The following are the outputs of the real-time captioning taken during the Tenth Annual Meeting of the Internet Governance Forum (IGF) in João Pessoa, Brazil, from 10 to 13 November 2015. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record.
>> GIOVANNI SEPPIA: May I invite you to take a seat, please, so that we can start. Okay. Thank you, everybody. We have a great list of panelists today. If we can close the door, please. Thank you.
So I guess this is the tenth workshop that the community has put forward. Not only are we celebrating the 10th anniversary of the IGF, but also we are celebrating the 10th anniversary since the first time we submitted to the workshopper, probably 9th workshop. 11? 11, okay. So even more. So 11 workshops that the CCLD community has presented to the IGF to cover different aspects of our work, to cover different aspects of our -- the challenges that this community is facing on a yearly, daily, monthly basis.
Just to give you an idea to those in the room, it's a short instance for count record top level domains. We are the identifiers of the different countries of the top level in the internet. So we have the U.K ., the DK and many more. And there are about 246-47 CCLDs and there are specific segments for managing CCLD. We believe we are a strong community because many of us have recently celebrated three decades of being operational in this business. So we have built up a long expertise in the domain name industry.
Today's workshop is about how the county level domain and other stakeholders are contributing to restore trust digital environment. We are speaking every day about the digital environment. We do lead in the digital environment, but at some point, many of us have experienced some threads to this environment. And therefore, our trust in what we live in the environment we live every day may have become weaker. So this worry shop aims to highlight how many of us are working together to contribute to restore trust in the digital environment to improve literacy above at the different levels that are making the digital environments. So not only the operators, but also those that are using the Internet. So again, it's a very interesting topic considering all the factors that are influencing the digital environment now a days.
Today we are extremely honored to have Mr. Andrus Ansip, Vice President of the European Commission for the Digital Single Market. And I would like to give the floor for some introductory remarks to this workshop. And I would like to thank you again for coming to this workshop and participating in the dialogue. I know you have been briefed a lot about this already. So thank you for the introductory remarks. The floor is yours.
>> ANDRUS ANSIP: Thank you very much. It's a great pleasure for me to be here. I would like to say that contrary to top main level representatives are doing well. You make sure the internet works properly. But politicians had to do more. So as you know, in the European Union, we launched digital market strategy. One of those main names according to digital market strategy is also to allow pre‑data lows across the European Union. But according to my understanding, digital business is global business. We had to create an environment which allows free data flows not only across the European Union, but also across the world.
In the European Union and with the third countries, as everybody knows, now safe harbor is really a hot topic everywhere. I would like to state it very clearly that we have solution. We have to work that means Europeans and the Americans closely together find solutions because our ordinary people are suffering today and our companies are suffering. We had to create an environment where pretty secure data flows will be possible. So in the European Union, first ever in our history, we were able to agree in common (inaudible) principles. All the traffic has to be treated equally. Approaching the European Union is the same, according to my understanding, as here in Brazil as in the United States and we had to provide that kind of rules across the world.
In the European Union, we are concluding now organizations about networks and information security directive. This cybersecurity is really important issue now a days. We know that no single country is able to protect cyber space alone. Corporation in this field is definite (inaudible). And this directive is exactly about cooperation, about the change of (inaudible) and by who in the European Union very soon this environment cyber space will be more trustful for everybody. We had to conclude our data protection. We hope we will be able to do this even this year. Those are quite important initiatives in the European Union with which we would like to create an environment our people they can really trust.
How we can restart trust in the environment is much broader issue than I try to explain right now. I would like to say we can do it own it together. I mean, top level country top level domain representatives and all the stakeholders. As I said, you are doing (inaudible) to my understanding well more transparency and accountability is always beneficial, but you are doing well already. Once again, politicians, they had to do more. And I think when we will have real multi‑stake holder monologue of the Internet occurrence, there will be much more interested parties which will push safer Internet. So, I wish all the success to this workshop and I'm ready to listen for all your ideas very carefully. I would like to say those digital single market in the European Union is based already on NETmundial. So thank you very much:
>> GIOVANNI SEPPIA: Thank you very much. Is there any question from the floor or the remote participation? We are lucky to have a Vice President of your tenth commission. So this is the time to speak up. I understand he once asked to speak up. Okay. They're all shy. Okay. Piere, thank you.
>> AUDIENCE: My name is (inaudible). I represent a European network of children's NGO. And my question is: Where was the child in this? They have great proportions of the uses of the internet and very little is discussed about what they expect to happen and how they can build trust in the Internet that's often used to abuse them. Where are the children in all this is my question?
>> GIOVANNI SEPPIA: Vice President, you would like to have the second question first? Okay.
>> Thank you very much to pay us a visit. You're far from Brazil. You mentioned the NETmundial statement before. I would like to know what is your vision about the outcome of the USS +10 baker that is going to be negotiated in December and do you think that the NETmundial principals should be included in this outcome of the WSIS or because from now, there is no mention of the NETmundial statement. Thank you very much.
