IGF 2019 – Day 1 – Raum I – Introductory Breakout Session: Data Governance

The following are the outputs of the real-time captioning taken during the Fourteenth Annual Meeting of the Internet Governance Forum (IGF) in Berlin, Germany, from 25 to 29 November 2019. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 

***

 

>> CHAIRMAN:  Good morning.  If you can take your seats, please.  Okay.  Thank you very much.  We're going to start the meeting now.

My name is Ben Wallis.  I work for Microsoft.  I'm also a member of the IGF multi‑stakeholder advisory group which helps organize the annual meetings.  So this is something the MAC has decided to do at IGFIGF has made an effort to make this year's meeting selecting three themes.  As part of the themed approach being used with IGF 2019, the MAC decided to introduce new introductory and concluding sessions for each of the three themes.  The thinking was that at the start of the week, we would set the themes for the various sections taking place and organized by the community.  And then come back at the end of the week on various issues on Data Governance.  And, um, so there are various people are going to be assisting me today and other volunteers.  My colleague will be moderating the session on Friday and I have volunteers from the MAC and a couple other people who will lead breakout sessions later in the meeting.

So you come to the session because you are interested in the broad topic of Data Governance.  So I'll just say a little bit about this theme, but I will save this for our keynote speaker.  The framed theme about the basic question about how we can insure the benefits of the data revolution while also insuring that the rights of people are protected.  We noted that the global nature of Internet and the transfer of digital information across the board brings an international dimension to discussions around data.  We suggested that the generation, the collection and the processing of data have enabled new social, economical opportunities, but they also pose challenges around privacy and freedom of expression and the exercise of other human rights.

We hope that the theme would insure human centric Data Governance, how to empower individuals in their digital identity and how to create the conditions to facilitate data‑driven innovation, while insuring competition and ensuing trust in new services and new technologies.

So you can see there on the screen the agenda.  We hope that session would help you learn more about this session 'in areas of particular certain interests taking place this week.  So when you go into the breakout sessions and when we have the discussion at the end, you might help from people organizing some of those workshops and Open Forums.  And you may have a chance then to Connect with or ‑‑ or learn about others works on issues of interest to you.  And in the second part of our session, we will split into six breakout Groups.  I will come back to have that work after we hear from our keynote speaker.  So to kick off the session and to provide her insights on this broad topic, we are very fortunate to have Marie‑Laure Denis.  She's held a number of senior roles in government ministries ands bodies.  And in February of this year, she was appointed as the President of CNIL.  She agreed to come and help set the scene for this week's various discussions on Data Governance by sharing perspectives on this very hot topic.  The floor is yours.

>> MARIE‑LAURE DENIS:  Thank you.  It is an honor for me to be in front of you today.  Let me start by thanking the organizers for giving me the opportunity to introduce the discussions where you will have this week on Data Governance.  The challenges are numerous and the stakes are high.  Data Governance is also multi‑layered and cannot be isolated from the elements that it impacts.  Our society, our economy and ultimately our future.  Whether we speak about data collection, data flow or data sharing, the very structure of our digital ecosystem has profound implications T. ask not only about data, but very often about personal data.  I should indeed, also start with a little disclaimer.  As you have the noticed, I'm from France, a founding country of the European union and I'm the head of an independent data protection authority.  My introduction today will reflect this background and you might hear the word GDPR a new times in my solution.  I wanted to make today's introduction a starting points which of course should go beyond the sole issue of regulating personal data.

My aim is to set the scene, ask questions and trigger discussions.  I'm not going to give you a lecture.  Instead I'm going to get the ball rolling with three main messages.

First the stages of personal data in our society and our economy has changed not only at the European level, but also at the global level.  Second, sustainable Data Governance cannot exist without personal data protection.  And finally, beyond Data Governance, digital sovereigns is also at stake.

To start, I would like to emphasize my first message.  The stages of our data in our economy and society has changed and it can no longer be seen solely as a regulatory issue.  Data driven businesses represent an increasingly important part of our current economy, in the European union and world wide.

