IGF 2020 - Day 7 - Main Session: Trust

The following are the outputs of the real-time captioning taken during the virtual Fifteenth Annual Meeting of the Internet Governance Forum (IGF), from 2 to 17 November 2020. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 



>> JENNIFER CHUNG: Good morning, good day.  I'm with my other co‑facilitators of this Main Session.  Welcome to the Trust Main Session, Internet Fragmentation: Is Digital Sovereignty the Problem or the Solution?  We have an extremely enriching conversation and wonderful set of Speakers and Panelists for you.  Of course we do also have our great Moderator from the Internet and Jurisdiction Policy Network, Director of this network, Mr. Bertrand de la Chappelle.

 A little bit of housekeeping before, all attendees are encouraged to use the chat for comments and also please, if you have any questions for the Panelists, please do use the question and answer part.  We do have this session split into three segments for you.  The first one will be on the Data Sovereignty, and the second will be on the Disinformation and Fragmentation, and the third will be on Internet Fragmentation about the infrastructure.

I would like to pass the mic on now to our esteemed Moderator, Bertrand de la Chappelle.

>> BERTRAND DE LA CHAPPELLE: Thank you.  I'm excited to moderate.  I'm excited also to see the list of attendees.  We are at 1:24 and looking at the list, I see a lot of familiar faces there, and I'm extremely happy to welcome everyone.

A few words of introduction.  Words do matter.  And there are some words that are actually carry a strong emotional connection to specific communities or to high‑level principles.  This is the case of the term, sovereignty.  It not only connects with the pride of nations and citizens of nations to belong to an entity that is exercising its self determination, but it is also the foundation of the International system, our current International system, through the concept of sovereignty equality of states.

Unfortunately, we also know that the term, sovereignty, can trigger other emotions, conflicts, and sometimes devastating wars.  So this is a word that has an enormous weight.  We are in a situation where the global cross‑border nature of the Internet is actually challenging the notion of an architecture that is based on the separation of sovereignties.  We now have to collaborate across borders because transnational is the new normal.  And this collaboration needs to be along not only states, but other actors; private entities, civil‑society actors, technical operators, Academia, International organizations.

In a poll we were conducting in the complex of the global status report that the Internet and Jurisdiction Policy Network published last year, 95% of the people who were polled said that they expect cross‑border legal attentions to increase in the coming years.  And more importantly, more than 80% of them considered that there is not enough cooperation Internationally to address those issues.

In this context, the expression, Digital Sovereignty is big and trendy recently.  I will not make the list of the act oars using this expression, but it is in a certain way very controversial and it's controversial, I believe, because we do not have a shared understanding of what is actually meant by that.  As I said in the beginning, it is a word that has an enormous weight, an enormous power.  And when we are using this expression, we need to be careful and understand exactly what each actor means.

And this is the reason why this Panel is actually starting with a question, or under the question, is the Digital Sovereignty the solution or the problem?  Of course you can imagine that this session of 90 minutes is not to solve the problem in 90 minutes; but the goal, I think, is more to help everyone understand better the complexity of the issue, the different dimensions of the issue, and more importantly, the positions of the different actors and the consequences of those certain number of choices, because we have a problem in common, which is very simple, how are the rules set, implemented and enforced on the Internet?  And also what are the respective roles of the different actors?  What is the role of states?  What is the role of companies?  What is the role of Civil Society?

As Jennifer mentioned, we will structure this in 3 buckets.  One related to that sovereignty, the other one more of a content moderation and fragmentation, and the third one on the interfacing between the policy and the technical layers regarding the Internet.

So, we have 90 minutes to cover.  We have a very nice group of Panelists.  And when I look at the list of participants and attendees, I know that is there an enormous wealth of knowledge in help community.  So instead of ‑‑ in this community ‑‑ instead of picking one or two questions that the time allows at the end of a long session, I strongly encourage you to use the chat and to post comments or pick up things that have been said by a particular Panelist that attracted your attention that you think is important.  Please do it in the concept of mutual respect because the goal is not to fight a battle here, but more to understand the perspective of others.

I will do my best when we do the reporting on this session, to incorporate the comments from the chat in the report.  And if you have a very specific question, please use, as Jennifer said, the Q&A button.  I will do my best to monitor this particular feed and insert the questions as the need arises in the session.  So with that, we move to the actual substantive part.  I would like to kick this with two questions in the poll that I will ask the technical support to launch.

One is very simple, it relates to the title of the session.  Is it part of the problem or the solution?  So please tick the boxes if you think it is part of the problem, part of the problem and the solution, part of the solution, or neither the problem nor the solution.

And the second question is an introduction to the first segment.  The meaning of Data Sovereignty is clear for all actors.  Do you strongly disagree, disagree, neither agree or disagree, agree or strongly agree?  This is a way to ‑‑ you have one or two minutes to fill this poll.

This is a way to take the temperature of the room and to understand where people stand on those issues and the degree of understanding that they have of the parts of the debate.  So you have a couple of minutes more.  I will leave it for maybe another minute.  I think it will be very interesting to see the results of this initial question because this is a complex issue and I'd like to understand the starting point.  Does the technical ‑‑ the people from the technical staff, can they tell me if we have a significant number of responses yet and when we can maybe close the poll, not to take too much time?

>> TECHNICAL TEAM: We are about 70%.  One more moment and I will finish the poll.

>> BERTRAND DE LA CHAPPELLE: So this is great.  Do not hesitate to take the opportunity to peak at the list of attendees, people you haven't seen in a while that you would have met in Poland if we had all been together, and send a private message, because keeping the personal connections in those times of separation is particularly important.

