FINISHED - 2014 09 04 - Best Practice Forums Wrap Up - Main Room

FINISHED COPY

NINTH ANNUAL MEETING OF THE

INTERNET GOVERNANCE FORUM 2014

ISTANBUL, TURKEY

"CONNECTING CONTINENTS FOR ENHANCED

MULTI‑STAKEHOLDER INTERNET GOVERNANCE"



04 SEPTEMBER 2014

14:30

MAIN ROOM

BEST PRACTICE FORUM WRAP UP

 

 





***

The following is the output of the real‑time captioning taken during the IGF 2014 Istanbul, Turkey, meetings.  Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors.  It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

***

 

>> BILL GRAHAM:  Good afternoon, let's get started with the session.  My name is Bill Graham. I'm a senior fellow with Governance Innovation and currently a member of the ICANN board.  I would like to open by calling on Constance Bommelaer from the Internet Society to introduce the session.

>> CONSTANCE BOMMELAER:  Thank you very much.  I'm Constance Bommelaer from the Internet Society, Senior Director public policy partnerships.  I'm also a MAG member and with other MAG colleagues we have been working on trying to set up this new track for the IGF, the IGF best practices, in an attempt to have the IGF work towards more tangible outcomes.  The IGF is now nine years old.  There are discussions regarding the renewal of its mandate. 

We know that within a year we should know whether or not the mandate will be renewed and for which duration, five, ten years, maybe more.  But in any case, what is clear is that coming out of NETmundial discussions, coming out of other global Internet Governance dialogues, we hear a call for the IGF to become stronger, to be able to pick up existing but also emerging Internet related issues with the view, again, to share best practices and possibly work towards tangible solutions developed in an open multi‑stakeholder framework.  This year we are launching this process.  It is a baby process.  We had seven weeks to work on five tracks establishing CERTs for Internet security, mitigating spam, developing local content, developing meaningful multi‑stakeholder mechanisms and also Online Child Protection so very, very tangible concrete issues.

This is not about the global Internet Governance dialogue with geopolitical issues that influence the discussions.  It's really about tangible difficulties that policy makers and other stakeholders need to work together on.  So what we have done basically over these past seven weeks is that we have gathered lead experts, all of the people who have developed best practices from a series of volunteers from all stakeholder groups. 

We have the Chair first from CERTs.  We have people from industry, from online protection.  We have people from the ITU, again, for the same theme, so literally multi‑stakeholder teams enrolling a series of experts.  We have 80 to 120 people work through mailing lists, webinars and what's interesting is it brings a whole set of new people, experts who were initially not involved in the IGF who have little interest in the global Internet Governance discussions but are much more focused on day‑to‑day work, tangible issues.  So these groups have been working with the secretary and John Laprese and Wout DeNatris was supporting the Secretariat in a view to compiling documenting existing best practices. 

We now have on the IGF website a repository for each one of those five themes with useful resources, links to lead experts, useful documents you can find online, and also the draft outcomes.  We have about 15, 16 pages for each of those themes that go through methodically a set of questions.  We start by defining the issues then we look at regional specificities then we look at existing policy measures but also private sector initiatives.  We look at what worked well, what didn't work well, because it's very important to learn lessons from what didn't function well. 

There are discussions, there is documentation about issues that remain to be addressed and also possible identification of common ground among these current best practices.   The different drafts are still open for comments until the 15th of September.  The IGF Secretariat will be working with different lead experts on comments expressed during the five best practices Forums of the IGF and they will also work on comments collected through this session.  Then the lead experts will reconnect with their communities to see how they want to take the work forward, but at the end of this IGF week, we already have a draft outcome document.  We already have a tangible outcome, and this is, I think this is very pleasing as it's one of the first effort outcomes of the IGF.  So I will stop there, Bill, and back to you for the introduction of the different themes.  Thank you.

>> BILL GRAHAM:  Good, thank you.  So as I said, we will go through the five different themes one by one.  We will take about 50 minutes to do that, so roughly ten minutes each.  I would ask each of the speakers to please try and make their report in maybe seven or eight minutes.  That will leave us a couple of minutes for immediate reactions.

Then after the five presentations we will have about 20 minutes more or less for questions from the audience on any one of the five, but I do want to, if possible, leave a couple of minutes after the end of each section for immediate reactions if you have any.  So I will start by asking Avri Doria to speak to developing meaningful multi‑stakeholder participation mechanisms.  This was the Best Practice Forum where I was a co‑moderator along with George Sadowsky, and I really want to thank Avri on mine and George's behalf for agreeing to make the report today so I could Chair this session.

>> AVRI DORIA:  Thank you.  Yes, it was interesting in that I became a third co‑moderator, I guess it was, or a temporary co‑moderator at the last minute and then went and totally changed the organisation of the session on the moderators.  I think this session represented a first step.  In other words, there were seven weeks of collection of comments.  Multi‑stakeholder model, multi‑stakeholderism, whatever, has an interesting attribute at IGF in that we have been doing it.  We have been doing what we call it, but unlike some of the other areas like the spam area or the child protection, it isn't something we have been having workshops on.

We have not been having workshops on modalities, workshops on methods over the years.  So in a sense we are starting in the descriptive work sort of at the beginning.  Now, of course, there has been a whole lot of experience in it, both in the IGF, in other Internet Governance fields, and as we started to discover in some other areas where people came up they either spoke during that session or came up to me afterward and you say, you know, we have been doing multi‑stakeholder and we have developed a model that we think would be interesting to review and talk about within the context of the work you are doing. 

So I think it was really quite exciting in that respect in that we have started.  We have started taking something that we all think we know implicitly because, well, of course we know what is multi‑stakeholderism, or what multi‑stakeholder is because we have been doing it.

But yet when you ask people to define it, they go, well, I'm not sure I know how to define it.  Of course, I have that same problem when I ask people to define democracy for me.  We all know what it is, but when you get right down to defining it and all of its attributes, it's complicated.  So we do have a first set of definitions on the ground, and the document John produced includes those for beginning of discussion.  Part of the discussion we had was on definitions, and looking at some of the words in the definitions, because one of the first things that happen with a definition is, well, what does this work in it mean?

The package looks kind of nice, but what do all of these words mean?  So we took a little bit of that dive into the second thing.  On the list we talked somewhat about what it means to be a best practice in the first place.  And so we are trying to understand in terms of looking at that how it is we know when we have a best practice, and I have had to quibble with Constance and when haven't I had a quibble about calling it best practice.  At the best we will have current best practices.

And I would almost suggest that we look at changing the name because by the time we print any document, it might be helpful, but best practices are something that move on.  They change as we gain more experience.  We don't want to sort of pretend that we will in some sense achieve a best practice for the end of all time.  In terms of the issues we looked at, we basically looked at the report that John had created, and basically extracted a couple of general themes that seem to be the locus of a lot of disagreements or agreements or different definitions or different ways to look at it.

For example, stakeholders, what are we talking about?  Who is a stakeholder?  How do we know they are stakeholders?  How do some people view others as a stakeholder?  Are the three stakeholders of the Tunis Agenda the only stakeholder?  Wait a second.  Those aren't stakeholders, they are stakeholder groups.  Is there anything about stakeholders that is special and that they aggregate into any number of stakeholders or does the notion of a stakeholder group come first and the Government have defined the three stakeholder groups for us, and, therefore, if we are a stakeholder, we must belong to one of those three.

