NETmundial 2014 submission on evolution of the Internet governance ecosystem

This submission takes as its starting point the submission from participants of the Best Bits network on “Roadmap for the Further Evolution of the Internet Governance Ecosystem – institutional mechanisms”, which I participated in drafting and generally agree with (“the Best Bits submission”).

In particular, I take for granted the following points that are either drawn from, or at least are fully consistent with the Best Bits submission, and I will not explain them further here:

  • There are certain policy issues that cannot be addressed within the current Internet governance ecosystem in a way that adequately fulfils basic procedural criteria, due to underlying institutional deficits.

  • In addressing these deficits certain criteria must be fulfilled, including a rights-based approach, preservation of the global nature of the Internet, and the use of multi-stakeholder democratic processes.

  • To redress these deficits requires a new coordinating mechanism to direct stakeholders towards the appropriate existing fora to deal with policy issues, as well as one or more new multi-stakeholder working groups to address issues that have no existing home.

  • The new multi-stakeholder working groups referred to would in most cases develop soft law only, rather than binding rules such as treaties, though they could in appropriate cases make recommendations to external treaty bodies or to the UN General Assembly.

  • It would be appropriate for the Internet Governance Forum (IGF) to take a key role in the operationalisation of these required changes, which would require the most significant reforms to the IGF since its establishment.

There are however two problems that the Best Bits submission does not explicitly acknowledge, nor suggest a way to overcome, which are the subject of this submission:

  1. There remains a substantial disagreement between (and even within) stakeholder groups, over whether governments should have a preeminent role and responsibility over international public policy issues pertaining to the Internet, or whether the roles of all stakeholder groups in Internet policy development processes should be equal. Practically speaking, there is no likelihood that NETmundial will see any resolution of this fundamental disagreement.

    In the narrower context of ICANN, the GAC is an unsuccessful attempt to compromise between these two demands, by giving governments certain rights in the policy development process that no other stakeholder group has (which upsets those who demand equality between the stakeholder groups), but by making its recommendations purely advisory (which upsets those who demand government sovereignty).

    It may seem that this problem is irreconcilable, in that any governance institution must choose either one or the other – either making all stakeholders equal, or giving governments sovereign rights. But counter-intuitively, it may be possible to satisfy both demands, and to do so without creating any new body or process, other than those referred to in the Best Bits submission. The solution involves the following two elements:

    1. First, there are some issues and contexts in which, as a factual matter, governments do not claim a primary role in policy development, nor ever have (and the same is true in other governance domains also). As these typically involve technical issues, the drafters of the Tunis Agenda accounted for this fact by drawing a (simplistic) division between “international public policy issues pertaining to the Internet” and “day-to-day technical and operational matters, that do not impact on international public policy issues”.

      A less simplistic approach requires a case-by-case analysis: whenever the coordinating function as described in the Best Bits submission is exercised, it should consider not only whether and where policy is being developed, but also what the appropriate roles of stakeholders are for that issue. Factors relevant to that determination include agreed high-level global Internet governance principles (if any), roles and responsibilities historically exercised in respect of that issue, and the governance mechanisms that are likely to be effective in dealing with the issue.

      To give some possible examples, it may be found that governments are entitled to take a leading role in developing global rules on money laundering via the Internet, but that they should take a back seat in the development of spam filtering standards, and should participate as equals with other stakeholders in the development of policy for transnational intellectual property enforcement policies.

      By engaging in this analysis (which would itself be conducted by a multi-stakeholder deliberative body), a more reasoned determination can be made of the appropriate roles of governments and other stakeholders in a given issue area, than can be had by resorting to fixed descriptions of stakeholder roles, or an arbitrary demarcation between “public policy” and “technical and operational” issues. The result will be that the appropriate role of governments in determining any given policy issue can be defined with more particularity than simply making a blanket claim of sovereignty.

    2. Second, for areas in which the coordinating function assesses that governments do have an appropriate role to play along with other stakeholders, the only way in which to resolve the disagreement mentioned above is if the multi-stakeholder policy development process is so designed that the stakeholder groups are formally equal – but allows governments to veto decisions. Logically the only way in which both those conditions can both be true is if all stakeholder groups can veto decisions.

      This describes a consociational multi-stakeholder process, where a consociation is a power-sharing arrangement comprising a coalition of stakeholder groups who cooperate in making decisions together, but who share a right of mutual veto allowing any stakeholder group to block a joint decision, if there is consensus to do so within that group. Note that governments, having a legal monopoly on the use of force, have a de facto right of veto in any multi-stakeholder policy development process anyway; the consociational structure simply formalises this and grants the other stakeholder groups the same right (Malcolm 2008, pp.293-294, 466-467, 478-482).

      Does this mean that the power of veto would always be exercised, so that nothing would ever be agreed? Of course it is possible, as it is in any organisation that depends upon consensus. But by adopting deliberative democratic processes, the likelihood of a veto power being used strategically become less likely, especially as the social capital invested by the stakeholders into the IGF compounds. A stakeholder group will not use its power of veto lightly if this may damage its own longer-term prospects of using the IGF to advance its own interests later on.

  2. Whilst I support the decentralised model of Internet governance put forward in the Best Bits submission, there is a second problem that the submission does not acknowledge. The problem lies in the fact that it allows for the fact that there are a multiplicity of existing fora where global Internet public policies are developed, but also demands that all of them adopt (afresh, any many cases) a multi-stakeholder policy development process. Although absolutely sound in theory, there are two practical faults with this:

    1. It is very optimistic, to say the least, to call for these existing multiple fora to be transformed into multi-stakeholder formats. In many cases – the ITU, for example – it will only take one member state to object to multi-stakeholder reforms in order to close down such transformation. Therefore in practical terms, this ideal is likely to be impossible to achieve.