>> TECHNICAL TEAM: I have just finished.  Should I show the results?

>> BERTRAND DE LA CHAPPELLE: Please show the results.

>> TECHNICAL TEAM: Yes, sir, here you are.

>> BERTRAND DE LA CHAPPELLE: I think we have a pretty strong message, which is sort of what I anticipated where the majority of people consider that it's precisely part of the problem and part of the solution, and a distribution on both sides, which I think is a good basis for having the nuanced approach to this question.  And the second poll if you can show the page for one second, is that the feeling that the meaning is clear for all actors is an overwhelming sense that it is not clear for all actors.  So it is an encouragement to try to clear up this.  With that, thank you very much for presenting the results.

I will move to the first pot, which is basically a nice natural segue from the question about the clarity of the concept.  So in the first segment regarding Data Sovereignty, there is clearly a tension between Data Sovereignty and free‑flow of data.  And I will start with Rudolph, from the Minister of Economy and Energy in Germany with a question which is, I understand that Germany is pushing both the notion of data and the notion of Data Sovereignty.  In addition you're in presidency and Germany is in presidency of the European Union and your permission pushes the Data Sovereignty.

I understand that Germany doesn't see Data Sovereignty as an extreme concept.  How do you see the way to reconcile those two objectives and navigating in a certain way, this narrow corridor between the two objectives?

>> RUDOLPH GRIDL: Thank you very much Bertrand.  And good morning and good evening to everybody.  First of all I want to congratulate you Bertrand and my dear colleague and friend, Jennifer, organizer of this session, for the high attendance it's around 200.  It's not as much but nearly as much as yesterday at the Opening Session.  I think that shows us already how important this issue is.

When we did the poll and when we were thinking about the concept, I was remembering when I was very young the world was clearly divided into two blocks and you had freedom fighters on both sides, fighting for either the east or the west in another country and these freedom fighters were always terrorists for the other side.  So it is perhaps with the Data Sovereignty a little bit similar because it really depends on your point of view and how you define it if it is something worth defending or if it is something that might even destroy the order of the Internet.  And that is the corridor in Germany and everybody until Europe and beyond s now navigating.

We do definitely want to have in Europe and Germany the ability to be a self‑determined digital economic space or nation.  So, we want to not only as a state, but businesses, SMEs, research institutions, the Civil Society, we all want to have the possibility to be our own masters when it comes our data, when it comes to technology development, when it comes to new business models.  And that is quite natural for everybody.  We are in Germany and Europe in general, free‑trading and free‑flow of data promoting area.

When we talk about serenity, we definitely do not want to talk about perfectionism, do not want to talk about it or even self-sufficiency.  We want to avoid the creation of islands and silos between the great regions.  And how do we want to achieve this?

In our view, it is important if you have this aim that I just described.  It is important to look in the mirror and say, okay, do you want to have the capability, we want to be at the haste of the discussion and the research.  So it's not be putting up borders, it's not by making the others poorer, it's not by destroying the network that exists.  It's by getting better.  So that's our aim in Europe.  We want to get better than we already are.

When we look at our data strategy, for instance, we have Human Resources, capacity‑building within the European constituencies.  We have all the aspects of research.  We have the project where we want to connect existing structures and build out of them a European Cloud and especially a data area where we want to reach through cooperation, through working together.

>> BERTRAND DE LA CHAPPELLE: If I can cut in.  You mentioned ‑‑ can you explain how it connects with the notion of the organization?  Is it a commercial offering?  A mental framework?  Is it a space for corporation?  I understand there will be a major event soon on Gaia 8.  Can you tell us what the concept is?

>> RUDOLPH GRIDL: It's not date implication.  It implicates companies all over the world, not only from Europe.  It is about leveraging the treasures, the data treasures that are available in Europe but that are hidden treasures in research institutions and states and organizations and SMEs and larger companies.  So the idea is to pool this data so everybody gives something into this pool and has the possibility to draw from this pool all the other data that also in this pool.

So if you want to, there is one aspect ‑‑ I wouldn't call it localization but an aspect of regulatory aspect because the ecosystem should be ‑‑ should be according to the rules of the data protection laws, the European laws in general, the antitrust laws and so forth.  So there is an aspect of how you say ‑‑ European regulatory ownership.  But it's not meant to be exclusive.  And what we want to launch now is a vehicle, this kind of sent recall entity that allows us ‑‑ central entity that allows us to start with this pooling exercise.

>> BERTRAND DE LA CHAPPELLE: So if I understand it right, there is a dimension of sharing, a dimension and commons and the majority dimension, a certain number of regimes that apply to the data that would be stored cross borders.


>> BERTRAND DE LA CHAPPELLE: Thank you very much.

The next person I want to talk to is Paul Mitchell from Microsoft.  As many of you know, Microsoft was part of a major case regarding the location of data that was, at the time, stored in Ireland.  And I want to ask you Paul, the fundamental question, does the location, the physical location of data really matter?  Should it really matter?  And can it even be determined all the time?

>> PAUL MITCHELL: So the answer to the questions are maybe, possibly and sometimes ‑‑ I think.  I think the reality around sovereignty and data, and if we think about the warrant case, which you're referring to, the reality is that in the digital universe we have situations where the most important asset can be shared just as easily as it can be not shared.  It's not scarce in the economic terms.  If I have a piece of data and you have the same piece of data, we can both use it at the same time; whereas if I have a physical object or physical good like lumber, for example, I can have it but you can't have it at the same time.

