INTERNET GOVERNANCE FORUM 2010
16 SEPTEMBER 2010
THE ROLE OF INTERNET INTERMEDIARIES IN ADVANCING PUBLIC POLICY OBJECTIVES
Note: The following is the output of the real-time captioning taken during Fifth Meeting of the IGF, in Vilnius. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.
>> KARINE PERSET: Good afternoon everybody. I'm Karine Perset, from the OECD. And I'd like to quickly introduce the OECD's project on Internet intermediaries. We want to talk about the economic and social function, benefits and costs and social responsibilities or potential roles. Now, the definition that we have proposed, which is a working definition, is that Internet intermediaries bring together or facilitate transactions between third parties on the Internet. They give access to, host, transmit and index content originated by third parties or in some cases they provide Internet based services to third parties.
We have identified six main categories of Internet intermediaries that include Internet Service Provider, hosting provider, search engine, e-commerce intermediaries, eCommerce platforms, payment providers as well as participative networking platforms.
Now, for this workshop, I I think it's important to stress that our focus is not on the responsibilities of intermediaries for their own action, commercial or otherwise. But instead, really about whether and which type was roles or responsibilities they might have for the content or for the activities of third-party users of their platforms.
The main Question is to what extent should Internet intermediaries who own and operate Internet platforms be responsible for the content that is originated by third-party users? Or, on the contrary, how far should this responsibility remain with the original content author or provider?
And then, how does the answer to this Question impact the development of the Internet and of the role of the Internet in our economies and societies?
For example, imposing liability on or other responsibilities on intermediaries for content created by third parties can raise risks to free speech, to privacy, to innovation or competition. But on the other hand, if only the content provider and not the intermediary is held responsible, then there is the question of whether it is still possible to control the dissemination of illegal, undesirable or infringing content on the Internet.
So, these are issues that all governments increasingly are having to grapple with today. And so the workshop is really about the very difficult but critical balancing act needed of, on the one hand, protecting intermediary functions that are socially, economically or politically valuable, but at the same time taking into account other potentially competing policy goal the, such as protecting privacy, security, intellectual property rights or consumers.
The main goal of the OECD's project and of today's workshop that is going to feed into our project is to discuss good practices that should be taken into account by governments when they devise policies involve Internet intermediaries. For example, important values such as freedom of expression, and we have come up with some draft good practices that I hope we will have time to discuss. We will be talking about them directly or indirectly in the workshops and the panelists' interventions, and then hopefully if time allows more specifically in the discussion afterwards.
So, that said, apologies for the long introduction. Our first speaker is Lilian Edwards, who is a professor of Internet law at the University of Sheffield. Hi Lilian.
Would you be able to provide us with some background on the issue of intermediary liability? We would love for you to give us a broad but slightly brief overview of major ways in which legal frameworks have evolved, have developed, since the early days of the Internet, as they pertain to intermediaries, especially in Europe, which is your area of expertise. But also in the United States. Lilian?
>> LILIAN EDWARDS: Okay, yes, I think I'm going to be speaking for 15 minutes on the evolution of policy in this area, ending up maybe with some important questions for where we are now.
So, the liability of intermediary, has in fact been one of the earliest problems in the emerging law, there was the CompuServe case in 1991 in the USA, very early days. The issue is that there is an inherent risk attached to being an intermediary in the field because you are responsible for transferring large amounts of content. The good phone are copyright infringement, libel, hate speech, defamation and so forth. So there was uncertainty in the emergent ISP sector. This became crucial around the millennium mark with the dot com boom and the Internet was a vital and central part of commerce and social interaction. At this point, particularly I think in Europe, with the European Commission, but also elsewhere, ISPs were marked out, really, as the gatekeepers to the Internet, as the functionaries who really could, perhaps, take an active role in cleaning up the Internet as I've called it. And this was seen as vital for the public interest on various grounds.
There was of course panic around porn, particularly child pornography, access by adult and children. There was the perception that the Internet was full of slib lust or and it put off consumers from engaging in the Internet. So consumer trust was seen as engendered by a better safer Internet and ISPs were pigeonholed as the gatekeepers who could clean up the Internet. The way to do that would be to put liability on them for the content that they did, indeed, host or distribute.
But, at this point, what I sometimes call the ISP sob story emerged was that it was nonetheless unreasonable and inefficient to put liability burdens on ISP, on hosts, for various reasons. Particularly three.
One that they didn't have the ability to control that material. There was just too much. That sometimes it was legally inappropriate for them to control that material. It would involve serious breeches of privacy. It involved opening up the envelope. Conventional mediums, things that we don't like to do.
A second point is that it was unfair to put the burdens on them. It was shooting the messenger, because they were merely the people who delivered the content, they were not responsible for it, and therefore was an inherent unfairness.
Thirdly, there was an instrumental point which is that roundabout the year 2000 and certainly before there was the perception that the Internet market, the ISP, and post hosts, were an emergent sector of industry. And if unreasonable burdens and unlimited and unquantifiable amounts of risk were put on them, then they would disappear. They would fail to innovate or leave the market.
In the case of Europe, there was worry that if European rules were damaging, then they would relocate. They would go offshore to the US and therefore European eCommerce and industry would fall behind. The sob story, the three parts, the lack of practical, ineffective and legal control, the inequity argument and the worry, what the knock-on consequences might be for the industry led to a general feeling around about the year 2000 that a system of immunities for Internet intermediaries was required. And that is what led to -- sorry I'm using two machines here. That is what led to two sets of laws emerging very simultaneously and phrased in very similar terms, which have become very much the de facto international models. And certainly for many developing countries, these are seen as the primary model, even those countries that don't have any current rules about intermediary immunities.
So those first two sets of rules were firstly in -- Europe. The EC directive on eCommerce, effective from 2002, which has as they say horizontal effects in that it deals with all types of material, civil and criminal. So it deals with copyright infringement, pornography, hate speech, libel, et cetera.
The second model was from the US, the digital millennium copyright act which deals with copyright acts only. And that was a second model, which relates only to publication torts effectively. So primarily libel but also negligent misstatement and some other sorts.
So in the case of the EC directive and the DNCA, there are two crucial elements that emerged. You don't talk about a host or ISP is liable. You divide it by functions. Where an ISP acts as a conduit, where its passion on content originated by A and going to B, there is no reason why they should be liable. So there is a general assumption of no liability.
On the other hand, the controversy revolves around hosting. With hosting, it's more difficult because the ISP or the host has the control over that material and what if that is harmful, as for example child pornography. So what emerged from that was the idea of limited liability. Not total immunity and not total liability such as in some countries like China. The idea that the intermediary is not in principle liable. They host it, but if they are put on notice, they are under a duty to take it down. It might be to take down as soon as possible. It might be to take down using all reasonable facility, but that is the general idea. Certainly, I think at least across Europe, it's felt that take down notice is an effective paradigm.
However, since then, the system is falling into some disarray and is under attack. Primarily, I would say, because of the concerns of the copyright industry, the content industry, clearly, again, without getting into the politics of it, the prevalence of downloading and other forms of P to P intermediaries is causing concern to the content industries. Therefore, they are finding that notice and take down for them is not an adequate paradigm. And what they would rather move to and what has been lobbied for particularly in countries like France and the UK as has to move beyond this to what is called notice and disconnection or graduated response, or with three strikes and you're out. So this places ISPs but perhaps also hosts in the position of being what you could call copyright cops. They are not required to remove infringing content on notice, but to take an active role in warning users that they are alleged to be infringing copyright, an active role in monitoring users, perhaps an active role in inspecting content in a detailed way using deep packet inspection. That is the world where we are moving into.