>> Thank you very much for those. At first, our children. We have to pay more attention of our children in education and digital skills. Digital is our future. It's hot it correct to talk about digital economy and non‑digital economy anymore for the economies that's digital already. 70% of value added is created not in ICT sector, but in traditional sectors. So digital is really everywhere already. And there is a lack of skilled digitally skilled horses everywhere. So, coding has to be part of curricular and in maybe schools it may be too late to start teaching coding to our people. We have this kind of initiatives like coding week in the European Union, but much more is needed. Already children they have to understand that coding is not boring. It can be fun. By so many of young people who created some kind of new games and it was real fun.
So skills. Then skills and dedication. Then negative side. I think we have to be more much attention on those principles. If there is illegal content somewhere in the Internet, then somehow it already works. But not properly according to my understanding. We have to improve situations in this meeting, in fact if there is illegal content. Reaction has to be much more quicker. Right now I'm talking about child pornography, for example. We don't have to tolerate this kind of content in open internet. So what else about children? I think all Internet is for children and also retired people. There are some specificities which has to deal especially with children, but when we are developing safe Internet, then we have to think on all those age groups.
Sorry. I talked about the next question already, but NETmundial principles. It was really, really good that some people were able to put on paper those really general principles and as I already said, when we prepared this digital single mart strategy in the European Union, then basis of all those discussions was because this principle paper. Those principle very general principles and I think with time, importance of those principles will be somehow on lower level or we can even forget about those principles. I think those principle will have importance after 100 years or after 1,000 years and how to use where to put those principles is up to those making those decisioning. For me, this is basics on our activities. Thank you.
>> GIOVANNI SEPPIA: Thank you, Vice President. I have four other questions, but I would like to invite those who are going to ask questions to be short, please. I understand they would like to answer. Especially those registered LD managers who are here to share their best practices and experience. If I remember correctly, a person from the audience and Frederick.
>> FREDERIC DONCK: Thank you very much. I'd like to you help me a little bit to understand with safe harbor talking about restoring trust. In the last 10 days, I've been completely confused. A couple days ago an Ambassador from the U.S. came to Brussels saying the U.S. won't change much for the safe harbor, but completely that Europe didn't understand quite well that the U.S. is all set about privacy. So everything's okay. There will know a new safe harbor, but they won't change much. In the same week, the European data protection authorities together with experts from the U.S. are saying they will bridge the gaps between both regulation and that it will go (inaudible). At the same time, the German data protection ‑‑
>> GIOVANNI SEPPIA: I said short. And I'm the moderator.
>> FREDERIC DONCK: And then the European Commission comes with guidance. So they are mixing and confusion messages about safe harbor. We talk about restoring trust. Safe Harbor is an important piece of this. So what's your view.
>> I will try to explain where we are right now immediately. So when people are talking about safe harbor, they know there is some kind of problem. They knew also that safe harbor was not safe. This is practically all what people they know about safe harbor. (inaudible) and for what this safe harbor was mentioned. In the year 1995 in the European Union, we got our first data protection directive. According to this directive, it was loads to transfer data to the third countries on the basis of contracts.
So inside of corporations, then on basis of consent, but I would like to say this is a last resort and when this third country was (inaudible). But about the United States of America, it was quite difficult to say how (inaudible) this country because they don't have those further data protection roles at that time. And then the European Union and U.S ‑‑ the European Commission and (inaudible) started to negotiate in the year 2000. We got safe harbor. Standards practically European standards and companies they promised to follow voluntary.
So safe harbor was mention said to protect data Europeans in the United States of America. The idea was really good, but in the year 2013, we got a misunderstanding that safe harbor is not safe because of snowed edge, (inaudible) and in understanding. Already then we started to negotiate once again with Americans to make safe harbor safe. And according to my understanding, we were pretty close to find this consensus in (inaudible). And then we got safe harbor controlling. I would like to say this was not so big surprise for us because we started to negotiate already in the year 2013. So a lot of work was done already during those negotiations, but according to my understanding, we have to do more.
According to my understanding, later you mentioned is not sufficient and I'm not a lawyer, but according to my understanding, legal and binding administrative is in what form it is up to Americans to say will be needed. I would like to say that a sense of urgency is on both sides. In the European Union and in the United States of America, so for me I got say four messages from this controlling. In the European Union, we had to conclude our general data protection reform negotiations and all the further activities that had to be based on reform data protection rules in the European Union. We have to work closely together with Americans to find solutions because our people are waiting for vets and our businesses are waiting for vets.
