Talk:Should public policy priorities and requirements be included when designing Internet standards? – WS 05 2020
As a suggestion to progress. On the IGF pages the report of the pilot project on deploying internet standards has been published recently. A few of the recommendations can perhaps be discussed in this workshop. One could be e.g. on how internet governance bodies can contribute to bring stakeholders together and work in accordance towards deployment of internet standards that would make the internet and all its users more secure immediately.
The report is the outcome of an internationally distributed survey, break-out sessions during the workshop at the Berlin 2019 IGF, extensive interviews and desk research.
These are the recommendations:
1. ‘Create a business case for the deployment of internet standards’. 2. ‘To deploy internet standards successfully they need to be incorporated by reference into law or legally binding regulations, including a designated regulator.’ 3. ‘To deploy internet standards successfully requires building security by design / default into products and services’. 4. ‘All stakeholders should collaborate on coherent strategies for multilingual awareness raising on internet standards and their effect on internet security’. 5. ‘Internet standards and architecture must become part of education curricula.’ 6. ‘Standardisation processes are advised to include a consultation phase with government and industry policy makers, and civil society experts.’
- 5 has been suggested into workshop 10 at EuroDIG on education.
Should you be interested, the report can be found here:
Looking forward to your thoughts and how to proceed,
Wout de Natris
Zoom Chat
regarding the session WS 5: Should public policy priorities and requirements be included when designing Internet standards?, EuroDIG, Day 1 / 11 June 2020, 14:30 - 16:00 CEST
From Michael Oghia to Everyone: 01:41 PM
A good line up no doubt, though disappointing to see no women on the panel :(
From Vittorio Bertola to Everyone: 01:41 PM
We are sorry about that. We have invited several women but none was available.
From Michael Oghia to Everyone: 01:42 PM
I understand!
From Andrew Campling to Everyone: 01:45 PM
As Vittorio said, we tried hard to have some female participants in the panel but none that we approached agreed. Hopefully contributors to the discussion we're about to have will make up for this.... And of course our three key participants are all extremely well qualified for this topic!
From Remote moderator: Auke Pals to Everyone: 01:46 PM
As European Dialogue on Internet Governance (EuroDIG) everyone is invited both on panel and as participant. Since EuroDIG is online we encourage participants to raise there hand or use the zoom chat for questions, remarks or any additional information. Please use in the chat "Q: <question>"
From Michael Oghia to Everyone: 01:48 PM
I definitely understand the struggle Andrew, and have no doubts that you all tried!
From Patrick Tarpey to Everyone: 01:49 PM
Q: We heard
From speakers earlier today on the subject of development of encrypted DNS and its impact content filtering and court ordered blocking. What steps can civil society and interested groups take to participate more fully in Internet Engineering Task Force & W3C standards processes?
From Carsten Schiefner to Everyone: 01:49 PM
Q: (@Jörn) Why would gov's *need* to respect I'net Standards more? As they are the gov's they set Standards themselves! Or do they?
From Olaf Kolkman to Everyone: 01:50 PM
I am Olaf Kolkman - I have long experience in IETF standardisation (alumni leadership) and would be happy to ask specific questions.
(I cannot talk for, but about the IETF)
From Judith Hellerstein to Everyone: 01:50 PM
why not use the polling features in zoom instead of us having to go to another site
From Wolfgang to Everyone: 01:50 PM
I can not more than agree with Jörn. Bruce Schneier in an intere4sting article published by the World Economic Forum argued that the misunderstanding among law makers and code makers is a high isk for our futurel. "We must bridge the gap between technology and policymaking." see: https://www.weforum.org/agenda/2019/11/we-must-bridge-the-gap-between-technology-and-policy-our-future-depends-on-it/
From Carsten Schiefner to Everyone: 01:52 PM
@Wolfgang: true - but I got Jörn more in the sense that gov's have to sort of obey to "our" Standards.
that is, hmmm, difficuzlt, I guess.
From Michael Rotert to Everyone: 01:52 PM
Q: Governments are invited as everyone else to participate or not? Why do they not show up? In turn, they don’t invite stakeholders when they set their survaillance standards!
