[vc_row][vc_column][vc_single_image image=”103677″ img_size=”full”][vc_column_text]This year’s UK-Internet Governance Forum meeting is being held at the Cavendish Conference Centre in London and will focus on Solutions for The Digital Age.
We are delighted to announce guests speakers including Tech UK, Privacy International, Chatham House and Kari Lawler, one of the UK’s youngest female tech entrepreneurs, as well as a key note address from the Department of Digital, Culture, Media and Sport.
Ansgar Koene, Senior Research Fellow, Horizon Digital Economy Research Institute, University of Nottingham
An explainer session on how algorithms work and what the implications in terms of how we access information.
12:00 -13:00 Lunch
13:00 – 13:45 GDPR 6 months on – Lessons learnt
This session will review how the industry and consumers have reacted to the introduction of the GDPR 6 months on.
Neil Thacker, Chief Information Security Officer of EMEA, Netskope
Rosalind Goodfellow, Domestic Data Protection Team, DCMS
13:45 – 14:30 Personal data – What is personal?
In the shadow of high-profile stories such as Cambridge Analytica this session will discuss the ethics of selling personal data to third parties and using personal data or non-PII for targeted promoted content. It will also discuss whether the GDPR definition of personal data too restrictive for businesses to thrive.
Ailidh Callander, Legal Officer, Privacy International
Jamie Bartlett, Demos
14:30 – 14:50 Afternoon break
14:50 – 15:20 Key note speech from the Department for Digital, Culture, Media and Sport
15:20 – 16:30 Cybersecurity and the Internet of Things – ‘Security by Design’
An ‘in conversation with’ session on ‘security by design’ on how the UK can protect against Internet of Things devices and lessons learnt across the globe.
Olaf Kolkman, Chief Internet Technology Officer, The Internet Society (Chair)
Talal Rajab, Head of Programme – Cyber and National Security, Tech UK
Stephen Pattison, Vice President of Public Affairs, ARM
Eva Blum-Dumontet, Privacy Research Officer, Privacy International
Matthew Shears, Director of Cyber, Global Partners Digital and Board Member, ICANN
Joyce Hakmeh, Cyber Research Fellow, Chatham House
16:30 – 17:00 Sum up and wrap up by Olivier Crepin-Leblond, UK Chair, Internet Society
IGF 2013 was in Indonesia. This time Turkey plays host.
This year’s Internet Governance Forum (IGF) — a high-profile, United Nations-mandated annual conference on issues surrounding governance of the internet — is taking place in Istanbul, Turkey. But Yaman Akdeniz and Kerem Altiparmak, two renowned Turkish internet rights advocates, are boycotting it. Here they explain why.
Between May 2007 and July 2014 Turkey blocked access to approximately 48,000 websites subject to its controversial Internet Law No 5651. Although the law is ostensibly aimed to protect children from harmful content, from the very beginning it has been used to prevent adults’ access to information. In February amendments made to the legislation extended blocking provisions to include URL-based blocking of internet content. The same amendments compelled all internet service providers (ISPs) to be part of an association for access providers to centrally enforce blocking orders within four hours of receipt. It also introduced one-to-two-year data retention requirements for hosting companies and all ISPs. Furthermore, subject to new provisions, ISPs are required to take all necessary measures to block alternative access means such as proxy websites and other circumvention services including, possibly, VPN services. The amended version of the law also shields staff from the Presidency of Telecommunications and Communication (TIB) from prosecution if they commit crimes in their work for the telecoms authority.
In March access to both Twitter and YouTube was blocked arbitrarily and unlawfully by the TIB. With both blocking orders the government aimed to prevent the circulation of graft allegations ahead of local elections to be held on 30 March. During the blocking period, the authorities also ordered major ISPs to hijack Google and OpenDNS’s DNS servers, tampering with the DNS system to surveil communications, as well as to prevent users from circumventing blocking orders. Turkey’s constitutional court stated that the blocking of Twitter by TIB constituted a grave intervention on the freedom of expression of all Twitter users. Furthermore, in a 14-2 majority judgment, the court decided that the YouTube ban infringed on freedom of expression protected by the constitution.
