This is now a legacy site and could be not up to date. Please move to the new IGF Website at

You are here

IGF 2020 – Day 11 – WS290 Unlocking the Internet: Stakeholder Perspectives of Interope

The following are the outputs of the real-time captioning taken during the virtual Fifteenth Annual Meeting of the Internet Governance Forum (IGF), from 2 to 17 November 2020. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 




>> ASTOR NUMMELIN CARLBERG: Hi, everybody, and it's 20 past 6.  So let's get going, straightaway.  Hello and welcome everyone.  I'd like to thank the people at the UN for helping us with the organization.  Thank you, it has been very smooth.  My name is Astor Nummelin Carlberg, and I'm policy director at Open Forum Europe, Brussels based Think Tank, and we work with explaining the merits of openness and technologies to policymakers and bringing experts together in settings like this, for example.

This IGF workshop is on how increasing interoperability could be a way to solve some of the most intractable issues of the Internet platform market.  This is actually the second IGF session that we are hosting on interoperability.  The first one two weeks ago was a pre‑event, where we invited speakers from different geographies to discuss the developments in this area from across the world.  We had Brazil, India, Australia, China and EU represented.  But today we are doing things differently.  We are taking a stakeholder perspective.  We brought together representatives from Civil Society, SME, consumer organizations, to get a broad picture of how increased interoperability in the platform economy could affect the stakeholders represented today.

Let me introduce our panelists.  First off we have Dr. Ian Brown, visiting CyberBRICS Professor and distinguished scientist.  In this context he is independent researcher studying interoperability and competition intensely for the last 7, 8 months.  Michal Wozniak is a independent expert specializing in information security privacy in the digital age, Internet Governance and federated services.  We have Maryant Fernandez Perez, lawyer and senior at digital policy officer at European consumer organization, she represents in that role 44 consumer associations from 32 countries.  Annika Linck, manager at European Digital SME Alliance, leading the organization's policy positions and advocacy towards the EU institutions.  And with us today we have my co‑moderator and co‑organizer, Vittorio Bertola, head of policy and innovation at Open‑Xchange, a global leader in free software application supporting the Internet's infrastructure.  Also I want to welcome Paula Grzegorzewska, who will take care of any questions or ideas that you wish to share in the chat or Q&A function, which you should be able to find at the bottom bar of the Zoom application.  Vittorio, would you like to quickly introduce the topic of today's discussion, and then hand over to Ian to set the scene and introduce his research.

>> VITTORIO BERTOLA: Sure.  Thank you.

  (cavernous audio)

Today's meeting is about giving you multiple stakeholder view of interoperability.  Interoperability is the ability of different but similar applications and services, typically by different makers to function together and to replace each other, be exchanged one from the other.  This easiest example is the Internet messaging world.  We are familiar with instant messaging like in WhatsApp, Skype and Telegram and these applications, you have many different apps, they have similar functionalities, but you still need to install them all to be able to communicate with everyone.  If you have people on WhatsApp, you need WhatsApp.  If you have people on Telegram, you need Telegram, you need one account and one installation of every app.  This is a waste of effort, waste of time and resources for the user.  But this prevents innovation and competition, because due to network effects, the fact that some of the apps are already dominant and most users are already there it becomes hard to create new applications and compete with the established ones.  If we interoperate for a set of common features, a user could use one and pick the best one and use it for everyone if you want, like E‑mail.  E‑mail is the opposite example.  This is to give you a basic idea of what we are talking about.  Now I will give the floor to Ian Brown for the introduction of the topic.

>> IAN BROWN: Thanks, Vittorio.  I will be very brief because I think with 60 minutes we should listen to our panelists and bring in our audience as quickly as possible.  As Astor said, I've just completed quite a detailed research project on the interoperability as a tool for competition regulation and what that might mean in practice for many of the common applications and services that we use on the Internet.  It's been a interesting project, both from the competition policy side, this is something that the European Commission, various members of congress and other policy focused lawyers, economist, Civil Society groups have been looking at as a way to improve competition in big services, I'm sure you are all very aware of how dominant a number of small, big, what the European Commission calls gatekeeper platforms are in a number of online services, whether that is social media, whether it's instant messaging, whether it's search, whether it's, so those you see a single provider holding in many countries a very high share of the market.  You see in many European member states 90 percent plus market shares of single providers.  You even see, I've got the best figures for the EU member states, in a number of EU member states, Facebook alone has 80 percent plus of the population using Facebook itself, and/or Instagram and WhatsApp, which of course Facebook also have acquired over the last few years.

From a competition perspective, interoperability is seen as one way of addressing the fact that several of these big Internet markets have what seems to be decisively tipped in the direction of one provider, very hard as Vittorio was saying for SMEs or even other large competitors to come in and break into a market to offer users new options.  We saw that even with Google trying to break in several times into the social media space found great difficulty even with its enormous resources, huge numbers of programmers, designers, very large user base, still had a very difficult time breaking into social media markets, so intra operability would be one way of giving a chance to new competitors to break into these markets and give users more choice.

