Germany will set up the 'Bundescloud', where official data will only be processed in Germany, and cloud providers will need to sign non-disclosure agreements. German IT officials have already agreed on terms for public sector cloud use.
Germany will set up the 'Bundescloud', where official data will only be processed in Germany, and cloud providers will need to sign non-disclosure agreements. German IT officials have already agreed on terms for public sector cloud use.
Facebook has been ordered by the Hamburg Data Protection Authority to allow the use of pseudonyms on its social networking site – a practice which has so far been prohibited according to the site’s terms of service.
Second-ranked candidate, Malta’s Joseph Cannataci was appointed as the UN's first investigator for digital rights after German Joachim Ruecher, president of the UN Human Rights Council overruled the choice of Estonias's Katrin Nyman-Metcalf, on the grounds that Metcalf might be soft on US government surveillance.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.
The International Covenant on Civil and Political Rights (ICCPR) is the main global legal instrument for the protection of privacy. At a regional level, the main instruments on privacy and data protection in Europe is the Council of Europe (CoE) Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data of 1981. Although it was adopted by a regional organisation (CoE), it is open for accession by non-European states. Since the Convention is technology neutral, it has withstood the test of time. The EU Data Protection Directive (Directive 95/46/EC) has also formed an important legislative framework for the processing of personal data in the EU and has had a vast impact on the development of national legislation not only in Europe but also globally. This regulation has also entered a reform process in order to cope with the new developments and to ensure an effective privacy protection in the current technological environment.
Another key international – non-binding – document on privacy and data protection is the OECD Guidelines on Protection of Privacy and Transborder Flows of Personal Data from 1980. These guidelines and the OECD’s subsequent work have inspired many international, regional, and national regulations on privacy and data protection. Today, virtually all OECD countries have enacted privacy laws and empowered authorities to enforce those laws.
While the principles of the OECD guidelines have been widely accepted, the main difference is in the way they are implemented, notably between the European and US approaches. In Europe there is comprehensive data protection legislation, while in the USA the privacy regulation is developed for each sector of the economy including financial privacy (the Graham-Leach-Bliley Act), children’s privacy (the Children’s Online Privacy Protection Act) and medical privacy (under the Health Insurance Portability and Accountability Act).
Another major difference is that, in Europe, privacy legislation is enforced by public authorities, while in the USA enforcement principally rests on the private sector and self-regulation. Businesses set privacy policies. It is up to companies and individuals to decide about privacy policies themselves. The main criticism of the US approach is that individuals are placed in a comparatively weak position as they are seldom aware of the importance of options offered by privacy policies and commonly agree to them without informing themselves.
These two approaches – US and EU – to privacy protection have generated conflict. The main problem stems from the use of personal data by business companies. How can the EU ensure that data about its citizens is protected according to the rules specified in its Directive on Data Protection? According to whose rules (the EU’s or the USA’s) is data transferred through a company’s network from the EU to the USA handled?
A working solution was found in 2000 when the European Commission decided that EU regulations could be applied to US companies inside a legal ‘safe harbour’. US companies handling EU citizens’ data could voluntarily sign up to observe the EU’s privacy protection requirements. Having signed, companies were required to observe the formal enforcement mechanisms agreed upon between the EU and the USA.
The so-called Safe Harbor Agreement was received with a great hope as the legal tool that could solve similar problems with other countries. However, it was criticised by the European Parliament for not sufficiently protecting the privacy of EU citizens.
In a turning point for data transfers between the EU and the USA, in October 2015, the Court of the Justice of the European Union (CJEU) struck down this long-standing agreement and declared the Safe Harbour Agreement to be invalid. The Court found that the European Commission had failed to examine whether the USA afforded an adequate level of protection equivalent to that guaranteed in EU, but simply examined the safe harbor scheme. It found that in the US, the scheme is applicable only to undertakings that adhere to it, whereas public authorities are not subject to it, and national security, public interest and law enforcement requirements prevail over scheme. The US scheme therefore enables interference by public authorities, whereas no such limitations exist under EU law.The Court also found that the powers of national supervisory authorities could not be diminished other than by the Court.
Given the high importance of privacy and data protection in the relations between the USA and the EU after the Snowden revelations, it is likely to expect higher pressure to find a post-Safe Harbour Agreement solution.
A series of blog posts which explore the main dilemmas surrounding the Apple-FBI case. In these posts, three fictitious characters, Privarius, Securium, and Commercias talk about encryption, privacy, and security.
The report outlines data security threats and concerns in emerging cloud, big data and Internet of Things technologies. Based on the results of a global survey conducted among over 1100 senior security executives, the report identifies the following as the main data security concerns: security breaches/attacks, increased vulnerability from shared infrastructure, lack of control over the location of data, privacy violations from data originating in multiple countries, protecting sensitive data generated by IoT.
This article reflects on trends in Internet censorship in Australia, Chile, China, Finland, Libya, Myanmar, Singapore, Turkey and the UK.
This paper argues that mobile is both a medium and a media delivery platform. Changes in handset devices and levels of literacy will affect who has access to what content and there are key equity issues to be addressed.
The latest edition of glossary, compiled by DiploFoundation, contains explanations of over 130 acronyms, initialisms, and abbreviations used in IG parlance. In addition to the complete term, most entries include a concise explanation and a link for further information.
The booklet looks at legal restrictions on and informal obstacles to personal use of encryption for communication and the exercise of anonymous speech online in four countries: Morocco, Pakistan, South Korea, and the United Kingdom.
The book, now in its sixth edition, provides a comprehensive overview of the main issues and actors in the field of Internet governance and digital policy through a practical framework for analysis, discussion, and resolution of significant issues. It has been translated into many languages.
The study looks into how much of a role security and privacy played in people’s decisions to use a mobile instant messenger.
The paper, addressed to organisations that collect, store, or make use of personal data related to Russian citizens, outlines a series of recommendations on how to comply with the existing Russian legislation in this field, taking into account legal, organisational, and commercial aspects.
The report outlines predictions of the development of the technology, media, and telecommunications sectors in 2017. It covers issues such as: biometric security, distributed denial of service attaches, self-driving vehicles, 5G networks, machine learning, and Internet of Things as a service.
The report outlines examples of privacy enhancing technologies applied to drones. It describes how drone manufacturers and operators use privacy-by-deign principles to help drone users respect privacy, and to promote trust in drone operations.
The report provides an overview of the US Department of Commerce’s policies in the field of digital economy over the course of the Obama administration. It covers area such as: management of the Domain Name System, privacy and security online, innovation and emerging technologies, and access and skills.
The report, prepared by the Global Commission on Internet Governance, outlines a series of recommendations to policy makers, private industry, the technical community and other stakeholders on modalities for maintaining a ‘healthy Internet’. It tackles aspects such as: the promotion of a safe, open and secure Internet, human rights for digital citizens, the responsibilities of the private sector, safeguarding the stability and resiliency of the Internet’s core infrastructure, and improving multistakeholder Internet governance.
The report explored the connection between encryption and human rights, and argues that individuals should be able to encrypt their communications and personal data as an essential protection of their rights to privacy and freedom of expression.