    2. Even if the previous objection were somehow overcome and there were a multiplicity of fully accessible and multi-stakeholder fora dealing with Internet policy issues, the task of addressing all these fora would massive exceed the scope of civil society’s limited financial and human capacity. As the least well resourced stakeholder group, this would put civil society at a further disadvantage when compared to governments and the private sector.

    To correct for these faults requires a slight gloss upon the recommendations in the Best Bits submission, that I outline here. Essentially, it involves allowing for a broader role for the Internet Governance Forum, at least in the short term, whereby the IGF – as the most accessible, central policy forum for Internet policy discussion – would be tasked with developing recommendations for other institutions in the Internet governance ecosystem, if those institutions do not themselves yet have a similar multi-stakeholder process.

    This conforms with the IGF’s existing mandate to “promote and assess, on an ongoing basis, the embodiment of WSIS principles in Internet governance processes” (Tunis Agenda paragraph 72(i)), and to “identify emerging issues, bring them to the attention of the relevant bodies and the general public, and, where appropriate, make recommendations” (paragraph 72(g). It is also consistent with its mandate to be non-duplicative (paragraphs 72(b) and 77), since a multi-stakeholder recommendation to an external institution is not to be considered duplicative of that institution’s less inclusive decision-making process, even if they both concern the same subject matter (Malcolm 2008, p.439).

    Thus notwithstanding that there may be a plethora of other Internet governance bodies, the development of high-level principles to guide the work of bodies that are not multi-stakeholder in their own right remains an appropriate activity for a reformed IGF.

    Whilst the Best Bits submission does contend that “it is a mistake to think that one body, and one set of experts, could possibly be responsible for effective policy making on all Internet-related matters”, this is not what I propose. The IGF would continue to have a very broad mandate, yes. But so too does the General Assembly of the United Nations, and we do not hear complaints that it lacks expertise to cover all subject areas. This is because the principal contribution of the General Assembly is not its expertise, but its legitimacy – and, so it is with the IGF, only extending to other stakeholder groups besides governments.

    Naturally the operational decision making that takes place by reference to the high-level principles that the IGF develops will remain the responsibility of more specialised bodies, just as the implementation of resolutions of the General Assembly falls to national parliaments and specialised agencies, in accordance with the principle of subsidiarity.

In summary and conclusion, I fully accept the merits of a distributed model of Internet governance as set out in the Best Bits submission. But I also caution as to two limitations that the submission does not cover.

The first is that it does not address the fundamental and irreconcilable disagreement over whether governments should or should not have greater policy authority than other stakeholders. I suggest a way of overcoming that disagreement by firstly engaging in a more thorough analysis of the claims of each stakeholder stakeholder group to participate in policy development in a given issue area. For issue areas in which governments are found to have a role, I suggest that the concerns of governments that their sovereignty is threatened could be addressed by structuring the policy development process according to a consociational model, that would give governments (and other stakeholder groups) a right of mutual veto over recommendations that they cannot support.

My second caution is that trying to retro-fit multi-stakeholder democratic legitimacy to a multitude of existing bodies, in the short term, is likely to prove a quixotic endeavour. It is also unnecessary when there is already a multi-stakeholder Internet governance institution – the IGF – that possesses a UN mandate to make recommendations across a broad range of Internet public policy issues, already has the trust and support of all non-governmental stakeholders, and is much more accessible to civil society than that plethora of other bodies could ever be.

In this way the IGF, with its proposed coordinating function, can act as a proxy to receive multi-stakeholder input into the development of high-level principles for the guidance of other, less multi-stakeholder institutions. At the same time, the IGF can host multi-stakeholder working groups to develop policy on issues for which there is no existing body to deal with them. In both cases, significant reforms to the IGF would be required – but these are much more achievable than the similar reforms required to transform the entire ecosystem of Internet governance institutions.

Bibliography:

Malcolm, Jeremy. Multi-stakeholder Governance and the Internet Governance Forum. Terminus Press, 2008.

The love-hate relationship between the Internet technical community and civil society

I’m Australian, but I’ve been living in Malaysia for almost six years. One thing that you may not know about Malaysia is that they have an active stand-up comedy scene here. One of the staples of the scene is that the Chinese, Indian and Malay comedians will all make fun not only of their own race – which is something they could do in Australia too – but also of the other races, using some pretty offensive stereotypes, that I’m not going to repeat here! So in honour of that, I’m going to do the same thing, though it’s not going to be stand-up comedy, and the races that I’m going to be talking about are not Chinese, Indian or Malay, but the Internet technical community, and civil society. And I can do this, because I myself have a technical and a civil society background; so if I offend anyone here, be assured that I am offending myself as well. Having said that, in present company it seems safest to begin by offending civil society. To techies, “civil society” is a bogus concept, referring to a bunch of failed career politicians who lack a basic understanding of the technology behind the Internet, have no legitimacy to represent Internet users as they claim to do, and litter their conversation with stupid acronyms like “WSIS”, “MDGs” and “LDCs”. To civil society, the technical community are a bunch of narrow-minded, politically libertarian geeks, who can’t (or refuse to) understand the policy dimensions of technology, or how it is shaped by power and money, and who litter their conversation with stupid acronyms like “BGP”, “MPLS” and “DNSSEC”. Civil society loves to use human rights to justify all sorts of demands, and are endlessly critical of big business, and America, and other rich countries, for not fulfilling those supposed rights, but they never display an ounce of gratitude for the fact that without those same companies and countries, supported by the technical community, they wouldn’t even have any Internet to complain about. The technical community on the other hand has a massive superiority complex. They think that because they know about routing or DNS, they also know politics. In fact they know it better than the politicians do, because the technical community’s processes for standards development and resource allocation are actually the best processes in the world for doing anything, and can be applied without any changes to the political realm. So this is where we are at. Both the Internet technical community and civil society think that they know it all, and that the other side is stupid and naive. And since I identify with both sides, you can just imagine the extent of my self-loathing. But we have to move on from that, because the future of the Internet depends on the two sides learning to get along. Both need to recognise their own limitations, and the value of what the other side has to contribute. Civil society and the technical community may hate each other sometimes, but could they really be a perfect match? I think the answer is yes. And the reason is Edward Snowden. Now I know what some of you are thinking – changes to Internet governance have nothing to do with Snowden’s revelations about NSA surveillance – and you’re right, in a narrow sense; the DNS root, for example, is not going to be any less secure just because the NSA is headquartered in the same country as ICANN. But what Edward Snowden did do is to bring the technical community and civil society together in agreement on one point – that the status quo needs to change. And that is the turning point for our communities. The Montevideo Statement, Fadi Chehadé’s role in the establishment of the NetMundial 2014 meeting, and most recently ISOC’s announcement that it would finally support the IGF developing recommendations – none of these would have happened without Edward Snowden. And it’s not all one way. Civil society is also realising that it needs to expand its own horizons beyond its little goldfish bowl. Two years ago I perceived that there was a disconnect between the NGOs that I was working with on Internet governance issues, and the digital rights groups from North America who were campaigning for “Internet freedom”, many of whom were closely linked with the technical community. We were doing similar things, but weren’t coordinating very well with each other, or even talking. So we formed a new civil society network called Best Bits to bring those movements together. Taking this a step further was the formation of the 1net initiative last year by the technical community organisations, who invited civil society in too. 1net has taken some missteps, but the promise of this initiative is to bring the Internet technical community and broader civil society together to share their own different experiences of the Internet, their own opinions of what its core values are, and their ideas about joint strategies to preserve its value and to address its shortcomings. So I hope and believe that the future of the Internet technical community and civil society is together. When we fight with each other, it gets ugly, and I know this better than most. But together, we could just save the Internet. This is the text of a Lightning Talk given at APRICOT 2014.