But alongside that competition policy angle, I think a number of Civil Society groups have rightly emphasized the potential social impact of interoperability as well.  For example, I've talked quite a lot to colleagues from Article 19 freedom of expression campaign group.  They think opening up recommendation algorithms, letting people choose different providers to curate their own social media time line could be a very positive thing for freedom of expression.  I think we will hear more from some of our colleagues on this panel about the impact potentially on privacy and data protection, letting people who would prefer to make use of services that paid more attention to user privacy, that gave users more options about how their data was used and so on, could be something that could be very positive overall for the level of privacy that is available online.

There are wider questions about media pluralism and diversity in the democracies and perhaps a more controversial topic but relevant here in the EU, a number of European Commissioners have talked about increasing what they call digital sovereignty of European and other nations giving European companies in Europe the chance to compete with the giant largely U.S. and Chinese providers today, whose services are so dominant in certain areas, and that would hold for every other country in the world as well.

I'll pause there, and we can come back to some specifics throughout this conversation.  Thanks.

>> VITTORIO BERTOLA: Thank you.  Now let's come to Michal.  You could provide us with a perspective on social media.  For example, if Facebook or Twitter were to open their protocols, how would it work, what should their focus be on?

>> MICHAL WOZNIAK: Let me start with why I think opening of those protocols is important, and to start, to see why one needs to go as far as looking at how moderation works on Facebook and Twitter, which is it doesn't really work very well, and we know this pretty well from our own experiences, most probably, right?  The reason why moderation on Facebook and Twitter doesn't work well is because simply put, they are trying to create a single set of rules for the whole world to follow, and that is just untenable.  That is not going to work.  If you need proof of that, search for what a thumbs up means in Tuscany or Afghanistan, communication is contextual.  Different groups, different cultures have different, understand things in different ways and communicate in different ways.

It gets worse because even if they start moderating more seriously they need be facing backlash for censorship which is somewhat fair, they are the monopolists, they are the biggest networks.  If they ban someone, they make someone disappear from the social media landscape.  Of course, those large companies that Facebook or Twitter are complaining about this, but the problems that they put themselves in this position themselves with their centralized business decisions.  Simply put good moderation goes against the centralized business model they chose.  Interestingly, they start to recognize this themselves, there was a tweet from Jack Dorsey on Twitter saying centralized enforcement of global policy to address abuse and misleading information is unlikely to scale over long term, this is a direct quote.

There is on the other hand a fantastic talk by Caelin about how the centralized social networks dealt with the outright trolls when the outright trolls tried to join in and overrun the Fediverse, and the short version is because there were many instances, many codes of conduct, many different communities with their own little groups of people and their own groups of moderators and their own rules, they had more fine grained control of the communication.  They had moderators that were embedded in and caring for the communities.  Those moderators understood the context of the communication that could easily spot a troll.

The Fediverse also gives a better moderation tools because you can silence a threat, silence or block a user or completely defederate from a different instance and server, saying we don't want any communication with that particular server or that particular instance.  This also avoids the problem of quote‑unquote censorship, because if it's a decision of thousands of users and hundreds of instances, it's hardly coordinated censorship.  It is basically a lot of people don't want to talk to you.  This is the why.  Derek's talk outlines nicely, I'll link it in the chat, how and why moderation works better in a decentralized system and how to open, I would say, obviously we need to focus on open standards, and these have to be enforced.  What I mean by this is we have to agree on open standards and we have to make the big platforms implement them properly and fully, because they will try to subvert the process.  They will try to change those standards a little bit or add some things and they will say that this stifles their innovation and all of that.

But the only way to make interoperability work is if it's fully implemented open standard.  We should take it step by step.  Start with relatively low‑hanging fruit like public time lines, and gradually add more problematic things like private messages or groups or any additional kinds of communication that happens on those platforms.

One last point that I want to make here is that we have to be aware that initially, hypothetically, let's say that Facebook and Twitter open their protocols, initially other Fediverse instances all the other small servers, many of them will refuse to federate with them and that is okay.  As long as the first step of opening up this protocol is made, then it's on other instances to decide to join in, to federate with Facebook or federate with Twitter and gradually open up the second system.

>> ASTOR NUMMELIN CARLBERG: Thank you very much.  I'm going to move to Maryant, but put a pin in the open standards question.  We have reason to come back to that later, and in discussions with attendees on the call.  Maryant, perhaps the floor is yours to give the point of view from consumer protection.

