IGF 2023 – Day 4 – Data governance and trust for the Internet we want (co-organized by NRIs) – RAW

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.

***

 

>> ZANYIWE NTHATISI‑ASARE: Good morning.  Welcome to the 18th Annual IGF Meeting of the Internet Governance Forum. 

Hello, and as I say in my home country, South Africa, in Zambia (speaking non‑English).

We can meet global communities through 160 plus, national, regional, subregional and youth IGF initiatives, focused on data governance and trust building, we will explore the vital link between reliable Internet and effective data governance.

Our discussions will delve into the diverse role of data and societal progress and sustainability.  Existing governance mechanisms examine the potential benefits of regional frameworks for robust data protection.

The panel will analyze the differing impacts of data regulations in the Global South versus the Global North and explore the feasibility of a global policy paradigm versus local solutions.

Additionally, we will unveil practical strategies for enforcing data strategy regulations, especially concerning empowerment strategies for Internet users and data subjects.

We will look at the culture of sound data, and data governance, existing methodologies that can be used to refine data protection policies, examine the capacity of data governance frameworks, enhance transparency and accountability in the data ecosystem.

We will break down what responsible data usage looks like in our society, and like in values.

Last but not least, we will also look at discussing the mitigation of inter‑fragmentation and the challenges associated with that.

My name is Zanyiwe Nthatisi‑Asare.  I am an entrepreneur, advocate of the High Court of South Africa, with a focus on data protection and emerging technologies, CO of digital legal, a consultancy providing regulation, policy and information technology based services to both the private and public sector clients.

I have been afforded the privilege to be your onsite Moderator for this main session titled data governance and trust for the Internet we want.  Hosted right here in Kyoto, Japan.  Joining me online as a Moderator is Judith Hellerstein, from the United States of America.  And I have this amazing panel in front of me.

So, what I will do is to get this show on the road is I will allow my very capable panel to introduce themselves.  The first question that we will start with, when I ask you to introduce yourself, is to just explain from a regional perspective and an NRI perspective, what specific mechanisms exist from your regional, your locality and do you believe they are working.  If we could have name, where you are from and do these mechanisms exist and do you believe that they are effective?

>> CHARLES SHAABAN: Good morning, everyone.  Thank you.  My name is Charles Shaaban.  I am the Middle East consultant for the International Trademark Association, known as ITA, here representing the Arab IGF.

To answer your questions, there are many, of course, laws in the region to tackle the data governance in general and sometimes data privacy.  Maybe it became a more important issue after the GDPR became known.  Many of the countries in the region started having their own laws.

To be very practical, some of them is mainly laws and the maybe not used a lot.  So, we need to tackle this even in the Arab IGF.  So, I think the best way to start by presentation is to mention something that in the Arab IGF we are supposed to have one in February, next year, hopefully.  So, one of the main tracks regarding data governance, again.  I will just read a small paragraph, it mentions what are the description about this track in specific and I'm happy to know that our co‑chairs of the steering task force of the Arab IGF are here who helped in that.

So, the data, the importance of data is on the rise, an organization wealth and value is measured today by the data it collects and owns on its users, clients and individuals.  In fact, data today became a vertical economy by itself.  This data is used for engagement, growth and monetization purposes.

While it's acceptable for organizations to benefit from the data they collect on the individuals, it is far more important to protect and preserve the individual's right regarding the data collected about him or her.  This is crucial since the collected data is not only related to the individual's bio data, but goes beyond that to include habits, behavior and demographics.  This is done today by almost all organizations interacted with through cyberspace and the Internet, therefore, individuals have an equal right to know what data is collected about them, how it is used, manipulated and analyzed.  They have the right to view it, review it, dispute it and provide their consent to.  It address the challenge, data privacy and data governance became the focal area to ensure the fair use and balance between rights of organizations and rights of individuals and how their data is used.

As you noticed, even in the Arab IGF, we want to even to tackle this more, so hopefully we will have even more rigid laws to answer the questions soon and after the participation of all stakeholders in the region.  Thank you.

>> ALISON GILWARD:  I go? 

Good morning.  I'm Alison Gilward from IGF Africa, a governance think thank which is based in Cape Town.  I'm from the University of Cape Town, Nelson Mandela School.  I represent the IGF proudly, and I have been asked to speak particularly about the African Union data policy framework, which we are technical advisors on.

While we speak about trust, although there's been a lot of development around the mechanisms you need in place for trust, these are often on the basis of assumptions around material markets, material democracies, rule of law, you know, high levels of human development.  So, a lot of absorptive capacity and to exercise one's right.  They don't pertain in other part of the world, but we need to create the trusted environments in.

The African Data Union ‑‑ the African Union data policy framework very much acknowledges this environment.  It's a very high‑level principle document that has these very aspirational and important rights‑based principles in the document, but it also is, we can do this to a progressive regulation of this, that we are in uneven spaces in development.

I should point out that the data policy framework is much more than a data protection framework.  The effect of GDPR on the continent rollout not always effectively of data protection mechanisms on the continent, but this document, this framework is far greater than that.  It's about personal and nonpersonal data, and, importantly, about creating a trusted environment to unleash the use of nonpersonal data and particularly within a number of initiatives, which I can speak about on the continent.

The data governance framework is comprehensively covered in terms of data access, control, quality, open data, those kinds of governance mechanisms that we need to create an effective data economy on the continent, but it's also prefaced by a very important front end first part of this document, which acknowledges the digital readiness and legal and human rights readiness frameworks that we need on the continent.

So, the first point to make probably is that only a third of Africans are actually connected to the Internet.  So, while we are trying to create a trusted environment, it's highly exclusionary currently.  So, all of these foundational infrastructures, foundational law and enabling law is required.  And the document is progressive, I believe, it globally progressive in this context in which it acknowledges the importance of inclusion of equity and a redress, importantly, in this environment and the need to create an enabling environment, which covers the kick box now on data protection and data security, but very importantly speaks about the importance of legitimacy.  You don't simply get ‑‑ those are necessary conditions for trust, but you don't get trust simply from data protection in a secured Internet.  You need to have the legitimacy around the enabling framework so that people, actually, feel it's a trusted environment.

>> ZANYIWE NTHATISI-ASARE: Thank you for that, Alison.

If we can move on to Raul.  Same question.  If you can just tell us your locality where you come from and effectively what are the mechanisms and are they effective.

