Documentary coverage of IGF-USA by the Imagining the Internet Center

Posts Tagged ‘neustar

IGF-USA 2012 Case Vignettes: Turning Principles into Practice – Or Not: Internet Governance/ICANN; Consumer Privacy; Cyber Security; Dialogues about Lessons Learned

with one comment

Brief session description:

Thursday, July 26, 2012 – This workshop was aimed at examining the role principles are playing in framing debates, achieving consensus and influencing change – or not. Proposals for Internet principles are popping up everywhere, from national to regional and global discussions, on a wide range of issues. In 2011, IGF-USA examined a number of principles in a session titled “A Plethora of Principles.” This session follows on that one. Session planners noted that it’s not enough to simply develop a set of principles, the question is: how are principles actually implemented how are they inspiring change? Are they new voluntary codes of conduct, new regulations, new laws? Principles can become a baseline for gaining high-level agreements. They may go beyond the expectations possible through legislation or regulation, so some argue that principles should be written to be aspirational. Some argue for legislation, regulation or enforcement mechanisms to ‘hold industry accountable’ to promises made in principles designed as sets of commitments. This workshop examined three case vignettes: 1) How the principles of a white paper were incorporated into ICANN’s formation and what the status of these principles are today within ICANN’s mission and core activities; 2) how consumer privacy principles have fared in global and national settings in terms of these points ‘turning into practice’; and 3) how cybersecurity/botnet principles are faring.

Details of the session:

The moderator for this session was Shane Tews, vice president for global public policy and government relations at Verisign. Panelists included:

  • Becky Burr, chief privacy officer, Neustar Inc.: Turning White Paper Principles into actuality in ICANN
  • Menessha Mithal, associate director of the division of privacy and identity protection, Federal Trade Commission: Consumer privacy principles
  • Eric Burger, director of the Georgetown University Center for Secure Communications: Cybersecurity and botnets
  • Carl Kalapesi, co-author of the World Economic Forum’s report Rethinking Personal Data: Strengthening Trust: the World Economic Forum perspective

Carl Kalapesi speaks as a respondent at “Turning Principles into Practice- or Not” during theIGF-USA conference in Washington, D.C. on July 26, 2012.

Before an informal agreement, policy or formal regulation is adopted, passed or approved it takes its initial steps as an idea. The trick lies in bringing it from a formative state to something actionable, otherwise it may languish as a suggested goal, followed by and adhered to by no one.

During the IGF-USA panel titled “Turning Principles into Practice – or Not” participants shared successful case studies as examples of how to create actionable practices out of ethereal goals. Citing processes ranging from US efforts to counteract botnets to domain name system governance and to consumer privacy, three panelists and one respondent drew from their own experiences in discussing ways in which people might successfully bridge the gap between idea and action.

Meneesha Mithal, associate director of the Federal Trade Commission’s Division of Privacy and Identity Protection, weighed in on the efficacy of principles versus regulation by offering a series method to act on a problem.

“It’s not really a binary thing – I think there’s a sliding scale here in how you implement principles and regulation,” she said. She cited corporate self-regulatory codes, the work of international standard-setting bodies, multistakeholder processes, safe harbors and legislation as possible means for action.

Mithal highlighted online privacy policies as an example of the need for a sliding scale. The status quo has been to adhere to the concepts of notice and choice on the part of consumers; this has resulted in corporations’ creation of lengthy, complicated privacy policies that go unread by the consumers they are meant to inform. Recently, pressure has been placed on companies to provide more transparent, effective means of informing customers about privacy policies.

“If it had been in a legislative context, it would have been difficult for us to amend laws,” Mithal said, though she admitted that such flexible agreements are “sometimes not enough when you talk about having rights that are enforceable.”

And Mithal did note that, given the current climate surrounding the discussion of online privacy, it’s still the time for a degree of broad-based privacy legislation in America.

Eric Burger, a professor of computer science at Georgetown University, spoke on the topic of botnets, those dangerous cyber networks that secretly invade and wrest control of computers from consumers, leaving them subservient to the whims of hackers looking for a challenge, or criminals looking for the power to distribute sizable amounts of malware.

Given the sheer number of stakeholders – ISPs concerned about the drain on their profits and the liability problems the strain of illegal information shared by the botnets, individual users concerned over whether their computers have been compromised and government agencies searching for a solution – Burger said that the swift adoption of principles is the ideal response.

Among those principles are sharing responsibility for the response to botnets, admitting that it’s a global problem, reporting and sharing lessons learned from deployed countermeasures, educating users on the problem and the preservation of flexibility to ensure innovation. But Burger did admit the process of arriving at this set of principles wasn’t without its faults. “Very few of the users were involved in this,” he said, citing “heavy government and industry involvement, but very little on the user side,” creating a need to look back in a year or two to examine whether the principles had been met and whether they had been effective in responding to the swarm of botnets.

Becky Burr, chief privacy officer and deputy general counsel at Neustar, previously served as the director of the Office of International Affairs at the National Telecommunications and Information Administration, where she had a hands-on role in the US recognition of ICANN (NTIA). She issued a play-by-play of the lengthy series of efforts to turn ICANN from a series of proposed responses into a legitimate governing entity, which was largely aided by a single paragraph in a framework issued by President Bill Clinton’s administration in 1997.