A second area where there is pressures on ISPs and hosts relates to global fears about the prevalence of access to child pornography and other unwanted material, adult material, extreme pornography, hate speech, and indeed pro-terror material, as in pro-Jihad Web sites and so forth. Here we have another driver towards this time the state rather than commerce being interested in moving again to filtering, black listing, filtering, deep packet inspection, rather than post facto notice and take down. So we have political drivers towards developing a filter infrastructure. We see that already in the UK, with the Internet Watch Foundation. We see attempts to introduce such in Australia which may or may not go ahead. And these have obvious problems in terms of freedom of expression and so forth.
A third area, which I think another person on the panel will talk about, which gets less publicity is the idea that we are facing a cybersecurity crisis, and therefore perhaps ISPs especially could perform a role in trying to identify and isolate zombie machines. Now that's a good idea and I think somebody else will talk about it. But it has worries in terms of the potential liability for the ISPs. Can they do this, identify the traffic? What is the implication for their relationship with their subscriber? What are the implications for the privacy and autonomy of their subscriber? How do you identify the good and bad traffic?
So if you summarize on that, both industry and state public interests are driving towards, A, a move from post facto of notice and take down to prior filtering, which I think I can say in a human rights forum.
And, secondly, that we are moving to some extent towards dangers of systems where there is a lack of transparency, where there is scope creep. Where there is a lack of the due process. You'd get in a court system towards the intermediaries, mandated perhaps by the state, making decisions behind closed doors about content.
Finally, I think, yes, let me just very, very quickly, because I know I'm not allowed to take too much time, say that if you go back to the ISP sob story that I described in the first slide, you can see that much has been unpicked. This does not mean that we don't need intermediaries, but it means that it's easy for interesting opposed to intermediary immunities to say we don't need them anymore. Once we said ISPs couldn't take control of content, there was too much, they didn't have the practical ability to remove all the offending content. But that is no longer true. We have seen that YouTube is developing a very successful what was originally called claim your content and now it's called content ID system for rights holders to watermark that their copyright works which can be removed automatically and not uploaded by an automated system. So we are beginning to see the removal of content at volume is practical practical. This software needs the assistance of the rights holders to remove defamatory or pornography content remains impossible within the understanding of the software as I understand it right now.
The second point -- I'll stop in a second. The original story based on inequity was the idea that on one hand you had the ISP and on the other hand you had the content provider and they were completely apart. In the Web 2.0 world what we are seeing is a perception from many state policy influences that they are not complicit. In Web 2.0, YouTube makes its monies from ads which go next to the videos. Google makes money from the ads put next to the search. EBay makes money froms auction items. Now the revenue is intermingled with the content provided by the users in a way that may derail the statement that it's unfair to shoot the messenger. So that is a way of wedging in to intermediary immunities. We no longer see the ISP industry as emergent.
Perhaps they don't need special protections at all. Why should they get special protection that newspapers don't get, for example? That is one argument that you hear.
So if you take all three together, you can say as some do that there is room to discard or water down ISP and host immunities. But before we do that, we have to think closely not just about what the economic consequences of that, but also the human rights implication, as I tried to infer.
So finally, I'll just leave -- shall I go through these?
>> KARINE PERSET: Quickly.
>> LILIAN EDWARDS: I have answers to all. these are what I see as the key questions going on right now. Do we still need a regime of special immunities? I implied yes.
If we are going to move to an ex-ante paradigm, what rule should be attached to that?
What basic protections will we put in for human rights, for transparency, due process, for freedom of expression?
If we think that we're going to move towards global guidelines, as the OECD is thinking about, do we want to look at at one size fits all regime, like the E comments directives?
Are the risks different between copyright, porn, terror, that they all need different rules? I haven't had time to talk about do we need new sets of rules to the new intermediaries who arrived since 2000, search engine, aggregator, hyperlinker, online auction sites and so forth.
As I say, what are we going to do about human rights scrutiny given that the rules are often developed by states in an economic context that is not particularly recognizing human rights.
>> KARINE PERSET: Thank you Lilian.
>> KARINE PERSET: I think that was a great and broad overview that gives a really good idea of developments over the past ten, fifteen, 20 years.
Now, I'd like to turn to our next speaker, Marc Berejka, who is Senior Policy Advisor at the Office of the secretary at United States Department of Commerce.
And so Marc, one of the issues that people always talk about when -- in the topic of Internet intermediary is the need to protect the liabilities of intermediaries for the acts of third parties. Lilian talked about the historical development of it. What is your view on this? Do you think things have changed as Lilian has tended to think they have? At least in Europe, how would this -- what would potential impacts on innovation be of such a change? Because if they're not protected, intermediaries' liability could be basically unlimited and this could potentially harm innovation and prevent new services and business models being tested out.
So, Marc, what are your views on that from the United States perspective?
>> MARC BEREJKA: Thank you, Karine. And I thought you did a phenomenal job of sweeping over the landscape. I can go more into the US perspective, flesh out what Lilian talked about in terms of the development of US law, and then touch on the pressures we see.
The US went through the debate over intermediary liability, back then we didn't call it that. Back in 1995, in '4 and '95, the country was in the process of revamping its telecommunications law, with the hope of creating more competitive markets in long distance phone service. But at that time, the Internet was emergent, and so a few pieces of the Internet specific legislation crept their way into the updating of the telecommunications act, one of which was section 230 of this communications decency set of provisions that Lilian referred to. In the US context it's important to understand that when you're amending the communications act, you're attempting to choose among paradigms. Under the US communications act, before 95, '96, one paradigm was the common carrier paradigm. And common carriers have extraordinarily strong limitations on their liability. And that is a phenomenally good thing, that common carriers, phone company, not be held liable for the content of the phone conversations that take place on their wires.
Another part of the US Communications Act is made up of our broadcasting provisions. And there, the paradigm is different. The broadcasters do control the content. And so do bear some liability or responsibility for it.
So, back in '95, '96, the question was well what do you do about the new things? What do you do about the CompuServes of the day that were challenged in court for the content posted by their customers?
And the policymakers at that time created a term not ISP, not intermediary, but a unique term, interactive computer services. And they branded interactive computer services a very sweeping immunity from liability for the conduct of their customers. In the US, our Immunity dates back to January or February of 1996 and is extraordinarily broad.
At that time, you know, the services that were available were basic Internet access, maybe Internet chat, maybe some rudimentary e-mail. But the courts in subsequent years took on additional cases and read into the act even broader immunities, so that a company like eBay, that hosts the auctioning of items posted by third parties, was also considered an interactive computer service provider, and also immune from liability from the actions of its users.
And from a U.S. Perspective, the foundational law and subsequent court decisions were a boon and a boon to innovation. And as a result, you've seen platforms, hosting companies, of all sorts grow up and become enormously successful as businesses, enormously successful as facilitators of speech, and they have become successful globally.
Many, many, many of the intermediaries that are among the most prominent in the world are US based and in part they may be US based because of the foundational legal regime.