>> RAUL ECHEBERRIA: Yeah.  My name Raul Echeberria.  I am the Executive Director of Latin American Internet Association, that is a private sector association in the region, but I am here representing all the LACIGF community.  And Latin America is a region that is advanced providing frameworks, regular frameworks for data protection.  It is important to consider that we have as a reference ‑‑ we have a reference that is a very solid one, that is the Inter‑American citizens for human rights and Inter‑American standards for human rights.  So, all the data protection layer frameworks are inspired or aligned with the protection of the rights according to those standards.  And there are solid institutions in most of the countries have their own laws on data protection.  And most of the data protection authorities are independent and while we don't have an original framework, we have a good level of coordination among the authorities and they work together.

The data protection laws have been highly inspired in DHPR in the last years, the last one like Brazilian example in my view is an improvement with regard to the GDPR.

We are seeing now discussions in most of countries updating their local frameworks, because even countries that were pioneers in this field, their laws are becoming old and they need some updates and there is a lot of discussion in several countries with regard to that.

But I think this is a crucial, sometimes we say, we hear that we live in a databased economy, but it's not entirely true.  I think we should say that we live in a databased society.  It's not only the economy, that data is important for everything, for all the services we receive from public sector, occasion, for many areas.  So, that's important to have a solid legal frameworks in order to do the management, to have a management of the data that make available a lot of opportunities but in a trusted way.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you for that.

Lucien, if you could give us a go with that question.  Where do you come from, what's happening in your locality, and we would like to know whether you believe that it's effective or not.

>> LUCIEN CASTEX: Hello, everyone.  Bonjour.  I will speak in French, since I am representing the French IGF here in Kyoto. 

Good morning to one and all.  I will maybe begin by introducing myself.  Lucien Castex.  I am the representative of public affairs and partnerships at the FINIC, and I am co‑chair of D France, which is one of the national entities here.

Perhaps, to introduce what I want to see, I would like to quote the philosopher Ludwig Wittgenstein, who said that philosophy is a struggle against sorcery involving intelligence by the means of our language.

Today, with the Internet and the debates that we have on data governance, we see that to understand Internet or the Internet that we want to have is different for most how to determine the terms in which this exists, data, of course, the governance of the data.  But the notion even of trust, what does that actually mean when we have trust in something?  These are considerable objectives that we have to attain.

Now, if we can talk about this as something that we use every day, sometimes we use it without even knowing it, but we haven't yet building it.  Not only from a technical point of view, but also from a societal point of view with new uses forever coming to the fore.

We need search and find the equilibrium between the cyberspace security, but also the protection of our fundamental liberties and rights.  This is often an arduous task, but it nonetheless remains essential, at the crossroads of what we all want to do.  This is not only the 2030 Agenda, but also the review in 20 years of the World Summit on the Information Society.

But also the negotiations that are ongoing on the Digital Compact.

In two words, then, in France, but also within the European Union, there are various types of legislation that come to the fore and there's currently being negotiated or almost going to enter into force.  The RDP in terms of data protection, which has been up and running for a few years, has already had an impact.

Today, when one look at emerging technological regulation in particular as concerns artificial intelligence, if we look at digital services, what happens on this market and also data governance acts, we are already setting the foundation with this legislation that would allow us to have the participation not only of citizens, but also of states in data governance.  Here we see myriad strategies.  But one of the most important parts of this is that everyone plays a role, including citizens.

And indeed, there are strategies that we see that want to involve this not only in primary, but secondary education, but all along our lives.  And this constitutes a key for all of us to decode what lies ahead of us.  Because to understand is to take action and in order to do this, we have to be able to understand what is at stake and understand what this data is.  And this, of course, is important for this to be done transparently.  We have had legislation in France against the manipulation of data in 2018.  And we are currently thinking about the way we use data, how do we protect children online, and how do we counter racial hatred.

All of this means that the rule of data is essential in this and the fact that this data can circulate is also the utmost importance.  So, this, of course, is important for us whether we have national or regional GDPR, we have all of these international fora and national fora all play an important role.

We need to continue to have an overall vision that enables all of our cultures and diversity to be represented.  Thank you so much.

>> ZANYIWE NTHATISI-ASARE: Thank you for your contribution.  If you could ask you to provide us from your perspective, you know, where do we stand from your region or your NRIs, mechanisms from governments and trust perspective and do you believe these are effective?

>> YIK CHAN CHIN: Yeah.  Ladies and Gentlemen, this is very good opportunity for me to share our information to you.  I think this is an area of focus on the data security, accuracy and timely.  I think for ‑‑ I am from China.  My name is Lu Tran from Chinese Academy of Sciences and IGF.

You know, China is a big country, so many people and the people in the research and also in the society wanted to get data to support development.

How make the data available to innovative discovery, and also (?) and I think the third think is data quality.  How to make that high‑quality data available.  And this is complete issues.

Data did a lot of research work, but they think this is private, this is intellectual property product.  And how to balancing property protection and open shared.

So, we discuss this for almost 20 years in China.

Finally, China make the decision it open science digital data policy.  This is the national data policy.  And then we establish now infrastructure, we establish data centres and the collected data.  We have the global change research data publishing and the report, it's what established nine years ago.

And we have a serious principles, guidelines and policies standards and the management procedures.  Then up to now, then more than 1000 data site have been published.  And more than a million assess the data in all the world, in over 100 countries.

So, this data centre was approved by all data system to be one data centre.  And got prize in 2018 in the e‑science campaign.

So, this product means we needed peer review.  The data science put there and so many data, they are confused which one is the high quality.  Which one can be used to transfer to another users.  So, this is key of the data governance.

And another big challenge is more and more data, so many, how make the data available to not only for research scientists, but for the society, for the local people, for the village people.

So, we start a new programme we call the GIES, that means Geographical Indications Environment and Sustainability.  Up to now, 101 partner draw on this programme and we open data, open knowledge and open cases sempers, and big data and Internet technology.  And also in the case engineering examples.  Together systematic management and the geography culture get together.  So the cases, 17 cases in China, they are two years, very successful.  More than 600 village people through the data driving methodology and they get benefit.

And also customers, they got good product through the open data and the open knowledge.  And FAO does what could be done and we transferred GIES technology to FAO, OCOP programme.  OCOP means one country, one priority product programme.  So, several countries use this, free use this technology in their national strategy for agriculture development, such as Bangladesh, Nepal, and several countries in Asia and in the Pacific.

Ladies and Gentlemen, I would like to say, this is the time, this is era of the data driving.  There are challenges, but opportunities.  We have no choice except to make right or suitable framework in the IGF framework in the global scale, but also in the local, national and regional scale.

