On the 20 and 21 of June took place the Internet Governance Forum USA in Washington D.C., where stakeholders from different amercian institutions joined to discuss on the issues of the Internet
The Preliminary Youth Session
The Youth IGF USA was the preliminary event to the Regional IGF. It was divided into three sessions. The first on Internet Governance, the second on the state of affairs at IGF-USA 2022 and the last on how youth can stay involved.
There were many questions raised throughout the event that we have summarised below:
- What does internet governance mean?
Everything that we do to interact with the Internet is Internet Governance. Every time we use a search engine or use a DNS server, we take part in Internet Governance. It is a journey, that all people share, regardless of our path or our background. We have the goal of achieving a secure and open internet, but to get there we must share and listen to all voices.
- Which actors govern the internet, and who are the most effective?
The Internet is very different from other sectors, unlike manufacturing or pharmaceutical, we don’t have an oversighting body to control all steps. The closest we have to a centralized governing body is on the lowest level of the internet, the infrastructure, where ICANN decides over name domains. The upper levels are maintained by businesses, subjected to national laws. However, seeing that most of these companies are American based, we can argue that the US runs the internet, and it is moved partially by its interests. The model raises a lot of questions, such as effectiveness, the right path for all, and who decides what is right and what is wrong.
- How do we keep the internet global, and support cooperation over fragmentation?
Fragmentation touches many different levels of the Internet. We can start over who has access to the internet and focusing only on this variable, fragmentation is getting smaller by the second. We can also look at domain names, in this case fragmentation gets bigger and bigger as more people join the Internet.
Even though fragmentation tends to have a negative connotation, we can have positive fragmentation. For instance, the EU has certain laws like the GDPR to ensure that their citizens and their rights are secure. On the other hand, the removal of content or the limitation of information creates a great risk of harmful fragmentation. Connectivity and the free flow of information without virtual and physical barriers are the best way to avoid having a fragmented internet.
- To address issues of fragmentation and connectivity are we looking at the right form of governance? What opportunities are there to expand and include other groups like young people?
There is always room for improvement. “Multistakeholder” is a very hollow word unless we practice it daily. The key factor it to get new voices and new perspectives, otherwise it becomes the same group of people, with the same ideas and the process stops. By getting new inputs, we can learn and share new challenges to achieve success.
The route for a more robust Internet is having a strong local internets, that can cooperate with other local internets, but that is tailored to a certain region, and is governed by the people in that region democratically.
- How would you structure internet governance to meet global needs?
We need to listen to all voices and avoid having a system where the loudest is always the one who gets the attention. We need to have input from big companies and smaller businesses and communities to create a solution that meets all needs.
- What issues on internet governance are the most important for the next decade?
The issues of the Internet change very quickly. Where first we saw cybersecurity as the biggest threat to the system, the paradigm has changed, and misinformation has stolen the spotlight. Disinformation and fake news have become the biggest problem to democracy, health, etc. The only solution to this problem is a complete change in how we look and operate the Internet.
At its root the Internet shares the same problems as politics. For instance, the US fomented the creation of big global companies that now compete with its institutions for power.
- What is missing from internet governance?
The most important thing missing is time, we have many sessions and events going on at the same time, and that means that we need to focus on one specific area and miss out on many other. Another issue is the need for a mentor that guides newcomers to find their passion and the areas they want to invest time on. Finally, there are so many diverse topics that no one can know about all of them, so sometimes it can be discouraging and overwhelming for newcomers not knowing the slang or the people to connect with to learn more.
- How can young people be more heard inside the community?
Most of the cases, to be heard you need to be involved politically, and help democracy be stronger by participating and not listening to the voice of “one person doesn’t matter”. It is important to listen to other people and inform ourselves in the relevant digital areas so we can all discuss together.
We broke the first barrier, that is being at the same space. By being together we can begin conversing with relevant stakeholders and keep on pushing to being heard. To be heard we need to reach the people, and through the IGF we can have a space where we can reach these people and become a part of the community.
The NRI Session
The United States IGF began with an opening statement from Melinda Clem, Co-Chair of the IGF-USA followed by the opening fireside chat, where Dustin Loup, Co-Chair of the IGF-USA, and Alan Davidson, Assistant Secretary of Commerce for Communications and Information and NTIA Administrator, U.S. Department of Commerce, talked about broadband and digital equity, cybersecurity, and Internet Fragmentation.
