Community Projects Encryption Improving Technical Security

Encryption and Content Filtering: Report from Madrid Chapters Meeting

Members from 22 European Internet Society Chapters in 20 countries gathered in Madrid on April 14, 2016 to discuss current public policy issues that affect the Internet. The meeting attendees were welcomed by Frédéric Donck, the Director of Internet Society’s European Bureau, who emphasized the importance of Chapters working together to address these issues. The countries represented in the meeting were Armenia, Finland, France, Israel, Italy, Kazakhstan, Kyrgyzstan, Montenegro, Netherlands, Norway, Poland, Portugal, Romania, Russia, Serbia, Slovenia, Spain, Switzerland, Turkey and UK, so there was a wide range of different geographic locations as well as political systems represented.

The first part of the day was dedicated to sharing experiences in advocacy work. The Chapters in various countries have different ways of approaching public policy issues and the political systems and climates vary from country to country, thus there is no one-size-fits-all way of impacting policy. Going round the table we discovered that there are a lot of different ways to make the voice of the chapters heard by the policy makers but at the same time certain repeating patterns emerged.

From the case studies that the chapters shared, four approaches to advocacy work could be distinguished. One of them is awareness building, or educating and informing the public and the decision makers. This includes among other things organising events, writing op-ed articles and publishing position papers. Second one is activism, which may take different forms and is a little harder to define. An example of this is the Swiss chapter collecting signatures to force a surveillance law into referendum. Third, there is consultation, which basically means giving a formal opinion when asked. In many countries governments organise public consultation rounds when laws are prepared. Finally there is cooperation, in which chapter actively engages with the policy makers and tries to impact the legislation or regulation by offering expertise and participating in the process. Together these different approaches form a kind of a toolbox to choose from, depending on the circumstances.

The rest of the day was used to address two specific policy issues that are timely and affect multiple countries in Europe, encryption and content filtering. The topics were picked from the 2015 Internet Policy Timeline project in which European chapters identified emerging policy issues that need attention.

Strong encryption and secure internet connections are something that we take more or less for granted. However, there is a growing demand among various national security and intelligence agencies to compromise encryption in the interest of national security. With the recent terrorist attacks in Europe this is beginning to show in the form of political pressure as well.

A case in point: In the UK, there is currently a heated conversation regarding the interrelation between the government and the use of technology communication tools that use encryption software tools. The UK is not alone, political discussions, or even legislation initiatives, are already going on in several other countries. It was agreed that the European ISOC chapters together with Internet Society staff should collaborate and coordinate their advocacy work on this issue. While terrorists and criminals can make use of secure connections it does not justify banning encryption for everyone or compromising personal or business communications by having mandatory back doors in software.

Content filtering and blocking as a form of censorship was also discussed. While filtering is something that is usually thought of as something that countries like China or Saudi Arabia do, surprisingly many European countries (most actually) are implementing or planning to implement it. The filtered content varies, among them are copyright infringements, gambling, child porn, drugs or suicide related information and extremist content. Turkey was identified as one of the countries that presents the most challenges with regards to the way the government is using filtering to restrict information in the internet. Indeed the legislation there provides the authorities with a wide range of tools to censor online content, including blocking, filtering and taking down content. Even services like YouTube or Twitter have been banned in Turkey for short periods of time.

While the rationale behind these attempts to censor online content can be based on legitimate concerns, filtering is not a solution, as argued in an Internet Society position paper.

The discussions in the meeting were lively and there was much enthusiasm among the participants to carry on the work. The next steps after the meeting will be to follow up on these topics together with the ISOC staff and chapters and also to keep on eye on other emerging policy issues. There is work to be done, fortunately it seems that we have the collective know-how and resources to do it.

The presentations from the meeting can be found here.

Development Internet Governance

The voice of the Internet Society community: early numbers from IG Survey

A few weeks back, the Internet Society launched a survey to learn more from you, our community, about your priorities and views on Internet governance and how you think the Internet Society should engage on these important topics in 2015 and beyond.

We are thrilled with the level of response from the community. In total, we received over 800 replies from around the world in just 20 days!

We just concluded the survey last Friday and are still going over the data but I thought I’d share a first glimpse of the responses. While this was not a scientific survey, we hope that the results will offer a useful window into the kinds of issues our community cares about when it comes to Internet governance.

Overall, more than half of the total replies came from individuals who identified themselves as from the technical community.   Additionally, the survey was open to the broad Internet community, and nearly 10% of the replies came from non-ISOC members. And, we’re really excited to see that we had responses from all over the globe!

