IGF 2019 Reports
The session was jointly held together with the DC on IoT.
- What ethical considerations are important for development, deployment and use of IoT, in order to ensure that we are creating sustainable solutions with IoT? Aspects to be considered range from affordability and deployability where needed, to transparency of choice; clarity on data sharing and protection of privacy;
- What prerequisites are important from a security perspective, to ensure that IoT can be trusted not to be harmful to its users, nor the wider Internet; for example by, for example, being weaponised as a tool for DDOS attacks or being used as attack vector on the users, themselves;.
- Looking ahead – which issues will become relevant in the future for IoT development, affecting the broader Internet. This provides an open microphone for new issues to tackle in the context of future use of IoT and recognition of Core Internet Values.
Topline Areas of Agreement:
- The need for security in the IoT sector has reached a critical juncture, its assurance depending on all of the stakeholders in the ecosystem, not only manufacturers.
- A classification system for IoT devices could address immediate questions regarding security, but could take some time to establish.
- There needs to be greater transparency throughout the IoT sector and increased accountability of participants in the chain from devices to end user - from initiatives taken to address vulnerabilities throughout the life of devices, and end-of-life of devices.
- Topline Areas of Divergence:
- What role for regulation and legislation in addressing security concerns, given both their complexity and immediacy of concern to the larger health and security of the IoT sector.
- To what degree should developers and consumers bear responsibility/liability for breaches in security.
- What willingness to pay for additional security
Develop a classification system for IoT devices, raising both potential pros and cons in the future security of the IoT sector. We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels.
To support a secure IoT environment, there is a key distinction between what needed to be done to ensure that the devices / supply chain were secure and what needed to be done to ensure the ethical / secure use of those devices.This discussion highlighted the key and unique role that ethical frameworks versus legislation may serve to ensure security by design in future IoT development and deployment. Namely, the potential need for governments to outline the legal contours of accountability and responsibility. Also here the importance of classification of devices and services was emphasized.
We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels. This should lead to proposals for IGF2020 sessions.
Total number of participants throughout the session: ~60; of which ~40% women. - for both sessions from 9:30-11:00 and 11:30-13:00
The session did not specifically consider gender issues.
These are currently being worked out.
What care is being taken by games providers to ensure age inappropriate content or themes are not included in games which attract younger children?
What care is being taken to ensure malevolent individuals, sexual predators or bullies, are not being given easy access to children in environments where the possibility of parental supervision or support is, for practical purposes, either wholly non-existent or extremely limited?
How should this be reflected against Art. 34 UN-CRC, protection from sexual abuse and against Art. 36 UN-CRC, protection from different forms of commercial and non-commercial exploitation?
Please see the session description for the complete set of questions.
The Dynamic Coalition meeting has considered what governance mechanisms should be developed to draw the gaming industry into the discussions on children’s rights.
- Based on the UN-CRC children’s right to leasure, play and culture was was assumed as important than childrens right to be protected from abuse and exploitation.
- Speakers raised the issue that games and apps are usually age rated based on their content but that doesn’t sufficiently reflect neither risks of inappropriate interaction and communication parallel to the game being played nor does it reflect the risk of commercial exploitation of children f. e. by in-app-purchases or loot boxes.
- A youth representative described how games can be engaging in a way that makes one forget about the lessons learned in regard of appropriate online behaviour, he expressed concerns on being contacted by unknown people when playing games.
- It was mentioned that while there is still a great deal of doubt about the validity of using the idea of “addiction” to gaming there are widespread concerns and anxieties about excessive use.
- Some speakers mentioned their concern about profiling children’s behaviour in playing games and utilizing such data even though anonymised to develop new services and applications responding to children’s desires thus attracting and beguiling them to play even more.
- There is wide concern about the extent to which games can socialize children or involve them in the world of gambling. As ever more immersive and realistic games emerge this question is likely to increase in importance.
- It was also mentioned that children need to be supported by parents and caretakers in order to achieve a balance between exploration and safety.
Please see section 5.