I think that fundamentally changes the way that countries and actors like Microsoft, need to think about what is actually happening in the economy being driven by data.  When we think about sovereignty, perfecting the idea that something is subject to specific laws and regulations of a specific jurisdiction, that was essentially the issue in our warrant case where we were asked to disclose data that we had in a data centre outside of the United States.  Ultimately, that case was resolved and it led to the creation of the Cloud act of the United States, which defines the opportunities and limits to the responsibilities of U.S. data holders relative to disclosure of data that may be requested by law enforcement or for other reasons.

I think nevertheless, the whole point of this is that we have a new situation where the old rules of scarcity and control don't make sense anymore and this has led to discussions and legal cases, et cetera.  I think a big challenge for this universe is how we rationalize differing approaches.  So we talked about the idea of sovereignty on the one hand and the poll was interesting in terms of basically saying, it's part of the problem and part of the solution, because we have different interpretations of what sovereignty actually means in this context.

I think it's probably a mistake to focus on the idea of sovereignty itself.  I'd rather see us move the discussion to enabling social development and enabling economic development because data can be a shared resource in a way that physical assets cannot be.

>> BERTRAND DE LA CHAPPELLE: Just one question I want to advance on.  One is scarcity.  I think this is a development that is not necessarily taking into account in the approach to the Digital Economy where the sharing of data is a fundamental element and the restrictions to the sharing of data are actually limited to create value.

But there is a second dimension embedded in the case that you were mentioning, which is the territory of sovereignty.  And this is why I was asking whether the location of data should matter or whether it is more a matter of who controls it, who creates value, et cetera.

>> PAUL MITCHELL: The practical reality for data is, it doesn't matter where it actually is as long as there is a connection to it.  Right?  Microsoft has data centers all around the world.  Google has data centers, Facebook, Amazon, all the big Cloud providers have data centers everywhere, it seems like, and it doesn't really matter where the data is, as long as it can be accessed.  And so that does get into really complicated questions about how you manage the networks and who owns or operates or what are the rules for operation of various segments of the networks that are all interconnected with each other that then enable this sort of global sharing of data.  But I think these are the things that really are substantially, creates substantial differences in the way you manage the resource.

You think of data as a resource.  You can expect value out‑of‑data and the value of data gets more valuable when there is more of it, when you can actually do more correlations.  If you think about what you can do with artificial intelligence and using AI framing systems, the more date that you have, the better your end results can be over time.  And this is fundamentally a different way of thinking than the old commodities‑based thought.  Now, in the early days before we had Cloud services and before we were really thinking as expansively as the industry is now, we sort of moods over the concept of free trade zones for data.  So the closest analogy we had was, well, we have got free trade zones in certain ports where ships can unload containers and they can be shifted around and they are in a protected zone.  We wondered at various times what is the data equivalent of that?  We don't really have an equivalence because that whole model still was based on the idea that things were scarce.  And the only reason the data is scarce is if we make it artificially scarce.

>> BERTRAND DE LA CHAPPELLE: I think it's a very important element.  I think what you're highlighting is the difficulty of applying the existing mental frameworks we have for goods to something that is structurally behaving differently.  That is different.

Just a final quick question so we can move on with the discussion, when we were doing the preparatory call, you mentioned something that I think is important for the people in the audience to know because it is sort of counter fragmentation, the fact that Microsoft historically does apply a level of privacy protection that is compatible or equivalent to all around the world.  Is that the case?

>> PAUL MITCHELL: Yes, and that is actually very important.  So moving the conversation from data as an asset, for the economy, to data as an extension of your person, the GDPR at this point, the world's most advanced privacy framework for citizens.  And when that came into effect Microsoft made the decision to apply the GDP.

‑‑ our implementation of GDPR protections to everybody, everybody that is a Microsoft customer.   It just makes sense.  At the same time, Microsoft is the also actively in the United States.  We are pressing for federal legislation on privacy.  We think it is a whole lot better to have a common privacy framework than to have 50 different ones from 50 different states, which is simply the direction we otherwise would be going in the United States.

But, yes.  Our view is protecting privacy, data privacy for individuals, supremely important worldwide.

>> BERTRAND DE LA CHAPPELLE:  I wanted to highlight this because when we are talking about.  There are also trends going in the other variation and harmonizing and in this case, through a higher level of protection.  Just as I mentioned in the Q&A, there is a comment by Michael Nixon in particular, saying that sovereignty is not the only topic of ‑‑ or Digital Sovereignty is not the only topic is fuzzy and a lot of those discussions are built on expressions we don't really know the meaning of.

There was a comment also on, how do we unify our understanding of dinge tall sovereignty and develop universal rules of the game for the Internet Governance and digital corporation?  I think what you were mentioning, Paul, is going in that direction, sort of what are the rules for the Cloud services that are available?

I want to be very conscious of the time and move now to Atsuko Okuda from the International Telecommunications Union.  You're based in Asia and I continue is sometimes difficult for International organizations to navigate the different perspectives of its own Member States.  And you can not take sides.  But I wanted to ask you, do you think that there is enough awareness in different regions, and particularly in Asia, on the different elements of digital date?  And also do we take enough into account the perspective of smaller or less‑developed states?

>> ATSUKO OKUDA: Thank you for this excellent question.  I believe this people‑centred approach ‑‑ perhaps I can also add trust elements ‑‑ important ingredient for the discussion.  And I also want to build on what Paul was saying regarding the importance of data sharing and the opportunities and empowerment that creates by doing so.

