17 February 2016
Developments in the ICT world this week continued to be predominantly focused on issues pertaining to cyber-security and cyber-privacy. This was perhaps to be expected following the recent announcement of the US Governments annual budget which included provision for a Cybersecurity National Action Plan (CNAP).
Amongst the news related to this, other stories of prominence did however emerge. In Europe for example, there was considerable scrutiny applied to the recently negotiated Privacy Shield, a data sharing agreement between the US and the EU which is set to be finalised by the end of month, according to an EU commissioner. It has been reported that following the draft agreement being reached, the European Commission is now facing challenges on the arrangement: with the Parliament legal service and MEPs arguing the so-called Umbrella Agreement doesnt comply with EU law. MEPs in the Civil Liberties, Justice and Home Affairs (LIBE) Committee also criticised the agreement.
On this note, an EU privacy watchdog declared this week that the data protection framework agreed should not apply when sensitive information is to be transferred to the US in bulk. With this proving an issue of considerable contention, it is clear that further coverage will emerge in the weeks to come.
From a cyber-security perspective, it was announced this week that the right to be forgotten will be extended to all Google domains in the EU. Until now, search results removed under the ruling were only omitted from European versions of Google like google.co.uk. In September 2015, the French data protection authority threatened Google with a fine if it did not remove the search results data from all worldwide sites, including non-European search sites like Google.com. The tech giant has now let up while fending off claims that it doesn't respect Europe's tough privacy rules.
In the US, it was revealed this week that a fight over privacy at the Federal Communications Commission (FCC) is starting to heat up again following last years net neutrality rules. The FCC is expected to craft regulations in the coming months on how broadband providers handle sensitive customer data and advocates on both sides of the issue are gearing up to make their case.
As mentioned earlier, much of the coverage from the US this week focused on the announcement of President Obamas Cybersecurity National Action Plan (CNAP). Despite the budget proposals put forwards including a provision of $19 billion for cyber-security measures, certain critics have suggested this amount is still not proportionate to the threat faced by the US. Although the US cyber security budget allocation for 2017 represents a 35% increase on the previous budget, it is still a small fraction of the overall US defence budget. Critics have argued that the federal government spends about $700bn on defence, intelligence and homeland security, so the spending on cyber security represents only 2.7% of the total defence budget, up from 2% previously, and therefore isnt a substantial enough spending commitment.
In cyber-privacy related updates, The Department of Homeland Security (DHS) this week released interim guidelines for how the government will protect and share data gathered under a new major cybersecurity law. This represents the first of several planned steps being taken with the aim of assuaging fears that the Cybersecurity Act of 2015 which encourages companies to share hacking threat information with the government will simply shuttle more personal data on Americans to intelligence agencies.
In Asia, internet governance issues received some attention, with the announcement this week that the Chinese State is seeking to further tighten its control over content published online by foreign companies and their joint ventures in mainland China under a new regulation that will take effect next month. The Regulation for the Management of Online Publishing Services, is expected to introduce more stringent rules on online publication of original or adapted creative works, such as games, animation, comics, audio recordings and video.
Furthermore, it was reported that months after the Indian government endorsed the multistakeholder model of internet governance at the 53rd meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) the Indian position is being carefully examined internally. A potential re-alignment may culminate in a landmark cyber deal this year between India and Russia, which if signed, would be a marked change of approach not just in this space but for Indian foreign policy as a whole.
Regarding net neutrality, a topic which has been at the top of the agenda in the Indian ICT world in recent weeks, the TRAI Chairman RS Sharma announced this week that although the regulation of one part of net neutrality tariff has now been dealt with, the other part of either throttling or speeding up certain websites still needs to be tackled. He stated, our regulation is very clear. Anything on the internet cannot have discriminatory pricing. Integration between content and access provider is not allowed. We are against any integration between the two.
In addition to these developments, Pan-Asian cyber-security issues also drew some attention, as a report published this week by Recorded Future noted a strong correlation regarding diplomatic flare ups and cyber-attacks between India and Pakistan. In particular, the report notes, The continuing rivalry between India and Pakistan has spilled over into cyber-space, very visibly with hacktivism.
Finally, news from elsewhere in the ICT world included the announcement that the Director-General of the Swedish Post and Telecom Authority, Göran Marby, has been named the next President and Chief Executive Officer of the Internet Corporation for Assigned Names and Numbers (ICANN). Marby, a Swedish citizen, currently living in Stockholm will be relocating to Los Angeles for the role, the location of one of ICANN's three global hubs. He will succeed current President and CEO Fadi Chehadé whose term finishes on 15 March, and will join ICANN in May.