Updates

Qrius reports that on June 5, Egypt’s parliament passed a cybercrime law that establishes regulations that will impose restrictions on social media and other online content, with implications for web censorship and freedom of expression. The law has been under discussion for some time, as authorities seek to stop 'terrorist and extremist ideologies'. According to Global Voices, the law 'gives investigative authorities the right to “order the censorship of websites” whenever a site hosts content that “poses a threat to national security or compromises national security or the national economy”.

At the G7 Summit held in early June in Charlevoix, Canada, G7 leaders endorsed a 'Common vision for the future of artificial intelligence (AI)', recognising, among others, that 'a human-centric approach to AI has the potential to introduce new sources of economic growth, bring significant benefits to our societies and help address some of our most pressing challenges'. The vision outlines several commitments that G7 leaders take, such as (1) promoting human-centric AI and advancing appropriate technical, ethical and technologically neutral approaches; (2) fostering investment in research and development in AI that generates public trust; (3) supporting lifelong learning, education, training and reskilling; (4) promoting active labour market policies, workforce development, and reskilling programmes; (5) facilitating multistakeholder dialogue on how to advance AI to increase trust and adoption; (6) encouraging initiatives to improve digital security in AI and developing technologies; and (7) ensuring AI design and implementation respect privacy and data protection frameworks.

According to a Washington Post report, Chinese government hackers have targeted a Naval Undersea Warfare Center in January and February, stealing 614 gigabytes of data. The stolen materials are related to undersea warfare, including information about missile project Sea Dragon, signals and sensor data, submarine radio room information relating to cryptographic systems, and the Navy submarine development unit’s electronic warfare library. Citing unnamed US officials, Washington Post reported that when aggregated, the stolen materials could be considered classified.
 

In a blog post published by CEO Sundar Pichai, Google described a series of principles which are to guide the company's work on artificial intelligence (AI). In his presentation of the principles, Pichai noted that they 'are not theoretical concepts', but 'concrete standards that will actively govern [the company's] research and product development and will impact [its] business decisions'. In Google's vision, AI should: (1) be socially beneficial; (2) avoid creating or reinforcing unfair bias; (3) be built and tested for safety; (4) be accountable to people; (5) incorporate privacy design principles; (6) uphold high standards of scientific excellence; and (7) be made available for uses that accord with these principles. The company also commits not to design or deploy AI in the following areas: technologies that cause or are likely to cause harm; weapons or other technologies whose principal purpose or implementation is to cause or indirectly facilitate injury to people; technologies that gather or use information for surveillance violating internationally accepted norms; and technologies whose purpose contravenes widely accepted principles of international law and human rights. The announcement of these principles comes in the context of Google employees protesting over the company's partnership with the US Department of Defense on using AI to analyse drone footage. With some of the employees resigning as a sign of protest, Google has reportedly committed not to renew the contract upon its expiration in 2019.​

In a Notice of inquiry on International Internet Policy Priorities, published in the US Federal Registry on 5 June 2018, the US National Telecommunications and Information Administration (NTIA) invites public comment on four broad digital policy issues. Under the heading 'The free flow of information and jurisdiction', the NTIA inquires about the main challenges to the free flow of information and freedom of expression online, and the role of stakeholders (including the NTIA) in ensuring free expression online. Under 'Privacy and Security', the public is invited to indicate ways in which cybersecurity threats are harming international commerce and to suggest the international venues that are the most appropriate for addressing online privacy issues. A section on the 'Emerging Technologies and Trends' asks which emerging technologies should be in focus in international policy discussions, and where they should be discussed. The section that seems to have attracted the most attention is entitled 'Multistakeholder Approach to Internet Governance', and tackles issues related to the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Governance Forum (IGF). On the one hand, the NTIA asks the public whether (and why) the Internet Assigned Names Authority (IANA) stewardship transition should be unwound. On the other hand, suggestions are sought on how to lower the barriers to engagement at the IGF and how the IGF can be improved.

