[Read more session reports and live updates from the 13th Internet Governance Forum]
The session discussed views on the sovereignty and internal policies of data protection, cybersecurity and cyber sovereignty, with specific focus and insights from Brazil, Russia, India and China. The moderator was Mr Mark Datysgeld, Private Sector, Latin American and Caribbean Group (GRULAC).
Mr Luca Belli, Center for Technology and Society, Fundação Getulio Vargas Law School, talked about the evolution of e-commerce, trade between Brazil, Russia, India and China (BRIC) and cybersecurity. He used Brazil as a case study because it is the only country in the world where the number of victims is as high as number of hackers. Brazilians have largely adopted digital technology despite both literacy levels and digital literacy levels still being very low. However the young are interested in using both technology, and hacking technology. The Brazilian government has tackled data protection and cybersecurity especially through the lens of foreign policy. Brazil has been working on privacy recommendations for the digital age, however until nine years ago there was no data protection legislation in Brazil. With regards to cybersecurity, improved best practices need to be taken into account, and the majority of cybersecurity measures are coordinated by the military. There is a need to implement some kind of digital defence mechanism. Therefore better overview of mechanisms should be strengthened, and legislators should have greater overview to assess not only which kind of activities are enacted, but also how they are implemented.
Ms Ilona Stadnik, Civil Society, Eastern European Group, focusing on the Russian scenario, talked about the economic dimensions of the digital economy and related digital policies. She explained that the government had not been interested in Internet-related topics until 2011, when the trigger came in regard to data protection. After 2015, the Internet economy started to become a topic of discussion as an aspect of the digital economy. Other developments came in 2017, when a special autonomous non-commercial organisation was created with a multistakeholder approach. With regards to regulatory developments, special groups comprised of big businesses and government representatives defined the strategy of how the national programme should be implemented. However in 2018 the government changed the status of the programme, causing some drawbacks, as the government said that business had done its part.
Mr Govind, ISOC Delhi Chapter President, talked about the situation in India, where programmes are being implemented to makedigital infrastructure a utility for every city, with governance, services on demand and digital empowerment. The government is working on developing approaches promoting innovation and efficiency in digital services, and securing cybersecurity.
In this regard, Digital India represents a programme to prepare India for the expanding knowledge base, bringing together huge numbers of ideas for the greater good. In addition it is important to note that communication channels represent a critical means to bring social groups together, by creating a social space for interaction in real-time. The framework for improving cybersecurity includes efforts and best practices to tackle and prevent the occurrence of security incidents, as well as the compensation for, and punishment of cybercrime related to cyberterrorism, child pornography, violation of privacy, and breach of lawful contact, to cite a few examples. Next month the Persona Data Protection Bill will be discussed, raising the controversy surrounding data localisation inside and outside the country.
The final speaker, Ms Yik Chan, University of Shanghai, talked about the issue of sovereignty as a core argument for the Chinese government, touching on topics of human rights and freedom of expression. Cybersecurity can be abused by national governments to repress freedom of expression and to contain information within the domestic sphere. Therefore the main point is about jurisdiction of cyberspace sovereignty in terms of defining which areas belong to government and which do not. She tackled the relationship between cybersecurity and cyber-sovereignty through a three-dimensional approach:
- The first dimension is about infrastructure, both in terms of hardware and software. Infrastructure should be standardised in order to allow interconnectivity and interoperability.
- The second dimension is represented by online applications (apps): most of the countries developing apps do not have access to the international market. Making these apps compatible with the global market should be addressed through domestic law and national jurisdiction.
- The third dimension covers the issues of security, political systems, social order, and cultural diversity.
In conclusion, she argued that the country has sovereignty over its public spaces with policy-making powers. In this regard, the discussion should be focused on the clear definition of sovereignty and jurisdiction, with on the other hand a definition of what belongs to international law or international negotiation.
By Stefania Grottola