Following began the first session “Beyond Content: Improving Trust and Safety and Enabling User Choice” where they discussed the issues around free speech and contend moderation.
They talked about the difficulties faced by businesses and consumers derived from the differences between states over illegal content. They talked about how most internet users are more concerned about platform’s political power over economic power, and how they have the power over content moderation and can alter free speech. They talked about how most Americans see the social media platforms as a dispersion of malicious and deceivable content, mostly derived from political involvement. They also commented how online affects offline lives, showing that for instance people that viewed political debates online didn’t usually join virtually but rather became more active offline. They talked about how traditional media is one of the sources that feeds social media, giving the example of the election, how traditional media was the initiator of the election fraud claim whereas social media was the diffusor, as users are on many different social medias, and being on one platform is non-exclusive to being on many others. They talked about market pressure on content moderation, in different platforms, particularly about search engines. They talked about how the market is not dynamic enough to give the users enough choice, there are many platforms that try to become competitors for the big tech, but the market shuts them down. They talked about how users don’t know how platforms such as search engines select the content, and users don’t know the kind of algorithm that filters the information, making the platforms very powerful over the information people have. They commented how the interaction between the user and the platform is very relevant when looking at the results, such as using the same words in different order can give very different results. They recommend the creation of third-party algorithms that we can insert in the platforms and control the order of our news feeds and decide what filters we want. However, they also argued that social media platforms cannot afford to have third party software that can look at a user’s data and create a risk of leak. Also, they commented how the users could still be subjected to harmful content, as filters simply stop the content from reaching the user instead of removing it.
On the next session: “Beyond the Encrypted Contend Debate” they discussed about the access to encrypted content.
They talked about how encryption tends to be in the spotlight for a very short period of time, surrounding the decryption of a suspect phone for instance, while it is a public responsibility to continue to press it to the public sphere. However, not being in the spotlight means that it is advancing, and that people are using it more and accepting it into their daily lives. They talked about the importance about end-to-end encryption particularly when sharing a WIFI network can lead to other people stealing the data. They also talked about the issue around security and access to devices to detect security concerns as well as child abuse. They discussed how certain companies can avoid legal action because their user data is encrypted in a way no one can access it, such as WhatsApp conversations. Finally, they commented how encryption was not usually the problem when dealing with abuse cases, and all people should have a right to privacy and being safe, without the need to have an over-watching body that controls what they do and what they say.
On the third session: “IoT: The Glue of critical Infrastructure, Or is it?” they talked about how to keep the internet infrastructure secure against threats that exploit the IoT network vulnerabilities.
They began by describing how their organizations viewed IoT security, beginning by the operator AT&T, who commented how if IoT devices are insecure they could be used as a gate to launch large scale attacks, the solution involves all actors, from manufacturers of the device to the network operators, including mostly the standardization bodies that define security standards. Oracle commented the importance of creating international standards to avoid global outages in big platforms. Finally, the FBI commented on the cybersecurity threats derived from war.
Next, they commented on the public-private partnership to create more secure devices, specially focusing on law enforcement. They commented how most of the critical infrastructure is owned by private companies, making collaboration between public and private entities critical to keep it secure. Also, they commented how if each country is doing its own public-private collaboration it can lead to fragmentation of networks. Also, they commented on the importance of global standardization to ease the weight for companies, particularly the manufacturers, that want to reach global markets, and make sure that all devices have a baseline for security that all users can trust, always making sure that the standards are risk based. They commented on how cybercriminals will have the resources to attack the network and all agents must be prepared for the attack to happen, and it is important for companies and consumers to know about the risks. Also, they said how the average consumer might be overwhelmed by all the requirements necessary to be secure online, regular software updates, reprograming machines, installing software, etc. and that might reduce their interest in being secure.
On the next session: “Future of Online Markets” they talked about current US antitrust proposals regarding Big Tech and their impact on major digital services and customer experience.