>> MARYANT FERNANDEZ PEREZ: Thank you very much.  My name is Maryant Fernandez Perez, and I work at the European consumer organization, group of 44 organizations from 32 countries.  We deal with interoperability with this matter from the perspective of competition and perspective of bringing consumer welfare and choice and therefore protection.  The first point for us is that support a symmetrical regulation on platforms as gatekeepers.  What we mean by that, platforms that have substantial network effects, those that work in economies of scale and scope, platforms that lock in effects, users and consumers and therefore they prevent consumers from, high switching cost for consumers and data dependency.  We want to have stricter rules on these platforms that are gatekeepers, and we think that regulation is the first step for that, because we think that these problems are unlikely to solve correct; otherwise we wouldn't be talking about this in the first place.  One of the solutions to tackle this gatekeeper function is through interoperability.  As we have heard from the speakers, indeed can bring benefits, so we think one possibility to bring benefits to consumers and to the economy as a whole to make it more open and competitive is access to APIs to tackle structural, where interoperability is needed for other examples, additional rules could be foreseen.  We can discuss to have regulatory mechanism or legal obligation for interoperability that we need to be careful not to think about it in isolation, so we do not only need interoperability to have more competitive markets or to address the gate keeping functions of these platforms.  This is just one element that we need to consider, and there the key question is, as speakers have said, how you implement it and be aware of risks that it can entail.  We have lessons learned from previous attempts, at least in Europe, for example, in the payment services era where access to data by nonbanks was facilitated, but in practice it is creating issues, particularly for privacy and personal data protection.  For example, in this context it is important to bear in mind that existing rules to protect people's privacy and personal data is respected.  If a company is collecting data illegally, we don't want that with interoperability for example in that data that is legally collected that it's moved somewhere else and the problem becomes bigger and who is the accountable entity for that.  We see interoperability as possibility to bring more competition and consumer welfare and choice, definitely, so when there is a market failure, but we cannot see it as in isolation and that is what I wanted to say.  I'm looking forward to the discussion.  Thank you.

>> Let's move to Annika, would you give us perspective by SMEs, is interoperability useful to thrive on the market.

>> ANNIKA LINCK: Thanks for this question, Vittorio, and hello from Digital SME.  We are a alliance of small and medium size businesses in the ICT sector, European Digital SME Alliance represents 20,000 SMEs from across Europe.  Thank you for this question about interoperability being useful for SMEs, because yes, we do think it can be useful.  However, in the process, we have been repeatedly, we have advocated for a level playing field for SMEs in digital markets.  We believe as a organization that you need to have open, fair and competitive markets, because otherwise SMEs would have a hard time competing especially if there is already such a high concentration, there are these dominant players in certain markets, from which as has been discussed, as most participants here know also you benefit from feedback loops, from network effects, etcetera.  So if you want to create a fair economy where SMEs and innovators can actually compete, you need to provide some answers, and, yeah, advocating for interoperability requirements can be one of the answers, in the past we focused more on the competition angle.  Back in 2009 we backed the European Commission on its antitrust investigation against Microsoft for tying the Internet Explorer with Windows, and then in 2016 we were also a independent intervenor in the European Commission's antitrust case against Google and Android.  Because we are representing SMEs, and including app developers, and we wanted to make sure that there is an open and competitive ecosystem for SMEs, including SME app developers, but we are not only focusing, we don't really focus on one specific company.  We want to ensure this, that the markets are competitive, because this is actually the way to ensure that SMEs can compete, and that the economy overall can bring about innovation which is not only beneficial to the SMEs but to society overall, and also not to forget the European economy especially is reliant on SMEs, 99 percent of companies in Europe are SMEs.  They bring about a lot of employment, two‑thirds of employment in the EU, so they are really important.  They are also really important in digital markets.  Now what we have seen with the competition angle or with the cases that the European Commission has brought against the large dominant players so far, those have been really important and they have been considerable fines that have been imposed, but for now this hasn't really changed much in terms of slowing down or limiting their dominance.  So the issue seems to be more structural, which is why we also believe that interoperability can be an answer, but here of course, it comes, it's like the details, the nitty‑gritty details of how this can be done and how this can be operationalized are still to be discussed.  I'm very happy to also be in this panel to learn and discuss with experts what could be the way forward.  I'm going to stop here and happy to discuss further.

>> VITTORIO BERTOLA: Thank you.  I think I have a follow‑up question for you.  But first I want to add, coming from an SME which has been involved for so long, SMEs are the viewer of this extraordinary growth of the Internet in its early phase, initially the Internet was growing through this interoperability which was how things were meant to be in the beginning, which was what powered the external growth and creation of common knowledge and welfare that the Internet has brought about.  Even the dominant platforms of today, were originally start‑ups and SMEs competing against bigger giants in the field of ICTs and telecos and so on.  It is about restoring the potential for growth and innovation that was done in the beginning in my opinion.  It is not about become something very new.  It is like protecting the region in principle.  Something I'm wondering if you haven't thought about the standardization process, because the development of technical standards originally, this was a bottom up process made by individuals, even in companies.  Now it seems to tip in favor of big platforms running most of the show in many of the standardization organizations.  I don't know if you have also some comment on this.

