responsible internet use.

Need for multi-stakeholder collaboration

Radhika Gupta

Gabriel Karsan

Audience

Importance of public-private partnerships

Promoting regional cooperation through African Union digital strategy

Need for collaboration between corporate and public sectors in education

Speakers agreed on the necessity of collaboration between various stakeholders, including governments, private sector, and regional bodies, to effectively address child online protection issues.

Similar Viewpoints

Both speakers emphasized the importance of developing comprehensive strategies at national and regional levels to address child online protection.

Radhika Gupta

Gabriel Karsan

Developing national strategies and frameworks

Promoting regional cooperation through African Union digital strategy

Both speakers highlighted the importance of leveraging technology to enhance educational opportunities and digital literacy in remote or underserved areas.

Speaker 1

Aishath Naura Naseem

Using Internet of Things for remote science experiments

Providing digital literacy training for children and parents

Unexpected Consensus

Addressing mental health concerns related to social media use

Audience

Samaila Atsen Bako

Lack of government focus on mental health issues from social media

Importance of observing behavioral changes in children

Encouraging more physical engagement with peers

While not a primary focus of the discussion, there was unexpected consensus on the need to address mental health concerns related to children’s social media use, with both audience members and panelists recognizing this as an important issue.

Overall Assessment

Summary

The main areas of agreement included the importance of digital literacy initiatives, the need for multi-stakeholder collaboration, and the development of comprehensive national and regional strategies for child online protection.

Consensus level

There was a moderate to high level of consensus among speakers on the key issues discussed. This consensus suggests a shared understanding of the challenges and potential solutions in child online protection, which could facilitate more coordinated and effective actions across different countries and stakeholders.

Different Viewpoints

Unexpected Differences

Addressing mental health concerns

Audience

Samaila Atsen Bako

Lack of government focus on mental health issues from social media

Importance of observing behavioral changes in children

While the audience member raised concerns about the lack of government focus on mental health issues caused by social media, Speaker 4 unexpectedly shifted the responsibility to parents and guardians by emphasizing the importance of observing behavioral changes in children. This difference highlights a potential gap in addressing mental health concerns comprehensively.

Overall Assessment

summary

The main areas of disagreement revolve around the specific approaches to implementing digital literacy programs, the balance between global standards and localized solutions, and the allocation of responsibility for addressing mental health concerns related to online activities.

difference_level

The level of disagreement among speakers is moderate. While there is general consensus on the importance of child online protection and digital literacy, speakers propose different strategies and emphasize various aspects of the issue. These differences reflect the complexity of the topic and the need for multi-faceted approaches tailored to different contexts. The implications of these disagreements suggest that a comprehensive solution to child online protection may require integrating multiple strategies and involving various stakeholders at different levels.

Partial Agreements

Both speakers agree on the need for localized approaches to digital safety and education, but Gabriel Karsan emphasizes infrastructure development through school connectivity programs, while Speaker 2 focuses on developing localized digital safety resources through global collaborations.

Gabriel Karsan

Aishath Naura Naseem

Implementing school connectivity programs

Prioritizing global collaborations for localized digital safety resources

Similar Viewpoints

Both speakers emphasized the importance of developing comprehensive strategies at national and regional levels to address child online protection.

Radhika Gupta

Gabriel Karsan

Developing national strategies and frameworks

Promoting regional cooperation through African Union digital strategy

Both speakers highlighted the importance of leveraging technology to enhance educational opportunities and digital literacy in remote or underserved areas.

Speaker 1

Aishath Naura Naseem

Using Internet of Things for remote science experiments

Providing digital literacy training for children and parents

Key Takeaways

Child online protection requires multi-stakeholder collaboration involving governments, tech companies, civil society, and children themselves

Country-level strategies for child online protection should be based on global standards like the UN Convention on the Rights of the Child General Comment No. 25

Digital literacy initiatives are crucial for empowering children to navigate online spaces safely

There is a need to address mental health concerns arising from children’s use of social media and digital technologies

Emerging technologies like AI and IoT can be leveraged to enhance digital education and inclusion

Resolutions and Action Items

Develop country-level strategies for child online protection based on global standards

Implement digital literacy programs for children, parents, and educators

Create cyber clubs and ambassador programs in schools to raise awareness

Include children’s voices directly in future IGF discussions

Conduct mandatory rights audits for digital platforms to ensure child safety

Unresolved Issues

How to effectively address mental health issues caused by social media use among children

Ways to bridge the digital divide and ensure equitable access to digital technologies for all children

