IEEE Global Internet Policy Monitor

Article Index

The IEEE Global Internet Governance Monitor is a weekly document reporting on significant Internet Governance related activities around the world. To access the full reports containing additional details and other news items, please join the Internet Technology Policy Community on IEEE Collabratec. Following are summaries of the most recent reports:

8 June 2016

The weeks ICT news has focused mainly on international cooperation with negotiations ongoing for major cooperation deals between the USA and the EU, ASEAN and India, as well as plans for further regional cooperation in Europe and Asia.

In European news the European Union has started laying the ground-work for a digital single market for its member states. The intention for the new strategy is to foster innovation and cut red tape for start-ups, whilst also ensuring greater choices and protections for consumers. The European Parliament has responded to the strategy proposed by the European Commission in 2015 with an own-initiative report. The report will feed into the upcoming legislative proposals, which will require the European Parliaments approval before coming into full force.

Following on from recent developments the Privacy Shield between the USA and the EU has come in fro further criticism, with Giovanni Buttarelli the EUs Data Protection Supervisor arguing that the agreement is not robust enough. This condemnation is likely to place increasing pressure on the Juncker Commission to renegotiate the deal, potentially placing a final agreement beyond the term limit of the current Commission.

In other European news the EU Commission has launched a call for proposals for the deployment of a series of broadband networks and European Digital Service Infrastructures. The announcement comes as part of a 10.5 million program designed to improve the EUs digital infrastructure.

Across the Atlantic there is a greater array of news stories as the US houses of Congress continue to battle with the state regulator, the FCC, on issues of cyber privacy and net neutrality.

In particular there have been announcements this week from the House of Representatives of plans to cut the budget of the FCC so as to protect major cable television providers AT&T and Comcast. The move will greatly affect the FCCs ability to use its new net neutrality powers and will diminish the FCCs authority on all cyber issues in the USA.

On an international note the USA is currently planning to form a bilateral cyber cooperation pact with India during Prime Minister Modis visit to the USA this month. The deal will be the first of its kind and will encompass a range of cyber issues from international governance to cyber security.

Whilst the American Government has announced this positive step forward in cyber cooperation, other arms of the Federal system have been quick to object to other international news items. Of interest are the Department of Defense's statement that the US will not cooperate with the Russian military on cyber issues. This comes as a result of Russia's actions in the Ukraine which have prompted a breakdown in cooperation with the US.

In Asia there has been increasing focus on Pan Asian cooperation across cyber related issues, with increasing focus on the actions of ASEAN and the TTP agreement with the USA.

In India the national telecom regulator Trai has published a paper attempting to define net neutrality and the issues it would like to discuss in its upcoming consultation. Trai are looking to stakeholders to answer six key questions, including what should comprise the core principles and policy approach toward net neutrality in India.

Cyber security has been of increased importance to Asia's militaries following an announcement from the ASEAN body that State Defense Chiefs have agreed to form a new Cyber Security group. In a separate announcement Taiwan also announced that they would be forming a fourth branch of its military to deal with cyber security and external threats.

Cyber analysts have focused heavily on Asia's digital divide this week, with discussion of how the TTP agreement between ASEAN and the USA could improve cyber skills. Particular interest has also been given to the impact of India's internet access upon the country's economy. With one article commenting that India could see an increase in GDP of $1 Trillion if it can get all of its citizens online.

In the rest of the world there has been little news in terms of ICT stories, with the notable exception being the continued investigation into the Bangladesh Central Bank hack. What was initially viewed as an isolated event has now been found to have happened across the SWIFT messaging network, with a total of 12 banks, including some in the Philippines and New Zealand believed to have been effected. There have also been allegations from the cybersecurity firm Symantec Corp that North Korea has been behind a series of hacking attacks on Asian Banks that has culminated in the current SWIFT messaging hack.

Global Cyber institutions have been largely quiet this week. Amongst this week's announcements have been ICANNs introduction of new bylaws and the invitation for submissions from those wishing to sit on the 2017 nominating committee as chair and chair-elect. In other news Tunisia has agreed to host the 2016 World Telecommunication Standardization Assembly (WTSA-16) with the UNs International Telegraph Union (ITU).

1 June 2016

The following is summary of the most recent IEEE Global Internet Governance Monitor report. To access and download the full report containing additional details and other news items, click here.

In European news the European Union has started laying the ground work for a digital single market for its member states. The intention for the new strategy is to foster innovation and cut red tape for start-ups, whilst also ensuring greater choices and protections for consumers. The European Parliament has responded to the strategy proposed by the European Commission in 2015 with an own-initiative report. The report will feed into the upcoming legislative proposals, which will require the European Parliaments approval before coming into full force.

In other European news the EU Commission has launched a call for proposals for the deployment of a series of broadband networks and European Digital Service Infrastructures. The announcement comes as part of a 10.5 million programme designed to improve the EUs digital infrastructure.

On an international note the USA is currently planning to form a bilateral cyber cooperation pact with India duringPrime Minister Modis visit to the USA this month. The deal will be the first of its kind and will encompass a range of cyber issues from international governance to cyber security.

Whilst the American Government has announced this positive step forward in cyber cooperation, other arms of the Federal system have been quick to object to other international news items. Of interest are the Department of Defenses statement that the US will not cooperate with the Russian military on cyber issues. This comes as a result of Russias actions in the Ukraine which have prompted a breakdown in cooperation with the US.

In Asia there has been increasing focus on Pan Asian cooperation across cyber related issues, with increasing focus on the actions of ASEAN and the TTP agreement with the USA.

Cyber security has been of increased importance to Asias militaries following an announcement from the ASEAN body that State Defence Chiefs have agreed to form a new Cyber Security group. In a separate announcement Taiwan also announced that they would be forming a fourth branch of its military to deal with cyber security and external threats.

Cyber analysts have focused heavily on Asias digital divide this week, with discussion of how the TTP agreement betweenASEAN and the USA could improve cyber skills. Particular interest has also been given to the impact of Indias internet access upon the countrys economy. With one article commenting that India could see an increase in GDP of $1 Trillion if it can get all of its citizens online.

In the rest of the world there has been little news in terms of ICT stories, with the notable exception being the continued investigation into theBangladesh Central Bank hack. What was initially viewed as an isolated event has now been found to have happened across the SWIFT messaging network, with a total of 12 banks, including some in the Philippines and New Zealand believed to have been effected. There have also been allegations from the cybersecurity firm Symantec Corp that North Korea has been behind a series of hacking attacks on Asian Banks that has culminated in the current SWIFT messaging hack.

Global Cyber institutions have been largely quiet this week. Amongst this weeks announcements have been ICANNs introduction of new bylaws and the invitation for submissions from those wishing to sit on the 2017 nominating committee as chair and chair-elect. In other newsTunisia has agreed to host the2016 World Telecommunication Standardization Assembly (WTSA-16) with the UNs International Telegraph Union (ITU).

25 May 2016

A busy week this time around in the world of ICT. Developments of interest have filtered in from all corners of the globe and are explored in further detail in the monitor below.

In Europe, it was reported this week that the proposed new framework for facilitating the transfer of personal data between the EU and US, the so named ‘Privacy Shield’ has still to be endorsed by a data protection committee containing representatives from the national governments of EU countries. The Article 31 Committee met with officials from the European Commission earlier this week and was due to be updated by the Commission on "the state of play on the EU-US Privacy Shield". However, technology news site Ars Technica reported that the meeting was concluded without agreement being reached on whether the Privacy Shield should be deemed as providing for adequate data protection when personal data is transferred to the US from the EU in line with framework, as is required by EU law.

Also of interest on the theme of governance, ministers from 14 EU countries have this week called for the removal of "unjustified barriers" to the movement of data across borders. The ministers from Belgium, Bulgaria, Czech Republic, Denmark, Estonia, Finland, Ireland, Latvia, Lithuania, Luxembourg, Poland, Slovenia, Sweden and the UK outlined their views in a letter to Henk Kamp (6-page / 532KB PDF), Dutch minister for economic affairs. The Netherlands currently holds the presidency of the EU's Council of Ministers. The Council, together with the European Parliament, is responsible for passing new EU legislation. The letter was also sent to European Commission officials, including the EU's digital commissioners Andrus Ansip.

On a cyber-security note, the European Council announced new cyber-security rules designed to make networks and information services across the European Union safer and more secure. The network and information security (NIS) directive will require providers of essential services – such as energy, transport, health and finance – and "digital service providers" – such as online marketplaces, search engines and cloud services – to take steps to reduce the risk of cyber-attacks and to report any major security incidents.

Regarding cyber-privacy, an issue of extensive contention at the moment, it was revealed during the week thatUdo Helmbrecht, the director of ENISA, the EU cybersecurity agency, and Rob Wainwright, director ofEuropol, the bloc’s law enforcement agency, have been in talks over the last two weeks to try to come up with an agreement on encryption. The two organisations have previously been publicly opposed to one another regarding the issue of encryption but the announcement this week suggested they have now agreed on limits to law enforcement agencies’ access to private data.

News from the US included the story detailing how US Senators have warned against the US plan to let China and Iran in on Internet governance as part of the US administration’s work towards handing authority over the body that controls Internet domain naming function, which interprets code into words, off to the Internet Corporation for Assigned Names and Numbers , an international agency based in California. The plan has met with delays in the face of congressional objections, but hopes within the administration are for the transfer to be completed prior to President Obama vacating office. Senators warned against that move in a letter addressed to Secretary of Commerce Penny Pritzker on Thursday. "The proposal will significantly increase the power of foreign governments over the Internet, expand ICANN's historical core mission by creating a gateway to content regulation, and embolden [its] leadership to act without any real accountability," said the letter, which was signed by Republican senators Ted Cruz of Texas, James Lankford of Oklahoma, and Mike Lee of Utah.

Also of interest was the news revealing the extent to which net neutrality complaints have flooded the US following the FCC rules regarding net neutrality took effect in June 2015. Internet service customers have filed 20,991 net neutrality complaints since the implementation of the new regulations according to new data released by the Federal Communications Commission. The data includes 86,114 Internet service complaints filed since October 31, 2014 against home Internet and cellular ISPs. Net neutrality has been the most common type of complaint since the rules went into effect and is near the top of the list even when counting the first seven months of the data set in which net neutrality complaints weren't yet being accepted.

Cyber-Security also received a good degree of coverage in the US this week. Of particular interest was the announcement that the ill-gotten gains of New York criminals will be used to fight cyber-attacks in London in a new initiative to protect the world’s two largest financial centres. TheManhattan District Attorney’s Office is giving $25m over five years from criminal forfeits to fund the Global Cyber Alliance with the City of London Police. The project aims to share intelligence on attacks across borders: past crackdowns have often been stymied because companies have kept such attacks secret due to fear of reputational damage.

A busy week in the Asian ICT sphere this time around too. Of particular interest was the announcement that the Indian Government’s Department of Electronics and Information Technology brought together industry and academia in a first move of its kind to ensure India has a greater say in setting standards on the internet by engaging with the Los Angeles headquartered non-profit organisation Internet Corporation of Assigned Names and Numbers (Icann). It was reported that the department held daylong consultations with the IT services industry, ecommerce players, internet service providers and academia including IITs, to fill an important gap in the ongoing debate on internet governance — the lack of active participation from the private sector. Officials said the workshops aimed to identify the areas where the private sector and academia can work together to engage better with Icann.

On the topic of net neutrality, the Indian Telecom regulator TRAI has proposed exploring models to give consumers free Internet service within the Net neutrality framework, months after barring platforms like Facebook’s Free Basics and Airtel Zero under its differential pricing rule. The consultation paper (on free data) is being issued to explore model(s) that could achieve benefits of offering free data while avoiding the ingenuity that the differential tariff regulation is meant to prevent,” the regulator said in the consultation paper.

Also of interest were cyber-security related developments, with reports emanating that theAssociation of Banks in Singapore (ABS) has invited SWIFT for a meeting in June to discuss the latest cyber-attacks on banks in Bangladesh and Vietnam which involved SWIFT's financial messaging service. In addition to this Banks in Hong Kong are set to face stiffer cybersecurity obligations in light of measures being introduced by a financial regulator, an expert has said. The Hong Kong Monetary Authority (HKMA) has introduced a new cybersecurity fortification initiative (CFI) in a bid to "raise the level of cybersecurity of the banks in Hong Kong".

Plenty of news from the remainder of the ICT world, with stories of interest including the announcements that Canada’s telecom regulator is set to take a sweeping look at a key Net neutrality issue at a public inquiry on “differential pricing” of home Internet and wireless data plans in the fall; the Group of Seven (G7), the leading advanced economies in the world, reportedly pushed the topic ofcybersecurity to the forefront of conversation at the G7's meetings in Japan last week and according to Google, there'll be half a billion internet users in Africa by 2020 following the organisation’s roll out of a new training scheme.

Of note emanating from Global Institutions this week, news that ITU’s governing Council opened its annual session under the chairmanship of Ms Julie Zoller, Senior Deputy Coordinator for International Information Communications and Information Policy at the U.S. State Department. Noting that leaders from around the world have committed to achieving global Sustainable Development Goals (SDGs), Ms Zoller said, “At this Council, we will ensure ITU’s contribution toward achieving the SDGs, setting us on a path to a more prosperous, equitable and sustainable world.” She added, “TheUnited States joins ITU in heeding the SDG call to action by harnessing the power of ICTs through our Global Connect Initiative, which aims to catalyse the efforts of all stakeholders to bring 1.5 billion additional people online by 2020, underscoring the idea that Internet connectivity is as important to development as other forms of infrastructure.”

18 May 2016

A somewhat quiet week in the ICT world this time around, however, there were still a range of points of interest for IEEE which are explored further below and throughout the monitor.

In Europe, cyber-security was the predominant focus this week, of particular note was the announcement that new measures designed to ensure critical IT systems in central sectors of the economy like banking, energy, health and transport are secure are set to be written into EU law. The Council of Ministers announced that the proposed Network and Information Security (NIS) Directive has won formal approval from the national governments that make up the EU. It said the Directive is likely to come into force in August once the European Parliament has voted to endorse the text.

Also of interest was the news that amidst growing cyber-threats faced by the Russian banking system, the country’s Central Bank has announced plans to design new requirements and standards, which should strengthen the level of its cyber-security. The plans were confirmed this week by Artem Sychev, deputy head of the department of S ecurity and Information Protection of the Central Bank.

On the topic of cyber-privacy it was recommended this week by an advisor to the Court of Justice of the EU (CJEU) that website operators should treat IP addresses as personal data if internet service providers (ISPs) hold other information that can be matched with IP address data to reveal the identity of internet users. The CJEU has been asked by a court in Germany to help resolve a dispute over whether IP addresses constitute personal data for the purposes of the EU's Data Protection Directive.

The issues surrounding the recently agreed Privacy Shield arrangement between the EU and the US have also continued to receive coverage, with potential shifts in the US regulatory framework throwing yet more scrutiny on the process. This will be an issue of note for the foreseeable future and one that will require continued monitoring.

In the US, cyber-security and cyber-privacy issues dominated the headlines. From a cyber-security perspective, the US Defense Secretary Ashton Carter this week revealed that cyber-attack techniques currently being employed by the US led coalition against the Islamic State were techniques which could also be used by other countries. Speaking in California, Carter told reporters that the U.S.-led coalition used electronic techniques to disrupt and degrade the jihadist force's ability to organize and said an unspecified number of other countries could do the same in other conflicts.