>> ANNIKA LINCK: In principle, we are, yeah, we see that there is an issue here because as you are saying, a lot of times, it has to do with resources, SMEs usually have less resources to get engaged in complex and long term engagement commitments, like when you want to work on standardization, expert committees, etcetera, you need to have the time and the resources to send someone there who can actually do that work.  For SMEs, that is often more challenging.  This has been recognized by the policymakers, so there are some support programs here that provide funding and support to SME experts to be present in standardization organizations.

However, the percentage is still not real, it is not representative of the importance of SMEs in the economy, so indeed this is an issue, and I'm not fully sure what the answer is here, how to address that, because it's quite complex as well.  But indeed, it would be very important to involve us in standardization process, and also to create that link between, just making sure that these ideas can be operationalized and enforced.

>> ASTOR NUMMELIN CARLBERG: That sounds very good.  We are going to move in a little bit towards, I've put a pin in a bunch of things here, that we should include in a more of a open discussion, like privacy, the question around standardization, both how it can be used specifically to get those open protocols, those open APIs, but structurally speaking making sure it's a inclusive process.  But let me ask a devil's advocate question.  Say me, a average user, I feel like I'm not at all interested in linking my Facebook messenger with Twitter and Slack and discourse or whatever.  I want to use them in different ways, separately, for different people, for different reasons.

What answer would you give to somebody who poses this kind of question or this kind of concern?  Ian, any thought?  Michal?

>> IAN BROWN: Why don't you go first, Michal.

>> MICHAL WOZNIAK: Fine.  These are different tools, so nobody is saying that for example E‑mail needs to be interoperable with social media, or that IMs or Internet chat needs to be interoperable with E‑mail, although there are projects that actually do this.  There are forums like discourse which offer a online Forum that is also accessible or usable as a mailing list.

But obviously, tools like Slack and tools like Twitter are different kinds of tools and are used for different kinds of things.  They don't have to necessarily talk to each other.  But it would benefit the users to be able to choose different Slack‑like providers or Twitter‑like providers, and still be able to talk to users on Twitter or on Slack.  We are talking about interoperability within a similar tool that achieves a similar goal, not necessarily about every single tool talking to each other, because of course that doesn't necessarily make sense.

>> IAN BROWN: To add to that, I agree with all of that.  Nobody is saying we should force users into interoperability, so someone in a situation, Astor, you described, would remain, it would be entirely possible for them to continue working like that, no one will be forced to connect their profiles on different services.  We have seen some, one or two academic papers saying exactly what you just said, Astor, that today some people do use those different services like that, actually even quite similar services, people might use one instant messaging app with their family and their boyfriend or girlfriend, very close friends.  They might use a separate app for group discussions with school friends, their university friends, their colleagues.  They might use perhaps LinkedIn would be a obvious example for much more professional networking focused activities.  People will be entirely free to do that.  Regulation would require, any potential interoperability regulation might require the largest platforms to allow interoperability when people wish, when users choose to connect their profiles.  But it won't force them.  Actually, if we had more interoperability from the largest platforms, we might see all sorts of new products and service innovation come out of that, of bringing together people's profiles and communities in other ways which by definition as a counter factual we can't see today until that interoperability is there.

>> MICHAL WOZNIAK: Can I add, we see this innovation already happening in the Fediverse we have instances like Mastodon which are Twitter like, we have instances using pixel fed which are let's say Instagram like and we have instances that are using PeerTube which are kind of YouTube like.  These are three different kinds of interfaces that are used for different kinds of social sharing.  Yet underneath they are using the same protocol, they are using ActivityPub, so I can follow a user using my Mastodon account, I can follow a user that is using PeerTube and is publishing videos on PeerTube that I'm interested in.  I don't have to do this, and additionally I can have different accounts on those different interfaces or they are used for different things.  In fact I do have different accounts that I use for different things.  But the power for this, the power to do this is with me.  I have the power, as a user, to say I'm using this account for Instagram‑like things, and I'm using this account for Twitter‑like things and I'm using this account for whatever my video, social video requirements.

>> VITTORIO:  Thank you.  We can move to Q&A and questions from the audience.  I'm going to start with one that came in the chat and also there is Q&A posts already there.  A interesting point is raised, in other conference, the point was raised that companies are edging away, they lack (indecipherable) the point I'd like to make before turning the question to anyone in the panel that wants to answer, is that interoperability is really at the base of the Internet together with open standards and open source software, which can be tied to it.  It is a way to, the whole system, especially in Europe when we have 27 different economies and languages and societies and markets, notwithstanding the efforts to unify them, it is easier to think that we can have constellations and alliances, one very big company like Google or Microsoft or Amazon or whatever, and interoperability and open standards are DNA for this, this cannot happen unless you have common languages and common standards that allow you to create synergies among the services by all the different companies in the various countries.  I don't know if other people have the same thought but I think the answer is resounding yes.  Anyone on the panel wants to comment?  Otherwise I'll give the floor to Astor.