However, despite these strong rulings, Twitter decided to implement its country withheld content policy for Turkey and started to block access to certain Turkish accounts and individual tweets. It was reported in June that Twitter complied with 44 out of 51 court decisions since they visited Ankara on 14 April, and the US-based social media platform continues to aid and assist Turkish authorities in censoring political content.
Facebook has also banned the pages of a number of alternative news sources, including Yüksekova Haber (Yuksekova News), Ötekilerin Postası (The Others’ Post), Yeni Özgür Politika (New Free Policy), Kürdi Müzik (Kurdish Music), and other groups related to Kurdish movements. The site has also been criticised for removing several pages related to the Peace and Democracy Party (BDP). Regardless of the above-mentioned constitutional court decisions, access to popular platforms such as Scribd, Last.fm, Metacafe, and Soundcloud is currently blocked from Turkey. Access to WordPress, DailyMotion, Vimeo and Google+ has in the past year been blocked temporarily by court or administrative orders. A number of alternative news websites that report on Kurdish issues, including Firat News, Azadiya Welat, Dengemed and Keditor, remain indefinitely blocked. In total it is estimated that 200 websites are banned indefinitely for their pro-Kurdish or left wing content.
Over the past year, many people have received suspended sentences and fines for their social media activity, usually on charges related to terrorism, blasphemy, or criticism of the state and its officials. In the crackdown following the Gezi Park protests of June 2013, dozens of people were detained over their social media posts. Criminal investigations and prosecutions were initiated subject to Articles 214 and 217 of the Turkish criminal code concerning incitement to commit a crime and disobey the law, as well as miscellaneous provisions of Law No 2911, on demonstrations and public meetings. In September 2013, pianist and composer Fazil Say was given a suspended sentence of 10 months and court supervision for insulting religious values in a series of tweets. Such criminal investigations and prosecutions have a chilling effect on all social media platform users.
In addition to widespread blocking of websites and content as well as criminal investigations and prosecutions to silence political speech, the Turkish authorities are also building surveillance infrastructure, which includes the deployment of deep packet inspection systems to monitor all forms of communications unlawfully.
Therefore, we have decided to boycott IGF 2014 hosted by Ministry of Transport, Maritime and Communications and coordinated by the Information and Technologies Authority. We also confirm that we will not be taking part in the IGF.
Yaman Akdeniz & Kerem Altiparmak
This edited version of the statement has been republished with permission from the authors. You can find the original and fully referenced statement here.
We can partially blame gerrymandering for the current gridlock in the U.S. Congress. By shaping the electoral map to create politically safe spaces, we have generated a fractious body that often clashes rather than collaborates, limiting our chances of resolving the country’s toughest challenges. Unfortunately, revelations about the global reach of American security surveillance programs under the National Security Agency (NSA) are leading some to propose what amounts to gerrymandering for the internet in order to route around NSA spying. This will shackle the internet, inherently change its technical infrastructure, throttle innovation, and likely lead to far more dangerous privacy violations around the globe.
Nations are rightly upset that the communications of their citizens are swept up in the National Security Agency’s pervasive surveillance dragnet. There is no question the United States has overreached and violated human rights in its collection of communications information on innocent people around the globe; however, the solution to this problem should not, and truly cannot, be data localization mandates that restrict data storage and flow.
The calls for greater localization of data are not new, but the recent efforts of Brazil’s President, Dilma Rouseff, to protect Brazilians from NSA spying reflected the view of many countries suddenly faced with a new threat to the privacy of the communications of their citizens. Rouseff has been an advocate for internet freedom, so undoubtedly her proposal is well intentioned, though the potential unintended repercussions are alarming.
First, it’s important to consider the technical reasons why data location requirements are a really bad idea. The Internet developed in a widely organic manner, creating a network that allowed data to flow from all corners of the world – regardless of political boundaries, residing everywhere and nowhere at the same time. This has helped increase the resilience of the internet and it has promoted significant efficiencies in data flow. As is, the network routes around damage, and data can be wherever it best makes sense and take an optimal route for delivery.