    •    Latin America  – 15%
•    Asia Pacific  – 20%
•    Europe – 23%
•    Africa  – 22%
•    Middle East – 4%
•    North America – 16%

So, thank you to all who contributed to this survey.   We will continue to analyze the results and will share a full report soon!

Meanwhile, the dialogue on these important issues continues:

ISOC-ICC-CS, IG Community Dialogue, 2 March, 12.00-14.00 UTC

ISOC community webinar on IANA: on the March 4th

Internet Governance

2014: A Year for the Asia Pacific’s Voice To Be Heard

2014 will be an important year for the Asia Pacific (APAC) countries, as the region’s increasing importance and voice in the global dialogue on ICT and Internet development will be felt. So it’s very timely that APAC countries will participate in two very important global International Telecommunication Union (ITU) meetings this year: the World Telecommunication Development Conference 2014 (WTDC-14) currently taking place in Dubai, and the upcoming ITU Plenipotentiary Conference 2014 (PP-2014, in Busan, Korea at the end of October. Both of these meetings will set the tone and direction of future policies and programs, including incorporating the United Nations’ 2015 Millennium Development Goals (MDG) as well as WSIS (World Summit on the Information Society) targets.

Creative Development Strategies and Ideas Needed!

Traditionally, the ITU D-Sector is a primary focus for most developing countries as it provides a forum for developing countries’ voices to be heard. Expectations therefore will be high this time for the WTDC-14 meeting in Dubai, following the last meeting in Hyderabad four years ago where important decisions and milestones were made about universal broadband development. For WTDC-14, the priorities have not changed but rather have expanded from WTDC-10, reflecting a growing appetite of the region for faster development and advancement, and for welcoming creative developmental strategies and ideas.

These topics need discussion today because of the extreme speed of connectivity. It took 125 years to connect the first 1 billion people using the fixed line telecommunications, and at significant cost; by contrast, wireless technology needed only nine years to connect to its first 1 billion and only two years for the next billion.

Keeping Pace or Leaping Forward?

The future cannot be any more promising but therein also lies the biggest challenge for many policy-makers here: to merely keep pace or leap forward? APAC is in the very cusp of a new golden age of growth through technology, and this future is in their hands. The promise of a new era also means the emergence of new social changes which will have far reaching implications than former technologies.

The Asia Pacific Telecommunity (APT) Secretariat and its 38 members in the APAC region have endorsed a common proposal for 2014, covering topics such as:

  • A long-term, sustainable development framework to address regional priorities in a holistic manner, including policies, governance, resources, technology, privacy, security and cyber law
  • Common views on threats, including cybersecurity issues such as DDoS attacks and surveillance, OTT-type services, digital divide, spectrum allocation, child safety and filtering
  • Common views on opportunities, including broadband access, public-private partnerships, content development, deployment and access, new technology and applications like Big Data and White Space

The Internet Society is committed to collaborating with partner organizations in every region of the world in order to increase access to the Internet and spur innovation, economic and social development. The Internet Society believes in a global, inclusive Internet that enables participation and innovation from all parts of the world. We look forward to participating in the WTDC to set priorities for the work of the Sector for the next four years.

Identity Improving Technical Security Privacy

When law isn't enough

While an individual’s privacy must, in appropriate circumstances, give way to matters of public interest such as safety, law enforcement and security, what recent events have shown us is that some governments have stretched the boundaries of “appropriate” so far that they have snapped. Legal concepts such as “necessary”, “proportionate” and “reasonable” have been effectively rendered meaningless by surveillance programs that:

  • collect wholesale Internet user data (including metadata) without due regard to individuals’ rights and expectations of privacy;
  • lack proper independent and transparent judicial oversight;
  • are no more than “fishing expeditions”; and/or
  • fail to respect internationally-recognised state sovereignty.

While such surveillance programs may be said to comply with the letter of the law or an interpretation that is maintained to allow such programs to exist, they run contrary to fundamental ethical principles regarding what is just and fair. If law can be made to allow such programs or if law cannot prevent it, a strong statement of internationally agreed ethical principles must fill the gap and curtail the practice.

It is time that data trawlers hang up their nets and learn handline fishing.