Also of interest on the topic of cyber-security, it was reported this week that on Wednesday a group of senior U.S. and China cyber officials held their first meeting since the two countries struck an anti-hacking agreement in September 2015 to try to ease years of acrimony over the issue. The so-called Senior Experts Group on International Norms and Related Issues is expected to gather twice a year, the U.S. State Department said in a statement announcing the meeting.

As previously referenced, cyber-privacy was also competing for top place on the US ICT agenda this week. James Comey, Director at the Federal Bureau of Investigation (FBI) reiterated this week to reporters that he believes encryption continues to hamper the ability of law enforcement agencies to investigate criminals. He went on to predict more legal action in the future as opposing forces seek to resolve the ongoing debate over tech companies' obligation to comply with government requests to unlock iPhones and other products.

Continuing on this theme, the National Telecommunications and Information Administration, an agency run within the U.S. Department of Commerce, released data this week which detailed the distrust Americans have for their privacy online. In a blog post, the agency said that 19 percent of internet-using households reported that they had been affected by a data breach, identify theft, or similar malicious activity between July 2014 and July 2015.

In Asia, internet governance issues came to the fore this week. In India, it was reported that the Department of Electronics and Information Technology is bringing together industry and academia in a first move of its kind to ensure India has a greater say in setting standards on the internet by engaging with ICANN. The department planned daylong consultations with the IT services industry, ecommerce players, internet service providers and academia including IITs, with the aim of filling an important gap in the ongoing debate on internet governance namely the lack of active participation from the private sector.

Also of interest, the US this week issued warning regarding the potential fragmentation of the internet in light of Chinas plans to require compulsory registration of Internet domain names in China through government-licensed providers. The regulations for the administration of Internet domain names would also forbid the registration of websites containing any one of nine categories of broadly and vaguely defined prohibited content, and create a blacklist of forbidden characters in the registration of domain names, adding an extra layer of control to Chinas Great Firewall, two top U.S. officials in charge of Internet policy and administration, wrote in a statement Monday.

On a net neutrality theme, TRAI were back in the fray as the Indian Telecoms Regulatory Body announced it will start pre-consultation on net neutrality within two to three days. TRAI has already resolved the differential tariff issue, which is a major part of net neutrality, though not without controversy it must be said.

The ongoing cyber-conflict between North and South Korea continued to rumble on this week, with South Korea blaming their neighbor state to the North of a cyber-attack on a navy defense contractor. The contractor, Hanjin Heavy Industries, produces Seoul's naval vessels and amphibious assault vehicles.

From the remainder of the ICT world the news wasn’t overly forthcoming this week, however, two stories of interest; the announcement from the global financial network SWIFT that international banks face a threat from a new wave of malicious malware software and Facebooks announcement that it will be conducting a full investigation into allegations of political bias. The company has recently come under fire after an unnamed former Facebook employee told technology news website Gizmodo that workers often omitted conservative political stories from the company's "trending" list of topics that it says spiked in popularity.

Of note emanating from global institutions this week, news that ICANN has announced its senior leader transitions, with the organisations Chief Contract Compliance Officer, Allen R. Grogan, and Nora Abusitta, Senior Vice President of Development and Public Responsibility Programs (DPRD), having notified the body of their intent to leave ICANN later this year.

12 May 2016

All round, a somewhat quieter week across the ICT world than the last one. However, as ever, there were a range of stories of interest for IEEE which are explored further below and throughout the monitor.

In Europe, the Privacy Shield agreement between the EU and the US came under further scrutiny this week, with an alliance of data centre providers in Holland coming out against the current draft of the agreement. The Dutch Datacenter Association issued a statement Monday saying Privacy Shield currently offers none of the improvements necessary to better safeguard the privacy of European citizens. The list of nearly 30 association participants includes Equinix and Digital Realty, two of the worlds largest data center providers, as well as European data center sector heavyweights Colt , based in London, and Interxion, a Dutch company headquartered just outside of Amsterdam.

Net neutrality issues also received some coverage with the Chief of Europes digital rights lobby group, Joe McNamee, declaring that the next few months will be a critical time for net neutrality in the EU. He stated that it would be crucial to engage with people across the EU regarding the issue over the course of the next few months. Draft net neutrality guidelines are due to be presented by the European Commission on June 6, followed by a consultation for 20 working days on those proposed rules.

On a cyber-security note, it was reported this week by Reuters that hundreds of millions of hacked user names and passwords for email accounts and other websites are being traded in Russia's criminal underworld. The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru (MAILRq.L), Russia's most popular email service, and smaller fractions of Google (GOOGL.O), Yahoo (YHOO.O) and Microsoft (MSFT.O) email users. It is reported to be one of the largest stashes of stolen details to be uncovered since huge scale cyber-attacks hit major U.S. banks and retailers two years ago.

Also of interest, it was revealed that the European Unions General Data Protection Regulation (GDPR) will come into effect as of the 25th of May 2018 now that the new rules have been published. The European Parliaments publication of the regulation in the Official Journal of the European Union means it will become law on 25 May 2016, giving organisations 24 months to become compliant. The GDPR has been established in order to introduce new accountability obligations as well as stronger rights and restrictions on international data flows.

In the US this week developments were predominantly centred around the issues of cyber-security and cyber-privacy. However, net neutrality did receive a degree of coverage following the publication of a study by a leading civil rights non-profit group which aimed to explain the benefits of zero-rating for poor and minority consumers. The Multicultural Media,Telecom and Internet Council (MMTC), an advocacy organization for poor and minority consumers in communications policy, outlined in a Monday report how zero-rating can influence more consumers in those groups to get online, increasing their access to the digital economy and life-improving services in health and education.

As mentioned, cyber-security headlines somewhat dominated the agenda in the US ICT world this week, and the news of particular note included the announcement that The Defense Advanced Research Projects Agency (DARPA) is looking for research proposals to develop a system that would enable the government and law enforcement to identify the actual individual behind a cyber-attack. The Enhanced Attribution Program proposal is looking to create the technology that would allow not only the collection of data that could pinpoint the perpetrator, but do so in a way that would not put at risk the sources and methods used to find the person or group.

Also of interest on this theme, The Federal Communications Commission and Federal Trade Commission have asked mobile phone carriers and manufacturers to explain how they release security updates amid mounting concerns over security vulnerabilities, the U.S. agencies said on Monday. The agencies have written to Apple Inc, AT&T Inc and Alphabet Inc, among others, in order "to better understand, and ultimately to improve, the security of mobile devices," the FCC said.

Top on the cyber-privacy agenda was news that a group of nearly 50 organizations and businesses urged leaders in the House and Senate to take swift action on the Open, Permanent, Electronic, and Necessary (OPEN) Government Data Act (H.R. 5051 / S. 2582) introduced last week. The group wrote that the Open Government Data Act would not only institutionalize the federal government's commitment to open data and keep the U.S. a world leader, it would also ensure that the value of what would be a public resource would continue to grow as the government unlocks and creates new data sets.

A particularly slow week in the world of Asian ICT this time around, but news of interest included the revelation that China has opted to hold back implementation of new regulations passed by the State last month on goods imported from overseas markets using e-commerce platforms. The government has revealed that is now plans to make adjustments to the rules before they are brought in.

On a cyber-security note, it was also reported this week that Taiwan is currently facing an avalanche of cyber-attacks from China. The Taiwanese National Information and Communication Security Center has claimed that the government has the situation under control, however, with millions of attacks registered each year, the scale is one of the largest in the world and reaching a quasi-war.

Somewhat brighter news was the announcement that Lenovo Group Ltd, the world's largest personal computer maker, plans to invest $500 million in a technology start-up fund in Beijing. The fund Lenovo Capital, which will be funded and managed by Lenovo Group, is looking to invest in sectors including artificial intelligence, robot and cloud computing, said the company's senior vice president He Zhiqiang at an event in Beijing.

From a global institutions perspective, the only real news of note this week was the announcement that ICANN and the Regional Technical Commission of Telecommunications (COMTELCA) signed a Memorandum of Understanding (MoU) in which they agreed to explore opportunities to collaborate on topics of common interest.

4 May 2016

The following is summary of the most recent IEEE Global Internet Governance Monitor report. To access the full reports containing additional details and other news items, please join the Internet Technology Policy Community on IEEE Collabratec.
A busy week of developments from across the ICT world this time around, including a range of coverage which will be of interest to IEEE. This coverage is analysed below in the synopsis and subsequently laid out in full throughout the various sections of the monitor.

In Europe this week, it was revealed this week that Liberal and socialist factions of MEPs in the European Parliament have been attempting since March to set up a plenary vote on the controversial Privacy Shield data transfer agreement to the United States. With member states final verdict on the Privacy Shield scheduled for next month, MEPs are running out of time to vote before the deal is finalised.

The Privacy Shield is set to replace the now infamous Safe Harbour agreement, which was ruled invalid by the European Court of Justice last October on grounds that it didnt protect EU citizens data once they are transferred to the US.

Moving away from Internet governance issues and on to the topic of net neutrality, this week witnessed reduced roaming charges and net neutrality regulations come into force within the European Union. As of April 30th, EU telecoms providers must now cut surcharges for 'roaming' phone calls and data use in EU countries from in preparation for the complete abolition of roaming charges in June 2017. Until June 2017, telecoms providers will be allowed to charge up to five cents per minute on top of domestic prices, and up to two cents per text message, the European Parliament said. As of April 30th, the first EU-wide net neutrality regulations have also come into force, with the rules aimed at ensuring open access to internet content without discrimination, the Parliament said.

Continuing on the theme of net neutrality, Swedish media this week reacted angrily to a zero-rating campaign by Telia and Facebook that allows internet users to surf social media sites without it impacting on any allowance. Representatives of 27 newspapers, TV and radio stations have signed the statement that has appeared in the Swedish press. The Swedish telecommunications regulator PTS has also launched an investigation.

Cyber-Security developments also featured heavily in the European coverage this week. Of particular note was the announcement by Jakub Boratyski, head of the security unit at the European Commissions technology arm DG CONNECT, that the new cybersecurity rules agreed in December are a lot weaker than the EU executive wanted. He claimed that EU countries diluted new rules regulating information-sharing on cybersecurity breaches, which made it impossible to monitor hackers assaults on member states critical infrastructure. As a result of this, Boratyski has called for more co-operation into the future between EU member states regarding cyber-security.

Also of note from the European continent this week, the European Commission has called on European governments to ratify a new privacy framework that would apply to personal data transferred from the EU to US law enforcement agencies.

The Commission, after years of negotiations, reached a provisional agreement with US officials on an EU-US data protection 'umbrella agreement' last autumn. It has now recommended that the Council of Ministers, which is made up of representatives from the national governments of the 28 countries that make up the EU, sign the deal.

In the US, it was reported this week that US courts are eroding support for the recently agreed Privacy Shield proposal reached between the US and the EU. The Privacy Shield agreement is now facing a range of legal challenges in the US following recent decisions by the U.S. Foreign Surveillance Intelligence Court (FSIC) and the Supreme Court. A committee of the U.S. Supreme Court made changes last week to Rule 41 of the Federal Rules of Criminal Procedure, allowing judges to issue warrants outside his or her district. The change would grant expansive powers to law enforcement agencies to hack and access information on computers if device location information has been concealed through technological means. From a cyber-security perspective, the US and South Korea have announced this week an agreement to help one another develop technology to combat cyber-threats. The agreement, although not legally binding, states that the two countries will seek to make best use of their respective best practices, eliminate unnecessary duplication of work, and obtain the most efficient and cost effective results through cooperative partnerships.

Also of interest, the cyber skills agenda, with the White House announcing that it will hold a series of meetings over the summer and come out with a report this year highlighting the benefits and regulatory implications of the evolving technology of artificial intelligence, according to deputy chief Technology Officer Ed Felton. There are tremendous opportunities and an array of considerations across the Federal Government in privacy, security, regulation, law, and research and development to be taken into account when effectively integrating this technology into both government and private-sector activities, Felton said in a blog post.

Cyber-privacy issues also received considerable coverage in the US this week, with the stories of note including the unanimous passing of an email privacy bill through the U.S. House of Representative. The bill requires law enforcement authorities to get a search warrant before asking technology companies to hand over old emails. Looking forwards, the bill's prospects in the Senate remain unclear, though the 419-0 vote in the House was likely to put pressure on the upper chamber to approve it.

On this theme, the US Supreme Court also approved a rule change this week that will enable U.S. judges to issue search warrants for access to computers located in any jurisdiction, this despite opposition from civil liberties groups who say it will greatly expand the FBI's hacking authority. U.S. Chief Justice John Roberts transmitted the rules to Congress, which will have until Dec. 1 to reject or modify the changes to the federal rules of criminal procedure. If Congress does not act, the rules will take effect automatically.

A relatively subdued week in the Asian ICT world this week. However, news of interest included the revelation that China is said to be considering taking board seats and stakes of at least 1 percent in operators of some Internet portals and mobile apps in exchange for granting news licenses, according to people familiar with the plan. The government would reportedly issue the licenses in exchange for stock and a board seat. Government representatives could therefore monitor and block content distributed by Internet providers, although they wouldnt be involved in other day-to-day business decisions. The move, if carried through, could potentially impact operators of major Internet portals such as Tencent Holdings Ltd. and NetEase Inc. along with mobile apps that provide current affairs and news on a daily basis.

On a cyber-security note, Singapore Telecommunications (Singtel) this week officially opened a new facility to help enterprises enhance cyber-security skills and test their networks in dealing with cyber-threats. The training modules offered at the Singtel Cyber-security Institute (CSI) will cater to a range of executives and skills such as c-suite managers and operational pros. Boards and C-suite level participants will be trained in cyber-threat awareness, risk management, business continuity planning and crisis communications preparedness. Furthermore, operations and technology teams will be trained in defence and response capabilities to strengthen their skills.

Continuing on this topic, it was reported this week that Indian enterprises are increasingly being targeted by cyber-attacks as online business proliferates in the country. The attacks have been especially targeted towards small and medium sized businesses as most of them are not currently well protected. According to a recent report by security software firm Symantec, there has been a steady rise in attacks targeting businesses with less than 250 employees, in the past five years.

The rest of the ICT world moved forwards at a pace this week, with a range of developments of interest. Of particular note, the news that more than seven in ten global brands were hit by distributed denial of service (DDoS) attacks in 2015 and the announcement that a Brazilian judge this week ordered wireless phone carriers to block access to Facebook Inc's (FB.O) WhatsApp for 72 hours throughout the nation on Monday, the second such move against the popular messaging application in five months.

From a global institutions perspective, ENISA this week launched the technical phase of Cyber Europe 2016 under the Cyber Exercise Platform. The platform will allow participating cybersecurity professionals from all over Europe to test and improve their technical skills on various challenging cases, inspired by real-life incidents, on topics such as mobile malware analysis, system forensics, steganography or network forensics.

Finally, it was revealed this week that 15 individuals from various Universities in Europe have been selected to participate with ICANNCommunity Members at the ICANN56 Policy Forum in Helsinki Finland, 27-30 June 2016. These individuals are engaged in studies that encompass policy, business, technical, security, law, and communications.

Five additional selectees who attended a previous ICANN Meeting as NextGenners will now serve as Ambassadors for these newcomers to ICANN.

27 April 2016

A somewhat subdued week of announcements from across the ICT world this week. However, a range of stories which may be of interest to IEEE emerged, these are detailed further below.