From Carsten Schiefner to Everyone: 01:52 PM
bringing gov's to the Show and getting them involved I highly agrree.,
From Wolfgang to Everyone: 01:53 PM
You can turn this Question also around: Should technical developments be taken into consideration by making public policies? The answer is YES
From Andrew Campling to Everyone: 01:53 PM
@Michael I think part of the problem is that not all of the standards bodies welcome participation
From multi-stakeholders
From Carsten Schiefner to Everyone: 01:54 PM
@Wolfgang: ha! this PoV I like. :-)
From Mark Carvell to Everyone: 01:54 PM
On cost barrier, attending the IETF for example is quite expensive, isn't it?
From Andrew Campling to Everyone: 01:54 PM
@Michael And some claim to explicitly ignore policy requirements and impacts
From Peter Koch to Everyone: 01:54 PM
Q: on the topic of DoH, since it has been mentioned, what exactly is the perceived miss w.r.t. public policy aspects when it comes to the technical standard the IETF produced?
From Michael Rotert to Everyone: 02:00 PM
As long as it is cheaper and easier to use ISPs to deal with technical regulation nothing will change!
From Patrick Tarpey to Everyone: 02:01 PM
Q: Is the IETF actually entering public policy via the STIR standard?
From avri doria to Everyone: 02:03 PM
q: which government's edicts should an international standards body be responsible to.
From Olaf Kolkman to Everyone: 02:05 PM
@Andrew.Campling - The issue you are bringing up is real. Some people are plain rude and overall the discourse is focused around technical merits. So the barrier is sometimes quite high. Leadership is aware and culture has been a discussion at recent plenary;’s
From Wout de Natris to Everyone: 02:06 PM
I would see it more as a dialogue where concerns or new topics can be shared between stakeholders that can or cannot be taken into account when continuing the work on standards. The work remains technical and consensus driven.
From Michael Rotert to Everyone: 02:07 PM
Q: Do we have a comment
From any government yet?
From Wout de Natris to Everyone: 02:08 PM
This is new for everyone and could simply be tested. Does it work to interact? What should be on the agenda? If it doesn't, try a different format.
From avri doria to Everyone: 02:09 PM
I think the view of the IETF is quite old. over the last decade it has gotten quite tame. I also worry when an organization that is open to anyone is considered closed because people have trouble acclimating to its rules and work patterns. at this point there are lot of processes used to try and welcome people into the IETF and which try to mentor those who want such mentoring.
From GONZALO - TELEFONICA to Everyone: 02:10 PM
Question: Going back to the inclusiveness of IETF, is there any data on participation at ITEF giving insight on who is most active, their filiation, etc. This could help to understand the current situation.
From Patrick Tarpey to Everyone: 02:11 PM
Q: Are standards bodies - at risk of capture by large tech firms as they have the deepest pockets and resources? The majority of RFCs are authored by large tech firms, so it suggests that individuals participating is small.
From Andrew Campling to Everyone: 02:12 PM
@Avri I think that the IETF is both open and opaque, with a culture that does not welcome non-technical inputs or considerations. My view is that Internet standards are far too important to leave to technologists, needs true multi-stakeholder input!
From Olaf Kolkman to Everyone: 02:13 PM
Gonzalo: this is a good starting point: https://www.arkko.com/tools/docstats.html
From Riccardo Nanni to Everyone: 02:13 PM
@Gonzalo there's this page on the IETF website: https://datatracker.ietf.org/stats/document/author/documents/ It's got interactive stats and is quite explanatory
From Chris Buckridge to Everyone: 02:14 PM
@Andrew without seeking to defend the IETF (or anyone else), my sense would be that policymaking communities (for want of a better word?) that do not tend towards being opaque and catering to “insiders” are the exception rather than the rule which is simply to say, finding a broadly applicable solution to that is important, but seems to be very difficult
From Andrea Beccalli to Everyone: 02:14 PM
Adeel no need to apologise, Just a student is perfectly fine!