Tectonic shift at ISOC: embracing outputs from the IGF

As readers of this website since 2006 will know well, one of the most staunch opponents of the IGF developing the capacity to produce non-binding policy outputs has been ISOC. Until now.

Yesterday, ISOC posted this submission to the IGF, which dramatically reversed years of opposition to paragraph 72(g) of its mandate (see below), and opens the door to an IGF that delivers tangible, soft law policy documents as outputs.

In the past, former CEO and President Lynn St Amour insisted, “I don’t think the IGF is a place for decisions, or for recommendations”, and this has been a consistent position in all ISOC’s submissions about the IGF since then.

But in its latest statement, the shift in thinking that we saw in the Montevideo Statement on Internet Cooperation, and in ICANN CEO Fadi Chehadé’s (albeit very contentious) support of Netmundial 2014, continues with the most dramatic turnaround seen from ISOC to date.

“Now is the time to take the IGF a step further, towards more tangible outcomes, as recommended by the CSTD WG on Improvements to the IGF”, ISOC writes.

Drawing on the processes of the IETF in the field of technical standards development, the submission suggests:

The Internet Society believes a good starting point would be to develop intersessional work on substantive issues, build on the work of the Dynamic Coalitions and create working groups chaired by MAG members or relevant experts of the IGF community, focused on particular topics or issues. The working groups would mostly work online, and meet physically during the MAG and Open Consultations meetings as well as the IGF. Ultimately, the IGF would have to develop a process that allows for adoption, by rough consensus, of documents, which would not be binding, but open to voluntary recognition and adoption by all stakeholders.

Essentially, then, ISOC’s position is now the same as that for which civil society has been advocating for for a decade, with ISOC until now fiercely opposed. Consider, just to name a few, the Internet Governance Project’s Building an Internet Governance Forum, Avri Doria’s proposal The IETF as a Model for the IGF, Vittoria Bertola’s An Implementation Proposal for the Internet Governance Forum, and indeed my own writings such as Lessons for the Internet Governance Forum from the IETF and my 2006 GIGANET presentation.

The ISOC statement is unconvincingly pitched as consistent with ISOC’s previous policy, and to the extent that any rationale for the backflip is given at all, it is that:

While Para 72 (g) of the Tunis Agenda (“Identify emerging issues, bring them to the
attention of the relevant bodies and the general public, and, where appropriate, make recommendations.”) allows for the possibility of making recommendations, the IGF, in the first years of its existence, would have been too fragile to allow for a robust discussion on how to work towards a consensus.

But ISOC also (correctly) recognises that:

2014 will be a pivotal year for Internet governance. The accelerated pace of Internet governance discussions in 2014-2015 is exemplified by the many major conferences … shaping the future agenda, with some of them aiming to restructure existing arrangements. It will, therefore, be important for the IGF to contribute to the shaping of a new international consensus on Internet governance. This context provides a unique opportunity for the IGF to occupy a central place in this debate.

Although I won’t soon forget eight years of bashing my head against a wall, I can’t argue with that. Now let’s see if the rest of the IGF MAG agrees, and makes the changes that will be necessary to see this happen.

1net and the myth of technological neutrality

The coalition of non-governmental stakeholders that was initiated by the technical community at the Bali IGF meeting, and that I described in this post, subsequently gained a name and a website: 1net.

Despite a play by 1net’s proponents to gain a special role in organisation of the Brazil meeting, civil society representatives who had self-organised their own liaisons with the Brazil process made it clear that they weren’t comfortable with that. Meanwhile the multi-stakeholder Brazilian Internet steering committee CGI.br assumed much of the role that 1net’s proponents had seen for it, and a broad-based joint Civil Society Internet Governance Coordinating Group came together to nominate civil society’s representatives to the Brazil meeting. So since then 1net has been dithing about what else, if anything, it can usefully do.

As such the 1net dialogue is currently just another mailing list, rather than the “movement” that its website claims, but is proving to be – well, useful would be too strong a word, so let’s say mildly diverting, as a forum for the exchange of views between technical community stalwarts, who normally reside in a bit of a goldfish bowl, and civil society activists and academics – of whom in fairness the same could probably be said.