In Asia‑Pacific, ITU covers 38 countries, that is 60% of the world's population.  One of the key mandates that ITU has is to connect the rest of the ‑‑ half of the population.  A huge number of people in Asia‑Pacific and to address the digital divide is a mandate through digital connect activity and capacity development.  We are making progress.

Now when people get connected to the Internet, what do they do?  So a lot of people start using the social media, different platforms which are available, and at the same time that opens up a lot of opportunities for e‑Commerce.  So an increasing number of companies are getting involved and integrated into the global value chain.  By getting connected, that created an opportunity for education and health and employment, for example.

So the Internet and the access and the data which are being shared have been transforming the lives, social, economic realities in many of the countries in area and the Pacific ‑‑ Asia and the Pacific, including LDCs and states which are least‑Developed Countries, land‑locked Developing Countries and small islands, and Developing States.  However, I agree that this Data Sovereignty is an important issue and establishing group norms and principles would be important so these people who are coming to be connected for the first time in their lives know that their data are treated in the way that is transparent and they know what happens to the data that they produce themselves.

To come back to your question, because of that dynamics, which is happening in Asia and the Pacific, people are starting to realize the importance of the data that they generate or they share.  So within the country, there is an increasing awareness but perhaps there is no broad‑based discussion, per se, but we are getting there.  But that is also creating another complexity, because in Asia‑Pacific, not all countries, because of those are not fully equipped to engaged in the International discussion.

>> BERTRAND DE LA CHAPPELLE: When you say equipped, you mean equipped in the terms of the political understanding and participation?  Or ‑‑

>> ATSUKO OKUDA: Yes.  And perhaps the understanding of the data protection policies, privacy policies, which they may or may not have in place.  So with that, it is going to be a challenge to be fully engaging as of now, but we are assisting member countries to raise awareness on many of these points without compromising, perhaps, the economic and social opportunities that is getting connected is creating.

I just also want to add one more aspect of our work.  I believe that fundamentally important in all of this discussion is a trust.  And in order to create the trust and address the privacy cybersecurity issues, we are also assisting member countries with child on line protection and service to community, so that there will be capacity and policy and expertise in our member countries to address the challenges that we are all facing in the data sphere.

So I hope that is ‑‑

>> BERTRAND DE LA CHAPPELLE: It is important and one of the things that also is in the background is whether the notion of that elevation is actually a necessity for development or on the contrary something that can only be achieved by very large countries that have the infrastructure and have a number of already existing powerful positions and whether in terms of development, data localization is that something that helps small countries or small companies or actually reinforces the position of the higher powers?  I just wanted to mention that in this context.  Thank you.  I will now shift to another continent which is Africa with Alison Gillwald.

This is a question that is related to also the diversity of situations in Africa and the very diverse stages of development, both in infrastructure and policy capacity among the countries that exist in Africa.

I was wondering, as you mentioned, it seems that date sovereignty is more a matter of control and ensuring the right protections and develop the value of the data rather than the key question of the location, right?

>> ALISON GILLWALD: Thank you.  Sorry about that.  I just wanted to say, absolutely.  I think some of the data localization points that have been pointed around African governments wanting to ensure the data is localized has been a little bit of a red herry, especially when the argument is made that African countries, nations, don't have the infrastructure and capacity to actually run Big Data warehouses, and particularly even beneficiates that data.  But I don't think that is actually the point.  I think there are two aspects to this.

One is that data localization is actually being used by governments that are concerned about controlling data, very often for political ends, Listserv for economic ends, although I'll come to economic ends because I think there is a legitimate rational for data localization or at least data control in order for industrial policy, in order to develop economies and develop.

What we see is a conflation of issues around sovereignty and indeed legitimacy on which the normative national sovereign states and Digital Sovereignty are based on this assumptions of legitimate sovereign states, exercising the legitimacy and defending citizens rights, and really states whose legitimacy challenged internally trying to control data flows both in and out of the country in order to control the citizens and potentially reach their rights, et cetera.  One needs to look at those and often they are conflated and often all Developing Countries are put into the same box and obviously there is enormous variations there.  So I think putting that political aside and looking at the issues around legitimacy and concerns about data, which is now become a very valuable asset.  Governments have a strategic obligation to been how this can be applied and maximized for their own development.

And that is request I think it's problematic that we ‑‑ that is why I think ‑‑ we think about these ecosystem issues in these kind of silos, trade or development or political power and those kinds of issues, data protection and rights et cetera.  Because they are very interrelated and it goes to the point that Paul was making around data and now very valuable non‑rifle is good.  But I should point out to not make artificially scarce by governments only, which is the implication, countries make it artificially scarce by wanting to localize.  It's been made most artificially scarce by big monopoly platforms that is controlling that data and so these should be global public goods date, Internet, cybersecurity, these all have the potential to be global public burdens and now delivered by private entities who control those assets.  In the delivery of those enormously successful, but it doesn't mean governments abrogate their obligations to their citizens to ensure their citizens data is protected, that that data can be optimized locally and the kinds of concentrations of data that Paul referred to allow companies like enormous first mover advantages, closing off data to competitors and those kinds of things, shouldn't be dealt with at the national regional level.

And this goes to the incredible need for countries to be able to cooperate globally.  These are issues you can no longer address at the nation state.  You can't close down your borders and help to develop digital opportunities in your country.  So it really goes to the need to find some supra national system that can allow for these data flows to move across borders in a way that are protected and safeguard citizens, et cetera.