Let 2014 be the year that the global community unites to:

  • confine the ambit of data collection for national security purposes to those truly exceptional instances where the public interest objectively outweighs an individual’s right to privacy; and
  • agree a set of strong principles for ethical data handling in the national security community.
Internet Governance

Voluntary Initiatives as a source of policy-making on the Internet

For many years, I have observed that the Internet is adopting many self-regulation frameworks to address a variety of issues. Indeed the Internet has benefited from self-regulation as an efficient way to address jurisdictional conflicts – particularly as compared to traditional law making. Since the Internet is global, jurisdiction is often the most difficult policy issue to address. To this end, voluntary initiatives are becoming increasingly popular in the digital space due to their ability to address dynamically issues related to the Internet. Voluntary, self-regulatory or industry-based are all terms used to identify initiatives that are produced and enforced by independent (private) bodies or trade associations and focus on addressing issues that have a limited scope and are of a specific subject matter.

The United States Patent and Trademark Office (USPTO) recently issued a request for input on voluntary best practices[1] in the context of intellectual property. In light of this request and considering the newly formed Copyright Alert System (CAS) and other similar policy exercises around the world, the Internet Society offers its own reflections on voluntary policy initiatives. By outlining the advantages and disadvantages of self-regulation and identifying a set of best practices for self-regulation that include the need for periodic reviews, external and internal checks and, transparency, amongst others, the Internet Society wishes to promote the thesis that voluntary-based initiatives can prove efficient if they are carefully balanced and do not depart from the established principles and processes of rulemaking.

The scale of Internet growth is reflected in the shear complexity of crafting Internet policies and regulations; it is an undisputable fact that the Internet has put to test the efficiency of traditional law making and its ability to deal with emerging technology trends. In order to deal with the increasing gap between legal and technology frameworks, many policy makers turn to systems of self-regulation and voluntarism. These systems are not new – since lex mercatoria (law of the merchant) in the middle Ages, self-regulation has been a tool for regulators and policy makers to deal with complex commercial issues in an expedient manner.

Self-regulation mechanisms can be efficient and offer a plethora advantages, but they should not be considered a panacea. A clear rationale regarding their mandate and parameters is essential for self-regulation frameworks to address their intended purpose and stand the test of time. At the same time, tools for measuring the effectiveness of these approaches should also be in place to ensure that the outcomes are consistent with expectations and that they continue to meet the public interest over time.

Since the Internet is a global network of networks, national Internet public policies, whether they are based on self-regulation or traditional regulation, often have impacts beyond national borders. Thus, as voluntary-based mechanisms gain traction amongst policymakers as an alternative way to address complex online legal issues, these mechanisms will also have global implications. This is particularly true because, while self-regulatory tools are evolving in different jurisdictions, there are lessons to be learned across all of these experiences. Further, there are global policy lessons to be learned in terms of the effectiveness, processes and sustainability of these kinds of policy tools.

What follows is a set of thoughts concerning self-regulation. Self-regulatory frameworks are appealing because they can be narrowly tailored to deal with specific legal issues but these tools are not the solution to all problems. In fact, successful self-regulation can only happen within established and legitimate frameworks of rule-making.

Advantages and Disadvantages of Voluntary-based Initiatives

The Internet Society is, generally, in favor of industry-based initiatives to address various issues, including those related to intellectual property; however, we are also mindful of the risks associated with these approaches. Whether based on theories of delegation or contract law, facilitated by the State or being a by-product of a “self-enforcing power, stemming from the direct deprivation of a valuable right”, the role of private bodies in self-regulatory environments is key.[2] At the outset, such private entities could prove beneficial in overseeing market participants’ actions through different processes such as standard setting, certification, monitoring, brand approval, warranties, product evaluation and arbitration.

Academic literature and market practices (e.g. the European Advertising Standards Alliance in Europe) indicate that for self-regulatory mechanisms to be successful they should include standards for real consent, which help ensure the legality and legitimacy of contractual agreements as part of private regulation. In cases where consent is not present, public legal institutions are required to specify the criteria that entitle private regulatory regimes to acquiescence and immunity. But, ultimately, it is adherence to minimum standards of justice and fairness that determine the success of industry-based initiatives. Rules, consequential to private regulatory efforts should ensure that – to the extent possible – interested and affected parties are able to participate in voluntary based initiatives on an equal footing.