Report on the implications of technological and economic convergence for the regulation of the digital ecosystem. The report focuses on six areas of regulatory policy: access regulation, barriers to entry and exit, privacy and data protection, merger review, spectrum management, and universal availability and access
This report examines the growth of social media platforms and the subsequent rapid surge in digital content shared online.
The report outlines several predictions for technology developments in 2016. It focuses on: 5G, big data, Internet of Things, the customerisation of software, and market convergence.
This report addresses internet freedom around the world and measures Internet freedom in different countries. Categories used are 'obstacles to access', 'limits on content', and 'violations of user rights'.
This report examines and documents evolutions and emerging opportunities and challenges in the digital economy. It provides a comprehensive overview of the digital economy, including matters of infrastructure, policy, net neutrality, development, privacy and security.
This report focuses on mobile Internet, its trends and growth, benefits, challenges and recommendations.
Report listing the requests received by Facebook from governments around the world and Facebook's approach to handling them.
This report develops five theoretical models to analyse the effects of taxation in the digital economy.
Mr William J Drake, International Fellow & Lecturer, Media Change & Innovation Division, IPMZ University of Zurich, introduced the session by explaining that the discussions will revolve around the pros and cons of digital policy issues in trade negotiations from a European standpoint, while trying to answer questions such as: Which digital policy issues should be dealt with under an international trade framework and which should not? Are negotiations on international trade agreements inclusive enough? What roles should European stakeholders play in such negotiations?
Mr Pearse O'Donohue, Acting Director for Future Networks DG CONNECT, European Commission, focused on the issue of the free flow of data. He started by saying that in the EU, there have been restrictions on data flows, but without meaningful discussions on why such restrictions are in place. There are also legal uncertainties at both the national and EU levels when it comes to cross-border data flows. The EU needs to address such issues internally first, and then move on to discussing the principles of data flows beyond EU borders. O'Donohue pointed out that, while there is a clear need to ensure data protection and data security, localisation and restrictions on data flows are not necessarily the answer. It is important for economic and social development worldwide that data can circulate freely across borders.
Ms Marilia Maciel, Digital Policy Senior Researcher, DiploFoundation, spoke about the importance of data flows in discussions on international trade agreements, but underlined that there are also other digital policy issues being increasingly raised in such discussions, such as intermediary liability, cryptography, and spam. She said that there is increasing pressure for the World Trade Organization (WTO) to make progress on e-commerce related issues, and that the topic will be addressed at the WTO Ministerial Conference, to be held in December 2017. WTO member states have elaborated non-papers tackling digital issues that could be included in future trade negotiations: taxation (whether the moratorium on the non-taxation of electronic transmissions should be made permanent), data flows, trade facilitation (paperless trade harmonisation), technology transfers, privacy, consumer protection, etc.
Mr Robert Kroplewski, Minister of Digital Affairs for Information Society, Poland, said that when it comes to digital trade and e-commerce, EU stakeholders should look not only at the digital single market within the EU, but also at the global economy. He noted that data is key to innovation, and, in order to explore this potential, states should create an environment of mutual trust when it comes to data flows.
Mr Konstantinos Komaitis, Director Policy Development, Internet Society, started by asking whether the Internet governance (IG) community is ready to contribute to the international discussions on trade. He said that IG issues such as intellectual property rights, data protection, and security come up more and more in trade agreements, and that the IG community needs to make sure it becomes part of the trade discussions. At a minimum, this would mean demanding transparency from international negotiation processeses, and finding a way to provide input into the discussions before decisions are made. Komaitis also pointed to the complexities of the on-going debate on the challenges of globalisation, and the emergence of protectionist policies, which bring challenges for the Internet and the digital ecosystem, as, by definition, the Internet is supportive of globalisation.
Ms Erika Mann, Senior European Policy Advisor, Covington & Burling LLP, addressed the question of whether the IG multistakeholder model can be infused into the trade environment. In her view, the model is flexible enough to deal with a complex environment such as international trade, and its applicability can and should be tested on specific trade-related issues, such as data flows. IG stakeholders should become partners in international trade discussions, but not try to cover or capture all topics.
Mr Wolfgang Kleinwachter, Professor Emeritus, University of Aarhus, pointed out that, although digital policy issues are interconnected and decisions taken in one field affect another (security issues for example, also affect human rights and trade), they are still addressed and negotiated in silos. Better communication needs to be created among the various communities to allow issues to be more transversally addressed. Kleinwachter also mentioned that the multilateral treaty system will never disappear, but it is embedded in an environment where all stakeholders have a say.
Discussions on the multistakeholder model continued during the interactive part of the session. It was said that multistakeholderism is seen as a helpful instrument to address certain issues, but the model is still in its early days. As there are not many concrete outcomes of the process, it remains to be seen how it will develop in the future. The one size fits all approach does not work, and each issue needs special, tailored solutions built around it. When it comes to trade agreements, governments probably still need a place to ‘sit alone’, but they also need to make sure that they consult other stakeholders and understand their views before entering the decision-making phase.
The President of Estonia, Ms Kertsi Kaljulaid, started the conference with welcoming remarks.She noted that we are all connected – by optical cables and computers – but mostly by our faith in human development and freedom. We believe in free and fair elections, the rule of law, an independent judiciary, and human rights and freedoms. In modern society, free Internet is fundamental as it affects culture, the economy, communications, governance systems, and international relations. Nonetheless, security should not be used to restrict the freedom of expression since security and freedom are not mutually exclusive, she emphasised. Securing online interactions is a precondition for enjoying Internet freedom. She gave the example of Estonia which balances between security and freedom through providing a network of public and private e-services based on a secure online identity. The country is also proud to be, as per Freedom House, the first in the world in Internet freedom.
Kaljulaid highlighted that today, much of the world’s commerce and communications pass through the Internet and hence the benefits of e-services outweigh the investment costs to create and maintain them. Estonia provides effective e-services that save 2% of the GDP. In this regard, she further referred to the World Bank 2016 report, which underscored that connectivity does not inevitably result in digital dividends. Digital technology transforms societies if supplemented by policies that support digital adoption.
Finally, she mentioned that Estonia will take EU presidency soon. Their presidency has a strong digital agenda that focuses on strengthening the single digital market, increasing solutions for cross-border e-services, and facilitating strategic discussion among member states as a cybersecurity strategy is expected in 2017.
The President of Lithuania, Ms Dalia Grybauskaite, commenced by noting that digital society is more competitive and democratic because it allows citizens to express their opinions. However, it remains a tool for European integration, and competitiveness depends on the political will to integrate. ‘A lot of people look to us because we should not only lead, but also help other countries. We have many events in this area and we hope that they do not only demonstrate our knowledge but also our willingness to introduce all areas of our life including digitisation and Internet’, she alluded. Europe is used to living in this environment, but it is also realistic about the threats entailed. Such risks should be challenged, not only through military exercises and deterrence, but through developing capacities and being innovative, competitive, integrated and knowledgeable. She finally said that she hoped that the Estonian presidency will take the lead on that.
