Cybersecurity Strategy Prompts Differing Views on International Arrangements

The Internet has become the public space of the 21st century, the world’s town square, classroom, marketplace, coffee house and nightclub, said Betty King, the U.S. ambassador to the U.N. and other international organizations in Geneva. A serious conversation about principles, rules and behaviors is needed for meeting the challenge of maintaining an Internet that delivers the most possible benefits to the world, King said.

The “multi-stakeholder” model for an open Internet is a key principle the U.S. wants to preserve and enhance, King said. Maintaining the model is “important for ensuring the Internet remains a fertile field for innovation and an engine for much needed economic growth.” The Internet Governance Forum is one forum where all interested parties can participate collectively, she said.

Government must work with business, civil society and the technical and academic communities on challenging trans-national issues, King said. Secretary of State Hillary Clinton, in major speeches in 2010 and 2011, promoted the U.S. push for global Internet freedom, King said, and reaffirmed U.S. support for a free and open Internet, and greater access for people everywhere.

Freedom of expression on the Internet is “under attack in many parts of the world,” said Vint Cerf, Google’s chief Internet evangelist, in a recorded statement. Reporters Without Borders counted 119 bloggers or other Internet participants imprisoned around the world, Cerf said. Sixty governments censor the Internet in some way, Cerf said. Google services are blocked in 25 countries, he said. Google Maps for instance is banned in Uzbekistan, he said. social networking website Orkut is banned in the United Arab Emirates, he said. YouTube is banned in Turkmenistan, Libya, Iran and possibly others, he said. Some of the bans are brief, while others are indefinite, he said. Censorship of Internet services also is a problem for Google and other providers, Cerf said.

An apparently growing trend has emerged for holding platforms that deliver content being liable for that content, Cerf said. While Sweden, the Netherlands and France make freedom of expression a priority, no European government appears to be involved in the Global Network Initiative, which is a coalition of many organizations to promote freedom of expression and privacy protection in the Internet environment, Cerf said.

Many opposed the government-only nature of a U.N. Commission on Science and Technology for Development review and revision of the Internet Governance Forum’s work, Cerf said. The commission meets this week to discuss how Internet governance should evolve in an inclusive environment, he said. The commission in December said a review group would be comprised only of government representatives (WID Jan 20 p5). Governments should not have “a monopoly” on Internet policy development, Cerf said. However, many recognize the need for cooperation to protect the “security, stability and safety” of the Internet and its users, he said.

Blocking access to Internet services “should be a last resort,” Cerf said. Any blocking should be taken under a rule of law, he said, referring to legal oversight through court orders and other due process. Delegating the responsibility and decision-making to an Internet service or application provider is hopefully outside the scope of legal oversight, he said.

A recent U.S. report on a comprehensive cybersecurity strategy for a wide range of issues may be of interest, Cerf said. The strategy’s balance between safety and security aims to maintain “a very open exchange” of information in the Internet environment, Cerf said, and to spur creation of new applications. The exercise will “require a great deal of collaboration among the countries of the world that participate in the use of and continued operation of the Internet,” Cerf said.

"Spurring creation of new applications” has also greatly increased network and users’ vulnerabilities by spurring malware development, said U.S. executive Tony Rutkowski, the reporting member for ITU’s work on cybersecurity. The collaboration that’s required doesn’t so much involve “Internet operation,” as the implementation of “continuous security monitoring” being championed within the cybersecurity community for all “information and communications technology infrastructure,” said Rutkowski, in an interview separate from the discussion.

"We need legal frameworks” to protect Internet users, including corporations, governments and civil society, Cerf said. Cooperation is also needed to create “a global regime” to help protect from abuse on the network, he said, citing international fraud. “Unless we have multilateral agreements as to how to detect and respond to these kinds of abuses, we won’t be able to reduce their incidence,” Cerf said. Improving security and personal privacy as well as protecting intellectual property while also spurring individual innovation will require “a great deal” of work, he said.

Existing frameworks such as the ITU Constitution, International Telecommunication Regulations and the Cybercrime Convention already exist as global regimes, Rutkowski said. The problem is they have not been effectively implemented, he said. Cerf may wish to reference the draft global regime that his former DARPA boss Steve Lukasik, together with the former State Department legal advisor, helped develop in the mid-1990s to do exactly what he describes, Rutkowski said.