Between 2015 and 2017 Thorn did research with about 3500 young people in the US. It was reported that at the beginning of online friendships a lot of participants share their handles on multiple different accounts which makes so called sextortion scenarios more likely since it is easier for an offender to target a young person on multiple platforms, not just the one they met on.
45 participants in the survey reported being contacted by offenders across multiple platforms. In 2015 specific to gaming 4% of those who had experienced sextortion reported to the gaming platform. By 2017 that doubled to 8% If the numbers have grown shall be addressed in research in 2020. The research gives evidence that one in four victims were under 12 when they were first threatened.
It also shows gaming platforms were generally more popular among 9‑year‑olds to 12‑year‑olds.
In Germany legislation is underway addressing risks of interaction and communication on online platforms.
Online gaming platforms need to be observed also in regard of profiling of children.
- At country level measures should be put in place to encourage parents to understand better what happens in gaming environments both in relation to the real costs of the games and in respect of hazards such as grooming, bullying, sexism, xenophobia and other forms of discrimination.
- While at in parallel parents need to be made aware and understand the positive benefits of gaming and that children by playing games they learn and develop skills especially their social skills.
- Generally speaking, self-regulation is now widely seen as a model that has failed in the online space including in respect of gaming hence enforcing mandatory regulation is perceived as the only way forward.
- However, to avoid the risk of over-regulation the online games industry needs to be much more transparent with their consumers and the chid rights community about the realities of what is happening to children in gaming environments.
Roughly 100 participants with 50% being female.
Gender aspects were addressed in regard of research giving evidence of significantly more boys than girls are playing games. While the issue of online grooming is more often discussed in relation to girls while the risk of being groomed in online games might probably more often occur with boys.
1. How can universal design principles for accessibility be advanced across the internet to improve the experience of those with disabilities?
2. What can the IGF community do to further collaboration to realize the potential of the internet to improve the experience of those with disabilities?
3. What priorities and/or changes are needed from an Internet governance policy standpoint to accelerate progress towards a more inclusive internet for persons with disabilities?
We expect session participants to engage on how universal design principles for accessibility be advanced across the internet to improve the experience of those with disabilities, and to capture and understand the uses of ICTs enabled by the Internet that are, today, empowering persons with disabilities. We expect session participants to learn about what the IGF community do to further action and cross-sector collaboration to realize the potential of the internet to improve the experience of those with disabilities.
The moderator, panelists, and workshop attendees discussed innovative uses of ICTs for the empowerment of persons with disabilities, covering different approaches taken to address disability inclusion in their regions and diverse experiences. Notably, robust discussion included:
- The scope of the term "disability" (with discussion of including not only certain physical, but also cognitive and learning, disabilities);
- The need for workforce training/education to bring those with disabilities into the workforce;
- The role of open and consensus-based standardization activities;
- The need to mitigate human biases in new artificial intelligence solutions;
- How disability inclusion makes good business sense via widening a products potential user base;
- Government roles and efforts in taking in feedback on disability acces and responding to identified needs; and
- Whether focus should begin with "low-hanging fruit" or alternatively on the most marginalized disabled populations.
Participants discussed the pros and cons related to the above areas.
Policy recommendations identified during the workshop included:
- An increased role in discussing and sharing information with respect to disability access to ICTs in key fora including the IGF;
- Governments taking a more focused effort to understand the needs of those with all disabilities;
- Government grants to support universal design practices, potentially funded via universal service fund-style approaches;
- Development of accessibility best practices for new ICTs, building on robust standardization efforts (e.g., W3C) and incorporating input from those with disabilities;
- Global adoption and implementation of the UN Convention on the Rights of Persons with Disabilities;
- Governments and private sector utilizing procurement policies to advance disability access to ICTs to lead by example; and
- Governments accellerating disability access by buidling capacity for access to ICTs (e.g., infrastructure, harmonized data flows, etc.) and ensuring that resources are used in the most efficient way possible.