The final remark was made by Ms Sandra Hoferichter, Secretary General, EuroDIG Association, who provided an overview of the history of the Internet policy dialogue in Europe. In 2008, EuroDIG was one of the first initiatives to discuss Internet governance after the establishment of the global IGF. What started as the idea of ten enthusiastic individuals in a café in Paris, four months later led to a meeting hosted by the Council of Europe, to discuss the potential of this dialogue. Now, there are more than twenty national and regional Internet governance initiatives across Europe, committed to the multistakeholder model.
In her talk, she noted that although many governments in Europe and around the world are committed to multistakeholderism, it is not considered to be the model of the future and forums like this are sometimes questioned vis-à-vis the impact they make. In many parts of the world, legislation is made without consultations with the relevant stakeholders. The digitisation in our life sometimes happens without an option to opt out. Yet, most users do not really see the need to be engaged in Internet governance. It is thus the aim of EuroDIG to raise awareness of the challenges ahead and to facilitate discussions, but not to finalise them. Over the past years, the discussions at EuroDIG focused on the European digital single market and industry 4.0. However, recent developments have shown that some people fear the digital revolution that goes along with the loss of their workplace and privacy. Therefore, ‘we are here looking at the digital future from a different angle, to discuss the promises and pitfalls’, Hoferichter concluded.
Opening the session, co-moderators Mr Dirk Krischenowski, dotBERLIN GmbH & Co. KG, and Ms Maarja Kirtsi, Estonian Internet Foundation/.ee, explained that the discussion will focus on issues related to innovation and competition on the domain name market, especially in the context of new generic top-level domains (gTLDs), launched by the Internet Corporation for Assigned Names and Numbers (ICANN) in 2014.
To kick-start the debates, Krischenowski gave an overview of a study conducted by ICANN on competition, consumer trust, and consumer choice in the domain name market. Some of the main findings of the study: new gTLDs contributed to the growth of the market; the sales channel integrated the new gTLDs quickly and lead to much greater consumer choice; many new registrar operators entered the market, especially in former under-developed markets; the number of registry operators increased by a factor of 60; typical TLDs are niche, targeted, and geographic TLDs. Overall, the New gTLD Program has lead to a dramatic increase in consumer choice, a modest increase in competition, and minimal impact on consumer trust.
Ms Elena Plexida, European Commission (EC), talked about the evaluation and revision process that the EC has launched with regard to the regulations for the .eu TLD. She explained that the .eu TLD was formally established by Regulation 733/2002, while EC Regulation 874/2004 set the rules for the registry and the .eu. The .eu TLD was delegated by ICANN in 2005. As the market has continuously changed, these regulations have become outdated, have generated administrative challenges and need a revision. Issues to be analysed during the evaluation process include: whether the .eu objectives have been achieved (to boost e-commerce and empower end-users to create a European digital identity), the legal separation between registry and registrars, whether the registry should be more active in other Internet governance areas (and how).
Mr Jörg Schweiger, DENIC e.G./.de outlined one issue of concern for the domain name industry: How to make sure that domains do not subsurface, in the sense that they exist from a technical point of view, but users are not really aware of them? The industry has been constantly looking for the ‘killer application’ to address this issue. He pointed out that one way to make domain names more attractive could be to build on the discussions about self-determination, sovereignty, and identity. The main objective of .de now is to retain as many domain names as possible, and that the direction the registry is growing in is not necessarily related to innovation per se, but rather to having a secure domain name space.
Ms Lianna Galstyan, Internet Society Armenia, said that the .am registry never had an objective to have a high number of domain name registrations, but rather, to give the community the possibility to register domain names under .am. The same rationale was also behind the launch of the Armenian Internationalised Domain Name (IDN).
Mr Ardi Jürgens, Zone Media OÜ, pointed out that domain names do not exist in a bubble; they are part of a system which includes resources and applications. A healthy growth in the demand for domain names could result in applications and people using domain names for creating value, either for them or society. In the search for a ‘killer application’, the industry should look at young people and try to find a way to create value for them within the domain name space. Compared to social media platforms, domain names have the main advantage of being under the control of the registrant, and this is something that the industry should try to communicate better.
Mr Andrea Beccalli, ICANN, discussed examples of innovation in the DNS, such as the new gTLDs, the introduction of IDN TLDs, and the DNS Security Extensions (DNSSEC). Even the community work on developing the rules and processes for the New gTLD Program can be seen as a form of innovation. Schweiger, however, argued that the new round of gTLDs does not necessarily means innovation, as it was simply presenting what was on the market already – TLDs. Moreover, most business models surrounding new gTLDs are similar to what had been on the market before their introduction, with only a few exceptions.
Security in the domain name space was mentioned during the discussions as an area that deserves more attention. There are troubling correlations between new gTLDs and ‘innovation in crime’, and there are service providers who have blocked all new gTLDs from their servers due to security concerns. Innovation on the security front should be a priority for new gTLDs. Privacy is also an issue that requires increased attention, as users are more and more demanding in this regard.
The risk of cybersquatting was also raised as an issue of concern for new gTLDs, with regard to the protection of trademarks. It was said that the current protection mechanisms (such as the sunrise period allowing trademark holders to register relevant domain names, and mechanisms for rights enforcement post domain name registration) are helpful, but not sufficient. Such issues are currently analysed within the ICANN framework.
At the end of the session, a point was raised – that it is not actually clear what is innovative in the domain name space, as TLDs have been in place for many years and they are basically the same ‘technology’ or ‘tool’ that they have been since the creation of the DNS.
The session was opened by Ambassador Young-moo Kim, Permanent Mission of the Republic of Korea. Kim called attention to the importance of privacy for fostering consumer trust. He provided an overview of the session, which would be divided into three parts: a) setting the stage: what are the main concerns with regards to data protection; b) cases: how data protection is being addressing in certain countries; c) new tools to protect data.
Ms Cécile Barayre, Economic Affairs Officer, ICT Analysis Section, UNCTAD, highlighted elements of a study published by UNCTAD on data protection regulations and international data flows. New technological developments, such as the Internet of Things (IoT) and the growth of e-commerce, make the discussion of privacy urgent. Harmonisation of regulation is necessary and laws on data protection and cybercrime are complementary. According to the study, 67% of countries have laws on cybercrime and 58% on data protection. However, there is global disparity and Africa still lags behind when it comes to regulation.
The lack of legal compatibility is also an issue to be tackled. There is no one global regime, but there are regional regimes that could facilitate harmonisation. Convention 108 from the Council Europe, which is open for signatures of non-European countries, constitutes a good base for co-operation.
Prof. Ian Walden, Queen Mary University of London, highlighted that although privacy and data protection are similar, they are not the same. What distinguishes data protection is the regulatory nature of the law, and this is different from privacy, which is usually a principle in the constitution. Data protection is about creating a regulatory framework. Moreover, for data protection to exist as a regime, it is necessary to create a regulatory authority, independent from governments, and with sufficient resources. This creates problems for developing countries that may have financial and technical constraints to create such an organisation. Walden also remarked that data protection can, in some situations, also be a barrier to trade – in the WTO regime, member countries can constrain the flow of cross-border data for data protection reasons.
Mr Kibyoung Kim, Director of the Global e-government division, Ministry of the Interior of the Republic of Korea, explained the status of regulation in his country. He also discussed methods to utilise the data while guaranteeing the protection of personal data. An analysis to assess the adequacy of de-identification could be put into place in order to check whether the data has been successfully de-identified and could not be re-identified.
