The Future of Internet Governance

I attended the stakeholders’ dialogue on the future of internet governance on June 6th, an event initiated as part of the United Nations’ Secretary-General High-Level Panel on Digital Cooperation .

For those who are interested, I wrote a full summary: The Future of Internet Governance.

I have mixed feelings on the UN internet governance initiatives, but I do think they can be important for intra-State conflicts. The UN is looking at three different models for coordination among stakeholders:

  1. Internet Governance Forum+ (IGF+): this model reflects the current structure of internet governance and the United Nations, with some enhancements.
  2. Digital Commons Architecture (DCA): a simplified structure of three bodies, a tech panel, a digital commons platform, and an architecture secretariat, that coordinate through the existing infrastructure at the United Nations.
  3. Distributed Co-Governance (CoGov): two bodies, network support platforms and digital cooperation networks , that coordinate through a network of networks.

I found the DCA a compelling, internet-native model that sacrifices some of the speed of more centralized UN control. I somewhat doubt they will implement the model, but it is one I lobbied for:

image

Full details on all the rest in the The Future of Internet Governance
blog post, with pretty graphs.

1 Like

Thanks for this, @schmudde. I have not looked at the IGF for several years now – is it perceived as a forum for discussing tech standards and interoperability issues, or are values being discussed as well?

Maybe my question is a bit unclear. I am interested in how values (for example, the inclusivity you mention) are encoded into technical choices. In the course of this project we have seen several examples at the level of the single technology (see). The IGF operates at a higher scale, and I am curious about the kind of discussions it hosts around what we have been called “the human-centric Internet”.

The UN is a club of states, and its power to override states are limited by design. So, I struggle to imagine, say, a discussion with Russia on how to fight disinformation online…

The multi-stakeholder approach is supposed to give separate interests a seat at a table: states, business, citizen groups, etc… I’m not convinced this works in practice, but that’s the intent, at least.

The entire endeavor has no power when dealing with individual states. There is an explicit “no naming and shaming policy.” You may be an activist group working on behalf of citizen privacy with a seat at the table, but it’s a big no-no to say that Russians using the internet to spy on their citizens.

You and I agree that values can (and are) encoded into technical choices. At best, I think the UN is incentivized to maintain a free and open internet. IGF has favored wrestling DNS control out of the hands of the United States; I don’t see them dis-incentivizing decentralized protocols built on top of TCP/IP like IPFS - to provide two examples.

Conversely, I’d be curious to know if IGF has done any work on digital currencies outside of state control. I’d also be curious about their efforts in open source in the context of empowering the underprivileged (or from the UN perspective, “developing nations”).

Are you still using Scuttlebutt?

That’s not bad at all. I remember @thomas_goorden, in a different context, having good things to say about using methods borrowed from diplomacy to do stakeholders dialogue. The trick, he claimed, is this: when everybody assumes everybody else is a completely self-interested actor, and there is no “we are all in this together”, people can stop posturing and start looking for win-wins.

No, not really. I guess I have failed at taking root in that community. I opened Patchwork again today after your question, and found a two-month old message from @zelf:frowning:

1 Like

From a Doctorow tweet:
A group of CMU researchers just presented “What Should Be on an IoT Privacy and Security Label?” at the IEEE Symposium on Security & Privacy. They present a model for “privacy labels” to clarify the privacy implications of IoT gadgets.

image

1 Like

Interesting. I always thought that PC game boxes were at the edge of what jargon could be placed on a box.

But these old DOS games were relatively niche products compared to the future purchases of IoT devices. If your comptuer was not a “IBM PC/XT/AT/Tandy mostly compatible 640K machine” the game wouldn’t work - the immediate feedback is a definite advantage. The implicit consent on the IoT label is much more complex, innocuous, and potentially dangerous. I imagine manufacturers will like these just to mitigate potential liabilities.

I’m skeptical of internet governance initiatives, but I think that the best of good governance can protect individuals from predatory practices. Is it even reasonable to believe that the average consumer understands what’s in this Security and Privacy Overview?

I doubt it. And of course the language in those longer agreements can be tricky to interpret. One aspect I recall from my own experience reading and sometimes writing them is when the talk goes to who personal information gets share with, often you see something like “we don’t share your information except internally and with our partners…” The word partner is problematic because there is not a real legal definition for partner in this context. It can mean anyone you want to call a partner. Thus, it means we can share your personal info with anyone we want.

1 Like

I should add that I never myself wrote that line into a EULA.

More requests for consent. Apple introduced new nutrition labels for App Store apps today.