It was against 1 trillion euros in 2020.  Over the past decade, we have seen companies like Facebook, Amazon, Google or Alibaba become international giants with Monetization of user's personal data.  Whether you are in a tower by Paris, everybody uses Smartphones, shops online and interacts through social media.  Personal data, our decor of new practices and usages we share global or privacy concerns has also become global.  Our duty is to insure that this growth is sustainable and respects from the mental rights, the concept is reflected in article 1 in data protection law.  Information technology should be at the service of every citizen.  The development shall take place in the context of international corporation.  It shall not violate human identity, public rights and this was written in 1978.

The digital revolution is a great opportunity, but it also comes with fierce, negative consequences on our economies, our societies and even on our lifestyles.

Personal data can be a powerful weapon to target people to interfere with our democratic systems as we have seen in analytical Scandal.  Social media can ‑‑ we have seen individual profile used as a tool to influence our behavior, our consumer hands and ultimately such processes impact individuals rights to sell the determination.

Our policy said last year at privacy conference from Brussels that the crisis is real.  This immediate crisis is that a feeling of loss of control over personal data, but also more generally of the potential for data and technologies to rip apart the social fabric of how society works as stated by a former Facebook employee.  This data crisis is not just a crisis of confidence in the use of personal data.  It is the feeling that an entire digital society is being built without us.  That digital society is making choices regarding freedoms, organizations, political vision and that you are no longer master of this choices.

Some are saying that the data is the new oil of our economy.  We hear talk about data monetization to the benefit of users that we should be able to sell out our personal data.  Yet at the same time, we see a growing social demand for more privacy protection and more control and user empowerment.

Personal data alone are actually not that valuable.  It's their collection, abrogation and combination that brings value.  What we need to pay particular attention to is how personal data are accessed, collected and enhanced and how individuals can keep the upper hand in such processing with a few to prevent a disastrous oil spill.

Taking the new economic social opinions into account, they have framework with one key premise at the starting point, personal data are not assets like any other to relate, to individuals and empowered with specific rights.  There is a European conception of personal data which is probably not limited to the European union territory, but which is essential to understand how we see Data Governance and privacy.

With that being said, the European model, our vision is not the only one.  And when it comes to Data Governance, let's not be naive.  We should not hide the fact that conflicting models exist at the international level.  I will come back to this at the end of my speech.

The question which arises here and what we should reflect on is how to reach consensus at the international level in order to agree on a common ratio and status for personal data as part of personal data discussion.

This brings me to my second message.  There can't be any sustainable Data Governance vision without a strong personal data protection component and its base.  First, data governments means rules for how personal data can be handle good processed and GDPR truly puts the individual at the center of digital regulation.  As such, existing citizens right such as the requirements for consent and Codifies new ones such as a right for portability which comes with GDPR.

It is also clear that the European regulation aims at rebalancing the symmetrical relationship between individuals and those who process its data and prevent the concentration of European citizens data within large databases.  From where I stand, sustainable data government should take into account that when it comes to personal data, we're here to uphold the fundamental right.  This is a legal requirement, but also translates the societal demand for greater data protection and privacy.  Data government ‑‑ Data Governance should indeed, arrest citizens and consumers expectations when it comes to the use and processing of their personal data and ultimately align with our values and societal aspirations.  Have if we do not respond to these demands, if we do not act through concrete and effective decisions, we cannot collectively keep the upper hand over our own future.  Let me be more concrete here and take the example of children's personal data.  This is an issue of growing concern, but also a question of governance model and values.  Defining a sustainable Data Governance framework also means setting limits on the processing of children's personal data in our system.

This year, we are celebrating the 30th anniversary of the adoption of the convention on the rights of the child.  We have here a common framework upon which we should probably build to further integrate the right of the child into our digital environment.  It tends to play a role in these reflections and wants to foster discussions in this area.