Thirdly, our data protection agencies, national agencies and regional agencies have to cooperate and have to come up with positions not only 28, but maybe 128 different data protection agencies will start the negotiation maybe this partner will be happy because of that situation. I think those 128 will be quite disappointed because of results, cooperation in this field will be definitely needed. And, of course, we promise to give the guidelines to our people and businesses and we launched communication last Friday already. So I hope now the picture is more clear and there is more clarity and predictability for our companies and it's practically what we are able to do. Businesses are asking for some kind of (inaudible). But sorry to say. This is not in our hands. It is up to (inaudible) to give this grace period or not.
So, to conclude, we have to work closely with Americans and to protect the stake of Europeans in the United States of America. I would like to say that some important changes took place also in the United States in need of data protection. Last January, President Barrack Obama made quite a remarkable speech that he stated that all the data doesn't matter. Americans or non‑Americans had to be treated on equal basis. I would like to say that those negotiations which were started already in the year 2013 they are based on this very strong political guideline. I'm looking forward to it.
>> GIOVANNI SEPPIA: Sorry for the long question. Okay. You from the floor and then (inaudible).
>> Hello. My name is Richard coming from the Austria registry. Thank you for the kind words to the CCLD community. But in your talk, one very important sentence. A politician (inaudible) . Could you be a little more precise. What do you think? Is it more regulation? Is it more coordination? Cooperate? What's in your mind?
>> I'm not promoting more regulations. We launched in the European Union more than ten public consultations, but I'm sorry about the fact we launched during shorts periods. So many of those public consultations, but we would like to collect information, ideas and on basis of this information, we can say do we have to regulate or deregulate and it's also an option in some cases. So it does not mean that more regulations will be definitely needed. I described what we are doing in the European Union. On the level of the law, it is definitely needed. Yes. Some people say that there is some kind of loopholes today in this regulation.
Before this regulation, there was a huge black (inaudible), no regulations at all. You remember for example, it was a regulated area and there were regulations also in (inaudible) and Finland, but all others, no regulations at all. So, this is a first regulation or principles of neutrality on global we have in the European Union. Not the last one. If there will be some problems, there will be some real loopholes, then we have to fix all those problems. For network and information security directive, so more corporation is needed in this field. In the year 2007, (inaudible) was on the cyber attacks. I was (inaudible) at that time. I can say from my own experience how important this informant corporation between different country stakeholders, many of those cyber attacks at that time were cut just because of very fruitful informal corporation that affected emergency response teams and before those attacks crossed our boarders.
So once again, more transparency is needed. Deeper corporation in this field is definitely needed. Politicians have to work with those issues. So clear data protection rules. As I said, we had to conclude as soon as possible. I hope this year those negotiations about the general data protection reform in the European Union. Safe harbor is also up to politicians to conclude as soon as possible negotiations protect data of our people. So, I was talking about politicians who had to do more than I was talking about. That's fine of the initiatives said. That's fine of the issues, but I am not sure you can name hundreds of those areas where politicians had to do more. Thank you.
>> GIOVANNI SEPPIA: Thank you, Vice President. Before I lead the floor to the next question, you keep saying that politicians should do more and you have a politician next to you. I'm taking this chance to give the floor to member of the European parliament. Yesterday, you had a great intervention of things organized by Italian deputies in the Bill of rights. What do you think we had do more at the politician level? Thank you.
>> I appreciated opportunity to speak here and learn from you from your work. The Vice President make its an interesting point by saying politicians can only do more. I don't want to retire yet. The irony is that we are facing a moment in time as we think about internet governance and all the different stakeholders and their roles that government particularly and perhaps more broadly as well have to rely on orders more and more to make sure there is a legitimate and efficient and functioning governance of all aspects of the open Internet whether technical infrastructure or the surface running over. And the theme of this session is how to restore trust? I think that's the million dollar question or the million Euro question. It's a major challenge about which I've done some thinking as the member of Global Commission on Internet Governance. It's a group of 25 very different people with very different backgrounds. I'm one of the few politicians serving on that. We have suggested the need for new social compact where different stakeholders work together and I think this is one of the most fundamental points that I believe we need to implement in this entire Eco system is that freedom and security do not have to be zero. They can go together. They move the go together and they must reinforce each other.
In the new social compact, one of the key recommendations perhaps a bit surprising is that government should not weaken and encrypt. It is very important for the technical infrastructure that weakening encryption does not increase security and certainly does not benefit the freedoms of the people using the internet. And the fact that in the global commission there are also members with a very serious and senior national security background that are now calling to resist government efforts to weaken encryption has a shift in acknowledging about what is wisdom here. I think part of that shift and thinking could only be possible with the knowledge of technical experts.
So for politicians to do more or to make smarter policies where necessary to play their role and insuring there is the democratic and judicial oversight in processes where governments are in multi‑stake holder environments, we need technical knowledge. I will be very brief, but I would like to end there. I think we not overestimate the need for more exchange of experience and knowledge by engineers and technical custodians of the open Internet. People in politics, civil society globally so that we can together as we are opening up to more multi‑stake holder processes make sure that we make decisions and design processes of accountability and legitimate governance do so on the basis of the latest knowledge. And not make the kinds of mistakes that were made for example by weakening encryption that later will then have to be corrected, which is always much more difficult. Exchange between the technical community, civil society and politicians no doubt will lead to smarter policies and will give a lot of us and our colleagues more work to do, but hopefully will make efficient use of our time so that we can target and make necessary steps and not live in the past century with the laws that we propose which could be outdated with the data implemented over.