From André Melancia to Everyone: 02:14 PM
Another example of technologies that require non-technical input: Ethics in AI. What is acceptable, what is not? Technical people never focus on these things.
From Andrew Campling to Everyone: 02:14 PM
@Chris That is a fair comment and of course needs to be fixed too, at least where multi-stakeholder input is needed.
From André Melancia to Everyone: 02:15 PM
@Adeel, we are all students :)
From Wolfgang to Everyone: 02:15 PM
@ Risk of Capture. There are more Chinese experts now in IETF meetings than in ICANN or IGF Meetings.
From Wout de Natris to Everyone: 02:15 PM
@Adeel, the Dutch government usually has consultation rounds for everybody concerned on laws. So has the EU.
From Carsten Schiefner to Everyone: 02:15 PM
@Chris that likely would be applicable to ripe Meetings too then. Do you think so?
From Robin Gelhard to Everyone: 02:15 PM
Interestingly, the European Commission is asking "How to mobilise sufficient internationally European industry and technical experts, to promote in an efficient and agile way its strategic interests, values and ethics in critical policy and technology areas such as beyond 5G, big data, AI, internet, cybersecurity, cloud or quantum technologies?"
From Tommy Jensen to Everyone: 02:15 PM
@andrew: I think inviting non-technical discussion into the IETF would greatly hinder standards development. Just like I must work offline within Microsoft to convey our non-technical customer requirements into technical arguments, governments ought to internally deliberate on what technical requirements they have and send technical representation to the IETF.
From Chris Buckridge to Everyone: 02:16 PM
i think the question of how open and inclusive RIPE discussions (not just meetings) are to newcomers has been under discussion for a few years now (see the RIPE Diversity Task Force), and the answers are far
From straightforward :) But I am heartened that there are efforts being made
From avri doria to Everyone: 02:16 PM
@Andrew: i know of quite a few policy advocates
From various TunisAgenda+ stakeholder groups who do attend Yes, they have to learn the technology they are talking about, but once they understand the tech, their views are quite well accepted into the mix. But yes, one does need to understand the tech to comment on it.
From Carsten Schiefner to Everyone: 02:17 PM
@Chris I do recognise all the efforts around it. I wonder though what RIPE would look like withoiut all this...
From André Melancia to Everyone: 02:17 PM
DoH / DoT are not consensual even in the technical community, and definitely a privacy (and etc.) concern for non-technical.
From Vittorio Bertola to Everyone: 02:17 PM
@Avri: the specific problem in this case was the IETF engineers also being very opinionated in policy terms and using the tech to push their policy views onto everyone else. But indeed it’s a specific case
From Andrew Campling to Everyone: 02:18 PM
@Tommy I agree that having them (ie multi-stakeholders) attend might be counter productive but do believe that they should be able to input their policy priorities and requirements that should / must be taken into account when designing new standards
From Olaf Kolkman to Everyone: 02:18 PM
@Patrick I used to direct NLnet Labs a small R&D lab and was active in the IETF, mainly DNS area. My experience is that as a small org you can make your way in the IETF, but it takes investment.
From Vittorio Bertola to Everyone: 02:18 PM
Perhaps what we need is policy-to-technical (and viceversa) translators
From Peter Koch to Everyone: 02:19 PM
@Vittorio: the IETF specification is pretty much application model neutral; in fact, the proponents wouldn’t even have needed an IETF sanctioned spec
From Robin Gelhard to Everyone: 02:19 PM
@Olaf, in addition the EU provides grants, https://www.standict.eu/ Supporting European Experts Presence in International Standardisation Activities in ICT
From Wolfgang to Everyone: 02:19 PM
1+ to Vittorio. The "(wo)man in the middle"
From Wout de Natris to Everyone: 02:19 PM
@Vittorio. That is one of the recommendations in the IGF report on internet standards deployment. See the wiki for the link.
From André Melancia to Everyone: 02:19 PM
@Fred The Internet was created by technical people. Non-technical only joined later and added much needed policies to be able to scale governance.