We work locally.  We are not working globally.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much for.  That I think we have really had good positions and breakdowns of where you are from, what we are working with from a mechanism perspective and whether they are, actually, working or not, and I think we ended quite nicely with looking at, you know, creating single market‑based data governance and trust mechanisms and I think that will open me up to you, Alison.

We are looking at the African Continental Free Trade Area agreement, and looking at really that single market.  What does that mean and what does that look like from a data perspective to ensure that this is an effective piece of legislation, but also for economic development in Africa knowing that data is really a crucial perspective for that to be possible?  Could you give us your inputs from that perspective?

>> ALISON GILWARD: Thank you so much.  I think this is a very important aspect of the African Union data policy framework.  I think if we look at other data governance and data protection frameworks, particularly data protection frameworks, they are very much focused on individualized notions of first generation rights, particularly privacy rights, and they very often in our context not balanced, although some of our data protection regulators also responsible to access to information but not a whole freedom of expression.  I think this balancing of rights, firstly, is not very practiced amongst data protection regulators on the continent.  So, we have those of these individualized notions that we have taken from GDPR and very much based on a very legal contractually formed consent.

I think one of the things is, actually, to acknowledge the need, particularly because of these drivers around economic development on the continent.  These opportunities offered by the African free trade area and the single digital market is looking at into acknowledging or building into our policy because I think it is critical to trust that people's economic and second and third generation rights are also recognized in this process.

So, I think if you look at ‑‑ if you look at the framework, the issues around ensuring data access, ensuring on the continent we shift from very narrow notions of national sovereignty and localization.  And I'm not suggesting just open free flows because I think at the moment we got about 90% asymmetry in our traffic flows throughout the continent but leveraging that within the continent to ensure we get the data flows.  And for that we need the trusted harmonized framework, so the work of the African Union at the moment is in the second phase.  It's in the implementation phase.  There's an action plan for governments.  There's a training and capacity building tool governments can use and that's happening with the regs and the training of the regs.  Data protection regulators as they take on these additional tasks on the continent.

But I think the critical issue here is a lot of the focus from current data governance as I said assumes there are lots of other things in place, and it's so really focused on ‑‑ and what we argue in Africa is a very uneven impact on harms associated with data‑driven technologies, but not adequate attention to how we redress the uneven distribution of opportunities and what we are trying to do is ensure that countries are more evenly digitally developed and have these enabling trust environments in order to reap the benefits of a common market, which otherwise is going to be very uneven.

>> ZANYIWE NTHATISI-ASARE: Thank you for that.  And I think you really touch on some crucial points, what the data flow, ensuring that we don't have uneven markets.

But I think the base and the platform of all of this flow really depends on aspects around Internet protocols.

I will open the floor up to you, to maybe explain to our audience and maybe your viewpoints on the relationship between trust, data possessing, data governance and domain name systems.

>> CHARLES SHAABAN: Thank you.  It is very important.  In fact, taking from what doctor mentioned now, anything in the real world should be implemented on the Internet, too.  So, going back to the DNS, as you know, as many of us know that DNS, when it started, the Domain Name System, they used, for example, for the intellectual property part, they say cyber squat when someone may be registered trademark.  Now there are more definitions of what is DNS abusers.  There is the European definition, there is even recently in Jordan they issued a new data privacy law.  So, this privacy should be, again, on the DNS.

So, what we think is suitable maybe is to have a balanced laws and treaties to ensure preservation of the privacy and, at the same time, include a clear mechanism on how to enable the right holders to reach some needed private data.  In other words, just to say it for as everybody says, privacy is very important for everyone.  We need to preserve it on the DNS, at the same time, for example, everybody knows who follows ICANN processes that since more than 20 years they are still discussing the what should be there, what shouldn't be there.  Of course, private information, address and so on should be there for sure, everybody agrees on that.

But maybe we need a process how to reach an infringer of the domain name was used in bad faith.  And maybe just since I work now with the international association, to mention the latest definition of DNS abuse for benefit of something, which was approved recently by the way from Interpol and it's more broad, not only as when I said it was only cyber squatter or something, no.  They defined it as any activity that makes or intend to make use of domain name.  Domain Name System, protocol or any digital identifier that are similar in form or function to domain names to carry out deceptive, malicious or illegal activity.

So, I think this, as we started that, shows that we need to implement what we have in the real world, what's coming on the digital, of course.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Those are very practical points, and I think straight to the point.  And I appreciate that.  Thank you for that.

I have got a really good panel, super lucky.

I want to go to Chan and speak about quality control and the research aspect of this.  I mean, both speakers have discussed about how important the space is becoming.  We have discussed the economic side of things.  We have discussed the DNS side of things and how there's that overlap really between personal data and data in general that, you know, and I think we will get to the point where we won't be able to have a really clear distinction, because there will really be things that work hand in hand for the future of work, the future of how we interact, how we live, and the future is, actually, we are living in now.

From a research and control perspective, what are your viewpoints on this particular matter or subject?

>> YIK CHAN CHIN: Yeah.  This is a good question.  So, data quality control, three steps.  One is we set up framework for principles, guidelines, and standards, procedures and definitely go to the peer review.

So, we have three stamps for the peer review.  First view and second, third view.  Definitely need.  If they are conflicted, we need another one.  This is one thing.  So, go to the framework of structure, procedures.

And second ones, we need professional team for the viewer and that's for the data management also.  We have a training programme and new challenging comes, new data comes, how to dealing with this.  We have regular meetings, training programme.  And not only for the reviewer, but for the users, we did this.

And third one is for the public, after the publishing for the users, because feedback to see what quality they want, whether it's good or not.

I think this is the key.  If the data quality controlled and the data users will be very happy that.  More and more people to benefit from the data.  Thank you.

>> ZANYIWE NTHATISI-ASARE: I couldn't agree more.  I really couldn't agree more.

But I'm going to go to you, Raul.  We have been having these conversations but the big bad wolf for some hasn't come up.  If you look at economic factors it, looking at big tech, looking from a Latin perspective, but I think we can also speak from a developing world perspective and Global South when it comes to considerations from an economic perspective balancing out the issues of trust and a way that move forward in a manner that is sustainable, according to developed of human rights and respect of privacy, what are your viewpoints on that particular matter and very keen to hear what you have to say.

>> RAUL ECHEBERRIA: Thank you.  I think that is clear that the data needs to flow, because we need the data to be available to make accessible services, to favor commercial transactions.  So, the objective of all the legal frameworks is that we allow the free flow of information in a secure way.

