Year Ahead: Internet Governance After Snowden: Cacophony Of Conferences

Those interested in internet governance will have to put some money aside for 2014: rarely have there been so many conferences to talk about how to manage core internet resources and develop the common rules to govern more general aspects of global net communication.

What for some is their Future Internet High-level Strategy Panel and “1net”, for others is their “Ournet” and the “Global Internet Governance Commission.” Fragmentation is seen as a growing risk following the revelations of former US National Security Agency (NSA) employee Edward Snowden who allowed netizens all over the world to peep into a system of pervasive monitoring enabled by the always-on version of life. Asking experts what results they expect from all the talk, many hesitate. But one thing they agree, the talk about Snowdonia will not go away.

The World Economic Forum in Davos, Switzerland, this year warned in its report, Global Risks 2014, that balkanization of the net is a risk following the continuous stream of revelations about the US NSA’s tapping, reroutes and other manipulations of data traffic flows. “Digital disintegration” was named by the WEF experts as one of three focussed risks, beside instabilities in a multi-polar world and “generation lost” – the problem of youth unemployment.

Lost Trust

“There are already signs that revelations about the role of national security organizations have exacerbated risks of fragmentation of the Internet, which could lead to an overall erosion of factors that led cyberspace to be so transformational in the first place,” the risk report reads. As interests between stakeholders (and countries) are diverging ever more, there is for example the growing danger of “strong national boundaries”.

With NSA revelations ongoing, the WEF report points to the United States and its leveraging of US-based technology and telecommunications companies as part of its surveillance efforts, in addition to China’s walled gardens, as examples of the trend.

“As nations are increasingly distrustful of the US government not to look at their data if it is stored in or transits that nation, they are more likely to follow the lead of Brazil or the EU to consider erecting laws to ensure that data on their citizens does not leave their own jurisdictions,” the report noted. “Concerns about the US hosting ICANN, the main governance body for the Internet, could further fuel a Balkanization of the Internet.” ICANN is the Internet Corporation for Assigned Names and Numbers, the internet domain name technical oversight body.

The Brazil Reaction

A special conference will be held, initiated by Brazilian President Dilma Rousseff jointly with ICANN President and CEO Fadi Chehade. Rousseff, in an angry speech after revelations that she and Brazilian companies had been targets of NSA activities, called on the UN to engage in a discussion about the internet. Chehade went on the offensive in joining the call to review internet governance, too. The resulting 23-24 April Sao Paulo Conference is seen by many as one of the highlights of the year.

“We got an impressive number of requests from governments on the conference,” confirms Virgílio Fernandes Almeida, designated chair for the conference. The US, criticised by Rousseff in her UN speech, also signalled they would participate. Snowden’s revelations triggered the conference, Almeida acknowledged, and the organisers hope for two main outcomes: “a set of internet governance principles, accepted by the participants” and an understanding of “what actions must be taken to create a governance model that is aligned with this multi-stakeholder view.”

Almeida, who also heads the Brazilian Internet Steering Committee and is a member of ICANN’s high level strategy group on the future of internet governance, is eager to deflect earlier suspicions the conference is about a “multilateral” answer with regard to internet governance. At minimum, it would be success if there was a “recognition of the multi-stakeholder model,” Almeida said.

At the same time, the talks will touch not only on the more narrow internet resource management – the ICANN turf -, but also privacy, freedom of expression, freedom of information. In the end, internet governance is, Almeida said, what is “allowed and forbidden, accepted and not accepted on the internet.”

Highly Symbolic: the US and the Root Zone

The rushed preparations for Sao Paulo have spurred discussions about one long-standing issue, the question of US oversight over ICANN and the domain name system root server. A would-be showstopper to the World Summit of the Information Summit (WSIS) – the grip of the US government on the bodies in charge of caretaking a universal naming and addressing system for the internet – has since changed bit by bit. ICANN, meanwhile, is overseen by more inclusive review teams.

The US administration so far has held on to the oversight of new additions or changes to the central root zone of the internet. Some of the principles discussed at Sao Paulo will be related to legitimacy, Almeida said. Talks can be expected on the root zone as one part of the internet governance system, and possibly also on “the position of ICANN as a private entity under California law.”