>> GIOVANNI SEPPIA: Thank you so much. Mr. President?
>> I'm talking about myself when I say politicians can do more. Together with the society, we can change this situation. We can improve the situation and I'm talking about teaching a single market strategy. We used all kind of sources to get ideas and information including Cloud sourcing and it is very important to involve all the different interested groups in this process. I would like to pick up this encryption topic. Once again, my answer is not so short, but in the country I know best, it's possible to move electronically. The first time when people and according to my understanding, all over the country it's possible to take part in elections using the internet in the world. So, in the year 2005, only 10,000 really moved electronically by way of the Internet in the municipal elections. During the last parliamentary elections, we had 1/3rd via Internet. And now by encryption. Some politicians are asking for back doors. Who will trust those internet‑based elections if people know that somebody has key to open that door, somebody theoretically can manipulate with those election results. Nobody. And that's why if we're talking about national election systems, I'm strongly against all kind of back doors. Thank you.
>> GIOVANNI SEPPIA: Thanks a lot, Vice President. We have you and then Anabeta. You're still on?
>> FABRIZIO CASOA: Hi. My name is Fabrizio Casoa. You mentioned about teaching coding, for example, in schools. I think it would be great, but I think coding is too techno logical. We should focus maybe more on basic principles of the Internet. When you talk about Internet, especially security, the focus tends to be a lot on technology, technology, technology. You have human aspects of that that have not been taken care of. For me, I think it is basic because it is remaining you had from the past two decades where internet was for the geeks. You needed to understand how it works and actually use it.
Nowadays, internet is everywhere. Everybody is using it, even not people. We have machines using it automatically. Wouldn't it be the case that instead of us or technology or technological community say what needs to be done or how to make education strategies to bring people from other areas, psychology, education background and other backgrounds to discuss this with us because I think this might be one of the keys to is start working on several different aspects of the Internet. How you can debate on privacy telling what people should and should not accept. If people don't understand how internet works, they should be the ones to tell us what they and want what they don't want. We need to get people from the areas to see how they can approach their own communities and their own groups. I would like to know what you think about it? Is that something you guys have in mind? Thank you.
>> My answer is very short. Yes. I agree with you.
>> GIOVANNI SEPPIA: Yes. I agree with you.
>> I'm working for the Norwegian industry. I wanted to go back to what you mentioned for the responsibility of content when you talked about (inaudible) and there's a lot of action out there now for pressure, for the (inaudible) and for the ISPs to remove and block to get rid of the content. And it's a lot of misunderstanding from those asking for it from both law enforcement and the right holders. So, what we experience is that during that blocking or taking down a domain, it doesn't solve the problem. And we all agree we don't want the eagle content, we don't want inappropriate content, but we should work very closely together to find a way to deal with that that really works. We had a case now where they were taken down by the big companies. And two days after that, all the content were out on another ISB address and another domain name. I would like to send that back to you to find another way. Thank you.
>> GIOVANNI SEPPIA: Thank you.
>> Once again shorted. We can show you that if there is an illegal content somewhere, then this take down principle works. Not perfectly, but it works. If there is legal content, which is used illegally somewhere, mainly in talking about corporate issues, then this is a real charge. So every day musicians are asking to take down some kind of illegal use of legal content. And then those service providers say sorry. But we are just mitigating. We are neutral mediators. So we don't know. Is it legal or illegal there? But at the end of the day, weeks or month, they will take down. And what happened? After two minutes, once again. Somebody else will put this illegal content, illegal websites. Please take down and keep it down. But what we can do I think we have to provide more clarity. It's not so that there is illegal content that is (inaudible) and no boarders at all if legal content is used illegally. We have to bring more clarity. We have to make those regulations more clear to all the stakeholders. Thank you.
>> Thank you and we have (inaudible) for this.
>> There's a broader question online. The privatization of law enforcement, the privatization of norm setting and even setting human rights standards. I think this merits so much broader and somewhat philosophical of what is appropriate or not. We see that in child pornography and other heinous crimes.
You are absolutely right and this is the kind of knowledge we need to know that works. And also the point you made about blocking not being efficient. There are those in law enforcement that are hacking into criminals computers that can help, but in reality, they delete valuable traces of crimes committed that can then not be used as evidence in a court case. So what is wisdom has to be thought through before interacting on impulses or incidents. I think the role of courts should not be underestimated of law enforcement and human rights standard setting should not happen. It's a slippery slope that may be attractive when it comes to solving the worse of the worst crimes. And so I would say that there are different steps that can be considered by politicians like us what crimes have to be solved by law enforcement, but remember it is people that commit crimes and not technologies. The people are responsible and finding a due process. I know commissioners onset is focused on this.