Last year at the UNESCO, the President also announced key priorities and concrete actions in 2020 in order to uphold the rights of the child including the future international policy declaration on protecting children in the digital era with a strong emphasis on personal data and privacy.

Another example implies growing align taking into political and ethical considerations is the use of biometric data and in particular of facial recognition.  We should indeed, make clear that Data Governance cannot mean abandoning all legal requirements.  On the contrary, it is also about defining certain boundaries and drawing redlines on the use and personal data.  It calls for political choices and needs to be addressed at national, regional and international level.  The most appropriate to act effectively through binding instruments.  At the international level, we should aim at growing up common principles which should set the common grounds for such frameworks.

Going back to practical implementation, it is also essential that data driven businesses understand that data protection can no longer be confined within the legal departments.  It must be integrated in processes and strategies throughout the organization.  From product development to process management, data protection and privacy by design must become key concepts.

Let me also stress here that protecting personal data within an organization also means insuring the security of personal data.  That's where personal data protection can enhance cybersecurity.  This relationship can also actually go both ways when we think about issues such as encryption or information security.  Technology innovation such as AI make this new paradigm of Data Governance even more crucial and relevant.  We need to move data protection as a legal requirement and core component of Data Governance and encompassing the whole data cycle within an organization.  This is true from a micro economic point of view, but also from a micro economic one.  Data protection regulation can no longer be seen in isolation from other fields of regulation applying to the digital economy.  Data protection considerations now factor into the assessments of competition regulators.  A similar calculation occurs in the other collection as data protection regulators are faced with new cases resulting from market evolutions and competition cases.  The new reality of our economies makes essential that regulators talk to each other and beyond simply talking that they actually cooperate with each other.

In order to address the challenges ahead, when we need is to build bridges among regulators and have the mechanisms in place for a more systematic and long lasting corporation.

To sum up the second point and you can realize, there are only three points, but to sum up the second point, the second message, I would again end with a question to address with you in the upcoming sessions.  How can Data Governance help escape the upper hand of our technological development and big tech companies?  How can Data Governance better integrate ethical and legal requirements in order to uphold our values and protect individuals rights?  This question brings me to my last message for you today.

Data Governance is certainly not only a European issue.  The challenges are global and must be addressed internationally.  Our globalized economy has gone digital and de facto international trade realize more and more on data transfers mainly personal data transfers.  Our digital ecosystem is no longer confined to regional areas, but has to be apprehended globally.  It is therefore essential that Data Governance is at risk from an international point of view.  I note here that the EU represents a significant market for digital trade and online services.  A situation which could give the union some privacy leverage in upholding and promoting its model and the message from us should be clear.  There can't be a free flow of personal data without appropriate data protection safe guards.  In addition to the accessory safe guards supporting data flow as well as the vital need to maintain an open Internet, issues such as government access, surveillance and localization have become a growing concern.  They cannot be ignored and they raise the question of insuring individuals right why data are now moving swiftly from one jurisdiction to another.  This is a challenge which should lead us to redefine the concept of sovereignty and parameter.  They should lead us to consider digital sovereignty.  We should not be naive and state the reality of our word today.  When it comes to data governments, there is a clash of regulatory models, which quite often reflects divergence and values in societal models.  I am here advocating for European model and trying fundamental right of the EU and based on the European heritage, but ours is not the omit one and issues such as international data flow and government access have actually become core components at the international level.  We should not ignore this issues and must address them through a multi‑lateral approach since divergence can also significantly interact Internet freedom and more generally human rights in the digital era.  Upholding our model is also a question of influence.  That's why the French data protection authority has placed data diplomacy.  We consider it necessary to establish Data Governance at the international level that can insure the digital sovereignty of the EU and ultimately protect individual rights.  We must pursue this objective.  There is no four (?) Europe when it comes to digital matters and there should not be.  There is a different Data Governance models can talk to each other and interact with undermining our common values.