Here is a post that I made to the list today, in response to the suggestion that a useful activity for 1net would be to gather evidence of the benefits of “neutral” technical administration of the Internet. I responded:

On the other hand, we should also avoid confirmation bias. Let’s examine whether or not neutral technical administration supports underlying values that we support, rather than trying to find evidence that it always does. Otherwise we will tend to entrench elements of existing Internet governance arrangements on the assumption that the Internet as we know it now is the best of all possible Internets, when it may not be.

In any given case there may be other (and less “neutral”) ways of technically administering the Internet that would actually be better at promoting the balance of interests that we can agree through democratic (including globally democratic aka. multi-stakeholder) processes, including privacy, security and freedom of expression.

In the same way that a regulated market is less “neutral” than a free market, but, in cases of market failure, serves consumers’ interests better, so too there may be merit in a level of democratic oversight or intervention into certain technical processes to ensure that broader social values are not overlooked in the administration of Internet resources and development of Internet standards and protocols.

(Before people accuse me of things that I’m not actually saying, for me this is very loose: basically, establishment of processes outside of and broader than existing technical community bodies, to provide a framework of principles, that can guide and direct technical work along socially beneficial lines, rather than assuming that social values are automatically and inherently implicit in those processes.)

Political ideology, of course, comes into this, so we are unlikely always to agree on how much intervention is beneficial, and will be tempted to make generalisations like “no government control over the Internet” or conversely “no democracy without governments, let’s form a UN council to set the rules”. My own take is more nuanced and I’ve set it out at length in posts like these (and many others):

Moreover I think the more explicit that we make the political dimension of this discussion, the better. It is amazing how (what Americans would call) progressives can morph into libertarians just because the context is the Internet. In other words, if you don’t want Internet technical processes to be regulated think hard about why you’re saying that. Do you also not want markets to be regulated? If so, fine; that’s a political view that you’re entitled to. But otherwise, you might be falling into the trap of Internet exceptionalism.

My views and short report – UN Working Group on Enhanced Cooperation

Here are my personal views and a short report as a participant in the Working Group on Enhanced Cooperation (UNWGEC) – its second meeting just happened in Geneva (6-8 of November). It just follows the latest edition of the UN Internet Governance Forum (IGF) held last October in Denpasar, Bali, Indonesia.

In the discussion of enhanced cooperation among nations for the advancement of the information society and knowledge (and with this phrase I try to synthesize my view of the subject), the IGF is always taken into account, both to highlight its (relative) relevance and to suggest the way forward for international governance of the Internet.

Several governments also insist that the 2005 Tunis Agenda (attached in PDF), a non-binding commitment among governments, should not be changed — some even hail the Agenda as a “bible” to be followed, even if it has not been followed by some of the very governments which view it as such, and even if the dynamics of rapid worldwide development of the Internet requires periodic revisions.

The Tunis Agenda contains a lengthy specification of the mandate the IGF should follow, as described in its paragraph 72:

72. We ask the UN Secretary-General, in an open and inclusive process, to convene, by the second quarter of 2006, a meeting of the new forum for multi-stakeholder policy dialoguecalled the Internet Governance Forum (IGF). The mandate of the Forum is to:

  1. Discuss public policy issues related to key elements of Internet governance in order to foster the sustainability, robustness, security, stability and development of the Internet.
  2. Facilitate discourse between bodies dealing with different cross-cutting international public policies regarding the Internet and discuss issues that do not fall within the scope of any existing body.
  3. Interface with appropriate intergovernmental organizations and other institutions on matters under their purview.
  4. Facilitate the exchange of information and best practices, and in this regard make full use of the expertise of the academic, scientific and technical communities.
  5. Advise all stakeholders in proposing ways and means to accelerate the availability and affordability of the Internet in the developing world.
  6. Strengthen and enhance the engagement of stakeholders in existing and/or future Internet governance mechanisms, particularly those from developing countries.
  7. Identify emerging issues, bring them to the attention of the relevant bodies and the general public, and, where appropriate, make recommendations.
  8. Contribute to capacity building for Internet governance in developing countries, drawing fully on local sources of knowledge and expertise.
  9. Promote and assess, on an ongoing basis, the embodiment of WSIS principles in Internet governance processes.
  10. Discuss, inter alia, issues relating to critical Internet resources.
  11. Help to find solutions to the issues arising from the use and misuse of the Internet, of particular concern to everyday users.
  12. Publish its proceedings.

It is clear that this broad mandate is not being fulfilled by the IGF. First of all, these items show that the IGF should be a process-oriented forum, not merely a sequence of events.

Secondly, there are clear references to recommendations that should be generated by the IGF – for example items e, g, h, and i – which have been basically ignored by the UN.

The fact is that the IGF is leaving aside significant components of its mandate, and even governments which swear fidelity to the Tunis Agenda have not given importance to these shortcomings. Further, the MAG (which is dedicated only to organize each yearly event) is composed basically on UN-filtered sectorial representation but not the necessarily on the expertises needed to carry out this challenge.

It is therefore necessary to rethink the IGF if it is deemed to be (or might become) a central instance of enhanced cooperation. Otherwise it might be replaced in favor of other ways to advance this process.

As for WGEC, whose goal is to deliver recommendations on enhanced cooperation to the Commission on Science and Technology for Development (UN UNCSTD) in the first half of 2014, which will be brought to the UN General Assembly in September of the same year, the work so far has revealed some worrying weaknesses.

The central result of the first meeting of WGEC, in June 2013, was the production of a questionnaire that was answered by all sectors. There were 69 responses , thus distributed: 29 from governments, 23 from civil society, 11 from the “technical-academic” sector, and eight from the business sector. More than half of the responses came from developing countries.

