Updates

On our radar
#theGIP

last 7 days

20 Apr

The World Bank has released The Global Findex Database 2017 report, providing data on how individuals around the world save, borrow, make payments, and arrange risks. In its third edition, the report also includes data on the use of financial technology (including the Internet and mobile phones) to conduct financial transactions. The main finding of the report is that financial inclusion – an enabler of the 2030 sustainable development goals – is on the rise at a global level, but that measures are still needed to expand access to financial services, especially in developing countries. To this aim, the report notes that digital technologies can drive sustainable financial inclusion if the necessary infrastructure is in place, and an enabling environment is created in areas such as digitising payments of wages and government benefits, putting in place strong consumer protection rules, and introducing digital technology-based identification cards. According to the World Bank, the data in the report is used by UN member states to track progress toward the sustainable development goals.

The Government of Canada and the Government of the French Republic issued a ‘Joint Declaration on Cultural Diversity and the Digital Space’. The Declaration reaffirms the sovereign right of States to adopt policies and measures to protect and promote the diversity of cultural expressions in the digital space, recalls protection and promotion of cultural diversity as inseparable from human rights and fundamental freedoms, confirms support for the principle of neutrality and universality of the Internet and for the multi stakeholder governance of the Internet, and emphasizes the will to support French language cultural content in the digital space. In the spirit of multistakeholder model it affirms that the States, digital platforms, and civil society must pursue common goals to support and promote diversity of cultural expressions online, to contribute to the economic sustainability of content creators and respect for copyright, to promote quality and transparent information and the implementation of algorithms with respect to ranking, recommendations, and access to local content. In addition, the States decided to:

’ - Pursue collaboration between Canada and France on implementing the operational guidelines on the implementation of the UNESCO Convention on the Protection and the Promotion of the Diversity Of Cultural Expressions in the digital environment;

- Promote direct and open dialogue between partner States, the private sector, notably digital platforms, and civil society, on their responsibilities in connection with the protection and promotion of cultural diversity in the digital space.’

The Coalition for the Diversity of Cultural Expressions (CDCE) welcomed the Statement. The CDCE's co-president, Bill Skolnik, stated: ‘the signal sent by Canada and France is very important; at a time where platforms and their recommendation tools do not promote a real diversity of cultural expressions. We are pleased to see that the French and Canadian governments have heard the main concerns of the cultural community. We are eager to find out more about the impact of this statement.’

19 Apr

Currently, Facebook users outside the United States and Canada fall under the terms of services agreed with the company’s international headquarters in Ireland. This means that around 1.9 billion Facebook Inc. users around the world would be protected by the European Union’s General Data Protection Regulation (GDPR), once it takes effect on 25 May 2018. However, Facebook is about to make changes which will decrease this number. Facebook confirmed to the Reuters its intentions to reduce its exposure to the GDPR, which allows European regulators to fine companies for collecting or using personal data without consent. These changes will directly affect Facebook users in Africa, Asia, Australia, and Latin America, who will not fall under the DGPR protection. According to Reuters, this will remove potential liability for Facebook, since the new EU law allows fines of up to 4 percent of global annual revenue for infractions. Regarding these changes, the company said: ‘We apply the same privacy protections everywhere, regardless of whether your agreement is with Facebook Inc or Facebook Ireland.’. Earlier this month, Facebook’s CEO, Mark Zuckerberg, stated the company would apply the EU law globally ‘in spirit’, but did not commit to it as the standard for Facebook across the world. Technology policy researcher at University College London, Michael Veale, said that in practice this means: ‘The 1.5 billion affected users will not be able to file complaints with Ireland’s Data Protection Commissioner or in Irish courts. Instead they will be governed by more lenient U.S. privacy laws.’.

17 Apr

In California, the USA, a strict net neutrality bill is closed to becoming law, as the Energy, Utilities, and Communications Committee in the state Senate approved it, despite objections from telecom providers. The bill replicates basic net neutrality rules that were included in the 2015 order of the Federal Communications Commission (FCC), on blocking, throttling, and paid prioritisation. But it also goes one step forward with a ban on paid zero-rating arrangements in which Internet access providers charge online services for data cap exemptions. The bill is opposed by telecom companies such as AT&T, whose vice-president Bill Devine argued that specific net neutrality rules are not necessary, as the providers; commitments not to block, censor, or degrade Internet traffic are ‘enforceable by the federal government and the California attorney general’. To become a law, the bill has to be approved by the Senate Judiciary Committee and then be subject to vote in the full Senate. It would then pass to the State Assembly for review and approval, and, finally, to Governor Jerry Brown.​

The European Commission is proposing new rules to make it easier and faster for police and judicial authorities to obtain the electronic evidence needed for investigation, prosecution and conviction of criminals and terrorists. The proposals will create a European Production Order, which will allow a judicial authority in one Member State to request electronic evidence, regardless of the location of data, directly from a service provider offering services in the Union and established or represented in another Member State. Moreover, a European Preservation Order will prevent deletion of specific data by service providers, in order to enable judicial authorities to request this data later via mutual legal assistance. Under new rules, service providers will be obliged to designate a legal representative in the EU, to ensure that all service providers are subject to the same obligations. The rules also aim to provide legal certainty for businesses and service providers.

