IS3C: Consumer protection and its role in a more secure and safer Internet. – Pre 09 2024

From EuroDIG Wiki
Jump to navigation Jump to search

by Dynamic Coalition IS3C

17 June 2024 | 13:15 - 14:15 EEST | WS room 2
Consolidated programme 2024

Proposal: #19 (see list of proposals)

Session teaser

IGF Dynamic Coalition Internet Standards, Security and Safety (IS3C) brings together key stakeholders from the technical community, civil society, government policymakers, regulators, and corporate and individual adopters, with the shared goal of making online activity and interaction more secure and safer by achieving more widespread and rapid deployment of existing, security-related Internet standards and ICT best practices.

In 2024 IS3C introduces a new angle to its goal to make the Internet more secure and safer: consumer protection. In this workshop the topic is discussed from several angles based on this question: What are the potential roles of consumer organisations and regulators vis-à-vis ICTs developed and manufactured secure by design?

IS3C has published reports based on it research into IoT security by design, Education and skills and Procurement and supply chain management. In these reports IS3C has shown that large organisations insufficiently use their economic power to ensure that the ICTs they procure are secure by design. Also, that there is a considerable skills gap between the demands of the ICT and cybersecurity industry and the offer of tertiary educational curricula. Internet standards seldom play have the important role they deserve here.

Session description

Always use your own words to describe your session. If you decide to quote the words of an external source, give them the due respect and acknowledgement by specifying the source.

Internet and ICT security in general quite often focuses on vigilance and mitigation. Consumers have to be alert for phishing and other attacks, while there's not much they can do to prevent these messages from reaching them.

The question 'why did you click on that phishing link?', is asked far more often than 'why did you, bank X, not deploy DNSSEC'? or 'why did an email with a spoofed bank address reach my inbox, ISP X'? or 'why is spoofing even possible'? These are just a few questions that consumers, big and small, could ask to retailers, suppliers, service providers, etc., but seldom do.

Internet standards, i.e. the software that allows us all to connect, work, rest and play on the Internet, were developed over 30 years ago. Without security in mind, as at that time there was no real need for it. In 2024 we have to marvel at the success, robustness, and scalability of these standards. However, there is a dark side to this success. When the Internet opened up from a nearly closed system to the Web as we know it today, it came with threats, vulnerabilities, loss and harm.

The technical community recognized these threats and their responsibility. It created a new generation of standards and best practices. Some are around for over over 20 years. So, we have to ask ourselves the question, why is the deployment of these new generation or additions to the existing standards so extremely slow? It leaves all users open to attacks. This is what IS3C strives for, closing these unnecessary attack vectors through the wide-spread deployment of security-related Internet standards and ICT best practices. Before you think, this is a technical topic, consider the following, as it is not.

Most consumers use the Internet daily. Often without even realising it. So, what is the potential role of consumers, consumer protection organisations and regulators in achieving a more wide-spread deployment of the new generation Internet standards? Can consumer advocacy organisations inform their members and the public in general in different ways? What could be positive effects of testing devices and services? What is the role of regulators and from what perspective, technical?, privacy?, consumer protection? What can the consumer do?

In this workshop all these angles will be discussed with experts and the audience. At the end of the session together ideally we can formulate concrete ideas for next steps.


In this session the moderator will lead an open discussion with the participants and the room around the theme consumer protection. How can consumers become more aware of and protected from ICT vulnerabilities, so they can make better informed choices on the devices, applications and services they buy or subscribe to?

Further reading

Links to relevant websites, declarations, books, documents. Please note we cannot offer web space, so only links to external resources are possible. Example for an external link: Main page of EuroDIG

All reports and tools of IS3C can be found on our website:


Key participants:

Please provide name and institution for all people you list here.

Example for a list:

  • Wout de Natris, Coordinator IS3C