It produced a consolidation of the results with some flaws (including the mistakenly taking responses from the Best Bits group of NGOs for the APC responses), but even so the consolidation gave a reasonable idea of the various views of the working group in relation to themes of cooperation and improved governance of the Internet. [summary is attached in PDF]

The summary and procedures in the second meeting (6-8 November) reveal the risk of retracing the path already followed for building the Tunis Agenda, as well as the efforts of the Working Group on Internet Governance (WGIG , which met November 2004 to June 2005). Effectively, significant time was consumed in preparing a list of over 300 topics possibly related to Internet governance and enhanced cooperation. Group difficulties in dealing with such a number of issues in order to try to group them into key issues was such that we constituted a specific group (“correspondence group”) to come up with a short list of topics. The perception of “déjà-vu” for the old-timers who participated in the WGIG and the WSIS process is inevitable.

One of the problems of a working group like this is that participants are defined in terms of their sectoral representations and not necessarily because of their expertise on the issues (something similar to what occurs with MAG). This creates an additional difficulty for both the consolidation of the issues and the drafting of a qualified report.

Faced with the lack of time and the uncertainties generated by this process, some sectors have presented concrete proposals, which I relate below.

A group of civil society organizations and individuals presented an interesting list of possible recommendations to be evaluated and possibly adopted in the final report WGEC (I added the numbering for easy future reference). I have reservations about the effectiveness of the role of IGF so far, but overall I agree with the approach and consider a contribution to guiding the future WGEC report. Their suggestions:

Draft recommendations bullets prepared by a group of WGEC Members and Observers

  1. Acknowledges that the Tunis Agenda, if it is to continue as a reference point for all stakeholders, should be considered as a living document which needs to be updated to reflect the roles and responsibilities of all participants;
  2. Encourages the rethinking of the stakeholder roles that were defined by governments unilaterally in the Tunis Agenda, noting that these roles were originally defined by governments in December 2003, Geneva Declaration of Principles;
  3. Affirms that the internet belongs to everyone: everyone can use it and everyone can improve it: this also applies to its governance;
  4. Acknowledges that Enhanced Cooperation is well underway as intended in Tunis Agenda paragraphs 67 through 75;
  5. Concludes that no new multilateral arrangements, are required for Enhanced Cooperation;
  6. Acknowledges that new mechanisms spring into existence organically as they are needed and that there is no need to create new mechanisms in a top down manner;
  7. Acknowledges the efforts of various existing mechanisms to understand internet governance and to make public policy in light of, and taking into account, its multi-stakeholder nature;
  8. Congratulates the IGF for its work in meeting its Tunis Agenda defined role in fostering Enhanced Cooperation;
  9. Encourages the IGF to cover all issues of Internet governance that are of concern to stakeholders and to form ongoing Issue Discussion Groups within the IGF to make recommendations on these issues to the larger IGF community;
  10. Encourages the IGF to follow the recommendations of the CSTD WG on IGF Improvements including its mandate to give advice to the functional Internet governance and management organizations;
  11. Encourages those making public policy to engage more fully in the IGF and to bring to the IGF their questions on internet related matters within their mandates;
  12. Encourages all governments to commit to the IGF, and to use the IGF process as an opportunity not just to engage with all other stakeholders, but as an opportunity to work with each other on an equal footing;
  13. Invites all Internet governance and management organizations to participate in the IGF.
  14. Reinforces the multistakeholder approach and encourages all stakeholders to engage more in and work with existing organisations and to explore ways in which stakeholder engagement can be enhanced.

In summary, the path is to focus, focus, focus on a small but essential set of topics and try to build proposals for enhanced cooperation among nations (rather than just among governments) around these themes (and this points to the requirement of pluriparticipative processes all along). Otherwise, the WGEC will end up replaying the generalities of much of the Tunis Agenda and will barely advance.

On the side of governments, suggested guidelines came from the governments of Brazil, Mexico, the UK and Sweden:

  • Members [of the UN] should explore ways to strenghten participation of all stakeholders from developing countries in existing global internet governance fora including through funding mechanisms and alternative working methods such as remote participation.
  • Members should increase efforts to empower stakeholders to particpate through capactity building, including but not limited to, training programs, awarness raising, best practice sharing.
  • Members should work with developing countries to create a fair and consistent domestic framework that stimulates competition and creates affordable access for all stakeholders.
  • The role of governments should include, but not be limited to, to empower internet users, ensure a fair and consistent legal framework that is transparent accountable and equitable and protect human rights online, to foster a robust global internet infrastructure and support mulitstakeholder processes and partnerships.

At this point, I believe the proper junction of the two proposals can help speed up the process towards the final report of the WGEC.

Stakeholders wrangle over the Brazil Summit on Internet Governance

With the recent revelations of mass United States government surveillance, existing Internet governance arrangements have become more than untenable – for many they have become an outrage. And the solutions that governments proposed at WSIS – the IGF and the unfinished process towards enhanced cooperation – have not provided the substantial changes that stakeholders, particularly from the developing world, are now demanding. The speech that President Dilma Rousseff delivered to the 68th Session of the United Nations General Assembly on 24 September set the scene for change, describing her anger at the “grave violation of human rights and civil liberties” represented by the US surveillance revelations:

It affects the international community itself and demands a response from it. Information and communications technologies cannot be the new battlefield between States. Time is ripe to create the conditions to prevent cyberspace from being used as a weapon of war, through espionage, sabotage, and attacks against systems and infrastructure of other countries. …

For this reason, Brazil will present proposals for the establishment of a civilian multilateral framework for the governance and use of the Internet and to ensure the protection of data that travels through the web.