Debates carried out on public mailing lists peaked in December and January and resulted in fervent discussions over the questions of should ICANN dissolve and/or re-establish in a different jurisdiction, and whether the root-zone should get diplomatic status. (For instance, see a paper by the Diplo Foundation on the issue here.)

Another unresolved question is who will represent whom in the multi-stakeholder organized new oversight. The fight of civil society groups about representation in the various bodies preparing the Sao Paulo meeting illustrates the problem, if only from the side of activists and user representatives.

Filling the Void of the Internet Governance Forum

Sao Paulo seems to fill a void left by the Internet Governance Forum (IGF) established by the UN member states at the 2003-2005 UN-led WSIS. Pushed for years to address internet governance issues in more practical terms and make at least some joint recommendations, the forum has been kept a content-rich, but also all too friendly discussion environment.

During 2013, the funding situation improved a bit, Chengetai Masango, IGF programme and technology manager, wrote in an answer to Intellectual Property Watch. There were some new donors (including the US for example), and some regular donors pledged to increase contributions or add initiatives (for example Internet Society and Google).

The funds will now allow hiring the much needed additional staff, but it was still “nowhere near enough to fulfil all objectives” set for the IGF. The UN secretariat under whose auspices the forum was set up has not even found a new special advisor on internet governance or, for that matter, an executive secretary for the IGF secretariat in Geneva.

The recently renewed 55-person Multi-Stakeholder Advisory Group (MAG), which is shouldering a lot of the annual IGF preparations for the UN for free, elected an interim chair last year, but now is discussing how to call on the UN to step up to its task (a call to MAG members by Google policy expert Patrick Ryan is here).

Given that venues to talk about internet governance are mushrooming, 2014 could be a decisive year for the IGF.

The UN has to decide on another extension of the five-year mandate beyond its 10^th meeting in 2015. If it really wants to keep the forum alive and relevant, it has to make sure that it can compete with the other venues, with the ICANN-selected High-Level Strategy Panel on the future of Internet Governance (chaired by Estonian President Thomas Ilves and internet “father” Vint Cerf, and the new Global Commission on Internet Governance (chaired by Swedish President Carl Bildt) only the most recent additions.

UN Must Make Up Its Mind

“What do we do with the IGF? What about the action lines of the WSIS process and the WSIS plus 10 review? The UN members have to make up their mind on all these,” said Frederic Riehl, international director at the Swiss Office of Communication (OFCOM). The Swiss diplomat whose agency represents Switzerland at the International Telecommunication Union (ITU) and other UN venues as well as in the ICANN Governmental Advisory Committee (GAC) looks at the 2014 internet governance calendar shaking his head.

Alongside the regular work of ICANN, which is rolling out hundreds of new top-level domains like .sexy, .democrat or .我爱你 (Chinese for “I love you”) potentially changing the face of the net, see here, there are the various UN processes and conferences that have to be followed.

There is the Working Group on Enhanced Cooperation, the WSIS follow-up, now being tackled by a small group at the UN headquarters in New York after a failed attempt at having a WSIS High-Level event alongside the ITU World Telecom Development Conference in Dubai set for 30 March to 10 April.   

Rescheduling such an event at the end of the packed year was difficult, Riehl said. The postponement resulted from the UN General Assembly so far not bestowing ITU with the mandate to go ahead with the overall review process. Should another full UN summit be held after ten years or would a mere reporting event do it, is a question. Russia would like to invite member states to a Sochi WSIS 2015 (to fill the newly constructed Olympic facilities). But governments are far from agreement on that, Riehl said.

Treaty Conference on Future ITU Agenda

More turf wars with regard to internet governance could be staged at the one network-related treaty conference, the ITU Plenipotentiary in Busan, in Korea (11 October – 7 November). http://www.itu.int/en/plenipotentiary/2014/Pages/default.aspx The Plenipotentiary, which is set to decide on the agenda for the coming four-year legislature, will likely also see some Snowden fall-out, Tomas Lamanauskas, head of the Corporate Strategy Division at ITU, told Intellectual Property Watch.