In Europe, the UK information commissioner Christopher Graham this week criticised the reluctance of the US to make changes to the Privacy Shield data transfer pact agreed in February 2016 with the European Commission. The Article 29 Working Party (A29WP) of European data protection authorities, including Graham, recently called for more work on Privacy Shield instead of approving the proposed pact to replace the now-defunct Safe Harbour agreement to ensure privacy protections for trans-Atlantic data transfers, the group called on the US and European Commission (EC) to revise and clarify several points.

Further news from the European continent included the announcement that EU countries are likely to be given two and half years longer than currently planned to make spectrum in the 700 MHz frequency band exclusively available for mobile services, according to plans under consideration by MEPs. The deadline for allocating the 694-790 MHz frequency band for use for "wireless broadband electronic communications services" should be extended to the end of 2022 instead of 30 June 2020 as was originally suggested, Italian MEP Stefano Maullu has proposed.

Also of note was the claim made by International Association of Privacy Professionals (IAPP) that Europe will need an estimated 28,000 privacy specialists under the newly-minted EU data protection regulation. According to the industry group, specialists in the area are set to cash in as a result of the EU rules. The European Parliament approved the new privacy rules only last week after gruelling four-year negotiations. While the regulation sharpens safeguards on consumers personal data, lawyers and privacy experts are set to benefit from the rules once they go into effect in 2018.

In the US this week it was revealed by the US undersecretary of commerce for international trade, Stefan Selig, that the US government will review the non-binding opinion on the Privacy Shield issued by a body of EU data protection authorities last week. However, notably he suggested the US government would be wary of opening negotiations on altering the agreement to address the concerns raised in the opinion. "[The US government is] very cautious about not upsetting what was a delicate balance that was achieved when we negotiated the original text, so would be chary about doing anything that would do just that", Selig said, according to Reuters.

From a cyber-security perspective, it was reported this week that The United States has opened a new line of combat against the Islamic State, directing the militarys six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons. The effort reflects President Obama's desire to bring American cyber weapons that have been aimed elsewhere, notably at Iran, into the fight against the Islamic State which has proved effective in using modern communications and encryption to recruit and carry out operations.

Also of interest, the news that top executives at dozens of technology companies in the US this week signed a letter encouraging Congress to provide more funds to help teach students computer science. The letter comes along with $48 million in private donations announced Tuesday to help the cause from companies like Google, Microsoft, AT&T and tech leaders such as Facebook CEO Mark Zuckerberg and Amazon CEO Jeff Bezos. We ask you to provide funding for every student in every school to have an opportunity to learn computer science, states the letter, sent to every member of Congress.

On a cyber privacy note, it was reported this week that the US working group on encryption will be aiming to provide its legislative recommendations to the House of Representatives in early January 2017. The working group, led by the House leaders of the Judiciary and the Energy and Commerce committees, this week announced a road map for their effort. The group will work diligently over the next several months to examine potential solutions to the challenges law enforcement officials face as encryption becomes more widespread.

A very quiet week in the world of Asian ICT, however news of note included the revelation that South Korea has now taken the top spot as the largest origin point for DDoS attacks in 2016. Imperva documented DDoS attacks coming out of South Korea at a rate nearly triple that of Russia, which came in second. The report documented that South Korea attained a proportion of global DDoS responsibility greater than the next three countries combined.

Also of interest, Telco Singtel this week launched its Cyber Security Institute in Singapore, a hybrid centre between an advanced cyber range and an educational institute. It is the first-of-its-kind in the region to test and train companies in dealing with sophisticated cyber threats, the institute provides cyber skills development and education programmes tailored to the varying needs of company boards, C-suite management, technology and operational staff.

News of note from elsewhere in the ICT world included the undertaking of the World's largest international cyber-defence exercise in Tallinn. 26 nations and more than 550 leading computer security professionals engaged in Locked Shields 2016, described as the biggest and most advanced international live-fire cyber-defence exercise in the world.

On the same theme of cyber-security, technology research firm Gartner this week reported that more than 25% of cyber-attacks will involve the internet of things (IoT) by 2020.

News emerging from Global Institutions this week included the announcement that a public comment period has begun based on the new ICANN Bylaws published to reflect the recommendations contained in the proposals by the IANA Stewardship Transition Coordination Group (ICG) and Cross Community Working Group on Enhancing ICANN Accountability (CCWG-Accountability) as provided to the ICANN Board on 10 March 2016 and transmitted to NTIA.

20 April 2016

A sparser week of developments this time around compared to recent times. However, still a range of news of note to IEEE from across the breadth of the ICT world.

In Europe, the news of note this week centred on the roll out of the European Unions plans to bridge the blocs national initiatives to digitize industry and encourage investment, in a bid to encourage European manufacturers to remain at the technological forefront. The European Commission, the blocs executive arm, said this week that it would set up a new governance framework that would hold regular meetings between national governments and industry to coordinate the EUs 30 national and regional digitization initiatives, which include Germanys Industry 4.0 and the Netherlands Smart Industry. The EU also pledged to boost both private and public investment in the area via strategic partnerships.

Also of interest, the mixed response across Europe to the call by the Article 29 Working Party of European privacy regulators for more work on the EU-US Privacy Shield pact. Instead of approving the proposed pact to replace the now-defunct Safe Harbour agreement to ensure privacy protections for trans-Atlantic data transfers, the group called on the US and European Commission (EC) to revise and clarify several points. It is anticipated that as a result of the stance taken by the Article 29 Working Party, legal challenges to the framework may be forthcoming in the near future.

From a cyber-privacy perspective, the news of note included the announcement this week that MEPs have approved new EU privacy rules, including a regulation on consumer privacy that attracted the aggressive ire of lobbyists during its four-year run through negotiations in the European Parliament. The new data protection regulation drew a total of 3,999 amendments from MEPs, topping all other pieces of legislation in the Parliaments history, a spokesperson confirmed.

On the same topic, it was reported this week that EU laws on privacy and electronic communications (e-Privacy) could apply to new communications services like WhatsApp and Skype in future, under plans being considered by the European Commission. The European Commission has opened a review of the EU's e-Privacy Directive (ePD) with a public consultation in which it has asked businesses and other stakeholders for their views on possible reforms.

In the US net neutrality received a degree of coverage this week with the House of Representatives passing a bill to ban the Federal Communications Commission from setting or reviewing the rates that companies charge for Internet service. The largely party-line vote is a win for Republicans, who have pushed for the past year to nibble away at the FCCs internet regulations, which are currently being challenged in federal court.

Cyber-Security issues somewhat dominated the headlines however, of particular interest being the news that U.S. federal, state and local government agencies rank in last place in cyber security when compared against 17 major private industries, including transportation, retail and healthcare, according to a new report released Thursday. The analysis, from venture-backed security risk benchmarking startup SecurityScorecard, measured the relative security health of government and industries across 10 categories, including vulnerability to malware infections, exposure rates of passwords and susceptibility to social engineering.

Also of interest from a cyber-security perspective, it was revealed that senior Russian and U.S. cybersecurity officials will meet this week in Geneva to renew efforts to prevent a cyber war between the two nations. Officials from the White House, the State Department and FBI will attend the meetings, which will focus on a review of several cybersecurity confidence-building agreements signed in 2013 by the two governments.

In other developments from the US, Apple Inc (AAPL.O) and the FBI are scheduled to return to Congress next week to testify before lawmakers about their heated disagreement over law enforcement access to encrypted devices, a congressional committee announced this week. This marks the latest event in the long running encryption saga which has dominated ICT headlines in the US in recent weeks and months.

A particularly quiet week this time around in the Asian ICT world. There were however certain developments of interest, including the revelation that The Telecom Regulatory Authority of India's (Trai) order to maintain price equality on content faces the danger of being breached as some telecom companies are understood to be working on a "bypass solution" through virtual private networks or intranet. The recent TRAI ruling on net neutrality has received considerable scrutiny in recent weeks, and this looks to be a topic which may continue to generate debate and discussion moving forwards.

There were also a range of developments relating to cyber-security in Asia which may be of interest, including Pakistans National Assembly approving the controversial Prevention of Electronic Crimes Bill (PECB). The legislation, which has been criticized by human rights groups, legal watchdogs and industry experts, must still be approved by the Senate before it is signed into law. While ostensibly created to control cybercrimes including cyber terrorism, fraud, and identity theft, the PECB would criminalize activities such as sending text messages without the receivers consent, or criticizing the government, religion, country, or armed forces on social media.

On a cyber-security / cyber skills theme, it was announced this week by the Indian digital giant Nasscom that increasing incidents of cyber-attacks and data protection efforts globally are expected to create employment opportunities for about a million professionals in India by 2025. Efforts towards improving cyber security will also create a $25 billion (nearly Rs 1.66 lakh crore) revenue opportunity in India by 2025, the IT industry body said.

A wide range of developments of interest from across the rest of the ICT world this week, including the news that Iraq's Kurdish population have declared independence in cyberspace with a new domain name, .krd. Also of interest was Facebooks unveiling of two new initiatives to improve Internet services for rural populations in developing countries, including India. Announced at its two-day annual F8 conference in San Francisco, US, this week, the Antenna Radio Integration for Efficiency in Spectrum (ARIES) system will boost speed, efficiency and quality of Internet connectivity in remote areas in the developing countries, a Forbes report said.

From a Global Institutions perspective, this week was a relatively subdued one. However, news of note included ICANN announcement of the successful evaluation of four additional proposed IDN ccTLD strings for India. Details of the successful evaluation are accessible via the link below:

http://www.icann.org/en/resources/idn/fast-track/string-evaluation-completion

13 April 2016

Another busy week of developments from across the ICT world, with issues of interest to IEEE cropping up in various forms. These are explored in further detail below.

In Europe, the news of interest included the story that a panel of EU privacy watchdogs has demanded changes to a pact meant to govern cross-Atlantic data transfers. The Article 29 Data Protection Working Party have urged the US and European Commission to revise and clarify several points in the proposed Privacy Shield agreement in order to safeguard EU citizens' personal information. "We believe that we don't have enough security [or] guarantees in the status of the ombudsperson and in their effective powers to be sure that this is really an independent authority," said Isabelle Falque-Pierrotin, the chairwoman of the group. The group's recommendations are not binding on the EU or US, but should prove influential as the watchdogs can suspend data transfers they are concerned about.

The Privacy Shield is a framework that has been proposed to facilitate the transfer of personal data between the EU and US. EU and US officials hope the Privacy Shield can replace the safe harbor agreement which was invalidated by the EU's highest court in October last year.

From a cyber-security angle, developments of note included the announcement that Turkey has this week launched an inquiry in order to investigate the means by which cyber hackers posted online the data of some 50 million Turkish citizens. The data breach is believed to be the largest in the country’s history and whilst no group has yet assumed responsibility for the action, comments posted online suggest Turkey may have been a target, and victim in this instance, of political hackers.

Also on this theme, it was reported this week that the Russian Government has begun working with Russia's Central Bank to develop a package of measures aimed at fighting Buhtrap, the recently discovered hacker group, which, to date, has stolen around RUB 4 billion (£42 million) from Russian and Western banks, and is reportedly planning further attacks on the EU banking system.

Digital skills also received a degree of coverage this time around, with the announcement that a new European standard for ICT professionals has been launched. The Council of European Professional Informatics Societies (CEPIS) said its introduction would help solve the lack of e-skills across Europe. The European e-Competence Framework (e-CF), which describes the competences and skills requirements of ICT professionals, has become a European standard following its official publication by the European Committee for Standardization (CEN) this week. CEPIS secretary general Fiona Fanning said: Organisations must be able to understand the core areas of ICT expertise required by different roles, in order to recruit and develop suitable employees and maintain adequate levels of competences.

Finally from Europe, new data protection laws are expected to be finalised next week following the new General Data Protection Regulation and a new Data Protection Directive for police and criminal justice authorities being endorsed by national governments within the EU in a vote held by the Council of Ministers in the week passed.

In the US, internet governance issues reared up with the Federal Communications Commission Chairman Tom Wheeler announcing plans to bring more competition to a little-known but important market for broadband Internet services. The field is known as special access and concerns the dedicated, high-capacity broadband connections used by certain businesses. These connections may be used for things such as ATM machines or in order to connect cellphone towers to wireless networks. Critics have often raised concerns that the market is overly dominated by incumbent firms such as AT&T and Verizon. Also of interest, Microsoft this week became the first major U.S. tech company to say it would transfer users' information to the United States using a new transatlantic commercial data pact, the Privacy Shield, and would resolve any disputes with European privacy watchdogs. Data transfers to the United States have been conducted in a legal limbo since October last year when the European Union's top court struck down the Safe Harbour framework that allowed firms to easily move personal data across the Atlantic in compliance with strict EU data transferral rules. As mentioned previously, the new Privacy Shield agreement designed to replace the Safe harbor framework continues to attract scrutiny as the EU and US attempt to move towards the ratification of an agreement.

On a net neutrality note, legislation to prevent the Federal Communications Commission from using its net neutrality rules to regulate the rates that companies charge customers for Internet service appears to be heading towards a vote in the House next week. The bill passed out of the Energy and Commerce Committee last month on a party-line vote over objections from Democrats, who said it would end up cutting off broad portions of the FCC's regulatory authority. An amendment to the bill reportedly addressed some but not all of their concerns.

There were a range of stories relating to cyber-security, which emerged from the US in the past week. Of particular interest was the news that the US Democratic Senator Edward Markey of Massachusetts has introduced legislation calling for airlines and aircraft manufacturers to disclose cyber security incidents to federal authorities, saying the aviation system lacks sufficient standards and oversight. The proposed measure would also require the Federal Aviation Administration and other federal agencies to identify cyber vulnerabilities within the aviation system and establish standards for addressing them.

Cyber-Privacy issues also received a good degree of coverage this week in the US. Of particular note, the National Security Agencys (NSA) data sharing plans came under fire from civil liberties and government transparency groups as they rallied to oppose a new plan which would allow the NSA to share more of the information that it collects about peoples communications and activity on the Internet with other federal agencies. On this theme, the US administration this week was surrounded by speculation as commentators and the media made a great deal out of the Governments refusal to offer public support for the draft legislation.

A relatively quiet week in the pan-Asian ICT sector, however news of interest included the US labeling China' s internet censorship restrictions a trade barrier for the first time since 2013, claiming that online restrictions are damaging the business of U.S. companies. Since Xi Jinping became China's president in 2013, the U.S. had not listed China's so-called Great Firewall as a trade impediment despite widespread outcry that the online blocks limit access to crucial information, email and search services such as those found on Google's platform.

Also of note, it was reported this week that details of up to 55 million voters in the Philippines have been exposed putting much of the country at risk of identity theft. The entire database of the Philippines' Commission on Elections (COMELEC) was breached according to the Philippine government. Although the commission downplayed the leak, an investigation by Trend Micro discovered a huge number of sensitive personally identifiable information (PII) including passport information and fingerprint data were included in the data dump.

From elsewhere in the ICT world, the Panama Papers leak exposed the need for organisations across the globe to take the security of their systems far more seriously according to the Hong Kong-based technology law expert Paul Haswell of Pinsent Masons. Millions of documents reportedly detailing the use of offshore tax structures in Panama by some prominent public figures were obtained by the media, and have received widespread attention since.