In the US, they are starting to discuss bills to regulate app stores, anti-trust laws, and the American Choice and Innovation Online Act S.2992 (ICOA), to open up the e-commerce platforms to smaller players. They talked about the state of competition on big tech, highlighting that these new markets are emerging, around new technologies such as VR and AI that create opportunities. Also, they commented how Big Tech means different things to different entities, for instance, some consider only GAFAM, not including other social media such as Twitter, whereas others include these smaller platforms. Also, sometimes we can assume dominance in a market that is not real, for instance, Walmart doubled Amazon’s revenue in online sales, meaning that Amazon is not the most dominant platform on the retail market. They commented how the government needs to spend many resources to apply anti-trust laws, as companies usually argue that they are not monopolies. They commented how the laws criminalize actions from companies, not companies themselves, therefore a business that uses a dominance position in the market to harm customers and abuses that position can already be brought to justice under the current anti-trust law. They commented how the new legislation does not address particular companies, rather defining the requirements to become a gatekeeper. They commented how certain platforms such as Amazon tend to prioritize their own products, and how with the new legislation S.2992 all companies start with the same rights for a “prime badge” and the consumer can decide who will provide the product, giving them a fair shot to compete in a level playing field.
Lasty, on the end session: “Net Breakup – can the Global Internet survive war and geopolitics?” they talked about Internet fragmentation and the effects of geopolitics on the Internet.
They commented how certain governments use the term digital sovereignty to justify fragmentation, particularly regarding privacy. They commented how different regions like the EU with he GDPR were creating fragmentation, and US companies had to comply with rules that were not from their own country, resulting in the US taking a more reactive role toward regulation. They commented on how there are three different types of fragmentation: technical, government and commercial.
Regarding technical fragmentation, ICANN commented on the creation and monitoring of standards. They commented how there are no “internet police” and no way of making sure that the protocols are getting used. They said that the Internet was created by a very wide number of networks, each owned by an operator that had the power to decide what to do with their network, with no body able to tell them anything. However, they commented how thanks to the market, operators are forced to interoperability to achieve success. Also, they commented that DNS protocol is big enough to make it very hard to evaluate compliance in every standard, however, operationally, they could make sure that they are within contractual limits for variables like response time. They commented that there should not be a standards enforcement agency, because they don’t want a single country or alliance of countries dominating standard enforcement. Certain standards are always followed because they are the best technical solution, and other ways of measurement like contractual obligations can still be obliged. They asked whether not blocking “.ru” after the war broke out was the right decision to make from ICANN, who argued that it was the right decision, as ICANN is a technical coordinator of the internet’s unique identifier, not wanting the make the internet politized, and arguing that the multistakeholder model makes it impossible for ICANN to take unilateral action. They also commented how ICANN would not have impacted on the war, and them taking sides would make more damage to the Internet. They also commented how despite the sanctions, they still authorised transactions related to telecommunications and certain internet-based communications and services, software, hardware, and technology to make sure that everybody still had access to information. In the US the president has under section 706 of the communications act to shut off American internet but only under very strict restrictions, also commenting that there was a too small a chance that there were a cyberattack so broad that private networks could not repel it. They commented how the US negotiated international laws for 5G network security that many countries signed.
Next, they went on to government fragmentation, starting with privacy and the European GDPR. They commented how from a technological perspective, the privacy regulations do not affect the internet because it is too high up the Internet layers. However, they also commented how it could lead to fragmentation, as privacy concerns could lead to data localization concerns, and affect the open access to information. They commented how the US export controls does not include data, and they should be careful, when blocking certain platforms, as the blockade could become reciprocal, for instance, blocking TikTok could lead to the Chinese blocking YouTube, despite the fact that the Chinese have already blocked many American apps. Eventually, this could lead to other regions like Europe to also start blocking platforms. Next, they went on to talking about cyberattacks, and the need to cooperate with their allies to mitigate the risks and share experiences to create a more resilient network and a faster response unit.
Last, they talked about commercial fragmentation, starting with regulation. They commented how businesses didn’t have enough time to change products when laws are passed very quickly from state to state. They commented on the importance of having a “country” law instead of having many different state laws to give businesses legal security. They also talked about how businesses need to have the flexibility to innovate and have the reassurance that the government guaranties access to market. Finally, they commented on the importance of providing connectivity for the rest of the world, the same way other countries like China have done very effectively.