There are limited exceptions. The Digital Millennium Copyright Act that was referred to places unique responsibilities on ISPs to take down copyrighted works. And there is also the chronic challenge of combating child porn. But generally speaking, the US legal regime is very generous to interactive computer service providers, and we think as a result we have had tremendous economic successes and also our companies have enabled an extraordinary amount of speech globally. I agree that the system is under pressure and it's under pressure domestically in the U.S. it's hard for me, spending most of my time in the US, to have a palpable feel for how much pressure there is in other parts of the world.
But, in the US, there is pressure from the content community, as Lilian indicated. The content community when they signed up to the digital millennium act, they would send a note to the ISP, and the ISP would take down the offending infringing content. The pirates are nimble and fast. Nowadays, notice and take down for the content community in the US has proven to be of very limited value.
That said, rather than challenge the fundamental law and seek changes in the immunity and liability regime, the content community at least for now in the US, and this is a position supported by the US administration, is pursuing negotiated arrangements with key ISPs, to see what they can collectively do to more effectively combat online piracy. And the technology that Google developed and that Lilian mentioned is an outgrowth of that type of collaborative approach. Even if it's collaborative within a somewhat politicized crucible, we are under pressure. In the United States we have seen the extraordinary benefits ample Immunities so we are very reluctant to alter our approach.
So that is the US perspective. If I could add just one thing, it's that in the US we also appreciate that the pressures that ISPs or intermediaries face overseas from other jurisdictions have a greater impact on our enterprises nowadays than they did in, say, 1996. And you have certain countries that are pressuring US based organisations to engage in exAnti censureship. You have other pressures on ISPs to be more involved in combating pornography.
In the US, because of our first amendment, it's really not much of a pressure point for ISPs, at least from the government's perspective.
And so as we look out over the broader landscape, the global landscape, the question we are chewing on at the commerce Department is that while all is well and good for us to work with the Immunity regimes and the stakeholders domestically to deal with the pressures being created, what do we do to, dare I say, harmonize or sustain some notion of a harmonized approach, globally, given the tensions that Lilian mentioned? I think it's really going to be a challenge. I don't have an answer to that question. Maybe we will poke around on possible answers during the rest of this workshop.
I would just close by saying that at the commerce Department, the US Commerce Department, we formed an Internet policy task force. It's sort of an echo of the commerce Department's role under the Clinton administration in helping to develop leading thoughts around Internet policy. And this is -- and our Internet policy task force has taken on this question as one of the questions that we hope to address over the coming months.
>> KARINE PERSET: Thank you Marc, that was very interest
So, Joe, business as a community might not always agree on some of the issues we're discussing today. But, could you tell us from your perspective about some of the positions that all of your business stakeholders are able to agree on? For example, on the need to consider the role of all relevant stakeholders, and bring all relevant stakeholders to the negotiating tables, rather than just intermediaries. And also, for example the need to consider the differences between the different types of intermediaries, the different types of policy issues, and the different sizes of various intermediaries.
>> JOSEPH ALHADEFF: I was thinking maybe you just should keep going, you were doing a good job.
After Marc's comments I was having flashbacks on the White Paper on e-commerce. Excuse me for being absent for a second in my mind. Thank you, Karine. It's absolutely true, there are different interests at stake, there are different business models. And as highlighted in the overview presentation, the concept of an ISP as the what was an intermediary is now much broader than just an ISP. But it's not just intermediaries, there is an entire system of players in this mix. Intermediaries are positioned in a fashion that may make them seem more attractive to deal with an issue than others, but you have to consider the supply chain. You have to go through the consumer to the various places information is housed and the lifecycle and consider all of the elements. As we face some of the broad issues, you can only really deal with them at the ecosystem level. At that point, though, one has to understand that there are things that can be done, if one is an intermediary, but just that you understand that in the context that they are not the only ones that have to do things. This is a shared responsibility across the ecosystem, and to take a tenet that was involved in the OECD security guideline, each has responsibility according to their role. And that is the concept that we have to figure out how to come to terms with. Because there is this concept somehow that as you find choke points, that's where you want to exert all the control.
But the choke points are only appropriate for some of the control. So getting that balance right is where you sometimes find disagreements and sometimes find that not all harmony can be found.
At the same point, you have different secondary issues, so some of them may sound more telecom or ISP oriented than they do in a generic fashion. So you have to consider what practices and how they are applied.
So when you think about what is appropriate to apply and you think about what are good practices, I use the word "Good" intentionally, because "Best" indicates that there is one set of practices across all entities. But "good" means that there are appropriate practices, based on what your position is.
So, you know, we have to consider the size of the enterprise, the type of work they're engaged in and the nature of the information that might be available on that enterprise and in their business role. As we look at these issues, this is what meets the context of the opportunity for them to provide some level of control and to have some level of impact.
As Marc was saying, times have changed and the immediacy of information may make some prescriptions that we had in the past less effective than they used to be. We are looking at the ad hoc agreements to see how new accommodations can be reached that share the equities across all parties on how to deal with the issues. In many ways we're dealing with an area of shifting Sands. It's an interesting time for the OECD to start discussion on the roles of intermediaries, because it is this concept of the term "Intermediary" is now used overbroadly at times, and it's ill defined. So we have to be aware that as we go down this path, we don't over include in the concept and we don't over prescribe to those people who are in the State of intermediaries.
I don't think we're going to see, especially as technology and business models are shifting, that there is necessarily complete harmony going forward or that the prospect for complete harmony is any better than it is now. I think we will continue to see the need for adaptation. I think what we want to see going forward as much as possible is this constructive dialog that continues to happen both within the community of intermediaries, from content owners with intermediaries and across the broad ecosystem. So that there is an understanding of what the problem is, there is an understanding of what the solution could be, and there is a way to talk about the solution in the narrowist terms necessary to meet the requirements of the problem. What we do find in this space is there is a great opportunity and, unfortunately, some unintended consequences of well intended approaches to solutions. The more we can have the dialogs and interchanges, the better we are to make sure that the unintended consequences don't occur, that we tailor the solution in an appropriate fashion that doesn't create undue burden and respect the equities of all sides.
>> KARINE PERSET: Thank you, Joe.
I guess I'd like to save my follow-up questions for you to the discussion of the good practices, not the best practice, the good practices we proposed.
So, our next speaker is Anne-Lena Straumdal, who is a senior advisor or the Norwegian government. And being from the government yourself, I was hoping you could give us a more concrete perspective on some of the things that you think are most important when governments consider involving intermediaries and enforcing Public Policy goals.
So, for example, how concretely would a specific part of government go about involving other relevant parts of governments as well as other relevant stakeholders?
>> ANNE-LENA STRAUMDAL: Thank you, Karine. This is okay?
Okay. I'll get closer.
Well, first of all, coming from the ministry in Norway, which is responsible for coordinating the ICT policy across sector, who oversees the work that OECD does, it's important to follow up. One important thing is to acknowledge the role that intermediaries play in the Internet economy, regardless of whether we should find it liable in certain areas. They play a crucial role in how we use the Internet, how we perform business online, how we live our lives and how we communicate. So they are an important part of the Internet.