From GONZALO - TELEFONICA to Everyone: 02:20 PM
@Olaf Kolkman Thanks, indeed a good starting point
From avri doria to Everyone: 02:21 PM
@André i think there have been policy people there almost
From the start. most of them were also technically oriented.
From Olaf Kolkman to Everyone: 02:21 PM
@Fred: there is a nuance there… It is the deployment model of DoH that is the issue. One could argue that DoH has been designed for the Tussle.
(See Clark paper)
From Carsten Schiefner to Everyone: 02:21 PM
@Chris and i also wonder if all the Newcomer activities etc. are really imorving anything - as in: Lifting it to higher Level
From the normal. or are they "just" mitigating the worst effects of Insiders talking to Insiders and such? Which if unmitigated would ultimately lead to the dislegitimation of the respective assembly altogether.
From Patrick Tarpey to Everyone: 02:21 PM
I personally find the consensus humming at the IETF difficult to dealt with as I have tinnitus and hearing loss. When I first encountered the "hum" I thought my hearing had got worse. The RFC process in my view doesn't appear to accommodate "neuro diversity".
From Andrew Campling to Everyone: 02:22 PM
@Pat I hadn't thought of that, you make a good point regarding diversity
From Peter Koch to Everyone: 02:22 PM
@Fred: thanks for elaborating; however, this deserves a deeper look into the role of the standard (or the standard making body) vs the entities making deployment decision; also, “filtering” thru DNS is like driving a car on two wheels and than complaining to the car standardisation org if that’s getting harder
From Patrick Tarpey to Everyone: 02:22 PM
I found process of navigating RIPE RIR meetings far easier - and structured for new comers (many years ago now)..
From Olaf Kolkman to Everyone: 02:22 PM
(On humming: it doesn’t work in on-line meetings either, and it is not the final decision)
From Wolfgang to Everyone: 02:24 PM
Online Humming? Could we develop an app which would enable to find "rough consensus" in virtual meetings?
From Wolfgang to Everyone: 02:24 PM
Online Humming? Could we develop an app which would enable to find "rough consensus" in virtual meetings?
From Vittorio Bertola to Everyone: 02:24 PM
Some people at the IETF actually are working on that :)
From merike to Everyone: 02:24 PM
I’ve been participating in IETF since 1992 and can say that technical contributors that were helping set early government policy were involved and contributors. I can also state that the IETF has worked hard to welcome and mentor anyone new to the IETF and create documents to help understand the landscape.
From Chris Buckridge to Everyone: 02:24 PM
@Carsten I think you’re correct in identifying that most of the efforts to mitigate “insider-ism” have focused on the newcomers rather than the insiders themselves
From Remote moderator: Auke Pals to Everyone: 02:24 PM
As European Dialogue on Internet Governance (EuroDIG) everyone is invited both on panel and as participant. Since EuroDIG is online we encourage participants to raise there hand or use the zoom chat for questions, remarks or any additional information. Please use in the chat "Q: <question>"
From Mark Carvell to Everyone: 02:26 PM
Agreed with Fred on desirability of a bridge between the communities to underpin coherent interaction on standards development
From André Melancia to Everyone: 02:26 PM
Let me add to the confusion that it depends on the standards body... The level of participation by non-technical people, as well as being bigger or lesser policy oriented, depends on the standards body.
From Patrick Tarpey to Everyone: 02:26 PM
Relates to comment by Olaf earlier
From Olaf Kolkman to Everyone: 02:27 PM
I can take this
From Patrick Tarpey to Everyone: 02:27 PM
FCC requested the development
From Olaf Kolkman to Everyone: 02:27 PM
@Patrick - that was a response to a PubPol need
From Adeel Sadiq to Everyone: 02:27 PM
I think if you start considering public policy in Internet standards (and I totally agree that we should consider), it will take a lot of time and maybe money. In real world, time and money is always limited. To give you a hypothetical example (not a very good one), what if we keep on debating the public policy aspects of IPv6 and cannot make it a standard but we have already run out of IPv4 addresses and no new organisation can connect to the Internet anymore? Compromises have to be made.
