IEEE Global Internet Policy Monitor

27 April 2016 — A somewhat subdued week of announcements from across the ICT world this week. However, a range of stories which may be of interest to IEEE emerged, these are detailed further below.

In Europe, the UK information commissioner Christopher Graham this week criticised the reluctance of the US to make changes to the Privacy Shield data transfer pact agreed in February 2016 with the European Commission. The Article 29 Working Party (A29WP) of European data protection authorities, including Graham, recently called for more work on Privacy Shield instead of approving the proposed pact to replace the now-defunct Safe Harbour agreement to ensure privacy protections for trans-Atlantic data transfers, the group called on the US and European Commission (EC) to revise and clarify several points…


20 April 2016 — A sparser week of developments this time around compared to recent times. However, still a range of news of note to IEEE from across the breadth of the ICT world.

In Europe, the news of note this week centred on the roll out of the European Unions plans to bridge the blocs national initiatives to digitize industry and encourage investment, in a bid to encourage European manufacturers to remain at the technological forefront. The European Commission, the blocs executive arm, said this week that it would set up a new governance framework that would hold regular meetings between national governments and industry to coordinate the EUs 30 national and regional digitization initiatives, which include Germanys Industry 4.0 and the Netherlands Smart Industry. The EU also pledged to boost both private and public investment in the area via strategic partnerships…


13 April 2016 — Another busy week of developments from across the ICT world, with issues of interest to IEEE cropping up in various forms. These are explored in further detail below.

In Europe, the news of interest included the story that a panel of EU privacy watchdogs has demanded changes to a pact meant to govern cross-Atlantic data transfers. The Article 29 Data Protection Working Party have urged the US and European Commission to revise and clarify several points in the proposed Privacy Shield agreement in order to safeguard EU citizens' personal information. "We believe that we don't have enough security [or] guarantees in the status of the ombudsperson and in their effective powers to be sure that this is really an independent authority," said Isabelle Falque-Pierrotin, the chairwoman of the group. The group's recommendations are not binding on the EU or US, but should prove influential as the watchdogs can suspend data transfers they are concerned about…


30 March 2016 — A somewhat quiet week in the ICT world this time around with the Easter holidays slowing down the pace of developments a little. However, there were still multiple news stories and announcements of note for IEEE which emerged, as explored below.

In Europe, cyber-security stole the headlines this week with the news that the EU cybersecurity agency ENISA has won support from MEPs in a drawn-out battle with the Greek government over its costly division between two offices in Athens and Crete. The European Union Agency for Network and Information Security (ENISA) has been pushing to close its headquarters in Heraklion, Cretes largest city, and move all of the agency’s staff into its Athens office.

ENISA also featured in the news this week for speaking out against creating backdoors for law enforcement agencies to access encrypted communication. Summarising their position, ENISA director Udo Helmbrecht argued that technology companies should not be forced to create security loopholes for authorities…


23 March 2016 — This week witnessed developments a plenty from across the breadth of the ICT world. Similar to the week previous, cyber-security has continued to feature highly on the news agenda, however coverage has also spanned other areas of interest as explored further below.

Europe this week welcomed the arrival of U.S. delegates sent to drum up support for the recently agreed EU U.S. data transfer pact. The Privacy Shield pact will underpin $260 billion dollars of transatlantic trade in digital services by giving companies such as Alphabet's Google, Intel and Apple Inc. an easy way to move users' data from Europe to the United States.

Linked to this, EU member states are preparing for a meeting scheduled for the 7th of April which will focus on a review of the details of the aforementioned Privacy Shield. This will be the first time EU member national officials will meet to assess the new agreement. While they can make changes, their approval of the deal is needed for it to go into effect…


16 March 2016 — This week saw further developments of interest from across the ICT world. Of particular note being the overwhelming focus on cyber-security related issues, a continuing theme as organisations and nation states increasingly seek to enhance their resilience against the ever burgeoning range of cyber threats they now face.

In Europe this week, news of note included the announcement that the Privacy Shield data transfer agreement with the US could go into effect this June, as revealed by the EUs Digital Commissioner Günther Oettinger. At the end of February the European Commission published several letters from US officials, including Secretary of State John Kerry, who promised to step up their response to EU citizens privacy complaints as part of the new deal. A committee made up of officials from member states is still negotiating over the details in closed-door meetings. The agreement will be finalised once the committee gives its stamp of approval, although details can still be changed until then…


9 March 2016 — A busy week this time around with developments of interest featuring in the monitor from across the breadth of the ICT world.

