[governance] [JNC - Forum] Report of the GCIG: The Great and the Good Do Internet Governance

Wed Jun 22 17:05:29 EDT 2016

I just finished a quick read of the GCIG Report and ho, hum… Much much more of what we already have seen in multiple other reports re: the wonders of the Internet, the risks of child porn, the dangers lurking from cybersecurity issues etc.etc.

Certainly some sections are consistent with, even in some cases offering unattributed renditions of various JNC (and associated authors’) writings. (I’m truly delighted to see my “ <https://gurstein.wordpress.com/2013/03/21/in-defense-of-multistakeholder-processes/> In Defense of Multistakeholder Processes” blogpost evidently (of course it could be coincidence) providing the basis for the Report’s “new model” of MSism … i.e. “a new model that embraces greater involvement of those whose lives are affected by decisions that govern their ability to use the network and to exercise their fundamental rights online” although (surprise, surprise) they missed the part where I talked about how MSism could enhance democratic processes.

But the most interesting element of the report is what isn’t discussed.  Nowhere is there a discussion of the basic social justice critique which is the way in which the Internet is contributing to the astonishing increases in economic inequality both within countries and between countries, nowhere is there any real discussion of cyber-surveillance as per what we have learned from Snowden, nor any significant attempt to address issues of asymmetries of power (and powerlessness) in an increasingly concentrated Internet ecology of dominant platforms, and most importantly nowhere is there any real discussion about what should be done about creating institutions/mechanisms for global Internet Governance (but wasn’t that the point of exercise?) beyond sweet and fuzzy notions of a “social compact”… . 

That is, the Report skates over all of the areas where there is the possibility of real contention and ends up giving us much more of the same old same old although to be fair (non)operationalizing the JNC/community informatics notion of the “Internet as a public good” through a Social Compact is a novel approach.

In the end it isn’t clear to me what exactly was the point of the exercise.

M

From: Forum [mailto:forum-bounces at justnetcoalition.org] On Behalf Of parminder
Sent: June 22, 2016 6:20 AM
To: forum at justnetcoalition.org
Subject: Re: [JNC - Forum] Report of the GCIG

It is my view, that these are just clever status quoist devices. They will say, a new social compact is required. But even World Economic Forum mouths such platitudes.  But how will this social compact be made and internationalised, is what really matters. And they would say nothing about it it.  Would it continue to be done through making 'high level' report after report like this one, populated and controlled by Northern powers, will it be made by having OECD do specialised Internet policy work, but not letting UN do it (almost all of global IG today, including this report, is aimed to stop any such thing). 

I find any such report as basically dishonest and deliberately deluding that mentions all the right analytical points, that you quote, in a somewhat weakened manner from the normal neutral discourse, and then when it is time to say what is be done, leave things unclear. Speaking about new global social compacts, while actively pushing away globally democratic possibility (if you dont like the UN, come up with something else but which is democratic and treats everyone equally) and promoting non democratic forms like the OECD. See  how many times OECD's work is quoted in the report - which is devoted to making a global Internet order as per the interests of the dominant North, while at the global level, the recommendation is clearly for no specific institutions devoted to Internet policy work... How did they reach this conclusion? Why then does OECD have such a devoted body for Internet policy, whose work they actually quote and promote. Nothing could be as shamelessly hegemonic. No, we do not need their versions of social compact, and not even their weakened analyses, which present half-truths to build credibility and then end up just promoting the status quo..

parminder 

On Wednesday 22 June 2016 06:27 PM, Richard Hill wrote:

The Global Commission on Internet Governance has released its report, see:

  http://ourinternet.org/report  

Given that the chairman of the commission was Karl Bildt and that some of
the members are staunch proponents of the status quo, I was expecting that
the report would do little more that say that everything is fine.

But that is not the case. In many respects, the report is consistent with
the positions taken by the Just Net Coalition.

I reproduce below some portions that I found worth singling out.  There are
no page numbers in the report, so I could not include page references.

Best,
Richard

=======================

CORE ELEMENTS OF A SOCIAL COMPACT FOR A DIGITAL SOCIETY

There must be a mutual understanding between citizens and their state that
the state takes responsibility to keep its citizens safe and secure under
the law while, in turn, citizens agree to empower the authorities to carry
out that mission, under a clear, accessible legal framework that includes
sufficient safeguards and checks and balances against abuses. Business must
be assured that the state respects the confidentiality of its data and they
must, in turn, provide their customers the assurance that their data is not
misused. There is an urgent need to achieve consensus on a social compact
for the digital age in all countries. Just how urgent is shown by current
levels of concern over allegations of intrusive state-sponsored activities
ranging from weakening of encryption to large-scale criminal activity to
digital surveillance to misuse of personal data, and even to damaging cyber
attacks and disruption.

Governments should not create or require third parties to build back doors
or compromise encryption standards, as these efforts would weaken the
Internet and fundamentally undermine trust. Efforts by the technical
community to incorporate privacy-and-security-enhancing solutions into all
standards and protocols of the Internet should be encouraged.

The Commission urges member states of the United Nations to agree not to use
cyber technology to attack the core infrastructure of the Internet.

