Safety and security introductory session

Event report

[Read more session reports and updates from the 14th Internet Governance Forum]

Security, safety, and resilience are prerequisites to economic growth and a healthy digital environment beneficial to all. In order to preserve it, there is a need to develop a wise policy, that will keep a balance between necessary restrictions and adherence to basic human rights online. It is the matter of protecting both technical systems and users using the multistakeholder approach.

The introductory session started with Mr Tobias Feakin (Cyber Ambassador, Australia) raising a number of issues related to the benefits and the pitfalls of an open cyberspace. Cyber-related and technology-related issues are now at the heart of geopolitics; it is a huge burden on states and other actors to think of creative solutions for such challenges. Authoritarian states abuse the online environment, turning it into a weapon against democratic values and processes. There are also more instances of human rights abuses and intellectual property theft in the digital space that cannot be left unaddressed. Another issue is the huge reliance on technologies worldwide, especially as emerging innovations such as artificial intelligence (AI) and quantum computing are rapidly maturing. Governments need to understand how to deal with them in order to capture their benefits, instead of restricting development for the sake of security. Feakin pointed to problems connected to the operation of large private entities like Google, Facebook, Alibaba, and Tencent. Governments find it highly challenging to interact with the rapidly-developing tech sector when it comes to regulation and security. Finally, he touched upon the 5G issue, noting that Australia was among the first states that made policy decisions about the technology.

Mr Greg Channing (Carnegie-Mellon University) asked about cyber-sovereignty and how governments should deal with it. Feakin noted that this is at the core of multilateral discussions. The Australian government does not believe that cyberspace has specific borders. ‘We believe in the principles of the free flow of data, the rights of the individual online, all of these sorts of principles that we think are important for the kind of cyberspace ecosystem that has allowed us to be where we are’. The more governments try to impose strict principles and borders, the less innovative technologies they will have. However, criminal activity in cyberspace should be bound by the law and jurisdiction, and this is the most challenging task so far.

Another question to the ambassador regarded privacy and governmental requests to companies to access information, as well as the reliability of checks and balances and judicial oversight for intercepting the communications of millions of people. He responded that the Australian government is not looking for companies to build back-doors to their technology. ‘If, for whatever reason a country broke encryption, we’d be doing ourselves out of our own economy, out of our own ability to function, because as governments, we function on the backbone of good robust encryption’. In terms of legislation regarding the access of user communications, the government should make good policy decisions, which are mindful of the broader interests of civil society and the private sector.

Then the session split into six groups to discuss baskets of issues pertaining to safety, security, stability, and resilience. Each group was lead by one of the thematic session organisers. The groups came up with lists of issues that will be discussed during the IGF:

Human rights, led by Ms Charlotte Altenhöner-Dion (Head of Internet Governance Unit, Council of Europe):

• Difficulty to put human rights into practice;
• Bring more focus to the end user, especially to children and youth who constitute the majority of users in the online space;
• Empower youth participation in policy-making and lawmaking;
• Some governments are not compliant with human rights principles – in those cases use advocacy and raising awareness; and,
• Make platforms comply with legislation, and co-operate with law enforcement to ensure criminal processes afterwards.

Security, led by Mr Alexander Isavnin (Internet Protection Society):

• Understanding of norms related to cyberspace;
• Criminal justice response to cyber-incidents, including co-operation between states and institutions;
• Enhancing the skills and qualifications of criminal investigators;
• Engagement with platforms, not only globally, but locally;
• Lack of public policies that motivate the implementation of modern security technologies, which leads to greater exposure to cyber vulnerabilities; and,
• Governmental staff sometimes do not understand what is technically implementable on the Internet in terms of security legislation.

Internet ethics, led by Ms Amrita Choudhury (CCAOI, India):

• Internet ethics should extended to governments and business;
• A need for clear definitions of ethics, as well as for fake news, misinformation and disinformation, etc;
• A need to localise those definitions according to local contexts;
• Inclusive policy development;
• A need for monitoring mechanisms after a policy is developed;
• A need to draw the lines between policy implementation and the misuse of powers to block freedom of speech; and,
• Incorporation of online ethics in education.

Stability and resilience, led by Mr Kaveh Ranjbar (Chief Information Officer, RIPE NCC):

• Less peering in IPv6 world means less Internet resilience;
• Lack of interoperability of IPv4 and IPv6;
• Higher costs of IPv4 resources create problems for new players; and,
• DNS abuse.

Technology, industry and trade, led by Mr Peter Koch (DENIC):

• Have a multistakeholder discussion about information-gathering and -sharing regarding cybersecurity;
• Develop a general playbook about how to address concrete questions; and,
• Data localisation.

Safety, led by Ms Ana Laura Martínez (Coordinator of International Cooperation Networks at the Regional Center for the Development of the Information Society (Cetic.br/NIC.br)):

• Criminal threats to users safety such as Internet scams, cyber-bullying, and extortion;
• Hate speech; and,
• Need for reliable data about hate speech and cyber-bullying for better policy development.

By Stadnik Ilona