I'm definitely convinced that when it comes to Data Governance at the level, a multi‑lateral approach is the appropriate way forward.  And the Internet governance forum is a great example of how we can address common challenges today.  But we will certainly not be creative to reinvent and work on the prison pells that can work for ‑‑ work on principles that can work for data work.  When it comes to data protection, I want to mention the modernized convention 10 aide.  Convention 108 plus today is the only existing international data protection instrument open to countries outside Europe.  We support to international convention which can be in our view a step towards greater convergence at the international level in the field of personal data protection.  Independent data protection authorities are also coming together within our international network, the ICD PPC which has now become the global privacy assembly.  Together, we have adopted a new policy strategy aimed at making our voice better heard in the global debate of Data Governance.  We haven't embarked on a quiet ambitious journey and the adoption of global data protection standards is certainly a long‑term objective.  But we want to prove that through a multi‑lateral and multi‑stakeholder approach.  We can bring answers to the international challenges.  The last question I would therefore leave to you is the following.  How can we improve multi‑lateral dialogue in order to establish a sustainable and global Data Governance framework?  To conclude, I would like to emphasized essential link between personal data protection and other fundamental rights.  As regulators, we do act with a permanent attention in this regard.  And it is therefore essential that all stakeholders keep this critical imperative in mind when addressing challenges of data governments.  I thank you for your attention and hope you will have fruitful discussions this week which for sure will represent valuable input for future endeavors.  Thank you.

[APPLAUSE]

>> BEN WALLIS:  Thank you very much for kicking us off this week.  For asking us some questions and for sharing her views with us.  I'm just going to see if we have any single question.  I think we got time for maybe one question if a hand pops up.  Otherwise we'll move on to the breakout session.  So let's take with us the questions that she has left with us and take this to our discussions now.  So thank you again.

Okay.  If we can have ‑‑ thank you.  So that concludes the first part of our discussion.  And, um, I mentioned how the community had come up with a wide range of sessions looking at different aspects of Data Governance.  So within the MAC, we tried to find ways to sort them into different sub‑themes and we came up with these six buckets.  I'm not saying these are the only six issues around Data Governance, but these seem to be sub‑themes that reflected the various sessions that have been organized by the community for IGF 2019.

Now, the next slide shows you all of the variation sessions and how they best fitted.  Ideally, they can be ‑‑ the organizers have all of these sessions here today and they can take part in the breakout discussions.  Obviously, the print is very small.  There is lots of sessions and they only fit into a slide with a certain font size.  But if you can spot the number of your workshops that you are speaking in or trusted in, then that might give you a hinted of which breakout session you would like to join.

Each breakout session will pose three questions.  And to come up with three posted questions, we looked at every policy question that was provided in the description of every session that's on this slide.

Okay.  So this is the first time we've done this kind of breaking out introductory session.  And I'm very happy to have six volunteers who will moderate the breakout sessions.  They will in turn be looking for volunteers to act as note takers and to be able to report back on the discussions when we return to the room for the final session in about 35 minutes.  So the session will close with reports back from each breakouts room to the full room.  We hope this session helps people to learn more about the sessions and areas of personal interest that will take place this week and to Connect with others.

Here are six breakout Groups with our six moderators.  And what I would like to do now ‑‑ so you really have to bear with us.  When we came into the room this morning, it appeared the layout of the room had naturally provided six breakout areas with those chairs that are behind the central table.  So what I asked the moderators to do is to position themselves near each of these six areas.  I wonder if they can stand up so that everyone can see who they are.  We have Miguel Candia from the Paraguay government.  Maria Paz Canales and the colleague who is able to stand.  Thank you.  And then finally we have ‑‑ I know there will be a little bit of disruption as we transition now.  But the six people standing in front of the blocks of chair make up the areas for you to have your breakout discussions.  It might mean people will have to move around the room and surrender their chair.  But if I go around the room again, here to my right is leading the breakout session on human rights and internet ethics.  In the middle, we have data and sustainable development.  And at the end of the room on my right is Maria Paz leading on human rights into ethics.  To my left, we have data protection framework on the left corner here.  Then we have jurisdiction and sovereignty issues.  And then on the top corner is cross‑border data with Miguel.  Thank you and I will call you back to the full room in about 35 minutes. (35 minute breakout session)

>> BEN WALLIS:  This is your 1‑minute warning.  This is your 1‑minute warning.  Okay.  If we could all return back to the full room and along forward to hearing what each of those discussions you discussed.  Thank you.