The laws have to be reformed and this is also a way in which crimes or offenses could be reduced if we have a legal system that is more up to date to the techno logical development. We can also reduce quote/unquote crime and have a more adequate legal structure for the digital age. I think when it blacks intellectual property rights, we should look at reform and not reinforcement.
>> I'm so sorry. But now I have to apologize because our American partners (inaudible) meeting we'll discuss the source of safe harbor. I wish you success in deep cooperation indeed. Airline the stake holders included (inaudible) topical and domain representatives. We can make internet more safe. So thank you and all the rest of you.
>> Thank you, Vice President. I also (inaudible) you have a time constraint and you have to leave now or you can stay?
>> I can stay two more minutes, but I don't know what good that would do. I see someone really eager to ask questions.
>> ELSA: I'm sorry. I hope it's going to be worth it. I know that this is very concerned with a specific region, Europe, U.S. But I really want to put up the floor the region in terms of trust. I just want to know what your advice is or best practice is so that ‑‑ I come from a civil sort background. And you can't imagine how much the amount of stress has gone completely down in terms of trust on the Internet in the digital kind of work that human rights defenders have in the region. I want to know what is your advice on this? For the record, my name is Elsa. I would like to take this offline if you don't have time.
>> We really need to give the floor to the panelists. If you would like to address this question, please.
>> I will address this question briefly. There's a lot to be said. I would be happy to take it offline. I will be here around here till . I will recognize you now that I've seen you. I think whatever we want to do internationally as the EU is only incredible and efficient if we lead by example. This too often is a problem. What we saw in the U.K. after the riots, there were proposals from the government to shut down social media. I consider most often illegitimate. You highlighted the gulf states and middle east. I would also‑like to see much more emphasis on human rights more broadly and particularly online. I have taken a number of initiatives to streamline and enhance human rights to access information and freedom of speech, but also to be aware and to deal with the way in which governments are uses technologies to enhance their abilities for surveyance, censorship, tracking, tracing, all kinds of practices against human rights defenders and opposition figures and often times citizens of these countries. I believe that we have failed to anticipate or use the opportunities that the hyper connected (inaudible) new environment bring us to reach out from say open societies to citizens who are seeking these values and their rights to be respected, but who are living under governance that don't allow these people to realize these rights. I think that's a real missed opportunity. There are many concrete things we can do. Look at how E.U. required standards and mobile networks have different impacts when they're using countries where there is no rule of law. We talked about it back doors. E.U. law requires them to have enforcement. But if we export the systems without any consideration of the fact that there are not the same checks and balances in many countries in the world, we are making a mistake. Lastly, another topic that impacts people in the middle east is I think we need export controls on surveyance and hacking and are the technologies that are made in usual, marketed and sold for repression that operate in a fairly unregulated environment, which I think is very inappropriate and making discussions about human rights online or cybersecurity less credible. Again, if we cannot lead by example and incur the gray market in surveying systems, then we are failing ourselves. So I think there's a lot to be done and I look forward to continue our discussion. I'm really sorry. I have to go, but I hope you have a good meeting continues.
>> GIOVANNI SEPPIA: Thank you. There's an interesting study coming on the Dominion in the middle east. I'd like now to give the floor finally to the panelists and bottom how to restore digital trust in the digital environment. We the CCLn regional organizations have launched a survey for our members. That's some time I would like the general manager of center to share. And then I would like to hear from the three CCLD representatives who are here and how they're contributing to actions which are targeting the restriction of the digital ‑‑ trust in the digital environment. So thank you, Peter.
>> Peter: Thank you, Giovanni. I am the general manager of center. Quickly following up on what (inaudible) just mentioned and helping politicians to do their job better. I think there's a very important role for everybody in this room. I must say the two that launched that request are actually champions in Brussels of getting the input interest the decision making process. So it's a shame they're gone, but I would like to thank both of them. You had a wonderful experiment going with the nurse in the parliament, that was a well attended educational series for parliamentarians. Our champions of education and commission officials so they truly understand. Just to conclude that. A quick summary of the survey that Giovanni mentioned was held amongst just over 30 CCLDs worldwide and unfortunately not from the Middle Eastt. We all CCLDs because they're perfectly situated to feel the temperature on a national level. By collecting their views, we got a quick worldwide scan of the digital environment, the (inaudible) and how they see the opportunities to deal with it. On the highest level and the survey results will be made available. The assessment was the impact of security incidents was considered to be a serious problem in 20% of the country. How this reflects into the level of trust there was a measure of trust in particular banking. The effect was slightly less, but still very important and probably had an economic impact on e‑Commerce.