So, the certainty is, legal certainty is good for everybody.  For all the stakeholders.  And I think we are understanding together, different stakeholders, we are understanding that.

But in Latin America doesn't have a transnational structures, like Europe, for example.  So, we have to deal with in Latin America and the Caribbean with more than 30 different jurisdiction.  So, in order to make ‑‑ we have to make the data flow in a way that favor the economic development of the whole region.  We have to be very careful with the laws.  And we spend a significant time discussing with policymakers and I think that's the national and the regional IGFs are crucial for that for having an open conversation with among all the stakeholders.

Sometimes policymakers think they are doing something that is ‑‑ goes in the line of protecting rights of the people, and sometimes it could have exactly the opposite effect.  And this is why, it is important all the stakeholders are involved since the inception of the policies.  I think I will stop for the sake of the time, I will stop.

>> ZANYIWE NTHATISI-ASARE: Thank you.  Thank you for those considerations.

So, that takes me to Lucien.  Looking specifically at the legal considerations around this, I know you made mention of WSIS, who if you think about it, they have got the common vision and desire and commitment to build a people centric, inclusive development for Information Society and looking to ensure that these aspects of data governance and trust are adhered to.

If we speak about legal considerations and the actual ramifications of antitrust behavior or behavior that really undermines the aspect of trust, what would you give us, I think, from your NRI, but also from a global perspective, especially being from the EU and being a GDPR expert?

>> LUCIEN CASTEX: Thank you very much for this exemplary question.  We need to seek and strike a balance.  This is of paramount importance, between legal security, as was already mentioned previously, and transparency.

These are the very bedrock of achieving security and transparency, and at the end of the day, it allows the user to understand what we are going to be doing with the data.  And also to understand what is the legal framework or the legal frameworks, which is applicable to them.

At the EU level, as you know, we talk about the decade 2030, and we see this at the core of many of the agendas.  The European Commission, we adopted indicators to follow this digital transformation in the EU and to provide various guidelines to the Member States.

When we talk about data and the free circulation of data is also mentioned, what this also means, it means a digital overhaul, transformation.

And in terms of data governance, and I'm going back to your question, this transparency is essential with data that flows.  And we need to keep an open and neural Internet within this ‑‑ it needs to be interoperable, trustworthy, that is at the very core of our vision.  Digital is a resource and as well as a challenge.  And this 18th IGF here in Kyoto bears witness with all of the wealth of the discussions that we need to have a multistakeholder approach, which would enable to have a diversity of opinions.

In this regard, the cultural diversity, linguistic diversity, as well as ideas are all the more various ways to look at these various governance modalities and these various governments.

Finally, when we talk about data, this also means that we need to talk about the similarities between the data and also this open source that is also essential.  And we would look up all the very specific characteristics.  There are gargantuan resources for the Internet.  We also need to identify what those solutions are for this world governance.

In summary, we need to endow ourselves with the clear data, specifically with GDPR.  This means to endow ourselves with clear transparency in terms of these digital resources.  We need to have a liability framework with the different stakeholders within the entire value chain, the digital value chain.  I think that they are at the very core to be able to develop a trustworthy Internet.

In summary, Internet is not a very different, as I stated about the previous philosopher, it is also the bad and it is also the way that we can move forward and the solution to that problem.  Thank you very much.

>> ZANYIWE NTHATISI-ASARE: You have highlighted transparency, accountability, and ensuring that we have a very people centric approach, which I really do believe is the future and is what we are progressively aiming to realize at a global scale.

This session is going to really open up the floor now and we would like to keep this robust, have as much interaction as possible.  So, this is going to be the beginning of our first round of Q&A.  I would, actually, like to start with our online questions.

If I could see a show of hands on the floor for any questions, I do note one.  Any more hands?

>> We have two.

>> ZANYIWE NTHATISI-ASARE: I do note two, three.  Okay.  We will start with our online questions and then we will start ‑‑ then we will proceed to the floor.  Thank you so much.  Judith, please take the floor.

>> JUDITH HELLERSTEIN: Thanks so much.  We have a question from Chris.  We directs the question to the woman from China, when she was talking about data quality, which has to do with data integrity and he would like to know what will be some of the recommendations when it comes to data integrity and governance because we sometimes forget the great importance of data integrity when having some of these conversations.  I will direct that question to Ms. Chan.

>> YIK CHAN CHIN: So happy to everybody, many people, interesting the data quality.  I think from our experience and we need work money partners together.  Only incentive academy is not good enough.  But that we work with governors, central government, with international organizations such as more data system, Internet science council and also works with the co‑data, internal committee on data for science and technology and so on.

So, then we work together, then, to make the framework, the framework that including the principles.  So, we have workshop in Nairobi to make data‑sharing principles.  And then we made the guidelines.  We learned from developing countries, OECD guideline, data guideline, and also we made our developing countries.  So, I have been to the chair person of the co‑data in developing countries for 20 years.  So, we collect the China and what this process could be suitable, operational procedure for the data control.

So, then we have the standards.  We set up a series of regulation rules about how to check, evaluate table data, special data, image data and so on.  Whole things we discuss with money organizations.  And this work in China and also suitable in the whole world, especially for the development countries.

For example, we work in South Africa, so with the University of captain and also in Asia country, Mexico, University UCDs.  And the thing this is accessible.  In this week we make the data control and the published data and the whole data.  So we publish 102,000 data science.  Not anyone complain for this kind of data.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much for that.  If we could please have the first question on the floor.  If you could introduce your name, where you are from and your question.

>> AUDIENCE: Thank you very much.  My name is Alkapos, I come from the Netherlands, also representing the Netherlands NRI years.  I currently working at KPMG the Netherlands in the responsible AI practice.

And I would like to share a little bit on also the data governance view from our perspective.  Because this morning there was a session about the origin of the Internet and also the parallel that we can make with data governance.

While the Internet started to grow from based on Internet exchange points, we can also do that on the same matter with data.  So, this morning was a session about the MCM data exchange and that was a session where there was shown that the same set of SD internet can be created for the data setup, including collaboration with Internet exchange points.  So in the Netherlands, the M Sim Internet exchange is major parking net.  But really encourage all countries also to collaborate with their Internet exchange point to come up with the same kind of infrastructure to make ‑‑ to connect all the data silos that we currently have.

So, my question would be if there are anyone interested in learning a bit more about this, yeah, please reach out to me.  And then we are happy to discuss any further thoughts about this.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you.  Thank you for that.  And I am quite certain that the panel will reach out to you.  And I think anybody else in the room, we certainly come to these forums for platforms of exchange of knowledge and to see how we can collaborate and grow the ecosystem.  So most certainly, thank you for that.