[APPLAUSE]

Okay.  If we could return to the table and to our seats, we will hear back from what's been going on around the room.  Thank you.  Okay.  So thank you.  We have about half an hour left.  And it's clear that there have been lots of discussions going on around the room.  The breakouts have been going really well.  I am personally interested to hear back how the discussions went and what insights you have.  We will be coming back on Friday and we will follow the same kind of approach of breaking out into these six groups and then hearing back what insights have been going on through the week that have taken place on the issues and feeding in to the policies.  It can be interesting to be able to compare what we hear back now from you and what we end up hearing at the end of the week.

So we have the slide up there with the six groups.  And it is simplest to work down through the groups one at a time.  So what I'd like to do is I lost the breakout moderator from each group to introduce and then we'll hear back from each session.  And then if we've got time at the end, we'll also have some discussion too.

So Miguel, could I ask you to kick the ball off with the cross board of data group?  Thank you.

>> MIGUEL CANDIA:  Thank you very much, Ben, and good morning to everybody.  We had the cross board breakout group and we had a fantastic discussion.  We had various points of view and opinions.  I have the pleasure of giving the floor to Lawrence Kay.  You have the floor.

>> Lawrence Kay:  I am Lawrence Kay and we work with data on international trade.  We had a interstate and diverse group with lots of really interesting opinions from around the world, people in different circumstance, different problems they were interested in.  We certainly discussed different ways in which to think about regulating, doing policy for data at internationally as we had a rich discussion on national issues and the different preferences that citizens around the world in different countries might have for influencing data policy and whether that's at the national or international level and issues about policy and, but also issues about other aspects of sort of being a citizen in a digital world and how that manifests at the national level.  So we thought about those issues and how and when they're appropriate to have them in trade discussions, but we recognize the very high importance of data flows to trade.  We then also heard about some of the regulatory problems and four policymakers in different developing countries and sort of standards or approaches like GDPR are the best ones for them and also how difficult it can be for some businesses in smaller markets to be able to do data rich business with businesses in bigger markets.  And then we talked a lot about how to best coordinate around different approaches of data, different levels of global governance and while on the one hand it may be great to reach for some members in the group when we're breaking into global standards and different aspects of data, other members in the group were cautious and thought that perhaps some other ways of coordinating might be as profitable a way to go.  And we ended our conversation with a call for mapping different approaches and trying to work out which problems and which sectors and which solutions are best and whether we can learn things, for example, the financial sector or other ways to solve problems for businesses in a smaller way, which means we have to solve everything at once.  So yeah.  We had a great group with the discussion.  So great talk.

>> MIGUEL CANDIA:  Thank you very much.

>> BEN WALLIS:  Thank you, Miguel.  So next to (?) group on jurisdictional and so issues.

>> I am very sad to report it was a very bad group.  We had an absolute inconclusive discussion.  And we tried to make sense ‑‑ no.  It was actually really, really, really good.

[Laughter]

Go ahead.

>> Yes.  We had a huge discussion about two main topics.  The notion about (?) and sovereignty.  And the common ground is the balance.  So different needs from different countries and, of course, the ordinance that some countries such as United States are more powerful in enforcing to everyone their own activities and jurisdictional activities.  The main issue is about sort of universal global framework that there is a consensus about the need of a global framework about these.  We have identified free journal elements about this work of free general questions and the first one concerns the general recite of the system and of quality and attainment of the system.  The second one is the role of companies retaining data and the third one concerns the aspects about the suspect of the user, the owner of data accessed by authority.