While the month-long mega-conference deals with many issues, including the election of a new secretary general to follow Hamadoun Touré, Snowden revelations could fuel cybersecurity discussions, and result in yet another push for a treaty or framework, a contentious topic among member states.

Lamanauskas underlines that cybersecurity, like internet governance, is “multi-faceted.” Internet governance is not just resource management at ICANN, but a much broader topic including issues like privacy and freedom of expression, In the same way, on the net there are a number of facets of cybersecurity: the protection of the basic infrastructure, cyberwar and cyberpeace, cybercrime and network hygiene.

The ITU mandate covers the more technical and infrastructure related elements: cyber drills, cyber training and Computer Emergency Response Team (Certs) building, he said, especially for developing countries, also pointing to around 70 cyber security standards and the plan for a global Cybersecurity Index. Certainly, Lamanauskas underlined that the main challenge for the ITU is connecting the 4.4 billion unconnected to the net.

That is in line with what the US administration wants from the ITU. The US would “greatly prefer a conference where the ITU works within its mandate,” Daniel Sepulveda clarified in his internet governance outlook for the year. Within the mandate, according to the US diplomat, is “help nations put policies and programs in place to support the buildout of broadband networks”, “advise and consult with nations on proper procedures to respond to natural disasters,” and to give guidance on analog to digital transitions and spectrum reorganisation.

While the US would be proactive in that regard, it is opposed to “new centrally imposed regulations,” Sepulveda declared, adding, “Any attempt to use the ITU to revive proposals to resolve questions of Internet governance that are better dealt with in multi-stakeholder settings raises the possibility of divisive outcomes.”

A lot will depend on who puts on the shoes of Touré, and speculation has started to grow as to why so far no country put has put in a bid against the only candidate who started campaigning: Touré’s Deputy Houlin Zhao of China. With every region promoting at least one candidate for deputy, one wonders if countries consider a mere watchdog behind the top official enough for the organisation. ITU election information is here.

More bids can come in as late as 22 September, even if a last-minute nomination could be too short to receive the necessary attention. The ITU seems to draw tough attention despite some cautious steps to consult all stakeholders on major issues. A consultation on the Strategic Plan for the Union (to be decided in Busan) for example had only drawn 19 comments.

Results from Internet Governance Hype?

The multitude of processes and events related to internet governance in 2014 might result in a need for stakeholders to make choices – only few will be able “to man” every internet governance-labelled processes. Moreover, in addition to the well-known venues there are new ones driving the post-Snowden internet governance discussion, said Nick Ashton-Hart, senior representative for the Computer and Communications Industry Association in Geneva.

For example, the UN Educational, Scientific and Cultural Organisation (UNESCO) started a discussion on privacy, and the Human Rights Council has a new work programme on internet and data protection. The respective meetings possibly will not attract the already overwhelmed internet governance organisations or industry representatives.

“So far internet governance was the problem of a relatively small group of experts,” Ashton-Hart said. “Now it is a heads of state level issue.” It was a “paradigm shift” that will change the influence of the various venues, he said, and the internet community will have to catch up with the emerging new landscape.

The tech industry expert said he favours a change in focus, away from a change in resource management to the consideration of mutual legal assistance treaties (or protections in trade agreements) that would address an underlying problem of extraterritoriality. One significant concern of industry is that the number of new national legislative proposals that seek to address governance issues after Snowden once more is high.

Yet localization or special routing obligations, for example, would not automatically make communication safer, and a single US employee in a company would be enough to undermine some efforts. What is acceptable has to be agreed upon multilaterally, Ashton said, even if he accepts, that, for example, data storage in neutral and more data protection friendly Switzerland has gone up massively over the course of the last year.

Whether the heightened interest in broader internet governance rules will result in better international, multilaterally agreed protection for the citizens everywhere, is doubtful. One thing is certain though: Even if the community sees the revelations come to an end (and that is doubtful, too), “it is hard to see the discussion about Snowden ending.”

For timelines and information on Internet Governance related meetings, see the pages of the Internet Society.

Best Bits Background Papers here.

For most recent Snowden TV-Interview, see here.