If we can please go to ‑‑ I'm going to go row by row.  You can start and the gentleman behind me and then we will go to the next row.  Thank you, please.  If you can introduce yourself, where you are from, and your question.

>> AUDIENCE: Giacomo Mazzone from the IGF. 

My question, listening to what has been said by Lucien about the European example, that is consolidated framework on data that looks interesting.  Is this a model that could be replicated?  Do you expect that the Summit of the Future next year data transfer can be one of the topics on which there could be proposals?  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much.

If you could please introduce yourself, where you are from and your question.  And if possible, the specific member of the panel you would like to direct your question to.  You can go.  We are going to go from the right to the left.

>> AUDIENCE: I continue?

>> ZANYIWE NTHATISI-ASARE: Which is your right, correct.

>> AUDIENCE: My name is Nazah Nicolas Urama.  I come from the Tanzania IGF and I also sit as the President of Internet Society Tanzania.

My question is about Internet governance policy.  You have a situation where you have huge data centres who are, actually, concentrated and manage and owned by a few companies, handful of companies, the Googles, the Meta or other big tech companies.  And now you have an issue of data sovereignty.

If there is an issue of data concentrating on a few companies, how do we convince countries not to go the data in a certain way in terms of their policies?  Because they see companies a handful of companies have all these data.  But we are trying to do them not to go the data sovereignty way.  So, how do we reconcile these to different situations?  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much.  Name, where you are from, question and who you are directing it to.

>> AUDIENCE: Hi.  Andrew Kampling.  I run a public policy and PR consultancy.

My question has been a really interesting discussion, but there are changes to Internet standards which can result in the loss of data, especially metadata that's used to measure traffic trends, identify malicious activity, enable connectivity between different messaging platforms and for general research, even dare I say compliance with legislation and regulation.

Now, the bodies evolved in data governance and trust are largely absent from the standards bodies, which, unsurprisingly are dominated by the technical community.

So, I wonder whether to aid transparency accountability, do you agree that we need to enable engagement by those bodies in the standards organizations like the IGF so their needs are taken into account when new Internet standards are developed.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you.  We are going to take one last question for this round and then please do give us the opportunity to just have a round of answers and we will certainly give the next set of questions time to take the floor.  Please, sir, go ahead.

>> AUDIENCE: Thanks for giving me this opportunity to speak.  My name is Cha Boi Young.  I'm from China.  Our institution, my organization is Fuji Institution.  It's a nonprofit research centre funded by Dr. Shadden Lee, the former vice VP of Orkan.  Both policy and the technical research and the data governance is one of our main research fields.  And we are very active participants in the IGF process, both in the China IGF community and the UN IGF community.

And I got two questions.  The first is for Alison.  Alison, maybe I pronounce it right.  During the past few days, I have heard a lot about people are talking about the time changing.  I think it's also the same with the data governance, the scope and the concept of data governance is changing, too, just as you mentioned, it's not about data ‑‑ only about the data protection.  It's about access, data quality and many others.

And we observed that more than 100 economies have published their data and data rules and our analysis wrote that some articles similar, such as the principles given the individual rights to their personal data.  Well, there are also some critical roles are different, such as the definition of personal data, just as Lucien just mentioned, the definition on the data, and the roles for data flow.  And more and more people are realizing the importance of international frameworks or norms on data governance, and we might need some consensus on data governance.

And my question is, from your perspective of view, at present, is it possible for our to make international norm or framework on data governance, and if yes, at present, what could be included to this consensus, and data governance be part of the GDC and what are your ‑‑ are you expecting the final text of the GDC on data governance, and this my first question.

My second question is to Paul and Ms. Yo Tran.  Now we have a lot of international platforms and organizations, such as the IGF, OECD, APEC, the world Internet conference.  They are all talking about data and the data governance.

Do you think it's necessary or is there any mechanism to regularly collect their outputs and afterward, just as many participants of this meeting have said, we can't discuss something always from the beginning.  We need to move on from where consensus or outcomes have been reached.

Do you think, and in addition, do you think the NRIs should play a role in this mechanism or process?  That's my questions.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you for those questions.  And I do hope that the panel have noted these down.  I saw you all jotting down.

So, perhaps I will start with the first question.  No, no.  We are going to first have the first round of questions, and certainly when the second round of questions come up, we will take that.  I want to afford the panel an opportunity to answer adequately and then we will open up the Q&A again, or the queues, rather.

We will go to the As now.  Go ahead, Raul.

>> RAUL ECHEBERRIA: Many comments on interesting questions.  But I didn't answer something that you asked to me in the previous round when you asked about the balancing approaches for development.  I think it's very timely to comment on that, too, because I don't think that there should be a trade‑off between development and rights.  And what we need is just to include the perspective of development, the needs for social, economic and human development as the objectives of the legal frameworks.

And there is a risk when we copy and paste policies from other regions, that probably other regions have no exactly the same objectives or needs that a developing region lick Latin America or surely I cannot speak approximate Africa, but I think this is the same situation.  So, my first point.

There were two questions about the GDC and the data and new mechanism.  I don't think that we need a new mechanism.  I don't think that ‑‑ probably the GDC will include something about data protection.  I think that it should be a delivery of principles, and not ‑‑ there are different approaches to data protection.  I think all of them are valid, and probably in the western world, the GDPR is very well known, but it's not the only approach to data protection.  I think it's useful to have all those earlier frameworks.  We need, obviously, coordination and dialogue among different countries that have different approaches in order to ensure that everybody ‑‑ everything is interoperable.

Approximate data sovereignty is a concept that I prefer not to comment on that.  I think that we would need much more time for that.  And this is ‑‑ there is not a single definition or a common understanding of what data sovereignty means.

And definitely I am against data organization.  I think that this is a terrible and it's a very bad idea to impose data organization, and especially for smaller companies and developing countries.  We could talk more about that, but for the sake of the time, I wish to say that is a bad thing.

With regard to the standards, I think ‑‑ I don't know if it is necessary that data protection, the people involved within data protection authorities participating in standard bodies.  I think it is very important that they understand architecture of the Internet, how it works.  Not only them, every policymaker with the responsibility to digital issues should understand how Internet works.  This is a basic thing and, of course, it also includes people involved within data protection and trust.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much for that.  I am going to do two things.  I am going to open the floor for Alison to answer.  I do have opposing views on the GDC's approach.  And, perhaps, I don't know if Alison, as you answer that, maybe just do walk you through the GDC and data governance and trust as one of the key pillars in really achieving Our Common Agenda and the core principles that if we think about data protection privacy come from.  I will open the floor up to you to do that.  And then after that, I would like us to speak about the second question that Raul alluded to, which speaks to, you know, data laws and looking at that scope of things.  Alison, if you could please.

