AW: [governance] [] US, UK and Canada refuse to sign UN's internet treaty

Suresh Ramasubramanian suresh at hserus.net
Mon Dec 24 15:04:16 EST 2012 

Read mine and see :) - i have tried not to over focus on tech, and code is law isnt policy by a long chalk. Whatever the best practice though, it is only useful when translated from ppt and pdf to real world implementation 

As for itu, as you say, there's multiple different divisions across their organization that have a capacity building mandate. 

--srs (htc one x)


----- Reply message -----
From: "Roland Perry" <roland at internetpolicyagency.com>
To: <governance at lists.igcaucus.org>, "Suresh Ramasubramanian" <suresh at hserus.net>
Subject: AW: [governance] [] US, UK and Canada refuse to sign UN's internet treaty
Date: Mon, Dec 24, 2012 11:22 PM


In message <F86234F0-CEEC-41BB-B1A1-0672F30C4D6B at hserus.net>, at 
18:49:44 on Mon, 24 Dec 2012, Suresh Ramasubramanian <suresh at hserus.net> 
writes
>ITU or any other organization would do very well to move beyond 
>haggling over definitions here to fulfil their additional role of 
>capacity building in developing countries.

That's ITU-D, but there's also ITU-T (the bit that does telecoms 
standards).

>I've written papers for the OECD in 2005, the ITU in 2008 .. and 
>contributed to other best practices elsewhere.   These are typically 
>distilled from an industry (and individual experts from academia and 
>civil society) consensus that has been around for over a decade now. 
>Putting those into practice at an ISP and a national level would help 
>mitigate the issue.

A Best Practice of Best Practices. Could be a very useful document. 
Maybe CS should offer such a thing to the ITU.

>The usual problem is that those that adopt best practices [across 
>policy, regulation, technology, capacity building ..] aren't the 
>problem.

"Adopt" as in "put into practice" I assume.

>The problem is those that don't adopt the best practices for one reason 
>or the other,

What's needed is more "adopting" as in "stating the requirement and 
evangelising others to put it into practice".

Although part of the problem is that spam is a social issue that simply 
can't be completely solved by technical measures, and many Best 
Practices are very technology-heavy and sociology-light.

>and then develop an infestation of spam, malware, criminals or whatever 
>else that poses a threat to the entire world.

Having police and regulators the world over all treating the problem 
equally seriously would be a great help. So the Best Practice has to be 
something Law Enforcement can relate to, rather than Internet engineers.

>Despite the usual analogies about war, sun tzu maxims and such drawn 
>for security, I tend to prefer public health models, with the 
>difference that an undrained swamp (or an ISP that doesn't follow best 
>practices) is a threat to the overall health of other ISPs on the 
>internet, not limited to say ISPs it peers with (to sort of create an 
>analogy with neighborhoods on the fringes of the swamp).

I agree completely, that's a very useful analogy, and one that 
Governments are more likely to understand than worn-out complaints about 
spammers stealing all the bandwidth (which in the YouTube day and age is 
no longer credible). The bandwidth issue was, in the run-up to the 
Plenipot, the main reason why the ITU was being urged to take action.

And I've lost count of the number of meetings I've been to where spam 
hugely damages the reputation of the Internet Technical Community. 
Despite the latter tending to say "well, it's not really our problem", 
the inability to solve what the general public sees as a fairly simple 
issue, casts doubts in those observer's minds on the I* community's 
ability to solve what seem to be more complex problems.

Just to show things are interlinked, one of the accepted reasons for 
spam is to build botnets, which really can then be used to damage 
bandwidth (ie DDOS attacks). Part of the problem with publicised DDOS 
attacks (rather then the ones against corporates that they try to brush 
under the carpet) is they often seem to be politically motivated, rather 
than commercially.

>--srs (iPad)
>
>On 24-Dec-2012, at 18:15, Roland Perry <roland at internetpolicyagency.com> wrote:
>
>> In message <E1Tn4l3-00042C-T2 at frodo.hserus.net>, at 15:25:41 on Mon, 
>>24 Dec 2012, Suresh Ramasubramanian <suresh at hserus.net> writes
>>> Actually the focus in industry (maawg) and intergovernmental 
>>>(Apectel spsg, oecd) has been on criminal spam.. The same with other, 
>>>more closed / vetted groups
>> >Snowshoe spammers as well as poor best practices at more legitimate 
>> >>email marketers is getting less and less priority compared to 
>> >criminal >spam over the past few years
>>
>> Glad to hear it, and plenty of precedent for ITU to build upon. No 
>>need to invent new definitions.
>>
>> However, I cannot agree with their RESOLUTION 130 (Rev. Guadalajara, 
>>2010) characterising spam as "usually with the objective of marketing 
>>commercial products or services", *especially* if the definition of 
>>"commerce" has to be bent to include proceeds of crime.
>>
>> Apart from the fact that stealing money from my bank account isn't 
>>marketing a commercial product of service, but it also serves to 
>>unhelpfully blur the line between the 'genuine' clueless marketer and 
>>the person trying to sell me a fake Rolex or a share of the deceased 
>>ex-President's secret $20 million hoard.
>>
>> Today's scam was offering me a fake tax refund, but they spoilt it 
>>(not that it wasn't already painfully obvious) by sending me the email 
>>eight times.
>> --
>> Roland Perry
>
>____________________________________________________________
>You received this message as a subscriber on the list:
>     governance at lists.igcaucus.org
>To be removed from the list, visit:
>     http://www.igcaucus.org/unsubscribing
>
>For all other list information and functions, see:
>     http://lists.igcaucus.org/info/governance
>To edit your profile and to find the IGC's charter, see:
>     http://www.igcaucus.org/
>
>Translate this email: http://translate.google.com/translate_t

-- 
Roland Perry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20121225/4904d174/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list