>> BERTRAND DE LA CHAPPELLE: The moment you mentioned the word, supra nationality, will trigger alarms among people.  I think if we said transnational it will be more ‑‑

>> ALISON GILLWALD: It's bigger than the nation state.  The Sovereign Nation state cannot deal with this on their own.

[ Multiple Speakers ]

>> BERTRAND DE LA CHAPPELLE:  I know the sensitivity about the term supra national.  Each of those remarks deserve a whole confirmation.  I think it's important to mention the notion of the creation of value and the creation of social and economic value because there is an opportunity with the sharing that also creates social value outside of the pure economic evaluation and the more barriers there are, the less for value creation.

I and will ask you to be very concise so we will come back to you a little bit later.  You are the Chair of the Internet Engineering Task Force and I thought it was interesting to have your comments because the fundamental idea to the technical protocols is they are oblivious to your versions and the standard setting bodies is something you describe as things that are as general as possible to allow devices to connect in this way.

How much of a burden is it for the technical layer to reintroduce some elements, mainly geography, and also what is the connection with the notion of resilience?  Does that increase resilience, breaking resilience?  How is this seen from the technical layer?

>> ALISSA COOPER: It's a great question and I think you hit to the right on the mark, that the way that the Internet was designed was explicitly to encourage global interconnectivity and to be oblivious to International borders.  That was one the core goals, to get as many people, devices and networks as possible on a global scale.  And that continues to be the objective when we are designing and evolving the technologies at the core of the Internet.  So we continue to want to ensure that we can get as many new kinds of devices and kinds of networks connected and that we don't tailor the way we are designing these things to the requirements of any particular jurisdiction or the way that networks are administered in a particular country.  It's very important to hold the fabric of the Internet together.  At the same time, the other goals we are pursuing, when we look at what happens with Data Sovereignty outside of the bounds of the design of the technology, what Data Sovereignty does is introduce constraints.  So these goals that we are pursuing are improving the performance of the network, making everybody's user experience better, faster, more seamless, improving security of the network increasing the extent to which we have confidentiality and integrity of the data we share, making the networks easier to configure and manage; so introducing simplicity and automation into the way we manage networks, these are the kinds of things that we in the networking industry are pushing forward on hard every single day.

When we then look at Data Sovereignty, it creates constraints around all of these things.  So if you can only have end points a certain location and you're trying to reduce your latency, now you have to factor in the fact that your just going to have to detect a far away endpoint in order to have the data reside at the same place.  Same thing with security.  You're looking at how to manage my encryption key infrastructure.  If lots of new constraints are introduced around where we can hold the keys, or if they have to be split or sharded keys, this is more complexity in which we are trying to simplify.

It's not to say that we change the way we design the network in order to accommodate new Data Sovereignty requirements, but these are things than having in the world we can't ignore and therefore it adds another layer of complexity we have to acknowledge and think about as networks get built and deployed in the real world.

>> BERTRAND DE LA CHAPPELLE: Thank you very much, Alissa.  I think there is an element that you mentioned that is worth inserting here without belaboring on it, is the distinction between the capacity for different actors replicate their data for their own optimization versus the obligation to replicate in certain places.  And I think it's a mental distinction that we need to have in mind.

And once again, as Alissa was mentioning, the goal of this is not to have a one‑sided version.  There are, or as Rudolph was mentioning before, the concerns about protection, particularly person data, about the control, the capacity to extract value, to improve the accessibility for certain information is a very valid concept that are somehow embedded in the notion of Digital Sovereignty.

What Alissa is telling us is the way we handle this is potentially posing certain constraints, as she said, and we will come back to that on the last part regarding technicals.

I want to finish this round, which was setting the scene in general, with Jun Murai, an Internet pioneer and one of the initial people who set up the Internet in Japan and one of the first Board Members of Vicam (sp).  You see the current debates and as we were saying, it departs a little bit from the original vision of the global infrastructure.

During another session of the IGF, I understand you emphasized something that is important, which is one of the priorities for governments should be to have their own frameworks in order at the national level in order to be able to interconnect with other frameworks Internationally before trying to solve the problems on a technical basis.  Did I understand correctly what you are mentioning?

>> JUN MURAI: Yes.  As we all know that when we are developing the Internet, we kind of intentionally and not intentionally, developing the Internet without the concept of the border, especially around the border of nation state; therefore we have established the ‑‑ probably the first of the human being in the history, truly global space.  That was the Internet, which is a very important thing.

And then also the digital data, digital information is applicable, therefore if you lose the data then you can still generating the exactly the same data again, which is located anywhere and also another aspect is encryption technology, which is basically the protecting the data, therefore the data location, isn't really the problem ‑‑ without the border and the nation state and the nature of a digital information, that was a creating the brand new space on cyberspace.  And so when the different aspects of the nation states, government‑based deployment of the global communication also existed, so the question was what is the difference between the nation International space versus a global space, which was suddenly created by the Internet.

So then therefore the history, we have been thinking about the government put the government as one of the stakeholder, which is basically a design of the ‑‑ and so of course certainly one of the stakeholder but then the government and then the industry and especially the operators and how the Internet is being operated and the provide global space have been considered very important.  And because of the big change that everybody ‑‑ society is saying it is for everyone.  And after the 30 years of the process and then it's been kind of ‑‑ and after that, then it's a matter of and citizen and therefore the citizen and people has to be protected by the government.  And now government concerns about the Internet space and maybe it happened after the 2000 one, especially when it happened in United States and then so the government now started to say two ways.  The security issues and also the economic issues, and government both those are the two subject, national security and then the economy.  That is government concerns so therefore they started to care.

