IGF 2024 DC-DNSI Governance Gaps in addressing online harms: NIS2 and Beyond

During the IGF 2023 in Kyoto, the DC DNS Issues initiated a conversation focused on identifying existing governance gaps in addressing online harms (see our report: https://intgovforum.org/en/content/igf-2023-dc-dnsi-closing-the-governa…). For this IGF, the dynamic coalition intends to pick up the discussion initiated at the last IGF and continue to unpack what it takes to bridge these gaps.

First, what does the DC-DNSI mean by governance gaps? 

When dealing with online harms, each actor in the ecosystem has different roles, responsibilities, and capabilities –whether that is a registrar, a registry, a CDN or an ISP. Now, there are different governance models that guide roles and responsibilities of these various groups. For example the ICANN community and the gTLDs operate governance by contract. The ccTLDs, on the other hand, develop local governance models based on their relationships with local governments and local Internet communities. Hosting companies and providers are subject to the laws of their respective jurisdictions, and operate in response to that regulatory guidance. In the overlap of these various models, there are governance gaps still remaining that affect and shape how the ecosystem is able to effectively respond to online harms. 

Specifically, the DC-DNSI produced two calls to action in Kyoto, which the session proposes to pick up on: one on supporting policymakers and one on industry collaboration.

The workshop will be structured around these two actions:

Segment A:  Supporting policy makers in developing adequate measures for addressing online harms: reflections from the NIS2 Directive

The first call to action from Kyoto focused on how industry, technical community and civil society can best support policy makers. This initial segment will take the recently implemented NIS2 directive as a means to reflect on this call to action. 

The NIS2 Directive is an example of where regulation has been proposed to increase the overall standard of cybersecurity. However, it has complex implications for the Domain Name Industry. The difference in implementation within member states may also cause jurisdictional challenges that could further fragment the governance landscape. There are also different approaches to regulation beyond the European approach. 

Emily Taylor, CEO and founder of the DNS research Federation will begin by addressing the basics: She will introduce: (a) what the NIS2 directive is and its implications for the DNS industry; (b) how the directive is being transposed in the EU and potential fragmentary effects observed to date; and (c) its extraterritoriality effect beyond Europe.

Bruna Martins dos Santos, Non-Commercial Stakeholder Group representative on ICANN’s GNSO Council (invited, awaiting confirmation) will speak to diverging views on how to deal with online harms, and implications on human rights such as the right to provide. She will in addition  discuss possible ways forward to reconcile differences in approaches.

Bertrand de la Chapelle, Director of the Internet & Jurisdiction Network (invited, awaiting confirmation), will address questions of jurisdictional challenges emanating from the directive, and the impact on the broad range of industry stakeholders –from registries and registrars, to hosting providers and online platforms.

The first segment will wrap up with a brief conversation on what additional steps industry can take to support policy makers.

Segment B: Promoting industry collaboration

The second segment of the conversation will pick up on the second call to action from the DC’s Kyoto session on how to encourage greater industry collaboration up and down the Internet stack.

Keith Drazek from Verisign will discuss the importance of working across silos to ensure responses to online harms are proportionate. He will flesh out principles identified by the registry community as important in addressing online harms.

Munir Badr from AE server will bring in a perspective from the Registrar and Hosting communities in the MENA region, addressing global south perspectives on the existing governance gaps and ways for furthering industry collaboration.

Jean Jacques Sahel from Google will introduce a perspective from large platforms in dealing with online safety, and introduce concrete examples on data-sharing practices to curb online abuse.

Chris Buckridge, Internet Governance Specialist and MAG member, will moderate the discussion.

To facilitate interaction between onsite and online speakers and attendees, we have a combination of four speakers on the ground, and two speakers remote, as well as an onsite moderator. 

The onsite moderator will actively manage the flow of discussion, ensuring that both onsite and online participants have equal opportunities to contribute and engage. We will employ interactive tools such as Q&A opportunities integrated with the virtual platform. Presenters will encourage active involvement from all attendees regardless of their location. The comments and questions of online participants will be monitored during the whole session and our seasoned moderators will ensure that there is enough time left for questions at the end of the discussion with panellists. Recognising the importance of social media engagement, we will also use event-specific hashtags on social media platforms to encourage broader engagement and discussion beyond the session itself. Additionally, the designated session chat room will be available for ongoing dialogue and networking among participants, ensuring a rich and dynamic experience for all attendees, whether onsite or online.