Technical standards

Updates

The International Organization for Standardization (ISO) published an Internet of Things (loT) Reference Architecture (IoT RA) standard. The standard regarding IoT and related technologies was published on 1 November 2018. The standard aims to provide the framework for designers and developers in the IoT field. The standard is developed under the technical committee information technology, and IoT development. Find out more about the standard here.

The international organisation for standardization (ISO) assembled a working group on drafting the cybersecurity standards around consumer’s electronics to ensure the consumer privacy is embedded into the design. This standard is also referred as ‘privacy by design’ standard. The ISO project committee, ISO/PC 317 will also look at the impact of artificial intelligence, data protection and sharing economy on the future of consumer experience. Working group will work having on mind the set of standards related to the cybersecurity and consumers electronics (IT Security techniques). The concept of privacy by design is already featured in a recent EU General Data Protection Regulation.

The US Department of Commerce and the Department of Homeland Security have released a draft report on 'Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats'. The report comes in response to President Trump's Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (from May 2017). It looks at challenges and opportunities in reducing the botnet threats that 'capitalise on the sheer number of Internet of Things devices', with goals related to a more secure technology marketplace, innovations in network infrastructure and applications, coalitions among security and technical communities on national and international level, and awareness and education. It outlines several recommendations, such as: establish broadly accepted baseline security profiles for IoT devices in home and industrial applications, and promote international adoption through bilateral arrangements and the use of international standards including IPv6 implementation; more efforts from the industry to develop innovative solutions for preventing and mitigating distributed threats; collaboration between government and industry to ensure existing best practices, frameworks, and guidelines relevant to IoT are more widely adopted; and promoting the international adoption of best practices and relevant tools through bilateral and multilateral international engagement efforts. The report is open for public comment until mid February 2018.

The 3rd Generation Partnership Project (3GPP), telecommunications industry standards body, approved the first standard for non-standalone 5G New Radio six months earlier than expected. This specification will use existing 4G infrastructure and it will form a basis for deployment of commercial 5G products. Some carriers already announced 5G implementation plans. However, the 5G standard has not yet been fully developed. This release is a part of the first phase of the two-phase 5G standardisation process within 3GPP. 

The Internet Engineering Task Force (IETF) has published RFC 8200, making the Internet Protocol version 6 (IPv6) a full Internet Standard. As explained on the Internet Society’s website, although IPv6 was already defined in RFC 2460 (updated by several other RFCs), this was a draft standard. What IETF did with RFC 8200 was to combine these many RFCs defining the IPv6 specification, into a single RFC, together with an Errata. So, technically speaking, there are no changes in the IPv6 specifications themselves, but IPv6 is now a full Internet Standard, defined in a single RFC.

South Korea plans to submit national 5G standards to the ITU in February 2018. South Korea is the first country to prepare 5G standards from a national perspective, informs the etnews server. It is expected that the proposal will include standards that are being developed by private companies and private standardisation organisations. South Korea wishes to become the first country with a commercial 5G deployment in 2019. This plan is backed by the country’s long-term strategical need to influence the global 5G standardisation process in favour of their technology, standards and norms. 

What are technical standards?

The Internet technical standards and services form the infrastructure that makes the Internet work, and include the Transmission Control Protocol/Internet Protocol (TCP/IP), the domain name system (DNS), and the secure sockets layer (SSL). Standards ensure that hardware and software developed or manufactured by developed entities can work together as seamlessly as possible. Standards therefore guide the technical community, including manufacturers, to develop interoperable hardware and software.

TCP/IP is the main Internet technical standard. It is based on three principles: packet-switching, end-to-end networking, and robustness. Internet governance related to TCP/IP has two important aspects: the introduction of new standards - an aspect that is shared by technical standards in general - and the distribution of IP numbers, which is explained in more detail in the section on IP numbers.

 

Setting technical standards

Technical standards are increasingly being set by private and professional institutions. The Internet Architecture Board (IAB) oversees the technical and engineering development of the Internet, while most standards are set by the Internet Engineering Task Force (IETF) as Request for Comments (RFC). Both the IAB and the IETF have their institutional home within the Internet Society (ISOC).

Other institutions include: the Institute of Electrical and Electronic Engineers (IEEE), which develops standards such as the WiFi standard (IEEE 802.11b); the WiFi Internet Governance Alliance, which is the certification body for WiFi-compatible equipment; and the Groupe Speciale Mobile Association (GSMA), which develops standards for mobile networks.