And in order to make that assumption, you need to know the statistics and who the intermediaries are and how they operate and what are the business models, and to what extent they interfere with the Public Policy goals. Maybe I can just briefly mention, I don't think there are anything that we have any Public Policy goals that are any different from other countries. But it might be useful to join in this respect, coming from the government.
So, the most important ICT goals is of course ensuring security and trust, keeping a resilient infrastructure in place, ensuring freedom of speech, Democratic engagement, and involvement. And to ensure that the Internet remains an open and nondiscriminatory platform for all types of content distribution.
And maybe even more important, to ensure that innovation and creativity can keep up, we can stimulate innovation and creativity. Also, the digital way that people are able to use the Internet to all the purposes that they like and to stimulate growth and also in accordance with overall Democratic goals.
So, in order to perform a policy that is well in place for all this to happen, we need to be aware of the Internet economy, what it looks like. We need to be able to some extent to paint the broad picture, even though it might seem a bit overwhelming and difficult to handle.
It was mentioned during another workshop earlier today the need to speak about this issue in a way that we can convey it to our colleagues and to our politicians why there is an important area to focus on, because it tends to become a bit technological or legal in some extents. So, it's also an important thing to do.
And given that we know more or less or get the picture of who the actors are, which is extremely important when dealing with the policy in this area, so to make room, to make arenas for dialog and open discussions about the development, what kinds of trends are we seeing in the society today? And how may we, the government, facilitate the actors in performing their jobs for the best way.
And a couple of days ago, we had a meeting in the ministry, where we invited some representative from the media industry from the telecommunications sector, and the ICT industry, just to have a broad discussion not about intermediaries per se, but how to deal with the digital content development. And we see that businesses are struggling to find business models that help them in achieving their goals.
And we are also wondering from a governmental role, what should our role be? Is there any way we can help in transforming this development in a positive manner? Of course we didn't get any answers or concrete feedback, but what they say which is important, it's important that someone has an overall agenda on this topic to be able to handle it from a national point of view, be able to see the big pictures.
And they also reflected a bit about when talking about the issues regarding digital content, regarding new business models, regarding some of the issues that are discussed here today, everybody seems to be struggling a bit to find their way. They always say when they approach people from government representatives or whatever, they say they often met with the notion of well, we hear what you're saying, but I'm afraid it doesn't fit with the way we are organised.
So that shows that it's important to be able to also address the specific questions, when they come. For instance, we also have a closed dialog with the other ministries who are responsible for the more sectoral things such as for transportation and culture and media, to name a few.
And I can briefly mention an example of an initiative that has been initiated from the government dealing with preventing -- helping people who feel that they are online, their personal information online is a violation and they need help to get the information completed or removed or altered in any way. It's a service that is set up within the data protection agency. And it handles requests from individuals who feel that their previous information has been violated online. And they try to help them to navigate from this landscape from a consumer point of view. Who should you contact when someone is putting on a false profile on Facebook in your name. And you had nothing to do with it. Maybe the picture is the information but it's on there. So it's kind of a low threshold, help to deal with this concrete question.
And then their experiences have been very well so far. And they also say that it's not that easy to get in contact with, for instance, Facebook or YouTube or Google for that matter in certain cases.
So it is possible to contact certain intermediaries when you need to do that. So I guess it's kind of a -- what you need to do is just to realise that this is difficult but an important issue, intermediaries in the national policy agenda. Let's make sure it's on the agenda, even though we don't have all of the answers, but make sure that we have a good knowledge base so that we can form the initiatives based upon them.
>> KARINE PERSET: I had a quick follow-up question. It's a bit broad. But I was wondering if, you know in a few words, how you would sum up from your perspective, from the Norwegian government perspective, the appropriate role of government in setting up these types of initiatives.
>> ANNE-LENA STRAUMDAL: Thank you for that broad question. I think the most important is to know the issues that we're dealing with, to know the intermediaries, the actors that are responsible for maintaining the Internet as we know it today, to make sure that we have the actors in place and that we are able to have a dialog with them.
And when needed, to make sure that we have hard laws in place or in other circumstances to cooperate with the actors.
For instance, protecting children online has been an issue that has been discussed during this workshop, which is one example of how the government is very much cooperating with the private actors. And all different kinds of social network sites that have been popped up recently, and which kids especially now today are using to a broad extent. And that is also a way to cooperate with the actors in place. But I guess the most important thing is to, when you make some legal measurements, be sure that that is the right thing to do, so that we don't do anything that might impose the innovation and activity and maybe go online for the actions that are influences the society and the people that use it.
>> KARINE PERSET: Thank you. Our next speaker was -- is Mark MacCarthy, but apparently he is having trouble connecting to the videoconferencing facilities. He should be here before the end of the panel.
But I would like to suggest that we go directly to Pedro Less Andrade, who is senior policy counsel for Latin America at Google.
If that's okay with you, Pedro.
>> PEDRO LESS ANDRADE: Yes.
>> KARINE PERSET: Could you tell us a bit about how Google came up with content ID? That is something that a lot of speakers have brought up as an innovative kind of private sector solution to a number of issues. From what we understand, it seems -- it applies to content that is copyright protected on YouTube. Could you tell us a bit about how it workS, how it innovates and how it solves some of the issues that YouTube and rightholders might have had in the past? And I'll have a follow-up question, which I'll ask you now, which is because you represent Google in Latin America, maybe you'd also like to say a word about the latest Chilean copyright reform and how the take down is an improvement over other notice and take down regimes that exist out there.
>> PEDRO LESS ANDRADE: Thank you. Well, in connection with the tools to foster the growth of the economy in terms of the role of Internet intermediaries, and I think here we have a very interesting question, that is how to enable new online Internet intermediaries that can spur economic growth and innovation and change. And also prevent litigation that has a very hampering effect on that growth, especially in a downturn.
We came up with, as an example of this, we came up with the idea of BDID. In this case, Google considers that the most effective way to improve access to content and the interests on the online environment is to develop this content service that will meet consumer expectation, but we will give a chance to the different copyright holders to make informative decisions of what they want to do with their content. And this has to do with the option that, right now, copyright holders has within YouTube when they find out that their content has been misused by a user. So they have the tool to track this content. And when they finally take a decision over it, they want to keep it and let the user use it and maybe track the use to find out how this may have an effect, how the people will react to that content.
They have the option also to block it. They can say this is content I don't want to be up there. So they have the options to monetize it and say okay, somebody applauded but I have a chance to share the revenue and I find a new channel of contribution. And well, I'll also benefit from this action.
So this was a -- this was the -- the idea behind content ID. Give options to the copyright holders, and also go away from this idea that we have the copyright industry on one side and the Internet industry in the other. Those are totally complementary industries.
And we have been witnesses of this before, if we go back to the '80s, when the BCR came up. At the beginning, I don't know if you remember the Sony Betamark case. With the BCR, there was a lot of tension and pressure from the copyright industry and the broadcasting industry when this device came up. They said well, this is going to be the end of our industry, because everybody will start to copy our programming. At the end of the day, it was a great complement and technology that allows it and a new market flourished that gives a lot of revenue to the content industry.