So the question has been how we can kind of co‑work together this is different from the original position of the government and the Internet.  That's what I was talking about.  So very simple statement about this relationship is that each of the nation states should be kind of responsible on a kind of safe and trusted and their Internet space, cyberspace, including the data architecture, transparency and that is the government's responsibility.

And also the International relationship among the government should be kind of explicitly discussing about that, exchanging wisdom and I think that has been happening in many places.  So, that is what I was talking about.  So the change of the role of the government is ‑‑ so it should be the Gold Standard and it should be working individually with the government and also the relationship and among the government as well.

>> BERTRAND DE LA CHAPPELLE: Thank you very much, Jun.  I'm sure that everybody in the audience feels the frustration to be obliged to cut the segments in order to keep all the discussions in the timeframe.  Thank you very much for your comments.

This will basically close the segment on data.  We will launch the poll question for the next segment on content and while you are feeding this poll question ‑‑ if you could launch the poll question, I will be making one comment regarding the discussion in the chat.  That was the first poll.  We'd like the next one which asks, there is International cooperation between the different stakeholders to address the abuses on line.

Same as before, strongly disagree, disagree, neither agree nor disagree, agree or strongly agree.  I will take the two minutes while you fill the poll to make a remark that come from the chat.

One, there was a very interesting comment, I think it was regarding the notion that the data protection of individual personal data protection is actually an element of individual self determination and I know there was a very interesting Panel organized by the Swiss authorities a few days ago on this topic.  There was another comment I don't remember who that was who made the highlighted the importance of the distinction between different types of data.

When we talked about data and Data Sovereignty, we tend to think about mostly about personal data and the protections attached to it.  But there are many other elements that are related to other types of data, industrial data, in particular.  And a final comment they wanted to take from the chat was from who didn't formulate exactly this way, but basically indicates there is restrictions or there are restrictions by government but there are also elements of control by a certain number of companies regarding the data that they are storing and the public benefit as well.  I think it's something that Alissa was alluding to as well.  So if we could see the results.

Here again,s we have basically 70 plus percent of people who feel that there is not enough International cooperation between the different stakeholders.  A little bit less than the strong messages we had in the previous one.  But I think it is a message that resonates what was credited at the beginning, the lack of sufficient corporation and coordination among all the stakeholders on the cross‑border legal issues.  So I want to go to the section two and say that, yes, there is a lot of discussion about this information and interference, but there are many other forms of on line views and it's a common challenge for all the different actors who address those.

I wanted to highlight the paradox, though, which is that the actual amount, the proportion of the content from the major platforms is in relative terms very small.  It's less than 0.1% of the enormous amounts of what is being posted.

At the same time because of this enormous volume, the numbers are staggering nonetheless, hundreds of millions that have to be taken down by single plat norms.  So there is a paradox between the high visibility, the local proportion, and at the same time, the huge amount.  And as I said before, the challenge is who sets the rules and who enforces them?

There are many trends and I would like to go to Allison on the fundamental question, which is how to enable the coexistence in chat on line spaces of billions of people who have very different perspectives, values, legal system they belong to.  And Africa is a region that has also a lot of ethnic differences, religious, political potential tensions.

How do you see the debate going in Africa on those issues?  Is there a discussion on expression and addressing the views?  And what role do the major platforms play for a certain way harmonizing?  The rules that apply around the world.

>> ALISON GILLWALD: Thank you.  I think this goes to the fundamental change that is we see in communication and the globalization of communications.  Also there is no longer just about content regulation that can be managed at the domestic level.  It seems complaint systems and even positive regulation around quotas and stuff, language quotas to try and build the public space and the policy.  We are now dealing with something that is entirely ruptured these traditional things and of course the important normative underpinnings of these systems.  So we have competing normative systems that make the implementation of consensus frameworks or even conventions at the regional and global level very problematic.

So we had initiatives from the African Union Commission who had Internet Rights Charter and that had the Convention on Cybersecurity and Data Protection and these are all wonderfully aligned with global conventions and standards and treaties but in fact, their adoption at the national level is absolutely minimal.  So I think the convention is now gone up from 5‑12 or something it's extremely low.  So countries are even, when it is past their ‑‑ not exceeding to it or implementing to it at the national level.  The problem is that very many of these conventions or globally, the conventions around freedom of expression, data protection, are still based on Human Rights, universal Declaration of Rights, rule of law, and things that are not practiced in some of the jurisdictions that are resisting this.

Although they want digital growth, they want the participation and the Continental Free Trade Agreement through digital participation, data sharing of goods, they still are controlling certain, or not exceeding certain rights frameworks.  So it makes the management of the global platforms all the more complicated.  If things aren't even being coordinated or harmonized at a regional level, the difficulties at the International level ‑‑ it's there where it is happening.

In terms of controlling content and diversity, it is pricily these frameworks that are meant to manage and regulate and govern diversity, ethnicity.  These things are not inherently creating tensions.  They create tensions through the manipulation of them and lack of management of them, et cetera, freedom of expression.  Suppressed is we get responses to that.  So I think it's very difficult to speak about the African region, it's very diverse.  Some countries are very strong Constitutions that protect these rights and these frameworks that have very strong content protection.  Anti‑hate speech legislation, et cetera.  And then many, many others who don't.

It brings me again to the point of global cooperation to manage these processes; particularly because the manifestation might be in the content but a lot of the manipulation might be happening at the data level and the data governance level, as we saw with Cambridge Analytica.  So it's important we do have date protections in place.  We do have frameworks for data across border flows, we do have frameworks for taken down of content that is harmful and we are able to mitigate risks through data protection mechanisms and security mechanisms, et cetera.