From Olaf Kolkman to Everyone: 02:27 PM
The standard itself is then highly technical
From Vladimir Radunovic | DiploFoundation to Everyone: 02:28 PM
I would twist the question: how to avoid (limit) political manipulations of governments' involvement with standard settings? Govs are needed in the standards discussions; but on the other hand we have seen Snowden's reports about security agencies messing up (or trying to) with encryption standards, there are current political battles around 'new IP' in ITU, etc.
From Andrew Campling to Everyone: 02:30 PM
@Vladimir Having multiple governments involved may help with this, and of course true multi-stakeholder input goes beyond governments to include many other stkeholders
From André Melancia to Everyone: 02:30 PM
@Adeel: IPv6 has been around for 25years, although only stable in the last 10. The technical work is done (99%). Choosing to really deploy it is now on policy makers (politicians, managers, etc.).
From Robin Gelhard to Everyone: 02:31 PM
The political views are important, but keep in mind that also nation states aren't always on the same page :)
From Adeel Sadiq to Everyone: 02:31 PM
That's why I said hypothetical example and not a good one at that.
From Olaf Kolkman to Everyone: 02:33 PM
I have a question around the ‘tussle’
From Wout de Natris to Everyone: 02:34 PM
On the new question. This is not a yes or no question. It could depend. In my opinion stakeholders could "ask" for a standard. Then the answer is yes. On other topics they may not even be aware there is an issue, so the answer is no.
From Olaf Kolkman to Everyone: 02:37 PM
https://david.choffnes.com/classes/cs4700fa14/papers/tussle.pdf
From Mark Carvell to Everyone: 02:37 PM
That's a valid point by Vittorio about differing working methods: govt reps (I used to be one) have to consult their advisory groups and ministers on key positions to take at meetings.
From Vladimir Radunovic | DiploFoundation to Everyone: 02:37 PM
Another issue is if governments (beyond probably the P5 big ones) have awareness and capacities to participate in standard-setting fora - understanding why to participate, what it is about, and how to do so (understanding the professional culture such as rough consensus and humming, etc). Specific capacity building for govs to participate? Any good examples?
From avri doria to Everyone: 02:39 PM
for the tussle!
From Mark Carvell to Everyone: 02:41 PM
IETF used to offer govts a kind of briefing induction if I remember right.
From Wolfgang to Everyone: 02:41 PM
@ Vladimir: Capacity Building (for governments) is one of the five key issues in the OEWG. Yes, you have to train governments, in particular in developing countries to enable them to follow the debate and to understand what they decide. If governments acknowledge that they miss expertise but can get it via multistakeholder processes,, this is a good move into the right dicrection
From Carsten Schiefner to Everyone: 02:41 PM
good Points, merike - thanks!
From Wolfgang to Everyone: 02:42 PM
There is a Cybersecurity Summerschool for Diplomats in Tallin, established last year.
From Patrick Tarpey to Everyone: 02:43 PM
Very insightful discussion, thanks to the panel & hosts/moderators for stimulating and informative discussions.
From Vladimir Radunovic | DiploFoundation to Everyone: 02:43 PM
@Wolfgang True. I more thought of CB for participating in non-gov fora, and particularly the engineering fora - where professional culture is significantly different. This might be a good point to add to the OEWG discussions on CB: it shouldn't be only about 'what' (political and even technical issues) but also 'how' (to implement and collaborate with others in this direction)
From Carsten Schiefner to Everyone: 02:44 PM
@Vladimir: CB?
From Andrew Campling to Everyone: 02:44 PM
This discussion will lead very well into the plenary session on Digital Sovereignty later this afternoon
From Wolfgang to Everyone: 02:45 PM
@ Carsten: Capacity building
From Carsten Schiefner to Everyone: 02:45 PM
@Wolfgang: ! - thanks. :-)
From Andrew Campling to Everyone: 02:45 PM
NB The mentimeter question should say "... *before* their final release?" Apologies!
From avri doria to Everyone: 02:45 PM
BTW, with the IRTF, the IETF's research sister organization, we have several groups that do take a policy view to protocol considerations of various technical issues. the IRTF does not make standards, but it does discuss the considerations that go into standards, including technical, scientific, and policy.