Mr Oliver Hateley, Senior Adviser, EMOTA, explained that the current EU data protection framework consists of two instruments: the Data Protection Directive from 1995, and the ePrivacy Directive that focuses on e-communications and markets. The Data Protection Directive aims to safeguard personal data while guaranteeing the free flow of data among member states. It establishes criteria for issues such as consent, state of purpose (data should be collected with a clear purpose and should not be used for different purposes), and the right of the individual to access and correct personal information.
This data protection instrument was adopted as a directive, not a regulation. Directives set goals and leave member countries to implement these goals according to their national systems. This has led to inconsistencies that have impacted the trust and confidence of individuals. Moreover, there was no real enforcement mechanism for international processing.
Hateley provided some advice for developing countries discussing their nationals laws: a) avoid a prohibition model. Data is the currency of data economy; b) avoid a prescriptive approach. It is better to adopt principles because data and technology evolve too fast; c) ensure there is no regional fragmentation.
Mr David Satola, Lead ICT Counsel, World Bank, mentioned that there are very robust principles on data protection that still form the base of good practices and the development of national laws, such as the OECD and CoE principles. He presented the Cybercrime Toolkit Assessment, focusing on the section of safeguards about data protection and the right to communication.
Prof. Fen Osler Hampson, Carleton University, Distinguished Fellow and Director of Global Security and Politics at the Centre for International Governance Innovation, finished the discussion by reminding the audience that data protection is not only important from a human rights standpoint, but it is also good for business. Successive data breaches lead to a loss of trust. This is an issue that should tackled by governments and companies together.
The European Broadcasting Union (EBU) Big Data Conference brought together heads of digital, marketing, communications and legal departments alongside technologists and academics to share best practices for big data media strategies, with a focus on public service media (PSM).
The conference was opened by Ms Ingrid Deltenre, Director General of the EBU, who stressed the importance of big data as a ‘game changer’, as it allows for an improved understanding of the audience. As such, big data is not an aim in itself, but a tool to better engage with audiences. Mr Guillaume Klossa, Director of Public Affairs & Communications at the EBU, further elaborated on the importance of collaboration to break the silos between media, communications, legal, public affairs, technologists, and other experts and to ‘create conditions for EBU’s members to embrace big data as rapidly as possible’.
The first panel discussed the creation of trust and the importance of ethics, laws, and human rights. Ms Lokke Moerel, Senior of Counsel at Morrison & Foerster LLP, explained that ethics rules need to be respected in order to achieve social acceptation of the use of big data. This includes not only an adherence to laws, but also to underlying ethics and social conventions, including principles of non-instrumentalisation, non-discrimination, equity, and consent. Ideally, these conventions need to be analysed prior to implementation, as privacy or ethics-by-design, as they will not be automatically rectified through an ‘invisible hand’: everybody is violating the rules in order to keep up with the competition. Prof. Alessandro Mantelero, Politecnico di Torino, echoed Moerel’s comprehensive approach and pleaded for preventive policies to address and mitigate potential privacy, ethical, and social impacts. These impact assessments should be based on human rights charters and community values, but tailored to the specific context in which the data is used.
Mr Joseph Cannataci, UN Special Rapporteur on the Right to Privacy, looked deeper into the concept of privacy and argued for a ‘very very very’ critical approach to big data. Privacy needs to be understood both as the protection of personal data, but also as an enabler to the free development of personality and to other human rights, including freedom of expression. After elucidating several international legal challenges, he claimed that ‘In an Internet without borders, we need safeguards without borders and remedies across borders’. According to Mr Joe McNamee, Executive Director of European Digital Rights, privacy challenges are primarily related to a ‘broken market’ in which ‘consequences don’t matter’ and incentives for transparency and accountability are lacking. The launch of the EU’s General Data Protection Regulation (GDPR) is an opportunity to move away from a ‘race to the bottom’ and ‘move the balance back towards the trust and reliability we expect’. Finally, Mr Pierre-Nicolas Schwab, Big Data/CRM Manager at the RTBF, shared their experience of privacy protection, addressing three problems: over-personalisation, the absence of alternative viewpoints, and threats to privacy. To mitigate these challenges, education is key, and should focus on empowering users to control their data, to build knowledge on personalisation, and to open the black boxes and ‘show’ algorithms.
During the Q&A that followed, the speakers argued for a more inclusive approach to the challenge of trust-building. Cannataci stressed the importance of moving beyond transparency on algorithms (which will only be understood by less than 1% of the population), towards a total societal impact assessment. Mantelero underlined the need to be open to discussion and ask advice from experts from different fields, including anthropology, to establish trust. Schwab agreed that data scientists should not be left alone, and that there is a continued need for sociological models.
Personalisation and recommendation systems: Delivering quality
This panel, moderated by Mr Alberto Messina, R&D coordinator RAI Centre for Research and Technological Innovation, discussed the opportunities of recommendation and personalisation systems, as well as the risks of filter bubbles that could arise from them. First, Mr Andrew Scott, Launch Director myBBC, shared experiences on the balance between automation and smart curation. While the former is entirely algorithmic, the latter requires human capabilities and allows for the provision of ‘breadth’, linking users to content they do not necessarily expect. Mr Mika Rahkonen, Head of Development, News and Current Affairs at Yle, debunked five misconceptions about news personalisation and filter bubbles:
While these misconceptions might be giving rise to a false understanding of challenges, Mr Michael de Lucia, Head of Digital Innovation at RTS, provided three examples of key challenges related to the data-driven era: infobesity, competition with Internet giants, and algorithms and artificial intelligence, which might result in the PSM's inability to stand out. These challenges can be mitigated by adapting a more global and co-operative approach, and continuously learn and share experiences.
The discussion that followed reiterated that personalisation and smart curation ultimately aim at understanding the user and providing content in a better way. There is enough quality content, but the question relates to ‘getting the right content to the right people at the right time through the right devices’. Although it is difficult to compete with the ‘infobesity’ on the web, by adopting trust, transparency, and the right tone of voice, PSM can make a difference and avoid that ‘a lot of good content goes to waste’.
Algorithms and online platforms: Limitations and opportunities
Mr Robert Amlung, Head of Digital Strategy at ZDF, moderated the discussion, which aimed at sharing experiences to find out how the combination of platforms and algorithms can make sure that great content is easily found by users. According to Mr Michael Hlobil, Data Insights COE Solution Architect at Microsoft, the most important thing in this effort is to ‘document what you do’ and to have a diverse team of experts involved. Furthermore, data quality is crucial: ‘if you put shitty input, you get shitty output’. Mr Michael Paustian, Creative Director of Axel Springer, elaborated on the importance of human involvement: ‘an algorithm itself is just a set of instructions’, the process of getting there is scientific and can be understood as a dialogue with the problem. Yet Mr Rigo Wenning, Legal Counsel at W3C, wondered whether we have ‘the right instructions’? There are many ‘dumb algorithms’ that ‘make people naked’. Furthermore, challenges remain regarding the re-centralisation of the web and the power of its gatekeepers, which continuously change the rules. This problem was also emphasised by Mr Sylvain Lapoix, freelance data journalist, who explained that Internet platforms have become Internet service providers, leaving the PSM vulnerable and dependent.