Based on this set of minimum standards, private regulation offers some notable advantages in allowing the market to take the lead, offer a multitude of alternatives and ensure that fundamental values are protected by allowing interested parties to participate in the formation of rules and principles that are not subject to the cumbersome processes of traditional law making. As David Post, professor at Temple University and Fellow at the Center for Democracy and Technology, accurately put it: “We don’t need a plan but a multitude of plans from among which individuals can choose, and the market […] is most likely to bring that plenitude to us”.[3]

In a much similar vein, Robert Pitofsky, former Chairman of the Federal Trade Commission (FTC), referring to industry-led regulation, enumerated the following advantages:

· Self-regulatory groups may establish efficient product standards;

· Private standard setting can lower the cost of production;

· Private regulation helps consumers evaluate products and services;

· Self-regulation may deter conduct that is universally considered undesirable but outside the purview of civil or criminal law; and,

· Self-regulation is more prompt, flexible and effective than government regulation.

Industry regulation, however, also has significant disadvantages. The recent failure of self-regulatory models in the financial markets leads many to question industry-based regulation as an efficient model. To this end, some scholars have challenged the legitimacy of private bodies, such as cyber-authorities, to deal with issues emanating from the Internet. Their main concern relates to the ability of such authorities to create policy and enforce rules that traditionally fall within the remit of the democratic state. In the words of a US scholar: “State-centered law – both legislation and constitutional adjudication – carries considerable weight in legitimizing creation beliefs and practices and delegitimizing others. […] A cyberauthority, in contrast, would have to start from scratch”. [4]

One of the most worrying aspects of private regulation is, arguably, that many of its advantages are based on false premises and loose criteria. Amongst other things, private regulation may easily fail to protect democratic values; it can neglect basic standards of justice; and, it is often less accountable compared to traditional governmental rule making. More importantly, because of the Internet, self-regulation is increasingly initiated and imposed by new Internet sovereigns that do not necessarily operate within traditional principles of rule making. To this end, private regulation often suffers from lack of accountability and due process. .[5]

Effectiveness of Voluntary Initiatives

Various countries, including the United States and the United Kingdom, have consistently supported meaningful, consumer-friendly, self-regulatory regimes for various issues ranging from privacy to intellectual property. As the United States government has stated: “To be meaningful, self-regulation must do more than articulate broad policies and guidelines”.[

The Internet Society fully agrees with this premise – self-regulation emanating from voluntary based initiatives should extend to incorporate specific and reliable principles that allow participants and consumers/users to have a clear understanding regarding the delineation of the parameters, the scope of self-regulation and the accountability mechanisms for the public interest.

We will approach the effectiveness of self-regulation from the perspective of a) Accountable and Transparent Information Practices; and, b) Characteristics of Effectiveness.

A) Accountable and Transparent Practices

1. Access: At a minimum, users need to be provided with the option of having access to information regarding every voluntary-based mechanism that might affect them and their online experience. In this respect, every actor engaged in voluntary practices should take reasonable steps to ensure that users are kept updated and informed about the process and substance of such self-regulatory initiatives.

2. Enforcement Policies: Enforcement policies articulate the steps that will be taken when illegal action is detected. On this basis, users should be able to understand the scope of enforcement and the parameters of their activity.

3. Notification: Enforcement policies, especially those emanating from self-regulatory schemes, should be made known to users as much in advance as possible. Notification written in language that is clear and easily understood, should be displayed prominently, and should be made available before users are asked to sign any contract regarding their Internet connection.

4. Education: Two things are important in this context: first, education should reflect unbiased opinions and should be conducted by 3rd party trusted sources, including academia. Similarly, education should not be limited only to users but should extent to every single entity or individual who is part of the Internet ecosystem.

5. Data Security: Given the volume of data collected in such industry-based schemes, private bodies creating, maintaining, using or disseminating records of identifiable personal information must take reasonable measures to assure its reliability and take reasonable precautions to protect it from loss, misuse, alteration or destruction.

B. Characteristics of Effectiveness

For a self-regulatory regime to be effective, it needs to include mechanisms that assure compliance with its rules and appropriate recourse to an injured party when rules are not followed.

1. Due process: every voluntary-based initiative should adhere to basic and fundamental principles of justice and fairness, including, but not limited to, the right of a hearing, legal certainty and adherence to the rule of law.

2. Judicial safeguards: all voluntary-based initiatives should encompass internal and external checks and balances. One such balance is the right of an appeal. However, this right is not self-sufficient and should be accompanied by a process that is affordable and accessible; it should further incorporate rules that are clear and incentivize its use. Finally, it also requires independence and impartiality of all the participants.

3. Transparency: Disclosure of information to the public about voluntary schemes is another significant feature of voluntary-based initiatives. This information should include, but should not be limited to, the system’s rationale, end goal, how it affects interested parties, etc.