>> ALISON GILWARD: Thanks very much.  I will just address Nizar Rahma's question, which I think was specifically relating to Africa, and the person, catch their name, from the Fuji Institute who addressed questions specifically but landed up on the GDC.  I will try and be very quick.

Thank you very much for the important question around data warehouses and the absence of them and the issues that that raises for data sovereignty and that most of our data is going outside of the continent and being stored outside of the continent often.  And not in forced governance arrangements that ensure reciprocity or common legal frameworks.

In the context of the African Union, because after that I'm going to speak about our own research as opposed to the African Union research, there is an acknowledgment that as I mentioned, that we need these basic foundational infrastructures.  We need the basic broadband infrastructure.  We need the digital infrastructure.  We need the data infrastructure and then, of course, we need the digital ID foundation in order to get these trusted environments so the people can interact comprehensively and equitably in the environment.

The data infrastructure one is an absolute critical one and, of course, is dependent on the uneven digital infrastructure that we already have in the continent.  What I think what we have tried to move from was a very strong, probably unrealistic notion of data sovereignty and localization that each country, you know, with its priorities were afforded would be required to keep their own data warehouses and each would have to build their own data warehouses.  Obviously such enormous benefits and cost ‑‑ and other benefits in cloud services that it makes sense to to do that in virtual environments that you are only pay for the costs that you need, et cetera, while ensuring that the data is held safely and under the conditions that protect your country's data subjects.

Within the context of the African, signal digital market, what we are asking for is for the development of this kind of data infrastructure across the continent so that, you know, where it's already being provided in some parts of the continent, quite significant amounts of data warehousing and storage going on in Southern Africa, for example, that this is made available on the continent and that we have cost based access to this data amongst Africans that can use this data more effectively and more cost effectively.

So, I think it is a critical policy issue that we have got to shift our position to the realities around Africa so we can benefit from those data flows that we are wanting, you know, across the continent.

And also just acknowledging that, you know, sitting on data that you are unable to store, process, you know, share, charge for, really doesn't build data value, public data or commercial value.

Just very quickly, then, to, you know, go to the important questions raised by the person from the Fuji institute, I think this is exactly the kind of governance issues that we are struggling with now, is around getting some kind of consensus that we absolutely need for global governance.  I think a lot of the times we are talking about national and regional, you know, harmonization and/or establishment of policies that are now evolving with the changing technologies that we have, but in fact, many of the enforcement aspects of this, whether it's around data protection or misinformation or a number of things, actually requires global governance.  It requires us to globally cooperate to, you know, deal with big tech that has bigger money and interests in many of our countries, and to collaborate around some sort of normative consensus.

The normative consensus we have imagined we have is vulnerable, it's fragmented.  I think ‑‑ and I think there's been some kind of attempts to get us into a false consensus, sometimes by shifting language of human rights to people centered to we can accommodate that.

On the other hand, I do think that there are historically very ignored issues around other aspects of human rights, as I mentioned in terms of economic justice and, actually, shifting it.

If you have just got human rights of privacy, if you have got as we move into AI, you know, ethics by design and these kinds of things, they only ‑‑ many people in the world do not ‑‑ firstly, do not have those rights in the analog world and we are expecting them to have digital rights in this normative consensus that we are fabricating, but on the other hand, people are unable to exercise those rights because of their economic conditions and their human development conditions which means we have to address that.

So, from Research ICT Africa's position, not the African Union's position, in terms of the Global Digital Compact which is, obviously, a very important process, it's been underway here with the Digital Envoy during this week, is to argue that what we need is not just a data compliance regime around data which will not redress the kind of structural inequalities that the Secretary General is speaking about, but that we need to be looking at data justice.  How do we get just outcomes?  Because simply, you know, a first generation rights framework and ethics is not going to require the transformation that we need for inclusion, for equitable participation and the redress of digital inequality.

>> ZANYIWE NTHATISI-ASARE: Thank you for that, Alison.

Charles, if you could take a go at my question.

>> CHARLES SHAABAN: Thank you very much.  In fact, I like to answer, it was the gentleman asked about when he mentioned some of the data loss, and so on, which is this is something, as you know now, the privacy laws, companies cannot use them.

But we should always remember that we are going to the AI.  And everybody talking about artificial intelligence.  And this system depends on the data.  So, again, as I mentioned, when I talked about the IP that we need something balanced, so we need balanced laws, how to, what is allowed, what is not allowed, making sure we are keeping the privacy, at the same time the data needed for the systems to operate as it was designed for is needed.

Maybe the other issue, if you allow me to answer, because someone asked about how when we put our data in another country.  So, this, again, depends on the country's law.  So, some government entities usually and even private sector doesn't like their data to be in another country.  But I think we can, if we go years back, when the banks, let's say, started, of course, many years back.  Thinking, should I put my money in the bank or not?  It depends on the bank reputation.  Is it ‑‑ is it secure, you can depend on that?  So, I think we can look at the data in the same way.

If we know that we want our data to be safe, backed up, safe from any even natural disaster, so, maybe we want to choose a company that we know that it is good.  But, again, we have to go back again to the countries in each country ‑‑ the laws, sorry, in each country to make sure that it allowed me to put my data somewhere else.

>> ZANYIWE NTHATISI-ASARE: Thank you for that.  Chan if I can give you the floor to answer the set of questions.

>> YIK CHAN CHIN: Yeah.  Regarding the platform, this is a new tool since it's data com.  This is, actually, platform is accelerator.  So, without the platform, the data doesn't stay there and don't network together.

So, but platform can divide even stare or even kinds.  Some platform is project based and the support for certain target, different the organization, different project, they have a different platform.  This is understandable.

And another one is same project, short term, maybe three years, when the project closed and the platform maybe stay a few years and then close.  So, this is a risk for ‑‑ in this case, maybe the data got lost.

So, in this case, so International Science Council have the programme that that programme is International Organization is called world data system.  This is the home of the world data.  World data site.  This requires that the data ‑‑ any members of the world data system should be long‑term preserving and keep this open and available to everyone.  This is another type of the platform.

