Every country is struggling with a host of issues surrounding the Internet, including its governance, protecting it from cyberattacks, and maintaining its users’ privacy. To help, the IEEE Internet Initiative has been holding regional invitation-only IEEE Experts in Technology and Policy (ETAP) forums. The gatherings provide a neutral environment for each country’s technology developers, policymakers, industry leaders, educators, scientists, and engineers, as well as IEEE representatives, to meet.
“Through these forums, we’re trying to bring local issues to the worldwide stage and create a community that is global,” says IEEE Member Oleg Logvinov, chair of the Internet Initiative. “The Internet is a new ecosystem that needs to be protected as a fragile garden that we need to grow.”
Tools for doing so include transparency, accountability, accessibility, openness, and ethics, Logvinov says.
Here are highlights from recent forums in China, India, and Israel.
Attendees at the ETAP forum held in May in Beijing discussed protecting critical infrastructures against cyberthreats, how to create an open Internet while maintaining security, and ensuring the Internet remains diverse.
Because today’s Internet is a platform for just about everything, it should be considered a critical infrastructure, attendees said. As more things are connected to the Internet, cyberattackers are exploiting weaknesses just about everywhere; even small utilities and companies have been targets of large-scale attacks. The group said that threat-intelligence standards are needed to categorize types of vulnerabilities and to create methods for sharing information. An organization such as IEEE, attendees noted, could help researchers, industry, and authorities with combating cyberthreats to critical infrastructure by, for example, defining and sharing best security practices, bridging today’s nation-by-nation methodologies for handling attacks, and promoting the need for a global Internet police force.
Allowing access to online information by everyone who needs to make a decision is one of the key benefits of the Internet, but not everyone views transparency of data the same way, attendees noted. Hurdles include maintaining privacy, the cost of making the data transparent, and local and political issues. The group recommended a benchmark be developed that could be used to measure and track transparency over time. Suggestions for averting potential conflicts of interest included building user trust and separating the tasks of data collection, analysis, and usage.
What makes the Internet so diverse is the different forms it adopts depending on the country. Sites are either commercial or free, and various governing bodies are involved. Other factors that make the Internet so varied are its users, systems, and protocols. But attendees cautioned that “predators and monopolists” are posing a challenge to the Internet’s biodiversity. Policymakers and technologists need to play a bigger role, they said, to ensure not only the Internet’s diversity but also its resilience and sustainability.
A nurturing and open environment is crucial to the growth of the Internet in both the United States and China, they said.
Discussions about universal Internet access, cybersecurity, and biometrics took place at a March ETAP forum held in New Delhi. Shri R.S. Sharma, who chairs the Telecom Regulatory Authority of India, talked about the government’s Digital India program, which is working to help the country become a digitally empowered society with a knowledge economy. “We must leverage the Internet to deliver governance,” Sharma said. “The program’s success largely depends on expanding connectivity to all citizens.”
Only about 300 million Indian people have access to the Internet through a mobile device, he said. That’s out of a population of more than 1.2 billion. “Our government is working to leverage all means to improve the Internet penetration in the country,” Sharma said. Challenges to providing universal access include the slow network connection speed and the infrastructure costs. Suggestions on how to address the challenges include offering wireless technology, using unlicensed spectrum, and installing public Internet access points.
Cybersecurity—especially interstate conflict and terrorism—was raised by Nitin Desai, special advisor to the U.N. Secretary General for Internet Governance, India. “People are now looking at cyberspace as a separate theater of war,” Desai said. “Our laws and legal processes are really not equipped for these types of cybercrimes, making them prime for innovation.” He called for greater cooperation among cybersecurity technicians and those charged with managing the Internet for services such as air-traffic control, banking, power transmission, and telecommunications.
Live streaming of real-time events and delivering news to smartphones were other topics of discussion at the forum. Traditional newscasts are controlled by a broadcasting company, which monitors the feeds. Live data streams could be hacked and replaced with fake events—which could spur unrest and violence.
Attendees raised universal-access questions in terms of biometrics, security, and privacy. The Unique Identification Authority of India (UIDAI) program requires each resident, refugee, and noncitizen to provide demographic and biometric information, like their fingerprints as well as images of their irises and faces, plus their email addresses and telephone numbers. The government issues each person a unique 12-digit, randomly assigned Aadhaar ID number. The UIDAI program is the world’s largest national identification number project.
The program faces challenges such as who to share the information with and how to verify the information. Panelist Chaim Cohen, a consultant on cybersecurity and the Internet of Things, said it is incumbent on those who conceive, design, legislate, and deploy biometric systems to consider their ethical, cultural, social, and legal constraints. Biometric systems can benefit security, Cohen said, but their potential use for remote detection and their connection to identity records raise privacy concerns. He pointed out that the IEEE ETAP forum series can provide opportunities for further discussion on how to handle biometric data.
Protecting citizens’ biometric data also was discussed at the forum held in June in Tel Aviv. Israel launched a nationwide biometric database project in 2013 to prevent people from assuming false identities by duplicating ID cards and passports. All citizens must enroll in the database starting next year. The project requires citizens to submit high-resolution facial photos and prints of their two index fingers. Attendees discussed a host of issues surrounding the increased use of biometric data, such as the circumstances in which the information could be used and whether citizens’ data might be shared without their consent.
Attendees proposed basic principles for implementing and adopting biometrics for authentication, including ensuring that enrollment in the program—along with the handling and comparison of biometric attributes—is done in a location and manner that preserves each person’s dignity. Special consideration should be given to minors, people with disabilities, and the elderly, they suggested. Strong security and encryption measures should be taken when storing, moving, and processing the data, they said, adding that employees handling the information ought to be trained how to protect it. The group also recommended that other methods of authentication be used along with biometrics, and that humans, not only computers, should be verifying a person’s identity.
Many global forums deal with coordinating cybersecurity policy, but there’s still a lot of work to be done to bring technology expertise to bear, according to Iddo Moed of Israel’s Ministry of Foreign Affairs. He said policymakers need to understand enough about technology to be able to “identify its international context and the processes that are unfolding around its development. It can only work in the real world with the technologists, the economists, and the politicians sitting around the same table, and that is a very complicated process because we speak very different languages.”
Topics from the ETAP forum discussions are used as exemplary themes for future ETAP events and are referenced in ongoing conversations on IEEE Collabratec to maintain continuity and build momentum iteratively, while allowing new issues to be introduced between the events.
Discussion themes from the ETAP Forums can be found in downloadable reports. Upcoming whitepapers will cover such topics as end-to-end security and privacy, algorithmic decision making, protecting Internet traffic, and options and challenges in providing universal access.
For more on the IEEE Internet Initiative, follow developments on Twitter @IEEENetPolicy or visit the initiative’s website. Join the IEEE Internet Technology Policy (ITP) Community to engage in related discussions.