Thirty-four global companies - including Microsoft, Facebook, LinkedIn, Arm, ABB, Telefonica, Cisco and Dell among others - have signed The Cybersecurity Tech Accord, publicly committing to protect and empower civilians online and to improve the security, stability and resilience of cyberspace. The companies committed to four principles: the protection of all of their users and customers everywhere; opposition to cyberattacks on innocent citizens and enterprises from anywhere; helping empower users, customers and developers to strengthen cybersecurity protection; partnering with each other and with like-minded groups to enhance cybersecurity. Signatories of the Accord will define collaborative activities they will undertake to further the Accord and will report publicly on the progress in achieving the goals.

In Thailand, issuers of initial coin offerings (ICOs) and advocates of cryptocurrency exchanges have asked the Finance Ministry to delay or wave the application of capital gains tax on ICOs and cryptocurrency trading. In March, the government approved in principles the drafts of two royal decrees to regulate transactions related to digital assets and to allow tax authorities to impose levies on digital assets. Under such rules, digital asset trades will be subject to a 7% value-added tax in addition to a 15% withholding tax on capital gains and returns from investments in digital assets. This policy is seen by some as a matter of double taxation, and a possible obstacle for startups and other businesses interested in raising capital through cryptocurrency. Instead, the authorities are asked to consider a new tax policy that would support the cryptocurrency and ICO ecosystem at a national level.

Fourteen South Korean crypto exchanges set the self created set of rules for better joined action, and transparency. Among other rules, they agreed on having minimum equity of 5 billion won (around USD 1,8 milion), and to publish regular audit and financial reports. All of fourteen exchanges are the members the Korea Blockchain Association. [link]

Uganda is reportedly considering the introduction of a tax on social media use, starting July 2018. A proposal put forward by the government would see mobile phone subscribers charged 200 Ugandan shillings (USD $ 0.05) per day for accessing services like WhatsApp, Viber, Twitter, and Skype. According to Quartz, telecom companies whose services are used for accessing over-the-top platforms will have to account and pay excise duty on the services they offer. It is, however, unclear how subscribers will be taxed for social media use (from a practical point of view), and how it will be determined when they access the targeted networks. According to the country's finance minister, cited by Reuters, the money collected through this tax are to be used to 'maintain the security of the country and extend electricity'. But human rights activists are concerned that the proposal is an attempt to limit freedom of expression.

16 Apr

Earlier this month, Facebook announced the launch of a fact-checking programme in the Philippines to combat the spread of fake news. To implement the programme, Facebook chose to partner with two online news platforms – VERA Files and Rappler IQ. The Philippines government has criticised Facebook's choice, stating that the two platforms are biased against President Rodrigo Duterte. An official from the Presidential Communications Operations Office, cited by Reuters, noted that, while Facebook's intention to counter fake news is welcome, the choice of fact-checkers is concerning. Rappler IQ has previously been accused of 'trying to undermine the government', and it now has its operating license suspended at the moment, following a decision of the Securities and Exchange Commission, which considered that the company was violating foreign ownership rules.

In a letter sent to the Internet Corporation for Assigned Names and Numbers (ICANN), the US government – through the Assistant Secretary for Communications and Information – expressed concerns over the new WHOIS policy implemented by GoDaddy, a major registrar of domain names. In March 2018, GoDaddy introduced several changes to its WHOIS policy (governing access to domain name registrants data), by masking some WHOIS domain name registrant data – name, e-mail, and phone number – when requested through Port43 Whois lookups. The letter sent to ICANN describes this change as a source of 'great concern for NTIA [the US National Telecommunications and Information Administration] given the US Government's interest in maintaining a WHOIS service that is quickly accessible for legitimate purposes'. NTIA asks ICANN to investigate the matter as it may conflict with the Registry Accreditation Agreement, but also to 'consider an ICANN cross-community discussion on the issue'. In a statement to Domain Name Wire, GoDaddy explained that its decision was made in an attempt to 'protect customer data from harvesting by bad actors', while also noting that the concerned data is still available via protected web-based queries.

France has built its own encrypted messenger service to ensure that foreign actors couldn’t spy on private conversations between top officials. The development of the app was motivated by the risk of data breaches of major encrypted messaging application servers, which are based outside of France. The app has been developed on the basis of free-to-use code and designed by a state-employed developer. The service is currently being tested by some 20 officials and top civil servants, and its use will be mandatory for the whole government by the summer. There is also a possibility that the service will eventually made available to all French citizens.

The US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) have released a joint Technical Alert (TA18-106A) about Russian state-sponsored cyber actors targeting network infrastructure devices. The attack targeted routers, switches, firewalls, and the Network Intrusion Detection System (NIDS) of government and private-sector organizations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors. It is linked to the Cisco Smart Install Client misuse, reported earlier. According to the alert, FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations. The Australian authorities also joined the US and the UK in the allegations. 