So looking at the questions of stakeholder and stakeholder group, the relation to each other, the definitions, the flexibilities, you know, we didn't get into it too much, but how the roles and responsibilities of various stakeholders attach, and may be specific to the situation or maybe not.  So that was part of the discussion.

We got into trust.  We spent a fair amount on trust.  In terms of one of the criteria of a stakeholder grouping of a multi‑stakeholder process working is that the stakeholders can trust each other, that they can, you know, feel that when you talk to someone, you are talking straight.  You are not going around them.  You are not going to take what they say and misuse it, you know, you are not going to take the fact that they were open with you for a few moments and use it against them.

And basically the whole notion of stakeholder, so how do you gain trust?  How do you lose trust?  How do you regain trust?  And looking at those issues becomes part of it.  Accountability and transparency was one of the issues, and as we talked we realized it should be accountability, transparency and ‑‑ what was the R word?  Not resilience.  I have lost it.  I didn't write it and I have lost it, but I will find it.

But it's basically, can you rely on it?  Is it basically dependable?  Is it predictable?  It wasn't an R word at all.  That's why I was confusing myself.  Predictability.  I apologize to you for having to watch my mental process.  Is it predictable?  So perhaps we are expanding the discussion to look beyond just accountability and transparency but predictability and how important is predictability in a multi‑stakeholder process.

So we have basically gotten to the point of opening up a lot of issues.  We have got a good paper.  We understand there is more comments, then there will be another draft of it.  Now, the way we are looking at it is we've got a year's worth of discussions and work to do.  We are looking at the notion of ourselves as sort of an outcome working team, whether that name is a good name, a bad name.  We knew it couldn't be a Working Group because this is the UN and we don't do Working Groups.  It isn't a Dynamic Coalition because it has a specific task.

It's got to finish this task and not be anymore.  So we are really looking at how we organize over the next year to continue working on this outcome on multi‑stakeholderism and to see through a variety of on list work, online work, perhaps telephone meetings, what have you, sort of still in the very nebulous state, but basically continue working through the year.

So that becomes yet another part of this outcome experiment, not only do we have outcomes after seven weeks of prep, but can we actually work from one IGF meeting to the next and actually have a consistent work that sort of takes us from one meeting to the other so that when we meet in Brazil next year, I guess it's Brazil at the next IGF, we actually have an outcome that we could say we have worked on.  We have reached a certain level of consensus.  We understand where the differences are, et cetera.

And I guess in having come up with that notion, I have been volunteered and agreed to volunteer myself to continue working on trying to organize that for the next year unless people go, oh, what a terrible idea, find somebody else.  That's about it.

>> BILL GRAHAM:  Thank you, that was great.  Any immediate reactions?  We have a couple of minutes for immediate reactions, but as I say, there will be an opportunity to speak in the session later on.  Do I see one here?  No.  Nothing really pressing.  That's great.  Thank you very much.  And thank you again, Avri.  The next set of reports will be on the best practices group looking at creating and enabling environment for the development of local content.  And Susan Chalmers and Stuart Hamilton will be speaking to this.  Which one first?  Susan?

>> SUSAN CHALMERS:  Yes.  Thank you.  Our dialogue unfolded over several weeks, and I'm happy to say we had robust discussion on the list from all stakeholder groups.  The stakeholder participation was truly geographically diverse as well.  Technical contributions in Cameroon, Australia, contributions from Government officials from Liberia, Egypt, Civil Society, participation in particular from Latin America actually was best practices identified at the LacIGF to this global group.  We had contributions from European Library Associations, private sector contributions from North America.

It was a terrific mélange of voices that kept the discussion lively and engaging.  Just a word on process I'd like to share.  So as Constance mentioned earlier, the lead experts were to guide participants through an eight‑part template beginning with the definition of the issue and ending with proposed steps for further multi‑stakeholder dialogue.  What our group elected to do was to take each part at a time, ideally devoting one week or less to the sub themes.  Given the time constraints and complexity of the topic that is creating and enabling environment for the development of local content, we did run out of time, but nonetheless, we did identify some ‑‑ we arrived at some insights which I would like to share right now.

So what we did, we started out with trying to define local content, and we did.  It is a broadly defined topic.  With that discussion, we then decided to frame the issue in three parts.  The first part, the technical infrastructure, the state of the Internet industry and the locality.

The second part was the regulatory landscape, and relevant legislation that affects the creation of local content, and finally, the third area was really examining the human capabilities and capacities, issues such as digital literacy, web accessibility, and so on.  So in order to kind of package and digest this issue which is quite multifaceted and complex, we approached the discussion in that way, and I think that it really lent to the success of the conversation.  And before I turn to my colleague, Stuart, I would like to say that one thing, I think, probably the best and most important point that we were able to tease out through these seven weeks of discussion was that there are a number of best practices that were identified that indirectly affect the development of local content creation.

So, for example, I will just give one example that came up during the discussion, requirement of local hosting, for example, of information within a jurisdiction may in turn lead to investment within data centers and servers in that jurisdiction, which would in turn lead to reduction of latency and faster traffic delivery which in turn would lead to people being able to contribute and upload their content far easier.

So that's an example of the indirect policy.  What we did come to ‑‑ we came to the conclusion that there are not that many policies or best practices that were identified that directly facilitate the creation of local content, so I think that the true value of the discussion was that we identified that and so with that being said, I would like to turn it over to Stuart.

>> STUART HAMILTON:  I have to lean in quite a way here.  So I think Susan has covered an awful lot there about what was actually a very wide ranging discussion over the quite short period of time that we had.  But we got quite a bit of information out of it.  Of course, there is a lot still to be discussed.  The area of policies is most definitely the main area.  Policies that don't exist yet was the phrase that came up on the list discussion.

We got plenty of examples in the discussion of sort of what was happening at national levels and the development of local content was happening as a byproduct as some sort of related or unrelated policies, but in terms of absolutely direct framework we didn't see it coming out.  It's clearly an issue.  It's been discussed here at the IGF as well, you know, how is that to be encouraged?  How does it come out to be treated in relation to local professional content?  And that was a session a couple of days ago.

And the third area I would sort of highlight which still needs to be addressed in this discussion is one I would have to bring into the mix from a libraries perspective.  It isn't translating amongst a profession that deals with it every day.  I found that interesting to talk to my colleagues, get them involved with the discussion.  They have got members in 150 countries so we put this very far across the network and they said local content, we never heard of it, and I pointed out that we are working with it.

So I think that's something that even though the paper is very clear in the difficulty of defining local content, it's not an issue I'm sure we will pick up again in the future.  Just turning to now we can connect the best practices with policy discussions at local and national levels, we found that it was useful to circulate requests to get involved through IFLA's network which is quite big.  This is something that can be replicated with everybody's network to get these new documents out there for more comment.  It's a relatively easy one.

I think there is definite room for discussion of these subjects at the regional IGFs and at the national IGFs, again a pretty simple thing to achieve.  And then a final sort of comment on the role of the volunteer lead experts.  I think we are quite proud of what we accomplished in the seven weeks that we took this on, but it was quite intensive.  There was a lot more work than, perhaps, we expected.