We have also agreed that there are some second best solutions in absence of general framework and universal framework.  The first one is (?) jurisdiction.  But it is leaned to power and balance among different nations and we have mostly from the global stuff opinions according to each.  There is already an (?) by most powerful countries and that this power relies on economic power.

Another point is that one solution is in absence of this general framework is data localization, but, of course, this is a very controversial issue.  I think that's all.

>> BEN WALLIS:  Thank you very much.  So then I pass it to Juwang.

>> JUWANG:  Thanks so much.  Thank you, Ben.  We had a very interesting discussion with different stakeholders and I will hand it over to Michelle who has all insights.  I think we went through two of the questions, but we somehow made it to a third.

>> MICHELLE:  So our group dealt with data protection frameworks and the various issues to be dealt with in developing such frameworks.  So mainly dealt with three questions.  The first question was:  What is each role and responsibility in the process of personal information protection including governmental agencies, civil societies, technical communities, Private Sector and individuals.  So we got views from the various sectors.  From the government, those of you that the government (?) and responsibility is to dropped initial build and to involve all the various stakeholders in coming up with that draft bill and getting all the barriers we used from the Civil Societies and the various (?) that.  Can be done through key debates and, um, through using websites and, um, through letter writing and through actually going to the various local community.  To actually have face to face meetings with the communities to get their views.  And the other issue we dealt, the other view that was brought forward was that when you're looking at data, you don't need to look at merely from the digital form because data is not merely digital.  And, um, that digital ‑‑ when you're looking at digital protection in the various through jurisdiction, there is always an issue of the government shrouding data protection in secrecy.  So it is hard for the Civil Societies to actually get involved in the discussion and have a clear view of what these build actually intend.  So Civil Societies need to be proactive in getting involved with the various laws and regulations ands various jurisdictions.  In terms of negotiating laws, there is a lot of compromise to be had with the government so that the government does not view Civil Society contributions as a push and pull issue.

And another view was that when it comes to developing data protection laws, issues should not merely be left to the lawyers and there should be a wider community involvement in order to get diverse views and a more comprehensive laws basically.  And also you can't put everything in the law and what is down into the regulations.

And when you're talking about the individual level coming down to individual level, um, those of you that ‑‑ most of these digital protection issues are mainly left to the lawmakers and, um, the framework should be phrased in such a way to involve the actual individual.  And further views for that, individuals are not ‑‑ individuals are not properly informed as to their what digital protection is about.  And so the starting point in the issue of digital protection is to have a wider education of the communities so that when the issues of consent at individual levels and are the issues related to that actually arise, (?) is already informed as to their needs.

And the other issue was the use of the group that are mostly affected by data protection laws because data protection affects them for years to come and the implications of the data they put out is not truly known to them at this stage.  So it is important that the data ‑‑ the data holders taking that responsibility for themselves and securing that data because a person they're protecting doesn't truly have that wider sense at the moment.  And a view was put forward that in the Philippines, they're actually involving use in the discussion to deal with data protection and getting the views of the youths and having Ambassadors to discuss these issues and bring them to lawmakers.  So there's a wider discussion there.

And another view was that looking at data protection from the human rights perspective is not always convenient for the various jurisdictions because the various jurisdictions have different human rights laws and principles and the applicability of the human right standard is not always even.  So if you're going to restrict digitalized protection to the human rights framework that it will not be ‑‑ it will not be ‑‑

>> (?)

>> It will be interpreted differently in the various jurisdictions.  Yeah.  And another view that was put forward was that different people have different levels of standing and responsibility as to how that data is shared and used.  Let me just go on to the second question because I think I covered most of the first question.  How much more time do I have?

>> Let's leave.

>> BEN WALLIS:  Let's leave enough time.  We can put it in writing.  The transcript will allow us to record and I can tidy up the reports back from each group and we can make sure we catch that second.