Following Rousseff’s speech, most of the I* organisations came together to meet in Uruguay. The outcome of that meeting marked a radical break from their previous support for the continuation of US oversight over Internet governance, and their rejection of previous proposals for new models of public policy development for the Internet. The Montevideo Statement on the Future of Internet Cooperation that they issued on 7 October records that they “discussed the clear need to continually strengthen and evolve [Internet governance] mechanisms, in truly substantial ways”, and “agreed to catalyze community-wide efforts towards the evolution of global multistakeholder Internet cooperation” including “the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing”.

But as radical a development as this was, the tumult had barely begun. On 9 October, Fadi Chehadé, the CEO of ICANN, dropped a bombshell with the announcement that, during a hastily-convened meeting that day, he had convinced President Dilma Rousseff to convene a multi-stakeholder summit on Internet governance in April 2014, which would address the issues raised in her speech and in the Montevideo Statement.

The summit would not be a UN meeting (such as the IGF, and a tenth-anniversary WSIS meeting already planned for the same month in Sharm el Sheikh). Also unlike those meetings, it would have a mandate to produce tangible outputs: a set of principles (Rouseff’s “civilian multilateral framework for the governance and use of the Internet”), a proposed new institutional framework for Internet governance that could substitute for the US oversight of ICANN, along with a decision-making mechanism for “orphan issues” (those not being dealt with in any other international forum).

The timing of this proposed summit was no less extraordinary than its mandate: for governments, planning a high-level summit in six months’ time is like planning your wedding for next week. The date chosen (which has subsequently been revised to May) falls immediately after the main WSIS+10 meeting, but before a follow-up high-level meeting that Brazil has been pushing for, that could be used to ratify the decisions taken at the Brazil summit. It would also precede the ITU Plenipotentiary in October, at which moves for governmental control of the Internet could be reasserted, if insufficient progress were made at the summit. And probably not coincidentally, it also leads into the re-election date of President Rousseff, also in October 2014.

The dust from this announcement had barely settled before all the stakeholder groups involved in Internet governance discussions were together in Bali to take stock of it, at the 8th Internet Governance Forum, which wound up yesterday. By then, accounts of the meeting from Brazil and ICANN were beginning to diverge: was it a “summit”, as Brazil termed it, or merely a “meeting” or “conference”, as contended by Chehadé? Would it propose solutions, as Brazil insisted, or would it just be for discussion, as Chehadé now described? Was the idea that the summit should be multi-stakeholder a concession that Chehadé wrought from the President, or did she have that notion all along?

Part of the reason for the divergence was that Chehadé had not discussed his remarkable proposal to President Rousseff with the other I* organisations before making it, and had caught them quite by surprise. This was evident at a series of tense and packed meetings during the week at which the proposal was further explained to stakeholders. In particular, a meeting called by the I* organisations on 23 October, that was chaired not by Chehadé but by Chris Disspain, CEO of Australia’s domain name authority AuDA, painted a very different picture to that described by Rousseff and Chehadé.

Disspain asserted that until now the multi-stakeholder Internet governance system had been maintained by the United States and a “quiet coalition of the willing”, and warned of the risk that more Internet governance issues would “fall into the hands of governments”. He announced plans to build a coalition of thought leaders to oppose such moves towards a “governmental or government-centric” model, and to spearhead a grassroots campaign to build support for this position.

Downplaying the importance of the summit, Disspain described it as “not the end game, just a stop on the road”, and asserted that “we seem to have the reins of that meeting, and we need to keep hold of those reins”. Even Chehadé, whilst clearly having a broader conception of the summit’s purpose than Disspain, similarly boasted about the technical community’s leadership of the event, saying “we can make it our meeting”, and claiming that that he had told the Brazilians that the meeting would not be about proposing solutions, as this would be taking things too fast.

This did not go down well for some in the room, particularly from civil society, who saw in the summit a potential way to address the serious human rights violations committed through mass surveillance, and to accelerate the long-delayed globalisation of oversight of ICANN and its functions. They were alarmed by the prospect of the summit being hijacked to serve the narrow interests of the Internet technical community, which had been so quick to obstruct previous proposals for reforms to Internet governance, such as through the IGF and enhanced cooperation processes.

As the IGF closed yesterday, a small group of hastily-nominated stakeholder representatives met that day to discuss the way forward. The technical community and private sector nominees expressed little enthusiasm for the summit at all, and seemed more interested in the new coalition that that the technical community had announced to oppose governmental involvement in Internet governance.

But Chehadé had released a genie that could not be returned to its bottle. The delegation from Brazil, whilst taken just as much by surprise by the rapidly-unfolding summit plans as everyone else had been, had seized the moment, along with much of the limelight at the 8th IGF. Whilst details remained sketchy – they had no clear plan for consulting with stakeholders, for example – they had promised to release a more detailed plan of the summit by 11 November, and meanwhile were also recruiting 3-4 other countries as co-hosts of the summit. At the top of their list was Germany, in the wake of revelations that the United States may have tapped Chancellor Angela Merkel’s phone. India, South Korea and Australia are also possible candidates.

In only a month since President Rousseff’s speech to the United Nations so much has changed, and yet at the same time so little. Whilst taking tentative steps forward with the Montevideo statement, the technical community has already begun to retreat from its full implications, in the fear of their role being overshadowed. If the old guard of the technical community have their way, another orchestrated WCIT-style “grassroots” campaign against Internet governance reforms may be in the offing.

But as the only clear driver for concrete reform in the ten years since WSIS, the proposed summit has also excited and energised other stakeholders, who see such change as inevitable and overdue, and who regard Brazil as a more trustworthy country than Cuba, Russia, Iran or China to lead this effort using an inclusive, multi-stakeholder process. It would be a shame to allow that opportunity to slip by, all for the sake of preserving a model of Internet governance that many now agree has become outdated and inadequate for the Internet of today.

Continue reading in “Brazil Summit heralds major Internet governance reforms” at Digital News Asia.