So, I suggest, so this is a national and regional IGF initiatives can help this, help indicated the risk.  Some platform, before the close, they should help them to transfer, to migrate to somewhere else, in case the data and the platform technology got lost.  Or make reach maybe technical data format software updated.  So, maybe the new one couldn't access the older system.  So, need the interjectable of the system.

So, I think this is empty now.  We need to do this.  Thank you very much for your question.  And this is one big challenge also.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Absolutely.  Thank you so much for that.

Lucien, if I could give you a go to look at the questions that have been asked in this round and give a very brief input from your end.

>> LUCIEN CASTEX: Thank you very much.  And thank you for all of the questions which were asked.  I will try to be as brief, because I can see that we are coming to the last 15 minutes of this session.

So, firstly, with regard to the application, at an international level of legal standards, in French law, for example, we say that no one is supposed to be above the law.  We could also think about the fact that (non‑English) which is an international version of the French.  What can we do at an international level in order to understand these laws?

First of all, we need to develop frameworks together, which are accessible to all, easily understandable from the citizen to the state.  And, of course, these frameworks have to be developed within international organizations.  A certain number of questions raised the issue of the International Digital Pact, and the possibility of integrating into this a number of questions which were asked here specifically with regard to data governance and AI governance.

And similarly, what is AI today was machine learning yesterday or computational mathematics yesterday.  Here, what we are really talking about is that one needs the other, data is essential for AI and vice versa.  And, of course, today AI is based today on this data.

So, this global pact can be seen as an opportunity to strengthen this international cooperation which has been mentioned by the distinguished Secretary General Guterres.  This could, perhaps, give due place to the IGF and to regional initiatives as some of my colleagues mentioned, and national initiatives, which would allow a crossing between the discussions taking place here at an international fora and each individual in his or her region or in their country working closely with citizens to be able to really roll things out on the ground and propose adapted solutions.

One last word, if I may.  The EU, as you know, as part of the digital decade, is looking for a human‑centered approach for AI and emerging technologies.  A text currently being redacted which will address this issue.  But also the upcoming enter into force of new cybersecurity frameworks which are inherently linked with the issue of trust and the individual citizens trust of the digital environment raises the issue of the individual citizen and his or her understanding of what's at stake.

We said at the very opening of this session, that, perhaps, one of the issues where I would like to conclude, if I may, is the issue of awareness raising education, understanding what this data is, understanding what we do with data, and understanding when a digital service or an artificial intelligence uses data, how and why it does so.

So, that requires transparency and responsibility.

>> ZANYIWE NTHATISI-ASARE: Thank you very much.  And I think you are absolutely right.  Awareness is key, ensuring there's literacy and understanding and also getting everybody involved in the discourse of discussion decision making and also Insurance of government.

I'm going to open the floor again for a set of questions.  If you could keep it brief, what is your name and where are you from.

>> JUDITH HELLERSTEIN: We will ask the online question first.  From Mahibib from the Republic of Chad and thanks to Lucien for the English translation.  He asks, I am wondering about data collection by government and the use of such data by companies with which states are contracting.  And he's particularly concerned about the cybersecurity ramifications of this.

So, if one of the panelists can answer that, you would be grateful.  Thanks so much.

>> ZANYIWE NTHATISI-ASARE: Before we do the answering, if we can take questions from the floor and then proceed.

>> AUDIENCE: I'm Mihi from IGF Sri Lanka.  And I will ask a statement like this.  The global issues need solutions of global level.  And in 2019 when Cerf warned by the data governance frameworks could become tools for violence in a BBC interview.

And today it is coming in reality, that GDPR, UK online safety bill and the Sri Lanka proposed safe Internet bill is carrying such issue to what we call good data governance process.

So, there are a lot of things that we need to do.  Meanwhile, the participation and engagement of these stakeholders is the main thing and open and transparency more.

But meanwhile, we need to support the civil society organizations that are working to create this good data governance in the field.  It is my proposal that we need to work on that.  Thank you.

>> AUDIENCE: Thank you.  Good afternoon, everyone.  My name is Tamara Lauschner, I am the coordinator of the Brazilian IGF.  I have a quite brief comment here.  I would like to echo the words of my colleagues who spoke about the importance of trust on data governance process and emphasize that for this to happen, it is essential that data is used for good where everyone has the opportunity to benefit from its power, not leaving strong protections aside.

Considering these in the con context of emerging technologies, responsible data governance is even more important.  This has been vastly discussed in this IGF and other internet governance fore a, such as ILA resident IGF.  Some strategists to ensure this responsibility include rainforests, data protection laws and regulations, as Brazil and other countries are doing with their own national laws.

In our case, as Raul already mentioned it, the Brazilian general data protection law LGDP in the acronym in Portuguese, the other strategies to promote education and awareness among the population, and development of responsible and human centric technologies by design.

Let us commit to working together using the multistakeholder approach to develop international data governance standards that are balanced and protection individual rights.  Thank you very much for this opportunity.

>> ZANYIWE NTHATISI-ASARE: Thank you for that.

And we have got our last question from the floor.  Please announce where you are from and what your name and who you are directing the question to.

>> AUDIENCE: Good day.  My name is Sebastien Bachollet.  I'm a member of Friends and a Coordinator of the IGF in France.  And I think that it's important to use the language service that is proposed here.  So, as Lucien responded in French, I will also speak French.  It's wonderful that we can use the different languages of the United Nations and otherwise diversity of languages will be lost.

Now, I would like to mention something that was mentioned at other meetings.  The dynamic coalition of values that are at the heart of the Internet, which, of course, must be deliberated in the different IGF regional and national meetings.

Here's my question.  How do you see the evolution of the link between the anonymous data and the responsibility to protect people's personal data and the need to know who is contacting you or to not say who is attacking you?  Thank you very much.

>> ZANYIWE NTHATISI-ASARE: Thank you for that.

If we could have the panel answer the questions.  I think we will start with you, Charles and then flow all the way down to Lucien.

>> CHARLES SHAABAN: Thank you.  In fact, I thank Sebastien for very important point he mentioned.  Maybe to answer the question, I could start with the word from Bernhard I think, when he said this information is even more ‑‑ it's not the same words, of course, as you but the meaning.  That it is more dangerous than ignorance.  So, maybe this is what Sebastien meant when he said that we need to be sure how to have really a good balance, I'm using the word balance a lot, I know.

Because we don't want any information which is ‑‑ which is really a misinformation to be the one that people follow.  So, I think the best way to tackle this is mainly awareness as we start.  And even the theme of our meeting this year in general was mainly to empower users.  So, we need to more learning, more awareness for users to make sure how to get the knowledge needed to know that this is at least correct or it is just someone just saying anything or so on.  So, this is, I think, important.