So how BDID works. It takes characters of the video that is uploaded. We need the help of the copyright holder for this. The copyright holder should provide us this, the videos that they want to track within the system. So they apply this algorithm. They call this hash. And then every time that a similar video is uploaded to YouTube, we made a compilation of this hash with the new video, and we can make this match and give them -- give the choice to the copyright holder to make a decision on that. The system works well, even if it's not 100 percent accurate, there are different qualities of video and different fragments of videos, and it can work with different audio practices also. So it's working very well, we are very satisfied with that.
Well, this is one side of the concerns about illegal or infringing content on the Web.
I would like to make a note, at the beginning we listened to the first presentation, they said well, the concept of not shoot the messenger change because there are new solutions out there that looks like the Internet intermediaries might be more involved. This don'ts change the equation.
In fact, the possibility that the intermediaries has Immunities will help them to develop new collaborative technologies to help the content industry. And it's -- it's a result of the system of the limitation of liabilities that the investments are put in devising new technologies, rather than hiring lawyers. So it's opposite, what they are doing here.
In connection with other ways to collaborate, there are other examples. And this is the case of Chile. This year they enacted the first copyright forum after the Internet. And this is important, because it was the first copyright reform that considered the Internet effects. This is very related with activity of the Internet intermediaries, most of the activities has to do with copying. Most of the time a search engine also needs a way to copy content and show it and index it. And this is usually protected by fair use.
And this fair use exception is one of the first ones outside the US and the first one in Latin America.
And in terms of limitation of liability, what Chile did was device a system of notice -- a forward of notice and judicial take down. We see this as an improvement of the system of the DMCA, section 5 12 of the DMCA, because it has the first part that is a collaboration from the Internet industry with the content industry.
So, the system was like this. If you have a copyright holder that finds out copy that might be infringe, the copyright holder should send a notice to the ISP. The ISP receives the notice. And it's only obligation is to forward such notice to the user. The user then has a choice to obey this notice and maybe say well, I got busted, I did something wrong and it's better for me to stop this, because this might carry some consequences, legal consequences, or he can ignore it or he can reply to the copyright holder and give an explanation that he is covered under fair use.
And the difference is that the Internet provider only has to forward the notice and not provide personal information about the user. At this stage, there is supposedly infringement. There is nothing proved that there is a real infringement.
And for the copyright industries, it's very important, because it helps to tackle a big problem that has to do with peer-to-peer file sharing.
And then if the user refuses to take an action, then the the copyright holder has to go to court, and ask for an injunction in order to take down the content. Also, this implies that it's a very expedited process of 72 hours, that this should take to analyze this.
And there are also another obligation that we have seen on another legislation, like the European eCommerce directive is that there is no obligation to monitor or perform active searches. And it also set out a very good -- a very good standard in terms of termination of user accounts. Because they are limited to very specific situations, the ability of a Judge to order the termination of an account of a repeated infringer. And this is -- one of the very important words in here is that the Judge will take this decision if there are not other options that are less restrictive, either to the ISPs, and to the other rights that are associated -- that this user could exercise through the Internet.
Then there is the temporary reproduction exception, that is similar to the one that exists in Article 5.1 of the European commerce directive. And there is something interested about the performing rise of the organisations, and this law also states a mandatory mediation process for the setting up of the fees of these performing arts organisations.
So this is a set up of principles -- well, they are a result of the holders of negotiations and the analysis of the bill, because they are all representative. We have the private sector, the government here, and it seems like they can came up with a very good solution here.
>> KARINE PERSET: Thank you Pedro. Is Mark MacCarthy online yet? No.
So, I propose that we move forward with Brenton Thomas, if that is all right with you, Brenton.
Brenton is assistant secretary, spectrum and wireless services/networks policy and regulation at the Australian government.
Brenton, Lilian mentioned briefly the move towards ISPs providing on -- or a general expectation of ISPs providing improved security to subscribers in their networks. Could you tell us a little bit about the Australian experience in setting up the Australian Internet security initiative? We understand that in the system, the ISPs warned subscribers whose computers are suspected of being infected with malware, and that's their main role is simply notifying their subscribers of this possible infection.
So in particular it would be interested for us to hear about, in this set up, what are the respective roles of the government of the Australian government, of the ISPs, and the ISP association and of any other relevant stakeholders.
>> BRENTON THOMAS: Thank you. I think also, in answering this question, and giving a very brief example of how the Internet security initiative was set out, I'd ask you to bear in mind that this is, in fact, an example, and no doubt one of many examples, of why governments and the industry and Internet intermediaries in particular can work together to get a good outcome. And that shouldn't really be a surprise to any of us. Because as the Internet has grown, the people that are asking questions of government and the people that are taking services from the Internet industry are one in the same. So, to get an outcome that pleases these people from both organisations, both from government and from industry, should not really be a surprise to us and shouldn't be regarded to something that is impossible. Sometimes it's difficult but certainly not impossible. Because ultimately there is the same interest in providing a service to the general public.
So just very quickly, as Karine mentioned, my Department started work with our communications regulator about five years ago on identifying a system that would allow us to monitor traffic flows, no specific information, no individual information from operations of individuals, but simply traffic flows. Over the Internet. And the purpose of this was to select information, we hoped, about malicious software or Botnet behavior. And using this to provide daily reports to service providers who could consider what reaction they could take with this information to their individual customers. There was no obligation or requirement here. It was simply about providing information to the Internet Service Providers, so that they could then take that initiative.
The AISI, Australian Internet Security Initiative, was tried in November of 2005, with only six ISPs. It was considered at the time to be a success. We certainly started to gather a large amount of information, which was proven to be quite useful in allowing those particular ISPs to go to their customers and say you may have a problem with your computer. You may wish to do something about it in terms of what might be operating on your computer. It's been successful. Now we have 78 organisations that receive the report from the AISI, including the largest ISPs in Australia. Clearly they are finding it of great value and they are finding it of great Val tu to their customers.
We are pleased that we have a voluntary mechanism that is working well to allow the Internet Service Providers to respond in a proactive way with their customers.
By doing this, we're responding to the growing menace of spywares, et cetera, and it fits our broader objectives as a nation and it responds well to the ongoing public expectations that their elected officials and their service providers will actually do something about the problems that they face in an online environment.
In a connective initiative, there was a cybersecurity code of practice to ensure that there was consistency in cybersecurity messages provided between the ISPs and their customers. This was proposed by the ISPs themselves.
This was written by our Attorney General's Department, law enforcement agency, and with my Department, again, and others. And the code provides flexibility in the way that the ISPs implement particular cybersecurity issues. But, also, allows for some consistency in the messaging that actually goes out to customers. The code has not come into operation yet. It will come into operation on 1 December this year. And then it will be reviewed after 12 months of operation.
But in essence it contains four elements. Notification and management system for compromised computers. Standardized resource for end users. A way for ISPs to get the latest information. And a reporting mechanism, in cases of extreme threat, back to the Australia Cert to indicate a national high level view of an attack status.
This strengthens the link between the government and ISP, and it's been a good mechanism to allow us to interact on a regular basis and support each other as I mentioned at the very beginning, a process that is ultimately about serving the exact same people that we're both interested in helping, and that is the general public and their customers.
>> KARINE PERSET: Thank you. We finally have mark online from Washington, D.C. Mark MacCarthy. He is a professor at Georgetown University.
Let's try to catch him on the screen.
Let's try to catch him on the screen.
Let's try to catch him on the screen.
>> KARINE PERSET: That doesn't sound like Mark.
