IGF 2019 WS #312 The Young Person’s Guide to Data Governance and Rights

Organizer 1: Elliott Mann, Swinburne Law School
Organizer 2: Ananya Singh, Utkal University
Organizer 3: Jaewon Son, Korea Internet Governance Alliance
Organizer 4: Aisyah Shakirah Suhaidi, Internet Society Malaysia Chapter

Speaker 1: Elliott Mann, Civil Society, Western European and Others Group (WEOG)
Speaker 2: Ananya Singh, Civil Society, Asia-Pacific Group
Speaker 3: Jaewon Son, Civil Society, Asia-Pacific Group
Speaker 4: Aisyah Shakirah Suhaidi, Civil Society, Asia-Pacific Group

Policy Question(s): 

What are/should be the rights and responsibilities for individuals in determining the use of their personal data, and what right do individuals have to determine their own digital identity?

How can we best engage the youth demographic in Data Governance?

How can local communities best proliferate knowledge about exercising data rights?

How can youth best inform the creation of robust and transparent data governance regimes in the developing world?

How can the Internet Governance community best support those countries which are recently developing data governance laws?

How can the Internet Governance framework be used to proliferate knowledge about Data Governance across diverse demographics?

What are the skills and knowledge needed to best engage with local Data Governance requirements?

What are the cross-border skills and knowledge which are always applicable when referring to Data Governance.

Relevance to Theme: Data Governance is quickly becoming one of the largest Internet Governance issues in recent times. With the establishment of the GDPR in Europe and other similar regimes around the world, citizens are being granted data rights which were not available to them before. As a result, there is a need for citizens to be educated as to their data rights under various data regimes so that they can have control over their digital identity.

This session will focus in on how to achieve this within the youth demographic, with speakers explaining how to breakdown data rights in their respective countries and the best ways of communicating this to youth in their regions. This session will advance the theme of Data Governance by equipping participants to return to their regions and educate others about data protection and their data rights.

With a focus on the Asia-Pacific region, this session will help establish a baseline understanding of Data Governance in the fastest growing and developing regions in the world. With nations such as Indonesia, Malaysia, Australia, Singapore and the Japan implementing more complex and stringent data protection and Governance laws, it is important that there is knowledge of how to deal with this on a youth level. After all, the youth are the ones who will direct the policy direction of the Internet in the future, and as a result it is important that they are aware and knowledgeable about Data Governance in particular as it plays an ever increasing role to play in our lives.

So often, the focus when discussing data protection is on the European Union’s General Data Protection Regulation and similar laws in developed countries such as Canada or Australia. This belies the fact that much of the world’s population, and Internet users, do not live in these countries and are not expressly covered by these laws. This is not to say that people in the global south, in developing and newly developed countries, are not covered however. In cases such as Indonesia, the Philippines and South Africa, there are data protection laws being implemented which get much less attention on the international stage than the GDPR. Yet these laws have the possibility of impacting many more Internet users than the GDPR. As a result, this session will aim to firstly highlight some of the data protection regimes in countries which are less commonly discussed, as well as equip participants to return to their own countries and similarly analyse their own Data Governance regimes.

While all the speakers and organizers are from the Asia Pacific region, they represent a broad spectrum of stakeholder groups, from civil society, academia and private sector experience. This ensures that the information shared is relevant to all stakeholder groups, irregardless of geographic or stakeholder origin.

Relevance to Internet Governance: The issue of data protection and rights is not a new issue in Internet Governance, and has been highlighted very often in various Internet Governance fora. Data protection is a necessary legal mechanism that ensures privacy, and hence instills the trust of Internet users. The Internet exists because we trust it. The moment this changes, the Internet will cease to be useful as part of the democratic population. As technology and the Internet evolves, so does people’s expectation on privacy and their data. In the past, issues on privacy used to only focus on governmental activities. However, today we are seeing that this issue is also affecting a number of other stakeholders, including businesses, the private sector as well as the civil society. Modern practices of privacy focuses on communication privacy; such as no surveillance of communication, and information privacy; for instance the handling of individual information.
This session will endeavour to help highlight the trust-driven nature of the internet by equipping participants with the skills and knowledge to navigate the increasingly complex world of data rights and governance.