Written as a response to the growing need for the establishment of groundwork on Internet commerce and domain names, the paper called for a global, competitive, market-based system for registering domain names, which would encourage Internet governance to move from the bottom-up. The next day, the NTIA issued the so-called “Green Paper” which echoed many of the principles of the administration’s framework and drew extensive feedback from around the world, including negative feedback over the suggestion that the US government add up to five gTLDs during the transitional period.

After reflection on the feedback to both the white and green papers, and a series of workshops among multiple stakeholders to flesh out the principles of stability, competition, private-sector leadership, bottom-up governance and realistic representation of the affect communities, ICANN held its first public meeting Nov. 14, 1998, underwent several reforms in 2002, and ever since, in Burr’s words, “is still the best idea, or at least no one’s figured out a better idea.”

“The bottom line is to iterate, make sure you articulate your principles and try to find some built-in self-correcting model,” Burr said.

Shane Tews acts as moderator at “Turning Principles into Practice- or Not” during the IGF-USA conference in Washington, D.C. on July 26, 2012.

While Burr’s play-by-play described how a relatively independent, formal institution was formed to offer DNS governance, Carl Kalapesi, a project manager at the World Economic Forum, offered a more informal approach, relying on the informal obligations tied to agreeing with principles to enforce adherence.

“Legislative approaches by their nature take a very, very long time,” Kalapesi said. He vigorously supported the importance of principles in offering “a common vision of where we want to get to,” which leaders can sign onto in order to get the ball rolling.

He offered the example of the “Principles of Cyber Resilience,” offered to CEOs at last year’s World Economic Forum with the goal of making them more accountable for the protection of their own networks and sites while still allowing them flexibility to combat problems in a way that best suited their own work-flow and supply chains.

Central to Kalapesi’s argument in favor of principle-based solutions is their flexibility.

“Half of the uses of data didn’t exist when the data was collected – we didn’t know what they were going to do with it,” he said, alluding to the concerns over the use of private data by the likes of Google and Facebook, which accelerate and evolve at a rate with which formal legislation could never keep up.

Burr later echoed this point in theorizing that 1998′s Child Online Protection Act might soon be obsolete, but Mithal remained firm that a “government backstop” should be in place to ensure that there’s something other than the vague notion of “market forces” to respond to companies who step back from their agreements.

— Morgan Little

Advertisements

IGF-USA 2012 Workshop: The Changing Landscape of the Domain Name System – New Generic Top Level Domains (gTLDs) and Their Implications for Users

leave a comment »

Brief session description:

Thursday, July 26, 2012 – Early in 2012, ICANN launched the process to introduce vast numbers of new generic top-level domains (gTLDs) — allowing, for the first time, the customization of Internet addresses to the right of the dot. Few people understand that there are already 22 existing gTLDs and 242 country code TLDs, with a total of 233 million registered second level names across all TLDs. In the coming years, these existing TLDs will be joined by numerous new gTLDs, likely resulting in the registration of millions of new second-level domains. Some will use scripts that are unfamiliar to English speakers or readers. How exactly these new gTLDs will impact the world of users and registrants is yet to be determined. Will they add significant new registration space, cause confusion, provide some unique innovations, or, most likely all of the above to some degree? ICANN received a wide range of applications – including brand names, generic terms, and geographic and regional terms. The workshop was organized to discuss Issues and questions including: changes to how domain name registrants and users may organize and search for information online; how defensive registrations may impact existing registrants; whether ICANN gave a sufficient focus to Internationalized Domain Names; how applications from potential registries from developing countries are supported; whether fraud and abuse that exists in the existing gTLD space will migrate easily into the new ‘spaces’ or even be compounded; and how conflicts between applicants from noncommercial sector will impact the users of the Internet.

Details of the session:

The session was moderated by Ron Andruff, president and CEO of DotSport, LLC. Panelists included:

  • Laura Covington, associate general counsel for global brand and trademarks, Yahoo!
  • Bobby Flaim, supervisory special agent with the Federal Bureau of Investigation
  • Suzanne Radell, senior policy adviser, NTIA, and US Government Advisory Council representative at ICANN
  • Elisa Cooper, director of product marketing, MarkMonitor (remote participant)
  • Alan Drewsen, executive director of the International Trademark Association
  • Andrew Mack, principal and founder of AMGlobal Consulting
  • Krista Papac, chief strategy officer for ARI Registry Services

Respondents were Dan Jaffe, executive vice president for government relations of the Association of National Advertisers, and Jeff Neuman, vice president for business affairs of Neustar and Generic Names Supporting Organization councilor at ICANN.

Suzanne Radell participates as a panelist about the changing landscape of the Domain Name System at IGF-USA in Washington, D.C. on July 26, 2012.

There is a mix of concern and optimism for how the new generic top-level domains (gTLDs) will change the landscape of the Internet, but it’s certain that a new era of the Internet is coming.