Other initiatves addressing this session included:
- Canada Radio and Television Commission's Video Relay Service
- Mozambique's universal service fund approach to supporting disability access to ICTs
- Seeing AI, a leading software accessibility tool for the blind by Microsoft
- Optikey https://github.com/OptiKey/OptiKey/wiki
Panelists and session participants discussed:
- What kind of disabilities ought to be included and considered under "disability policy" - while it was acknowledged that most policies for disability access address auditory, visual, and sometimes mobility, many do not fully consider cognitive and learning disabilities. It was agreed that this definitional baseline should be immediately addressed by policymakers to take a broader approach to the term "disability".
- Where to most appropriately act in the short-term. On one hand, some advocated for tackling the lowest-hanging fruit (i.e., areas of disability access impacting the widest community or communities); others advocated for beginning with addressing the most marginalized communities first to ensure that no one is left behind.
- Emphasis was placed on effective resource management by governments and policymakers as they address disability access to ICTs.
Total onsite/online participants: 35 (including 2 with mobility disabilities, 2 with visual disabilities, 1 with autism)
Total onsite/online female participants: 15
Disability access issues were acknowledged as issues that impact individuals of all genders, but that females with disabilities may be more so affected by a lack of accomodations to ICTs (along with other populations that may be marginalized).
Panelists and participants of this session left with an improved understanding of the uses of ICTs enabled by the Internet that are, today, empowering persons with disabilities, as well as what is coming down the pipeline; that the IGF community should do more to further action and cross-sector collaboration to realize the potential of the internet to improve the experience of those with disabilities; an appreciation for the diverse perspectives regarding priorities and changes needed from an Internet governance policy standpoint to accelerate progress towards a more inclusive internet for persons with disabilities; and developed concrete recommendations for improving disability access to ICTs in the short-term and long-term. There is also the potential for a follow-on session to occur during the upcoming ICT4D Non-Conference 2020 (https://ictrd2020.org).
- Why zero-rating applications as sponsored applications produces negative externalities on how people enjoy Internet access, especially in developing countries where people don’t have money to pay for other software?
- How to approach users’ data protection and combat control over the flow of information by some few companies?
- How 5G and IoT are engendering new Net Neutrality challenges?
The session aimed to discuss two main topics on Net Neutrality: price discrimination and zero-rating applications, and also the new challenges with the development of 5G technologies.
On the first subject, many of the speakers indicated the necessity of review of zero-rating plans. They also addressed that many countries protect net neutrality, but the approach of the zero-rating plans is different from region to region. In Latin America, for example, there is a considerable problem with universal access in similar conditions for other people in the same area. States should have the duty and the obligation to ensure Internet connectivity for all people. However, some speakers also pointed out that, in many cases, the same company owns similar applications, such as Facebook and WhatsApp. This concentration of market power of few companies can (1) compromise the information flow through the platforms, and (2) worsen situations of asymmetries among users and companies. Therefore, the main concern regarding this first topic was how for-profit corporations could dominate the flow of information and use data to micro-target their users. In this sense, and according to some of the speakers, regulators should face the lack of competition on this market as a threat to democracy.
On the second subject, the discussants stressed that, despite the common-sense first impressions about it, 5G is not drastically changing everything. It is not a revolution but an evolution of already existent infrastructures. There is a significant need for investments in the development of these infrastructures for implementing 5G. It would also imply that significant concerns about sustainability and universal connectivity that are being neglected by public opinion.
About Net Neutrality, participants pointed out that there is a necessity to reestablish it as a principle, to guarantee fairness in communication networks. There is an explicit choice made by regulators, in the countries that allow plans of zero-rating, that it is better to have a little bit of the Internet than not having it. However, this choice is problematic since it might express a miscalculation: with few Internet providers, it is easier to exercise power over the users. In this way, some of the speakers observed that companies are using zero-rating plans to extract useful information and personal data from those countries.
Concerning the implementation of 5G, participants highlighted that it demands enormous investments in fibre, in micro and small cells. The number of resources, such as, money, material and working force to implement these infrastructures is the reason why 5G so far exists only in China, South Korea – which are currently able to invest in this type of structures.