Fortunately we would now have 12 months to work on this going forward, but I think we need to think quite carefully about how much work we need to put in to make this really happen, maybe increase the size of teams dealing with it.  As anyone knows trying to prolong a mailing list discussion involves constant prods and moving people in the right direction.  So I think those things need to be taken on board.  Thank you.

>> BILL GRAHAM:  Thanks to both.  That's really helpful and I appreciate the comments on the methodological issues if I can put it that way.  That's going to be helpful going forward.  Any immediate reactions or questions on local content?  Yes, Marilyn Cade, please.

>> MARILYN CADE:  I was pleased to see that we took this topic up as one of the best practice Forums because of the, most of us who participated in the WSIS we call this area of local content was one that was called for in the action lines.  And we have seen the, I think, the growing importance of the development of local content as more and more users come online.  So but what seemed to me to be a big gap was an understanding of what was really happening, what was really going on and were there any success stories that could be leveraged. 

So I applaud the fact that you guys took this on in such a short period of time, but I'm wondering, have you already identified scalable ideas from what you have seen so far that you think could be taken further?

>> STUART HAMILTON:  We are fortunate enough to have John who wrote the content of the paper.  From my perspective I'm waiting to see scalable policies, but as I mentioned we have a number of national sort of case things; and, John, maybe you want to say a couple of things about that if I can possibly get this to you.

>> JOHN LAPRISE:  Hi, John Laprise for the record.  I think, from all of the work I have looked at and everything I have been reading for the past, well, two months and then plus before that, the best way to facilitate local content is to focus on the users.  I mean, the infrastructure is important, the law is important, but so much content is created that's non‑commercial that if you give someone a Smart Phone and you give them inexpensive access to data, they are going to create.

They are going to go on ‑‑ they are going to be creative on their own and create content.  And facilitating users to create content will create demand for local services which will drive the engine for the infrastructure providers.  It will prompt Government to adopt new laws to meet those needs.  So I think it's all about starting with the users from my perspective.

The other things, there are a lot of discussions about how for some local infrastructure providers, especially IXPs have a chicken and egg problem where they can build infrastructure, but it's very expensive and they have to take the risk that they are going to have enough local customers to make it cost effective.  And if they don't, then local users will then trombone and use foreign services.  This is problematic from their perspective.  So I think it comes down to in terms of a skill sort of global policy, the best thing is to put your faith in the individual user, and give them the means to create content, and just let them run.

>> BILL GRAHAM:  Thank you, John.  One very fast follow‑up, Marilyn.

>> MARILYN CADE:   I want a quick clarification.  I wasn't thinking about global scalability.  I used the wrong word and you don't need to respond.  I will come back.  I was actually thinking about replicability within other communities that might be similar.  So I will take that up separately, but I now realize I actually asked my question wrong.  Thank you.

>> BILL GRAHAM:  Thank you and a quick question from Subi, please.

>> SUBI CHATURVEDI:  This is Subi Chaturvedi from India.  I have a related question from Susan and John.  I work and teach in a college in India, and what we do is we take $10 cell phones and give it to the girls.  It's a women's college and they go out to the community and the community produces content.  This is an issue both identified in the Tunis Agenda and as something that we are looking at the IGF to do better and speak to more.

Is there, both looking at push and pull factors, barriers to upscaling of local content, is there a resource pool you intend creating where you would have mentorship from industries, private sector, syndicates and the Government that will look at help in terms of language, local language dissemination?  And also best practices in integration of pull ups that can be given to communities which are creating local content?  And what is the intercessional work you plan to do in terms of dissemination practices?

>> SUSAN CHALMERS:  Susan Chalmers.  Thanks, Subi.  Thanks, Marylin.  One thing that did come up during the discussion was I think, Subi, this relates to your question, to your query is the presence of innovation hubs in certain countries.  So that is where you do have a place where different stakeholders can converge and it's also a capacity building opportunity.

So we have heard of instances of those innovation hubs, I believe, a few were identified in the African region, but I would have to go back into the mailing list and check and get back to you.  So I think that taking those innovation hubs and understanding how they are constructed and how they are supported, how maybe if they are subsidized whether by Government or by private sector would be a good place to start looking.

In terms of the modality going forward, after a session which was on the first day of the IGF, the participants and the panelists, we have agreed that it would be really good to meet.  We are trying to find some time tomorrow, but you know the IGF is a movable feast, but we are going to try and meet and discuss how to take this forward because there is, of course, a question of resources.  So I have dedicated my time gratis to this, and it is important to find people who are capable of being able to take this forward and be dedicated.

So whether that's through volunteer or not, we are going to have to figure that one out, but I would love to see this unfold and see the outcome document produced on a consensus basis.  Thanks.

>> BILL GRAHAM:  Thank you, Susan.  I will take one more, I see a hand up back in the audience there, and then we will have to move forward.  Good.  Thank you.

>> AUDIENCE:  My name is Ankash and I am at IGF.  I have one question to the panel.  So we are going towards a, there is a lot of Internet fragmentation because of local as well as global factors, but technology has driven the Internet, so do you guys think that going forward, is it the technology that will drive the best practices or we will go towards local factors will guide us to the best practices?  Thank you.

>> STUART HAMILTON:  I think I'm going to make a really boring answer and say both, which is, you know, hedging my bets a little bit, I guess.  It's almost certain that we are going to see local practices the way that local people engage with their environment drive and there is a sense that something will come along in a technological sense that will make it easier to develop local content, so not perhaps the greatest answer in the world, but.

>> SUSAN CHALMERS:  This is Susan Chalmers, I think this is absolutely correct and it relates to the structure of the discussion.  So going back to the three part structure, this issue has been described as virtuous cycle, I guess you could say.  So it's the development of technology and the ability of technology to be able to be placed into the hands of users will then enable them to create, and it just keeps on driving.  So I think that all of these factors play a role together.

So I think your boring answer is absolutely correct.

>> BILL GRAHAM:  Good.  Thank you, and thanks for your interest in this topic.  Remember, there will be opportunities to discuss this further after the remaining three reports.  So please make a quick note so you don't forget what you wanted to raise with us.  The third best practices Forum is the one on establishing and supporting CERTs for Internet security.  And Adli Wahid is going to report on this.

>> ADLI WAHID:  Thank you very much.  My name is Adli Wahid from FIRST and I am one of the lead experts for this Forum.  The other two will be Christine Hoepers sitting next to me and  Maarteen Van Horenbeeck at the back here.  So three of us, and like everyone else we started this process of getting inputs to produce the best practice document about seven weeks ago.  At one point, and I think still now we have 90 people on the mailing list, and for every WebEx session that we held, we had good participation from members, mostly from the technical community, and only until today we had a lot of good inputs from the other stakeholders, and we had a lot of good questions and discussion which I will be discussing next.

Before I begin with the report on the consensus and the questions that we get, I would like to for the benefit of those who are not part of our Forum tell you a little what the acronym CERT stands for, so CERT or you will notice we will use CCERT later on, CERT or CCERT is Computer Emergency Response Team.  It is a service organisation responsible for receiving, reviewing, responding to a computer security incident.  And the services are usually tied to a defined constituency, it could be a Government, an enterprise, it could be an educational network or research network or paid client.  When we say the word incident we are saying real or adverse suspected event in relation to computer system or computer networks and its use.  It will be useful to define that because you get all kinds of ideas of what is emergency and what is incident, so on.  When I said before when producing this draft document, we had a lot of input from the people, from people in the technical community, particularly people who are working with CCERTs, and I would like to highlight some of the points that received consensus.