How the technical community fails at multi-stakeholderism

One of the standard arguments that the United States and other developed countries make in opposing changes to Internet governance is that the Internet is already well governed through a multi-stakeholder model by a network of grassroots Internet technical community organisations. These are said to include the IETF (Internet Engineering Taskforce), ICANN (the Internet Corporation for Assigned Names and Numbers), the RIRs (Regional Internet Registries) and the W3C (World Wide Web Consortium).

Yet when you look a little closer, none of these organisations actually represent grassroots Internet users, or are even multi-stakeholder by any usual definition of the term. Neither are they capable of legitimately dealing with broader public policy issues, that go beyond the development of purely technical standards development and the allocation of Internet resources. As a result, the process by which they reach such decisions is undemocratic, and some of the policy choices embodied in those decisions are unsupportable.

Unfortunately those organisations often don’t seem to realise this, and will quite happily go about making policy heedless of their own limitations. An example is the failed process by which the W3C’s tracking preference working group sought to develop a specification for a standard called “Do Not Track” or DNT. The concept behind this standard (which I’ve written about in detail elsewhere) was to specify how a website or advertiser should respond to a notification expressed by a user (typically through a browser setting) that they do not wish to be tracked online.

The W3C is not the only example of this sort of dysfunction. The IETF has (to its credit) acknowledged its own limited inclusiveness (its parent body the IAB has 11 white males on its board of 13), ICANN has recently received blistering criticism over its failure to pay attention to the community’s wishes (while drawing in millions from the new global top-level domain goldrush), and soon to be released research will unveil how decisions of the RIRs such as APNIC are similarly driven by shallow discussion from a narrow segment of stakeholders (even though this takes place on notionally open mailing lists).

The underlying problem is that the Internet community bodies have been captured by industry, and by a narrow segment of civil society that is beholden to industry (exemplified by the global Internet Society, ISOC). As a result Internet technical standards are biased in favour of a US-led, free market-directed model of competition, which fails to incorporate broader public interest objectives (this has even been formalised in the OpenStand Declaration). Standards development that involves issues such as consumer privacy and access to knowledge is a political process, and as such, capture by powerful interests becomes inevitable unless safeguards are set in place.

The industry-led specifications that have resulted from this paradigm speak for themselves. In July this year, industry released a standard for mobile apps to notify users of data collection using short-form notices, rather than lengthy privacy policies. This voluntary standard, although based on a supposedly multi-stakeholder process set up by the US National Telecommunications and Information Administration (NTIA), has been criticised by American consumer groups both for its substance and for the process by which it was developed, which allowed an industry-dominated panel to push through a code that served their commercial interests.

Another example is the United States’ Copyright Alert System (CAS), by which Internet users’ privacy is sacrificed to facilitate the delivery of copyright infringement notices to those who share content online – the system does not take account of “fair use” or other copyright user rights. This follows on from the 2007 Principles for User Generated Content Services, also written by industry, that were adopted by most major content platforms, and from codes agreed by major credit card companies and payment processors in June 2011, and by advertisers in May 2012, to withdraw payment services from websites allegedly selling counterfeit and pirated goods. No consumer representatives (or even elected governments) had any say in the development of these codes. How is this a “multi-stakeholder” model?

True multi-stakeholder processes (as defined at the 2002 Earth Summit, long before the Internet technical organisations appropriated the term) are:

processes which aim to bring together all major stakeholders in a new form of communication, decision-finding (and possibly decision-making) on a particular issue. They are also based on recognition of the importance of achieving equity and accountability in communication between stakeholders, involving equitable representation of three or more stakeholder groups and their views. They are based on democratic principles of transparency and participation, and aim to develop partnerships and strengthened networks between stakeholders.

Although often described (for example by the United States government, and bodies like ISOC that follow US foreign policy) as “the” multi-stakeholder model of Internet governance, the Internet technical community organisations actually don’t tend to embody these principles very well. Although they are typically open to participants from stakeholder groups, no attempt is made to balance their participation so that the voices of weaker stakeholders (such as consumers) are not drowned out by those with the most resources or privilege. Having open mailing lists is not enough, and indeed can mask abuses of the process – after all, it has been revealed that the NSA used IETF processes with the aim of weakening encryption standards.

Continue reading in “Web Consortium’s failures shows the limits of self-regulation” at Digital News Asia.

Why civil society’s role as Internet rights watchdog doesn’t scale, and what to do about it

How quickly the Internet communities have gone from rallying behind the banner of Internet freedom last year, fresh from our victory in the defeat of SOPA and ACTA, to the position where now Byron Holland, the CEO of CIRA, the Canadian Internet Registration Authority, can proclaim “the Internet as we know it is dead“.

How did this happen?  The obvious answer is that this was a result of the PRISM revelations, but I think behind this lies a new awareness of how overconfident many of us were in the ability of the existing Internet governance regime, at national or global levels, to channel public interest concerns expressed by Internet user communities into policy processes.  Especially in the very typical case where there is no democratic process to represent the interests of those whom those policy processes affect.

Other examples are not difficult to find – some of them in countries that are not regarded as free, such as Vietnam’s clampdown on the online publication of reports of current events, but others, such as extra-judicial domain name seizures, in countries that had been the champions of so-called Internet freedom.

Human rights infringements of users who are not democratically represented are not limited to governments, but extend to transnational corporations also.  Think of Microsoft, promising that its users’ privacy was its top priority whilst at the same time knowingly putting in surveillance backdoors for the NSA.  Think of Google’s recent admission that Gmail users have no legitimate expectation that their emails will be kept private.

And who regulates the global activities of these companies?  Again, national governments; thus the only protection that Internet users worldwide have that their rights will be respected is the extent to which national governments recognise and enforce them.  Thus Facebook’s latest terms of service revision, making it clear that users should expect to have their names and photos shown in association with third party companies without their consent, was only prompted because US authorities demanded it.