In this same sense, other participants pointed out that the current business model of telecommunications should change, since it’s no longer viable and requires a significant number of resources.
About Net Neutrality, some countries in Latin America established the principle in their legal framework. Other initiatives were mentioned, such as Free Basics 2.0.
ARCEP, the French regulator of telecoms, is responsible for both net neutrality and the spread of 5G.
An issue presented by some of the speakers was about if Net Neutrality regulations would provide any obstacle to 5G development. In Europe, at least, the legislation appears to be compatible with 5G, and then it's for the market to show what kind of services they will have on the 5G network in the future.
On the issues involving transparency and concentration of market with zero-rating plans, speakers suggested a perspective change on the debate about regulation. Lack of competition should be seen as a threat to democracy and mechanisms in order to dismantle sponsored apps concentration should be implemented. The discussion should continue in other IGF sessions.
Onsite and online: 60 and 85
Women onsite: 30
The session didn’t discuss gender issues, but gender should appear as an imbricated subject when we speak about the negative externalities that sponsored apps may trigger since the information flow can enhance inequalities in the access to information.
Value and Regulation of Personal Data in the BRICS
1. What national laws (or other types of normative acts) regulate the collection and use of personal data in the BRICS countries?
2. Do the laws recently adopted by BRICS countries apply to foreign entities that do not have a physical presence in such countries?
3. Are data protection laws adopted by BRICS countries based on fundamental rights defined in Constitutional law or International binding documents? Are the newly adopted frameworks converging amongst themselves and can they be compared to other existing frameworks such as the European one?
It was general consensus that the political, economic and social systems of the BRICS countries are different and they have different approaches to data protection. Therefore, the approach of policies should regard cooperation, not coordination.
Some of the participants highlighted that there should be no sovereignty over the internet and addressed as a solution the development of international frameworks regarding multistakeholderism. Others observed that the free flow of information entails bidirectional flow – i.e., when it becomes possible to funnel data from one country and only extract value on another. Therefore, data localization is also about protectionism.
It was general consensus that the political, economic and social systems of the BRICS countries are different and they have different approaches to data protection. Therefore, the approach of policies should regard cooperation, not coordination.
Some of the participants highlighted that there should be no sovereignty over the internet and addressed as a solution the development of international frameworks regarding multistakeholderism. Others observed that the free flow of information entails bidirectional flow – i.e., when it becomes possible to funnel data from one country and only extract value on another. Therefore, data localization is also about protectionism.
The legal initiatives were presented in each of the countries, as mentioned before. Brazil with LGPD, which is similar to the GDPR; India with the jurisdictional declaration of data protection as a fundamental right and a Data Protection Bill; China with new cybersecurity standards; Russia with new regulation; and South Africa with POPI.
Russia’s legislation has a protectionist approach and it says that data of Russian citizens must be localized inside of Russia’s territory. That was pointed out as the main reason for some service providers to abandon the Russian market – changes in this approach should be necessary to avoid arbitrary ban of social networks.
Participants observed that data localization is linked to sovereignty, but it is also deeply intertwined with protectionism. The free flow of information looks like a great exchange of information, in the paper, but in practice it looks like a draining of valuable information. Also, legislations that allows authorities to collect and use personal information without user consent should be targeted in policymaking.
Onsite and online: 60 and 108
Women onsite: 30
Gender Equality is one of the goals of the discussion about what values should be considered in the BRICS.
The purpose of this section was to map and identify what could be the best practices BRICS countries should follow to create a legally predictable environment for business regarding data protection.
The goal of the DC3 outcome document is to act as a working document from which all interested stakeholders can take inspiration to start constructive discussions on how to facilitate CNs through the most appropriate policy frameworks
The IGF session will have the following agenda:
- Introduction and presentation of DC3 and its work
- Keynote remarks
- Presentations of case studies
- Discussion of the proposed policy elements
- Discussion of next steps and further actions for DC3
The session precisely aimed to provide suggestion of what could be the policy elements that could facilitate community connectivity. Participants see citizen’s empowerment, in this sense, as a very suitable option to expand connectivity and to enhance the quality of life of individuals.