The Select Committee on Artificial Intelligence (AI) in the UK House of Lords published a report summarising the results of its inquiry into the economic, ethical, and social implications of AI (carried out between June 2017 and March 2018). The report, titled 'AI in the UK: Ready, willing and able', contains a series of recommendations to support the UK government and other stakeholders in 'realising the potential of AI for society and economy, and to protect society from potential threats and risks'. Among them, the Committee proposed five key principles to to guide the development of ethical AI: (1) AI should be developed for the common good and benefit of humanity; (2) AI should operate on principles of intelligibility and fairness; (3) AI should not be used to diminish the data rights or privacy of individuals, families or communities; (4) all citizens have the right to be educated to enable them to flourish mentally, emotionally and economically alongside AI; and (5) the autonomous power to hurt, destroy or deceive human beings should never be vested in AI. It is also the view of the Committee that 'AI-specific regulation is not appropriate at this stage' and that existing regulators should be given the adequate resources and powers to regulate AI.

Jacky Habib of Women's Advancement Deeply explains how Kenyan App Developers Harness Technology to Take on Gender Gaps as the article explores how 'Kenyan developers offer women tech-based solutions to help them understand and fight for their rights.' The article describes Sophie Bot, which allows for anonymous consultation about sexual issues, offering information from Kenya’s National AIDS Control Council and the United Nations Population Fund’s (UNFPA) peer-mentor curriculum. According to Habib, Sophie Bot reaches outside of Kenya, with 30% of Sophie Bot’s 4,500 users in Kenya and reporting 18% from the United States.

A similar app, coming from Uganda, Ask Without Shame, uses Whatsapp, SMS, a toll-free line and their own app to offer answers to sex-related questions from medical experts. The app registered 50,000 users across East Africa in just three years. In another example, The 160 Girls Project is an initiative by a Canadian nonprofit called the Equality Effect that works to prevent sexual violence against girls in Kenya. 

Habib goes on to explain that there is still a gender gap in Kenya and sub-Saharan Africa, and details how, In an effort to close this gap, Women and the Web Alliance, a public-private partnership, is teaching digital literacy to women in rural Kenya. In conclusion, she cites Florence Korir, from World Vision, a partner in the alliance: 'We know that there is a large technology gap between men and women, and that addressing the gender gap will allow women to benefit from the opportunities that technology and the web hold.'

14 Apr

According to the Kashmir Reporter, Jammu and Kashmir, India, have had 73 Internet shutdowns in last four years. The information comes from a tracker website,  maintained by the Delhi-based non-profit legal services organisation Software Freedom Law Centre. The tracker, Internet Shutdowns, 'shows that since 2012, the Internet has been shut down in different parts of India 165 times'. The site includes an update on recent Phagwara clashes: Mobile internet, SMS services suspended in 4 Punjab districts.

In another article, the Director-General of Jammu and Kashmir Police commented on the shutdowns, 'My effort is to ensure minimum disruption of internet. I am totally against it. But let me tell you there is mischief and misuse of it to spread hatred and false propaganda. This is what we want to prevent.'

last 30 days

13 Apr

A Russian court approved the state’s communication watchdog, Roskomnadzor, request to limit access to Telegram, due to the company’s repeated refusal to hand over encryption keys, this way undermining privacy of its users. Raskomnadzor asked the court to block the app, and for the ban to take an immediate effect. The media reports that the court scheduled the hearing one day prior, during which it took 18 minutes to approve the watchdog’s request. Raskomnadzor’s head, Alexander Zharov, stated that the ban would be soon in effect, and soon after also blocked. The judge, Yulia Smolina, said: ‘The court decided to meet the requirements of Roskomnadzor, impose restrictions on access to Telegram messenger and stop providing technical conditions for the exchange of messages.’ Russia’s Federal Security service claimed the need to access to some of the messages as part of the guarding against terrorist attacks. Telegram Funder and CEO, Pavel Durov, reacted to the decision by saying that the app will use built-in systems to circumnavigate the ban, underlying that the access will be difficult without the use of a virtual private network. Telegram’s lawyer, Pavel Chikov, wrote on a Telegram channel: ‘They have demonstrated again and again that the court system is devoted to serving the interests of the authorities. They no longer even care about basic external appearances.’ Among app’s 9.5 million active users within the country are also journalists and members of Russia’s political opposition. Telegram is also used by the Kremlin for communicating with reporters, as well as to arrange conference calls with Russian President Vladimir Putin’s spokesman.