4. Balanced and proportionate rules: Voluntary based mechanisms should strive towards creating rules that are balanced, reflect the rule of law and are proportionate.

5. Trust: Trust is becoming increasingly important in the spheres of policymaking and law crafting. Any voluntary-driven initiative should seek to build and create an environment of mutual trust first, amongst the actors setting up the system, but also between the actors to which the system is addressed.

6. Periodic reviews: All systems, including public ones, should be periodically reviewed and evaluated as to their effectiveness. Such reviews test the efficacy of policy mechanisms and their ability to provide answers to the issues they were originally created to address. In the context of the United States’ Copyright Alert System (CAS), for instance, the need for a robust review after its first year of operation is key in identifying potential gaps and omissions, a possible revision of its safeguards, a reframing of its deliverables and the precise role of the various actors.

7. Public Interest: To the extent that self-regulation aims at setting standards that principally reflect industry needs, there is a potential for the standards to reflect the industry’s interests rather than the public interest. It is, therefore, essential that self-regulation is neither collusive nor open-ended; it should not operate outside the wider regulatory framework or act independently. In such instances, the role of the government and public interest groups can aid in a monitoring function and lessen the opportunity for abuse and opportunistic changes to the self-regulatory mechanism.


Voluntary-based initiatives can prove valuable tools in the complex environment of policy making. Unlike public regulation, which is increasingly being seen as too slow to address the needs of a fast-paced Internet environment, self-regulation can provide efficient answers to important legal questions. But, self-regulation should not be seen as a cure for all the issues appearing in cyberspace. It is important that mechanisms based on industry initiatives include very specific and solid provisions relating to due process, fairness and justice; in addition, periodic review mechanisms as well as internal and external checks, including the right of an appeal, should also be parts of voluntary-based initiatives. To this end, a careful balance regarding goals and scope is necessary in order to ensure that self-regulation does not become a vehicle of abuse or misuse.

[2] Henry H. Perritt, Jr., Towards a Hybrid Regulatory Scheme for the Internet, 2001 U. Chi. Legal F. 215

[3] David G. Post, What Larry Doesn’t Get: Code, Law, and Liberty in Cyberspace, 52 Stan L Rev 1439, 1458 (2000)

[4] Neil Weinstock Netanel, Cyberspace Self-Governance: A Skeptical View from Liberal Democratic Theory, 88 Cal L Rev 395, 497-98 (2000)

[5] Henry H. Perritt, Jr., Towards a Hybrid Regulatory Scheme for the Internet, 2001 U. Chi. Legal F. 215

Building Trust Identity Internet Governance Privacy

Internet of Humans

On November 8, 2012, I stood in as moderator of an extraordinary workshop for a colleague who was unable to make it to this year’s IGF covering the topic: “The Internet of Humans – Online Human Behaviour & IG Policy Impacts”.

This was an interesting mashup of Sociology, Social Psychology, ICT and Internet Policy dimensions with several of the panelists dipping their toes into more than one of these areas to hammer home their point.

As background to this Workshop, if IG and ICT policy are to be effective, it is clear that we must cultivate a keen understanding of the ever-evolving human behaviours that accompany an Internet of individuals and communities; a human internet that shapes global society in ever more pervasive ways.

This workshop formed an intersection between research on emerging sociological and psychological trends in Global Human behavior on the Internet, and Internet Governance Policy and Practice.

With the evolution of the Internet, there are ever increasing opportunities and challenges for empowered participation regarding issues of Privacy, Security, Freedom of Expression and Openness. Tacit behaviour of everyday users forms a “Net Etiquette” of expectations, roles, responsibilities and rights that surround participation. These individual and community online actions lead to macro-effects on “virtual” and “real world” spaces. Our (cyber)security, freedom and knowledge as a society do not depend on theoretical abstraction but on real world actions.

The multi-stakeholder, global and interactive workshop assembled leading research in Sociology and Psychology of Ihe internet, social mediaphiles, policy practitioners, businesses, government, and youth to hold a fluid discussion with all stakeholders present to:

  • Discuss a range of research and perspectives in an attempt to demystify and unload the meanings that are embedded in concepts of Privacy, Trust, Freedom of Expression, Openness and Security; and
  • Apply the findings to ICT and IG Policy, and practice by considering:
    • ​- measures that can be taken to ensure freedom of expression, access to knowledge and privacy for all stakeholders including Youth;
    • – challenges encountered in protecting freedom of expression online Solutions to better empower citizen’s access to information and effective/empowered participation in digital age;
    • – “Net Etiquette” and the roles, responsibilities and rights of users as they relate to openness, privacy and security.