That doesn't sound like Mark.
(Echo: This doesn't sound like Mark)
That doesn't sound like Mark.
>> MARK MacCARTHY: All right. I can see your room. And I'm talking. But I can't --
>> KARINE PERSET: Maybe you could click on the video, on the top.
>> MARK MacCARTHY: Are you getting an echo now?
>> KARINE PERSET: Maybe you could click on the video. On the top right-hand side. (Echoing)
>> MARK MacCARTHY: The wonders of technology.
>> KARINE PERSET: Higher. (Echo: Higher)
>> MARK MacCARTHY: Am I visible?
>> KARINE PERSET: Hello, Mark. Nice to see you.
>> MARK MacCARTHY: You can see me now?
>> KARINE PERSET: Hello, Mark, it's nice to see you.
>> MARK MacCARTHY: Am I audible?
>> KARINE PERSET: Well, the technology is not perfect, but it's nice to see you. Well, the technology is not perfect, but it's nice to see you.
So let me be quick, Mark. He is a professor at Georgetown University. Mark, could you give us some of the general lessons that you've learned from your experience at Visa. Mark was in charge of Public Policy at Visa for a long time and is now a professor at Georgetown, doing a lot of research on the costs and benefits of involving Internet intermediaries. And also we would like to ask you to tell us from your perspective what kind of extra research and extra data might be needed to research these types of issues more fully and in a more evidence based way. (Laughter)
>> MARK MacCARTHY: Well, unless people tell me to stop talking, I'll start talking.
>>KARINE PERSET: Go ahead, Mark.
>> MARK MacCARTHY: Well, here we go. Well, I had a more sophisticated conversation at this point. But I want to remind people why people have turned to intermediaries to begin with to address Public Policy issues.
The basic insight is that indirect liability of some Form for Internet intermediaries (Off microphone.) So if you have an issue with people (Off microphone.)
I said before that I was very impressed with the success of using payment systems (Off microphone.) Unauthorized use, the policy of making payment systems and financial (Off microphone.) Responsible for unauthorized use of payment systems was a way of putting the liability on the entity that was most able to innovate to resolve the problem.
So if -- this has to do with a dynamic point of view as well as the static point of view. But there are two caveats that you have to keep in mind when thinking about this economic perspective. One, Internet intermediaries are good at finding people.
>> MARK MacCARTHY: I'm getting feedback here. Particularly of finding the people who were involved in potentially legal actions are not the best people to discern if the entity itself is legal. Government determinations are really the best way to go in this kind of circumstance. If you rely on intermediaries themselves to make these subjective determinations of the legality, you are putting a burden on them. I just think that copyright, there is no way that an ISP really knows whether something is involved in a copyright infringement. (Off microphone.) Intermediaries should not be responsible for figuring something like that out.
Things like deformation and -- defamation and (Off microphone.) It seems difficult for a Web site operator to know whether (Off microphone.) So the idea of using intermeed (Off microphone.) But one caveat -- (Off microphone.)
The second caveat is that you have this idea (Off microphone.) You have to do a full analysis (Off microphone.) In particular you have to make sure that the entities (Off microphone.) If you pose a cost on the intermediary, they save a million dollars (Off microphone.) But the cost to the intermediaries
(Off microphone.) and that means, my second point is that assuming you have any assign am of liability in the private sector entities, Public Policies, and really compile a payment, substantially, a record of the cost (Off microphone.) In many cases parties are already involved in taking steps to resolve the issues. And the incremental advantages of the liabilities have to be weighed against the status quo. The size of the problem has to be done as well. Saying that there are some copies here, there must be some quantification.
So these -- we'll stop there, I'm not sure of the extent that I'll be able to engage in this conversation back and forth, but I'll be available here to engage in the discussions regarding the technology involved.
>> KARINE PERSET: Thanks, Mark. That was very good. You're slightly more articulate in real life, but that was good enough. We understood what you were saying.
Now, I'd like to pass the floor on to Kurt, who is a senior staff attorney at Electronic Frontier Foundation, and he is going to be speaking with Gwen Hinze, who is participating remotely, I'm not sure in what order, probably Kurt first and Gwen --
>> KURT OSPAHL: Gwen first.
>> KARINE PERSET: Gwen is international Director of EFF, in California. Kudos to her. It's extremely early for her. It's about 5 a.m., so she is very brave to be participating with us.
Gwen is representing the Civil Society Information, information society advisor counsel to the OECD's committee that deals with ICT policy. And we would like to ask her to tell us about her view of the role of protecting privacy and the balance of legal, policy and legal frameworks that affect citizens fundamental rights, all issues that are dear to EFF. Gwen?
>> GWEN HINZE: Can you hear me now?
(Remote participant. Not audible)
>> GWEN HINZE: I want to clarify that today I'm speaking as a representative of the Electronic Frontier Foundation. But (Off microphone.) I want to provide insight from the (Off microphone.) Point of view about (Off microphone.)
>> KARINE PERSET: Okay, we will try to wait for Gwen to resolve the echo issues. Okay. I'm going to risk talking. Okay. It sounds lk okay.
So, anyways, Gwen was meant to speak first and Kurt was going to react to her comments. But, given the technical difficulties, Kurt will be intervening first. And I would like Kurt to ask Kurt to focus more specifically on cost allocation issues, cost allocation between various stakeholders, including intermediaries and other relevant stakeholders, including considering wider social costs that might not be directly or quantifiable in the short-term, but that might be a longer term impact of policies involves intermediaries.
>> KURT OSPAHL: Thank you very much. I'm sorry we could not get most of Gwen's comments, but let me expand on what aspect of what the EFF has been thinking about the important issue of intermediaries and potential liability issues.
And this is a way of looking at the problem of determining fair and efficient arrangements for cost sharing and allocation. And then a good practice has to consider the overall social cost and externalities, especially the costs to the users, a cost to their freedom expression, the free flow of information that users receive by receiving the information the cost to user privacy and the cost to innovation.
And so the social costs have to include any costs that arise from mistakes or over reaction by the intermediary. The goal being to simply minimize the costs, but also to maximize social welfare, which necessarily includes considering the social benefits from my scheme of liability or more appropriately Immunity. And this is critical in the development of the Internet. Intermediaries are not positioned to both externalize negative things caused by the users and also to permit positive social outcomes. I'd like to talk about some of the financial costs. Part of the reason for the issue is the underlying economics that fund intermediaries, which are very much dependent upon scale. So the benefit that a service provider receives from an individual post, a particular message or piece of content, is generally a trivial benefit that can be, you know, a fraction of a cent.
And at the same time, the cost of having to deal with a problem that might arise from that piece of content are going to be much higher. The cost of thinking about whether there is an issue will exceed the revenue from that piece of content. And then if you bring liability into the picture, the cost of the liability is generated. So maybe there is only a one in a hundred chance that the material will provide a liability, nevertheless, the ratio of the possibilities of how much you'd have to pay in liability, versus the revenue for that particular content, means that even a one in a hundred chance is very risky.
And so these are some of the reasons why it has been important for the development of the Internet, to provide protections to service providers to allow them to post content.
Now, we have had the Internet, popularized for a couple decades. It's true that it's not an emergent medium, but nevertheless new innovations are still emerging every day. So some Internet service industries are very well established. They have substantial revenues and are often able to handle a variety of costs. You have to consider that start ups are still very important in innovation.