The government of Cambodia has issued a prakas (regulation) 'to prevent ... the spreading of information – whether in the form of text, voice, picture, video or other media – that would cause chaos and threaten national security and defence, harm relations with other countries, the national economy, public order, and discriminate against the cultural integrity of the country', according to The Phnom Penh Post's Government Beefs up Internet Surveillance. According to a government official cited in the Southeast Asia Globe, the degree was not a crackdown, nor had anything to do with the upcoming elections. However, Free Malaysia Today called it 'the government’s latest move to control information ahead of a general election in July'. Staff from three government ministries would monitor content, and ISPs will also be required to filter or block any content that violates the law.

Despite industry objections, a strict net neutrality bill is getting close to becoming law in California, USA. In a 23-12 vote, the California State Senate approved the bill that will impose net neutrality rules considered as tougher than the 2015 order of Federal Communications Commission (FCC). Besides basic rules on blocking, throttling, and paid prioritisation, the bill would ban paid zero-rating arrangements in which Internet access providers charge online services for data cap exemptions. Senator Scott Wiener, the bill sponsor, said in an announcement after the vote: ‘I want to thank the enormous grassroots coalition that is fighting tooth and nail to help pass SB 822 and protect a free and open Internet. We have a lot more work to get this bill through the Assembly, but this is a major win in our fight to reinstate net neutrality in California.’ Now the bill goes to the State Assembly.

The government of Papua New Guinea has decided to block Facebook for one month in an effort to counter ‘fake users’ and study the social effects of the social media platform. During the month, researchers will identify and remove users behind fake accounts and those posting pornographic images or misleading information. According to communication minister Sam Basil, ‘This will allow genuine people with real identities to use the social network responsibly’. The government estimates that 600-700,000 citizens use Facebook, which is less than one-tenth of the country’s population. The measure has drawn criticism, one member of the opposition claiming that ‘the government’s intent is to prosecute those that have been aggressively critical of their policies and be able to monitor and establish who are those that are driving this public discontent.’

Microsoft announced its intention to extend the rights granted by the Europe’s General Data Protection Regulation to all their users worldwide. This includes the right to know what data the company collects on its users and the ability to correct or delete that data, as well as to take it to another service provider.  Julie Brill, corporate vice president and deputy general counsel for Privacy and Regulatory Affairs at Microsoft, said ‘At Microsoft, we believe privacy is a fundamental human right. … Privacy is also the foundation for trust. We know that people will only use technology that they trust. Ultimately, trust is created when people are confident that their personal data is safe and they have a clear understanding of how and why it is used. This means companies like ours have a huge responsibility to safeguard the privacy of the personal data collected and the data managed for commercial customers.’ At the Microsoft website there is a dedicated page providing information on compliance, how its products help users comply with the GDPR, as well as resources such are webinars, videos, white papers, and FAQ about the regulation itself. As the media notes despite Microsoft’s extension of the privacy rules, there is not a law to enforce it globally, therefore no one outside the European Union will be able to file an official complaint based on DGPR, not will Microsoft be required to pay fines for not following the law outside the EU.

[Update] The Regional Court in Bonn dismised the case, opining that the collection and storage of the data of the administrative and technical contacts for a domain name was not necessary, and that the collection of personal data of the domain name registrant was sufficient for purposes related to safeguarding against misuse of domain names​.

The Internet Corporation for Assigned Names and Numbers (ICANN) has filed a legal action against Germany-based domain name registrar EPAG, over the registrar's decision to stop collecting administrative and technical contact information when domain names are registered. While EPAG – an ICANN accredited registrar – is of the view that its decision is in line with the EU General Data Protection Regulation (GDPR), ICANN argues that the registrar is breaching its contract by not complying with the requirement to continue to collect WHOIS data. The ICANN Board has recently adopted a Temporary Specification regarding the collection and publication of WHOIS data, which the organisation believes to be compliant with the GDPR. Through this filling against EPAG, ICANN is seeking 'a court ruling to ensure the continued collection of WHOIS data, so that such data remains available to third parties demonstrating'. The organisation also noted that it 'does not seek to require its contracted parties to violate the law', but that it has filed the lawsuit to seek clarification on the different interpretations of GDPR provisions.