Data Journalism: New possibilities for investigation, collaboration and ubiquity
This discussion focused on the utility of big data for journalism and reporting, and was moderated by Mr Laurens Cerulus, Reporter at Politico Europe. Mr Mirko Lorenz, Information Architect at Deutsche Welle, states that although individual media outlets might be small, ‘collectively we’re really big’ and can compete. There is a need to push back against fake news and invest in stories with data narratives and to think about the future of content for future generations. Zooming in on the value of data journalism, Mr Neal Rothleder, CTO of ORBmedia, explained how data brings new perspectives by seeing large pieces of the world all-together, by grasping how things are changing over time, and by providing new views on complex situations.
Although data journalism has many promises, it might not be easy to get it right at once. Mr Jan Lukas Strozyk, Journalist at NDR, added 5 lessons from his experience in data journalism:
Once data-driven stories are created, they need to be visible, and Mr Roland Schatz, CEO of Media Tenor International, spoke about the importance of knowing the audience that is to be attracted. Furthermore, they do not necessarily have to be time and resource-consuming if they are produced through partnerships with organisations that already collect extensive amounts of data, and with researchers and academics who can assist in the data analysis.
The following Q&A addressed the importance of building partnerships and collaborating with other sectors, the need for the organisation as a whole to be more data-aware (train people in Excel!), as well as bridging the gap between the data scientists and editorial teams: the former might lack the knowledge on how to build the narrative, while the latter might not know what is possible with the data. This requires a cultural shift in organisation.
The path towards a data company
This round-table focused on the new mindsets, technologies, tools, and strategies needed for the creation of a data company, and was moderated by Mr Aleksi Rossi, Head of Interfaces at Yle. Mr Ignacio Gomez, Director of Analytics and Future Media at RTVE, started by explaining the need to connect ‘tv people’ with data teams, as they are two halves of a brain that does not work in sync yet. Mr Sanjeevan Bala, Head of Data Planning and Analytics at Channel 4, added that there is a need for senior buy-in, as data should be in every part of the business. Within the business, there is a need for co-operation across different teams. Furthermore, recruiting from outside the broadcasting sector might help, as it allows for learning from other practices. These insights were echoed by Mr Dieter Boen, Manager of Research and Innovation at VRT, as the panel concluded that collaboration is key: identify shared interests with others and seize opportunities to collaborate: ‘better together!’.
The second day of the conference on Big Data Conference: Serving Citizens, on 22 March 2017 at the EBU Headquarters in Geneva, started with welcome remarks by Mr Guillaume Klossa, Director of Public Affairs and Communications at EBU, who reaffirmed the conference’s purpose: developing strategies and implementing recommendation systems aiming at fostering citizens’ trust in data.
The first panel, ‘How Can Big Data Help Public Service Media Better Serve Citizens?’, explored the possibility for Public Service Media Companies (PSMC) to better accommodate citizens’ demand and use of digital content. Mr Gilles Marchand, General Director of Télévision Suisse Romande (TSR) and Radio Télévision Suisse (RTS), first considered that competition in this sector is increasing considerably.
He stressed the importance of optimising the current co-operative processes among different PSMCs. In particular, he suggested a threefold approach, based on intelligence (optimisation of the distribution of all content), community (involvement of the public through the use of smart data), and journalism (smart data can optimise the user-on-user content and consequently increase public trust).
The second speaker, Dr Mirko Schäfer, Leader of the Utrecht Data School, discussed the positive use of datification as a potential means of fostering a European public sphere. He considered that online active participation is closely linked to civic action. Moreover, recalling the need for strategy expressed during the previous day, he reaffirmed that big data should be approached from a top-down perspective (that is, at the top decision-making levels) rather that with a bottom-up approach.
The second panel, Audience Measurement: Evolution or Revolution?, included three main speakers moderated by Mr Kristian Tolonen, Head of the Audience Research Department at Norwegian National Broadcasting (NRK), who opened the discussion by illustrating the importance of big data for audience measurement. In particular, he considered that the use of big data is beneficial on four dimensions: the target (the profile of the audience), the source (shifting from a one-source measurement system to hybrid solutions), the time (optimising the time required through measurement), and the level of the discussion (the depth of the information collected).
Mr Emil Pawłowski, Chief Science Officer at Gemius, further considered whether the big changes that have modified consumption patterns in the past decades should push for a re-evaluation of the existing measurement techniques. Currently, accurate measurement is impaired by economic reasons - conducting research on a small panel is expensive - and by a fragmentation of data caused by the existence of multiple browsers. He affirmed that the ultimate goal of audience measurement will be multimedia research, that is, a measurement system that would encompass simultaneously all the media used by the consumer (Internet, television, radio, press) rather than analysing such media separately.
Mr Nick Johnson, Solutions Architect at Ireland’s National Television and Radio Broadcaster (RTE), centred his speech on the challenges faced when measuring the performance of RTE programs across all its platforms. Consumption patterns have changed over the past years because they are technologically driven by the Internet and smart devices; hence he explained the difficulty for RTE to assess the total value of its assets and to measure it efficiently.
Lastly, Dr Uffe Høy Svenningsen, Audience Researcher at Danmarks Radio (DR), illustrated the new TV-audience measurement system launched in Denmark on 1 January 2017. This innovative approach is based on four main sources: a basic panel, a digital panel, a web profile panel, and census data. The information coming from all these sources is combined and calibrated to produce a more accurate measurement. Despite the fact that such system allows for a better measurement of overall consumption, there are still challenges regarding the calibration of the information obtained (e.g. regarding determined on-demand programmes) and the actual mapping of all the content consumed by the viewer.
The event continued with two Toolbox sections, which offered speakers a space to deliver hands-on experience illustrating specific case studies.
The first, on Privacy Policies, was moderated by Mr Pierre-Nicolas Schwab, Big Data/CRM Manager at Radio Télévision Belge de la Communauté Française (RTBF), who recalled the crucial role of education and consumers’ trust. He illustrated the four-step approach taken at RTBF based on a confidentiality charter, a single-sing-on platform, a recommendation system (sensitive to ethical concerns, marginalised groups, gender equality), and an educational programme to Artificial Intelligence (AI).
Ms Lucy Campbell, Marketing Director TV & Digital at RTE, presented RTE’s single-sign-on platform: myRTE. Digitalisation services are raising consumers’ expectations, and the proliferation of actors providing media content is making this sector very competitive. For these reasons, RTE has inaugurated a consumer experience strategy aimed at achieving a better understanding of the audience by providing personalised services and thus better experiences.
Mr Peter Farrell, Head of Legal BBC Workplace and Information Rights, complemented Ms Campbell’s speech on the necessity of rendering digital content more personal and relevant. He presented the myBBC single-sign-on platform and stressed the importance of building consumers’ trust towards the platform through clear and transparent privacy policies.