The first one is on the term itself, so instead of using the word CERT, Computer Emergency Response Team, we are, we wanted the usage of the acronym CCERT in the document for the sake of accuracy and consistency.  Part of it is because the word emergency can lead to misunderstandings and misconceptions about the work we are dealing with and there are many communities that work in emergencies such as natural disaster and things like that, but we are nothing like that.

Second point is that there are different kinds of CCERTs and thirst constituencies and services may differ, but all of us are connected one way or the other because the main purpose of CCERT is to respond to security incident to mitigate the risk or damage that it could cost the constituency.  CCERT has been working for a long time, in fact, since 1998 when the first CERT was established, and much of this is due to the need to respond to similar threat or incidents.

And there was a consensus in the group, in the discussion that the success of CCERT is tied to delivering what has been promised and managing the other stakeholders in terms of perceptions and responding to the need of the stakeholders.  There are a lot of guidelines and best practices out there on how to establish, how to run a CERT or how to manage a CERT and we included this in the document as references, and we did not want to actually deliberate further on that and just use best practice document as something that people come and see and refer to them if needed.

There was also some discussion on the role of Government in starting or establishing CERTs in nations and in organisations.  The conclusion or the consensus that we get from the participant of the discussion is that top down approaches from Government on creating CCERT do not always work well.  And a bottom up approach was preferred, was much preferred and there is a lot of work that CCERTs do, and the success of doing a lot of the response work that is tightly tied closely to the question of trust.  So as in I think other discussion of other Forums here today, we hear the word trust, so creating trust, establishing trust is a key thing in many of the CERT work.

And as I said earlier, cooperation is rooted in trust and sometimes legislation does not provide or does not facilitate the work of CERTs, and in some cases it may impede the communication and the exchange of information and the need to respond to security incidents.  And there was also the discussion that because security response work is very important, there is a need to have what we call in our community in our own language the CCERT of last resort, which means that you must have a point of contact somewhere, right, to be able to make sure that incidents are not causing damages or problems because otherwise there will be no way to communicate, or no way to contact a party or entity to resolve a particular incident.

Now, as I said earlier, when we had the session this morning, we had very, very good feedback as well as questions, and I would like to highlight them.  And we categorize this in, as unresolved issues, something that we would like to further look into after this.  So there were comments on the need to define further or refine further the definition of national CCERT and the CCERT of last resort as I mentioned earlier.

We need to sort of, because today was the only opportunity to actually get input from those outside the CCERT community, and we find it very beneficial.  So there was a need to open up this document to other communities to get reviews, to get feedback and to get more questions so that we can improve it.  There were some questions on the cost of participation of Developing Countries in the CCERT community.  And I thought, I think that is interesting for future debate and to get further inputs from those who are actually thinking of running a CCERT in the future.

And there were also some good questions or and feedback on the role of CCERT teams in addressing root causes of incidents, such as prevention of cybercrime or creating cyber awareness programmes.  And this is an area that we thought a multi‑stakeholder discussion would be very, very beneficial, for example, working with law enforcement agencies and what not.  So moving forward, we thought that the whole exercise was very, very useful, and the sentiment we get was that there must be some mechanism to put forward some of the work that we had already together with the, you know, open questions into some other venues for comments, maybe at the national regional IGF meetings so that we can refine some of the contents of the best practice document.

And I think with that I would like to end my report and hopefully if there is any question, we would love to hear them.  Thank you very much.

>> BILL GRAHAM:  Thank you very much for that report.  Any immediate reactions or questions?  I see one here.  Subi, please.

>> SUBI CHATURVEDI:  Thank you for that very comprehensive report.  Coming from a democracy like India, there is great diversity both in language and cultures, and CERTs have been important questions of concern.  For us two specific inputs taking from where you touched upon the role of Governments because a lot of practices that we are talking about are best practices that we would like to see as a community of Internet users.  In terms of outreach, what is the process of engaging more with Governments and intelligence agencies in particular because a lot of times we have seen Human Rights trampled upon in instances where it might be a cause for immediate concern.

And also dissemination, because there is no one size fits all as far as CERTs are concerned, so are you looking at responding to those questions in larger outreach?  Because the work that you are doing is invaluable.

>> CHRISTINE HOEPERS:  I'm Christine Hoepers.  I'm one of the coleaders of the CERT Brazil.  This was a discussion that was touched a lot.  The document covers a lot, and when some of the confusion and some of the confusion with the roles of like intelligence agencies or police and everything, it goes with semantics.  It goes with really calling it an emergency because people think and react in a different way, and this was the sentiment from everyone that was discussing that it's really not helping a lot because the work that we do is a work that's a network of teams.  It's very diverse, and this is one of the points that we really try to make clear in the document from all of the inputs of people that there is not one model.

We have as many diverse teams as we have, the better we can have the security and today some of the discussions were addressed in that maybe we need to make that even more clear because there were several questions in our best practice session, and we didn't have time in the session to go to the whole document, but most of the discussion was about to explain better what it is and not to confuse national cyber security strategies and police and security with instant response.

And this is why one of the findings as Adli said that it would be nice to have more, the other stakeholders involved into bringing what they expect of this process and what are their questions and what is not clear because sometimes it's not clear for us.  Although we have CERT and CCERTs from all of the stakeholders, they were more technical and security people in there.

So we had already an input from CERTs from different areas on what are the perceptions, and we think that's invaluable to have in the IGF, and the local IGFs, the national IGFs to contribute with specially some points that will be open for discussion like regional specificities.  We brought what we knew from the regions we want, but we know that some are not mapped yet, but I think it's very important that you brought this.

>> BILL GRAHAM:  Thank you very much.  I think we will move now to the fourth report, and this is on the best practice Forum dealing with regulation and mitigation of unwanted communications, for example, spam.  And I will call on Karen Mulberry to speak to this.  Thanks, Karen.

>> KAREN MULBERRY:  Thank you, Bill, and it's quite a mouthful.  We looked at ourselves as addressing spam and move forward with that as the short term rather than kept calling ourselves with that very long regulation and mitigation of unwanted communications.  We have had a lot of discussion on our list about various aspects of the report framework that MAG provided to us in terms of establishing what is the issue, how would we qualify it, how would we approach the information and collecting the important best practices?

In that dialogue and exchange determined that there are a lot of expert groups out there that have been working on this issue for quite some time.  The London action plan contributed information from an intergovernmental perspective.  The MAAWG, which is the Messaging Anti Abuse Working Group, works on operational best practices affiliated with spam.  So they contributed to developing our draft document.

There are other groups.  The ITU in our discussion yesterday indicated that they had significant work they were going to also contribute into building out our collection of best practices.  So I think we are starting to build a lot of information.  The GSMA indicated they have a lot of work that they have done specifically as it relates to mobile spam.  And so that is going to be added into our document.

Since we only had seven weeks as well, it was rather difficult for lots of these organisations to have the opportunity for, to meet themselves to interact and contribute.  So I'm anticipating through the open comment period that we have that we will have more information that comes in.  We did have some discussion yesterday in terms of, you know, are we unwanted or are we unsolicited in terms of the title.  There were different perspectives and issues associated with the term unwanted in the title.