>> BERTRAND DE LA CHAPPELLE: Thank you.  Sorry for questioning the time, but do you think that African actors, not only governments but others, are sufficiently integrated into the global discussion and the global regulation regarding platforms.  And there is digital services act.  There is notification of sections of ‑‑ these decisions will have impact on all of the users of those platforms internationally and the some actors to drive the same rate worldwide.

In just a couple of words, do you think there is enough participation and how could it be improved?

>> ALISON GILLWALD: Absolutely there isn't.  We have done our own research on multiple stakeholder participation and things like IGF as we are here, but even in other forums.  Not only are Africans not involved in any of these negotiations.  As I said ooh real important they are not siloed into the trade negotiations or e‑Commerce negotiations, because precisely if we get the digital taxation right, that could address a lot of the public Internet Governance we need at the national level.  It's important we engage in these debates.  Half of the countries stand outside of them because they simply are not confronted with the development of their economies in that way.  Others are resisting it.

We not only have to be responsive to it, we have to set the agendas from an African perspective so it is reflecting our interests and we not simply adopting conventions that are based on assumptions, interests, normatives from other areas, but reflect the interests of our own citizens, firms and nations in these debates.

>> BERTRAND DE LA CHAPPELLE: Thank you.  Hearing the notion of bridging silos is music to my ears.  So I couldn't resist picking up on it.

I'm fading to a certain extent because we are really short on time.  So I would like to just give the floor now to ‑‑ for a couple of minutes to be very concise.  Germany has been the pioneer on some elements regarding content moderation and regulation of platforms.  Europe preparing the digital services act.  Can you say to us a couple of words on what is the timeline for the digital services act that will apply regulation and revise the e‑Commerce directive?  And particularly how much does it take into account in your expectation, a differentiation, according to the or responsibilities according to the different types of actors just in a few words.

>> RUDOLPH GRIDL:  Thank you very much.  Can you hear me and see me?  Because I can't see me.  At the beginning of is residents thought we would be dealing with the digital services act during our presidency and now we will have the formal proposal by the Commission towards the end of the year.  So it will be dealing in the council with the digital services act.  So we will have to wait for another two or three weeks for the proposal to be on the table and then we will have the council probably in the first half of next year.

That was for discussion.  Now for the German way, the next GD you did not mention specifically but you said at the forefront, our next GD obligations on the platform operator is concerning hate feeds and other criminal acts.

That has been in place now for three years, more than three years, and we have made some very good experiences, namely that most feared thing did not happen, there was no overblocking.  There was no over‑obligations by the network or by the operators when applying this law.  So we think that it could be a good basis for what we will have to discuss within the digital services act.  On the one hand we need to somehow implicate the platform.  We do not want to give them the rule of the role of legislators or competitive branch.  On the other hand we cannot operate without the platform operators.  And we think the solution is found in the next GD is a quiet balanced one and the evaluation we did was written in the law and it came out in autumn a week ago.

Very clearly it is working.  And I do not have so much time otherwise I would explain to you that it is not something ‑‑ there are no new obligations or no new appreciations that we do impose on the network operators but all is based on the existing Panel probe.  So there are no new Panel codes or no new criminal investigation platforms it's on the basis of the existing law.  I leave it there because we do not have so much time.  Thank you.

>> BERTRAND DE LA CHAPPELLE: Thank you very much.  I think the mess sage an example that shows there are many lessons that can be drawn from the actual intimidation of some of the rules.  I'm very conscious of the time.  I want to give the floor and apologies, I was intending to ask the question regarding the geographic scope of Continental friction, a very important issue and Microsoft has been exposed to that through the right to be indexed.  But I would be remiss if I didn't give the floor to discussions to the Panel.  And I apologize in advance for the length.  Aleksey Goreslavskiy is coming from Russia.  He has been in the administration, the governmental society.

I would like to ask you and say ‑‑

[ Feedback ]

‑‑ the fact that the decision that is taken in one area versus another dimension, in particular there is one of the countries that has date localization rules for the personal data and there was a consequence which is that because some companies didn't localize their data according to that law, their access to the content being blocked in Russia.  That is the case at the moment.  And I understand that it could potentially apply to other platforms that would be the same.

Can you elaborate briefly on one, the rational for the date on organization laws and the constraints of one which requires protection impacting actually content accessibility.

>> ALEKSEY GORESLAVSKIY: Good evening, ladies and gentlemen.  Thank you very much for this possibility to answer.  I have some words in Russian for what we are doing here for trust.  The questions and discussion and comments in chat is really interesting.  I would like to first of all support the trust can be achieved in the federal Internet Governance in dig tall corporation, only on unified approaches.

As for your question for some blocked services in Russia.  As I know, there is only one.  LinkedIn, which is blocked in Russia on the basis of data mismanagement.  As you know, in Russia we have some ‑‑ about data localization law.  So LinkedIn is not in order of Russian law of data management.

That is only one reason why LinkedIn is blocked here.  All others are still up.  So what I can briefly two minutes in Russian, what I can say for you about trust in Russia, what we are doing here.  Let me speak two minutes in Russian.

[ Speaking non‑English language ]

Let me finish very briefly in one minute.  So in terms of investment of Russian government in trust, we have a large huge system of incident management here in Russia, which is two years or has been for two years and is ready to hear all comments from social networks from Russian citizens.  If you have ‑‑ you can simply write it down on Facebook or contact or in social message and we can organize a very quick answer from authority who is responsible for that.