In this matter, many participants observed that there are huge gaps in Community Connectivity inside of the countries. In the United States, for example, it happens especially in the tribal lands were big operators were provided with spectrum licenses but don't provide services. To the majority of the presents, this has to do with discrimination of access. In Mexico, the most recent survey on the penetration of telecom services stated that only 45% of the people make use of a computer and 74% have a cell phone. And this data is underestimated since they are counting all the phones existing in the country but not all the people that really use them.
Participants observed as essential to consider access to Internet and to information, as well as the capability to receive and spread information, as fundamental rights. Furthermore, relevant communities of indigenous people have problems regarding the lack of access to the Internet in the Americas.
Another subject highlighted by the participants was the fact that building community’s connectivity could improve people's living conditions and avoid them to be victims of arbitrary shutdowns. On the other hand, this is not easy, especially in some contexts of authoritarianism.
Participants point out that there is still much work to do when it comes to community building, and spaces like IGF, which helps to connect people, can be helpful to produce these changes. Also, most of the participants agreed that the first thing that regulators have to do before reading any booklet is going to communities asking local people what their real needs are. Since one of the main challenges of Community Networks policymaking is the size of territories, bottom-top policies could be a great way out to solve this type of issue. To empower communities and to give them the tools to create and manage their connectivity’s should produce a new scenario of access to the Internet.
The Germany initiative Freifunk joins with In-Berlin to provides a non-commercial Internet Exchange dedicated to non-profit and project-based groups. This initiative will handle peering for all of these initiatives. A growing number of regional groups are now connected into core peering agreements with the Internet. In Mexico, there's the indigenous connectivity model, linked to the community of Oaxaca. The communities own and can manage the network under the umbrella of TIC-AC.
There is still much to debate in order to guarantee that communities can have control of digital infrastructures. Participants observed that, in short, there is a need to speed up connections. Regulators should start giving the licenses to the communities. Furthermore, also, global influences should be more progressive on community networks and other life‑changing technologies used by community networks.
This debate has to do with the empowerment of the people. Nowadays, in many countries, the access to the Internet is a fundamental right, but in some authoritarian countries, there is a considerable danger because it gives power to citizens to find ways to express and interact among themselves.
Onsite and online: 60 and 85
Women onsite: 30
The session didn’t discuss gender issues, but gender should appear as an imbricated subject when we speak about the negative externalities that inequalities on the access of the internet may trigger.
What do we know about children´s access and use of the internet that can inform the policymaking process?
How to protect children from risks and damage, without hindering other rights, such as to free expression?
What was expected for the session was to share a global and regional update on the most relevant and recent data about online children, and to hold a debate about the most relevant policy issues stemming from those data. Together, these points feed a research and policy agenda that has children´s right at the centre.
There was full agreement that more reliable data (both quantitative and qualitative) is needed for improving digital policies and education campaigns targeting children.
There was support to the view that a journalistic approach to online harm, as a matter of fact, creates the perception that such problems occur more often and affect more people than they actually do. Therefore, parents and the general public also have to be targets of the communication of the results of such research.
One of the main points highlighted by the data shared and the debate that followed it, is to acknowledge the ubiquitous online presence of children, yet with pervasive inequities, both in the degree and quality of internet access, and in the skills development opportunities for its use.
As an actionable recommendation, including children as active parts both in communication campaigns and policy design, including internet governance decisions affecting children, was strongly emphasized by most panel participants.
Actions need to be implemented in the various levels affecting digital inclusion: from legal and regulatory instruments, to educational interventions, need to be put in place to meet the needs of the children.
Another actionable recommendation is not to focus regulation or communication campaigns solely in the risk and damage issues affecting children, but mainstreaming their right to expression and participation in a balanced fashion. The Internet was portrayed as a privileged setting in which children may thrive and express themselves with little adult mediation. Bearing in mind that greater internet use is associated with greater risks, in turn.