Replying to the letter sent by the Article 29 Data Protection Working Party (Article 29 WP) with regard to ICANN's work on a proposed interim model to ensure compliance between ICANN agreements and policies and the EU General Data Protection Regulation (GDPR), ICANN CEO Göran Marby noted that ICANN places importance on 'balancing the right to privacy with the need for information', and underlined the need for 'a moratorium on enforcement' to allow the organisation to 'protect Internet users globally'. Marby explained that even if the organisation manages to include all the recommendations from Article 29 in its proposed model, there will be a need for a significant amount of time to implement the model. The letter also refers to possible negative consequences of a 'fragmented WHOIS' which could 'hinder the ability of law enforcement around the world to get important information and for the anti-spam community to help ensure the Internet protects end- users' and 'will have a detrimental impact of the entire Internet'. Marby concludes his letter by asking Article 29 WP to 'spend more time considering the balance between the important right to privacy and the need for information'. ICANN and Article 29 WP will meet on 23 April to further discuss these and other related issues. In advance of this meeting, ICANN asked the community to share its input on the Article 29 WP guidance.

In the UK, a judge has ordered Google to de-list from its Google search results articles about years-old crimes committed by a businessman, in another landmark decision on the so-called 'right to the forgotten'. The case at hand was brought to court by two businessmen who had previously asked Google to remove articles about crimes they had committed, arguing that the articles were a breach of their right to privacy, old, and of no public interest. Google had initially refused the requests, arguing that it was in the public's interest to provide information about the professional lives of individuals. The plaintiffs took Google to court, and, on 13 April, the judge ruled in favour of one of them, considering that the information about the crime committed was outdated and irrelevant. He ordered Google to remove the search results, deeming that the articles were of 'no sufficient legitimate interest to users'. Google announced it would comply with the ruling.

In a move to keep pace with other countries which support the development of self-driving vehicles, China has introduced nation-wide guidelines for the testing of such vehicles on public roads. The guidelines outline a series of requirements such as the testing of autonomous cars should be first done in non-public zones; road tests can only be carried out on designated streets; and the test vehicles must always have a safety driver on board to be able to take control in unforeseen circumstances. The national rules come to complement guidelines already announced at the local level, in cities such as Beijing and Shanghai.

The OSCE (Organization for Security and Co-operation in Europe), Representative on Freedom of the Media, Harlem Désir, voiced his concern about the blocking of Telegram, as well as legal restrictions on social networks will he feels will limit the freedom of expression in Russia. Desir particularly noted that these may hamper 'the important role of Internet intermediaries in facilitating the exercise' of these rights. Actions were taken against Telegram after application developers did not provide the security services with decryption keys for its messaging service, as ordered. 

Desir also noted that on 12 April, the State Duma adopted amendments to the Law on Information, Information Technologies, and Protection of Information which requires social networks to 'compromise the anonymity of their users' as well as adding new takedown and deletion of content rules, where non-compliance will result in blockage of the websites. Desir called on the Russian authorities 'to reconsider this restrictive measure and to promote a free, independent and diverse communications environment'.

 

12 Apr

United Kingdom launched a major offensive cyber-campaign on Islamic State in 2017, the director of UK’s Government Communications Headquarters (GCHQ) revealed. This is the first instance in which UK has systematically degraded online efforts of an adversary in a military campaign. The operation hindered the ISIL’s ability to coordinate attacks and use their communication channels to spread propaganda. Aside from disrupting ISIL’s online activities, the operation even destroyed equipment and networks.

The European Commission is reportedly planning to develop a Code of Practice that will outline measures to be taken by Internet companies to curb the spread of fake news online. Targeted at online platforms such as Facebook and Google, as well as Internet advertising companies, the Code would include measures such as: improving the scrutiny of advertising placements, enhancing efforts to close fake accounts, considering the need to fight disinformation in the design phase of developing online tools, and preventing third parties from accessing personal data without authorisation. The Code, to be launched by July, is expected to produce 'measurable effects' by the end of the year. If it turns out to be unsuccessful, the Commission is said to consider further actions, including of regulatory nature.

UK National Cyber Security Centre (NCSC) has drawn up a new cyber incident framework, which classifies cyber incidents in six categories, up from previous three categories. A category one incident is a “national cyber emergency”, which causes sustained disruption to essential services or affects national security, leading to severe economic or social consequences, or loss of life. A category two incident is a “highly significant” incident which has a serious impact on central government or a large proportion of the population. Category three covers “significant” attacks which have a significant impact on a large organization or local government. Category four covers substantial incidents, while category five covers moderate incidents and category six covers localizes incidents. The aim of the new framework is to universalize the description and prioritization of cyber threats, in order to provide an effective, joined-up response to such threats.

A judge in Philadelphia, USA has issued a ruling that drivers working under the UberBlack limousine service are not Uber employees, but independent contractors. The case was brought to court in February 2016 by several drivers who claimed that Uber did not comply with labour legislation and failed to pay minimum wage and overtime work. The judge decided that the drivers are contractors, as they enjoy extensive flexibility and Uber does not exert enough control over them to be considered employees. The plaintiffs plan to appeal the ruling.