>> IAN BROWN: The reason that these big ecosystems, and actually the economists use the word in a different way to the technologists, technologists take it for granted that ecosystems include multiple companies, they are more like the European idea that Vittorio was talking about, whereas the competition economists think of the mega firms that have their own internal ecosystem, they have privileged access to data about their customer, they give privilege services to each other that they don't give to competitors, that is what has to a significant degree propelled their incredibly rapid growth.  You can argue there are some benefits to society from that perhaps.  It encourages those companies to grow incredibly quickly.  They get a lot of scale efficiencies.  They will bet large amounts of money on new products and services, they may invest signature amounts in R&D, but over time, I think it's certainly equally if not more arguable, and this is what competition regulators themselves say as well, so for example, the UK's competition and markets authority said this in a major report earlier this year.  It is better for consumers to have lots of companies competing because that will stimulate more innovation and new products and services over time, that will better suit the needs of consumers, rather than having these small number of enormously profitable and historically large companies sitting right in the center sucking up all of the products and services around them.  There have been various statistics this year saying that the five, the Google, Apple, Facebook, Amazon, Microsoft I think, the original five are worth something like at some points this year 25 percent of the U.S. stock market, S&P 500.  They have grown so enormous.  These multi trillion dollar companies, those do have some benefits.  I use Mac products myself.  I enjoy using them.  They are slickly designed but other people have different preferences.  They don't want to have to use Apple everything or Google Android everything.  They would like options from perhaps European companies that do things differently.  They would like more choice to use open source software that could give them all sorts of different ways of achieving their goals.

>> ASTOR NUMMELIN CARLBERG: Very good point.  I think we will probably come back to this discussion.  There will be some questions posed around this as well.  There is one point that I want to make sure that we don't leave hanging, because it came up, in some ways from chats but also something that Michal mentioned and it's the question of privacy, Maryant as well, something we need to address in this panel as well.  I don't know who wants to pick it up, but talk a little to the relationship between increase interoperability and privacy.  Do you want to take this one, Michal?

>> MICHAL WOZNIAK: Sure, I can take a stab at this.  One way to look at this is that currently, Facebook controls the communication of roughly more than a billion users, right, more than a billion people currently communicate mainly through a service run by a single company.  The alternative is that when you are communicating through an interoperable service, you are most probably talking to a user on a different instance controlled by someone else.  Some people see this as a threat.  They see this as a potential problem because now you have not only you and the other user you are communicating with and not only the admin. of the service, which in case of Facebook is Facebook, but in case of a interoperable service where you are talking to a user in a different instance, you have two different sets of admin., two different sets of people or entities that control or are involved in this communication act.

But this also means that no single entity in a decentralized network, no single entity has full view of the social graph, no single entity has a full view of all the communication that is happening as opposed to Facebook which has a full view of every single communication that is happening on Facebook.

Even though now you have, if we go, if we interpret the goal the interoperability route, even though we have two different sets of admins that you have to trust, this is already a success because now not a single entity has the full view.  Plus you can have, again, the decision is yours.  It's not like right now where you either have to agree to Facebook's terms and conditions or not be able to communicate at all.  If you have a interoperable communication service, you can tell the other user, you know what, I would prefer, could you set up an account on this other server?  I trust them more.  Now you can have this conversation.  You can say these guys are better with privacy.  I trust them more.  Let's have a conversation once you set up an account there.  This is not something you can have with Facebook right now.

Another point I want to make is that if you dive, if you spend time on the Fediverse, if you start using Mastodon or any other socialized network, you notice small things related to privacy, for example, if I create an entry, let's say Mastodon version of a tweet which is called a toot, and I decide, its follower only, I will get a message saying you might want to lock down your account, because your account is not locked down, anyone can follow you.  This thing that you are doing with followers only is not necessarily effective.  There are plenty of those small messages all around the place, because Mastodon doesn't really care about scaring the users.  It cares more about being honest with users.  This is their quote‑unquote business model, let's call it.  They can be more honest about potential privacy issues and they are.  I would say that I don't really see huge privacy issues.  You get the additional set of admins that looks at, that can see some of the communication acts, but you win so much in return, that I think this is going to be worth it.

>> ASTOR NUMMELIN CARLBERG: Yeah, okay.  It made me think of Maryant's comment earlier, because sometimes when we talk about interoperability in the platform market, in the Fediverse there are examples of how dynamics play out.  Maryant lifted a point in the area of open banking, you mentioned about privacy concerns.  Here we have this LinkedIn privacy, perhaps you could develop this a little bit.