What was surprising is the sector was least affected by a public sector. They would disagree that a lack of trust discourages citizens to be active online. So there is still uptake. A secured incident has a brief impact on online security. One of CCLDs don't help restore trust. They implement technical improvements and we talk about the registry or security locks who is verification, sharing of information, issues in particular to the national certs. Most of them have stepped up collaboration to the public and private sector have given trading to civil servants to registrars and all of them are involved in awareness raising. What is the biggest barrier to increasing trust? It's the four digital democracy . And the one thing that CCLD can do is, of course, education, education and education. Making sure that the awareness increases and this needs to be a joint effort. We in particular need strong support from (inaudible) as well. As I mentioned the details of this survey will be available on the site of the center later today. Thank you.
>> GIOVANNI SEPPIA: Thank you, Peter. Andre, (inaudible), Alberto, the floor is yours. If you can share some of the actions that you are doing, some of the best practices and some examples. Yeah? Please.
>> Hello, everyone. I am NG. It is (inaudible). So we do really care about cybersecurity and we try to dominate our system by having technical solutions. First one is implementing (inaudible) in 2013. The second one we launched a registry log in 2014. And the third one is Rdepth Pertico. We also know who is (inaudible) registry information by online who is Pertico is very simple. So contributes a lot to create a new international standard of the next generation with Pertico. We call it Rdepth registration data access. And (inaudible) three RCs. One of it is defined the securities series of R den. It is responsible for the open source project of R den implementation.
The first one is anti‑phishing alliance of China called APNIC. We establish these lines in 2008 and we have more than five hindered members and we use our anti‑phishing system to try to identify any phishing sites. In 2004, they identified more than 2,000 phishing sites and only 80% of sites were using (inaudible). And the second national domain name and we initiated this in 2012. We viewed this per wider platform and we can coordinate with (inaudible) in China and other industry company and we can share things related with information and we can share some resources to try to put one D DOS attack. It makes sense. I suggest maybe we can consider such aligns to be international aligns and we try to make more cooperation between countries. That's all. Thanks.
>> GIOVANNI SEPPIA: Thank you so much. Alberto?
>> ALBERTO: Thank you. I work for the Spanish registry that is managed by a government agency called Rid TS in charge of the internet. So in CCLDs, there are many models that work very fine. We say one size does not fit all, but I want to share experience from a registry managed by the government. This has pros and cons, but I think it's good for the topic of this meeting restoring trust in digital services and society because we have a (inaudible) ready to promote Internet in the country. So the organization assessed is government agency with other ministries with local administration, private companies and civil society in many areas beyond the registry of DTS. In the registry itself, we think that being managed by the government provides static in this environment with new registries. Some of them bound to fail. In this case, the registry are going to be saved. In fact, any income generated comes back to the community through the different programs.
So DS promoting Internet in administration like in hospitals, schools or universities or also e‑Commerce and small‑medium sized companies. The registry as such benefits a lot from the change of information among registries. So these best practices help us to launch new services and products and take example from our colleagues.
So we have it implemented with a lot of valuable input from our colleagues. We are also about to launch a registry lock. We cooperate with issues like anti‑phishing. So quite similar with how they told and this is normal because we are trying to keep up with this good practice of other colleagues. Then we are trying to keep a good balance between privacy and secured in the sense that we provide for individuals only the minimum contact. But we allow law enforcement agencies to access more data if needed. And regarding take down practices and reaction, our view is slightly different to that of some of our colleagues. We coincide with them we are not here to (inaudible) content. We are not into that business and we are not doing it, but our understanding is the same way we have reached an agreement with other organizations like (inaudible) to decide what's in breach of direct property or off a trademark log.
We have ‑‑ we also accept input from other government agencies about when they think there are issues with other aspects. So we are not taking decisions, but we are incorporating closely. The national agency for (inaudible) about whether some legal things are being sold online or whether there is illegal online gaming. There are essential bodies that react online and also do it online, the same way. We follow instructions and we have no responsibility. We are not accessing those contents. But once they have taken a decision, we're trying to be efficient request the limitations about how effective the mechanisms are. We think that we try to be reactive and to see as cooperating and try to get a safer Internet. Then also briefly mention some other activities of (inaudible) not related to the registry. It manages national cert for individuals and smaller and medium sized companies. We are close to them. They will be obtained from this corporation. We have the national observer toy and information society that makes a status and reports and also proposes for the government also related to trust in the detail environment. And then we also manage the research and education network.
For example, we have here in Europe wide initiative to get certificates with a flat rate that allow us to increase security in communications because we provide details certificates for free to the universities and research centers. So it is an interesting experience that I think could be used for the areas. And also authentication and authorize infrastructures, there is the international and new European (inaudible) so using a federation of identity there is a possibility of using the same credentials to access multiple services having identity providers. In this case, for example, universities and service providers that accept this information. And I think some registries are also working in this field like the check registry.
