IEEE Global Internet Policy Monitor

10 February 2016 — >A relatively subdued week this time around, with the US Government’s annual budget announcement including within it a Cybersecurity National Action Plan (CNAP). The plan has been devised in an effort to fortify America's digital defenses and protect Americans, government agencies and companies against the growing number of cyberattacks aimed at everything from national defense and health care to personal consumer data.

However, news from elsewhere did filter through, albeit in the shadow of these developments. In Europe, much of the coverage and discussion was focused on the recently agreed upon EU-US data privacy shield, agreed upon last week to replace the old Safe Harbour agreement regarding transatlantic data flows. Of note was the revelation from data protection watchdogs around the EU that companies will be permitted to continue transferring personal data to the US under alternative legal means – at least for the time being whilst the EU certifies the finer details of the newly agreed upon ‘privacy shield’ framework. “Until we have analysed the content of the arrangement and the possible consequences on the other transfer tools we will allow data controllers to use the BCRs [binding corporate rules] and standard contractual clauses,” said Isabelle Falque-Pierrotin, president of the Article 29 Working Party, which represents the powerful privacy authorities from EU member states…


3 February 2016 — Rather predictably, issues pertaining to Safe Harbour and the negotiations between the EU and the USA over a key data transfer pact dominated the headlines this week. 

In the midst of the deadline for an agreement being missed, all other Global ICT developments were somewhat overshadowed. Data protection authorities had given the European Commission until the end of January to fix a new arrangement to replace the Safe Harbour deal knocked down in October 2015 by the European Court of Justice (ECJ), however with complications arising an agreement remained elusive earlier this week. Emphasising this, Justice Commissioner Vera Jourova declared during a meeting of the European Parliament's Civil Liberties, Justice and Home Affairs (LIBE) Committee earlier this week that there was a need for an “arrangement that is fundamentally different from the old Safe Harbour,”…


27 January 2016 — This week witnessed developments of interest from around the Globe in the domain of ICT.

In Europe, it was announced that businesses operating in multiple EU countries may be forced to comply with each of the different national data protection laws that apply in the countries in which they operate. The new guidance, issued by the Article 29 Working Party (a committee made of up representatives from the 28 national data protection authorities within the EU) could have potentially dramatic impacts for companies across the continent as clarification is sought on how organisations that have more than one establishment in the EU best move forwards in line with the varying data protection regulatory regimes in place.

From a cyber-security perspective, issues pertaining to Ukraine continued to dominate the headlines this week. Following a new wave of cyber-attacks reported to have hit power companies in the country, it was announced that Ukraine will establish a cyber-police unit as part of reforms underway in the nation’s law enforcement system. It has been reported that the newly established agency will focus on the fight against cyber-crime in Ukraine as well as protecting the country's state IT security interests…


21 January 2016 — This week saw developments continue a pace in the ICT world, with multiple stories of interest emerging from across the Globe.

In Europe, news of note included the announcement that EU regulators are due to meet next month on the Safe Harbour replacement, with data protection bodies scheduled to come together on the 2nd of February to discuss solutions for filling the current ‘data-transfer void’. Also on the topic of internet governance, this week witnessed the European Parliament passing a resolution urging the European Union body to immediately table the 16 Digital Single Market initiatives announced by the European Commission last May (2015). The Parliament has called for a more open approach to providing digital goods and services, and has requested for the EU to be more proactive in seizing on the opportunities around big data, cloud, the internet of things and 3D printing.

In net neutrality developments, the Council of Europe stated that Internet Service Providers (ISPs) ought to check with regulators before using tools to control internet traffic. The recommendation was made by the Committee of Ministers at the Council of Europe in new net neutrality guidelines that it has published and is aimed at ensuring the privacy rights of internet users are respected…


14 January 2016 — With 2016 now up and running, developments in the industry continued at a pace this week.

In Europe, the telecoms market was in focus, with two Committees at the European Parliament calling for the market to be regulated by a single authority moving forwards. The Committee on Industry, Research and Energy and Committee on the Internal Market and Consumer Protection made the recommendation in a motion tabled for a new European Parliament resolution on the subject of the EU's work towards a digital single market.