>> MARYANT FERNANDEZ PEREZ: Sure.  The point is that when you would design interoperability as a remedy or as a legal obligation or some open standards, of course there is a different, we see interoperability as a layer step approach where it is not going to, you are not going to have the ideal scenario by we now have interoperability and that has to be done by 2021.  In open banking, the idea was to open more competition in the sector, by allowing other service providers to offer services that consumers requested themselves.  But sometimes to offer their services, these actors would need access to certain data, but the point would be that you as a consumer with decide when and how this data would be sent to another provider.  But in practice we have seen tensions between banks, we have seen that the European banking authority that is in charge of implementing it was not looking much at the GDPR.  We see there have been contradictions, but luckily the European data protection board has come up with guidelines that were subject to private consultation to how to put the consumer in charge and how to ensure that existing laws would still be applied.  That is what I meant by not dealing with interoperability in isolation, by having interoperability you cannot forget for example in Europe the GDPR.  Yes, we see multiple privacy violations but not because we don't have the law.  It is because it is not being enforced.  There are various things that even if you have a legal basis being consent, that consent often, we see that it's not always meaningful.  It is not really respecting the principles that are embedded in the GDPR because of what we call the dark patterns because how the choice is presented to the consumers so the same issues could be seen by mandating interoperability.  The key is how you implement it in practice to give the choice to the consumer, to allow more competition.  If a platform were to offer interoperability as well, it would be ideal that the law would prohibit discrimination or terminating interoperability.  We see some platforms indeed offer other services and they make them interoperable.  One clear one is Facebook and Instagram, there are issues where you can see they are interoperating, but why not open to others.  That is the key, why in their ecosystem but not elsewhere.  The key question for policymakers that is a complex one, and for us and all stakeholders involved is how to make sure that the end result will benefit consumers.  That is the key, you are talking about privacy, but also competition, and we think that there are other measures on top of interoperability that are needed to achieve the end result, on privacy, enforce the law, also there are extra rules that we need to get in place, for example, the privacy regulation that would be particularly important for avoiding tracking by default, if we manage to get there.  But also other tools, like prohibition of self referencing in certain scenarios, restrictions on when you install a browser that has a impact on consumer behavior, to say that interoperability can be a powerful tool to bring more competition, but it is not the only one.  We need to make sure that it will work for consumers, and also other smaller businesses as well and not for the usual suspects.

>> ASTOR NUMMELIN CARLBERG: Sure.  The point you made, to hammer home, it's interesting to see companies such as Facebook essentially going for more interoperability between its services, showing that, because in different conversations we have heard concerns being raised saying that, if there is no demand from users or consumers to have this, then why would you mandate it?  But it kind of shows if one of the biggest companies actually increase at least within their own ecosystem more interoperability, that they have identified this kind of market demand.

Any other comments from the panelists on the question of privacy?  It is a very important one.

>> MICHAL WOZNIAK: I will add.  Ian, please go ahead.

>> IAN BROWN: Just to emphasize what Maryant was saying, that in Europe and many other countries, although not yet maybe given the new administration in the U.S., we have this comprehensive data protection regime.  It needs to be enforced, as Maryant said, but actually the European data protection authorities have already produced specific guidance to deal with the interoperability of national COVID contact tracing apps, and the privacy implications of that.  EU member states are enabling the national apps that they are giving to their citizens to run on their smart phones, to look out for signals from other people's smart phones running the app who later notify everyone that they have come into contact with if they have been diagnosed as positive with COVID, that will work crossborder.

I'm currently in Spain, I could go, well, not France actually, but one of the other European member states participating in this, Italy is participating I think, Vittorio, and I could come back to Spain, and if I then started showing symptoms of COVID, I had a test, I was positive, I notified my app, then the warnings would flow not just to other people in Spain that my phone had been near, but also to Italy.  The EU data protection authorities have published guidance on the privacy implications of this.  Although it's a specific scenario, I think those guidelines actually are useful to build on, and on top of the broad GDPR rules that are there.

I would emphasize, and this is something Vittorio and I have both had conversations with other people about, E‑mail is interoperable, and somehow we manage with E‑mail.  E‑mail has not caused gigantic data protection breaches.  It is not perfect when it comes to data protection, but it is a comprehensive horizontal as policymakers call it set of data protection rules.  It covers all situations.  There is also in Europe a specific instrument, the ePrivacy directive that is being updated at the moment.  That updated ePrivacy regulation as it is planned to be might actually, if there are really specific issues that come up from required interoperability in a digital markets act, that could be somewhere that they could be addressed and similarly in other jurisdictions that are looking at reforming competition law, they also need to think about their data protection law at the same time.

>> ASTOR NUMMELIN CARLBERG: That is great.  Of course, you pointed to practical points here, but we will have reason to come back to the conversation around privacy and interoperability, because as you said, really important to keep that in mind and not treat any of these steps in isolation.

