Year: 2013

By Roger Clarke, Principal of Xamax Consultancy Pty Ltd, CSISAC member

The OECD is revisiting the Security Guidelines[1] that it first published over a decade ago. The Security Expert Group that is helping with the review of the Guidelines includes public interest advocates, coordinated through the Civil Society Information Society Advisory Council (CSISAC). Advocates have access to documents in advance, and at least some voice. On the other hand, physical participation in meetings is hampered by a lack of budget for the time and travel costs of the professionals who represent the interests of civil society.

To understand the OECD’s current security work, it is important to appreciate that many different scope definitions exist.  As explained in [2], security discussions can be carried on at the level of data, of an IT artefact, or of an organisation;  or they can take much broader views, including those of people affected by an IT artefact, industry sectors and segments (as occurs in discussions of critical information infrastructure), a local or national or regional economy, or a society – or indeed they can reflect the needs of the biosphere (thereby encompassing carbon markets and global warming).

The OECD’s 2002 Security Guidelines addressed only the lowest level of those alternative scope definitions. The revision is intended to have broader scope “by realigning their perspective and language with the high-level economic and social objectives pursued by governments, businesses and individuals in the development of cybersecurity policies”. But is the OECD moving far enough? Will its new approach have sufficient scope to serve the world’s needs for the next decade?

A meaningful dialogue cannot be achieved if each stakeholder clings to their own perspective, and insists on their security being paramount and everyone else’s security being secondary or even illegitimate. A particular concern during discussions has been the failure of the corporate and government participants to recognise the significance of the perspective of external users and usees. That stakeholder group lacks either institutional or market power, and its interests have suffered greatly during the period of national security extremism that has followed 9/11.

If the OECD’s revision of its Security Guidelines is to satisfy social as well as economic needs, it must:

• reflect the many alternative scope definitions applicable to security discussions
• recognise the complete set of stakeholders
• recognise the legitimacy of each of their perspectives
• ensure that each stakeholder group is empowered

Further, the process, and the product, need to respect the meta-principles of evaluation, consultation, transparency, justification, proportionality, mitigation, controls, and audit[3]. Current negotiations around the world variously fail all eight meta-principles (e.g. the Trans-Pacific Partnership process),  fall badly short on most of them (e.g. the Internet Governance processes within the International Telecommunication Union), and address all or at least most of them quite well (e.g. the Internet Governance Forum).

Where will the new OECD Security Guidelines lie on that scale? Will the OECD seek to sustain the dominance of governments and corporations over policy agendas, or will it point towards a better future in which the eight meta-principles are applied, and security’s many scope-definitions and stakeholder perspectives are reflected?

By Jordan Carter Chief Executive of InternetNZ

InternetNZ[1] is a membership based non-profit organisation with a number of roles: it manages the .nz ccTLD, it advocates for an open and uncapturable Internet in New Zealand and around the world; it provides a platform for debate where New Zealanders can help shape the Internet’s development, and it provides community funding through grants and partnerships with others.

Established in 1995, the organisation has several hundred members. The .nz ccTLD is managed through two subsidiary organisations: the Domain Name Commission (the regulator and policy agency), and NZ Registry Services (the registry and DNS operator).

A major focus for InternetNZ is policy and advocacy work. The work we do contributes to public policymaking and Internet Governance matters in New Zealand and through global forums such as ICANN and the IGF.

Our policy perspectives are founded on a desire to protect and promote the open Internet, and ensure it is not captured by any particular sector or economic interest. Policy principles[2], which were developed with reference to the OECD’s Principles for Internet Policy-Making, guide all our work. The transparency this provides is welcomed by our partners and those interested in our work.

Policy matters discussed in recent years include analysis of the economic benefits of the Internet; advocacy for transparency and intelligent IP law in ACTA and the Trans-Pacific Partnership; pro-consumer regulation of telecommunications infrastructure; support of IPv6 rollout in New Zealand.

In developing its views, InternetNZ includes major Internet stakeholders, and often brings together a wide range of interests to debate and develop positions on topical matters. We do this with our members, and more broadly through NetHui, New Zealand’s national Internet Governance Forum. InternetNZ organises the event and substantially funds it. Along with other subject specific workshops and events, this provides a way for the public to help shape the Internet’s development.

Through community funding initiatives – grants for Internet projects and research, and strategic partnerships for like-minded organisations (for example, the NZ Network Operators Group, or NetSafe), we support the development of the local Internet ecosystem.

By participating in ITAC, InternetNZ aims to contribute its wide range of perspectives and expertise in the work of the  Committee for Information, Computer and Communications Policy (ICCP), and contribute to the work of the OECD on Internet issues.

Full .Pdf Version of Newsletter:ITAC Newsletter

Table of Contents

1. Editorial By Constance Bommelaer, Senior Director, Global Policy Partnerships, and Nicolas Seidler, Policy Advisor, Internet Society

2. The OpenStand Paradigm and Its Importance for the Internet Economy By Karen McCabe, Senior Director, Strategic Marketing, IEEE Standards Association

3. Internet Policy Making –OECD’s Principles, Its Multi-stakeholder Approach and the Way Forward By Verena Weber OECD Economist/Policy Analyst

4. Sharing Perspectives in the Realm of Cryptography By Christine Runnegar, Director, Public Policy, and Robin Wilton, Technical Outreach Director for Identity and Privacy, Internet Society

5. ITAC Member Spotlight: RIPE NCC By Chris Buckridge, External Relations Officer for the RIPE NCC

6. Internet Exchange Points By Kurt Erik Lindqvist, CEO of Netnod

7. The Economic Benefits of IPv6 Implementation By Mat Ford, Technology Program Manager, Internet Society

By Constance Bommelaer, Senior Director, Global Policy Partnerships, and Nicolas Seidler, Policy Advisor, Internet Society

It is with great pleasure that we inaugurate the first newsletter from the Internet Technical Advisory Committee (ITAC) to the OECD.