Since Facebook operates globally, why is it the US government alone that gets to say what its privacy policies should be?  Or do we feel any better if 190 other countries should also be able to ask for changes to Facebook’s privacy policies, so long as Facebook it has a presence in their jurisdictions?

It should, of course, not just be nation states or corporations, but the people – including non-state transnational networks of people – who have a say in the policies that apply to them.  Although they may not be citizens of the countries or customers of the corporations who apply those policies, they nevertheless have human rights that those countries and corporations are obliged to respect.

Unfortunately the international human rights framework does not have the machinery to prevent the infringement of rights ex ante.  The only way to do that is to have civil society human rights defenders participating in the development of policies that will affect Internet users worldwide.  This can mean giving them a seat in all of those policy development processes, which does happen in some places, like the Brazilian Internet Steering Committee (CGI.br) and the OECD’s Committee for Information, Computer and Communications Policy (ICCP).

But that doesn’t scale.  There are just too many possible venues and civil society’s capacity is too limited.  So rather than giving users a seat at every single level of every single government and company, an alternative is empower users to participate in the establishment of globally-applicable public policy principles, in collaboration with other actors in the Internet governance ecosystem including governments, corporations and technical community bodies, which those actors can draw upon in setting their own policies, and to establish a yardstick against which those actors can be held to account.

This is what many of us thought we would be getting eight years ago at WSIS: a multi-stakeholder forum, the IGF, that could develop policy recommendations in order to help institutions and actors to act in a coordinated and human rights-compliant way, along with a more formal mechanism of enhanced cooperation for governments, and perhaps others, to incorporate those recommendations into their policy processes.

But fast forward to 2013 and what do we have?  Well the IGF has become of such central importance as a global governance institution that it was almost cancelled this year, because nobody was serious about funding it; the ITU has shut civil society out from its Council Working Group on international Internet-related public policy issues; the US government’s propaganda about Internet freedom at WCIT last year has been exposed as more imperialist rhetoric; and we are still arguing about what (if anything) enhanced cooperation even means, rather than making the changes needed to actually implement it.

So it’s crunch time.  As Byron Holland points out, the Internet as we know it is dead.  The status quo is completely broken.  We need to create a more globally democratic way of dealing with border-crossing Internet-related policy issues.

And thankfully this year we have the chance to do that, through the CSTD Working Group on Enhanced Cooperation.  A joint civil society submission on this topic was sent to the CSTD last week, and I’m going to invite you all to endorse it, if you haven’t already.  You can read the text online, but here are some of the main points of the statement in brief (with apologies for any inaccuracies in my summation):

  • It acknowledges that there are a range of policy issues beyond the narrow issue of the political oversight of ICANN, for which there is no globally democratic process to ensure that human rights and other public interest perspectives are taken into account.
  • It acknowledges that such a globally democratic process cannot involve government representatives alone, or be left to the private sector or technical community alone, but will require multi-stakeholder involvement; however it does not accept that the Tunis Agenda’s description of the roles of the stakeholders in this process is adequate or accurate.
  • It asserts that in thinking about new frameworks or mechanisms, it would be productive to distinguish between the political oversight of ICANN and the broader public policy issues in other areas, such as privacy, freedom of expression and so on.
  • It agrees that the process of developing more globally democratic processes should take place in phases, and that we are now moving into a phase of more formalised transparency and reporting and collaboration among all institutions and processes dealing with Internet governance.
  • But ultimately it accepts that at least one new framework or mechanism to address global Internet related public policy issues that don’t already have an appropriate home is likely to be needed, and this should be developed through a process involving all stakeholders.
  • As to what shape that new framework or mechanism should take, we have some divergence – some favour an innovative UN-based mechanism, with extensive multi-stakeholder participation.  Others seek for more of a break from the existing intergovernmental system, and propose a natively multi-stakeholder process, that might be based at the Internet Governance Forum.

These ideas will be discussed further at the second two-day Best Bits meeting ahead of the global IGF in Bali this year, and again at the workshop Who governs the internet – how people can have a voice at the global IGF.  This workshop at the Asia-Pacific Regional IGF is an important feeder into that global meeting and workshop.  So I hope that we will have a rich discussion both within the panel and with the audience.

(The above is my presentation on Internet governance for human rights and democracy at the 2013 APrIGF.)

First reaction to the cancellation of the IGF

News of the cancellation of the Bali IGF meeting has been the hot topic of discussion since last Thursday, after news broke that there was a shortfall of $1.05m in the event’s budget of $2.2m. The Indonesian Ministry of Communication and Information had contributed only $250k, passing the baton to a local organising committee to raise the balance. To make things more interesting, the shortfall was only a little shy of the bill from the United Nations for its official travel and security detail: a cool $900,000. And then there was the brouhaha about the local organising committee’s panelists for cash deal (“Major [private sector] sponsors may recommend speaker(s) for the closing ceremony”, etc). Fun times. None of this should ever have happened; the IGF was created to perform a public function: as a forum to help fill an observed gap in global mechanisms for coordinating public policy on Internet-related issues. As such, the need for public funding seems obvious. But far from contributing funding, the extent to which the UN has actually been leeching money from the IGF has now been revealed. Moreover, according to participants in the former CSTD Working Group on Improvements to the IGF, UN officials were steadfast in refusing to even consider a recommendation that the UN contribute funds to the forum. So that attitude has borne fruit in the likely cancellation of the IGF – all over $1m or so. Can we imagine a WTO meeting being cancelled over $1m? The IGF has well and truly failed if it isn’t even worth that much to save.

The Role of Governments in Internet Governance

Here is a presentation that I delivered to Diplo Foundation on the Role of Governments in Internet Governance, using three recent case studies – the ITU’s World Telecommunication/ICG Policy Forum 2013, the US Congress bill affirming US policy on Internet governance, and the ICANN GAC’s Beijing Communiqué on the new gTLD programme. For a better look at what I’m talking about while you listen to the video, download the slides.