The second toolbox, on The Innersource Approach to Personalisation, focused on the Personalisation for EACH (PEACH) technology system. Mr Michael de Lucia, Head of Digital Innovation at RTS, reminded the audience that such system aims to deliver personalized media recommendations to audiences which are increasingly accessing content on demand, through a variety of devices and platforms. As Anselm Eickhoff, Software Architect at Bavarian Broadcasting (BR) further explained, PEACH system aspires to deliver ‘the right content, at the right time, to the right person, on the right device’.
Furthermore, Mr Michael Barroco, Head of Software Engineering at EBU, illustrated the organisational structure of the projects. PEACH is a cross-organisational system developed by the EBU, featuring two main stakeholders: BR and RTS. More specifically the team is composed of developers as well as data scientists functioning collaboratively as single Scrum team across organisations and borders.
The event concluded with a presentation of Project Kelvin by Mr Bram Tullemans, Project Manager at EBU. This project aims at using real-time data collected from video players in order to produce information that can optimise the distribution flow of content. The ultimate goal is to identify the content-delivery method that performs best.
The Next Generation gTLD Registration Directory Service (RDS) to Replace WHOIS Policy Development Process Working Group was established with the aim to provide the Generic Names Supporting Organization (GNSO) Council with policy recommendations regarding two main questions:
’What are the fundamental requirements for gTLD registration data? Is a new policy framework and next-generation RDS needed to address these requirements?’
The agenda of the session was qualified as ‘unique’, as it aimed to present 19 questions that were developed for Cannataci. It was underlined that questions were developed with the aim to understand more the importance of data protection and privacy requirements in the context of the domain name system.
Cannataci addressed the following questions raised by the chair, in more depth: ‘What do you mean when you say ICANN to specify the purpose of domain name? What criteria should be used to determine the legitimate purposes? What is the difference between primary and secondary purposes?’
It was stated by Cannataci that ICANN needs to consider sustainability. He invited ICANN to look into setting up a transversal group which deals with privacy and other human rights, such as freedom of expression. The group would be open to others to join the discussion, and would help ‘bounce off’ important questions. He emphasised that ‘the purpose of collecting data remains the key’. It is important that the collection of ‘specific personal data’ is one in line with a specific purpose, which can never be a general one: “Jurisprudence does not say ‘Just in case I need it’.”
Addressing the question of primary and secondary purpose for data collection, he stated that it is not up to the regulators to define secondary purpose, and that this needs to be carefully stipulated by the data controller when he/she defines the goal of looking for data. ‘When you talk about the secondary purpose, please be specific and don’t expect or let regulator do it., Cannataci said.
Another question was raised in relation to the Article 6.1. b) of the EU Data Protection Directive which provides that personal data may only be collected for specified, explicitly and legitimate purpose and not further processed in a way incompatible with those purposes, specified in Article 7 of the Directive.
‘Under what circumstances might the publication of domain name registration data elements that are personal be allowable?’ Cannataci addressed the question stating that ‘we need to start from knowing whyat all we want to publish anything. If you what to publish personal data, then there must be a reason for it. What is the public interest for publishing the information? Is it transparency, for example?”
He continued by stating that once data is easily associated with an identified or identifiable individual, then it becomes personal data. , such as in the case of domain name, it becomes a personal information. If data related to a domain nameis linked to someone who is identifiable, then it becomes a personal data.He concluded by saying that the question ‘What is the purpose of publishing (personal) data?’ should be the main question.
As the time allocated for the session ended, it was said that the 19 questions would be further fine-tuned, and, once answers are collected, the could be published on the group’s webpage, if the members find that useful.
The public forum is a platform where the community can pose the ICANN Board members questions, either in person or remotely. Two such fora were organised during ICANN58.
Topics which dominated the public fora include: ICANN's jurisdiction, the next round of applications for generic top-level domains (gTLDs), delays in the process of reviewing the 2012 round of new gTLDs, diversity, ICANN's engagement, transparency, data security and privacy, and the ICANN Board's priorities.
In regards to ICANN's jurisdiction, Mr Steve Crocker, Chair of the ICANN Board, confirmed that ICANN would remain based in the USA and that the sub-group working on ICANN's jurisdiction (in the framework of Work Stream 2 of the Cross Community Working Group on ICANN Accountability – CCWG-Accountability) would be discussing ways to handle issues, should they arise in the future.
Language diversity was highlighted by several community members, and it was suggested that there should be interpretation services at the meetings in the local host language. ICANN community members were encouraged to join the CCWG Accountability sub-group on diversity, to enhance the discussions.
Issues such as the ICANN's engagement, particularly in underserved regions, such as small islands, and the broadening of participation, especially of the next generation, were raised by several participants. The importance of measuring the engagement of participants in ICANN, especially in the subsequent meetings, was highlighted by one community member. Responding to a question on ICANN's initiatives to increase the engagement of the next generation, Mr Ram Mohan, ICANN Board member, shared examples of a hackathon event (Hack2Build) that took place during ICANN57, while Ms Rinalia Abdul Rahim, ICANN Board member, explained how the DotAsia pilot lead to the formation of the NextGen programme. On the question of how to increase engagement in underserved areas and strengthen ICANN's long term engagement plans, Mr Göran Marby, ICANN President and CEO, said that ICANN would base their plans for improving regional support on what they learn. Creating greater awareness and the continued engagement of ICANN was emphasised by participants.
On the issue of privacy and security of data, the need for stricter rules concerning the handling of private data in the context of Whois services was one of the issues raised byparticipants. Ms Becky Burr, ICANN Board member, said that while there is an ongoing discussion on the way in which Whois data is made available and its legitimate use, personal data, including Whois data, can only be processed for legitimate purposes.
ICANN’s continued engagement with Data Protection Authorities (DPAs), and the setting up a data protection or privacy officer, especially to comply with the European data protection regulations, were some of the recommendations made by participants during the public fora. Burr said that the engagements with DPAs would continue and that while ICANN is going through the compliance check-list, the ICANN community is also actively looking at the developments.
A lack of clarity with regard to the next round of gTLDs was addressed by several community members. However, no timeline for the next round of gTLDs was shared by the Board members. On issues related to specific marketing and awareness raising activities in relation to a subsequent round of gTLDs, Mr Akram Atallah, Director of the Global Domains Division at ICANN, said that such activities would be undertaken if the community so decides.
In response to the dissatisfaction that was expressed by some with regard to a Board resolution allowing the registration of two character codes as second level domain names in the new gTLDs, Crocker stated that the matter continues to be under discussion, due to its sensitive and contentious nature. Furthermore, Mr Thomas Schneider, Chair of the Governmental Advisory Committee (GAC) noted that the issue has been of great concern for a large number of GAC members, and that these governments hope they can work together with new gTLD registries and try to find a solution acceptable to all parties.
Addressing the concerns raised about possible unfair competition arising between registrars in Europe and other regions owing to ICANN's plan to designate one domain name data escrow provider at subsidy, Atallah said that after this initiative is implemented in Europe, other regions would be considered as well.
On the questions regarding status and delay of the independent review related to the Community Priority Evaluation (CPE) and the independent review process, the Board commented that the review process was ongoing and that they will be able to respond based on the outcome of the review.
Two participants raised questions regarding the complaint mechanism process at ICANN. Marby stated that going forward, complaints would be managed by a complaints officer. Mr John Jeffrey, General Counsel, elaborated on the role of the complaints officer and the ombudsman, and said that the process of filing a complaint has yet to be decided on.