Governments seeking a peaceful and sustainable Internet should adopt and
respect norms that help to reduce the incentive for states to use cyber
weapons. Governments should agree on infrastructure assets and services that
must not be targeted by cyber attacks.  

Businesses should purchase cyber insurance to cover the liability costs of
breaches of their systems. Cyber liability insurance vendors can be
persuasive in promoting best practices in the corporate sector. Cyber
premiums should be higher if best practices are not followed. Insurers need
to have better data to appropriately identify and price cyber risk and to
develop appropriate products. Government regulations should require routine,
transparent reporting of technological problems to provide the data required
for a transparent market-based cyber-insurance industry.

There is a need to reverse the erosion of trust in the Internet brought
about by indiscriminate and non-transparent private practices such as the
collection, integration and analysis of vast amounts of private information
about individuals, companies and organizations. Private surveillance based
on "big data" is often conducted under the guise of a free service. ...

Users should not be excluded from the use of software or services that allow
them to participate in the information age, and they should be offered the
option of purchasing a service without having to agree to give the provider
access to their personal information. International rules are also required
to ensure that the holders of large repositories of data are transparent
about how they collect, use and share user-generated data.

Interception of communications, collection, analysis and use of data over
the Internet by law enforcement and government intelligence agencies should
be for purposes that are openly specified in advance, authorized by law
(including international human rights law) and consistent with the
principles of necessity and proportionality.

... governments should use competition as a tool to expand Internet access
facilities to the maximum extent possible, while investing to ensure
availability when market forces prove insufficient.

The disruption to traditional jobs and skill requirements can create
economic hardship and civil discontent. Rather than attempting to preserve
old jobs by stifling innovation, governments should help workers adapt to
the new economic reality via skills training and educational programs.

The Internet has indeed reached a crossroads. Choices need to be made - and
making no choice is itself a choice. It is all about who should have what
power to control the future of the Internet.

Our advice is based on the belief that only a normative approach can address
the myriad challenges facing Internet governance. We call on governments,
private corporations, civil society, the technical community and individuals
together to create a new social compact for the digital age.

There is a growing concern about the market power and data collection
capabilities and practices of the large Internet platform companies as well
as other private data intermediaries.

The failure to incorporate security as an essential design feature by
vendors and larger customers of the IoT raises concerns that its explosive
growth could result in the "weaponization of everything."

Legal thresholds for lawfully authorized access to communications data must
be redefined to ensure that the aggregated collection of metadata - such as
an individual's full browsing history - are treated with the same respect
for privacy as access to the actual content of a communication, and should
only be made under judicial authority. In all cases, the principles of
necessity and proportionality must be applied.

Governments should not compromise or require third parties to weaken or
compromise encryption standards, for example, through hidden "backdoors"
into the technology as such efforts would weaken the overall security of
digital data flows and transactions.

Individual users of paid or so-called "free services" provided on the
Internet should know about and have some choice over the full range of ways
in which their data will be deployed for commercial purposes. They should
not be excluded from the use of software or services customary for
participation in the information age, and should be offered the option of
purchasing the service without having to agree to give the provider access
to their personal information. Terms of use agreements should be written in
a clear and accessible manner and should not be subject to change without
the user's consent. Businesses should demonstrate accountability and provide
redress in the case of a security breach or a breach of contract.

To assure the public that their data is being appropriately protected,
states that do not already have comprehensive personal data protection
legislation and a privacy enforcement authority with legal enforcement
powers should take steps to create such regimes.

Governments should initiate efforts to develop international consensus on
norms about how to deal with cases where the goal of protecting data comes
into conflict with the requirements of law enforcement or security agencies
to investigate terrorist activity or attacks in an emergency situation. At a
minimum, any solutions should be derived through a multi-stakeholder
process, broadly agreed, and must be subject to legal oversight, governed by
principles of necessity, proportionality and avoidance of unintended
consequences.

Businesses should purchase cyber insurance to cover the liability costs of
successful breaches of their systems.

The market for cyber insurance is immature in comparison to the seriousness
of the threats, and the capital available to the industry is currently
inadequate to underwrite the full risk. Pricing the risk is difficult in the
absence of reliable time series data, making it difficult for insurers to
put a reliable figure on the likely losses from breaches.

More research is urgently needed to support greater accuracy when pricing
risk.

To assist the public to understand and practice the essentials of cyber
hygiene, governments should undertake significant campaigns to raise
awareness and develop the needed skills. Cyber-security awareness programs
should start early, for example, by incorporating cyber hygiene into primary
and secondary education curriculums.

Consistent with the recognition that parts of the Internet constitute a
global public good, the commission urges member states of the United Nations
to agree not to use cyber weapons against core infrastructure of the
Internet.

The disruptions resulting from the rapid spread of the sharing economy are
already being felt.

All levels of government (national, subnational, local), industry, civil
society and the technical community, need to be engaged on the new
regulatory challenges posed by the sharing economy.

_______________________________________________
Forum mailing list
Forum at justnetcoalition.org <mailto:Forum at justnetcoalition.org> 
http://mail.justnetcoalition.org/listinfo/forum

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20160622/4a64ad28/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t