There was one question that has been discussed earlier and I would like to give it more attention, it's this link between let's say a potential law, potential digital markets act and provisions in there, to the world of standardization, and in fact, the production of the actual open standard through which things cannot interoperate.  I'm looking at Annika and Vittorio, to get back to you.  Vittorio, if you start, to explain the link a little between the law and how this could engage standards organizations, because I'm not sure if this is clear to everyone in attendance, and talk a little about the standardization system and how we can encourage to make sure that what we get at the end of the process is something that works.

>> VITTORIO BERTOLA: Sure.  You need technical standards to make interoperability happen.  These technical standards should be open and fully open and implementable without having to pay royalties or other conditions.  Otherwise this becomes a way to limit competition and possibility to reach the end of the market.  The discussion is you cannot force technical standards now because technology evolves at a quicker pace than the laws.  We will need to have some way of, having giving high level principles, validate objectives of the technical standards, at the same time keeping the standardization process of the Internet which are open and functioning, except that increasingly in recent years we are having problems with standards organizations that are so open that one of these big companies can send lots of people and dominate the conversation.  On the other hand, also there is the problem smaller companies do not have the money and resources to attend these processes.  In the end it's easier for bigger companies to take the lead.  There is a need to rethink partly this process, not completely because they are the base of the Internet but to bring global representation, companies that are not just from the U.S. and Silicon Valley, from all over the world, including developing countries, so increase the diversity in the standardization process, especially the global ones.  You have to find compromises between innovation and compatibility.  Of course, you want to have a full set of compatible features that everyone supports.  At the same time, you want to leave the opportunity for each player to innovate and put new things on top of the common features and compete on that and bring innovation.

>> ASTOR NUMMELIN CARLBERG: Out of curiosity, Michal, you mentioned ActivityPub earlier, this is a standard, now I hope I have my facts right, but I think it was developed in W3C, and here it was a process, maybe talk a little of what it is and how it was developed, and maybe what the potential future is of this standard, and what can we learn from ActivityPub when looking at interoperability in a broader sense.

>> MICHAL WOZNIAK: I wasn't deeply involved in the standardization of ActivityPub, but I was observing this process somewhat from the side.  It started off as just, I believe it was more than 50 different open source social networks, each of them had their own little precious protocol, and none of these protocols were compatible with each other.  You would have those tiny little islands of a few hundred, few thousand users, speaking one protocol, and then speaking another protocol, then speaking yet another protocol somewhere else, and eventually after years and years of talking between the developers, the developers finally got the idea that maybe it would make sense to have a single protocol, like all of this is open source, all of this is like open protocols, but these protocols differ.  They sat down and ironed out this protocol called ActivityPub.

I don't think we should dive too deep into the technical specifications, but the basic idea is that you have a in‑box and outbox, that is what it is.  Messages come to your in‑box, you read them, then you have a outbox where the messages are sent.  It's a simple mental model that lends itself very well to a lot of different kinds of use cases, like social networks but also IM or chat or E‑mail like services, or anything that passes messages between users across different servers.

But I think the biggest take away is that this is a very difficult and arduous process.  There will be a lot of people that have strong opinions about this, and there will be several people involved that are not entirely honest about their real goals, especially if we are talking about creating a standard for the mainstream social networks like Facebook and Twitter.  They will immediately send their people, their technical people to join and try to subvert this process and try to change the protocol and try to pull their own way as much as possible.  But what I would say is, ActivityPub exists.  It is being used out in the field.  It has the functionality that users clearly want.

I would say just start there, instead of reinventing the wheel, Twitter will try to reinvent the wheel, create a new open protocol.  This is definitely not the way to go.  I would say let's start with something that exists, that works, that has been implemented already in dozens of different software projects across thousands of instances with about 4 million users and those different instances, if need be, we can try to extend it and make it better and implement in features.  This is also somewhat related to the question of privacy, because I think as I said what makes sense is to take this step by step.  If we are talking about opening up and decentralizing social networks, we have to do it step by step.  We cannot do it wholesale.  This is too big of a problem and too big of a project.  I would say use ActivityPub for public time lines and then let's talk about private messages and talk about groups and talk about the more difficult complicated ‑‑

>> ASTOR NUMMELIN CARLBERG: That sounds good.  We only have a few minutes left.  I wanted to get a quick round with the panelists, to the attendees who we are grateful are staying at least in Europe it's quite late, so the ones who are here, glad you joined.  But to go around to the panelists, if there is something you want to leave the attendees with in the context of the interoperability and platform, something to think about, something to keep their eyes open for, could really be anything.  Maybe, Maryant, do you want to start?

>> MARYANT FERNANDEZ PEREZ: Sure.  We have discussed my aspects.  I would emphasize the need to avoid a race to the bottom in terms of privacy protections.  We talked about E‑mail and of course we can communicate by E‑mail easily and smoothly.  If you use encryption, you cannot really talk to everyone, unless they have a key, and it's not that simple.  But not being simple doesn't mean it's not possible.  Just bear that in mind.  We need to bear in mind the difficulties and challenges in trying to make it right.  I look forward to the next steps.