The workshop relied on an interactive, dialogue based approach with a primary aim of inclusion. A concrete outcome of this workshop is expected to be the creation a roadmap of next steps in furthering a research and evidence-based ICT and IG policy agenda which, based on the workshop discussions will seek to address the following considerations:

  • Use of real names online is desirable but we need to be careful of what is posted online and the law should be balanced in dispensing justice related to speech online and in the physical world.
  • Two rights that are neglected online are freedom of assembly and freedom of association. These rights are threatened by surveillance, censorship and erosion of anonymity.
  • Need for greater accountability by all stakeholders in what is shared online and generally how one behaves online. As well as the need for govts to understand the issues from a multi disciplinary, multistakeholder approach.
  • One approach suggested was to study/understand human behavior first then consider online behavior
  • Some questions raised include what steps are being taken by Policymakers /regulators to understand the behaviors are taking place on line and How do regulators determine what policies need to be implemented to address online behavior? It was recommended to use different specialist to analyzed this issue (experts on behavior, sociologist, technologist in addition to lawyers).
  • Privacy is an issue integrally related to security: users’ concerns revolves around non-authorized access to their systems or devices, identity theft, hijacked of their accounts, access to their financial information and unauthorized used of payment instruments.
  • Keeping user information safe and available is top priority for Google. It is important to ensure strong security and privacy protection by providing easy-to-use security and privacy tools to help users to protect themselves against spam, phishing and malware and to avoid unauthorized access to their accounts and personal information.
  • Users’ behavior alters traditional legal institutions: for example the raising need for users to have content available on demand, when, where and in the format they want is affecting traditional models of copyright and there is an increasing need that those models start to became more resilient to users’new demands.
  • Consideration needs to be given for how ICTs have changed our respective behaviours e.g constant use of email, impact on interpersonal communication skills (face to face)
  • There is a large population of users that see the internet as a source of information, but are unaware of the risks associated with the use of the internet. There is a need for greater awareness and capacity building in the area of privacy, security and ethics.
  • Laws need to be in place address cybercrime.
  • Based on an emprical study (by ChildNet) of 800 youths on 6 different continents, the following findings were pertinent:
    • – Youth are more inclined to be open if they were anonymous, Anonymity provides security, protection and allows them to be more expressive.
    • – One drawback was that aspects of communication (body language ) is lost, found it difficult to identify emotions even with the use of emoticons
    • – Sometimes their own freedom of expression had to be curtailed out of concern for their reputation
    • – The type of communication and the openness of it depends on the target audience
Overall, the workshop participants agreed that there is a need to have diversity in this kind of discussion and get experiences of different groups eg disabled, policymakers and ordinary end users. It was anticipated that this approach will show the different perspectives of how we behave online and allow for the creation of more informed policies. In the final analysis, there was a call for collaboration in order for the research agenda to be expanded.
Human Rights Internet Governance

Internet Governance and Human Rights at the IGF

The 3rd day of the 7th IGF was dedicated to human rights. A timely debate!! No less than 9 workshops tackled aspects at the intersection of human rights regimes and internet governance, and many more touched upon their specific implications. Out of these, three  were focusing expressly on freedom of expression, and another three explored the policy implications and means to reconcile adequate protection of human rights and internet dynamics.

As a panelist in the session entitled ‘Human rights on the internet: legal frameworks and technological implications’, i had a chance to speak about the emerging paradigm of internet rights, current tensions triggered by the borderless nature of  the internet and the existent international legal instruments, and recent developments on this issue in the UN ambit. A thorough discussion of legal and technical aspects of implementing an adequate human rights regime preceded the Q&A session, which addressed interesting complementary aspects, such as recent legislation from Russia requiring blacklisting of websites for pornographic content which entered into force 8 days ago.  In the case of this specific example, the effects of passing such a law – beyond predictable intended and unintended consequences – are yet to be seen, given the particularities of the implementation system in the Russian context.

More generally, the struggles to strike a balance between human rights, legal frames and technology are rarely surfacing at other internet governance events, where such issues would be rather dealt with in a disconnected manner.  Against this background, the IGF is the best place to bring that up, and to create (hopefully) lasting networks of interest. As digital migrants and digital natives become more aware and more engaged in the drafting of norms and principles for the digital age they want to live in, the change they aim to see is one of the many seeds planted at the IGF. Hope you all stay close by to see it growing!