Documentary coverage of IGF-USA by the Imagining the Internet Center

Posts Tagged ‘john morris

IGF-USA 2012 Workshop: Next Challenge – How to Handle Big Data in the Cloud

leave a comment »

Brief session description:

Thursday, July 26, 2012 – The dramatic reduction in the cost of computing and storage made possible by cloud computing services, the spread of easy-to-use, open-source analytic tools, and the growing availability of massive data services from governments and the private sector (e.g. Google Maps) have enabled thousands of start-ups, hackers and others to create exciting new tools for business, entertainment, government and other sectors. Government policies can help or hinder development of new databases and Big Data apps. Issues covered in this session included: 1) open government data policy; 2) Intellectual Property Rights protection; 3) IT research; 4) technology test beds; 5) education; 6) law enforcement access; and 7) privacy regulations.

Details of the session:

The moderator for the session was Mike Nelson, a professor at Georgetown University and research associate at CSC Leading Edge Forum. Panelists included:

  • Jeff Brueggeman, vice president of public policy for AT&T
  • Paul Mitchell, senior director and general manager, Microsoft TV Division
  • Lillie Coney, associate director, Electronic Privacy Information Center
  • Jules Polonetsky, director and co-chair, Future of Privacy Forum
  • John Morris, director of Internet policy, NTIA/US Department of Commerce
  • Katherine Race Brin, attorney, bureau of consumer protection, Federal Trade Commission

Mike Nelson, an Internet policy expert from Georgetown University, shared some reassuring remarks as he introduced a panel session that concentrated upon the complexities of managing what has become known as “Big Data.”

“These issues are not new,” he said. “We’ve been dealing with them for 20 or 30 years, but they are a lot more important now.”

Nelson explained in a workshop at IGF-USA Thursday at Georgetown Law Center that it’s not just about data that are big. It’s about data that are changing so quickly and need innovative tools of management.

He introduced the following questions:

Polonetsky and Brueggeman exchange stories a workshop about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

  • How will privacy concerns impact the development of large databases (or will they have any significant impact)?
  • What are the liability issues of Big Data in the cloud?
  • How do we deal with the shortage of data experts?
  • How do we handle issues concerning control and access to data?

Jeff Brueggeman, a global public policy executive with AT&T and a longtime participant in Internet governance discussion in many fora, began the conversation by addressing a few of these issues.

First, he noted the importance of working with businesses as well as policymakers to come up with tools to manage the data. He also addressed the significance of maintaining security in cloud data.

“The more data that’s being collected and retained, the more that data could be used as a target,” Brueggeman said.

Brueggeman introduced some issues for the other panelists to contest, inquiring about best practices for dealing with data sets, types of controls over what users should expect, what uses of data are legitimate without that control and international components.

Jules Polonetsky of the Future of Privacy Forum followed with a look at the long-term perspective, offering some insight about the impacts of cloud technology.

“I’ve always had a hard time getting my head around clouds,” Polonetsky said. “But the best we can do is make sure we’re a bit of a gatekeeper.”

He argued that a formalized procedure should be established for the release of private information to law enforcement officials and others seeking information. But he also elaborated on the risks of such technology, which he illustrated by telling a story about his friend, a rabbi, who watched a racy video, unaware that Facebook would automatically share the link on his Facebook page, proving how easy it is to inadvertently share online activity with the greater digital community.

Polonetsky champions the benefits of data use, but he also urges people to consider the implications of such sharing and storing of data. He said he believes there should be a debate in which people weigh the risks and benefits.

Katherine Race Brin speaks about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

Katherine Race Brin continued the conversation, citing some of her experiences dealing with these issues in her job with the Federal Trade Commission.

She said the FTC has studied the implications of cloud computing for a number of years and has also considered how, or if, a cloud is different than any other uses of data transfer in regard to privacy.

She said her work at the FTC has led her to believe that the companies that are storing data in the cloud are often in the best position to assess the risks of that data sharing.

“We’ve always said, in relation to personal data, the businesses remain accountable for the personal data of their customers,” Brin said.

She said that while the FTC holds businesses responsible, it also provides a framework to ensure consumer privacy.

Brin explained the three key aspects of this framework:

  • Privacy by design – Companies should build in privacy protection at every stage from the product development to the product implementation phases. This includes reasonable security for consumer data, limited collection and retention of such data and resonable procedures to promote data accuracy.
  • Simplified consumer choice – Companies should give consumers the option to decide what information is shared about them and with whom. This should include a “do-not-track” mechanism that would provide a simple, easy way for consumers to control the tracking of their online activities.
  • Transparency – Companies should disclose details about their collection and use of consumers’ information and provide consumers with access to the data collected about them.