There appeared to be a preference amongst the participants to call us regulation and mitigation of unsolicited communication instead.  There was a lot of context around unwanted that created angst.  So that is one proposal that we might want to consider in terms of recasting the name of this Forum a little more appropriately.  I mean, I think we had a lot of dialogue.  We had some good support from a lot of groups and participants in building out the draft that we have.  So we are going to continue to collect that kind of information and what we discovered in our discussion yesterday in our session was that there is a lot of work to continue with.

One aspect that we really didn't touch upon much was the user aspect.  We looked at what Governments have done.  We have looked at what networks have done and need to do.  We have looked at some of the RFCs and other technical standards that might exist in terms of mail management and authentication.  But we haven't really looked at or framed user aspects.  There is also as we all know that spam migrates, and it's not just email anymore, that it's moving into other platforms, much like the mobile industry indicated through text massaging and SMS.  Spam is now appearing on VOIP, it's appearing in social media platforms.  So we have other avenues that we actually need to gather more information on so that we can build out the practice and really cover all of the aspects that I think would be useful in some sort of compendium on best practices.

So we hope to continue through the next year and work on these future things, I think, that would round out the work that all of the other organisations have contributed to date.

>> BILL GRAHAM:  Good.  Thank you very much.  So you have decided to extend your work, your group's work into the next year?

>> KAREN MULBERRY:  Yes, we have.  I mean, in a particular sense there, the spam is in essence a delivery mechanism of things, and it delivers malware and phishing attacks.  It is now moving into other platforms like social media that also become the platform for malware, botnets and phishing attacks.  We need to look at that a little more in depth.  We did not have the time to do that right now.  So we have gaps that need to fill in in terms of the work we have, so we would like to continue.

>> BILL GRAHAM:  Thanks for the clarification, Karen.  Time for a couple of pressing points.  I see at this mic here.

>> ALEJANDRO PISANTY:  Very briefly, I think this piece of work was very useful and exhaustive in its coverage within its scope.  I think that further there is at least two things I would like to see addressed and join to contribute for the next year.  One of them is the drivers for spam.  As long as you don't touch the drivers, everything else is filigree.  When you want to touch the drivers, you want to touch the actual commerce that's being made, the money that's being moved and naivety that people react when spam become a spread for malware and so forth.

The second point is that in looking at this problem, especially from the Internet Governance Forum perspective which is very much focused on development and developing economies and so forth, we should not only look at spam, but at antispam.  Antispam hurts small businesses in Developing Countries more than spam.  Spam takes away their capacity at servers, it drains capacity from routers and from network capacity, but antispam actually hurts these small companies and Civil Society organisations are even hit harder.  They are sending out email blasts advertising big and so forth, and these are not sent with quality enough to pass the filters.  So they are actually spending a lot of money also in the outgoing which is wasted.

>> BILL GRAHAM:  Good points.  Thank you very much.  Do you want to respond, Karen?

>> KAREN MULBERRY:  Thank you.  We did have brief comments on those points yesterday not only the cost of spam, but the cost to networks and what they have to do to mitigate spam.  So that is a topic I think we will take up as future work in trying to see if there is some way to categorize, describe, define what those costs are.  I don't think we can get down to the values of things because that will be subjective, but we can have based on some examples from operators and others understand the costs that they, that impact them.

And then in terms of reputation, you know, we talked a little bit about the Nigerian 419 episode that happened in the late 80s and is now recurring over and over again, which has created a very bad reputation for a country that may or may not be the one that is sending out all of that spam, but as a result a lot of their traffic has been blocked just because it's coming from Nigeria.

So how do we approach the reputational impacts that spam causes and address them in a better light, you know, so that the small organisations don't get caught in spam filters, and others who are trying to do legitimate email don't get caught up in things that prevent their commerce.

>> BILL GRAHAM:  Thank you, and a point here from Wout DeNatris.

>> WOUT DENATRIS:  I'm the rapporteur for this group and the consultant from the UN.  Coming from what Karen is saying and what we had in the session yesterday, two thoughts that came to my mind is that one it seems like the interest of Governments, not governmental agencies because they were in the room even traveling here to comment in person, but from Government seems to be waning for the topic of spam because the spam is not a problem anymore.  It's no longer in our inboxes in western countries so they have left the table in the past years apparently and how do we get them back?  Because we did get through yesterday that the costs on industry is rising tremendously apparently.  The cost is large for companies to mitigate spam, and not have it in our inboxes.

So I think that is an economic driver that should be put better on the table coming from the discussion yesterday.  And the second one that escapes me at this moment.  I will come back somewhere later and then you know what it's about and I will be back with it.  Sorry for that.

>> BILL GRAHAM:  Thank you very much.  I think we will turn to our fifth report now on the best practices Forum on online child protection and I would like to invite Jacqueline Beauchere to report, please.

>> JACQUELINE BEAUCHERE:  Thank you, Bill.  I'm Jacqueline Beauchere from Microsoft, and I have two other lead experts on this Online Child Protection best practices Forum with me, Hanna Broadbent from Child Net International in the U.K. and Carla Licciardello the head of the Child Online Protection initiative with the ITU.  Like the other groups, we started the process about seven weeks ago.

We had a robust network and mailing list and we received a number of official responses to the initial questions set ahead of today as onsite meeting.  Responses came from NGOs, from international organisations, and from one IT company, that would be my own.  Today's best practices Forum brought together about 100 people from six continents representing all segments of the multi‑stakeholder dialogue including three youth panelists and we had several youth participants as well.

I think the group gained a better understanding and appreciation of the broad range of issues that falls under the rubric of Online Child Protection and child online safety, as well as the differing levels of magnitude of the various issues they carry in different countries in different regions.  The main differences stem from varying degrees of access and availability to technology and the Internet as well as cultural and societal and familial differences and values.

The topics of blocking and filtering of illegal and inappropriate content as well as the ongoing need for public awareness raising and education, both formal and informal education, these were two prominent themes that emerged during today's discussion.  That said, nearly everyone agreed that any child online safety strategy needs to be a multipronged approach comprised of a technology component of legal and regulatory mechanisms, law enforcement participation, public‑private partnerships and awareness raising and education.

All agreed there is no one single solution in this space.  There is no one size fits all approach based again on the geographies and the cultural differences and even differences between any one single family unit.  As we pointed out, an approach that might work for child protection or child safety within one geography certainly won't work in another geography, and it might not even work within the same family.  It might not be the same thing for one child or his or her twin.

In terms of remaining issues, again, given the vast array of sub topics that make up this broad space of Online Child Protection from the availability of child sexual abuse material and online bullying to the need for digital and media literacy and the varying degrees to which individual issues present, again, based on geography, access, availability and so forth.  The issue set needs to be better defined so we need to be able to hone that issue set and to be able to determine the appropriate strategy moving forward and then to achieve maximum impact.

As I said, we have the pleasure of having youth at the table, and in our session, both the youth panelists and the youth participants were actively engaged.  We do firmly believe that youth need to be present and participate in the dialogue when decisions are being made about their uprising, their participation, and when policy is being drafted about them.  They too echo the need for continued awareness raising and formal and informal education, not only of themselves, not only of the children and the teens, but of all stakeholders.  They wanted to see continued education for parents, for teachers, for school officials, for coaches, counselors, anyone who could constitute a trusted adult in their eyes and the community at large, of course, as well.