ITAC was created in January 2009, following the 2008 OECD Ministerial in Seoul. Its main purpose is to provide Internet technical expertise to the work of the OECD Information, Computer and Communication Policy Committee (ICCP) and its working parties. The civil society advisory group (CSISAC) was also created at the same time, in addition to the existing business and trade unions stakeholders groups (BIAC and TUAC).

Ever since the first World Summit on the Information Society (WSIS) in Geneva in 2003, tremendous evolutions have taken place in the field of Internet Policy development, with the emergence of more cooperative and inclusive models of policy-shaping in a variety of fora and regions.  Five years later, in june 2008, the positive input of the technical community in the OECD Ministerial was acknowledged by OECD ministers in the Seoul Declaration for the Future of the Internet Economy. This declaration invited OECD Member States to reinforce co-operative relationships and mutually beneficial collaboration with the Internet community. This was reflected in the Closing remarks by Angel Gurría, Secretary-General of the OECD:

“A more decentralized networked approach to policy formulation for the Internet economy also includes the active participation of stakeholders. Such active participation needs to be the norm. We appreciate the participation of stakeholders in this ministerial meeting. But I think we need to go further.  I would recommend that we begin the process of formalizing the participation of civil society and the technical community in the work of the OECD on the Internet economy.”

The Internet Technical Advisory Committee (ITAC) was officially recognized by the OECD Council on 15 January 2009. This concrete commitment to the multistakeholder model of cooperation was re-emphasised in the 2011 OECD Communiqué on Principles for Internet Policy-Making, recognising that better Internet policies are developed through multi-stakeholder processes, including business, civil society, the Internet technical community and academic institutions.

Over the past five years, ITAC has progressively grown into a well-identified group, sharing the view that universal growth and social progress can only be achieved on the basis of an open and global Internet ecosystem.  Indeed, the Open Internet is an extraordinary platform for existing and new business opportunities – enabling commerce to flow between all parties in dynamic ways, opening new territories, encouraging competition, expanding market presence, and fostering new business models.

The twenty-seven organisations part of the Internet Technical Advisory Committee have contributed to shape technologically-sound OECD policies and research in critical areas such as IPv6 implementation, open Internet standards, interconnection, security or privacy. Inclusive policy development processes have proved valuable both for governments and participating stakeholders.

With this bi-annual newsletter, we hope to share concrete illustrations and practices of the evolving multistakeholder model of policy development and create opportunities for new partnerships. The Internet Society, which is currently coordinating ITAC, is committed to working with all communities to ensure the Internet continues to grow and evolve as a platform for innovation, economic development, and social progress for people around the world.

By Karen McCabe, Senior Director, Strategic Marketing, IEEE Standards Association

The Internet is no less than an economic and social phenomenon that has touched billions of lives worldwide. Over the last three decades, the Internet has flourished organically—its market-driven growth overrunning industry, technological and geopolitical borders and infusing gross domestic products (GDPs) globally.

Undergirding the Internet’s ongoing growth has been an array of ever-evolving and foundational technical standards. IEEE standards for physical connectivity, Internet Engineering Task Force (IETF) standards for end-to-end global Internet interoperability and World Wide Web Consortium (W3C) standards for the World Wide Web, among others, collectively allow the Internet to function the same from market to market around the globe—and, consequently, facilitate its market-driven growth. These foundational Internet standards were developed via bottom-up collaborative processes that are characterized by direct, open participation by diverse industry innovators with varied needs from around the globe, and they have been adopted voluntarily. And the standards’ impact is evidenced in the invention of a wholly new culture of border-crossing e-commerce, information sharing and community operations.

It is this market-driven model of standards development and adoption on which the OpenStand paradigm (http://open-stand.org), announced in 2012, is based.

As Organisation for Economic Co-operation and Development (OECD) member states elaborate policies oriented at developing economic growth and social progress, a closer look at OpenStand is in order.

The OpenStand principles are intended to harness grassroots inspiration, creativity and expertise globally in standards development for any technology space. The principles demand:

• cooperation among standards organizations;

• adherence to due process, broad consensus, transparency, balance and openness in standards development;

• commitment to technical merit, interoperability, competition, innovation and benefit to humanity;

• availability of standards to all, and

• voluntary adoption.

As seen with the Internet and in other technology areas such as electronic design automation, medical-device communications and the emerging smart grid, the OpenStand approach is proven in its ability to advance cutting-edge technology and empower rapid market implementation of high-value, high-demand products and new services with societal benefits. The market-driven OpenStand paradigm fosters global markets, job creation and economic opportunity and yields better products at more competitive prices.

The world is a better place because of the Internet, and its innovation is incessant. As OECD member states consider policy evolution, it’s important to note that a major reason for the Internet’s unmitigated success is a market-driven model of standards development and adoption that the OpenStand paradigm seeks to encapsulate and make easily adaptable to other technology areas.

How, specifically, is the OpenStand paradigm applied in the real world of standards development? For more on how IEEE Standards Association (IEEE-SA) activities in varied technology areas embrace the market-driven principles encapsulated in OpenStand, please visit http://standardsinsight.com/.