In the past year, the conversation about the Internet has centered around issues of trust. As we have discussed here, concerns about criminal hacking, commercial espionage, increasing cyber attacks and pervasive government surveillance have caused the technical/policy community to concentrate efforts on preventive and corrective solutions. One focus at the Internet Society is the promotion of an approach that we call “Collaborative Security”.
In that approach, we have urged that restoring trust is a collective responsibility and that all players on the Internet must do their part. We have insisted that any solution be grounded in fundamental human rights and that we cannot break the Internet in our efforts to fix it.
Yet, as governments have attempted to cope with cybersecurity issues, there has been a tendency to rely on the traditional top down mechanisms used in the past for physical security or telecommunications security to solve problems in the new world of the Internet. We are wary of both ineffective, short term “fixes” as well as massive government overreach.
The Global Conference on CyberSpace2015
At The Hague earlier this month, the Global Conference on CyberSpace(GCCS2015) brought a different approach to the problem. The Dutch government brought together over 2,000 people from all over the world to discuss Cyber Security under the themes of Freedom, Growth and Security. The tone of the conference was one of optimism and openness. Indeed, one of the most important successes of the week, in my opinion, was the decision of the Dutch government to include business, civil society and the technical community in this forum which has previously principally focused more on intergovernmental conversations.
The recognition that governments alone cannot fix the security of the Internet is central to making progress on restoring trust in the complex, multistakeholder environment that is the Internet. While civil society, in particular, legitimately asked for greater inclusion, it was encouraging that the design of the meeting fully embraced the necessity for greater inclusion of all sectors.
I was pleased that Internet Society staff and members were able to work with a very receptive Dutch government to open up this GCCS event to members of the Internet’s technical community. Indeed, I was delighted to greet an impressive number of ISOC Chapter members who were attending.
Both Olaf and I had an opportunity to discuss the collaborative security approach in our respective GCCS 2015 panels. Olaf’s blog post is particularly helpful. We hope that you will take a few minutes to familiarize yourself with the Collaborative Security document, use it in your work and provide feedback on how the approach is achieved on the ground.
The Global Commission On Internet Governance
While at the Hague, I was privileged, as an “official observer”, to participate in the meeting of the Global Commission on Internet Governance (GCIG) chaired by former Swedish Prime Minister Carl Bildt (sometimes called the “Bildt Commission”). The GCIG issued a statement “Toward a Social Compact for Digital Privacy and Security” that I also encourage you all to read. This Statement is the result of a thoughtful debate among and between diverse points of view on the Commission on how to integrate citizen security and privacy with legitimate state security. The report gives a strong nod to our notion of collaborative security and it acknowledges the need for the intentional involvement of legitimate stakeholders in finding solutions that integrate both privacy and security and which rest on foundational human rights. I believe that the principles set out in this Report warrant our serious consideration.
I also was pleased to see, during the GCCS 2015 week, the launch of Internet.nl, a new site designed to answer the question “Is Your Internet Up To Date?” Our Internet Society Chapter in The Netherlands was very involved in this effort as were a few of our staff from our office in Amsterdam. The site provides a very simple method to test if your websites and your Internet connection are using the latest Internet standards such as IPv6, DNSSEC and TLS. Services like these go far in helping us increase the overall security of the Internet.
Joint Statement of Technical Community
Finally, on Friday afternoon after the GCCS 2015 Chair’s Statement was released, a number of organizations and individuals from within the Internet’s technical community joined together to issue a joint statement reflecting on the event. Bringing together AfTLD, APNIC, auDA, CENTR, ICANN, LACTLD, RIPE NCC as well as ISOC and a number of other tech experts demonstrated the kind of collaborative engagement we believe is required to address issues related to the Internet. The human capacities and fundamental principles laid out in that document are ones that we believe are critical for the future of the Internet.
The events at The Hague provided staff and many members and friends of ISOC an important opportunity to share our thinking on the pressing issues of trust and security. We had outstanding discussions; our agenda of keeping the Internet open while increasing the security made solid progress.
I look forward to continuing these conversations at the next GCCS event in Mexico and at all the Internet governance events in between. Working together we will change the cybersecurity conversation to be more inclusive of all stakeholders. The Internet is for everyone – and we each have our role to play in making the Internet more secure. Please join with us!