Standards that are open (open Internet standards) allow developers to set up new services without requiring permission. Examples include the World Wide Web and a range of Internet protocols. The open approach to standards development has been affirmed by a number of institutions. One such affirmation is the Open Stand initiative, endorsed by bodies including IEEE, IETF, IAB, the World Wide Web Consortium (W3C), and the Internet Society.

Technology, standards, and policy

The relevance of setting or implementing standards in such a fast developing market gives standard-setting bodies a considerable amount of influence.

Technical standards could have far-reaching economic and social consequences, promoting specific interests and altering the balance of power between competing businesses and/or national interests. Standards are essential for the Internet. Through standards and software design, Internet developers can shape how human rights are used and protected (e.g. freedom of information, privacy, and data protection).

Efforts to create formal standards bring private technical decisions made by system builders into the public realm; in this way, standards battles can bring to light unspoken assumptions and conflicts of interest. The very passion with which stakeholders contest standards decisions should alert us to the deeper meaning beneath the nuts and bolts.

Possible gaps in dealing with technical standards

Non-technical aspects - such as security, human rights, and competition policy - may not be sufficiently covered during the process of developing technical standards. For instance, most of the past developments of Internet standards aimed at improving performance or introducing new applications, whereas security was not a priority. It is now unclear whether the IETF will be able to change standards to provide proper authentication and, ultimately, reduce the misuse of the Internet (e.g. spam, cybercrime).

Given the controversy surrounding any changes to basic Internet standards, it is likely that security-related improvements in the basic Internet protocol will be gradual and slow. Yet decisive steps are starting to be implemented in this direction, with the Domain Name System Security Extensions (DNSSEC) being a good illustrative example. Following almost 12 years of research, trials, and debates within the technical community, DNSSEC first started to be deployed for some ccTLDs and from 2010 it was also implemented at the root server level. However, further challenges reside in the large-scale adoption of this new security standard down the ladder by the domain name registrars, ISPs, and website owners.

As with web standards, there appears to be a gap in the participation of stakeholders in the development of technical standards. Even though participation is open to all stakeholders groups, some submissions to the WGEC/correspondence group have noted the need for more involvement from specific stakeholder groups such as governments.

Events

Instruments

Conventions

International Telecommunication Regulations (WCIT-12) (2012)
International Telecommunication Regulations (WATTC-88) (1988)

Standards

ITU-T Recommendation X.1601 Security Framework for Cloud Computing (2015)
Recommendation ITU-T Y.3600 'Big data – cloud computing based requirements and capabilities' (2015)
Recommendation ITU-T Y.2060 ‘Overview of the Internet of things’ (2012)

Other Instruments

Resources

IoT – Economic Opportunities and Security Challenges (2018)
Blockchain Technology and Internet Governance (2017)

Publications

Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)

Reports

NI Trend Watch 2016 (2015)

GIP event reports

Human rights due diligence in practice in ICT sector (2018)
Forum debate: Are tech companies a threat to human rights? (2018)
Implementations of AI to Advance the SDGs – Panel 4: Safe and Secure AI (2018)
Projects in Action: Towards AI and Data Commons – Part 2 (2018)
Projects in Action: Towards AI and Data Commons – Part 1 (2018)
Ideas for Impact: AI Breakthrough Team Project Pitches (2018)
Collaborating and Investing in Beneficial AI (2018)
Celebration of the World Telecommunication and Information Society Day AI-Powered Moonshots – Meet the Astronauts (2018)
Building Trust for Beneficial AI – Trustworthy Systems (2018)
AI for Outbreaks, Emergency Response, and Risk Reduction (2018)
Storytellers (2018)
Building Trust for Beneficial AI – Developer Communities (2018)
AI Fostering Smart Government (2018)
AI Empowering Smart Citizens (2018)
AI + Smart Cities and communities (2018)
Building digital competencies to benefit from existing and emerging technologies with a special focus on gender and youth dimensions (2018)
Transformations on the Horizon (2018)
AI for Good Global Summit – Opening Keynote (2018)
Domain Names Innovation and Competition (2017)

Other resources

GSMA IoT Security Guidelines (2016)

Processes

Click on the ( + ) sign to expand each day.
 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top