Data localization mandates would turn the internet on its head. Instead of a unified internet, we would have a fractured internet that may or may not work seamlessly. We would instead see districts of communications that cater to specific needs and interests – essentially we would see Internet gerrymandering at its finest. Countries and regions would develop localized regulations and rules for the internet to benefit them in theory, and would certainly aim to disadvantage competitors. The potential for serious winners and losers is huge. Certainly the hope for an internet that promotes global equality would be lost.
Data localization may only be a first step. Countries seeking to keep data out of the United States or that want to exert more control over the internet may also mandate restrictions on how data flows and how it is routed. This is not far-fetched. Countries such as Russia, the United Arab Emirates, and China have already proposed this at last year’s World Conference on International Telecommunications.
As internet traffic begins to demand more bandwidth, especially as we witness more real-time multimedia applications, efficient routing is essential to advance new internet services. High capacity applications like Apple’s FaceTime may slow to the painful crawl reminiscent of the dial-up days of the internet.
This only begins to illustrate the challenges internet innovators would face, but big established players like Facebook, Google and Microsoft, would potentially have the resources to abide by localization mandates – of course, only if the business case supports working in particular locales. Some countries with local storage rules may be bypassed altogether. For small or emerging businesses, data localization requirements would be a greater challenge. It would build barriers to markets and shut off channels for innovation. Few emerging businesses could afford to locate servers in every new market, and if local data server requirements become ubiquitous, it will be businesses in emerging markets that are most disadvantaged. The reality for developing nations is that protectionist measures such as data localization will further isolate local business from the global market, depriving them of the advantages for growth that are provided by the borderless internet.
Most important though, is the potential for fundamental harm to human rights due to data localization mandates. We recognize that this is a difficult argument to accept in the wake of the revelations about NSA surveillance, but data localization requirements are a double-edged sword. It is important to remember that human rights and civil liberties groups have long been opposed to data localization requirements because if used inappropriately, such requirements can become powerful tools of control, intimidation and oppression.
When companies were under intense criticism for turning over the data of Chinese activists to China, internet freedom activists were united in theirs calls to keep user data out of the country. When Yahoo! entered the Vietnamese market, it placed its servers out of the country in order to better protect the rights of its Vietnamese users. And the dust up between the governments of the United Arab Emirates, Saudi Arabia, India, and Indonesia, among others, demanding local servers for storage of BlackBerry messages in order to ensure legal accountability and meet national security concerns, was met with widespread condemnation. Now with democratic governments such as Brazil and some in Europe touting data localization as a response to American surveillance revelations, these oppressive regimes have new, albeit inadvertent, allies. While some countries will in fact store, use and protect data responsibly, the validation of data localization will unquestionably lead to many regimes abusing it to silence critics and spy on citizens. Beyond this, data server localization requirements are unlikely to prevent the NSA from accessing the data. U.S. companies and those with a U.S. presence will be compelled to meet NSA orders, and there appear to be NSA access points around the world.
Data localization is a proposed solution that is distracting from the important work needed to improve the Internet’s core infrastructural elements to make it more secure, resilient and accessible to all. This work includes expanding the number of routes, such as more undersea cables and fiber runs, and exchange points, so that much more of the world has convenient and fast Internet access. If less data is routed through the U.S., let it be for the right reason: that it makes the Internet stronger and more accessible for people worldwide. We also need to work to develop better Internet standards that provide usable privacy and security by default, and encourage broad adoption.
Protecting privacy rights in an era of transborder surveillance won’t be solved by ring fencing the Internet. It requires countries, including the U.S., to commit to the exceedingly tough work of coming to the negotiating table to work out agreements that set standards on surveillance practices and provide protections for the rights of privacy and free expression for people. Germany and France have just called for just such an agreement with the U.S. This is the right way forward.
In the U.S., we must reform our surveillance laws, adopt a warrant requirement for stored email and other digital data, and implement a consumer privacy law. The standards for government access to online data in all countries must likewise be raised. These measures are of course much more difficult in the short run that than data localization requirements, but they are forward-looking, long-term solutions that can advance a free and open internet that benefits us all.
Joseph Lorenzo Hall, Chief Technologist at Center for Democracy and Technology, co-authored this piece with Leslie Harris.