Several in the group highlighted similar parallel work streams, particularly of the ITU and other international organisations that could be leveraged and integrated into this effort and then enhanced going forward.  So I think that's something to keep in mind for this continued work stream.  That said, the group saw today's discussion and the work done to date very much as sort of a starting point for a broader dialogue going forward.

And going forward, we are inviting additional inputs and feedback.  These further perspectives are needed to sort of round out the picture of the global landscape.  We had a lot of participation from Europe and North America today.  They were perhaps the most vocal, but we are also inviting participation from other geographies, particularly the Global South where we need some other research based and evidence based information going forward.  The notion of child protection in context arose during today's dialogue.

That sort of highlighted the need to discover and learn about a broader array of context in which child protection issues and child online safety issues could arise.  This would help the group recommend more strategies and practices as needed and I would echo the sentiment shared earlier about the title of best practices.

Participants were actually very reluctant to put forth any of their strategies as so‑called best practices given sort of the appropriateness for circumstances and situations, but not necessarily for all circumstances and situations.  So, again, they are very much of the moment the practices that are being shared, not necessarily best practices that will sustain us going into the future.  Thank you.

>> BILL GRAHAM:  Thank you very much, Jacqueline.  Any pressing issues?  Marilyn, please.

>> MARILYN CADE:   I was thrilled to see this topic as one of the best practice topics, but I continue to struggle, and I should probably announce that I started my career as a child abuse neglect worker in the United States and evolved into doing a lot of work in the uses of online services by youth and children.  A lot of what I hear is about the risk and dangers, and the, and yet we really need to move into an empowered, and, I don't know, environment that also recognizes.  Have you begun breaking that out as well?

>> JACQUELINE BEAUCHERE:  First to your point about risks and dangers, a lot of people like to look at the online environment first from the positive perspective.  We at Microsoft want to talk about the transformational power of technology and really highlight the benefits of the Internet and technology for youth, and indeed for all populations as a starting point.  Certainly it's not without risk, so we need to acknowledge the risk, but we also want to differentiate risk from harm,  and possibility of something bad happening versus probability. 

So we want to make sure we are focusing on actually risk as opportunity as well, not only risk as a potential danger.  So that did come up, and also in terms of positivity, it came up this afternoon someone raised it in the dialogue about creating positive content that we need more positive content out there for youth and particularly for young people not just to focus on, again, the risks and dangers and harm that could come.

>> BILL GRAHAM:  Thank you.  I see Alejandro Pisanty has a question or a comment, please.

>> ALEJANDRO PISANTY:  Alejandro Pisanty, can you hear me there?  There is two comments, one of them is that we see a lot of work as Marilyn has said, what you see publicly is always the scary part, and there is people like Barry Aftem who I would like to see invited to this work who have a balanced approach where you can push for the opportunity and prevent the actual real risks.  There are many ideological strains that come together here and we should be making them broader, inviting more of them.

The second comment which I think goes to the methods of substance of the work, I see most of the wording at least of proposals and reports based on things like education, families, and so forth that have a hidden assumption or seem to have a hidden assumption of parents being present or being part of the game.  There is a house, there is a school, and I think that the kids that are, or the young people that are much more at risk and also may become a very serious risk are either homeless or in dysfunctional conditions within families and foster homes and so forth.

I see too little of an approach to that which is, I think, even more critical.  But, of course, their parents are not there to ask for you to help them.

>> JACQUELINE BEAUCHERE:  This has come up in the dialogue and in other conversations as well.  It's very much something to consider, but for the most part we have been looking at more of the traditional family setting where there is an active parent, but we are acknowledging that there are situations where that is not the case and we are not talking about a traditional family unit always.

>> BILL GRAHAM:  Good.  Thank you.  I see we have a question from a remote participant, which we would like to take and then I would like to invite everyone in the room to address any of the topics at that point.  Thanks.

>> TOWELA JERE:  Good afternoon.  This is a comment from Carlo at the ITU.  And Carlo would like to highlight the fact that there is a problem in terms of information sharing, and the fact that there is lack of parental knowledge, and that fathers must also be included in the trainings, and that this perhaps should also be added to the report on best practice as well as risk presentation education, and then digital literacy must also include aspects of safety.

>> BILL GRAHAM:  Good.  Thank you.  I would like to open the floor for questions or comments, please, and I see one at the table, please, introduce yourself.

>> VIRAT BHATIA:  Thank you, Mr. Chair.  Virat Bhatia, AT&T.  Two comments, one on the multi‑stakeholder work that has been led by Avri, and I thank you for the excellent presentation.  I think the definition of multi‑stakeholderism as conceived in the Tunis Agenda has evolved many fold.  The manner in which it is divided, the kind of segments that were made have changed dramatically.  The work has evolved a lot.

And I think some of them were mentioned sort of in a bit of a courtesy manner and now they are mainstay.  So the terms of work what is the role for multi‑stakeholders if that can become focus discussion the next stage on multi‑stakeholderism, it states something like industries should sort of look at innovation or something.  But there is the whole investment issue.  Civil Society is even sort of weaker language, but it's now, and previously Human Rights, all of those issues.

So I think that is one part that I thought I would just mention not seeking immediate response but just for continued work.  The second part I would point out in terms of what are the things we can take forward?  I think CERT and online are two good teams only because I think the Government will look for those, will want to participate in those in some way if it becomes an organized process for discussion.

One of the biggest challenges in taking the best practice discussion forward will be rules of engagement.  Right now this was like a smaller community, but if you want national engagement you will need rules of the road, rules of engagement, sign posts, et cetera.  That's how people are used to.  Even if you are not driving towards a negotiated document, there are many stakeholders who are used to working in a certain way and process.  We don't have to adopt the UN processes, but we will have to evolve away from the current process which is one that lists the work that has happened.  We have to look at something different.

But I also want to recommend forward best practices, end‑to‑end it ticks many black boxes.  The Governments in Developing Countries are right now hungry for what should be the policy to move from people to people, Internet to people, to things and things, people, Internet.  We have talked to many Governments and they are looking for how is it done, how everybody is doing it, what have they started?  What have they reached?  That's one big area of information that exists in the Government so if you want to get governments in as the comments made in the last session, this is one area that can get them in.  It's technology, it will verbally involve the technical communities because the rules of the game are little different from SIM cards roaming with humans versus machines.  There are issues that might come up in Civil Society.

It is certainly qualified as best practice session because it can really start writing stuff that national regulators can refer to.  This is the stuff they want to go forward and this is just documents that are put out there which they can refer to because of the discussion that happened.  I will close by saying that it ticks the Developing Country box, it ticks the emergency issues box and there was one thing said yesterday about getting ICT linked industries or sectors into, I'm sorry, the sectors into IGF, so this brings in automobile, banking. 

So suddenly you have one subject that expands from teleco and software companies to now five new kinds of companies and sectors that want to join in, and ministers.  And it's also issue of global cooperation and most importantly it's positive.  It's forward looking.  It's stuff that everybody can contribute, work on.  I'm sorry, I have to leave because there is a meeting that I have to take, but I thought I would lead the thought about end‑to‑end with you as a discussion and we are happy to contribute a way to move that along.  I know that ICC‑BASIS will be willing to contribute and all of the other stakeholders.

