IGF 2019 Data Governance on the Internet Space, by the Internet Model

    DC

    Dynamic Coalition on Core Internet Values

    Round Table - U-shape - 90 Min

    Subtheme(s)
    Description

    The session would be jointly held together with the DC on IoT and examine, together with the policy questions above, policy and ethical considerations important for development, deployment and use of IoT. ( From the Core Intrernet Values point of view, the following are the issues to be examined: (please read together with the information on the Dynamic Coaltion on IoT.  Also, see the detailed program posted below for the flow of topics. )

    1. Values as “Internet Values”, not as American, Indian, European or Chinese, Values as Core and permanent, not as transitory ephemeral positions that are altered with an occasional Internet Shutdown or a Regional ideology.  

    2. Values percolating down as ethics and good practices for the Internet and IoT;

    3. Actions that support a secure Internet (of Things), globally, across silos and geographies - what needs to be done (security by design for the world )

    Organizers

    Sivasubramanian Muthusamy, Internet Society India Chennai Olivier Crepin-LeBlond, European AtLarge Organization.

    Speakers

    The provisional agenda is as follows:

    Part I 9:30-11:00 - IOT - Avri Doria moderating

    1. Intro by MB & OCL (10 minutes total)

    2. What prerequisites are important from a security perspective, to ensure that IoT can be trusted not to be harmful to its users, nor the wider Internet; for example by, being weaponised as a tool for DDOS attacks or being used as attack vector on the users, themselves?

    3. Actions that support a secure Internet (of Things), globally, across silos and geographies - what needs to be done (security by design for the world)

    4. Open Discussion on IoT Security by Design

    5. Sum up part 1 (5 minutes)

    6. Preparing for Part II - Does IoT Security by Design break Core Internet Values? What ethical considerations are important in the deployment and use of IoT?

    --- BREAK ---

    Part II 11:30-13:00 - CIV - OCL moderating

    1. Reviewing Part I on IoT (short summary and conclusions of Part 1) - Maarten Botterman

    2. Reminder of Core Internet Values (Sivasubramanian Muthusamy - remotely)

    3. What ethical considerations are important for development, deployment and use of IoT, in order to ensure that we are creating sustainable solutions with IoT? Aspects to be considered range from affordability and deployability where needed, to transparency of choice; clarity on data sharing and protection of privacy.

    (We will also examine Data Issues from the perspective of Stability and Resilience, by the topic "Data Governance on the Internet Space, by the Internet Model" with a view to argue for a harmonized global IG approach to Data Governance)

    4. A summarised 6F Framework proposal - Alejandro Pisanty (3 pages)

    5. Looking ahead – which issues will become relevant in the future for IoT development, affecting the broader Internet. This provides an open microphone for new issues to address in the context of future use of IoT and recognition of Core Internet Values.

    6. Open Discussion

    -- end ---

    Confirmed speakers for the DC-IoT part are as follows:

    Alejandro Pisanty, UNAM, Mexico (confirmed)
    Jimson Olufuye PhD CEO Kontemporary, Africa ICT Alliance, Nigeria (confirmed)
    Marilyn Cade, CEO, mCADE llc, United States (confirmed)
    Nigel Hickson, ICANN, United Kingdom (confirmed)
    Sivasubramanian Muthusamy (confirmed remote participant)
    Thomas Rickert, Attorney at Law, Director Names  & Numbers eco Association of the Internet Industry (confirmed)
    Vint Cerf, Google, United States (confirmed for the 11.30- 1 pm part of this 3 hour joint session)

    SDGs

    GOAL 8: Decent Work and Economic Growth
    GOAL 9: Industry, Innovation and Infrastructure
    GOAL 10: Reduced Inequalities
    GOAL 16: Peace, Justice and Strong Institutions
    GOAL 17: Partnerships for the Goals

    1. Key Policy Questions and Expectations

    The session was jointly held together with the DC on IoT.

    1. What ethical considerations are important for development, deployment and use of IoT, in order to ensure that we are creating sustainable solutions with IoT? Aspects to be considered range from affordability and deployability where needed, to transparency of choice; clarity on data sharing and protection of privacy;
    2. What prerequisites are important from a security perspective, to ensure that IoT can be trusted not to be harmful to its users, nor the wider Internet; for example by, for example, being weaponised as a tool for DDOS attacks or being used as attack vector on the users, themselves;.
    3. Looking ahead – which issues will become relevant in the future for IoT development, affecting the broader Internet. This provides an open microphone for new issues to tackle in the context of future use of IoT and recognition of Core Internet Values.
    2. Summary of Issues Discussed

    Topline Areas of Agreement:

    1. The need for security in the IoT sector has reached a critical juncture, its assurance depending on all of the stakeholders in the ecosystem, not only manufacturers.
    2. A classification system for IoT devices could address immediate questions regarding security, but could take some time to establish.
    3. There needs to be greater transparency throughout the IoT sector and increased accountability of participants in the chain from devices to end user - from initiatives taken to address vulnerabilities throughout the life of devices, and end-of-life of devices.
    • Topline Areas of Divergence:
      • What role for regulation and legislation in addressing security concerns, given both their complexity and immediacy of concern to the larger health and security of the IoT sector.
      • To what degree should developers and consumers bear responsibility/liability for breaches in security.
      • What willingness to pay for additional security
    3. Policy Recommendations or Suggestions for the Way Forward

    Develop a classification system for IoT devices, raising both potential pros and cons in the future security of the IoT sector. We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels.

    4. Other Initiatives Addressing the Session Issues

    To support a secure IoT environment, there is a key distinction between what needed to be done to ensure that the devices / supply chain were secure and what needed to be done to ensure the ethical / secure use of those devices.This discussion highlighted the key and unique role that ethical frameworks versus legislation may serve to ensure security by design in future IoT development and deployment. Namely, the potential need for governments to outline the legal contours of accountability and responsibility. Also here the importance of classification of devices and services was emphasized.

    5. Making Progress for Tackled Issues

    We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels. This should lead to proposals for IGF2020 sessions.

    6. Estimated Participation

    Total number of participants throughout the session: ~60; of which ~40% women. - for both sessions from 9:30-11:00 and 11:30-13:00

    7. Reflection to Gender Issues

    The session did not specifically consider gender issues.

    8. Session Outputs

    These are currently being worked out.