In Europe, the recently agreed Privacy Shield arrangement, the intended successor to the recently invalidated Safe Harbor agreement, between the EU and the US came under significant fire from the digital rights group the Electronic Frontier Forum (EFF). In a blog post published by the EFF, the organisation asserted that the new Privacy Shield agreement contains a patchwork of concessions that continue to leave the door open for the digital surveillance of hundreds of millions of Europeans by U.S. government agencies. It's unclear what, if anything, the new Privacy Shield is supposed to be shielding people from except perhaps shielding U.S. companies from the inevitable consequences of their country's mass surveillance program, the post concluded. This is an issue that continues to gather attention due to the contentious nature of the agreement reached, and will no doubt receive considerable coverage in the coming weeks and months…


24 February 2016 — A relatively quiet week in the world of ICT this time around, with the monitor reflecting this.

However, there were certain stories of note which may prove to be of interest for IEEE both now and moving forward. In Europe, Internet governance and net neutrality received some coverage in the form of developments relating to the next generation mobile broadband network. It was reported that in the coming months, it is anticipated that the European Commission, tech firms, and various industries will demonstrate European progress on developing 5G. A Commission official revealed that the intention is to come up with fresh ideas by July, in order to showcase the first results by 2018. Linking this to issues of governance, key objectives of the 5G public private partnership (PPP), launched last year, are outlined in a Commission white paper on 5G: empowering vertical industries, that will be unveiled during the Mobile World Congress in Barcelona on 22-25 February.

Net neutrality implications are also tied to the development of this mobile broadband network, with Vodafone CEO Vittorio Colao having issued a stark warning this week that 5G services will be a disappointment in Europe unless standards meet local needs and without uniform telecom regulations from one country to the next. Evidently this will be an issue to monitor moving forwards…


17 February 2016 — Developments in the ICT world this week continued to be predominantly focused on issues pertaining to cyber-security and cyber-privacy. This was perhaps to be expected following the recent announcement of the US Governments annual budget which included provision for a Cybersecurity National Action Plan (CNAP).

Amongst the news related to this, other stories of prominence did however emerge. In Europe for example, there was considerable scrutiny applied to the recently negotiated Privacy Shield, a data sharing agreement between the US and the EU which is set to be finalised by the end of month, according to an EU commissioner. It has been reported that following the draft agreement being reached, the European Commission is now facing challenges on the arrangement: with the Parliament legal service and MEPs arguing the so-called Umbrella Agreement doesnt comply with EU law. MEPs in the Civil Liberties, Justice and Home Affairs (LIBE) Committee also criticised the agreement.

On this note, an EU privacy watchdog declared this week that the data protection framework agreed should not apply when sensitive information is to be transferred to the US in bulk. With this proving an issue of considerable contention, it is clear that further coverage will emerge in the weeks to come…


10 February 2016 — >A relatively subdued week this time around, with the US Government’s annual budget announcement including within it a Cybersecurity National Action Plan (CNAP). The plan has been devised in an effort to fortify America's digital defenses and protect Americans, government agencies and companies against the growing number of cyberattacks aimed at everything from national defense and health care to personal consumer data.

However, news from elsewhere did filter through, albeit in the shadow of these developments. In Europe, much of the coverage and discussion was focused on the recently agreed upon EU-US data privacy shield, agreed upon last week to replace the old Safe Harbour agreement regarding transatlantic data flows. Of note was the revelation from data protection watchdogs around the EU that companies will be permitted to continue transferring personal data to the US under alternative legal means – at least for the time being whilst the EU certifies the finer details of the newly agreed upon ‘privacy shield’ framework. “Until we have analysed the content of the arrangement and the possible consequences on the other transfer tools we will allow data controllers to use the BCRs [binding corporate rules] and standard contractual clauses,” said Isabelle Falque-Pierrotin, president of the Article 29 Working Party, which represents the powerful privacy authorities from EU member states…


3 February 2016 — Rather predictably, issues pertaining to Safe Harbour and the negotiations between the EU and the USA over a key data transfer pact dominated the headlines this week. 