>> There's a lot of information here.

[Laughter]

>> BEN WALLIS:  Sure.  We will make sure we have enough time at the end of the session.  Thank you very much, Michelle.

>> MICHELLE:  You're welcome.

>> BEN WALLIS:  Okay.  So next on our list, (?) with data sustainment and development.

>> Thank you, Ben.  The group is data and subsidiary developments.  We are engaging in depth discussion.  What's interesting is that because of that subject, we actually not only touch upon sustained development.  We're also looking to data and (?) and human rights ethics and protection and regulation.  It just shows that the relevance of this approach.  So I want to applaud Ben and members for the discussion.  So thank you for that and I would like to thank our repertoire and (?)

>> I was going to keep it brief and simple.  So the strategies that were introduced into Data Governance, we accessed and economic growth in terms of seas, we spoke about the need to build IPC infrastructure and build ups digital skills of the people in the communities and the global aspect to be able to start generating data and manage data and fewer economic growth out of that data.  We spoke that unfortunately data gaps and many of the communities in the global (?) some of you heard achieving in economic growth at the moment.

We spoke about obviously the need to not have the one cookie cutter framework to manage the data and also refer back to people who actually own the data.  In that regard, we spoke about data sovereignty and data localization, digital ID, what does that mean and if it is being misused and may lead to marginalizing communities.  We spoke about the need to actually come to a societal agreement to what managing data is.  What government data is.  I think ‑‑ yeah.  I think that was a brief summary, I think, of what we said.  Thank you.

>> BEN WALLIS:  That's great.  Thank you very much.  So, um, (?) on human rights and human ethics.

>> Thanks.  We had a very good discussion and wonderful group.  We had moderator Julian (?)  We had time to discuss all the three of the policy questions.  We focused on the first two.  The first one is how can we (?) and participation of rights of children and always responsible who is the responsible for the protection of children.  We fill any gaps.  Julia, about this point, do we give the (?)

>> (?)

>> Yeah?

>> Thank you.  I will try to sum up the discussion we had today.  We're looking at responsible balance between protection of children and participation rights of children.  We had a discussion about how currently this can sometimes be done through the role of parental control and how this can be limiting for learning and how technologies work and how data is transferred on platforms.  So we then moved on to the importance of digital literacy.  We had examples to improve that.  But the importance of this being we had discussions at this level and then we move forward toward a national content.  But we had general agreement that children should be part of the discussion when we talk about participation of children on the Internet and the fact they can be available and contributing to discussions today and to continue.

>> The second question was about rights and permission in consumer data.  Julia?

>> What right should stakeholders have?  Our discussion here was more around terms and conditions.  And often, there's phenomena that people see terms and conditions and click yes without reading them.  This is something they have grown up with and they're very used to it.  We can discuss platforms and taking on more a GDPR approach to distinguishing between functional type cookies or functional type agreements and ones that are protecting the, or users so people can understand do they need to agree to everything for this platform or for this usage.  This will allow different group to collect feedback on which things people want to agree to.

Last we, we talk about language use and for all people using a specific piece of technology.  Thank you.

>> Thank you, Julia.  Thank you very much.  So the last one on the list, Maria Paz on governments ethics.  Thank you.

>> MARIA PAZ:  Thank you very much.  We have our fantastic repertoire.  So she will share the sense of our debate.  Thank you.

>> Good morning.  Well, um, the ethics of AI and algorithms working group, we had three questions also.  The first one is what possible frameworks could guide AI governance?  What are the advantages and challenges of those based in accountability and transparency or human rights approaches.  We have a really good participation of different people from different sectors.  So we have representative of the UNESCO and he said that they are from the UNESCO, they are developing at global framework on AI.  It will be human rights centric.  It will pass through a consensus of two years process in which everybody will have physical meetings and also online consultations.  They will set standards, instruments and recommendations.  And he said it's really important to know it will be a consultative process and, of course, Civil Society because there is not still a United Nations initiative regarding this topic.  He said they have also matched the secretary general of the OACD because he has developed principles and UNESCO would also like to introduce the principles in their strategy or in this development process.