So consider Twitter a couple or five years ago did not exist and now it's one of the most important communication tools for millions of people around the world. Facebook has 500 million users. It was a small project for a university run out of a dorm room just a few years ago.
And the next major innovation in communications and being able to take advantage of the Internet is likely something that we don't know about right now, that is in the mind of somebody who is perhaps in some dorm room, perhaps in some venture capitalist's office, trying to get some funding. But there is still a need for continued innovations. And the small companies don't have the capacity to deal with expensive and heavy regulations. So if you want to still be doing this as a lean start up, you can't as the first order of business hire hundreds of people who are going to be reviewing content and dealing with customer service and compliance issues.
So, even if the larger companies have a technical and financial capacity to do more than they could at start up, the smaller companies would not.
So to keep the pace of innovation so we don't come to a flatter part of the innovation curve, we are still in the same position as we were when the protection laws were first beginning.
And the laws that were just beginning to set forth an Internet industry or trying to develop a small but growing industry, they are going to need these protections even more so than the more mature industry, for example, the United States.
So, a second point is that the policies of the Internet intermediaries, they must take into account the cost of determining whether a right is impaired. This is an extraordinarily difficult problem for a third-party, such as an ISP to determine that it may be impossible in a few cases.
Let's consider defamation. If a user posts that a politician is taking bribes. That would be defamatory if it was false and a valuable position if it was true. The ISP has no way of assessing whether it's true. They don't send out investigators, they don't run a sting. They just have a situation in which one party asserts it and the other person denies it and a piece that is either problematic or useful. Privacy, maybe someone posts something about somebody that could be for someone else. Perhaps the post refers to the sexual orientation of someone else. That could be a closely held secret that is very damaging to reveal and the intermediary has no way of determining that.
Copyright is of course a very big issue in this area and I wanted to give an example, perhaps a little bit outside of the more common examples in the music and video industries that illustrates where it is. Costar and Loopnet are real estate service providers, so they host listings of real estate properties. And one of the things that Costar would do is they would take a picture of the building. And some people who used Costar service also wanted to be listed on Loopnet, and these users would, instead of taking their own photo or doing another one, they would take the Costar photo and put it into the second listing. Costar claimed a copyright and they stated that Loopnet was responsible for the infringing acts of the users.
But this presented an impossible task for Loopnet. They couldn't tell by looking at a picture of a building whether it was taken by Costar or the user. The building looked pretty much the same. And that in that case, the revenue from a listing is perhaps a few dollars, but the infringement can go up to 150,000, if it was determined to be willful. Ultimately, the court decided that Loopnet was not responsible for this. And this was a case which was not under the DMCA, but under US copyright common law, or the copyright law without the DMCA. And so this allowed the service to exist.
Now, you have also the case of automated systems, which are designed to reduce some of these costs by checking against a database, and in some instances a database may be available and in some instances it may not be. But it's important to think of some of the externalities that come from automated systems. One is the social cost to privacy systems. If an automated system is scanning all the content, that creates the infrastructure for all sorts of reviews beyond the initial purpose, especially if it gets into network level reviews and deep packet inspection. It sets up a technical infrastructure that may have a simple purpose to begin with, but once the infrastructure is in place, it's readily turned to purposes that are more dangerous to the users.
And the other problem with automated solutions, or automated systems, is that they are entirely ineffective in a ride variety of potential online problems, such as defamation and privacy issues. It's hard to identify when you have a human review -- I'll wrap up quickly. Yes. Thank you.
So, if a human can't determine whether defamation is true or false, certainly an automated system could not. For copyright, they are unable to detect fair uses or a situation that is lawful, even if they do use a portion that is under the copyrighted work.
And so how this has a potential for a negative externality, is that given the potential cost to the service provider, the economically rational choice is to not host any controversial content and not be a platform for a whole Swath of speech.
I'll turn briefly to some of the issues surrounding expost review, a notice and take down regimes. Notice the possibility of someone misusing when you have a take down regime. This risks creating a de facto censorship regime. And the expression is time sensitive. In the few weeks prior to the election, if you use a take down system that falsely accrues copyright, if you have to take it down, in particular, you have to be sure not to reveal their identities until there is a judicial termination that that is appropriate, many times the purpose someone has is to use this process, not so much to take action directly, but indirectly. So, determining who the whistleblower works for, you find out it's an employee, you can fire the employee and forget about the court case.
So, to conclude, the user generated content revolution has greatly contributed to the culture of the world and it has been enabled by having policy regimes that protection service providers from the liabilities of the act of the users. So the soap box is not reliable for what the speaker said. We have to make sure that we have an open and inclusive Internet.
>> KARINE PERSET: Thank you for pointing out how the Internet in its current state is a gigantic enabler to social and economic opportunities, and also for pointing out the very -- the nonnegligible risks associated with imposing liability on these intermediaries, in terms of growth of the Internet and of its economic and social opportunities.
So, we have very little tile left, we have less than 15 minutes left, by my count. As I mentioned in the beginning, I was hoping that we could have some short discussion on a list of draft good practices that have been developed. We have developed this list based on research at OECD as well as on discussions with relevant stakeholders and on a workshop we held in June in Paris.
Now, on -- there should be on a slide up -- this should be visible on the slide.
Hopefully. In a very truncated format. And I'd very much like to ask participants whether they think such practices or guidelines would be useful to governments and to other stakeholders, as the first sort of general broad question.
I realise many of these may seem obvious and just sound like basic good governance, but on the other hand there are a lot of examples of where many of these things are not actually being considered at all, when governments or other parties are going forward with one specific objective and not considering balancing this objective with other objectives.
Basically, I would like to ask the panelists as well as everyone who would wish to in the room, whether they have any views on this list. The list that should be coming; on these practices. The main question would be whether these questions are too abstract or on the contrary are they too specific, bearing in mind that they have to have wide applicability. Are there things that most stakeholders could agree on? Are there additional good problems that should be added or removed, or should be modified? That is the type of question and discussion I'd like to have briefly in the 15 minutes remaining.
Let's start with Joe, who has strong opinions on these things.
>> JOSEPH ALHADEFF: Well, when we look at concept of practices, and I think -- what?
>> AUDIENCE: No slides.
>> JOSEPH ALHADEFF: There are bullet points underneath these, but I'll give you the list, provide appropriate protection and liability to Internet intermediaries, it's a longer one, but that is the gist of that one. Considering whether to adopt policies involving intermediary, respect principles with respect to stakeholders, ensuring policy intervention does jeopardize development.
Encourage and support private sector initiatives to self and coregulation.
Implement policies and frameworks involving intermediaries, respecting the following principles. Undertake risk assessment that evaluate unintended consequences.
Assess impact of Public Policies on policies and safeguards.
Generate qualitative data.
And lastly, cooperate internationally. That doesn't do justice to the principles, because there are substantial bullets under this.