Lille Coney, associate director of the Electronic Privacy Information Center, offered her insights as an expert on big data. (To see a video posted by The Economist about Big Data that is based on EPIC-supplied information, click here.)

“Governance is not easy,” Coney said. “But we do learn mechanisms for creating accountability, transparency and oversight.”

She noted that the difficulty lies in creating guidelines that have currency and legitimacy. In regard to cloud computing, Coney suggests that people are not only consumers; they themselves – or at least the sets of the private information they share – are actually products.

“Our online activity alone generates revenue, and many consumers don’t understand that,” Coney said.

She said she strongly believes in the importance of the public’s engagement in the conversation. With all these privacy concerns, Coney said the consumer cannot afford to leave it up to businesses or government.

Lille Coney speaks about the Clould at IGF-USA in Washington, D.C. on July 26, 2012.

Microsoft executive Paul Mitchell, added some perspective to the conversation in terms of how to go about tackling the issue of how to manage Big Data. “I think the big challenge here is figuring out whats’ first when we’re talking about big data,” Mitchell said, noting the overwhelming amount of data being created and databased. “What we have here is not a new problem. What we have here is a problem of scale.”

Mitchell said we can look at the separate desires of people, businesses and society, and consider a philosophy based on each group’s needs. He explained that the people-first philosophy would ensure that data that could be harmful isn’t allowed to be. The business-first philosophy would be about maximizing the potential economic return for the use of data. The society-first philosophy would optimize the value for society as a whole based on what can be done with the data.

“From an operating perspective, the challenges we face involve how to govern against these three axises,” said Mitchell. “The policymakers’ choice is how to balance the three appropriately.”

Nelson then asked a question directed at the panelists about the future of the cloud and whether there would be one cloud in an interconnected world or a world of separate clouds run by different companies.

Session moderator Nelson then asked the panelists about the future of the cloud -whether there will be one cloud in an interconnectedworld or a world of separate clouds run by different companies.

Mitchell argued that there are circumstances that will require a private set of services.

Coney expressed concern over that model. “Consumer’s control over their data in a cloud-driven environment will require the ability to move their data from Cloud A to Cloud B. Making that a reality in this environment is going to be the challenge,” she said.

Polonetsky had a slightly different viewpoint. He considered the business-platforms perspective, questioning how easy it should be to move consumers’ data.

“Yes, it is your data, but did the platform add some value to it by organizing it in a certain way?” he asked, adding that the platforms may make a legitimate contribution by organizing consumers’ data. For example, your Facebook friends belong to you, but Facebook created a platform in which you interact with and share information, photographs and other things with them.

To conclude, Nelson took a few questions from the audience and asked each panelist for a recommendation regarding the future management of Big Data. Brueggeman suggested there should be a set of commonly accepted practices for managing Big Data. Polonetsky added there should be more navigable digital data. Brin supported the strong need for transparency. Coney proposed that cloud providers and Big Data companies must show their respect for a diverse group of stakeholders. Mitchell recommended that we should all work toward greater harmony between business, personal and societal values.

— Audrey Horwitz

IGF-USA 2012 Workshop: Can an Open Internet Survive – Challenges and Issues

with one comment

Brief session description:

Thursday, July 26, 2012 – This workshop focused on the challenges of keeping the Internet open while simultaneously maintaining a safe and secure environment for individuals, businesses and governments. Governments encounter a wide ranging set of issues and concerns that can limit an open Internet, including the cost of connectivity, spam/malware, intellectual property rights, human rights and objectionable content. Businesses often make decisions for business purposes that may contribute to closing off the Internet. Leaders in governments’ legislative branches, including the US Congress and its counterparts around the world, and business leaders do not always recognize the implications of the actions they take that might negatively influence the Internet. In addition, citizens may voluntarily but without full understanding accept moves that contribute to closing off the Internet, quietly accepting actions and decisions that affect its openness in a negative way. The session worked to identify the key characteristics of an open Internet; the global and national challenges that threaten this; the initiatives pursued to advance the open Internet; multistakeholder engagement to develop and promote an open Internet.

Details of the session:

The session was moderated by Robert Guerra, principal at Privaterra and senior advisor to Citizen Lab in the school of global affairs at the University of Toronto. Panelists were:

  • Ellen Blackler, vice president for global public policy, The Walt Disney Company
  • Thomas Gideon, technical director of the Open Technology Institute at the New America Foundation
  • Andrew McDiarmid, policy analyst at the Center for Democracy and Technology
  • Julian Sanchez, research fellow at the Cato Institute
  • Paul Diaz, director of policy for the Public Interest Registry
  • John Morris, director of Internet policy, office of policy analysis and development of the US National Telecommunications and Information Administration

Ellen Blackler participates as a panelist about challenges and issues facing an open Internet at IGF-USA in Washington, D.C. on July 26, 2012.