And the idea is to share the different stakeholders and different partners to develop this.  So there was also a representative from a University of Melbourne.  She said we need more approaches to understand to artificial intelligence and human rights and Artificial Intelligence should also (?) job applications.  And there are many works and standards for things regarding AI positions.  And Maria Paz really had like a (?) human rights approach because she said she stands for this kind of approach as an example to understand that AI is still acting in equality because of structural inequalities.  So he's not sure they can say that algorithmic systems are creating the bias and these systems are like boosting the bias.  So the human right approach is the most comprehensive because we can see how algorithms help to exercise these rights.  In Latin America, these are right field and there are policy systems and legislations that are applying just the technology, but they are not taking into consideration the human rights approach.  So at least the Civil Society organizations have the intention of making these best and to improve this by suggesting to the government or their policy making people that implement the human rights approach.

And also the human rights approach is how can we apply a framework?  One thing is how we build things and another is how we can apply these in practice?  It is essential also to develop a human rights impact assessment.  It has to be implemented in any process to make benefits and this is (?) because these kind of accountability because we're talking about a really close technology and it needs to be from the very beginning.  If we do it from the very beginning, the consequences will be already there.  The results can be really strong and at least the results in Latin American countries also carries this.  There is an ethical constraint about making deep assessment about efficiency and what other impact could have.

The results had a discussion about the human rights framework doesn't mean that you're going to completely avoid inequality because like the framework needs to be concrete on how it is going to be implemented.  Because it has to Orient in order to prevent losing inequality implications rather than amplify them.

There was a private sector person that also put into discussion the allocation of resources.  And there are many types in how the regulator frameworks are made.  And, um, like we were also discussing about how the private sector can introduce this into their daily work and there is guide principle of human rights and businesses that can apply into their work and the UNESCO says that there are not clear frameworks for application of AI and private sector.

The second question was:  What role should ethics design approaches such as human centric and par participatory incline play an AI implementation and governance?  So this is about what ethics design approaches and the participatory models and play all together or you can be separate on the implementation of the decision making.  It is how people is implementing it and what kind of framework and also how you integrate all from people from different fields how they understand it.  So we need to be more clear on this.

And UNESCO said they will work ‑‑ this is why they will work with different stakeholders and the framework of human rights is not only one that they will also introduce like ethical tools.

And also another important thing is we discussed that the issue of (?) is also an issue that you need to look at from the regulatory framework such as competition law because many times, a solution has to be provided as an issue that is cross‑bordered.  For example, innovation and competition that can build into data and the interability.

And a third question was about how technical or regulatory approaches can contribute over their own and centralized platforms.  So this question was about if you think if we thought that there was a value of the AI system that manipulate desires or positions and ‑‑ well, we didn't discuss a lot of these because it was ‑‑ because of the time.  But that's it.  Thank you.

>> BEN WALLIS:  Thank you.  Maybe we were ambitious with three questions for each group because it seems you really were able to get into a lot of depth with the discussions.  So I want to thank everyone who made it truly an interactive discussion this morning.  I want to thank the moderators for leading the discussions and repertoires for capturing the essence of the discussions.

So your reports just now are being recorded on the transcript and also touch base with the repertoires.  That can be provided as a reference document for the session we have on Friday.  If you think of it like a football match, come to the end of the first leg and we return on Friday and what we will hear back and have a discussion in the week and how those relates to the policy questions.  We will make the reports back from today's breakout sessions available as a reference document on the schedule page for the session on Friday.

So, that brings us pretty much to the end of the session.  Thank you very much for being part of it today and for choosing to take part into the daily governance discussions when we know there were many other equally large sessions going on at the same time.  And I call this session to a close.  Thank you.

[APPLAUSE]