The creation of data protection laws in states and organisations around the world has had a significant impact on Internet Governance. While this is not the first time that the actions of individual governments have touched on the overall Internet (consider the long standing issue of Internet piracy), it is certainly one which has increased visibility due to its impact on every Internet user. For example, with the European Union’s GDPR; while the regulation specifically creates data rights for European residents and citizens, the wide-ranging ambit of the law means that many of its effects can be felt by Internet users beyond just the EU as many Internet applications offer increased ability for users to govern their own data. Consequently, within Internet Governance there should be a push to inform users about these rights, and how to access them. This derives from Internet Governance role in promoting proper and secure use of the Internet - in this case ensuring that users have the ability to exercise proper control over their data.


Tutorial - Classroom - 30 Min

Description: This session will focus on the speakers outlining how they learnt about, and exercised data rights in their respective countries. As a tutorial-style workshop, the workshop will progress in an instructional style as each speaker presents on steps they’ve taken to exercise their data rights. Following this time, the floor will be open for other participants to share their experiences with learning to exercise and educate about data rights as well as leverage the knowledge of the speakers to ask questions and proliferate knowledge.

The proposed time breakdown is as follows:

2 mins: Introduction to workshop and speakers
4 x 5 mins: Speakers present on data rights and knowledge sharing in their regions
8 mins: Open floor discussion & questions

This will provide ample opportunity for both the speakers to express their knowledge as well as provide scope for policy discussions and general questions. By having a dedicated question time at the conclusion of the session facilitated by both onsite and online moderators, the organisers will ensure that all voices are heard. This is particularly important in the case of online participants, as the organisers recognise that many of our peers from developing countries may not be able to attend the IGF in person and as such it is paramount to us that we enable them to participate.

This is intended to be a intensely practical session, where participants are guided through where to look to identify data protection rights and how to exercise them. There is intended to be use of visual aids such as presentation slides as well as physical material to share and hand out. As a result, the practical outcome of this session is intended to be a lasting impact in proliferating information about Data Governance beyond the usual topic of GDPR and developed countries.

Expected Outcomes: It is expected that participants who attend this session will gain an insight into data rights around the Asia-Pacific region as well as be equipped with the skills necessary to find such information in their own countries and share that knowledge upon their return from the IGF. This will involve an understanding of where to find information about Data Governance on an international level as well as local levels.

Participants will also have the opportunity to interact and network with other interested parties in the Data Governance space, particularly those interested in working with engaging youth and broadening knowledge about data rights and governance in local communities.

The ultimate hope of the organisers is that this session enables participants to return to their home countries equipped with the skills to teach and communicate skills and techniques to deal with Data Governance in local communities and increase overall awareness of the topic on a global level.

Onsite Moderator: 

Ananya Singh, Civil Society, Asia-Pacific Group

Online Moderator: 

Elliott Mann, Civil Society, Western European and Others Group (WEOG)


Elliott Mann, Civil Society, Western European and Others Group (WEOG)

Discussion Facilitation: 

The organisers have planned for dedicated discussion time at the end of the session for policy discussions and general questions of the speakers. This will be evenly split between online and offline participation, recognising the important role online participants have to play in the IGF. The moderators and speakers are experienced in leading discussions, particularly in an educational setting, and as a result will be mindful of ensuring a balanced and fair discussion which is conductive to the aims of the session. This will involve ensuring an even distribution of questions. Further, the speakers are willing to network and chat following the conclusion of the session, further engaging participants who would like to discuss the important topic of the session further.

In conjunction with the focus on discussion, the organisers will market the session on social and professional media in the lead up to the session; and further promote the session while in progress via a live hashtag. This will ensure that the session is adequately promoted ahead of time as well as provide for those peers who cannot join the online participation session but are able to follow the session on social media.

Online Participation: 

The proposer is familiar with the use of the online participation tool through use in an enterprise setting and is conscious of the need to interact and engage with online participants throughout the entire session. This will involve constant monitoring of the tool as well as fielding discussion from online participants during the dedicated discussion time.

Proposed Additional Tools: Twitter: hashtag and posts in the lead up to the session as well as live tweets during the session.
LinkedIn, Facebook, Instagram: posts in the lead up to the session as well as follow-up discussion posts.
Presentation slides: used during the session as visual aids for each speaker


GOAL 8: Decent Work and Economic Growth
GOAL 9: Industry, Innovation and Infrastructure
GOAL 10: Reduced Inequalities
GOAL 16: Peace, Justice and Strong Institutions