Digital literacy programs aimed at parents were highlighted as key initiatives for keeping children safe and healthy in the digital environment.
One of the main experiences showcased in the panel that clearly tackles the issues covered in the panel was that of Uruguay and its national ICT in education policy Plan Ceibal. For more information: https://www.ceibal.edu.uy/es
There was broad agreement in that for addressing these issues and achieve a safe and stimulating digital environment for children it is necessary to involve both public and private stakeholders, that children need to have a voice and participation, that parents and teachers also have to be target of policy and education campaigns and that internet governance, in general, needs to end being child-blind.
There were 50 participants present in the workshop, 60% of them, women. We estimate another 50 online participants, with similar proportion of women. Out of the 9 panellists, 7 were women.
Gender issues were covered throughout the session, on the one hand, by showing the data by gender, therefore identifying internet access and use patterns that differ for boys and girls. Parental mediations also proved to have peculiarities when the kid is either a boy or a girl. Both issues present, in turn, different patterns in the different regions covered (Latin America, Europe, and the Global South). Policies and measures were discussed taking into account these variations and specificities.
A comparative report of the Kids Online studies from Brazil, Chile, Costa Rica and Uruguay was pre-launched at the session, titled: Infancia y adolescência em la era digital (edited by Dantiela Trucco and Amalia Palma - Cepal), featuring chapters from the session organizers and participants from the Latin America Kids Online network (LACKO). This represents a landmark for LACKO, which is a research and collaboration network aimed at producing reliable data on online children and fostering its use for policymakind and advancing children´s rights, in particular, digital rights. LACKO adopts the conceptual and methodological framework proposed by Global Kids online, which facilitates the production of internationally comparable data and shared knowledge on the issue. Unicef is a key partner of this effort. The report is expected to be published in the first quarter of 2020.
The Global Kids Online Report launched during the session can be accessed at:
https://www.unicef-irc.org/publications/1060-growing-up-in-a-connected-world.html
Ethical, political, legal and regulatory dimensions for new technologies:
- What is the relationship between technological, economic, ethical, political considerations and legal and regulatory frameworks in data-driven technologies?
- How are they connected and what may happen if those relationships undergo changes?
Who holds the data necessary for democratic decision-making?
How can we support digital sovereignty based on democratic values?
What influence do filter bubbles and algorithms have on our social coexistence?
There was broad support for the view that we should have a discussion on data governance including different stakeholder groups.The importance of data for development, identity as well as for our country and everyday lifes was commonly stated. A main theme was how to design systems in a proper user-oriented way. No agreement could be found on to what extent technological solution are able to solve the problems of data privacy and regulation or user behavior within the data governance discussion. Another disagreement was about to what extent democratic decision making processes are shaking in their core or on the other hand are stable, trustworthy and secure.
We have to discuss data governance including different stakeholder groups.
We have to create a better way of using data; e.g. a better data documentation standard.
We have to be engaged and have to look after the existing democratic procedures and values.
We do not have to re-invent everything. We have laws, standards on which we can built on.
We need national automated decision making strategies.
We should support participative technical development; privacy by design and support Open Source Projects.
Politics should support fora where every stakeholder group is involved in participative technological development to foster co-design.
Subsidies and incentives for peoples especially in rural areas to support common technological integration.
- Global identity: project three words.
- Freedom information right,
- Projects to inform the citizens, e.g. Frag den Staat / My data
- Open data including better data documentation
- Privacy by design
- Open Source movement
- Co-Design
est. 50 onsite participants, est. 10 online participants, est. 25 women present onsite, est. 4 women online.
Reaching out for user that are a minority within the digital community. Bring technology to rural areas and involve older people as well as all group that are not involved in technological development until now. Create fora to bring everyone together to co-design and identify opportunities.
Distinction for digital products might be introduced according to their development based on inclusion of different stakeholder groups, e.g. elderly, women.
