18 May 2016

The following is summary of the most recent IEEE Global Internet Governance Monitor report. To access the full reports containing additional details and other news items, please join the Internet Technology Policy Community on IEEE Collabratec.

A somewhat quiet week in the ICT world this time around, however, there were still a range of points of interest for IEEE which are explored further below and throughout the monitor.

In Europe, cyber-security was the predominant focus this week, of particular note was the announcement that new measures designed to ensure critical IT systems in central sectors of the economy like banking, energy, health and transport are secure are set to be written into EU law. The Council of Ministers announced that the proposed Network and Information Security (NIS) Directive has won formal approval from the national governments that make up the EU. It said the Directive is likely to come into force in August once the European Parliament has voted to endorse the text.

Also of interest was the news that amidst growing cyber-threats faced by the Russian banking system, the country’s Central Bank has announced plans to design new requirements and standards, which should strengthen the level of its cyber-security. The plans were confirmed this week by Artem Sychev, deputy head of the department of S ecurity and Information Protection of the Central Bank.

On the topic of cyber-privacy it was recommended this week by an advisor to the Court of Justice of the EU (CJEU) that website operators should treat IP addresses as personal data if internet service providers (ISPs) hold other information that can be matched with IP address data to reveal the identity of internet users. The CJEU has been asked by a court in Germany to help resolve a dispute over whether IP addresses constitute personal data for the purposes of the EU's Data Protection Directive.

The issues surrounding the recently agreed Privacy Shield arrangement between the EU and the US have also continued to receive coverage, with potential shifts in the US regulatory framework throwing yet more scrutiny on the process. This will be an issue of note for the foreseeable future and one that will require continued monitoring.

In the US, cyber-security and cyber-privacy issues dominated the headlines. From a cyber-security perspective, the US Defense Secretary Ashton Carter this week revealed that cyber-attack techniques currently being employed by the US led coalition against the Islamic State were techniques which could also be used by other countries. Speaking in California, Carter told reporters that the U.S.-led coalition used electronic techniques to disrupt and degrade the jihadist force's ability to organize and said an unspecified number of other countries could do the same in other conflicts.

Also of interest on the topic of cyber-security, it was reported this week that on Wednesday a group of senior U.S. and China cyber officials held their first meeting since the two countries struck an anti-hacking agreement in September 2015 to try to ease years of acrimony over the issue. The so-called Senior Experts Group on International Norms and Related Issues is expected to gather twice a year, the U.S. State Department said in a statement announcing the meeting.

As previously referenced, cyber-privacy was also competing for top place on the US ICT agenda this week. James Comey, Director at the Federal Bureau of Investigation (FBI) reiterated this week to reporters that he believes encryption continues to hamper the ability of law enforcement agencies to investigate criminals. He went on to predict more legal action in the future as opposing forces seek to resolve the ongoing debate over tech companies' obligation to comply with government requests to unlock iPhones and other products.

Continuing on this theme, the National Telecommunications and Information Administration, an agency run within the U.S. Department of Commerce, released data this week which detailed the distrust Americans have for their privacy online. In a blog post, the agency said that 19 percent of internet-using households reported that they had been affected by a data breach, identify theft, or similar malicious activity between July 2014 and July 2015.

In Asia, internet governance issues came to the fore this week. In India, it was reported that the Department of Electronics and Information Technology is bringing together industry and academia in a first move of its kind to ensure India has a greater say in setting standards on the internet by engaging with ICANN. The department planned daylong consultations with the IT services industry, ecommerce players, internet service providers and academia including IITs, with the aim of filling an important gap in the ongoing debate on internet governance namely the lack of active participation from the private sector.

Also of interest, the US this week issued warning regarding the potential fragmentation of the internet in light of Chinas plans to require compulsory registration of Internet domain names in China through government-licensed providers. The regulations for the administration of Internet domain names would also forbid the registration of websites containing any one of nine categories of broadly and vaguely defined prohibited content, and create a blacklist of forbidden characters in the registration of domain names, adding an extra layer of control to Chinas Great Firewall, two top U.S. officials in charge of Internet policy and administration, wrote in a statement Monday.

On a net neutrality theme, TRAI were back in the fray as the Indian Telecoms Regulatory Body announced it will start pre-consultation on net neutrality within two to three days. TRAI has already resolved the differential tariff issue, which is a major part of net neutrality, though not without controversy it must be said.

The ongoing cyber-conflict between North and South Korea continued to rumble on this week, with South Korea blaming their neighbor state to the North of a cyber-attack on a navy defense contractor. The contractor, Hanjin Heavy Industries, produces Seoul's naval vessels and amphibious assault vehicles.

From the remainder of the ICT world the news wasn’t overly forthcoming this week, however, two stories of interest; the announcement from the global financial network SWIFT that international banks face a threat from a new wave of malicious malware software and Facebooks announcement that it will be conducting a full investigation into allegations of political bias. The company has recently come under fire after an unnamed former Facebook employee told technology news website Gizmodo that workers often omitted conservative political stories from the company's "trending" list of topics that it says spiked in popularity.

Of note emanating from global institutions this week, news that ICANN has announced its senior leader transitions, with the organisations Chief Contract Compliance Officer, Allen R. Grogan, and Nora Abusitta, Senior Vice President of Development and Public Responsibility Programs (DPRD), having notified the body of their intent to leave ICANN later this year.