Internet Governance and Cybersecurity
Internet Governance and Cybersecurity
Responses - Stakeholder Private Sector
Rajesh Chharia, President Internet Service Provider Association India (ISPAI)
The IGF is a platform on which we discuss multi-stakeholders, cybersecurity, openness, and access. In Hyderabad, India, we also raised the issue of the Internet for all. The open and transparent nature of the Internet means it has become all-pervasive in our lives. However, this openness has also led to certain threats, which can affect any individual, corporation, or nation.
Cybersecurity is currently the leading concern for major economies and its target can be anyone: a government department in any country or even an ordinary person. Threats have risen as the Internet has become a critical infrastructure for the global economy, with thousands of operations migrating onto it. Reports indicate that between April and December 2012, the types of threats detected on the Google Android platform increased by more than thirty times, rising from 11,000 to 350,000. They are expected to reach one million in 2013, according to security company Trend Micro.
The cyber threats and cyber attacks also reveal an escalating digital Cold War. While the United States government has claimed for years that cyber attacks are mainly state-sponsored and initiated predominantly by China, Iran, and Russia, recent reports indicate that cyber attacks in March 2013 were most frequently launched from Russia and Germany, followed by Tai-wan and the United States.
That’s not all. Online child abuse in the form of pornography, bullying, racism, and so on is on the rise. In the UK, 57% of 9- to 19-year-olds say they’ve seen online pornography, 46% say they’ve given out information they shouldn’t have, and 33% say they’ve been bullied online. According to ITU surveys, 30% of teenage girls say they have been sexually harassed in a chat room; only 7% tell their parents for fear their online access will be limited.
This increase clearly indicates that, as the global economy depends more and more on the Internet, the latter becomes increas-ingly insidious. In understanding the efficiency of the Internet, the need of the hour is to have a global effort to preserve its best aspects and guard against abuses.
Created as a decentralized network, the Internet has been a difficult place for policymakers seeking to enforce the laws of the real world. What is concerning is that in cyberspace, attacks seem to have a structural lead over defense capabilities: it can be prohibitively difficult to foresee where, how, and when attackers will strike.
Confronted with this challenge, the global community faces a dilemma between the neutrality of the Internet and cybersecurity critical services, such as e-commerce or e-health, which might never develop if users are not able to operate in a more secure environment. Moreover, some governments simply do not like ideas to circulate freely. Many governments have created na-tional firewalls to monitor and filter the flow of information on the network. In fact, the US government, which has champi-oned Internet freedom initiatives abroad, has been found to be cooperating with private telecoms operators on Internet surveil-lance, which violates user privacy. The six-year-long snooping on customer data and violation of privacy under PRISM clearly indicate the duplicity of the US on this matter. Frankly, they have lost all credibility and locus standi on their position of cus-tomers‘ privacy. All non-US citizens (foreign user base) can be targeted under PRISM, as reported by the media. There has been an acknowledgement that 100% security is not possible with 100% privacy and, as mentioned earlier, it is primarily for foreign users.
Such a situation makes it imperative for countries and Internet associations to take a lead in their respective spaces and give true leadership and positions on issues related to the Internet and genuine freedom of speech on the Internet.
The question becomes more urgent every day: should the Internet remain an end-to-end, neutral environment, or should we sacrifice Internet freedom on the altar of enhanced security? The answer requires a brief explanation of how the Internet is governed and what might change.
Since its early days, the Internet has been largely unregulated by public authorities, becoming a matter for private self-regulation by engineers and experts, who for years have taken major decisions through unstructured procedures. No doubt, this has worked in the past. But as cyberspace started to expand, the stakes began to rise.
Recent ICANN rulings have exacerbated the debate over the need for more government involvement in Internet governance, either through a dedicated United Nations agency or through the International Telecommunications Union (ITU). But there are experts who fear that if a multi-stakeholder model is abandoned, the World Wide Web would cease to exist as we know it.
Last year‘s World Conference on International Telecommunications, held in Dubai, hosted a heated debate on the future of cyberspace. There were divergent views. The ITU looked to expand its authority over the Internet; European telecoms opera-tors wanted to secure more revenues by changing the rules for exchanging information between networks; China, Russia, and India wanted stronger government control over the Internet; the United States and Europe stood to protect the multi-stakeholder model of ICANN; and a group of smaller countries sought to have Internet access declared a human right.
When a new treaty was finally put to vote, unsurprisingly as many as 55 countries (including the United States and many EU member states) decided not to sign. Since then, the question of how the Internet will be governed remains unresolved.
It clearly indicates that the problems that affect cyberspace cannot be resolved easily. There are three aspects that deserve inter-national cooperation: cybersecurity, Internet governance, and freedom of expression. Solutions exist in all three domains, but should be addressed separately.
First, cybersecurity needs a global public–private partnership and countries should formally commit to fighting botnets and refraining from government-sponsored cyber attacks. The governments should set up Computer Emergency Readiness Teams that receive notification from private parties and secure network resilience either directly or through private network operators. Operators at national and global level should agree on industry-wide codes of conduct to ensure that the flow of information between operators and public authorities is fast and reliable.
Second, there is no credible alternative to the multi-stakeholder model for Internet governance. But the United States should realize that solely domestic companies should not control major Internet assets, especially as most Internet users are in Asia (China, India, etc.). More generally, ICANN should become more transparent, structured, accountable, and represent a multi-stakeholder framework if it wants to survive as a private regulator. Stakeholders in the regions where the next billion Internet users reside, such as India and Africa, should be encouraged to participate in global decision and policymaking forums.
Third, the global community should protect freedom of expression. Universal access to a robust, neutral Internet should always be preserved as a guarantee for democracy. This will be heavily resisted since it could lead to easier anonymity for criminals, but any alternative would undermine Internet freedom.
MIND-Multistakeholder Internet Dialog