Another revelation of interest, research firm Gartner Inc. has suggested that worldwide spending on information technology could become one of the casualties of global economic uncertainty this year, with spending in the sector expected to fall slightly this year, down to $3.49 trillion.

News of interest emerging from Global Institutions this week included the launching of a report by the Atlantic Council which summarised the work of a Task Force it set up last year to advance a transatlantic digital agenda. The report includes 20 steps toward 2020 to create a transatlantic digital single market stretching from Silicon Valley in the west to Tallinn in the east.

Finally, as planned, ICANN and Verisign this week set out on their 90-day parallel testing period to verify the continued integrity of the data contained in the root zone file produced via the Root Zone Management System (RZMS) following the successful completion of the IANA Stewardship Transition. This is reportedly a key step in ensuring the continued security and stability of the Internets root zone.

30 March 2016

A somewhat quiet week in the ICT world this time around with the Easter holidays slowing down the pace of developments a little. However, there were still multiple news stories and announcements of note for IEEE which emerged, as explored below.

In Europe, cyber-security stole the headlines this week with the news that the EU cybersecurity agency ENISA has won support from MEPs in a drawn-out battle with the Greek government over its costly division between two offices in Athens and Crete. The European Union Agency for Network and Information Security (ENISA) has been pushing to close its headquarters in Heraklion, Cretes largest city, and move all of the agency’s staff into its Athens office.

ENISA also featured in the news this week for speaking out against creating backdoors for law enforcement agencies to access encrypted communication. Summarising their position, ENISA director Udo Helmbrecht argued that technology companies should not be forced to create security loopholes for authorities.

Other news of note from Europe this week included Frances fining of Google for not scrubbing web search results widely enough in response to a European privacy ruling. The French data protection authority has levied a charge of 100,000 euros on the corporation and stated that the only way Google can uphold the Europeans' right to privacy is to delist inaccurate results popping up under name searches across all its websites.

In the US, a range of developments of interest from the past week. On an internet governance theme, it was revealed this week that a union of industry lobbyists and consumer groups have warned the Federal Communications Commission (FCC) in relation to their Internet Subsidy Plan. The plan, as explored in previous monitors, has come under scrutiny from critics who suggest that if the overhaul goes through as planned, many poor Americans who receive free phone service through the program will drop out.

On the issue of net neutrality, it was suggested this week by a collection of more than 50 advocacy groups that Internet service providers (ISPs) are picking "winners and losers" in violation of U.S. Net neutrality rules. The accusation is that ISPs are selectively exempting Web traffic from their monthly data caps, and the advocacy groups involved have called on the FCC to stop ISPs from this practice, known as offering zero-rating plans, and enforce its year-old Net neutrality rules.

Of interest from a cyber-security perspective, senior U.S. and German officials met this week and agreed to deepen their collaboration on a range of cyber issues, including working to promote norms for responsible state behavior in cyberspace and expanding training in developing countries. The two governments underscored their shared strategic goals in a joint statement issued after a two-day annual bilateral meeting on cyber issues. On the same theme, the FBI this week has asked businesses and software security experts for emergency assistance in its investigation into a pernicious new type of "ransomware" virus used by hackers for extortion. "We need your help!" the Federal Bureau of Investigation said in a confidential "Flash" advisory that was dated March 25 and obtained by Reuters over the weekend.

Finally, concerning cyber-privacy issues, the long running saga between Apple inc. and the US administration came to a conclusion of sorts this week with the U.S. Justice Department announcing it had succeeded in unlocking an iPhone used by one of the San Bernardino shooters. As a result the Department has dropped its legal case against Apple, ending a high-stakes legal battle. However, the broader struggle over the issue of encryption remains unresolved, and hence continues to be a topic that will be worth watching closely moving forwards. Also of interest from a cyber-privacy angle, the first ever head of a small federal privacy watchdog is resigning this summer, a year and a half before his term ends in 2018. The surprise announcement from David Medine, chairman of the Privacy and Civil Liberties Oversight Board (PCLOB), will leave a hole at the top of the five-member board, which has been instrumental in shining a light on the workings of the National Security Agency (NSA).

Plenty of news of interest emanating from Asia this week. Relating to internet governance, it was announced this week that China is currently considering implementing new Internet rules that would pressure service providers to cut off access to foreign websites, adding to the governments growing legal framework bolstering its control of cyberspace. The proposed rules would prohibit the countrys Internet-service providers from allowing connections to websites with domains, or Web addresses, registered outside China. Violators would face fines of up to 30,000 yuan ($4,621) and public notices exposing their failure to obey.

On the topic of cyber-security, the Iranian administration this week denied any involvement in the cyber-attacks which were carried out on the US recently. The U.S. Justice Department charged seven Iranian hackers linked to Tehran with targeting U.S. banks and a New York dam drawing the response from the Iranian Foreign Ministry that the US "is in no position to accuse the citizens of other countries, including Iran, without providing documentary evidence.

In broader terms, a recent survey by Intel Security has revealed that the Association of Southeast Asian Nations (Asean) organisations are not prioritising security for their internet of things (IoT) developments. Thailand ranked lowest in terms of IoT security awareness among the five countries surveyed, with 39% of IT leaders recognising the need for security enhancements to their IoT.

Concerns also emerged this week regarding cyber-privacy, with Tencent, a major Chinese web browser with millions of users around the world, having been found leaking data with which users can be identified, tracked and attacked. The browser has an estimated 16 million non-Chinese users and such leaks of personal data mean its users can be identified, tracked and suffer man-in-the-middle attacks, according to noted Canadian privacy researchers Citizen Lab.

Of interest from other parts of the world, figures published this week revealed that the Arab world is expected to have 226 million internet users by 2018 with internet penetration jumping 7 per cent above the world average, according to a new study. The Arab Knowledge Economy study by Orient Planet and research consultant Abdul Kader Al Kamli said the regions internet penetration would increase from 37.5 per cent in 2014 to 55 per cent in 2018.

Also, the Canadian think-tank CIGI (the Centre for International Governance and Innovation) this week suggested that Internet users don't understand security or privacy and are more comfortable with government oversight of the Internet and their privacy than, for example, Apple. In an international survey (24,000 respondents in 24 countries), the group claims more than 70 per cent want the dark net shut down (which rests on the assumption that 70 per cent of people actually know what the dark net is).

Finally, of note from Global Institutions this week, the announcement that the membership of the Multistakeholder Advisory Group of the Internet Governance Forum has been renewed. A total of 55 members, 21 among them new, have been appointed. The Advisory Group members are from all stakeholder groups and all regions, representing Governments, civil society, the private sector and the technical community. All Advisory Group members serve in their personal capacities, but are expected to have close linkages with their respective stakeholder groups. The main task of the Advisory Group is to provide advice on the preparations for the eleventh meeting of the Internet Governance Forum, which is set to take place in Mexico in November 2016.

23 March 2016

This week witnessed developments a plenty from across the breadth of the ICT world. Similar to the week previous, cyber-security has continued to feature highly on the news agenda, however coverage has also spanned other areas of interest as explored further below.

Europe this week welcomed the arrival of U.S. delegates sent to drum up support for the recently agreed EU U.S. data transfer pact. The Privacy Shield pact will underpin $260 billion dollars of transatlantic trade in digital services by giving companies such as Alphabet's Google, Intel and Apple Inc. an easy way to move users' data from Europe to the United States.

Linked to this, EU member states are preparing for a meeting scheduled for the 7th of April which will focus on a review of the details of the aforementioned Privacy Shield. This will be the first time EU member national officials will meet to assess the new agreement. While they can make changes, their approval of the deal is needed for it to go into effect.

Other news of note from Europe included the announcement this week by the UK administration that the planed National Cyber Security Centre (NCSC) will focus on the financial sector as a top priority. One of the NCSCs first tasks will be to work with the Bank of England to produce advice for the financial sector for managing cyber security effectively, the government announced.

Also on a cyber-security theme, the Polish Ministry of Digital Affairs has this week released a draft framework document for Poland's new cyber-security strategy and is considering establishing a new institution to oversee the country's cyber-security efforts. With the widespread proliferation of cyber-threats across the continent and wider world, increased resilience to the dangers posed is clearly becoming a high priority for many administrations and organisations.

In the US, news of particular importance included the announcement that a comer department component is close to approving a plan to move control of the architecture that maps and maintains stability of the Internet address system to a global, multi-stakeholder group. The National Telecommunications and Information Agency has for years controlled the critical IANA contract (short for Internet Assigned Numbers Authority) that serves as the address book of the global Internet. On March 10, a proposal to transition the IANA function away from NTIA was announced at a global Internet governance meeting in Marrakech, Morocco.

Cyber-security developments included the rejection of an amendment by the US Congressional house Budget Committee which had been tagged on to US President Barack Obamas cyber proposal plans. The amendment would have funded the White Houses proposal for a $3 billion technology modernization initiative. Rep. Ted Lieu (D-Calif.) , who sponsored the amendment, said he was greatly disappointed with the vote, accusing Republicans of putting politics ahead of national security."

In other cyber-security news from the US, a White House audit this week revealed that the U.S. government was hit by more than 77,000 "cyber incidents" like data thefts or other security breaches in fiscal year 2015, a 10 percent increase over the previous year. Part of the increase stems from federal agencies improving their ability to identify and detect incidents, the annual performance review from the Office and Management and Budget said.

Predictably, encryption also received widespread coverage in the US media this week. As the debate regarding encryption continues to engulf the ICT sector in the nation, stories of note are seemingly breaking on a daily basis. From the week just passed, such updates included the announcement by the National Security Agencys internal civil liberties watchdog that the agency has no interest in spying on Americans under its controversial spying tools. Our employees are trained to not look for U.S. persons, NSA privacy and civil liberties officer Rebecca Richards said.

Encryption didn’t just engulf the news cycle but also the US political system, with a bipartisan group of U.S. senators this week beginning to circulate a long-awaited draft legislation that would give federal judges clear authority to order technology companies like Apple to help law enforcement officials access encrypted data, according to sources familiar with the discussions.

In addition to this, two House committees revealed this week the creation of a joint encryption working group. The panel, composed of four Republicans and four Democrats, will examine potential solutions to the challenges law enforcement officials face as encryption becomes more widespread.

Finally, it was revealed this week that the FBI are now confident of unlocking the iPhone 5c they have been trying to crack following the San Bernadino shootings. US prosecutors said Monday that a "third party" had presented a possible method for opening the iPhone in question, a development that could bring an abrupt end to the high-stakes legal showdown between the government and Apple Inc.

In Asia this week, news of note included the visit by Facebook founder and chief executive, Mark Zuckerberg, to China in order to hold a meeting with Chinas propaganda chief amid a crackdown by the Beijing authorities on the use of the Internet. Facebook and other western social media companies including Twitter are banned in China. Zuckerberg has long been courting Chinas leaders in a so far futile attempt to access the country with the worlds largest number of Internet users 668 million as of last year.

Also of interest, the Indian telecom regulator, TRAI, this week announced that it expects to finalise its views on net neutrality in a couple of months. DoT has sought a comprehensive view from us on Net neutrality. It should be done in a couple of months, Trai Chairman R S Sharma said on the sidelines of an event of the CASBAA India Forum.

Finally, concerning cyber-privacy, there were anxieties expressed this week following the revelation that India’s parliament is set to pass legislation that gives federal agencies access to the world's biggest biometric database in the interests of national security, raising fears the privacy of a billion people could be compromised. The move comes as the ruling Bharatiya Janata Party (BJP) cracks down on student protests and pushes a Hindu nationalist agenda in state elections, steps that some say erode India's traditions of tolerance and free speech.

From the rest of the ICT world, global institutions and all, developments this week were relatively sparse. However, news of interest included the conclusion of the first meeting of the Global Commission on Internet Governance (GCIG) which was organized to discuss internet governance and cyber-security/cyber-privacy amongst other issues.

Also of note, Australias 2016 Defence Whitepaper published this week suggested that the IT environment will be shaped by complex non-geographic threats over the next 20 years, but provides scant clues as to how it will address those threats. The long-awaited paper which commits to raising defence spending to $A42.4bn by 2021, or 2% of projected GDP acknowledges the threat of computer-based attack, both on industry and directly on the defence force. This will be a story worth watching closely in the coming weeks and months as policy formulation and resilience plans become clearer.

16 March 2016

This week saw further developments of interest from across the ICT world. Of particular note being the overwhelming focus on cyber-security related issues, a continuing theme as organisations and nation states increasingly seek to enhance their resilience against the ever burgeoning range of cyber threats they now face.

In Europe this week, news of note included the announcement that the Privacy Shield data transfer agreement with the US could go into effect this June, as revealed by the EUs Digital Commissioner Günther Oettinger. At the end of February the European Commission published several letters from US officials, including Secretary of State John Kerry, who promised to step up their response to EU citizens privacy complaints as part of the new deal. A committee made up of officials from member states is still negotiating over the details in closed-door meetings. The agreement will be finalised once the committee gives its stamp of approval, although details can still be changed until then.

From a cyber-security perspective, the two stories of particular interest emanating from Europe this week centred on a report published by the Estonian Information Board, and an EU agency publication on big data systems.

The report published by the Estonian Information Board suggested that Russia poses a major cyber security threat to the European Union and NATO, alleging that Russia employs attacks involving denial-of-service, malware and security vulnerabilities to wage an information war against the European Union and NATO

With regards to the aforementioned big data systems publication, the European Network and Information Security Agency (ENISA) this week called for policy makers to help shape the security of big data systems deployed in "critical sectors" of the economy. ENISA stated that policy makers should provide guidance to organisations operating in critical sectors to help them use big data systems securely.

In the US, developments of interest included the announcement that the White House is planning to put its full backing behind a plan to offer Internet subsidies to low-income Americans, a plan revealed in last weeks monitor. The Federal Communications Commission later this month will vote to update the Lifeline program so it can begin offering $9.25 per month subsides to help the poor pay for home or mobile Internet service.

With regards to cyber-security issues in the US, this week witnessed a report published by the Institute for Critical Infrastructure Technology (ICIT) warning that ransomware will wreak havoc on Americas critical infrastructure community in 2016. The report compiled reported incidents of ransomware and predicted that previously exploited vulnerabilities will soon be utilized to extract ransom.

Also of interest, the development of a new app announced this week. The iWatch Army app has been developed to support the US Army in order to boost its anti-terrorism and anti-crime efforts. The crime reporting application for smart phone is currently being used at 17 US bases and is expected to be rolled out to another 100 military bases in the US this year alone.

Other developments in the US of note this week included the roll out of another set of commitments to the technology sector made by the Obama administration. The White House announced this week that it will expand the TechHire initiative, which is aimed at increasing the workforces command of the kind of skills crucial to tech jobs.

Demonstrating President Obamas keen interest in the ICT sector, his appearance this week at the South by Southwest festival, the first appearance at the tech Confab by a sitting president. During the festival, the President addressed the highly topical issue of encryption, and asserted that law enforcement must be legally able to collect information from smartphones and other electronic devices, making clear, despite disagreement within his administration, that he opposes the stance on encryption taken by technology companies like Apple. However, the President declined to comment specifically on the efforts by the F.B.I. to require Apples help in gaining data from an iPhone used by one of the terrorists in the December attack in San Bernardino, California.

From a Pan-Asian perspective, developments this week were relatively few and far between. However, there were certain stories of note, including Chinas revelation of its five-year cyber power strategy, which is aimed at using the Internet to bolster the slowing Chinese economy and transform the country into a world leading cyber power.