From Vladimir Radunovic | DiploFoundation to Everyone: 02:46 PM
CB = capacity building (I apologise :)
From avri doria to Everyone: 02:47 PM
though sometime = confidence building
From Mark Carvell to Everyone: 02:47 PM
Where would the review against public policy priorities be undertaken and what would happen if there is no consensus on the result?
From Carsten Schiefner to Everyone: 02:48 PM
@avri: :-) - true.
From Andrew Campling to Everyone: 02:48 PM
@Mark No release of a standard if it does not meet the requirements? EG Make it part of the RFC process in the IETF
From Vladimir Radunovic | DiploFoundation to Everyone: 02:49 PM
@Avri - also. acronyms will kill us!
From Wolfgang to Everyone: 02:49 PM
The common acronym for "Confidence Building Measures" is CBMs.
From merike to Everyone: 02:49 PM
Good point @Avri. The Human Rights Protocol Considerations Research Group being one important part of the IETF. https://irtf.org/hrpc
From Remote moderator: Auke Pals to Everyone: 02:49 PM
Thanks a lot everyone for your participation, we look forward seeing your discussion and knowledge/opinions exchanging at the forum
From Olaf Kolkman to Everyone: 02:49 PM
@Vladimir: that is AWKU
From Remote moderator: Auke Pals to Everyone: 02:50 PM
From Vladimir Radunovic | DiploFoundation to Everyone: 02:51 PM
@Olaf I am using my 'help
From a friend' jocker here - AWKU? :)
From Olaf Kolkman to Everyone: 02:51 PM
My apologies - I will have to drop. Good thought provoking panel.
and great chat as well!
From avri doria to Everyone: 02:52 PM
Thanks Merike, HRPC being my favorite, but there is als Gaia about community networks, and pearg about privacy enhancements and assesments
From Wolfgang to Everyone: 02:52 PM
See you later
From merike to Everyone: 02:55 PM
Very good discussion. Nice to hear all the viewpoints.
From Wout de Natris to Everyone: 02:55 PM
here's the IGF link to my report: https://www.intgovforum.org/multilingual/index.php?q=filedepot_download/9615/2023
From avri doria to Everyone: 02:55 PM
One of my favorite attributes of the Internet is its ability to heal. I predict it can be healed even of the fractures and divisions we see today.
From Mark Carvell to Everyone: 02:56 PM
Thank you all for a very useful and informative session. picked up a couple of new acronyms too!
From avri doria to Everyone: 02:57 PM
i do not think there is any consensus for yet another new body
From Judith Hellerstein to Everyone: 02:57 PM
thanks for a very interesting session
From Wout de Natris to Everyone: 02:57 PM
+1 Avri. I did not hear yet.
From Peter Koch to Everyone: 02:57 PM
I believe the term consensus is used too liberally here
From Mark Carvell to Everyone: 02:57 PM
A bridging process maybe?
From Peter Koch to Everyone: 02:58 PM
at best it’s “temperature in the room”
From Carsten Schiefner to Everyone: 02:58 PM
@avri: I do not see it asking for a new Body?
From André Melancia to Everyone: 02:58 PM
Policy would be "good" before, sometimes not possible
From Jana Misic to Everyone: 02:58 PM
the last note msg= wasn’t a consensus, it was 50-50% split
From Carsten Schiefner to Everyone: 02:58 PM
thanks, everybody - yet another excellent session!
From Fred Langford to Everyone: 02:59 PM
Thanks for listening. If anyone would like to reach me my contact email is fred@iwf.org.uk
From André Melancia to Everyone: 02:59 PM
Coffee break anyone? https://en.wikipedia.org/wiki/Hyper_Text_Coffee_Pot_Control_Protocol
From Wout de Natris to Everyone: 02:59 PM
Have a good day all. See you later I hope in this room.
From André Melancia to Everyone: 02:59 PM
Thank you all :)
From Vittorio Bertola to Everyone: 02:59 PM
Thanks everyone again!