>> ASTOR NUMMELIN CARLBERG: Great.  Vittorio, now you are a moderator, but I throw you in as well because you know a bunch about this.

>> VITTORIO BERTOLA: I don't have much to say.  I think this is the way to go, let's try this.

>> ASTOR NUMMELIN CARLBERG: Okay.  We hear now that they allow for a extra five minutes.  You can extend it a little bit.  Annika, from your point of view, final points and we will see if there are unanswered questions, we can give them as well.

>> ANNIKA LINCK: Yes.  I want to say what I already said before, that actually we want to have an open competitive digital environment, and here I found it very interesting to hear that Maryant for instance was saying similar things, interoperability can be one building block of this, but we also need other obligations and we need proper enforcement of potential rules that will be put in place by the digital markets act, so yeah.  I think there is not really a contradiction here so much between the vision we have as an association of small and medium sized enterprises, and what is good for consumers.  I'm happy also that this came out of this discussion, at least from my side.  Thank you.

>> ASTOR NUMMELIN CARLBERG: That is great.  Michal, have to pick one of the names, but Michal.

>> MICHAL WOZNIAK: Whatever works.  Somebody mentioned at the beginning of the panel, somebody mentioned the openness of algorithms, that we have not talked about this a lot.  And I think this is a immensely important topic that we also have to keep in mind, the openness of recommendation algorithms and openness of time line creation algorithms and all of that.  Amazingly, the interesting thing, one of the many interesting things that I notice time and again on the Fediverse is that for some reason there is a rush of users quitting Twitter and going to Mastodon, joining the Fediverse, and a lot of those users are fascinated, they are relieved to see that the time line is chronological, like the simplest algorithm, this is a algorithm, right, take the tweet and put it there in the order that they come in.  It's the simplest one.  And after years of Twitter trying to improve the experience with their fancy AI driven time lines, turns out that the chronological time line is what users want.  Now here they have this kind of a choice, right?  So let's be mindful and remember about recommendation time line and other kind of algorithms at play that these should be also open and interoperable.


>> IAN BROWN: Two brief things, partly responding to the chat as well, Colin and others in the chat rightly said, and Annika said earlier as well actually, we need to think not just about what laws and regulations say, but also about practical support for SMEs and for Civil Society to get involved in standardization processes, because it's really important that we have a diversity of voices in those processes, because the standards that come out of them will reflect very strongly who had the biggest say in defining the standards, so that's my first point.

My second point is, I think actually this is something, this is a topic that really would be good for the IGF to take up and do more of, because it's something that many different jurisdiction are thinking about, it is not only, by a long way, the EU that is thinking about this, and it would be great for everyone if jurisdictions were thinking about this in similar ways.  They don't have to do everything identically and of course they won't.  But it would be helpful to the SMEs that would like to be able to export all around the world, to Civil Society, that are very focused on global human rights issues, and to users everywhere, if as far as possible, what we don't want is a European Fediverse, an American Fediverse, Australian Fediverse and Indian Fediverse that didn't interact with each other.  We want this like the Internet to be a global system ideally.

>> ASTOR NUMMELIN CARLBERG: On that point, and I think for the ones who are interested, here we have a quite EU focused discussion, but we have and you can find it on the IGF YouTube channel our discussion on these topics from more geographies than the EU, so we had that covered as well.  I think from our side, at Open Forum Europe, this is really the beginning of the conversation, early December we are expecting the digital markets act to be presented by the European Commission.  Then it's going to be important also in the process of the developing that legislation to have as many voices involved discussing all the issues and not keeping them in isolation.

I hope or I'm sure that this is not the last Forum like this that we are going to host.  And in the beginning of next year we are going to have at least a European law that we can discuss the nitty‑gritty of.  Then hopefully we can build on the kind of attendance that we had here today from all across the world, because there are a lot of lessons out there that are going to be important for the EU to learn when they develop this legislation as well.

So before I end here, I want to make sure that I do ask Vincent from the UN who helped us with this told me to do and that is to encourage you all to leave feedback in the built in system.  I hope that is all I had to say.  I haven't seen this feedback version but when you find it, use it.

With that I would like to thank all the panelists very much from Open Forum Europe, this was a very nice and interesting discussion, and I think a start of many more discussions to come.  Thank you all of you, and have a nice evening or day or morning or whatever time it is in the world where you are at.  Bye, everyone.

>> Thank you, bye‑bye.

>> Thank you.

>> Bye.

>> Thanks so much, bye‑bye.


Contact Information

United Nations
Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage
Palais des Nations,
CH-1211 Geneva 10

igf [at] un [dot] org
+41 (0) 229 173 411