At the same time, of course, maybe we tackle this in a previous question.  The most important for the what information about me should be on the Internet, should be with my consent, I think.  This is I think the better thing.  Thank you.

>> ZANYIWE NTHATISI-ASARE: If I could remind panelists to keep it brief.  We don't have a lot of time left.  Thank you.

>> ALISON GILWARD: Thanks very much.  I really just wanted to respond to the reference to countries working on these safety bills, countries that are working on it.  And I suppose it was a point I was wanting to make earlier and didn't around the issues around rule of law legitimacy, but also the processes by which these mechanisms are put in place.

And I think, you know, because I have been particularly asked to look at the Sri Lankan safety digital services safety bill that's being proposed but also come up in the context of the civil society petitions for better consultation around the UK AI safety laws being proposed and also laws being proposed in the U.S., that we need to really guard against essentially repressive or surveillance type or controls on freedom of expression that are occurring in the name of safety legislation.  And that's, you know, when often we taking legislation or good practice what we see as good practice from environments where there are human rights frameworks or there are constitutional protections and putting them into contexts where these rights don't exist, we need to really ensure that the data protection laws are very clear or the cybersecurity laws have very clear safeguards on, you know, illegitimate state surveillance and these kinds of things.  Focusing on the safety really is important and bringing people into the process in terms of accountability of the process, but also expertise needed from outside of government to ensure these systems are operating in the public interest.

>> ZANYIWE NTHATISI-ASARE: Absolutely.  Thank you so much.

Raul, if I could ask you to give it a go and keep it brief, please.

>> RAUL ECHEBERRIA: Yes.  There was a question about the ‑‑ or a comment concern they have government manage the information and probably passing information to private companies.  I think that's very easy to answer from my side, is that governments have same, many more responsibility than others in respecting the laws.  So, there is no exceptions for them, except I know, I am aware that some countries can put some specifications on to do different management of the data, put I think democratic countries and free countries, the governments have exactly the same responsibility than others and should have the same responsibility or even more.  And that's, I guess, is the situation in Latin America.  So that if there is a transfer of information from the government to private company, should be exactly according to the terms that are established in the later framework.

>> ZANYIWE NTHATISI-ASARE: Thank you so much.

Chan, if you could give your opinions and at least answers to the questions that were posed.

>> YIK CHAN CHIN: Yeah.  The government is a big data holder, and the government a fun project data is a big data holder.  And the very valuable.  So, make determine the data transferred to private sector or to researcher, universities, to that use, that is good.

In China we also had this such kind of policy, what kind of government did that to what kind of private sectors, to use them and for the people to use them.

Then there's some regulars and some license to get the data, to use the data.

I think this is good.  With the data, more data available, so more and more data public available, that will be the benefit of social economic development.  Thank you.

>> ZANYIWE NTHATISI-ASARE: Thank you so much.  Nice and short.  I appreciate that.

Lucien, can you follow suit?

>> LUCIEN CASTEX: Thank you very much.  So, I will be brief as well.  With regard to data protection, I think, then, we can in France go back to the 78 law on the creation of a commission and the reflection on the protection of private life data and access to that data.  In the broader issue of governance of data, well, it has to do with research ability to access data and then to understand what was done.  Because access to data also allows abuse.  For example, we see in the subject of disinformation and it's been regularly discussed in the issue of access of citizens to data.  So, but let me conclude on, perhaps, something on a more positive note, more transparency and cooperation will only help us to be more efficient in the governance that we are trying to achieve multistakeholder governance.  Thank you very much.

>> ZANYIWE NTHATISI-ASARE: Thank you, Lucien.  There was a panelist that was meant to join us, but he did give out his inputs to this discussion.  I will keep it quite brief.  We are running extremely out of time.

So, the inputs were as follows.  It's hard to think out of the box sometimes and move the discussion forward and it's not easy to find practical and innovative solutions to complex challenges we are facing in the arena of trustworthyness of the Internet on a global level.

He also added that there's a widening gap between the complexities surrounding data security, data protection and privacy, and the capacity of fostering a robust and trusted Internet at a global scale ‑‑ global ecosystem level.

He further said that multilateral approaches and government intersections have failed over the past year to achieve concrete results in this direction.  The United Nations system also explored these interventions severally but with minimal results.

And I think these are really honest, hitting the nail on the head, inputs.  So, our speaker is ‑‑ our colleague from Nigeria, Shegun Olubila.  I hope I am saying that correctly.  And these are crucial inputs.  I do appreciate that.

I am going to ask you to summarize on behalf of the speakers, I would have loved to give you an opportunity, but, Judith, if you can give us an overview of this session, if we can keep it under one minute.  We are slightly over time.

>> JUDITH HELLERSTEIN: Hi, thanks so much.  So, you wanted the overview of ‑‑ so, there was a lot of comments here and online about data governance, data protection, how to store data safely and comments from other ones of, like, making sure the data is not stored in‑house because what happens if there's a fire in the building?  Then you lose all the data.  There's really, data is one of the reasons why, Alison was talking about storing the data in the cloud and storing the data in different ‑‑ either in different locations or in different parts, because you want to make sure that the data is secure.  And if you have it all one place, then you could have accidents.  That's why one of the key best practices is to storing the data in different locations, and in the cloud there is often stored even in different cloud sections, because one cloud could be down or could have a corruption in it.

So, that's, I think, this touched about a lot of the issues of data sovereignty.  Data sovereignty is really also taken advantage of in your particular law.  Just because your data happened to be stored in another country, it's not under that country's law.  It's under your law.  And it's under what is in your data protection agreement then.  That's what it's important to have a good data protection policy in legislation.  But I don't want to take up too much.  But I think that summarizes some of the comments and the questions we were having on them.  But thanks.

>> ZANYIWE NTHATISI-ASARE: Thank you so much.  And thank you for this very interactive session.  And with that, we have really tried our best to ensure that the opinions, the questions from the floor have been articulated.  At the end of the day we do promote multilateralism and ensuring everybody's voice from a global perspective is certainly represented and I think we were represented well today, with the expert opinions and the body of work that ‑‑ bodies of work that you have done, you know, outside of the stage that have been articulated, we really do thank you on behalf of the IGF community and myself as Zanyiwe Nthatisi‑Asare, if you could please give my panel a round of applause for the excellent work they have done.  I open the floor for you to do so and we will close the floor on that accord.  Thank you so much.

(Applause)