On the question related to the priorities of the Board for this year, Mr Cherine Chalaby, ICANN Board member, explained that the Board would be working on three 'clusters'. These include various priorities, among which: improving the Board relationship with the community, with points such as transparency of the Board, increased engagement, increased diversity, and efficient use of volunteers; improving the efficiency and effectiveness of the Board; improving financial stability; enhance the effectiveness of review processes; supporting the ICANN CEO through the creation of an environment where the CEO succeeds; progressing on community public policy issues; progressing on technical issues; and supporting the Nominating Committee (NomCom).
Questions were raised related to transparency in ICANN's selection process of the location for ICANN meetings, the existence of closed sessions, and the expenditure report on travel support to community members to attend various meetings. There was also a request for staff to ensure appropriate planning for the ICANN59 joint session between the GAC, the Generic Names Supporting Organization (GNSO) and the Country Code Names Supporting Organization (ccNSO), on geographic names (i.e. avoiding conflicts with other important sessions). It was observed that there were no sessions on the Public Technical Identifiers during ICANN58.
The involvement of Board members in Policy Development Processes (PDP) was also raised, and it was clarified that, while there is no rule prohibiting Board members to participate in such processes, this has not traditionally been done. The Board was also asked whether it is aware of the various upcoming Internet governance events and activities, and Mr Markus Kummer, ICANN Board Member, confirmed the Board's awareness by talking about their working group on Internet governance. Apart from ICANN taking part in various events, he reaffirmed ICANN's continued support of the Internet Governance Forum (IGF), including regional and national IGFs.
Finally, ICANN was applauded for its statement about US Executive Order 13769, titled Protecting the Nation from Foreign Terrorist Entry into the United States, its fellowship programme, and the criteria being developed for choosing arbitrators for the Independent Review Panel.
The eleventh Symposium of the Future Networked Car took place on 9 March 2017, during the 87th edition of the Geneva International Motor Show. The Symposium was jointly organised by the International Telecommunication Union (ITU) and the United Nations Economic Commission for Europe (UNECE). The main objective of the event was to offer a platform for a fruitful discussion among different stakeholders – vehicle manufacturers, governments and Information and Communications Technology (ICT) industries – on the future of vehicle communication and automated driving.
The session started with opening remarks from Mr Malcolm Johnson, Vice Secretary-General at the ITU, who stressed the importance of bringing together multiple stakeholders in order to foster technological innovation. In particular, he underlined the crucial role of the ITU as a UN-mandated agency that has successfully brought together and facilitated the convergence between two communities: industry and ICT sectors. The Symposium has seen growing participation in the last years, and has attracted more than 170 participants in 2017.
Ms Eva Molnar, Director of the Sustainable Transport Division of UNECE, joined Mr Johnson in stressing the importance of co-operation, not only between different industry sectors, but also between different agencies – as is the case with the ITU and UNECE. In particular, her speech approached vehicle automation from a regulatory perspective: she reasoned on the relevance of the existing legal conventions vis-à-vis the latest technological changes and pushed for the development of harmonised regulations.
The event comprised five thematic panels, each discussing a specific aspect of vehicle automation.
The Executive Roundtable reflected on the advantages and challenges that automatic driving will bring to individuals and societies once such technology is spread on a larger scale. All speakers talked about the necessity of harmonising the standards regulating such technology among different countries.
In particular, Mr Anders Eugensson, Director of the Governmental Affairs Department at Volvo Car Group, analysed the benefits of automated driving for individuals in terms of costs, liability and accuracy of data. With the development of such technology, customers would purchase automated driving packages that would cost less than a car. Moreover, he considered that cars will operate autonomously, and, in case of accidents, the responsibility would not rely directly on customers. Finally, thanks to cloud connectivity technology, the data available to the car system will be more accurate.
The Second Panel reflected on the benefits of fifth generation mobile networks or wireless systems (5G) for the development of automated driving. The speakers agreed on the crucial role of 5G technology for automated vehicles, especially in terms of connectivity and communication among units. Mr Peter Vermaat, Chair of the Connected Vehicle Working Group at the Wireless World Research Forum, considered that as opposed to a cloud computing type of connectivity (i.e. storing and accessing data over the Internet), Peer-to-Peer (P2P) computing (interconnected communication among peers, i.e. automated vehicles) allows for increased safety and improved efficiency of communication, and reduces the need for infrastructures.
The Third Panel discussed how Artificial Intelligence (AI) will change current transport systems. All the speakers built their discussions on the benefits of automated driving discussed by the previous panellists. Furthermore, they focused mainly on the possible risks to individuals from the deployment of AI. They assessed such risks in terms of security (protection from cyber-attacks), personal data protection (privacy concerns) and social economic externalities (loss of jobs in the car industry or transportation sectors).
The Fourth Panel focused on the relationship between connected vehicles and automated driving. The panellists discussed the co-dependency of connectivity and automated driving: having accurate communication systems among vehicles is crucial for the development of automated driving systems on a larger scale. David Holecek, Director of the Connected Products and Services Division at Volvo Car Group, concluded that connectivity, autonomous driving and AI are the cornerstones that will develop the concept of fully autonomous cars rather than autonomous driving in the future.
The Fifth Panel concluded the session by focusing on the cybersecurity threats to automotive systems. The speakers discussed the consequences that connectivity has in terms of individuals’ security in particular. Based on an interconnected system, automated vehicles operate in a constantly-hostile environment, susceptible to hackers’ attacks, resulting in financial cyber ransom, car theft and loss of control over the vehicle.
The session, organised by the International Telecommunication Union (ITU) was moderated by Mr Alex Wong, Head of Global Challenge Partnerships at the World Economic Forum (WEF). Developing countries were at the centre of the discussion alongside the important gender gap underlined by Wong, considering the decreasing number of women connected to the Internet despite technology advances. The importance of involving stakeholders from the private and the public sectors in order to fill the gaps between countries and between men and women in the use of the Internet was repeatedly taken up by the panellists.
Mr Bocar Ba, CEO at the SAMENA Telecommunications Council, focused on the challenges, approaches, and opportunities to take into account in collaborations between the private sector and civil society. In his opinion, access to the Internet must become a basic human right, not only a basic human need. As regards the challenges, he considered the infrastructure a major obstacle to connecting people around the world because operators face extremely expensive fees when developing connectivity in developing countries. He underlined the need to make the Internet affordable; this can be improved if the private and public sectors work together. Concerning opportunities, he said that we are heading towards a digital economy that needs to better include the population and create new partnerships. Finally, regarding approaches, he noted that we already have the solutions on the table but that there is a need to increase collaboration to reach a common objective and to encourage cross-sector cooperation including between the education and health sectors.
The second panellist, Mr Michael Kende, Senior Fellow at the Internet Society, noted that trust in the use of the Internet is a major challenge, not only for developing countries but also for developed ones. He stated that there is a need to focus on and create a digital economy rather than just focusing on Internet access. He said that an important effort has been made in the last ten years regarding infrastructure and that the new challenge is to get more people and businesses online so they also benefit from the digital economy.