11 Apr

On 11 April 2018, the Article 29 Data Protection Working Party (composed of data protection authorities in EU member states) wrote to the Internet Corporation for Assigned Names and Numbers (ICANN) with regard to ICANN's proposal for an 'Interim model for compliance with ICANN agreements and policies in relation to the European Union's General Data Protection Regulation (GDPR)'. The group welcomed ICANN's proposal for layered access to WHOIS data (data of domain name registrants) and for an accreditation programme to govern access of law enforcement agencies and other parties to non-public WHOIS data. But it also raised concerns about several provisions of the proposed interim model seen as not being in line with the GDPR, and asked ICANN to further work on issues such as: explicitly defining the legitimate purposes for which registrant data is collected; specifying more clearly the relation between the legitimate purposes of the data processing and the relevant legal basis; developing policies applicable to incidental and systematic requests for access to WHOIS data, in particular for law enforcement agencies; and ensuring that registrars and registries have appropriate logging and auditing mechanisms in place to detect possible misuse of WHOIS data.​

Government of Vietnam is tighten the control of the cryptocurrency business and activities after the reports of an alleged big ICO fraud in that country. 32000 people was affected after investing into the virtual currencies Pincoin and Ifan. Investors are lead to believe that the value of coins will go up substantially in a short time. In meanwhile ICO headquarters are moved from Hanoi. Regulators will try to impose even more oversight. You can find the original statement here: [link]

During the second day of Facebook's CEO testimony before the US Senate in regard to the users’ privacy breach, the Cambridge Analytica’s Board issued a Press Release stating that Alexander Tayler resigned the position of the acting CEO. He will resume his previous position as Chief Data Officer. The Board expressed appreciation for his service during ‘a challenging time for the company.’ This announcement came after Cambridge Analytica suspended its previous CEO, Alexander Nix, end of March, amid public revelations that the company improperly obtained personal information of tens of millions of Facebook users from a Cambridge University researcher Aleksandr Kogan, who collected the data through an app he developed and connected to Facebook in 2013.

10 Apr

Member states of the EU signed a declaration which will establish a European Blockchain Partnership. Twenty two EU countries will share the expertise in regulatory field. Also they will try to prepare for the launch of EU wide blockchain application. By the words of Mariya Gabriel, EU Commissioner for Digital Economy and Society: ‘The Partnership launched enables Member States to work together with the European Commission to turn the enormous potential of blockchain technology into better services for citizens’. Declaration is a continuation of the EU Commission work to develop a common approach on Blockchain technology for the EU. [link]

The Court of Justice of the European Union (CJEU) issued a ruling stating that EU member states 'may prohibit and punish the illegal exercise of a transport activity such as UberPop without having the notify the Commission in advance of the draft legislation laying down criminal penalties for the exercise of such an activity'. The judgement was issued in response to a question from the CJEU by the Tribunal de grand instance de Lille (France) concerning a case brought forward by Uber France. In France, authorities have brought criminal law proceedings against Uber for its UberPop service operating with non-professional drivers. Uber France claimed that it could not be prosecuted, because France should have notified the European Commission about the legislation on which the criminal proceedings against the company are based.  Uber argued the French authorities did not comply with an EU directive which states that member states have to notify the Commission of any draft legislation or rules establishing technical regulations on information society services. The CJEU, however, ruled that the UberPop service does not fall under the scope of the EU directive, referring to its previous decision from December 2017 that the UberPop service offered in Spain was a transportation service and not an information society service.

Twenty-five European countries – Austria, Belgium, Bulgaria, Czech Republic, Denmark, Estonia, Finland, France, Germany, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, UK, Norway – adopted a Declaration of cooperation on artificial intelligence (AI). Among other issues, the countries committed to work together on 'increasing the EU's competitiveness, attractiveness and excellence in research and development in AI', as well as on addressing social, economic, legal, and ethical concerns related to the evolution and use of AI. The declaration also points to the need to 'ensure that humans remain at the centre of the development, deployment and decision-making of AI' and  'prevent the harmful creation and use of AI applications'. In addition, the 25 countries agree to regularly assess the progress made in adopting measures to adequately react to the opportunities and challenges related to AI.

9 Apr

According to Ace Ratcliff at the Huffington Post, Disabled People (Might) Finally Get Emojis That Represent Us, changing a scenario that currently has only one of 2,666 emojis representing persons with disabilities. Apple recently unveiled a proposal to the Unicode Consortium, suggesting 13 new emoji developed in consultation with community organizations like the American Council of the Blind, the Cerebral Palsy Foundation, and the National Association of the Deaf.

                                                                                       13 new emoji proposed by Apple

                                                                                         13 new emoji proposed by Apple
                                                                                          Isabella Carapella/HuffPost/Apple

The author notes that the lack of emojis is just one way in which persons with disabilities are underrepresented in society, stating that 'Apple’s 13 proposed emojis may be what society needs to recognize that disability representation is sorely needed and long overdue'.