So from now on, we have about 200,000 comments in a month on the real cases.  People from our country can simply address to authorities and have brief solutions for the problem.  That was very useful this year because of COVID‑19.  So many ‑‑ this direct communication was very useful for fake news and fighting rumors who distributed around the country.  You know it was the same rumors in all the world all about 5G and so on.

We organized a very huge system of brief answer from authorities.  So that is why the messaging from governance of fleet Russian regions which are 78 from 85.  They are public all on Internet and this year many of them started live video every month, every week, every day, answering all the questions that people have.

So my message was that we invest very ‑‑ much in trust.  So that is why we find all around us the situation for such a quick digitalization.  So the question that we have should be org nides index of communication with trust for all countries, which could be described on a unified basis and should be on all the ‑‑ on the unified platform.

That will be or could be a solution.  Sorry, I probably didn't answer your question properly but, sorry for this issue in translation.

>> BERTRAND DE LA CHAPPELLE: You're welcome and thank you for making the efforts.  For the sake of time, thank you again.  You were alluding to regarding the cooperation to be able to identify views, is a very large and it is one component in the corporation between the different actors and the questions of distribution of the roles.  Different perspectives on this, the perspective roles of the actors but the way the different stakeholder groups can address the common issue which is addressing the views is something requires specific frameworks.

Whether they are vigorous frameworks or smaller frameworks, depends on the willingness and convergence of different factors.  I want to finish with one element.  I ask you about the consequence of the decision of that localization in Russia on the platform N a certain way there are intended consequences of the GDPR which leads to a certain number of services in the U.S., not serving Europe because they are not interested in U.S. citizen and they don't want to abide by the GDPR.  So the notion of Internet consequences and the notion of connection between different fields inside of, is something as Allison said, we need to bridge the different silos, in other words, practice on the other domains.

Thank you very much.  I have to finalize this Panel as I have been told we have a few minutes of authorization.  Can we have the last poll?  I will move directly to ‑‑ yes.  So digital policies should respect the technical architecture of the Internet.  Strongly disagree, disagree, neither agree or disagree, agree or strongly agree.

And I would like to maybe while you're speaking on or completing the poll.  I would like to ask maybe to rapidly, because of the time, answer the following question: There is a distinction between the fragmentation debate on the existing Internet and another question which is the notion of one is being introduced in particular on behalf of China on the notion of new ideas.  I know the Secretariat cannot take sides of an International organization, but how do you handle what is the current status of the discussion?  Because it's a very polarizing issue and the notion of new ideas, how do the different countries in the ITU address this topic and is there a dirge in it?  The splitting in the community.

>> ATSUKO OKUDA: Thank you.  It's very important question and this is also a link to the poll Number 2, the insufficient International corporation.  As we discussed, I did have a consultation with colleagues in 8Q.  This proposal, a new IP shaping future network was presented by China mobile and China Unicom to the group on standardization strategy in September of 2019.  So basically this is dealt with as part of these questions.  And there were sudden activities, which happened related to this poll.  And eventually there was joint liaison statement issued to all study groups.  As you know, in ITU, we have a number of different study groups looking at this interface between technology and infrastructure and policy.  So, so it was presented to the study groups for future action but I believe that at the moment, what happened is that it's joint liaison statement was issued.  This is where we are at the moment.

Can I also share with you that this data localization and Data Sovereignty issue is not only related to new IP but there are different study groups which are addressing bits and pieces of the topic such as standardization study group on future Cloud Computing, which is about confidence and security in the views of ICT and study group 20, IOT and smart cities.  So what I would like to recommend is that we don't have time to go into the nitty‑gritty of what these study groups came up with, but there is a space Internationally to share your views and research and the policy and positions in the space of ITU and I would like to recommend interested parties to join and discuss and establish the International norms of principles that we thought many participants thought, lacking at this stage.

So I want to give the floor back to you Bertrand.

>> BERTRAND DE LA CHAPPELLE: Thank you very much, Atsuko Okuda this is clearly a topic I didn't want to let out of the space and it's important to follow it.  And I will actually move and ask Alissa briefly to make a few comments in that regard N particular, because in the beginning, you mentioned when you hear this debate about the new IP, it reminds you of some of the challenges you were confronted with, or the community was confronted with from the shift from 4 to 6 and the shift from the one protocol to another is very big and has to be something that is really needed to happen.  Can you elaborate with me on that?

>> ALISSA COOPER: You can't hear me?

>> Yes, we can.

>> ALISSA COOPER: I'm not muted on my end.  So.

>> BERTRAND DE LA CHAPPELLE: Can we make sure that are Alissa is unmuted.

>> ALISSA COOPER: It looks like some people can hear me and some people can't.  I'm going to.

>> BERTRAND DE LA CHAPPELLE: I can't.  Does everybody hear?

>> ALISSA COOPER: The Panelists can't hear but the attendees can.

>> BERTRAND DE LA CHAPPELLE: Some people can hear and others not.

That's a fragmentation.

>> ALISSA COOPER: It might just be Bertrand who can't hear, maybe.  Perhaps I can give remarks to the people who can hear.  And we can go from there.  So, I think IS one of the places where we really do not want to see any further fragmentation.

There is a small set of core infrastructure that maintains the global unity of the Internet and the IP address in space is one of those, the global domain name system is another and so, we really need that harmonization at the IP layer to allow for data and connectivity to be seamless around the globe.  And so, when the arguments and the motivation to create something which is non‑interoperable with IP and sort of throw away the investment that we had and connecting billions of devices to the IP network would have to be overwhelming in order to justify that level of investment.