[governance] Re: IG questions that are not ICANN [was: Irony]

William Drake drake at hei.unige.ch
Tue Dec 4 03:08:15 EST 2007


Hi,

On the ITU cybersecurity stuff:

On 12/4/07 7:16 AM, "Lee McKnight" <lmcknigh at syr.edu> wrote:

> For example, if big chunks of industry think the ITU's next generation
> networks standards will 'resolve' major parts of the cybersecurity
> puzzle, I would advise civil society to be paying attention to ITU too.

Yes, and the many many other standards bodies like ETSI that are populated
by the major telcos, manufacturers, and Verisigns of the world and have been
debating and building in security 'solutions' on lawful intercept and a
whole host of other issues.  It has always been difficult to direct
attention to any of this here due to the prevalence of a circa 1995 gestalt
that divides the world into "relevant" indigenous Internet bodies we know
and love (e.g. IETF) and "irrelevant" old paradigm bodies we don't know or
love that just do trivial things like organize the global telecom
environment, which of course has no bearing on the Internet (never mind
leased circuit regulation, interconnection rules, convergence, net
neutrality, etc), especially not in the US where full competition reigns and
telcos have no role in access, broadband, etc.

On 12/4/07 6:07 AM, "Milton L Mueller" <mueller at syr.edu> wrote:

> Bill:
> Why ask for a seat at the table of an inherently flawed policy process?
> ITU's approach is fatally top-down. Even if it (miraculously) gets adopted it
> won't have any effect on an Internet that operates on the basis of distributed
> decision making among private networks and users.

See above.  Re: flawed yes, but fatally---this obviously depends on the
issue, the industry players involved, their degree of consensus and support
for the approach taken and their ability to implement it, which with respect
to security I wouldn't make a sweeping statement about before actually
investigating.  When law enforcement, national security, and intelligence
agencies work with major telcos, manufacturers, applications providers etc
it seems odd to just assume this cannot matter at all. Lots of flawed policy
processes are nonetheless consequential, no?  Re: top down, ok if by this
you mean CS is excluded and a number of segments of relevant Internet
industries opt not to get involved.  But for those industry groupings that
opt to be involved, it is as bottom up as any other standards process.


On 12/4/07 1:08 AM, "Suresh Ramasubramanian" <suresh at hserus.net> wrote:
 
>> You will note that there is no designated role for civil society
>> organizations.  
> 
> Those two can cover quite a lot of civil society among them. And I have
> seen quite a few of the civil society people (especially privacy focused
> ones) - Gus Hosein, Rikke Jorgensen etc - at ITU conferences on
> cybersecurity in the past. That part at least is quite inclusive and broad
> based. 

I've spoken at a number of ITU events too, so what?  Means nothing, we're
invited as academic/individual experts at the pleasure of event organizers,
NOT as civil society that has a standing right to participate as in other UN
agencies.  The non-inclusion in the High-Level Experts Group and in the
security work more generally is a conscious choice made at the very same
time that ITU is nominally discussing the Swiss-Argentine proposal to let CS
in. This has been discussed here before a number of times over the years and
caucus members have agreed statements on it that were presented at ITU
meetings, etc.

Cheers,

Bill


____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance



More information about the Governance mailing list