States in the USA continue to pass their own net neutrality rules, following the December 2017 decision of the Federal Communications Commission’s to repeal the federal rules. On 9 April, the Oregon Governor Kate Brown signed a net neutrality bill that prohibits public bodies in Oregon from contracting with broadband Internet access service providers (ISPs) that engage in certain network management activities based on paid prioritisation, content blocking, or other forms of discrimination. As exceptions from this rule, public bodies can contract with an ISP if that ISP: is the only fixed provider in a certain geographic location; it engages in any of the activities described before in the process of addressing copyright infringement or other unlawful activity or the needs of emergency communications, law enforcement, public safety or national security authorities; it engages in paid prioritization if the Public Utility Commission (PUC) determines that the paid prioritisation provides significant public interest benefits; or it engages in any activities described before if the PUC determines that the engagement in the activity is a reasonable network management.

In a paper released by artificial intelligence (AI) experts from the AI Now Institute, governments are invited to conduct algorithmic impact assessments (AIA) for the automated decision making systems that they use as part of their activities. While giving examples of AI-driven systems used in criminal justice, predictive policing, or optimising energy uses in critical infrastructures, the authors note that many such systems operate as 'black boxes', without proper scrutiny and accountability. To better understand how these systems work and what impacts they could have, public authorities are advised to introduce an AIA framework based on the following main elements: conducting a self-assessment of existing and proposed automated decision systems, evaluating potential impacts on fairness, justice, bias, or other concerns across affected communities; developing meaningful external researcher review processes to discover, measure, or track impacts over time; providing notice to the public disclosing their definition of 'automated decision system' and existing and proposed systems; soliciting public comments to clarify concerns and answer outstanding questions; and providing enhanced due process mechanisms for affected individuals or communities to challenge inadequate assessments or unfair, biased, or otherwise harmful system uses that authorities have failed to mitigate or correct.

8 Apr

According to Business Ghana, mobile Internet services have been restored to many areas of Ethiopia outside of the capital, Addis Ababa, after almost three months without connectivity. The article, Ethiopia restores internet services, cites BBC correspondents as confirming that services have resumed in Tigray in the north and Harar in the east as well. It was noted that most Ethiopians access the Internet on their mobile phones.

7 Apr

In March 2018, an administrative court in Egypt ordered authorities to suspend the licenses of Uber and competitor Careem pending a final court ruling in a case brought forward by taxi drivers. Uber challenged the decision, and the Cairo Court of urgent matters decided that the March ruling should be suspended, and Uber and Careem should be permitted to continue their operations until a final decision is issued. The Egyptian government has also challenged the March decision in front of the High Administrative Court, and submitted a draft law to regulate ride-hailing services to the country's parliament.

6 Apr

Unidentified hackers have attacked networks in Iran, Russia and several other countries. The attack disabled equipment of ISPs and data centres, and displayed a US flag on the user screens along with the warning “Don’t Mess With Our Elections.” In a statement to Motherboard, the attackers said they were “tired of attacks from government-backed hackers on the United States and other countries.” The hackers misused Cisco Smart Install (SMI) Client and, according to a Kaspersky lab report, targeted mostly the Russian-speaking segment of the Internet,a s well as switches in Iran. Iran’s IT Minister stated for the state television that the attack mostly affected Europe, India, and the US, while China was also hit; another official confirmed that no data was lost.

5 Apr

Cisco Smart Install (SMI) Client, a legacy utility allowing simple “no touch” configuration of switches, is being exploited in attacks against systems, including critical infrastructure, Cisco Talos warns. According to the US CERT alert, some of the attacks are believed to be conducted with support of nation-state actors. The abuse of the feature allows modifying the general configurations of the switch by a third party, allowing it to log-in and execute IOS commands which can serve as an attack vector. The problem prevails in spite of Cisco’s report with recommendations, issued in February.

Weeks after Russia’s top court ruling in March that the messaging application Telegram must hand over encryption keys to authorities, the media reports Telegram said it is technically unable to do so, despite the risk of being banned in the country, where it has 9.5 million active users. After Russia’s communications watchdog, Roskomnadzor, warned about possible blockage and gave two-weeks deadline, Telegram’s founder, Pavel Durov, ‘tweeted’: ’Threats to block Telegram unless it gives up private data of its users won’t bear fruit. Telegram will stand for freedom and privacy.’ Moreover, Telegram’s lawyer, Dmitry Dinze, stated that it is not possible to hand over the encrypted messages because chats are held on cloud servers and ‘data are not held in one place’. The ‘secret chat’ option changes its encryption keys per minutes and does not store any of the data before it is automatically deleted. The Russian state communication agency accused the platform of being key communication tool used by terrorists during 2017 St. Petersburg attack. The company’s response opened possibility for Roskomnadzor to take actions which could lead to it being blocked in Russia, after an appeals process next month. China blocked Telegram in 2015.