>> BILL GRAHAM:  Thank you.  Those are excellent points.  They are future forward looking and touched on a number of the best practice Forums we have had this time so I would like to ask if any of the rapporteurs would like to say anything?  No?  Okay.  We will certainly have noted those, and I appreciate the contribution.  Any other questions or comments?  Yes, please.

>> WOUT DENATRIS:  I promised to come back with point two so I do.  One of the comments that struck me in this session yesterday was it's all about the money.  And if you look at what is mostly written in the document so far it's all about how it mitigates a part of the spam problem, but never go to the heart of where actually the money is made which is what they are in the business for.

So do we actually have the right stakeholders at the table to discuss where the money is going and how to stop the money flow.  So in other words, that could be a new way of addressing spam and also with the view of 2015 to come back on a comment that Jacqueline made in general that with us the name best practice Forum also run into some difficulties because they are good practices at best, but everybody has a good practice, but not necessarily best practice is necessary.  So that's also, I think, a piece of feedback and lessons learned from this whole discussion.

>> BILL GRAHAM:  Good.  Thank you.  Yes, having been party to discussions at the IGF since it's outset, I think we needed a best practices Forum and a new phrase to replace best practices.  Yes, please, introduce yourself?

>> KOSSI AMESSINOU:  Thank you very much, Chair.  I'm Kossi Amessinou from Brennan and a member of MAP.  I'm delighted  that we have had this panel on best practices.  This is very useful because for Developing Countries we would have liked to have seen this sharing of experience, but I think the expression best practices could perhaps be changed to sharing of experiences or sharing of specific experiences, perhaps that might help to describe what we are trying to achieve here, what's good for one person may be not so good for another, but you at least share the experience.  I would also like to highlight an important matter, the multilateral aspect of this within our national IGF

And Constance was going to give a presentation on this aspect, would it then help stakeholders to understand the issues at stake and dialogue can be established on these particular matters.  I think this would be useful because stakeholders want to see what's at stake, and they want to see that we are getting a return on our investment.  Governments often talk about regulations and so on, but there is not the same discussion, the level of Civil Society and the willingness to see change.  Each stakeholder has their own specific point of view, but in practice, how do we handle the responsibility to the public to Civil Society within a multilateral, multi‑stakeholder environment?

It's important for us to share these points of view so that the developing world can follow what's going on and share in that.  Another point I would like to make relates to the local supply chains because when we are talking about local content, this means that it takes place within a specific environment.  But if we look beyond that local environment, can we still call it local content because it means that in Brennan, for example, we may have funding, but the data may be hosting in the U.S. so does it still count as local data.  Thank you, Chair.

>> BILL GRAHAM:  Thank you for that.  I heard a comment and a question there.  Anyone want to address that?  No.  I see something from the remote participation.

>> TOWELA JERE:  Thank you, this is, I think it's a general comment.  It doesn't appear to be a question, but it's coming from KS Roger in India.  And his comment is that multi‑stakeholder considerations at grassroots level, for example, at the level of farmers are not taken into account.  And he makes a specific comment that from the last NETmundial to this meeting, there is no framework which will address all users and Civil Society.  So it's just a general comment, but it doesn't reference any specific issue within the best practices topics.

>> BILL GRAHAM:  Good.  Thank you.  A final comment, please, from Alejandro Pisanty and then we will move towards closing the session.  Thank you.

>> ALEJANDRO PISANTY:  Thank you, Bill.  Alejandro Pisanty.  I will comment on two other panels, first on the local content.  I'm very glad that IFLA has taken a role here because they know how content is generated, classified, made searchable.  This is the kind of things local content means.  But local content is local by definition.  There is very little that the global governance dimension can contribute.  One of the things that I would propose for this group if it continues working is to talk to the few things that can make local content or locally usable content flow from international dimensions and that would be talking to groups like Francophony and regional organisations in South Asia or Southeast Asia and in Latin America or Spain where you can have consortium that can produce single language content in many countries and thus scale up much faster than a local content place can do.

I think that's a proactive thing that this group can do.  I will try to join in this effort.  The results may be better that way, but still remember local is local, and also remember, I mean, I always remember that the first time we started saying access is not that important an issue anymore, content is king.

Content is king is almost 20 years old.  We must realize that a lot of people are using the Internet for transactions.  They may be managing, they may be transmitting very few bits and getting a lot of value from that.  So we will also be close to a point where we have to reassess the obsession with global conference for promoting local content number one.

Number two is concerned with a group that rest multi‑stakeholder mechanisms.  I think we have to speak about multi‑stakeholder mechanisms, decision making, et cetera, but not anymore about multi‑stakeholderism which I think is a generally accepted trend now.  This is not a religion or ideology.  It's a practical matter of how you solve things according to principle.  One thing we will have to emphasize in the following round of this work after the very good surveying that has been done is why different multi‑stakeholder organisations and mechanisms are different.

The main, the key point has to be to focus on how form follows function.  The IGF is mostly established to have an equal footing participation to discuss things.  Things like ICANN have actually to make decisions, they have to allocate resources, they have to have a review and redress mechanisms.  They have to be able to reverse decisions which may be costly for the organisation and for the participants.

So form follows function should be the next question in multi‑stakeholder, in the investigation of multi‑stakeholder governance.  And a useful reference, I think, I'm very happy about this work, is the strategy panel on ICANN's role in the Internet Governance ecosystem.  That has several parts and one of them is solid review of principles that are good guidance for these organisations, things like reciprocity, which means, for example, that the level of participation in shaping the decisions of a mechanism has to be proportional to what you are obliged if you contribute, or robustness in some senses including the fact that these mechanisms will not change very much if you make small changes in their inputs or their participants.  Thank you.

>> BILL GRAHAM:  Thank you, Alejandro Pisanty.  Susan, did you want to respond?

>> SUSAN CHALMERS:  Thanks.  I will keep my comments short in light of time which is fleeting.  I wanted to acknowledge Kossi's comment, thank you very much, I thought that was a clear and cogent examples of the discussions we had on the list and I wanted to recognize something what you said that it's to a certain extent the term best practices could be interpreted to imply one best practice, but we understand that there are different shades of best practices.  And I think that the value of what this entire exercise has shown is that this is a shared, a network of shared experiences, and on the ground stories and local insights that really, really do well to advance the discussion and to help people learn from each other.

So I just wanted to acknowledge and thank you for your intervention.

>> BILL GRAHAM:  Thank you, Susan.  I would like to turn now to Subi to make some brief comments about future themes for IGF best practices Forum and how the Forums fit into the IGF.

>> SUBI CHATURVEDI:  The best practice Forums came out of a call that we had and open consultation with the MAG and the community.  The IGF is a baby, which is now nine years old.  We are getting into the tenth edition next year.  It was important to speak to this very important question of what is it that we can take away from here as steps that we can execute in our local settings.  So in addition when we shared these five themes, we heard from the audience, the participants and experts in different domains that they also like to see one key Forum emerge as to how we look at building digital trust for trade, ICTs and this was important because it was looking at cross‑border flows of information, data, and also getting more people online and enabling small and medium scale businesses.