A diverse panel at IGF-USA Thursday at Georgetown Law Center offering perspectives ranging from the side of brands to trademark security agreed on one thing: The introduction of new gTLDs will open the Internet up to more users, but also to more actors and cyber squatters. The panel agreed that the gTLD program will result in a tremendous amount of change, but how it will affect the landscape and whether that change is good, sparked the most discussion.

This year, there are 2.3 billion users of the Internet and 555 million websites. The numbers are staggering, considering the Internet is only about 14 years old, said moderator Ron Andruff, president and CEO of RNA Partners Inc.

There are 22 existing gTLDs – including .com, .net, .org and .edu – and 242 country code TLDs.

Elisa Cooper, director of product marketing at MarkMonitor, joined the panel remotely to give an analysis and breakdown of new gTLD application statistics.

Of 1,930 applications for a new gTLD, 652 were .Brand applications. Cooper divides the applications into three categories: brand names, community based and generic. The two flavors of generic are closed and open – the latter makes registries available to the general public with little eligibility requirements. Cooper also revealed:

  • There is a relatively low number of Internationalized Domain Names – only 116.
  • Geographically, the majority of the applications have come from North America and Europe.
  • Of the .Brand applications – which go through the standard application process – technology,
    media and financial sectors led the way.
  • The most highly contested strings were .APP, .INC, .HOME and .ART
  • The top three applicants were Donuts, Google and Amazon.

Laura Covington, who serves as chief trademark and brand counsel for Yahoo!, joined the panel from a .brand applicant company and offered a brand owner perspective. Yahoo! applied for .yahoo and .flickr

“I think there are a lot of exciting opportunities from a marketing perspective, even from a security perspective with the new gTLDs and the new .brands in particular,” Covington said. “And I also think that it’s going to have to change the face of how trademark owners, brand owners deal with their enforcement issues, how they approach protecting their marks going forward.”

Yahoo! is viewing the new gTLDs as an amazing new world and new way to reach customers, though Covington admits uncertainty toward what search engines will do once gTLDs are added to the mix of search algorithms. As a brand owner, she has concerns with how to deal with the second-level names because there will be an exponential increase in opportunity for cyber squatters.

Flaim (FBI) and Papac (ARI) participate as panelists about the changing landscape of the Domain Name System at IGF-USA in Washington, D.C. on July 26, 2012.

Bobby Flaim, FBI special agent, is primarily concerned with the pre-existing problems with domestic and international law enforcement of the Internet and how the problems may worsen as bad actors become more prevalent.

The existing system has some major problems with cyber squatting, said Jaffe, group executive vice president of ANA. He said he didn’t want to be the panel’s doomsayer, but he added that no one should assume the new gTLD program will roll out in a smooth or timely manner.

One hugely positive impact of the new gTLDs Covington sees is an influx of new voices and new participants in the multistakeholder process.

Krista Papac, general manager of ARI Registry Services, agreed.

“I do have faith in the multistakeholder model and hope that we continue to find our way through it and deal with the different issues,” Papac said.

Papac is running some of the registries for the new gTLDs and sees a lot of opportunity to create more secure environments and more opportunities from brands.

Suzanne Radell, senior policy adviser in the Office of International Affairs at NTIA and US GAC Representative, said that more people and more interest in the program will be crucial to ICANN’s evolution.

“We’ve got our fingers crossed that the benefits to consumers, to users are not outweighed by risks and costs,” Radell said. “So we’re looking very much forward to a review of the new gTLD program.”

Alan Drewsen, executive director of INTA, said he expects that the introduction of the new gTLDs will go more slowly and be less successful than hoped.

“ICANN will continue to exist, though I think it’s done everything possible to put its life in jeopardy,” Drewsen said, making the audience and panel laugh.

Andrew Mack, AMGlobal, speaks at a workshop about the changing landscape of the Domain Name System at IGF-USA in Washington, D.C. on July 26, 2012.

INTA has been critical of the process that ICANN has led over the last several years in introducing the new gTLDs.

“Given the amount of time and money that the members have invested in this process and the potential consequences that can flow from its failure, INTA will continue to work collaboratively with a lot of these constituencies to get the best possible results,” Drewsen said.

Andrew Mack, principal of AMGlobal Consulting, sees a large concentration in the global North and the English-speaking world. People in the global South won’t be able to participate in a program they don’t know exists. Seventeen gTLD applications are better than none, he said, but the number of applicants from other parts of the globa total to a paltry amount compared to highly connected regions already experiencing huge economic shifts due to the Internet. Mack said his pessimism is rooted in the fact that Africa and Asia are missing out when they could really benefit.

“And we want them to be part of our Internet,” Mack said.

There is an influx of new participants from existing participants, Neuman of Neustar noted.

The new gTLDs open up a lot of opportunities for business and marketing folks, but each person on the panel defined success in different ways.

“It’s definitely going to be an exciting time,” said Brian Winterfeldt, a partner with Steptoe & Johnson LLP. “I think we really are moving into sort of a new era of the Internet with this expansion and I think it’s going to be very exciting to see how it evolves.”

— Ashley Barnas