And I finish this, they will apparently have the slide up. So, with that, I think the intent really is, you know, one of the questions is these principles are really a method of guidance. They are meant to represent a set of practices that are useful. To Karin's, question, I don't think all practices are applicable to all situations, but they create a superset of concepts to consider. I think there would be a danger in shifting the practices into requirements, because you have to figure out how they are relevant and implemented. When I look at the statement that BIAC put into the record to intermediaries at the workshops and beyond, a number of the concerns raised by BIAC were reflected in the practices, so I think we have a good start. But obviously a basis for conversation going forward. I think some of the issues, especially relating to cost sharing, may be related to some types of intermediaries than others, but it's an important concept to have out there. I think understanding innovation and understanding not just risk assessments but other ways to learn how to minimize burden, and I think that is something that could benefit from more emphasis than is there. The more there can be a multi-stakeholder dialog that gets to the concept that these practices are meaningful and useful, I think the level set is about right where we are going with the practice.
You may have something like the Australian story where with the appropriate consultation you can find out that the multi-stakeholders do find a common basis to move forward and agree.
So the idea of working on good practices is a step forward. Understanding how the practices play a role and guidance in helping to shape the ways for practices.
I think this helps with how it works across the ecosystem and perhaps that is one thing that isn't talked about, perhaps a preamble to the practices that talks about the thought that this needs to be dealt with in the larger context -- apparently it's there. I missed that.
>> LILIAN EDWARDS: I'm broadly impressed and hopeful about the idea of having the guidelines, whether they become, you know, to some extent advisory, consultative, advisory, whatever, because this is an international subject dealt with on a state by state basis, with the exception of the EU realism. We know that the Internet and content crosses borders, the filtering crosses borders, and yet we have no real forum for developing international globalized harmonized rules in this, in the way that we're familiar with from the IP and perhaps the cybercrime agendas. So this is very much a step in the right direction.
We have already heard, for example, that even in states like the USA, where there is a broad consensus it seems between industry and state as to the way to do it, there are still problems, because the innovators coming from the US like Google have to deal with the multiplicity of different entities. So there is a need for some kind of international harmonization. There are just a few here. I'd just express my pleasure at seeing this. It retains from the ACD model Internet activities. We can't just look at Google, we have to look at what Google does. We have to retain the functionalism if this is to work.
But the second point is an economic underpining that the guidelines. We have to look at the costs and benefits. We have to look and see what burdens can realistically be taken, by which intermediaries, to what effect because some of the -- some of the ways of doing this are not sense able.
And I would also recommend, or endorse, I think, particularly, which is the idea that came I think from the intervention by the EFF, the idea that we must try and avoid placing into the intermediaries the position of liability, where they have to make decisions, often in the small to medium size sectors, assessment as to the legality of content. That is not their role. Many small ISPs are a nonconcentrated sector with no legal advice. And to make them determine pornography or copyright, it's mildly insane. So I'm very pleased to see that.
>> KARINE PERSET: Thank you. Are there any questions from the room?
There is a microphone there. And there is a microphone there.
There there are microphones on either side of the rows.
>> AUDIENCE: I have a sort of preliminary question. Do you think there is or there is room or there should be a category of nonprofessional intermediaries? I mean, if I run a blog or a page on a social network, I'm an intermediary. If someone posts something on my blog, do we have the same protection of professional intermediaries. There is a two layer intermediaries, in that case, the same rule applies.
>> LILIAN EDWARDS: I would add that one of the points that I helped interject into the report was that at the same time we have to consider the one size fits all for an intermediary regime, we have to consider different sizes of intermediaries, this is the problem. We can't impose the same things on a blogger as Google. So yes, there is a reason for look at the size of the operation. But it's a very difficult area, it's been very difficult in data protection, for example.
>> KURT OSPAHL: I think it's important to recognize that individuals can be intermediaries. It could be, you know, a cafe offering WiFi to their user, and they are an ISP. Maybe a blogger has their own Web site and they allow years to comment on that Web site and they are hosting third-party content. Or somebody who runs a listserv, e-mail listserv where they forward along e-mail messages that they received from a third-party. These are forms of an intermediary that are vital to the free flow of information on the Internet. And under the section 230 regime in the United States, it specifically says both providers and users of interactive computer services are protected, and explicitly acknowledging that individuals can receive that protection.
>> KARINE PERSET: I think we have another question over there.
>> I'm Annette Rubach. Looking at these principles, I like the first step to involve all relevant stakeholders. We are talking about Public Policy issues, but I'm a little bit surprised that it's in this list of bullet points. You have "Consider social costs and externalities," well, consider social cost, it sounds rather negative. Social cost. And what is the public interest here? And I think the public interest must be the first on this whole list and not this whole -- I mean, of course we have to take in consideration marketplace incentives, but, to see in the list under point 4: Assess impacts on civil liberties. Not even implement human rights in the Internet world, which is a duty by government, by industry, by civil societies by everyone, they have to find ways to implement those existing laws and rights on the Internet. So we have to find those ways.
And -- I'm surprised about this list. But I like the basic idea of yes, we do have to come together and involve all resident stakeholders. Yes, I do want to have an innovative system. Yes, I do want to have a market which is growing. And all this.
But, there are the real important points which have to be right at the top. That's a question. How did it -- how -- what made it possible that they were just a little bullet point there and even not implementing, but assessing impacts? You know, this is really too weak.
>> KARINE PERSET: Thank you for that constructive, useful comment. You're right. This is, as I said, a very truncated version about the paper. You're right about the placement, there are different reasons for that. But absolutely, implementing the law and not assessing impact is absolutely correct. And absolutely take that into the next version of these good practices. So thank you very much for that comment.
We have one more comment and then the next session really would like to come in very soon thereafter. So I ask you to state it briefly, please.
>> It was just about the methodology of who determines who is and who is not a relevant stakeholder.
>> KARINE PERSET: That's a tough one, because I don't think there is one answer. I think that really has to -- that's -- that has to be determined on a case-by-case basis. It will not be the same stakeholders, depending on the issues involved.
>> We need to leave this as much open as possible. We have seen recently a lot of examples about discussions of international cooperation on treatment and infringement that were very close system, and sometimes negotiate behind doors. So we tried to -- we need to avoid that. We need to give the room to almost any stakeholder, even if it's a user or an association. And I think as much openness and a wider approach would be the better for this.
>> BRENTON THOMAS: Linking to the previous speaker, I think the public interest question is fundamental and by the intermediaries and government and whatever other stakeholders have to be involved have to be involved. So it's a broad consultation on these sorts of issues. That is difficult, but at the end of the day, that is Public Policy and we have to deal with it.
>> AUDIENCE: I have a quick question about the access for the intermediaries. I'm coming from Turkey and Turkish people cannot access the YouTube directly because of a court order since two years ago. Two years.
What can be done at the international level as a legal aspect to these problem, some videos and the YouTube for Turkish people, what can be done at the international level?
>> Your question is related to the problems that you have to access certain content in your country, given political decisions.
And this is something that sometimes is the way of how you should address your government or how you should choose your -- who is making that kind of decision, sometimes the Internet intermediaries is not the one, sometimes they face a lot of pressure, also. It has been the case in Turkey that YouTube has been disconnected at all, many times, and sometimes it's a hard decision of what is better, if it's better to get it disconnected at all, rather than having to entertain certain content in light of a legal provision that exists in that country. And this is also a question that has to do with censorship, and how the pressure over the intermediary could affect the speech.
It's an ongoing problem. And all of us need to be part of the solution for that.
>> KARINE PERSET: Thank you everyone. Thank you for participating today.