In an open letter to the European Commission, over 150 artificial intelligence (AI) and robotics experts, industry leaders, and law, medical and ethics experts raised concern over the idea of granting robots with legal status. The letter refers to a resolution adopted by the European Parliament in 2017 on Civil Law Rules of Robotics, in which parliamentarians suggested that the European Commission consider the creation of 'a specific legal status for robots'. Noting that having EU rules for robotics and AI 'is pertinent to guarantee a high level of safety and security to EU citizens while fostering innovation', the experts caution that 'the economic, legal, societal and ethical impact of AI and robotics must be considered without haste or bias'. In their view, creating a legal personality for a robot is inappropriate from an ethical and legal perspective: while being aware of the importance of addressing the issue of liability of autonomous robots, they believe that 'creating a legal status of electronic person would be ideological and non-sensical and non-pragmatic'. Moreover, such a concept is considered to be based on 'a superficial understanding of unpredictability and self-learning capacities and, a robot perception distorted by Science-Fiction'.​

In China, the State Administration of Radio and Television (SART) ordered news aggregator platform Jinri Toutiao and live streaming website Kuaishou to remove hosted content that was 'vulgar, violent, gory, pornographic and harmful'. The two platforms were also asked to close the accounts of the users who uploaded such content, and not to allow new accounts to be opened until existing ones are 'thoroughly checked'. The authority, cited by China Daily, also claimed that the two platforms were broadcasting video programmes without having a proper license. Moreover, SART stated that website operators are responsible for examining 'broadcasted programmes', and they are deemed accountable if they allow 'illegal content to be broadcast'.

4 Apr

FireEye released Mandiant® M-Trends® 2018 report, sharing statistics and insights gleaned from Mandiant investigations around the globe in 2017. FireEye has discovered that organizations which can detect breaches internally are doing so faster, with median duration between the start of an intrusion and it being identified decreased to 57.5 days in 2017 from 80 days in 2016. However, the global median dwell time before any detection —external or internal— rose to 101 days in 2017, from 99 in 2016. The data provided in the report shows that organizations which have been victims of a targeted compromise are likely to be targeted again by the same or a similarly motivated attack group, with 49 percent of customers successfully attacked again within one year. The demand for skilled cyber security personnel is continuing to rise, but the supply is not keeping pace, and the skills gap is affecting two areas: visibility and detection, and incident response.

A blog post published by Julia While, Azure Corporate Vice-president at Microsoft, revealed Microsoft's plan to invest USD$ 5 billion in the Internet of things (IoT) in the next five years. The funds will be allocated to research and innovation in IoT, so that the products and services offered by the company can allow the creation of 'trusted, connected solutions that improve business and customer experiences, as well as the daily lives of people all over the world'. Microsoft intends to pay particular attention to areas such as securing IoT, creating development tools and intelligent services for IoT, and supporting the growth of the overall IoT environment.​

Researchers from several universities around the world have written a letter expressing public concern about reported plans of the Korea Advanced Institute of Science and Technology (KAIST) to work on autonomous weapons technology. The letter makes reference to KAIST's Research Center for the Convergence of National Defense and Artificial Intelligence, recently opened in collaboration with defense company Hanwha Systems, and to reports about the Centre aiming to 'develop artificial intelligence (AI) technologies to be applied to military weapons, joining the global competition to develop autonomous arms.' Concerned about such prospects, the signatories underline that autonomous weapons are a threat to international security, as they 'will permit war to be fought faster and at a scale greater than ever before' and 'have the potential to be weapons of terror'. They also urged KAIST not to 'accelerate the arms race to develop such weapons' and to provide assurance that the Center 'will not develop autonomous weapons lacking meaningful human control'. In reaction, KAIST’s president, Sung-Chul Shin, said that the Institute does not intend to 'engage in the development of lethal autonomous weapons systems and killer robots,' and 'will not conduct any research activities counter to human dignity including autonomous weapons lacking meaningful human control.'​

3 Apr

Less than two months before the entry into force of the EU General Data Protection Regulation (GDPR), Afilias, one of the largest generic top-level domain (gTLD) registry, decided to amend the WHOIS policy for the gTLDs it owns, to comply with a GDPR. In a notification sent to its registrars and quoted by Domain Wire, the company announced that its public WHOIS database with details about domain names would only contain 'operation technical data (not contact data)' as of 25 May 2018. Afilias also indicated that it intends to consult the data protection authority in Ireland (where the company is based) to seek further guidance on how to ensure GDPR-compliance and that it continues discussions on law enforcement authorities to determine ways to ensure that these authorities can still access WHOIS data in reasonable conditions. Moreover, no access to WHOIS data will be allowed for individuals/entities associated with 'trademarks and intellectual property interests' until a consensus is reached on this matter at international level. The gTLDs affected by the decision are: .info, .mobi, .pro, .poker, .pink, .black, .red, .blue, .kim, .shiksha, .promo, .lgbt, .ski, .bio, .green, .lotto, .pet, .bet, .vote, .voto, .archi, .organic and .llc.

2 Apr

Reuters World News reports that Malaysia outlaws 'fake news'; sets jail of up to six yearsnoting that 'The government said the law would not impinge on freedom of speech and cases under it would be handled through an independent court process.' Critics say it is aimed at restricting dissent before the forthcoming general election. Hillary Grigonis asks in Digital Trends Should fake news be illegal? Malaysia could be among the first to penalize it. Grigonis goes on to say that 'Critics, however, are voicing concern over the bill’s potential impact on free speech' and quotes Amnesty International’s director for the Southeast Asia and Pacific regions, James Gomez, as calling it a 'vaguely worded, catch-all bill that can be — and will be — used to crack down on peaceful government critics. 