With regards to cyber-security, North Korea this week denied the accusation made by South Korea that the North Korean administration had sanctioned and conducted cyber-attacks against officials from the South Korean government. South Korea's spy agency told lawmakers this week that North Korea had recently stepped up cyber-attack efforts against the South and succeeded in hacking the mobile phones of 40 national security officials.

Also of interest, it was revealed this week that the Chinese government has contracted China Electronics Technology Group to develop technology, similar to that used in the sci-fi thriller "Minority Report," that can predict acts of terrorism before they occur based on large amounts of surveillance data. The technology will collect data on ordinary citizens including information on their jobs, hobbies, consumption habits, and other behaviours and will flag unusual behaviour that could signal a potential terrorist threat.

Concluding the news roundup, developments of note associated with Global Institutions this week included the announcement that the Plan to Transition Stewardship of Key Internet Functions has been submitted by the Internet Corporation for Assigned Names and Numbers (ICANN) Board Chair to the US Government. The plan developed by the international Internet community, if approved, will lead to global stewardship of some key technical Internet functions..

Finally, the United Nations Secretary-General Ban Ki-moon has this week appointed Lynn St. Amour of the United States as the new Chair of the Multistakeholder Advisory Group of the Internet Governance Forum. The Multistakeholder Advisory Group advises the Secretary-General on the programme of Internet Governance Forum meetings. It comprises 55 members drawn from Governments, the private sector and civil society, including representatives of the academic and technical communities.

9 March 2016

A busy week this time around with developments of interest featuring in the monitor from across the breadth of the ICT world.

In Europe, the recently agreed Privacy Shield arrangement, the intended successor to the recently invalidated Safe Harbor agreement, between the EU and the US came under significant fire from the digital rights group the Electronic Frontier Forum (EFF). In a blog post published by the EFF, the organisation asserted that the new Privacy Shield agreement contains a patchwork of concessions that continue to leave the door open for the digital surveillance of hundreds of millions of Europeans by U.S. government agencies. It's unclear what, if anything, the new Privacy Shield is supposed to be shielding people from except perhaps shielding U.S. companies from the inevitable consequences of their country's mass surveillance program, the post concluded. This is an issue that continues to gather attention due to the contentious nature of the agreement reached, and will no doubt receive considerable coverage in the coming weeks and months.

Other regulatory developments included the leaking of a government document exposing the German Governments intentions to implement softer telecoms rules. The position paper outlines the country’s demands for a fresh EU-wide telecoms law: Germany wants less regulation and to boost investment in telecoms networks as fast as possible. The paper could be a boon for giant Deutsche Telekom, which has pushed for lighter regulation and vowed to invest in exchange.

In net neutrality terms, the news of interest from Europe this week centred on the establishment of an online platform, RespectMyNet, set up by an alliance of European digital rights organisations to report net neutrality violations across Europe. RespectMyNet claims it will enable Internet users to whistle-blow any cases of discrimination, blocking, restricting access and so on that they come across while online.

Cyber-privacy issues also featured in Europe this week, with the most significant update being Google’s announcement that it will expand the way it applies the right to be forgotten ruling in the continent next week. Under a ruling from a European court, E.U. citizens are allowed to petition search engines to take down links to content about then that isnt accurate or is outdated. That has applied to Google’s search engine domains in Europe and will now be applied in practice.

In the US, news of note this week included the announcement that the Federal Communications Commission (FCC) is finalising plans to approve a broadband subsidy of $9.25 a month for low-income households, in the governments boldest effort to date to narrow a technological divide that has emerged between those who have web access and those who do not. While more than 95 percent of households with incomes over $150,000 have high-speed Internet at home, just 48 percent of those making less than $25,000 can afford the service, the F.C.C.s chairman, Tom Wheeler, has said. The new plan is part of an overhaul of a $2 billion phone subsidy program called Lifeline and will go to vote on March 31. It is expected to be approved by the F.C.C.s commissioners, who have a Democratic majority.

From a cyber-skills perspective, it was revealed this week that the US Governments ongoing battle with Apple over encryption is harming the Department of Defenses ability to recruit talent from Silicon Valley. The US administration are attempting to recruit some of the nations top technology talents in order to combat and overcome the growing arsenal of cyber-threats faced by the nation. As part of the drive, Defense Secretary Ash Carter spent this week meeting with tech executives and launching new cybersecurity initiatives that will rely on help from the Bay Area.

Rather predictably, cyber-privacy concerns in the US this week were consumed by the aforementioned ongoing battle surrounding encryption between the US administration and Apple.

It was reported this week that Tech industry leaders including Alphabet Inc's Google, Facebook Inc, Microsoft Corp, AT&T and more than two dozen other Internet and technology companies filed legal briefs on Thursday asking a judge to support Apple Inc in its encryption battle. This news was followed by the announcement that the US Justice Department has formally appealed a decision made by a New York Judge preventing the body from forcing Apple to access a locked iPhone in a drugs case.

This will undoubtedly continue to gain traction and coverage in the coming period and will be a debate worth monitoring closely as encryption issues rage both in the US and the wider ICT world.

Across Asia, Internet governance issues received considerable coverage this week. Of particular significance, China this week submitted a draft outline of the country’s 13th Five year Plan to the national legislature which included an intention to build a multilateral, democratic and transparent Internet governance system. The draft document states that China will actively take part in international cooperation in making rules for international cyberspace security, fighting cyber-crimes, cyber security technology and standards, and others.

Also of note, the Indian Telecom Minister, Ravi Shankar Prasad, re-iterated at this weeks ICANN Summit in Morocco that India will continue to support a multi-stakeholder model for governance of the Internet. He declared to those assembled that while fully endorsing the multi-stakeholder model, the issue of security should also remain in focus, where the government has a very important role to play, as safety and security remains the primary responsibility of the governments.

Net neutrality also featured in the headlines associated with India this week, with the Indian telecom regulator, TRAI, reportedly having second thoughts about issuing a clarification of its recent rule on discriminatory pricing of data services. TRAI have recently weighed in on the side of net neutrality and barred discriminatory pricing of data services. However, it exempted data services offered on a closed user network, or intranet, from the regulation, leading to calls for clarification.

A busy week in the Pan-Asian ICT world also witnessed cyber-security issues come to the fore. The most significant of these included the accusation from the South Korean administration that the North Korean Government has tried to hack into South Korea state websites. This accusation comes amid rising tensions between the two countries, with the cyber-front proving a key area of conflict.

News from the rest of the world featured a heavy focus on the recent RSA conference in San Francisco. Of note was the announcement made by Intel Security Group head Chris Young who called on the global security industry to do more to share threat intelligence and address the digital skills gap and hence enhance the resilience of the ICT world and its workings.

There were a range of developments of interest this week associated with Global institutions, those of primary significance included the announcement of new members of the EC3 advisory groups; the publication of ENISAs new report on Big Data Security and the beginning of ICANN 55th meeting in Marrakesh. The meeting this week is expected to finalise the last proposal necessary for the transition of the Internet Assigned Numbers Authority (IANA), a set of core functions necessary for the running of the Internet.

2 March 2016

This week saw a flurry of activity in the ICT world, with the predominant focus applied to cyber-security and cyber-privacy issues.

Amongst the range of developments, there were multiple announcements which may be of direct interest to IEEE. These are explored further in the engagement opportunities section further below.

In Europe, Internet governance featured heavily, with the news of upmost prominence revealing that the European Commission is currently racing to rubberstamp the recently agreed privacy shield arrangement with the US. The Privacy Shield agreement will replace the now infamous Safe Harbour deal, which was toppled by the European Court of Justice last October on grounds that surveillance agencies have broad access to EU citizens data once its transferred to the US. The end of June is the supposed target date for ratification of the agreement, with commission officials declaring they hope the agreement worth nearly $300 billion in trade commerce gets the green light from a committee of member states representatives during the Dutch Council presidency, which runs until the end of June.

Linked to this, the privacy principles underlining the aforementioned EU-US privacy shield were published this week. Amongst other things, the principles outline that any businesses signing up to the new privacy framework will need to engage with a new system of dispute resolution, including a new 45 day timeframe for responding to complaints about their data handling.

Other news of note from the European ICT sector included the announcement that Google is set to train up to two million people in digital skills this year across Europe. Last February (2015) the search engine giant pledged to train one million Europeans in crucial digital skills as it promised to invest an additional 25 million to broaden its training programme across the continent, which included plans to build a Europe-wide hub to support small businesses. The company said it now plans to double its outreach programme due to its popularity.

In the US, developments were dominated by issues related to net neutrality, cyber-security and cyber-privacy.

In net neutrality terms, issues flared up as a year on from the Federal Communications Commission approval of landmark internet rules, critics are pushing forwards to have the courts or Congress curb or strike down the rules entirely. This in spite of opposition from the regulators, who continue to push forwards with the rules, seeking to develop new standards for application. The issue has even received coverage during the ongoing US election, with Republican presidential hopefuls Marco Rubio and Ted Cruz having decided to join six other Senators in pushing forwards the new Restoring Internet Freedom Act which would dismantle the rules, change the FCCs Title II reclassification of ISPs as common carriers, and prevent the FCC from trying to pass net neutrality rules in the future.

Cyber-security and cyber-privacy issues in the US this week merged, with the boundaries between encryption, privacy and security blurred by the ongoing saga between Apple and the US government.

One cyber-security development of particular importance from this week was the testimony given by the US Secretary of Defence Ash Carter, who appeared before the House Appropriations Committee to detail the US Governments cyber-security investment programme. He told the Committee that his department's request for $582.7 billion for fiscal 2017 puts a priority on funding the nation's cyber strategy.

Carter said in his testimony that the budget invests a total of $6.7 billion in fiscal 2017 and $34.6 billion over the FYDP (Future Years Defense Program) . He went on to say the budget includes $336 million over the FYDP to support more capable network perimeter defenses, as well as $378 million to train and strengthen Department of Defense's (DoD) Cyber Protection Teams to respond to security breaches. He also outlined that an additional $347 million will be invested over the FYDP to help provide cyber tools and support infrastructure for the Cyber Mission Force and U.S. Cyber Command.

Rather predictably, much of the ICT coverage from the US this week focused on the issues at play in the showdown between Apple and the US government regarding encryption. Of primary significance, a New York judge this week ruled in favor of apple in the case of the FBI attempting to force the tech giant to unlock the iPhone of a suspected drug trafficker. It was suggested this may set a precedent for the debate surrounding the San Bernardino case, which is due to progress further when Apple and the U.S. Federal Bureau of Investigation make their cases before a congressional panel due to be held on Tuesday. This centering on a court order to force the technology company to give the FBI data from the iPhone belonging to one of the San Bernardino shooters. A parallel can be drawn here between this situation, and the debates encircling it, and the UK Governments work on the Draft Investigatory Powers Bill which was published in earnest this week.

From a pan-Asian perspective, cyber-security also featured highly on the agenda, with news of note from this week being that Japans technology industry is continuing to build cyber-security muscle. This has developed in response to the increasing threats Japan now faces, with the state being ever further targeted by email viruses and ransomware attacks which threaten to harm critical infrastructure and key commercial organisations. On the cyber-security note more generally, it was reported this week that the Cyber Five nations -- South Korea, Australia, New Zealand, Japan, and Singapore -- appear nine times more vulnerable to cyberattack than other Asian economies, according to the 2016 Asia-Pacific Defense Outlook released by Deloitte Touche Tohmatsu Limited (DTTL) .The study noted that these nations are the most heavily dependent on Internet-based interactions.

Also of interest from the Asian ICT sector this week, the news that a record-breaking filibuster by South Korean opposition members of parliament has entered its seventh day. The opposition party to the Government is determined to block a vote on a government-backed anti-terrorism bill which they argue threatens personal freedoms. The proposed legislation allows the National Intelligence Service (NIS) to collect a wide range of personal information - including phone records - on anyone deemed to pose a security risk.

A plethora of developments of interest from the rest of the ICT world and Global institutions this week. The news of primary importance included the publication of the Alliance for Affordable Internets 2015-2016 Affordability Report; the announcement that a final transition plan for the top level of the internet away from the US to ICANN will be published next month and finally, the launch of Googles Project Shield DDos mitigation service, which aims to preserve free speech by protecting news, human rights and election monitoring sites around the world.

24 February 2016

A relatively quiet week in the world of ICT this time around, with the monitor reflecting this.

However, there were certain stories of note which may prove to be of interest for IEEE both now and moving forward. In Europe, Internet governance and net neutrality received some coverage in the form of developments relating to the next generation mobile broadband network. It was reported that in the coming months, it is anticipated that the European Commission, tech firms, and various industries will demonstrate European progress on developing 5G. A Commission official revealed that the intention is to come up with fresh ideas by July, in order to showcase the first results by 2018. Linking this to issues of governance, key objectives of the 5G public private partnership (PPP), launched last year, are outlined in a Commission white paper on 5G: empowering vertical industries, that will be unveiled during the Mobile World Congress in Barcelona on 22-25 February.

Net neutrality implications are also tied to the development of this mobile broadband network, with Vodafone CEO Vittorio Colao having issued a stark warning this week that 5G services will be a disappointment in Europe unless standards meet local needs and without uniform telecom regulations from one country to the next. Evidently this will be an issue to monitor moving forwards.

Also featuring heavily in Europe this week, cyber privacy issues arose with the European Commission Vice-President Andrus Ansip stating that he supported Apples decision to refuse unblocking the iPhone of a terrorist, as requested by US authorities. He declared Identification systems are based on encryption. I am strongly against having any kind of backdoor to these systems. With the issue causing considerable dispute in the US, this will clearly be a debate to monitor moving forwards as other regions and states may face similar circumstances and hence will be required to formulate/articulate opinions on the issue.

The US ICT agenda this week was dominated by discussions and disagreement regarding Apples decision to refuse unblocking the iPhone of a terrorist, as requested by US authorities. It was reported that a number of major tech firms, such as Google, WhatsApp, Facebook and Twitter have all come out in support of Apples position on the issue. However, contesting the stance taken by Apple, the U.S. Department of Justice filed a motion on Friday seeking to compel Apple Inc to comply with a judge's order to unlock the encrypted iPhone in question. In response, a senior Apple executive, speaking with reporters on condition of anonymity, characterized the Justice Department's filing as an effort to argue its case in the media before the company has a chance to respond. This back and forth has caused an escalation in the ongoing dispute between the Obama administration and Silicon Valley firms over security and privacy.

Despite the over-arching theme of US reporting this week being focused on the aforementioned issue, cyber-security concerns did receive a degree of coverage. The news of note being that a group of experts from the private and public sectors, including former White House Special Assistant to the President for Cybersecurity Ari Schwartz, this week launched the Coalition for Cybersecurity Policy and Law to collaborate with and help educate policymakers and develop consensus-driven policy solutions.

In addition to this, this week the Department of Homeland Security (DHS), along with the Department of Justice, issued two sets of guidelines and procedures, required by the Cybersecurity Act of 2015, for federal agencies and the private sector to use regarding the sharing of cyber threat indicators.

From a pan-Asian perspective, developments of interest this week included the announcement by the Chinese state that new regulations will be enforced in order to ban foreign companies from publishing online media, games and other creative content within Chinas borders from next month onwards. This marks a decisive step forwards in the nations Internet Governance regime, and, perhaps a worrying one.