In the second part of his speech, Kende mentioned the Global Internet Report 2016, released by the Internet Society, which focuses on trust in the Internet and on data breaches. As mentioned in the report, he underlined the concern that with these breaches, there will be less trust in the use of the Internet, especially regarding sensitive information which is also a risk for companies’ reputation, particularly those that have been hacked. However, Kende stressed that companies also have strong protection via their terms and conditions which give them zero liability in the case of a breach. Therefore, as users are still the most vulnerable in these situations, he believes that there is a need for people to trust the system in order to build a strong ecosystem.
Ms Vanessa Erogbogbo, Head of the Empowering Women to Trade Programme at the International Trade Centre (ITC) stressed the importance of women in the digital economy. According to Erogbogbo, despite the growing presence of small companies on the Internet, women are still under represented. Thus, the ITC has taken several actions to unlock markets for women-owned small and medium enterprises (SMEs) under the She Trades initiative. The main aim of this initiative is to make women entrepreneurs visible to the international economy to increase visibility and networking. As part of this initiative, an Internet platform has been developed to help women secure government contracts, strike business deals, access markets, unlock financial services, and to grant ownership rights. Erogbogbo also underlined that the active role of women on the Internet is not only a concern for developing countries but also for developed ones. According to ITC data, only 6% of mobile application developers are women and in 2016, there were 257 million fewer women online, compared to 2015, which accentuates the growing gap in connectivity between men and women.
The final speaker, Ms Esperanza Magpantay, Senior Statistician at the ICT Data and Statistics Division at the ITU, regretted that there is still a large of number of developing countries which do not collect statistics on connectivity. She added that these statistics are also important for policymakers and investors to see which measures must be put in place. Magpantay focused on the results provided by the Measuring the Information Society Report 2016 which shows a steep rise in mobile cellular subscriptions and mobile broadband subscriptions and that mobile broadband networks reach 84% of global population and 67% of rural population. The report also stressed, as she mentioned, that there is a significant digital divide between developing and developed countries. Moreover, the report gives an ICT Development Index which emphasises a strong association between economic and ICT developments. The report gives several indications about the evolution of mobile cellular prices and broadband prices but it also shows several gaps between men and women or for people living in rural areas who are less likely to own or use a mobile phone than those living in urban areas. Other important points also emerge from the report according to Magpantay. The benefits of the Internet are still unavailable to over half the world’s population. Most people who have access to Internet services do not actually use them. It also shows that the full potential of the Internet remains untapped, especially for low-income and less educated users. In addition, access to the Internet as such is not enough; skills are needed to take full advantage of what it offers.
The discussion ended with a Q&A which pointed out the importance of cultural and political obstacles faced by women across the world regarding the use of the Internet. Erogbogbo added that the legal barrier is also an important element considering that gender inequality is in some cases written into law. The panel agreed on the fact that more collaboration between the different stakeholders is needed, not only in developing countries but also in developed ones.
The Internet Legislation Atlas identifies the main legal instruments in relation to Internet rights in the following seven countries: Egypt, Iran, Iraq, Jordan, Lebanon, Syria, and Tunisia. The atlas also provides an indication of how human rights are protected, or neglected in the Internet environment in those countries.
The handbook, structured around 10 major challenges in big data security and privacy, gives an overview of best practices that should be followed by big data service providers to fortify their infrastructures. Each of the 100 best practices presented, an explanation is given on why the practice should be followed and how it can be implemented.
The letter invited governments to reject laws, policies, or other mandates or practices that limit access to or undermine encryption and other secure communication tools and technologies.
This webpage outlines the limitations on the type of content and behaviour allowed by Twitter.
The document is aimed to be used as a self-regulatory harmonising tool which offers a structured way to communiucate the level of personal data protection offered by a cloud service provider to its customers. It is based on EU personal data protection mandatory legal requirements.
Continuing a trend to keep human rights at the forefront, a main session at the IGF 2016 was dedicated to the topic (Human Rights: Broadening the Conversation). This demonstrates that the IGF has matured to a point where human rights (Dynamic Coalition on Internet Rights and Principles) are now accepted as an underlying unifying force (Mapping Digital Rights in the Middle East and North Africa: A New Visual Tool for Comparative Analysis).
The broader implications that the right to privacy (Surveillance and International Human Rights Law - WS267) and data protection (Is Personal Data ‘Mine’ or There to be ‘Mined’? - WS114) have for the Internet and society were discussed in the context of global balance, with overarching links to states’ governance models. These topics are being increasingly merged with issues of security (a right in itself), jurisdiction, and other complexities. The interconnections between privacy, on one side, and access and net neutrality issues, on the other side, were also discussed (Dynamic Coalition on Net Neutrality).
Privacy and data protection in the online space was discussed from various perspectives. Internet Governance, Security, Privacy and the Ethical Dimension of ICTs in 2030 (session 150) looked at issues related to online privacy in different contexts: the evolution of Internet of Things technologies, state surveillance programmes, and cybersecurity.
In session 169 on Internet Fragmentation one interesting scenario was exposed: one in which governments had one IP address fixed for each citizen, and used it as a passport. In this scenario, the individual would have to renew their passport every year. The government would know exactly which content they had accessed and could deny renewal.
At this year’s IGF, the discussion on privacy and data protection revisited a typical dilemma: How do we ensure both privacy and security or - at least - strike a right balance between two?
This ‘balancing question’ was echoed in many discussions. In the debate on encryption (WS 141 on Law Enforcement in a World of Pervasive Encryption, and WS 53 on The Politics of Encryption), human rights and security communities presented two different views. Human rights activists argued for pervasive encryption aimed at protecting privacy, while security officials believe that strong encryption hinders investigations and poses a problem to gathering data and preventing crime and terrorism.
In the debate between Privacy and Transparency (WS 124), it was argued that the treatment of personal data needs to be transparent, with transparency being also closely associated with accountability. Yet, a recently negotiated trade agreement, which will impact users’ privacy,was not negotiated in such a transparent way.
In discussing these dichotomies, a few new proposals and ideas emerged. For example, in Implementing Core Principles in the Digital Age (WS 114), the two UN Special Rapporteurs on freedom of expression and on privacy argued that both rights could be protected in an integrated way, where encryption and transparency of policy should play an important role. The link between privacy, freedom of expression, and anonymity was discussed in depth in Special Rapporteur David Kaye’s report on the promotion and protection of the right to freedom of opinion and expression (May 2015).
Another question was whether privacy should be protected on a national or international level. The prevailing view is that it needs to be afforded international protection. In the same workshop, Special Rapporteur Joseph Cannataci said that people needed ‘safeguards without borders’ and ‘remedies across borders’, neither of which he believe is possible at the moment. He also referred to the ‘further development of international law’ during the Open Forum on the Right to Privacy in the Digital Age, a view which was picked up by a Brazilian Foreign Ministry official: the right to privacy is already enshrined in international law through the International Covenant on Civil and Political Rights, which has been ratified by 168 countries. His comment: ‘And we might ask ourselves what about the remaining countries? Well, all remaining countries recognise the universal Human Rights, which also [include] the right to privacy. So we have the norm. We have a foundation. A basis to work on.’