In the midst of the deadline for an agreement being missed, all other Global ICT developments were somewhat overshadowed. Data protection authorities had given the European Commission until the end of January to fix a new arrangement to replace the Safe Harbour deal knocked down in October 2015 by the European Court of Justice (ECJ), however with complications arising an agreement remained elusive earlier this week. Emphasising this, Justice Commissioner Vera Jourova declared during a meeting of the European Parliament's Civil Liberties, Justice and Home Affairs (LIBE) Committee earlier this week that there was a need for an “arrangement that is fundamentally different from the old Safe Harbour,”…


27 January 2016 — This week witnessed developments of interest from around the Globe in the domain of ICT.

In Europe, it was announced that businesses operating in multiple EU countries may be forced to comply with each of the different national data protection laws that apply in the countries in which they operate. The new guidance, issued by the Article 29 Working Party (a committee made of up representatives from the 28 national data protection authorities within the EU) could have potentially dramatic impacts for companies across the continent as clarification is sought on how organisations that have more than one establishment in the EU best move forwards in line with the varying data protection regulatory regimes in place.

From a cyber-security perspective, issues pertaining to Ukraine continued to dominate the headlines this week. Following a new wave of cyber-attacks reported to have hit power companies in the country, it was announced that Ukraine will establish a cyber-police unit as part of reforms underway in the nation’s law enforcement system. It has been reported that the newly established agency will focus on the fight against cyber-crime in Ukraine as well as protecting the country's state IT security interests…


21 January 2016 — This week saw developments continue a pace in the ICT world, with multiple stories of interest emerging from across the Globe.

In Europe, news of note included the announcement that EU regulators are due to meet next month on the Safe Harbour replacement, with data protection bodies scheduled to come together on the 2nd of February to discuss solutions for filling the current ‘data-transfer void’. Also on the topic of internet governance, this week witnessed the European Parliament passing a resolution urging the European Union body to immediately table the 16 Digital Single Market initiatives announced by the European Commission last May (2015). The Parliament has called for a more open approach to providing digital goods and services, and has requested for the EU to be more proactive in seizing on the opportunities around big data, cloud, the internet of things and 3D printing.

In net neutrality developments, the Council of Europe stated that Internet Service Providers (ISPs) ought to check with regulators before using tools to control internet traffic. The recommendation was made by the Committee of Ministers at the Council of Europe in new net neutrality guidelines that it has published and is aimed at ensuring the privacy rights of internet users are respected…


14 January 2016 — With 2016 now up and running, developments in the industry continued at a pace this week.

In Europe, the telecoms market was in focus, with two Committees at the European Parliament calling for the market to be regulated by a single authority moving forwards. The Committee on Industry, Research and Energy and Committee on the Internal Market and Consumer Protection made the recommendation in a motion tabled for a new European Parliament resolution on the subject of the EU's work towards a digital single market.

Once again this week, cyber-security issues took centre stage alongside cyber privacy updates. From a cyber-security perspective, the news of note was the announcement that EU ministers have called this week for greater intelligence sharing in order to prevent extremist groups slipping across borders in order to carry out attacks. Ministers urged for concrete commitments to be established at talks on Monday, with the Belgian Foreign Minister Didier Reynders admitting much more must be done on the issue. "Intelligence services must get used to not only collecting information, but to sharing it," he told reporters on the sidelines of the talks, which were attended by more than 50 countries…


7 January 2016 — This week’s update sees a relatively subdued start to 2016, with industry slowly emerging into the new year.

In Europe, developments were predominantly focused on the issue of cyber-security, with a range of stories featuring from across the continent. Of prominence was the announcement from the Netherlands that the Dutch Government will not follow the trend of weakening encryption for security purposes, and instead endorse the “importance of strong encryption for internet security to support the protection of privacy for citizens, companies, the government and the entire Dutch economy,”. With China and the US also considering the balance of introducing similar legislation such as seen recently through the Draft Investigatory powers Bill in the UK, 2016 will present an interesting space to watch for developments regarding encryption.

In a privacy context, he independent European data protection supervisor (EDPS) announced this week it is due to set up an external ethics advisory group to address concerns over surveillance technologies. The move was announced by EDPS head Giovanni Buttarelli. Significantly, he called for enclusive Europe-wide and global co-operation on the issue and recommended a review and bolstering of existing European Union (EU) standards for the protection of human rights…