Cyber-security issues also achieved prominence in the pan-Asian ICT news cycle, with it being reported that the Indian Government, as well as industry, are now reaching out to major cyber-security companies in United States and Israel to boost their internal systems. Companies including software giant Microsoft and cyber security expert Blackduck are in talks with the government to address cyber security concerns and needs. "The industry needs smart and powerful tools to protect the network, which needs to be fully secured. Special protection is required, which the service provider has realised," said Peeyush Agrawal, Member (Technology), Department of Telecommunications (DoT).

On this theme, it was also reported this week that a rapidly widening cyber-vulnerability gap between the most and least internet-dependent Asia-Pacific nations is threatening to encourage online attacks on critical infrastructure. The report which detailed this, published on Wednesday by consultancy firm Deloitte, coincides with a growing tone of caution over the internet of things technology projects that seek to build greater web connectivity into everyday items and services but may leave users and the systems themselves open to ever more pernicious attacks.

On a somewhat more positive note, it was revealed this week that Raytheon, the international defense and technology solutions provider, has partnered with Khalifa University in Abu Dhabi on a program to build cyber skills in the UAE. The four-day cyber security workshop on the Khalifa University campus was launched on Monday, marking the launch of Raytheon's global 'Cyber Academy' designed to train cyber-skilled workforces for the future.

News of interest from other parts of the ICT world included the announcement that there are now more than a billion 4G mobile connections in use around the world, and 4G will account for a third of all mobile connections at the end of the current decade, according to the latest sector forecast from the GSM Association (GSMA). Also of note, Dells latest annual threat report, published this week, has highlighted that acquiring the capability to analyse encrypted traffic should be a top priority for businesses in 2016. The report reveals that a continued surge in SSL/TLS encryption is giving cyber criminals more opportunities to conceal malware from firewalls. Something to consider for the entire ICT world moving forwards as it seeks to strengthen its resilience against cyber-threats.

News of note from Global institutions this week included the announcements that Europol's and Chainalysis have reinforced their co-operation in the fight against cyber-crime, the First Digital Advisory Council hosted by DIGITALEUROPE was a reported success and that the EU and Brazil have signed an agreement to work together in order to develop 5G, the next generation of communication networks.

17 February 2016

Developments in the ICT world this week continued to be predominantly focused on issues pertaining to cyber-security and cyber-privacy. This was perhaps to be expected following the recent announcement of the US Governments annual budget which included provision for a Cybersecurity National Action Plan (CNAP).

Amongst the news related to this, other stories of prominence did however emerge. In Europe for example, there was considerable scrutiny applied to the recently negotiated Privacy Shield, a data sharing agreement between the US and the EU which is set to be finalised by the end of month, according to an EU commissioner. It has been reported that following the draft agreement being reached, the European Commission is now facing challenges on the arrangement: with the Parliament legal service and MEPs arguing the so-called Umbrella Agreement doesnt comply with EU law. MEPs in the Civil Liberties, Justice and Home Affairs (LIBE) Committee also criticised the agreement.

On this note, an EU privacy watchdog declared this week that the data protection framework agreed should not apply when sensitive information is to be transferred to the US in bulk. With this proving an issue of considerable contention, it is clear that further coverage will emerge in the weeks to come.

From a cyber-security perspective, it was announced this week that the right to be forgotten will be extended to all Google domains in the EU. Until now, search results removed under the ruling were only omitted from European versions of Google like google.co.uk. In September 2015, the French data protection authority threatened Google with a fine if it did not remove the search results data from all worldwide sites, including non-European search sites like Google.com. The tech giant has now let up while fending off claims that it doesn't respect Europe's tough privacy rules.

In the US, it was revealed this week that a fight over privacy at the Federal Communications Commission (FCC) is starting to heat up again following last years net neutrality rules. The FCC is expected to craft regulations in the coming months on how broadband providers handle sensitive customer data and advocates on both sides of the issue are gearing up to make their case.

As mentioned earlier, much of the coverage from the US this week focused on the announcement of President Obamas Cybersecurity National Action Plan (CNAP). Despite the budget proposals put forwards including a provision of $19 billion for cyber-security measures, certain critics have suggested this amount is still not proportionate to the threat faced by the US. Although the US cyber security budget allocation for 2017 represents a 35% increase on the previous budget, it is still a small fraction of the overall US defence budget. Critics have argued that the federal government spends about $700bn on defence, intelligence and homeland security, so the spending on cyber security represents only 2.7% of the total defence budget, up from 2% previously, and therefore isn't a substantial enough spending commitment.

In cyber-privacy related updates, The Department of Homeland Security (DHS) this week released interim guidelines for how the government will protect and share data gathered under a new major cybersecurity law. This represents the first of several planned steps being taken with the aim of assuaging fears that the Cybersecurity Act of 2015 which encourages companies to share hacking threat information with the government will simply shuttle more personal data on Americans to intelligence agencies.

In Asia, internet governance issues received some attention, with the announcement this week that the Chinese State is seeking to further tighten its control over content published online by foreign companies and their joint ventures in mainland China under a new regulation that will take effect next month. The Regulation for the Management of Online Publishing Services, is expected to introduce more stringent rules on online publication of original or adapted creative works, such as games, animation, comics, audio recordings and video.

Furthermore, it was reported that months after the Indian government endorsed the multistakeholder model of internet governance at the 53rd meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) the Indian position is being carefully examined internally. A potential re-alignment may culminate in a landmark cyber deal this year between India and Russia, which if signed, would be a marked change of approach not just in this space but for Indian foreign policy as a whole.

Regarding net neutrality, a topic which has been at the top of the agenda in the Indian ICT world in recent weeks, the TRAI Chairman RS Sharma announced this week that although the regulation of one part of net neutrality tariff has now been dealt with, the other part of either throttling or speeding up certain websites still needs to be tackled. He stated, our regulation is very clear. Anything on the internet cannot have discriminatory pricing. Integration between content and access provider is not allowed. We are against any integration between the two.

In addition to these developments, Pan-Asian cyber-security issues also drew some attention, as a report published this week by Recorded Future noted a strong correlation regarding diplomatic flare ups and cyber-attacks between India and Pakistan. In particular, the report notes, The continuing rivalry between India and Pakistan has spilled over into cyber-space, very visibly with hacktivism.

Finally, news from elsewhere in the ICT world included the announcement that the Director-General of the Swedish Post and Telecom Authority, Göran Marby, has been named the next President and Chief Executive Officer of the Internet Corporation for Assigned Names and Numbers (ICANN). Marby, a Swedish citizen, currently living in Stockholm will be relocating to Los Angeles for the role, the location of one of ICANN's three global hubs. He will succeed current President and CEO Fadi Chehadé whose term finishes on 15 March, and will join ICANN in May.

10 February 2016

A relatively subdued week this time around, with the US Government’s annual budget announcement including within it a Cybersecurity National Action Plan (CNAP). The plan has been devised in an effort to fortify America's digital defenses and protect Americans, government agencies and companies against the growing number of cyberattacks aimed at everything from national defense and health care to personal consumer data.

However, news from elsewhere did filter through, albeit in the shadow of these developments. In Europe, much of the coverage and discussion was focused on the recently agreed upon EU-US data privacy shield, agreed upon last week to replace the old Safe Harbour agreement regarding transatlantic data flows. Of note was the revelation from data protection watchdogs around the EU that companies will be permitted to continue transferring personal data to the US under alternative legal means – at least for the time being whilst the EU certifies the finer details of the newly agreed upon ‘privacy shield’ framework. “Until we have analysed the content of the arrangement and the possible consequences on the other transfer tools we will allow data controllers to use the BCRs [binding corporate rules] and standard contractual clauses,” said Isabelle Falque-Pierrotin, president of the Article 29 Working Party, which represents the powerful privacy authorities from EU member states.

Linked to this, and of note, the French data protection authority this week gave Facebook three months warning to stop tracking non-users' web activity without their consent and ordered the social network to stop transferring personal data to the United States. The French order is the first significant action to be taken against a company transferring personal data to the United States following an EU court ruling last year that struck down an agreement that had been relied on by thousands of companies, including Facebook, to avoid cumbersome EU data transfer rules. It would seem at a glance that the analysis offered by the EU watchdogs, as explored above, may be contradicted by the action of individual member states keen to establish privacy arrangements in the coming weeks.

Other big news from the European continent this week included the announcement that new legislation drafted by the European Commission could force all EU countries to ensure the 700 MHz band of spectrum is made exclusively available for mobile services by the middle of 2020. The European Commission has published proposals to introduce new laws that would require EU countries to “allow the use of the 694-790 MHz frequency band for terrestrial systems capable of providing wireless broadband electronic communications services”, in accordance with technical conditions it will lay out by 30 June 2020.

As aforementioned, news in the US was dominated this week by President Obama’s budget announcement and the Cybersecurity National Action Plan (CNAP). The draft budget put to Congress by the US administration includes the provision to boost cybersecurity spending to $19 billion for fiscal year 2017, a 35 percent increase over this fiscal year. The White House also wants to launch a $3.1 billion Information Technology Modernization Fund to retire and replace aging systems in the federal government. To oversee all initiatives, President Obama plans to create a federal chief information officer who would coordinate cybersecurity practices across agencies.

As part of the plan, President Obama is keen to engage with Silicon Valley tech companies in an effort to collaborate against cyber-security threats posed to the US. This marks the continuation of a dialogue between the administration and major US tech companies which has focused on issues such as encryption, data privacy and cyber-security in the past.

In other developments, the US Senate this week passed a privacy bill considered integral to the pending transatlantic data transfer pact with the EU. The so-called Judicial Redress Act, which gives EU citizens the right to challenge misuse of their personal data in U.S. court, is also a prerequisite of a law enforcement data-sharing “umbrella” agreement reached last fall.

From a Pan-Asian perspective, the news of utmost significance this week was that The Telecom Regulatory Authority of India (TRAI) has laid down rules that strictly prohibit the differential pricing of data on the basis of content in India — which effectively bans zero-rating initiatives such as Facebook’s Free Basics and Airtel’s Airtel Zero programme. The new rules came after a two-month-long consultation process that saw Facebook launching a big advertising campaign in support of its Free Basics program, which runs in more than 35 developing countries. The service, earlier known as internet.org, has also run into trouble in other countries that have accused Facebook of infringing the principle of net neutrality - the concept that all websites and data on the Internet be treated equally.

Cyber-security also received a degree of coverage in Asia this week, as it was revealed that hacker in China have attempted to access over 20 million active accounts on Alibaba Group Holding Ltd's Taobao e-commerce website using Alibaba's own cloud computing service. The news was revealed via a state media report posted on the Internet regulator's website.

As for news from other parts of the globe and developments associated with Global Institutions, this week represented a particularly quiet one. However, some stories of interest did emerge, including the announcement in Cisco’s latest Visual Networking Index mobile report that by the end of the decade, Global mobile data traffic will have reached 30.6 exabytes – approximately 30 quintillion bytes or 30 billion gigabytes – per month, up from 3.7 exabytes in 2015.

Finally, it was also revealed this week that NATO has become the first organisation to deploy Polycom’s RealPresence Centro unified communications system ahead of a wider launch in the coming months, as it seeks to enhance its internal collaboration capabilities.

3 February 2016

Rather predictably, issues pertaining to Safe Harbour and the negotiations between the EU and the USA over a key data transfer pact dominated the headlines this week.

In the midst of the deadline for an agreement being missed, all other Global ICT developments were somewhat overshadowed. Data protection authorities had given the European Commission until the end of January to fix a new arrangement to replace the Safe Harbour deal knocked down in October 2015 by the European Court of Justice (ECJ), however with complications arising an agreement remained elusive earlier this week. Emphasising this, Justice Commissioner Vera Jourova declared during a meeting of the European Parliament's Civil Liberties, Justice and Home Affairs (LIBE) Committee earlier this week that there was a need for an “arrangement that is fundamentally different from the old Safe Harbour,”.

Despite these difficulties, the European Commission did eventually reach a deal with the US yesterday (2nd February 2016), replacing the old Safe Harbour agreement with a rebranded ‘EU-US privacy shield’. The new agreement arrives following months of hurried negotiations and will come into effect after the deal is formally drafted, which EU Justice Commissioner Vera Jourova estimated could take roughly three months.

Other news of interest from Europe this week included the announcement that the European Commission will issue ‘sharing economy guidelines’ to member states in early March on how to regulate emerging companies like Uber and Airbnb, which have shaken up the taxi and hotel sector. This in addition to the revelation that the European Commission also plan to shake up regulation of the European radio spectrum, with EU member states National governments being asked to announce their plans to move TV broadcasters below the 700 MHz band by 2017, which will be assigned exclusively to wireless broadband by 2020.

Also of note, a European industry group has this week proposed cyber-security policy recommendations for the European Union during the International Cyber-Security Forum. The European Cybersecurity Industry Leaders, or ECIL, is comprised of a number of cybersecurity and defense contractors, including Thales Group, Atos, Airbus Group, Deutsche Tekekom, Ericcson, Infineon and others. The group was created to draft a report to the European Commission recommending increased consolidation and integration of the union's cybersecurity assets.

In the US, there was also wide ranging coverage of the EU-US data pact negotiations, but amongst these developments, other news of interest included the announcement that a US delegation has visited Cuba in recent days in order to urge the Government there to more rapidly build out its Internet infrastructure and make it more widely available. Officials said they had recommended that Cuba “leapfrog” current buildout of aging technology, such as DSL and 3G mobile service, for faster technology such as fiber and high-speed mobile. Officials also urged the country to relax regulations that are preventing many in Cuba from getting Internet in their homes, along with other censorship or blocking policies.

Net neutrality issues also reared their head again this week in the US, with a leading Stanford Law professor claiming that the ‘Binge On’ video streaming service set up by T-Mobile stifles competition, free speech and customer choice and as a result violates basic principles of Net Neutrality. This will doubtless be an issue to watch moving forwards, with Professor Barbara van Schewick warning in her report on the issue that it may represent the dawn of the end of the “innovation without permission” era.

Cyber-skills received attention this week too, with the announcement that US President, Barack Obama, has included a provision in his budget proposal for the new fiscal year that $4 billion is to be provided to states to develop computer science programs, along with $100 million in grants available directly to school districts to advance computer learning. The funds will be used to encourage states and districts to not only create computer science programs, but also build programs that draw in students who are typically left out of that education right now. However it remains unclear whether the plan will come to fruition, as despite the recent bipartisan support for computer science education, the budget in full will require approval from the U.S. Congress before coming into effect and so as ever, there is a risk that the plan may change or be scrapped entirely.

A relatively quiet week from a Pan-Asian ICT perspective, perhaps not altogether surprising considering the aforementioned attention lavished on the transatlantic negotiations saga between the EU and the US. However, news of note included the announcement that the Telecom Regulatory Authority of India said it might soon take a decision on the differential pricing for data services. TRAI recently held an open-house discussion on the issue, which saw huge participation from telecom operators, consumer rights groups, industry bodies and individuals. TRAI Chairman R S Sharma claimed it was a very ‘lively consultation’ and that the body hopes to come out with their position on the issue of net neutrality ‘by the end of the month’.