Methods to balance protection and empowerment in child online safety initiatives

Strategies for engaging tech companies to prioritize child safety in product design

Suggested Compromises

Balancing the need for child protection with allowing children to participate meaningfully in digital spaces

Combining global standards with localized approaches to address cultural and regional differences in child online protection

Integrating digital literacy into existing educational curricula rather than creating separate programs

We cannot afford to fold our arms or throw them in the air in despair. The stakes are too high and the future of our children demands action, innovation and accountability.

speaker

Radhika Gupta

reason

This comment sets an urgent and action-oriented tone for the discussion, emphasizing the critical nature of child online protection.

impact

It framed the subsequent discussion around concrete actions and strategies, rather than just theoretical discussion.

The way forward requires a paradigm shift towards safety by design, privacy by design, child rights by design, those forming the fundamentals.

speaker

Radhika Gupta

reason

This introduces the important concept of proactive design for child safety, rather than reactive measures.

impact

It shifted the conversation towards preventative measures and systemic approaches to online child protection.

We must resist the tendency to combine children with youth. Children require unique protection, tailored strategies and recognition of their peculiar vulnerabilities and rights.

speaker

Radhika Gupta

reason

This highlights the often overlooked distinction between children and youth in digital policies.

impact

It prompted more specific discussion about child-focused strategies rather than general youth policies.

I want to highlight the aspect that relates to the digital threats that young children the children pose that falls under this act which is which mentions that it criminalizes the use of children for creating, distributing and accessing child sexual abuse material as CISA material and includes various provisions for online grooming, harassment and cyber exploitation.

speaker

Speaker 1 (Ahitha)

reason

This comment brings attention to specific legal measures addressing digital threats to children.

impact

It grounded the discussion in concrete policy examples and legal frameworks.

We no longer have child pornography. An abuse is an abuse. A child does not engage in pornography.

speaker

Radhika Gupta

reason

This correction highlights the importance of appropriate terminology in discussing child exploitation.

impact

It raised awareness about language use and framing of issues related to child abuse.

So much as we are treating the harms and the threats to children, we need to also take care of empowerment. We need to take care of their skill sets in order for them to engage responsibly.

speaker

Radhika Gupta

reason

This comment shifts the focus from protection to empowerment, introducing a more holistic approach.

impact

It broadened the discussion to include digital literacy and skills development for children.

I think even from the, if you look at law enforcement now, there’s a bit more knowledge, you know, about electronic crime or online fraud and cyber crime and all that, but also from the digital harms perspective, where we have cyber bullying and online harassment, so there’s a bit more knowledge, although we’re hoping for better and more widespread awareness and even prosecution and things like that.

speaker

Samaila Atsen Bako

reason

This comment highlights the progress in law enforcement awareness while acknowledging the need for further improvement.

impact

It introduced the role of law enforcement in child online protection and the need for their continued education and involvement.

Overall Assessment

These key comments shaped the discussion by broadening its scope from mere protection to empowerment, emphasizing the need for proactive design in digital spaces, highlighting the distinction between children and youth, and stressing the importance of appropriate terminology and legal frameworks. The discussion evolved from general concerns to specific strategies and actions, encompassing various stakeholders including policymakers, law enforcement, and children themselves. The comments collectively pushed for a more comprehensive, nuanced, and action-oriented approach to child online protection.

How are other countries incorporating online safety into their educational curriculum from grades 1-12?

speaker

Madhav Pradhan

explanation

Understanding how different countries integrate online safety education throughout schooling years can help improve child protection strategies globally.

What are governments doing to address mental health issues caused by social media use among children, beyond just teaching internet safety?

speaker

Unnamed audience member

explanation

This highlights the need to consider the psychological impacts of internet use on children, not just physical safety concerns.

How has accessibility design been incorporated into digital literacy and inclusion efforts in education?

speaker

Sasha Nandlal

explanation

Addressing accessibility ensures that digital literacy initiatives reach all students, regardless of their backgrounds or abilities.

How can we encourage more physical engagements with peers as opposed to relying on digital interactions?

speaker

Samaila Atsen Bako

explanation

Balancing online and offline interactions is crucial for children’s holistic development and safety.

How can we develop more localized digital safety resources for different countries and cultures?

speaker

Aishath Naura Naseem

explanation

Culturally appropriate resources are essential for effective implementation of child online safety measures across diverse global contexts.

How can we include more direct participation from school students in setting the agenda for IGF discussions on child online safety?

speaker

Speaker 1

explanation

Involving children directly in policy discussions ensures their perspectives and concerns are adequately addressed.