Once again this week, cyber-security issues took centre stage alongside cyber privacy updates. From a cyber-security perspective, the news of note was the announcement that EU ministers have called this week for greater intelligence sharing in order to prevent extremist groups slipping across borders in order to carry out attacks. Ministers urged for concrete commitments to be established at talks on Monday, with the Belgian Foreign Minister Didier Reynders admitting much more must be done on the issue. "Intelligence services must get used to not only collecting information, but to sharing it," he told reporters on the sidelines of the talks, which were attended by more than 50 countries…


7 January 2016 — This week’s update sees a relatively subdued start to 2016, with industry slowly emerging into the new year.

In Europe, developments were predominantly focused on the issue of cyber-security, with a range of stories featuring from across the continent. Of prominence was the announcement from the Netherlands that the Dutch Government will not follow the trend of weakening encryption for security purposes, and instead endorse the “importance of strong encryption for internet security to support the protection of privacy for citizens, companies, the government and the entire Dutch economy,”. With China and the US also considering the balance of introducing similar legislation such as seen recently through the Draft Investigatory powers Bill in the UK, 2016 will present an interesting space to watch for developments regarding encryption.

In a privacy context, he independent European data protection supervisor (EDPS) announced this week it is due to set up an external ethics advisory group to address concerns over surveillance technologies. The move was announced by EDPS head Giovanni Buttarelli. Significantly, he called for enclusive Europe-wide and global co-operation on the issue and recommended a review and bolstering of existing European Union (EU) standards for the protection of human rights…


23 December 2015 — The report this week focuses on looking at the opportunities and challenges that 2016 may present in the ICT sector.

In Europe, it was reported this week that Russia faces a considerable issue with it’s cyber-security environment, with businesses in the country forecast to lose almost US$ 1 bn (70 billion rubles £662 million) from cyber-attacks this year and this figure is expected to continue to grow in the near future.

In other news, technology giant Apple has called upon the UK government to rethink the draft Investigatory Powers Bill. The company has submitted an eight-page-long document outlining it’s opposition to the draft bill as it is currently composed. In its current form, the Bill, if passed, would make it obligatory for ISPs to keep users’ browsing history for a year, as well as give the police backdoors to any of their services…


10 December 2015 — In Europe this week, internet governance featured prominently with the European Commissions announcement of a new proposal for the European copyright framework. Specifically, the new framework is geared towards enabling residents of the EU to access legal digital content whilst traveling outside the country they live in.

Also of significance on a Pan-European level this week, EU lawmakers and member states struck a deal on the bloc's first broad cyber-security law to affect multiple industry sectors. The provisionally agreed legislation will dictate that companies operating in multiple key sectors will have to ensure that the digital infrastructure that they use is sufficiently secure to withstand online attacks. Similarly, major digital marketplaces, search engines, and cloud services will be required to ensure that their infrastructure is robust, and to report major breaches if/when they occur. Under the framework smaller digital companies are due to be exempt from these requirements…


3 December 2015 — This week global coverage of the IT sector broadened away from a previously heavy focus on cyber-security, which had been dominating headlines in recent weeks following the events in Europe.

From a European perspective, Internet Governance featured heavily with The European Commission announcing it will be considering a comprehensive plan to support the ‘Internet of Things’ by mid-2016.

Also on a Pan-European level, it has been announced that Europe's police agency, Europol, is getting new powers to combat terrorism, cyber-crime and other cross-border threats following the Paris attacks in November…


26 November 2015 — This week cyber security issues continued to pervade the majority of European news coverage following the recent events in Paris and more lately, Brussels.

Following the attacks in Paris, France is extending the state of emergency in place to three months, enabling new legislation granting the Government the powers to carry out searches of any seized devices and block websites of choice.

Elsewhere in Europe, the UK Government has committed an extra £1.9 billion to be spent on cyber-security by 2020, and Belgium has joined the NATO Cooperative Cyber Defence Centre of Excellence.…