From a cyber-security angle, it was revealed this week that the NEC Corporation has launched a Cyber Security Factory in Singapore, the latest addition to the company’s global portfolio of security operation centres. The newly opened Cyber Security Factory in Singapore will collaborate with NEC’s Security Operations Centres located in strategic parts of the world including Japan, with an aim to provide an inter-connected network to share intelligence on cyber threats and deliver 24/7 security to customers. This news follows the continually emerging recognition of and focus on the merits of effective Cyber-Security and the need for robust ICT systems to counter and overcome potential cyber-threats which is taking place across the Pan-Asian region.

Plenty of developments of interest from elsewhere around the World this week too. Of particular note, Australian ICT issues featured heavily, with it being reported that the need for cyber-security skills in the nation has ballooned in light of the fact the country’s ICT systems are not sufficiently robust to withstand targeted cyber-attack. Worsening this issue, it was reported that Australian businesses are far too willing to pay when hit by ransomware, serving to only encourage further attacks, according to security experts at Deloitte.

Finally, announcements of interest from Global Institutions this week included the call from ENISA for enhanced cooperation among private and public sector stakeholders in light of the recent significant increase in cyber threats to critical services and infrastructures. Following its study of Critical Information Infrastructures (CIIs) across the European continent, ENISA declared that EU Member States and the private sector alike need to further co-operate with each other if they are to effectively address these threats today. Yet, it was found that only half of the examined countries have established such cooperation models as public–private partnerships, working groups and contact forums.

Lastly, with data protection stealing the show for this week at least, it seems only right to end with the news that Europol this week celebrated the 10th Anniversary of it’s established European Data Protection Day. The 28th January 2016 marked the ten year anniversary of the first legally binding international law in the field of data protection. 10 years later, as this week shows, progress is still being strived for, and made.

27 January 2016

This week witnessed developments of interest from around the Globe in the domain of ICT.

In Europe, it was announced that businesses operating in multiple EU countries may be forced to comply with each of the different national data protection laws that apply in the countries in which they operate. The new guidance, issued by the Article 29 Working Party (a committee made of up representatives from the 28 national data protection authorities within the EU) could have potentially dramatic impacts for companies across the continent as clarification is sought on how organisations that have more than one establishment in the EU best move forwards in line with the varying data protection regulatory regimes in place.

From a cyber-security perspective, issues pertaining to Ukraine continued to dominate the headlines this week. Following a new wave of cyber-attacks reported to have hit power companies in the country, it was announced that Ukraine will establish a cyber-police unit as part of reforms underway in the nation’s law enforcement system. It has been reported that the newly established agency will focus on the fight against cyber-crime in Ukraine as well as protecting the country's state IT security interests.

Furthermore, cyber-privacy issues received considerable attention, with the US proposing to create an ‘ombudsman’ to deal with EU citizens' complaints about U.S. surveillance as part of talks to clinch a new EU-U.S. data transfer pact. Washington and Brussels are currently working against the clock in an attempt to seal a deal on protecting Europeans' data transferred across the Atlantic following the quashing of the previous agreement, Safe Harbour, on privacy concern grounds.

In the US, developments were overwhelmingly focused on cyber-privacy issues this week. However, cyber-security also received a fair degree of coverage, with the announcement that the US Government has handed over the its sensitive cybersecurity role to the military. The move has been reported as a snub to the Office of Personnel Management, the agency at the center of last year’s scandal over one of the worst government data breaches known to the public.

As aforementioned, encryption and privacy issues were of the greatest prominence in the USA this week, with a range of stories of significant interest cropping up. The first of these was the announcement that the American Civil Liberties Union is set to take its privacy fight to various states around the USA. The group has organized local lawmakers in 16 states to introduce a range of privacy legislation — related to student and employee rights as well as protection from government surveillance.

In addition to this, the NSA chief this week declared that ‘encryption is foundational to the future’ as the debate surrounding the topic continues to swirl and consume considerable media attention. In the wake of the terror attacks in Paris and San Bernardino, Calif., law enforcement and some lawmakers have been pressing tech companies to give investigators guaranteed access to secure data. But the tech and privacy community have resisted the push. They say any type of guaranteed access to data introduces vulnerabilities that weaken encryption and expose everyday Internet activity to hackers.

Finally, with an eye cast forward towards next month, the prospect of negotiations coming down to the wire on privacy legislation regarding the EU-USA data pact looms large over the ICT world. Developments can be expected in the coming days as the clock ticks down and the legislative cliff rapidly approaches.

In Asia, developments spanned across a range of topics. Of interest was the announcement that the People's Bank of China (PBOC), China's central bank, hopes to launch its own virtual currency to cut the cost of handling paper money and to give the government more control of the country's money supply. With discussion fermenting regarding the benefits and drawbacks of such systems, this move will doubtless generate considerable attention from across the Globe as one of the world’s premium economies moves forwards with implementation.

The net neutrality issues which have dominated ICT in India in recent weeks appear to be coming towards a head, with the open house discussion on differential pricing of Internet services coming to a close last week, and TRAI Chairman R.S Sharma indicating that the regulator will come out with its position by the end of the month.

Cyber-security developments were multiple and of particular note, with the most prominent stories including the assertion from Security researcher firm Palo Alto Networks, who revealed this week that a Chinese adversary group C0d0so0 or “Codoso” has reappeared. In addition to this it was announced that Singapore is currently planning the development of a cyber-security bill as a means of granting greater powers to the state’s cyber security agency. According to the Ministry of Communications and Information (MCI), in association with this, the state’s spending on cyber security will also rise, to at least 8% of the government's IT budget.

Elsewhere, it was reported this week that some of the world's biggest banks have tested using blockchain technology to process payments without the involvement of a central clearing house, according to the financial technology company that facilitated the test. Also of interest, ISIS hackers have vowed to take revenge for a recent drone strike that took out top ISIS hacker Junaid Hussain. The Cyber Caliphate, one of the main ISIS hacking groups, posted an image with the proclamation on Tuesday to its official account on the messaging app Telegram.

Finally, announcements of interest from Global Institutions this week included the news that ICANN have extended the deadline for submissions relating to the their request for proposal for the Independent review of the At-Large community.

Last, but certainly not least, this week witnessed a new global dialogue established at the WEF in Davos, focused on getting the next 1.5 billion unconnected people online. A specified session was held as part of the efforts to build momentum and reach out to world leaders to push the issue of broadband connectivity to the top of the global agenda. It is the first time that so many world leaders have affirmed the vital importance of broadband to national growth and coalesced around a common broadband vision. A new Discussion Paper developed by ITU estimates that it will take global investment of USD 450 billion in network infrastructure to connect the next 1.5 billion unconnected people worldwide.

21 January 2016

This week saw developments continue a pace in the ICT world, with multiple stories of interest emerging from across the Globe.

In Europe, news of note included the announcement that EU regulators are due to meet next month on the Safe Harbour replacement, with data protection bodies scheduled to come together on the 2nd of February to discuss solutions for filling the current ‘data-transfer void’. Also on the topic of internet governance, this week witnessed the European Parliament passing a resolution urging the European Union body to immediately table the 16 Digital Single Market initiatives announced by the European Commission last May (2015). The Parliament has called for a more open approach to providing digital goods and services, and has requested for the EU to be more proactive in seizing on the opportunities around big data, cloud, the internet of things and 3D printing.

In net neutrality developments, the Council of Europe stated that Internet Service Providers (ISPs) ought to check with regulators before using tools to control internet traffic. The recommendation was made by the Committee of Ministers at the Council of Europe in new net neutrality guidelines that it has published and is aimed at ensuring the privacy rights of internet users are respected.

From a cyber-security perspective, the European Parliament’s internal market committee this week has come out in support of measures to ensure that businesses supplying ‘essential services’ improve their ability to resist cyber-attacks. The new regulations would be geared towards protecting essential networks and services such as online banking and key electricity/transport infrastructure grids.

In the US, it was revealed this week that a plan to end key oversight role played by the US Government is in place and on track for completion this year. The move is a symbolic gesture aimed at asserting the independence of the web, According to Fadi Chehade, chief executive of the Internet Corporation for Assigned Names and Numbers (ICANN), the transition will not change how the internet functions but will serve to reassure users, businesses and other governments about its integrity.

Cyber-security developments in America included the revelation that cyber-attacks on the critical manufacturing sector in the country nearly doubled in the year ended Sept. 30, according to the U.S. Department of Homeland Security. The Department of Homeland Security's Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT, said in a report distributed this week that it investigated 97 incidents at critical manufacturers during its most-recent fiscal year.

Cyber-privacy and encryption debates continued to rumble on in the US this week. On this topic, the NSA this week defended the programme set up by the agency in order to collect domestic telephone records, claiming it meets several privacy and civil liberty benchmarks. The programme has satisfactorily complied with eight privacy safeguards that include transparency, oversight, data minimization and use limitation since its implementation in November, according to a report released by the NSA’s Civil Liberties and Privacy Office.

Additional to this, it was announced this week by House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) that new legislation is set to be introduced, aimed at establishing a national commission to figure out how police can get at encrypted data without endangering Americans’ privacy. The bill, which McCaul first discussed in a December speech, is intended to cut through the heated rhetoric that has defined the encryption debate in the wake of the terror attacks in Paris and San Bernardino, Calif.

In Asia, news this week was again somewhat limited, but of significant interest was the announcement from Singapore that the Government there is planning to merge its technology and media regulators in order to better support its plans to become a ‘smart nation’. The Infocomm Development Authority and the Media Development Authority are due to be merged into the Infocommunications Media Development Authority of Singapore (IMDA) on 1 April. In addition to this, the Govermnent has also announced the creation of a new agency to promote use of digital technology in government.

Net neutrality issues continued to flare up in India in the week passed, with sectoral regulator Trai conducting an open house discussion on differential pricing for data services, a key aspect of net neutrality, on January 21. In a notification, Trai said “interested stakeholders are invited to participate” in open house discussion on its consultation paper on ‘Differential Prices for Data Services’. Linked with this and of note, Facebook has said this week that it attempted to cooperate with the Telecom regulator's request to submit specific responses to the differential pricing paper by delivering a request for additional information, and that it got 1.4 million Indian users' responses.

Elsewhere, stories of note from around the World included the announcement by the Nuclear Threat Initiative organisation that twenty nations with significant atomic stockpiles or nuclear power plants have no government regulation in place requiring them to protect themselves from cyberattack. “The current global nuclear security system has dangerous gaps that prevent it from being truly comprehensive and effective,” said Nuclear Threat Initiative President Joan Rohlfing. “Until those gaps are closed, terrorists will seek to exploit them."

Also of interest, the Australian Prime Minister Malcolm Turnbull this week addressed internet governance issues by calling for a free, open and secure internet, in a speech at the US Center for Strategic and International Studies in Washington DC. Turnbull said it is essential for internet governance to be independent of individual governments but that it is essential at the same time that cyber space is not allowed to become a ‘lawless domain’.

Finally, announcements of interest from Global Institutions this week included the news that Egypt is set to host ITU’s 2016 Global Symposium for regulators. ITU and the National Telecom Regulatory Authority of Egypt (NTRA) have signed the Host Country Agreement for the 2016 Global Symposium for Regulators (GSR), which will take place in Sharm el-Sheikh, Egypt, from 11 to 14 May 2016. Organized by ITU and hosted by the Government of Egypt, the event will welcome world-class speakers with a dynamic programme focused around the hot topics challenging today’s ICT regulators.

From a people perspective, also of interest was the reveal of a new head of Europol’s European Cyber Crime Centre. Mr Steven Wilson has taken up his duties as the new Head of Europol’s European Cybercrime Centre (EC3 as of January 18 2016). Since its launch in January three years ago, EC3 has seen a steep increase in its activities supporting cybercrime investigations in EU Member States. The demands for its services are boosted by the positive effects of pooling cyber intelligence and resources to fight the most impactful cybercrime networks at EU level and also in close coordination with key law enforcement authorities from partners outside the EU.

14 January 2016

With 2016 now up and running, developments in the industry continued at a pace this week.

In Europe, the telecoms market was in focus, with two Committees at the European Parliament calling for the market to be regulated by a single authority moving forwards. The Committee on Industry, Research and Energy and Committee on the Internal Market and Consumer Protection made the recommendation in a motion tabled for a new European Parliament resolution on the subject of the EU's work towards a digital single market.

Once again this week, cyber-security issues took centre stage alongside cyber privacy updates. From a cyber-security perspective, the news of note was the announcement that EU ministers have called this week for greater intelligence sharing in order to prevent extremist groups slipping across borders in order to carry out attacks. Ministers urged for concrete commitments to be established at talks on Monday, with the Belgian Foreign Minister Didier Reynders admitting much more must be done on the issue. "Intelligence services must get used to not only collecting information, but to sharing it," he told reporters on the sidelines of the talks, which were attended by more than 50 countries.

Cyber privacy developments were many and significant. The key European headlines this week regarding this issue included the ECHR announcement that companies can now monitor employees private online communications whilst they are using work networks. The issue has gathered pace following the case of a Romanian engineer who was fired in 2007 after his company discovered he was using Yahoo Messenger to chat not only with his professional contacts, but also with his fiancee and brother.

Furthermore, the ECtHR this week dealt a blow to not only Hungary’s surveillance practices, but in a move which could have wide ranging consequences for similar policy frameworks across the continent, took issue with the lack of parliamentary oversight and means for judicial redress within Hungary’s current surveillance programme.

In the US, net neutrality issues featured heavily, with announcements this week that House Republicans will resume their nearly yearlong effort to nibble away at the edges of the Federal Communications Commission's (FCC) Internet rules. Also generating considerable coverage with regards to the subject, President Obama touted his administration’s strong net neutrality rules but also alluded to a need to blunt the spread of terrorism online during his final State of the Union address on Tuesday. In a portion of his speech meant to highlight the spirit of discovery in the United States, the president pointed to agency wins aimed at getting more people online and protecting the Internet through net neutrality rules.

In other news, cyber-security concerns were expressed by tech executives in the US this week, with several key industry figures telling Congress that the U.S. Government needs to spend more on cybersecurity if it wants to avoid breaches like the Office of Personnel Management hack that released sensitive data on 21.5 million Americans. This was followed by news that both the Department of Education and the Security Operations Center (SOC) (responsible for the securing the U.S. Nuclear Regulatory Commission's (NRC) network infrastructure) are currently not sufficiently robust to meet the escalating cyber threats the U.S faces. This is a problem which continues to rumble on in the U.S. and it is likely to gain further traction and scrutiny as 2016 unfurls.

Finally in the U.S., it was reported this week that the Obama administration is poised to unveil its long-term policy vision on encryption amid a global debate sparked by the recent terror attacks in Paris and San Bernardino. The issue is currently extremely highly contested with privacy advocates urging the Government to take a strong stand in favor of encryption technologies, which protect online policy. Contesting this, the FBI and other law enforcement agencies have called for guaranteed access to all encrypted communications. It remains unclear at this stage where the administration will settle on this issue, but the reveal is expected soon in the form of an official policy statement, expected to outline the Administration’s views on what role the government should — or shouldn’t — play in regulating encryption.

Asian developments were relatively few and far between this week, though news of note included the announcement that Telecoms and IT ministers from Asean nations have agreed on further co-operation to develop the region’s digital economy. The ministers approved a five-year IT roadmap (Asean ICT Masterplan 2020 - AIM2020) to 2020 in November during the 15th Asean Telecommunications and Information Technology Ministers Meeting (Asean TELMIN 2015) in Vietnam. The guidelines are aimed at driving the digital economy in Asean countries in the next 5 years.