- What ethical considerations are important for development, deployment and use of IoT, in order to ensure that we are creating sustainable solutions with IoT? Aspects to be considered range from affordability and deployability where needed, to transparency of choice; clarity on data sharing and protection of privacy;
- What prerequisites are important from a security perspective, to ensure that IoT can be trusted not to be harmful to its users, nor the wider Internet; for example by, for example, being weaponised as a tool for DDOS attacks or being used as attack vector on the users, themselves;.
- Looking ahead – which issues will become relevant in the future for IoT development, affecting the broader Internet. This provides an open microphone for new issues to tackle in the context of future use of IoT and recognition of Core Internet Values.
Topline Areas of Agreement:
- The need for security in the IoT sector has reached a critical juncture, its assurance depending on all of the stakeholders in the ecosystem, not only manufacturers.
- A classification system for IoT devices could address immediate questions regarding security, but could take some time to establish.
- There needs to be greater transparency throughout the IoT sector and increased accountability of participants in the chain from devices to end user - from initiatives taken to address vulnerabilities throughout the life of devices, and end-of-life of devices.
- Topline Areas of Divergence:
- What role for regulation and legislation in addressing security concerns, given both their complexity and immediacy of concern to the larger health and security of the IoT sector.
- To what degree should developers and consumers bear responsibility/liability for breaches in security.
- What willingness to pay for additional security.
Develop a classification system for IoT devices, raising both potential pros and cons in the future security of the IoT sector. We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels.
To support a secure IoT environment, there is a key distinction between what needed to be done to ensure that the devices / supply chain were secure and what needed to be done to ensure the ethical / secure use of those devices.This discussion highlighted the key and unique role that ethical frameworks versus legislation may serve to ensure security by design in future IoT development and deployment. Namely, the potential need for governments to outline the legal contours of accountability and responsibility. Also here the importance of classification of devices and services was emphasized.
We would propose the consideration of the formation of a sub-working group, comprised of members from both the DC IoT and DC CIV, to further examine the setup of such a system. Amongst other items, this working group could take up a number of the questions presented during the panels. THis should lead to proposals for IGF2020 sessions.
Total number of participants throughout the session: ~60; of which ~40% women.
The session did not specifically consider gender issues.
[weblink to full report to be announced]
DC IoT website: https://www.iot-dynamic-coalition.org/
- How can we make inclusion, empowerment and agency of individuals a core design element of identity and data models?
- What are high-value use cases that data and digital identity can enable for citizens and consumers, and how can we accelerate their implementation?
- How must roles for governments, businesses and civil society evolve in an increasingly data-driven economy?
Expected outcomes:
- Broaden shared understanding of individual-centric principles on digital identity and data
- Identify “lighthouse” activities and scalable, replicable best practices from around the world
- Identify priority policy considerations that need multi-stakeholder dialogue and action
There was agreement on:
- Digital Identities as opportunity to enable high-potential use cases as well as risk to individual rights
- Principles to be maintained in designing Digital Identity Solutions: Public involvement, Opt-In, Collaboration (you cannot solve identity alone), Standards / Interoperability, Security
- No one-size fits all: e.g. top-down state-imposed identity versus collaborative approaches
Policy recommendations relate to collaborative approaches and respecting privacy and control of individuals:
- Economic: Define incentives and explain to users the benefits of identity [to be addressed in business fora and digital skills]
- Social-cultural: Public consultations, Public-private involvement - to reach critical mass
- Technical policy: Define and adopt common standards / technology exists to approach this [to be addressed by technical, vendor alliances, as well as ethical approaches to AI]
- Overarching policy issues: Define frames for privacy and security before imposing digital identity scehemes.
Examples addressing policy issues:
- National ID Schemes giving agency to indiivduals over their data: Estonia
- Collaboration of public-private sector: UK: Gov.Verify
- Public engagement in designing solutions: Canada, Estonia, Australia
- Technical authentication: FIDO Alliance
- Focus on standardization, harmonization, public engagement, critical-mass of coallitions to avoid monopolies e,g. of large private sector companies or of government surveillance
Estimated participation: 60 participants, 50-50% gender diversity
Digital Identities should not exaccerbate divisions.