Between copyright infringement, intellectual property, piracy and protection of online privacy, the openness of the Internet is being threatened on all sides, according to six IGF-USA panelists, who gathered to define and assess the challenges to an open Internet Thursday at Georgetown Law Center.

“The free and open Internet oughtn’t be a free-for-all,” said Ellen Blackler, vice president for global public policy for The Walt Disney Company.

A focus on the balance between maintaining an open Internet while ensuring security and privacy and minimizing piracy has always loomed as one of the largest challenges to the future of the Internet. While members of this panel represented diverse Internet backgrounds, the all agreed that Internet policy must and will continue to evolve with challenges posed by the struggle between these often-competing values.

What is Internet openness?

The definition of an open Internet differs even within seasoned IGF attendees.

John Morris of the National Telecommunications and Information Administration (NTIA) cited the principles of Internet openness recommended by the Organisation for Economic Co-operation and Development (OECD) last year, which highlight several key characteristics, including the opportunities for both collaboration and independent work.

An open Internet allows users to operate “independently of one another, so as not to have a centralized single body to control or impose regulations,” Morris said.

The Internet policymaking process additionally needs to be open for collaboration, Morris said.

“What is it that keeps barriers low, what steps can we take to address challenges?” asked Andrew McDiarmid, policy analyst for the Center for Democracy and Technology (CDT). “It’s about learning … to keep the process more open and open to more voices.”

Though the openness of the Internet is one of the Web’s key characteristics, challenges ensue when openness trumps privacy.

“The openness principle has failed the public in privacy interest,” Blackler said.

U.S. policies directly affect those abroad

In the United States, Internet access is virtually everywhere, but the major challenge for Internet openness in many other parts of the world is online accessibility, especially in remote areas and in developing nations.

Robert Guerra acts as moderator during a workshop about challenges and issues facing an open Internet at IGF-USA in Washington, D.C. on July 26, 2012.

“Access at an affordable cost is key because then we can innovate,” said panel moderator Robert Guerra, the founder of Privaterra.

Panelists agreed that though global policies across the board on the issues tied to Internet openness are unlikely to be established due to differing cultural values and standards from country to country, cooperation on the international scale is still quite important.

“Not that I think we need to achieve one global norm about a particular issue, but we need to achieve a global level of interoperability,” Morris said.

In some countries, global Internet operability is a major issue due to government blocking and filtering–the management of what content citizens may or may not access or share. Thomas Gideon of the Open Technology Institute noted the difficulties that global policymakers face with nations that exercise a great deal of control over available content.

“A large part of what I do in my work is to defend human rights online,” Gideon said. “That’s equally fraught with the risks that those trying to speak freely in contentious and crisis regimes face.”

Paul Diaz, director of policy for the Public Interest Registry noted the challenge of governance measures working locally and globally. “What works in one environment, what may work here in the US, is not necessarily applicable in another country” he said. Ultimately, the Internet is global and therein lies the challenge.”

Piracy and copyright: What is the solution?

When discussing the widespread nature of piracy online and the difficulty in regulating it, panelists differed in their preferred approach to dealing with the challenges of intellectual and copyrighted property.

“Companies like Netflix are slowly finding ways to shift from a product to a service model,” Julian Sanchez, a research fellow at the Cato Institute, said, suggesting this as one successful choice for property owners.

Sanchez argued that the best way to discourage piracy is to create services that offer consumers a wide variety of choices and control over consumption of goods at a fair price. He said this is a better method than exclusively offering products that can be copied and shared and pirated just as easily.

Private niches online: Social networking and the cloud

With the advent of social networking and the desire to share and access personal information, the Internet includes private and targeted content, as well.

Sanchez emphasized that the structure of the Internet should be seen more as a network of people and relationships than as a technological architecture.

Facebook’s Sarah Wynn-Williams said social networking represents the “desire for people to connect and share and be open,” adding that the future of Internet policy must meet these demands and “preserve the ability of people to [share personal content online,] which is genuinely under threat.”

Panelists also noted that files shared through cloud data storage continue to be as difficult to regulate as physically shared materials. Just as the government has often largely chosen not to investigate copied CDs or cassettes that become distributed among friends, content in the cloud is as difficult to trace and regulate.