So we did look at it with the spam perspective, but there were many other enablers that we can look at in different geographical settings.  The second important question related also to dehyphenating child and youth, and the perspective of looking at getting more young people online.  How is it that we can remove barriers towards their participation in active policy making and also end user experiences, not just in terms of dangers or threats but how is it that they are creating more value?

Young people are developing applications across the world and now they have fantastic valuation.  So this is another aspect that one wanted to look and this is coming from the floor and the engagement of the community.  And just to quickly wrap up, Constance Bommelaer on my left and members from the MAG and ISOC community initiated this process which has been truly bottom up, multi‑stakeholder and inclusive.  The draft agenda is still online.  It's open for comments.  The deadline has been extended to the 15th of September, so we request all of you to engage with the document, and also come up to us with suggestions.  In response to this call we hope that national and regional initiatives can take some of these ideas and look at them in their local context.  Thank you, Chair, for your time.

>> BILL GRAHAM:  Thank you, Subi.  I would like to ask Nii Quaynor to give us closing remarks.  He is the Chairman of the board of Directors of the NITA.

>> NII QUAYNOR:  Thanks for giving me the opportunity to speak on IGF evolution, and more concrete policy outcomes at this best practices workshop even though you are redefining what the focus is.  I have been honored to have attended the first IGF in Athens as a member of MAG, and now participate as an individual.  And from that perspective, I share these thoughts.  I'm going to remain very high level, but I will leave one or two knots in there so that we can think through it.

IGF has been an open, neutral and inclusive multi‑stakeholder platform for policy issues largely beyond the network infrastructure itself.  Stakeholders attend IGF from broad professional disciplines.  This has exposed the likes of me to the numerous other issues emerging from the global adoption of the Internet, from law to technology.

The IGF as a Forum has been welcoming, and has engaged new entrance over the years as evidenced by fiscal attendance, not to mention the online engagement.  It has become a place to get together and share experiences and extend information among people of varied interest.  And I do recall very early admission by the MAG that the process has a significant value by itself.  And it's an output result, outcome for many participants going through the experience of participating in IGF.

I think this remains true today.  In discussions on policy issues it's important people know who they are speaking to, and the IGF as a neighbor getting to know each other other than persons with disciplines and practices who are working together, not merely email identities.  IGF has been a great place for me to exchange on broad Internet Governance policy issues beyond what I was familiar with in the technical administration, coordination and processes for infrastructure as a professional.

And understandably the IGF mandate is to first start dialogue without binding decisions and has engendered a desirable, unencumbered and frank change among stakeholders.  Would that count as concrete output?  I would favor yes as it has entailed different points of view to influence each other.  This has spread convergence of understandings among varied disciplines.  It has furthermore disclosed complexity of issues around the Internet and impact on society and development.

For those who quest for more and more concrete outcomes, I advise, first, as there is half of the world yet to use the Internet, and some decisions can have long‑range impact and it's worthy to take time to build a shared understanding.  For those who reminder as IGF non‑binding Forum, character or lack of decision power of signature we are producing outcomes at IGF nonetheless which gets more concrete year by year.  It is, therefore, gratifying to see the workshop addressing the subject of outcomes and best practices.  This will be continuous process to discuss and improve incrementally on what people accept as concrete outcomes in different areas in a piecemeal fashion  that we be a natural part of the evolution of IGF.

It is not perfect, but it's a very good start, and I hope we continue with issue‑based policy development to bring focus into the debate.  I am pleased additionally as one of the founders of Africa CERT that the session included best practices on CCERTs, CERTs and have first participating.  This effort in my opinion presents a very good opportunity for best practices development, and in addition to other technical efforts, I reckon that several of proposed enhancements the notion of documented and valid output of IGF in discussion today may have been in discussion at MAG or at workshops or participating organisations in events co‑located at IGF.

Dynamic Coalitions, best practices guidelines, buffs, client house, watchdog, IG open data source all up for grabs, but people must evolve with strong community participation well beyond engagement at an IGF session today to succeed.  This may require intercessional activities and deliberate outreach as billions are yet to join the Internet.  However, the value of an output is best determined by voluntary adoption and broad participation in production of the output.

The IGF is uniquely positioned to accomplish this given its multi‑stakeholder approach and interest in policy options.  As I contemplated on IGF, I noted the wealth of information on the public website, and it's immense educational value especially to the developing world.  It has its own challenges, but extremely valuable.  I also observed that each event maintained a reporting back, a taking stock, a way forward, next step session which were all attempts to capture some concrete understandings among participants. 

As the quality of dialogue improves, the outcomes become more concrete, incrementally, in an organic way.  I also learned that the themes of the past eight IGFs have varied in revealing to me.  Though this is a small sample, it is interesting to know that the most used works in order were Internet, six, development, five, governors, four, all, two, sustainable, two, and others were single occurrences.  Is the IGF silently saying that Internet development governance by all sustainably?

With several billions not yet on the Internet, it would be advantageous to have new uses become a way of Internet Governance issues promptly.  That is the role of regional, and regional IGF organisations may evolve to a first point of policy on Internet Governance policy issues for a long time to come in countries.  In that vein, the development and capacity to achieve this is needed in the evolution of IGF, spread IGFs' coverage across the world and especially where most new entrants will join the Internet Forum.  That is the developing world.

One wishes the IGF support association initiative would succeed in bringing more resources and organizational capacity to IGF to fulfill these expectations while increasing the community ownership of the Forum.  We have come here on the legitimacy of the Secretary General of the UN asking of IGF which has enabled organisations, Governments and several other stakeholders to benefit from the multi‑stakeholder approach to policy development as practiced at IGF.  It has been good, and I urge the UN to extend the mandate of IGF as a concrete outcome.

The IGF of past eight years said that Internet development governance by all sustainably.  Assuming that all in their statements refer to the global Internet community, one may ask that we openly start discussions at next IGF on other organizational options to ensure that as long as the community wishes to continue with the process, we do continue.  In fact, as we work towards more concrete outcomes, there is a need for permanence of IGF and the responding increase in community ownership of the Forum.

And at this point I would like to be very pragmatic.  We would like to continue with IGF.  So what happens if it's not extended?  I think we should be discussing it.  We are all optimistic, we are working towards it, but in the event that that is not what the case is, I think we should be discussing how the Forum becomes a committee ownership Forum.  This has been an excellent place to share, learn, experience for new entrants which has been great for me coming from the developing world.

My take away from my participation is best practices I adopt in my work will be concrete output for me and I wish yours just as well.  Thank you.

(Applause).

>> BILL GRAHAM:  Thank you, Nii, for those wise and inspiring words, very much appreciated.  That brings today's session to a close.  I would like to just very quickly thank all of the lead experts for all of these best practices Forum that have been working and many of which will continue to work.  I would like to thank all of the participants who helped to develop the documents, and everyone here today.  I would like to thank our consultants, Wout DeNatris and John Laprise for their work so far and ongoing work. 

I would like to thank Constance Bommelaer very much for really driving us to make this happen.  It's not been an easy task and she has been a slave driver.  And, again, thanks to everyone here.

(Applause).

(Concluded at 16:11). 



***

The preceding is the output of the real‑time captioning taken during the IGF 2014 Istanbul, Turkey, meetings.  Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors.  It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

***