Last year’s Internet Governance Forum in Baku, Azerbaijan proved controversial due to the choice of host. This year’s event, in Bali, Indonesia was bound to be contentious, after Edward Snowden’s leaks on the US’s PRISM programme. PRISM and TEMPORA (the UK system of mass surveillance) were a lightening rod for general discontent from activists who feel an increasing sense of ill ease over the state of internet freedom. Many of the sessions were bad-tempered affairs with civil society rounding on the perceived complacency of government officials from democracies who refused to state their opposition to mass state surveillance in clear enough terms.
US rep use the phrase “alleged US intelligence practices” and then continue by saying: “everyone does it” #IGF2013SV#IGF2013
At an event hosted by the Global Network Initiative, Index on Censorship, andPakistan’s Centre for Social and Policy Analysis, a US government official was heckled by the audience when he attempted to justify PRISM as an anti-terrorism measure. Of particular concern for delegates was a sense that PRISM is now being used by less democratic and authoritarian states to justify their own surveillance systems. The Chinese were quick to point out the ‘double standards’ of the US at this workshop, following it with appalling doublespeak to gloss over their poor domestic record on human rights violations. A point I challenged them on in no uncertain terms.
WOW China is actually lecturing the US on #prism THIS IS SO DEPRESSING #igf2013
Participants in the workshop from across the globe from Pakistan to South Africa stated their concern that a race to the bottom is beginning with new surveillance capacities being debated in countries such as Russia, New Zealand and the UK. Other areas of concern at the workshop included the increasing use of filters at ISP level (in particular in Indonesia where a significant number of ISPs are adopting filtering) and the pressure now felt by Telcos from states who are imposing burdensome requirements to filter content. One worrying prospect is that the ITU will succumb to a push to ensure Telcos do not distribute ‘blasphemous’ content which could lead to the full Balkanisation of the internet.
Although the outlook is bleak, civil society is pushing back at corporations and governments. Bytes for All in Pakistan has done impressive work in chronicling censored online content. A number of coalitions strengthened at the IGF with closer co-operation between international NGOs to take on mass state surveillance. This weekend, a number of US NGOs will rally in Washington DC against the PRISM programme with thousands expected to take to the streets. Index on Censorship’s #DontSpyOnMe petition of 7,000 signatures was this week sent to Lithuanian President Dalia Grybauskaitė, who currently hold the Presidency of the Council of the EU, and Herman van Rompuy, President of the European Council. The EU heeded our calls to discuss mass surveillance at the Council of Ministers meeting – a big success. The pressure on corporations is being felt too, Telcos came under particular fire for their willingness to install surveillance equipment in their networks. Yet, many are beginning to speak publicly over the pressures they feel from states and the need for transparency so their users are at least aware of the surveillance they may be subject to and so can adjust their behaviour accordingly. Meanwhile, Google launched new tools to illustrate the threats the internet faces. The Digital Attack Map is a realtime website displays DDOS attacks and where they originate from – useful in tracking attacks on civil society websites from state-run or criminal botnets. Google also launched a project to provide free, secure web hosting for internet activists under attack.
One of the strengths of the IGF is the broadness of the workshop programme. From the challenges felt by the disabled online, minority rights online, through to bridging the ‘digital divide’ between the rich and poor both internationally and internally within even wealthier countries, the IGF covered a significant amount of ground. Yet, one of the big challenges to the IGF is how to engage a wider section of civil society. While the IGF was better attended by delegates from South-East Asia, fewer delegates from Europe and the Middle East were visible during this IGF. This remains a challenge to the organisers, with too much interaction from those physically present at the conference and too little from the many remote participants, many of whom couldn’t afford the air fare to Bali but have much to contribute. Bridging this divide will be important in the future.
The tone of this IGF was set by the Snowden revelations. The US and other Western democracies were on the back foot, in stark contrast to their confident promotion of net freedom in Baku. Without openess, increased transparency and an end to mass surveillance it’s hard to see how they will regain their moral authority, leaving a huge vacuum at the heart of these debates. A vacuum that others – in particular China – are willing to fill. The battle to keep the multistakeholder, open internet free from top-down state interference is on-going. The IGF should give once confident advocates of net freedom serious pause for thought.