— Madison Margeson

Internet Governance Forum-USA, 2011 Workshop: Can the Clouds Prevail?

leave a comment »

Brief description:

Data Retention; privacy; security; geo-location; mobility; government/law enforcement cooperation; transnational location issues: these are among the emerging cloud computing challenges in Internet Governance. Promoted by industry and government alike, “the cloud” seems to be the answer in providing emerging online services – addressing costs; access; diversity of infrastructure; reliability; and security. Yet its extremely distributed nature raises Internet governance questions. This workshop addressed the Internet governance questions facing cloud computing, including the emergence of the mobile cloud.

Details of the session:

JULY 18, 2011 - Amie Stepanovich participated in the "Can the Clouds Prevail?" workshop at the Internet Governance Forum USA 2011.

Where the cloud’s data is located, who has access to it and what happens if it’s breached took center stage during the cloud computing workshop at the IGF-USA conference July 18 in Washington, D.C.

The moderator for the session was Mike Nelson, a professor at Georgetown University and research associate at CSC Leading Edge Forum.

Panelists included a range of industry, governmental and civil organization representatives:

  • Jeff Brueggeman, vice president of public policy for AT&T
  • Danny McPherson, chief security officer for Verisign
  • Amie Stepanovich, Electronic Privacy Information Center
  • Marc Crandall, product counsel for Google
  • John Morris, general counsel and director of Internet standards, Center for Democracy & Technology (CDT)
  • Fred Whiteside, director of cybersecurity operations for the U.S. Department of Commerce, and National Institute of Standards and Technology Target Business Use Case Manager
  • Jonathan Zuck, president of the Association for Competitive Technology (ACT)

Georgetown University professor Mike Nelson said governments are happy to use the cloud for cross-border control because it would enable government applications to work better, and it would save money. But the data have to stay within a host country.

“Tension between government controls on cross-border data flows are often caused by the desire for more privacy for citizens in their country versus the global cloud,” he said.  “How do we get to a global cloud that is actually globalized, where data is allowed to move wherever it wants to and yet have the private assurances we’ve had in the past?”

There are many who believe location equals control, said Marc Crandall of Google.  But that is not always the case when entering various servers and using a resource like the cloud.

“So location may not necessarily equal control,” Crandall said.  “The thing about the cloud is I tend to feel that location does not necessarily equal secure. Where something is located doesn’t make it any more or less secure.”

Having governments worry about security standardization and privacy would be a better focus, he said.

Jonathan Zuck, president of the Association for Competitive Technology, said people need to begin to focus on international citizenry in regards to the cloud. It’s not about where the cloud is located or whose cloud the consumers are using, but looking at a larger more competitive group of providers.

JULY 18, 2011 - Fred Whiteside shares with a group of individuals during the "Can the Clouds Prevail?" workshop during the Internet Governance Forum USA 2011.

And where data are located comes can raise concerns about who has access to that information.  If the data are located in a country with little judicial review or fewer privacy regulations, will users’ information be at risk?

“There should be an emerging global standard,” said Jeff Brueggeman, vice president of public policy for AT&T.  “As to privacy, the more we improve international cooperation on cybersecurity and law enforcement so that there is more comfort over legitimate concerns that if the data is not stored can they go after a bad guy.  But again we have to deal with real issues as well as setting up the right policies to help distinguish between legitimate concern and government overreaching.”

If there is a breach and private information has been hacked, as has been seen in recent attacks against Google and Sony, what should the companies do to be transparent but also uphold their legal obligations?

If an organization is hacked and information is stolen, but that’s not made known publicly, it could be a violation of fair disclosure, said Danny McPherson, chief security officer of Verisign.

“Lots of folks don’t share that type of information,” he said. “Every state or region or nation or union has different native laws and that is extremely problematic in that perspective.”

There are many times that information may not be classified but is of a private nature, such as trade agreements that would need to stay confidential, said Fred Whiteside, director of cybersecurity operations for the U.S. Department of Commerce.  It is complex, he said, and as someone who hears many classified discussions on security breaches, he added that it would trouble him for sensitive information to be made public.

Amie Stepanovich, of Electronic Privacy Information Center, said businesses and industries should start worrying about encrypting the information before it is hacked and instead of worrying about the cost-benefit analysis.

“I think the benefit of data encryption is really worth it,” she said. “Its been proven again and again. Companies feel somehow they have to touch that burner to see if it’s hot before they move to that.”

Regardless, while the focus has been on the concerns and security issues surrounding the cloud, there are many benefits that should receive their due credit.

“I think the fact we are all here is a testament to the cloud,” she said. “Or else we wouldn’t be so concerned with what the problems are if we didn’t recognize there are so many benefits of the cloud.”

– Anna Johnson