Cnet's Daniel Van Boom notes that fake news is a problem, but adds that experts say that the new law is a dangerous one, quoting David Kay, clinical professor of law at the University of California: 'This legislation is problematic on so many different levels' ... 'The definition of fake news is so broad it seems like the government could decide anything could be fake news. On top of that, it has these extraordinarily harsh penalties.' Van Bloom notes that the law applies overseas, and could affect Malaysians outside the country, or foreign journalists when they visit Malaysia if they wrote or share stories categorised as fake news.

In March 2018, the Department of Motor Vehicles in California, the USA, announced the adoption of regulations outlining the conditions under which autonomous vehicles could be tested and operated on public roads without a safety driver on board. Since the announcement, the Arizona fatal accident involving a self-driving car has lead to many public debates about the safety of these vehicles. But Californian authorities have decided to proceed with the implementation of the new regulations, and they are ready to issue permits for fully autonomous vehicles to be tested on public roads. To obtain such a permit, the cars have to meet certain strict conditions ranging from security measures to prevent or resists cyber-attacks, to two-way communication between the vehicle and a remote operator. These permits can be released starting 2 April, when the regulations mentioned above enter into force. However, despite the fact that dozens of companies in California work on self-driving cars, it is reported that only one of them has so far applied for a permit for testing fully autonomous vehicle.

1 Apr

The West African coast countries were affected by the ACE subsea cable cut near Noukachott in Mauritania. Sierra Leone, Mauritania, Liberia, Guinea-Bissau, Guinea, and Gambia experienced connectivity outages depending on their distance from the inflicted area and number of redundant backbone infrastructure. The most significant outage hit Mauritania that lost all Internet connection for nearly 2 days.

29 Mar

In an event hosted on 29 March at the College de France in Paris, French President Emmanuel Macron announced a national strategy in the field of artificial intelligence (AI), aimed at putting France on the map of leading country in AI. '[AI] is a technological, economical, social and obviously ethical revolution. This revolution won’t happen in 50 or 60 years, it’s happening right now. There are new opportunities and we can choose to follow some innovations or not,' noted Macron in his intervention. The strategy is built on several pillars: support for AI research and development, sharing of new data sets by public entities, to be used for AI services, and regulations allowing companies to experiment in multiple industries (such as autonomous cars). Overall, France intends to invest €1.5 billion in AI initiatives by 2022. The strategy is said to be based on a report prepared by mathematician and member of the French Parliament Cedric Villani.

The Internet Corporation for Assigned Names and Numbers (ICANN) announced its request to the European data protection authorities (DPAs) to provide specific guidance on the organization's Proposed Interim Compliance Model in relation to the EU’s General Data Protection Regulation (GDPR). ICANN asks the authorities to help ICANN, as well as domain name registries and registrars, ‘to maintain the global WHOIS in its current form through either clarification of the GDPR, a moratorium on enforcement or other relevant actions, until a revised WHOIS policy that balances these critical public interest perspectives may be developed and implemented.’ The letter emphasises ICANN’s concern that the continued ambiguity on the application of the GDPR to the global WHOIS may ‘result in many domain name registries and registrars choosing not to publish or collect WHOIS out of fear that they will be subject to significant fines following actions brought against them by the European DPAs.’

On 27-28 March, G7 Ministers of Employment and Innovation met in Montreal to discuss how the new economy is impacting industries and workers, and what measures governments can take to  support their citizens in the new world of work. Ministers agreed that more efforts are needed to promote gender equality and women empowerment, including in the field of science, technology, engineering, and maths. They also discussed the importance of public-private cooperation in ensuring that the workforce can adapt and transition to the new economy, as well as of investing in digital literacy and designing appropriate social protection systems. The ministers established an Employment Task Force to provide recommendations on these and other issues, and launched a Future of Work Forum (hosted by the Organisation for Economic Co-operation and Development) to support the work of the task force. The impact of new digital technologies such as artificial intelligence (AI), robotics, and big data on society as a whole was also discussed, and ministers underlined the need for human-centric AI developments and for multistakeholder dialogue and cooperation on AI. They also decided to convene a multistakeholder conference on AI, to be held in Canada in the fall of 2018.

23 Mar

The Australian government has proposed a fee of 2-7 Australian dollars on the import of overseas packages, which would help cover the costs of screening the packages at the border. While this fee already applies to shipments of more than 1,000 Australian dollars, the new rules would make it possible to apply the fee to any imported package. eBay has criticised the proposal, claiming that it will ‘hit consumers hard and is not in the spirit of free trade.’ Yet, according to the proposal, existing arrangements to recover border and biosecurity costs ‘are no longer sustainable and will not support Australia’s future trading environment.’

 

The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top