So being a government agency, we do care a lot and we have different possibilities to try to increase and restore detail, which, of course, is an issue.
>> GIOVANNI SEPPIA: Thank you, Alberto. Andrew?
>> ANDREW SULLIVAN: (inaudible) from Russia CCLD. I want to say business community and government should work together on the issue. I think that the mission of the community is to make this corporation possible. As we know, there are three aspects of the issue. (inaudible) and capacity building and improving LCT for cybersecurity threats. Speaking about the awareness raising, we have a lot of confidence on cyber secured, our local IGF meeting among them. In fact, the security is one of the permanent issues of this meeting. Different meetings on the Internet which we have in Russia. Speaking about building, Russian CCLD have online resources. They're on the internet and interact with government. In this online tool, we have a special part for cybersecurity.
I want to say a few words about our real big project aimed to corporations between business and CCLD community. We have a scope project in 2012. We have a unique resource aimed at making the Russian spacing domain. (inaudible) scope is a corporation among the largest internet service providers in Russia. Interscope was analysis with resources and (inaudible) securities. The project website contains security information and analytical materials with distribution of resources and progress in the exercise of anti‑malicious activity. The website uses again online domain check services and gets reports on where is that malicious activity reported through our project partners. The project partners are engaged in collection and analysis of information about malicious resources on the Internet as well as exchanging variable detail on databases. This activity helps us to make our domains more clean and secure. As a result to make domains more attractive for customers. Thank you.
>> GIOVANNI SEPPIA: Thank you, Andrew. We are really short on time. We have three other people in the panel. And I'd like to ask a question to you Paul, Gregory and Christina. What do you think are the current threats on the digital environment and how the CCLD community to try to make this digital environment safer, cleaner. So please, Gregory and Christine, who likes to take the floor first? Okay, Gregory.
>> GREGORY MOUNIER: Hi, everyone. I am representing the European Intergovernmental organization Eirupol. I can subscribe to most of what has been said and I think in order to restore in the digital environment, we should not only focus on cybersecurity, but trying to make domain names environment mostly (inaudible), but we also need to look on the contribution of crimes and focus on the other side which is to remove the criminals that are behind phishing websites.
So I would very briefly advocate if you have a holistic approach to work closely with the law enforcement community. We have to make an effort to understand your constraint and we have to make an effort to understand your business as well. But I think that we need establish forms and ongoing dialogues between crime investigators, registries and registrars and we understand your environments and so we customize it so you are in a position to help and so really briefly also willing to say that we need to work closely together. I would be very interested to learn a bit more about the project you were talking about on this website.
Do you give access to these websites to the law enforcement communities so they can help you to remove the access behind? I think that we shouldn't under estimate the law enforcements in providing and trusting the digital environment. Thank you.
>> GIOVANNI SEPPIA: Thank you. Cristine?
>> CRISTINE HOEPERS: I am Cristine Hoepers from Brazil. This is more I think a resulted of the whole government structure of governance structure in Brazil. What I think CC(inaudible) around the world date has helped because all people there CCLDs are people for a long time from the Internet were here before the third Internet governance was invented. We are sure that people started using the internet to connect everything. I think although the business and everyone wants to help this Internet of everything, we need to try to talk to people and when we talk about teaching, also teach about the risks and about ‑‑ should we really connect everything on the Internet?
From the discussion from this morning before the smart panel, I think it became more apparent that most of the tensions that we have if we are discussing noticing takedowns, I have to have back doors and I have to do something else. It has a lot to do with that discussion of decisions made by cost to connect everything and to use a public Internet for things that were not prepared to be connected to the public Internet.
Of course the Internet makes it easier to do scamming, to do phishing and other actions and then it goes for a burden of more of ‑‑ there is health of the Internet where everyone needs to do its part. In Brazil, we are doing the part that many of you reported here like Seppia is doing the awareness, is doing the training for professionals, but then we need to help restore the trust on the Internet. Actually trying to understand what's the root cause of all the tensions. And I think part of the root cause is that we are having different interests in there and we are having a lot of people eager to just connect and not understanding what actually you were getting into and what you are getting attention to.
In Brazil, we cannot have a (inaudible) takedown. Legislation said this is not a system that we have, but that doesn't mean they have policies to abuse the (inaudible). What is actually something that is just a dispute of content of free speech or something else. I think there's a lot of things that the CCLD can incorporate and collaborate and that a lot has to do with teaching all the stakeholders about the technical issues and when I saw the representative in parliament saying we need to talk more.
Sometimes we use different languages and maybe we should all learn to talk different languages and be a breach. They have two different roles because sometimes we want the same thing, but we ever implementing different things. And try not to ‑‑ also try to get people out of this whole of using security as an excuse to implement control. We are trying to educate people a locate that there are some things that are in proposal that are control mechanisms. That's not security. So although it is being discuss as an excuse for public safety.