Updates also of note included the Indian Congress seeking a ‘clear and categorical’ statement from the Indian Government in support of net neutrality this week. Also from an Indian perspective, it was determined this week in the Global Service Location Index from management consultancy AT Kearney that India remains the prime global location from which to deliver offshore ICT services.

On a somewhat lighter note, internet users in Qatar will be presumably rubbing their hands in glee this week following the Qatar Cabinet’s announcement that it has approved a draft privacy law aiming to protect residents against spam messages via email or on mobile phones. Further developments with this legislation are anticipated for the coming weeks and months, but internet users globally are likely to take a keen interest in this story as inboxes everywhere chug along under the continuing burden of spam.

As for other global developments, this week witnessed the launch of a website SecureTheInternet.org by a coalition of hundreds of technologists, privacy advocates and industry groups calling on governments worldwide to reject any policy that could infringe on people’s ability to use robust encryption.

Finally, the results of ISACA’s poll of 2,920 information technology professionals across 121 countries in order to determine their top security concerns, views on government-industry threat information exchange and IT talent recruitment efforts at their organizations, resulted in IT professionals ranking social engineering, insider and advanced persistent threats as their organizations’ most pressing concerns for 2016. Sixty-three percent of the respondents polled said they oppose the idea of governments having backdoor access to private data systems and 83 percent said they are in favor of data breach notification policies for businesses, ISACA reported.

7 January 2016

This week’s update sees a relatively subdued start to 2016, with industry slowly emerging into the new year.

In Europe, developments were predominantly focused on the issue of cyber-security, with a range of stories featuring from across the continent. Of prominence was the announcement from the Netherlands that the Dutch Government will not follow the trend of weakening encryption for security purposes, and instead endorse the “importance of strong encryption for internet security to support the protection of privacy for citizens, companies, the government and the entire Dutch economy,”. With China and the US also considering the balance of introducing similar legislation such as seen recently through the Draft Investigatory powers Bill in the UK, 2016 will present an interesting space to watch for developments regarding encryption.

In a privacy context, he independent European data protection supervisor (EDPS) announced this week it is due to set up an external ethics advisory group to address concerns over surveillance technologies. The move was announced by EDPS head Giovanni Buttarelli. Significantly, he called for enclusive Europe-wide and global co-operation on the issue and recommended a review and bolstering of existing European Union (EU) standards for the protection of human rights.

In the US, cyber-security and cyber-privacy also dominated the headlines, with two security stories being of particular interest. The first of those being that a quasi-governmental U.S. electric industry group last week advised members to review network defenses following reports regarding a cyber-attack which resulted in 80,000 customers of a Western Ukraine utility provider losing service for 6 hours.

Secondly, and of equal note, Washington Governor Jay Inslee this week signed an executive order to create a state Office of Privacy and Data Protection, and announced cybersecurity collaboration with the U.S. Department of Homeland Security. The move is targeted at ensuring the state’s office of cyber-security will work even more closely with Homeland security in order to find new ways for states to "defend against increasingly sophisticated and targeted cyber threats."

From a privacy angle, it was revealed this week that despite previous promises made to curb spying on the leaders of U.S. allies, the White House has persisted in keeping tabs on some heads of state, including the Israeli Prime Minister, Benjamin Netanyahu. Sources quoted stated that President Obama had offered a justification for the activities concerned as a matter of “compelling national security purpose”.

In Asia, net neutrality was high on the agenda, with a row erupting in India over the recently introduced Free Basics initiative by Facebook. The TRAI has set a deadline of February 7th for the submission of views related to the service, notably however, the campaign has engendered increased activity from net neutrality campaigners in the country both on and off line.

Also of considerable interest was China’s passing of new legislation in the form of a new anti-terrorism law, legislation which had been previously opposed by business groups, President Obama and human rights organisations. The new law will require companies to turn over user data and assist Chinese police or security agents with decryption in terrorist investigations and related cases.

Elsewhere, and of note, BIMCO released the first set of cyber-security guidelines for the global shipping industry and Zimbabwe announced plans to start a new project to support adoption of research data management and sharing services among government, universities and research institutions as part of its plans to pave the way for a nationwide open access mandate.

Finally, from a Global Institution perspective, the European Parliament this week informally agreed to replace the EU Data Protection Directive from 1995 with new comprehensive privacy legislation called the General Data Protection Regulation backed by 48 votes to 4, with 4 abstentions. Once ratified, the GDPR will become law in 2018 across all 28 EU Member States and will take over from the current laws EU Member States implemented in order to comply with the data protection requirements set out in the Directive.

23 December 2015

The report this week focuses on looking at the opportunities and challenges that 2016 may present in the ICT sector.

In Europe, it was reported this week that Russia faces a considerable issue with it’s cyber-security environment, with businesses in the country forecast to lose almost US$ 1 bn (70 billion rubles £662 million) from cyber-attacks this year and this figure is expected to continue to grow in the near future.

In other news, technology giant Apple has called upon the UK government to rethink the draft Investigatory Powers Bill. The company has submitted an eight-page-long document outlining it’s opposition to the draft bill as it is currently composed. In its current form, the Bill, if passed, would make it obligatory for ISPs to keep users’ browsing history for a year, as well as give the police backdoors to any of their services.

In the US, cyber-security related headlines gained prominence, with the announcement this week that the Pentagon is considering stepping up its cyber warfare against the Islamic State in Iraq and Syria (ISIS). According to several unnamed U.S. officials, Government hackers have created a slate of tools that could be deployed to sabotage the extremist group’s online recruitment efforts.

Furthermore, encryption featured heavily once again this week in the US news sources, with several news releases suggesting that debates around encryption, national security and privacy are likely to continue to heat up next year.

A particularly quiet week from a Pan-Asian perspective, with the news of note being that China will continue to take on bigger responsibilities and push for new rules in the cyber sphere following the conclusion of the World Internet Conference in Wuzhen.

Elsewhere, developments of interest included the temporary shut-down of communications app ‘WhatsApp’ in Brazil, the admission of responsibility by Anonymous regarding the DDos attacks on Turkish servers and finally, the announcement from Ovum that 2016 will witness in excess of $37 billion spent on cyber-security measures/protection globally.

Finally, developments of interest related to Global institutions this week witnessed ITU members agree an international standard for Big Data as well as agreement forged within the UN to keep control of the internet out of the hands of international governments, at least for the next decade, following the World Summit on the Information Society (WSIS).

10 December 2015

In Europe this week, internet governance featured prominently with the European Commissions announcement of a new proposal for the European copyright framework. Specifically, the new framework is geared towards enabling residents of the EU to access legal digital content whilst traveling outside the country they live in.

Also of significance on a Pan-European level this week, EU lawmakers and member states struck a deal on the bloc's first broad cyber-security law to affect multiple industry sectors. The provisionally agreed legislation will dictate that companies operating in multiple key sectors will have to ensure that the digital infrastructure that they use is sufficiently secure to withstand online attacks. Similarly, major digital marketplaces, search engines, and cloud services will be required to ensure that their infrastructure is robust, and to report major breaches if/when they occur. Under the framework smaller digital companies are due to be exempt from these requirements.

In the US, cyber privacy issues came to the fore, with US president Barack Obama hinting at the possibility of adopting a stronger stance against encryption laws. Whilst addressing the nation in response to the San Bernadino tragedy, President Obama stated he would urge high-tech leaders to make it harder for terrorists to use technology to escape from justice.

Cyber-security developments witnessed an announcement from the US Defence Department that the organisation is seeking industry advice and support as it seeks to embark on a modernisation programme related to its Global Command and Control System. In addition to this, another cyber-security update of note was the delay experienced by the US administration as it seeks to implement legislation geared towards thwarting hack attacks. Lawmakers have continued to clash over how best to protect Americans personal information with a final compromise on the legislation taking longer than expected amid disagreements over privacy provisions.

Finally, issues of net neutrality received wide coverage, with the Federal Communications Commission (FCC) in court again this week to defend the controversial net neutrality regulations it introduced in June this year. This is now the third occasion on which the agency has been required to defend rules it has developed.

In Asia, China came under pressure to defend its internet governance regulations this week ahead of the Inaugural World Internet Conference organised by the state. This week, in the build up to the Conference, China's cyber chief rejected criticism that the country's Internet was overly censored, arguing instead that maintained order was a means to online freedom. This year, the Chinese government is upping the scale of the event, to be held from Dec. 16-18, which will include a speech by President Xi Jinping and be attended by prime ministers from Russia, Pakistan, Kazakhstan, Kyrgyzstan, and Tajikistan.

From a cyber-security perspective it was reported this week that cyber-attacks are becoming an increasing concern for Asean countries, with businesses and governments in Southeast Asia increasingly likely to be a target for cyber criminals, according to a report from security supplier FireEye and Singapore-headquartered telco Singtel. On a similar note, it was also reported that online cyber security breaches in China have skyrocketed more than 500% in the previous 12 months according to the recently published PricewaterhouseCoopers (PwC) Global State of Information Security Survey 2016. The report detailed that the average financial loss incurred by China as a result of such cyber-crime rose by 10%, in stark contrast to the rest of the world, which witnessed a 5% drop in financial losses due to cyber-crimes.

Elsewhere, it was announced that an international operation involving Europol, Interpol, the US department of homeland security, the US National Cyber Investigative Joint Taskforce, the FBI, Microsoft and other private sector organisations has targeted the Dorkbot botnet. The ambition has been to disrupt the Dorkbot infrastructure, including command and control servers in Asia, Europe, and North America, including the seizure of domains.

Furthermore, the International Chamber of Commerce (ICC), Business Action to Support the Information Society (BASIS) urged global stakeholders this week to acknowledge that cyber security standards must be globally accepted, industry led and recognized by the broadest community possible. The statement was made during a session on cyber security and digital trust at the Internet governance forum (IGF) in João Pessoa, Brazil.

Finally, the US EU Cyber Dialogue meeting which took place this week witnessed a commitment from both bodies to continue working in collaboration on cyber security and internet governance issues amongst other things. Of particular note was the announcement of a pledge to continue implementing the NETmundial roadmap on multi-stakeholder Internet governance.

03 December 2015
This week global coverage of the IT sector broadened away from a previously heavy focus on cyber-security, which had been dominating headlines in recent weeks following the events in Europe.

From a European perspective, Internet Governance featured heavily with The European Commission announcing it will be considering a comprehensive plan to support the ‘Internet of Things’ by mid-2016.

Also on a Pan-European level, it has been announced that Europe's police agency, Europol, is getting new powers to combat terrorism, cyber-crime and other cross-border threats following the Paris attacks in November.

Other big news this week, was the announcement that Google has received 348,085 'forget' requests in Europe following a European court ruling that people have a right to be forgotten online. It has since emerged that Google complied with less than half of the requests, citing that decision making was based on a criteria intended to balance privacy with the right of public knowledge.

In the US, cyber security related developments took precedence, with the major announcement being that US and Chinese officials have begun talks aimed at improving cooperation on commercial cyber espionage investigations. It represents the first official cybersecurity dialogue between the two nations in almost two years.

In what has proved to be a challenging week for Google, a prominent US privacy group. The Electronic Frontier Foundation, has lodged a complaint against the company with the Federal Trade Commission. This followed accusations of Google collecting and using the personal information of students in the US contrary to a pledge it reluctantly signed earlier this year.

Linked to this, the debate between the US Government and major technology companies surrounding privacy and encryption rumbled on this week. In the latest developments, during a hearing held by the House Judiciary Committee on Email Privacy Act, Google along with tech and legal advocates voiced support for the Email Privacy Act and expressed opposition to the Securities and Exchange Commission's (SEC) request for exemption from the bill. In contrast to this stance, the privacy bill amending the Electronic Communications Privacy Act of 1986 is supported by more than 300 members of the House of Representatives.

Meanwhile, in Asia, the APrIGF Multi-Stakeholder Steering Group (MSG) announced it is calling upon the ICT community to contribute to the programme development of APrIGF 2016 Taipei. This engenders an opportunity for 3I to engage with the body, to discuss and shape a range of issues, one of which is Internet Governance regulation. Following on the theme of Internet Governance, Taiwan and the United States held their first ‘digital economy forum’, during which officials from both sides met to discuss policies regarding digital trade and the establishment of regulatory environments to enable digital development.

Finally, in cyber-security related updates it was announced this week that China has arrested the suspected OPM hackers, those accused of breaking into the United States Office of Personnel Management databases. The move was meant as a show of good faith ahead of increased dialogue between the two states on issues of cyber-security and espionage.

Elsewhere, sizeable developments included the publication of the ITU’s flagship annual ‘Measuring the Information Society Report’ for 2015. The report, released on the 30th of November gives an overview of global information society developments. Another story of note is the publication of a report by the International Institute for Strategic Studies which accuses the global policy community of being slow to appreciate the strategic implications of cyber space. The ‘Evolution of the cyber domain: The implications for national and global security’ says the cyber domain needs to be better understood and the subject of greater strategic focus.

26 November 2015
This week cyber security issues continued to pervade the majority of European news coverage following the recent events in Paris and more lately, Brussels.

Following the attacks in Paris, France is extending the state of emergency in place to three months, enabling new legislation granting the Government the powers to carry out searches of any seized devices and block websites of choice.

Elsewhere in Europe, the UK Government has committed an extra £1.9 billion to be spent on cyber-security by 2020, and Belgium has joined the NATO Cooperative Cyber Defence Centre of Excellence.

Finally, in a targeted effort to combat terrorism at a Pan-European level following the recent attacks across the continent, the European Union has announced plans to increase controls on virtual currencies, prepaid cards and money remittances.

Developments in the US witnessed the establishment of a new national counterintelligence strategy, designed to outline a plan for detecting, mitigating and preventing potential cyber-attacks.

Net neutrality also featured highly in this week’s media coverage, with the FCC’s network neutrality regulations and enforcement measures coming under intense scrutiny,

With regards to cyber privacy, the ongoing battle over encryption between major tech companies and the US Government rolled on. In the wake of the Paris attacks, US officials are once again pushing for limits on encryption and meeting resistance from key industry stakeholders.

On a Pan-Asian level, Internet governance was on the agenda, with preparations underway for Wuzhen, a town in the Zhejiang province of China due to hold the hold the second World Internet Conference (WIC) from Dec 16 to 18. It is anticipated that approximately 12,000 leading figures from governments, international organizations, companies and civil societies will attend, with the theme being "An Interconnected World Shared and Governed by All—Building a Cyberspace Community of Shared Destiny".

In cyber-security developments, China and the US announced they have reached ‘meaningful commitments’ to one another in an attempt to cut down on the trade- secret theft and pilfering of Intellectual Property which China has been renowned for.

Meanwhile, according to the Robert Walters Asia Job Index Q3 2015, the demand for cyber-skills across Asia remains high, with the region’s developing IT infrastructure generating significant growth in this particular employment market.

Elsewhere, Iran is said to have ramped up its cyber espionage activities, namely targeting the US and it’s cyber infrastructure following the historic nuclear agreement reached between the two states recently. Analysis suggests the activity signals a marked shift in cyber strategy for Iran, with an increasing focus on espionage as opposed to cyber-attacks.

Finally, select members of the UN this week are having closed door meetings in preparation for the high level summit due to take place in December, with 190 countries scheduled to meet at the UN to determine the ‘future of the internet’. The summit in December is a planned ten year review of policies for global internet deployment, including issues such as internet governance and the ‘digital divide’.