So I think there is a lot of semantics in there and I think everyone in this room has a lot of knowledge to help us out to (inaudible) and make all the terms clearer and make the decision to a next level. Where do we want to be in the future and how do we get there. I think we're all going very well with the technology. They're working for best practices and we're disseminating everything. There is a lot of tension in the policy levels because of misunderstandings that can be happening and because of different agendas. There is more brainstorming to identify what might go wrong and where do we want to go if we want to go right? Thank you.
>> GIOVANNI SEPPIA: Great advice. Great advice. I have the last panelist who will have the longest question. Frederic, don't kill yourself.
>> FREDERIC DONCK: This means we promote with the (inaudible) society. We agreed for security manners, but you will find out on your favorite search NRS. It is more coordination between a (inaudible) and it is preventing propagation of incorrect routing information. What I'd like to show you is the bigger picture, the framework. Whatever we talk or smart trust or cybersecurity, first we need to know what it is we're talking about. What is it we want to secure. It is not very clear in many discussions with policy makers. Are we talking about people? Guys and (inaudible). Second item, we need to remember that the Internet has characteristics that we call in the environments. Those are characteristics we never change. They have global reach integrity. You receive that from wherever you are in the world. You have open standards, et cetera. Those are not the codes or the origin of (inaudible) behaviors on the Internet. Yet, we need to (inaudible) the challenge.
Whenever we talk about security, we need to keep that in mind. This is what was just said. Security and privacy are both sent that just might be achieved at the same time. There are new ways to consider the way to categorically manage risks. So the traditional way was you identify an internal and external race for the company and you try to prevent it. Period. Action. The new way is called outward risk. That's the morph collaborative way. That's something that relates to what Harding called the tragedy of the comments. I would advise you to read this book. So, for security practices, you might compromise computers, your computers in your organizations that you are not the target. So we are all interdependent. There are new ways to manage risk in a collaborative way. So it is just not about preventing a risk that you identify, but it is just realizing that you are complete of (inaudible) systems. That would be my point. Thank you.
>> GIOVANNI SEPPIA: That's a very pragmatic advice. Thank you. I guess time for one more question. I would like to say the first part we were lucky to have Vice President with the commission. Together with (inaudible), they were having a sort of discussion at a very political level to have perceived and the second part has been much more into details and much more practical as we are all having our hands in the business in the domain business. Any last questions to any of the panelists?
>> I have a question for all the panelists, by the way. (Multiple speakers at once) you talked about takedowns several times. It is not our job to judge the content. But about we have to implement decision by court or by (inaudible), we often face a problem because we don't know if we have to delete domain name or to block domain name. One can be (inaudible). So we still not have found the real good solution because if we block it, it's a way of ‑‑ it's the kind of restriction for free level speech in a way because we forbid anyone to use a domain name. If we delete it, it's real ‑‑ it can be reopened in a matter of time. Thank you.
>> GIOVANNI SEPPIA: I would still like to take this question.
>> ALBERTO: I think it's a very relevant question. We try to make them useful, but we have problems with that issue. What we see is closely related to the fact of having reliable data underneath the registrant. If you delete and someone registers again, you can identify who ‑‑ there's someone taking responsibility. If you're getting wrong data once again and the domain is always lighted, then, of course, you're doing nothing. So we're trying to put the emphasis on trying to be more accurate when we're identifying who is behind a registrant so there is someone to take responsibility for that action.
>> GIOVANNI SEPPIA: Thank you, Alberto. Andres, you would like to say somethings?
>> ANDRES: I don't know a good answer to your question, but this time we are putting the code decision each time we need it. If we decide to block it, we'll block. If we decide to (inaudible), we will do that. This is a practice. I think nobody knows good answer and we should work on this issue together. Maybe we can find it. Thank you.
>> GIOVANNI SEPPIA: Thank you, Andres.
We bring the CCLD environment, the CCLD business into the IGF because it is an important element of the Eco system. So my understanding from this workshop is there's a lot of awareness of what has been done and what can be done. I would like to end by sentences which Christine said. We need to find some common language to make sure we cooperate better. The last question that was asked is at some point, you know, there's some actions that are required, but we don't speak the same language and it's not clear what should be implemented. Also, I would like to pick up from the great intervention from the floor about the fact that sometimes politicians should be closer to the operators. Those were in the field. Those are really going to be impacted by (inaudible) or any other action down in a political level by some regulations. So politicians should make an extra step to understand better what the operators, the users really need before they regulate. So it's really the need for having a clear and common language.
I wouldn't say Esperanto of the Internet, but they can make all the parties that involved in the DNS talking together the same language for the end of the advantage of the end users.
With that said, I would like to thank all the panelists. I did not introduce myself. I am Giovanni Seppia. I asked everybody to introduce themselves, but I forgot to introduce myself. Sorry about that. Thank you again for all the panelists. Big applause and to all the CCLDs and all the work they've been doing. See you next year. Bye.
(End of session, )