EuroDIG 2022 is happening this week. With sessions looking into digital sovereignty and identity, the multistakeholder model of Internet governance, cybersecurity, and much more, RIPE NCC staff will be live-blogging the event right here on RIPE Labs. Stay tuned for updates!
Day 2 - Big Stage, or lunchtime ruminations
One of the innovations at EuroDIG in recent years has been the “Big Stage” - basically using the main stage over lunchtime for smaller or more niche discussions. This has been a venue for some fascinating topics, and this year was no different. The Day 2 Big Stage featured two quite different discussions. The first was in relation to dating apps, the algorithms they rely on, the way they are designed, and the ways in which their users could be better protected - issues that certainly relate to the broader Internet governance discussions.
The second item was a presentation by YouthDIG participant, Elena Falomo (connecting from COVID-related isolation, in a reminder of the still not-normal times for all conferences like this one!) on the use of art and design to help develop and evolve multistakeholder Internet governance engagement. Examples included her work on a card game, Fight For The Net, which encourages players to adopt various identities in relation to online dis/misinformation and its propagation. As Internet governance community structures (including RIPE) look to the future and consider how best to evolve, this seems a particularly interesting area of research and innovation.
- Chris (22 June 2022, 15:00 UTC)
Day 2 - YouthDIG Messages
YouthDIG has been a mainstay of EuroDIG for a few years now. The program funds the participation of a diverse group of young people, including several days ahead of the event in discussion with Internet governance and digital policy experts (I had the chance to participate in a session on Sunday discussing fragmentation of the Internet). As well as discussion, the YouthDIG program steers towards an output document, Messages from YouthDIG, and this was presented to the EuroDIG conference after lunch on the final day.
The presentation of these messages included a perspective from a Ukrainian youth participant, Kateryna Bovsunovska, who stressed the importance of Internet-related services to Ukrainian citizens (both in Ukraine and outside the country) since the outset of war, and the important roles that all Internet governance stakeholder groups have in relation to this situation. She closed with the call, “Act now, support Ukraine, and support Internet governance!”
The full YouthDIG messages will be published on the EuroDIG website (or you can jump straight to this tweet from Sam Dickinson), but they cover four areas:
- Artificial intelligence in the natural world
- Envisioning the future of social media
- Sustainability and ICTs
- Navigating the cryptocurrency waters
It will be interesting to see how these messages are employed, particularly in light of recent discussions about the need for different stakeholder groups to contribute to the development of the UN’s Global Digital Compact.
- Chris (22 June 2022, 14:15 UTC)
Day 2: Digital identity done right
The second day of EuroDIG featured an interesting session on the growing discussion about digital identity. Panelists agreed that the most important aspect to consider is the effect it will have on human rights - functionality comes second. Digital identity has the potential for a transformative impact on human life, as we've seen how quickly and easily physical documents get lost or destroyed during national disasters and military conflict. Some panelists went as far as suggesting that a digital identity should be a human right and having it on a global scale would unlock even more of Internet's potential.
On the not so bright side, it was acknowledged that at the moment digital identity might widen the gap between people who have access and knowledge of technology and those who don't. Further, a number of security incidents throughout the globe were pointed out and the effect they have of increasing scepticism and reducing trust in people that their data will be secure. One incident in particular where users data was used by an AI algorithm who then went on to flag them for potential benefits fraud was a potent example of what could go wrong as multiple technologies interact and use the data.
Another important aspect when talking about implementing a digital identity solution is not just if, but how. A lesson the Swiss government learned all too well, then their recent proposal for digital identity and single sign-in infrastructure was rejected by 65% of the population - an unusually strong margin. Voters were unhappy not with the idea of a digital identity but the proposal of how it was going to be executed, and especially the fact that it was going to be in the hands of a private entity.
We also spoke about the EU's plans to create a European digital identity wallet. According to the proposals, this wallet app will allow access to not only government services, but will also be open to private businesses. Such an application will allow users to reveal to businesses only the information that is necessary at the moment. For example, if you are buying alcohol, the store does not need to know your name or your birthday. All they need is a confirmation that you are over 18 years old. The app can be set up to reveal only this information.
- Gergana (22 June 2022, 12:30 UTC)
Day 2: The multistakeholder model’s origins and future
I found this panel really interesting, as it covered a lot of different perspectives and offered an array of insights while staying focused on a topic that is at the heart of all Internet governance fora. Plus, who doesn’t love a good origin story?
The panellists, including Wolfgang Kleinwächter, Richard Hill, Daphne Stevens and the RIPE NCC’s own Chris Buckridge, began with a brief history of the multistakeholder model and an overview of what it is. Several pointed out that, in fact, “model” is a misnomer and that “approach” or “mindset” is more descriptive - and even then, there are many variations on the multistakeholder approach in practice today.
One key point was how a multistakeholder approach is not meant to replace representative democracy, but can instead supplement it. Chris Buckridge pointed out that this approach is not a political ideal, but a pragmatic reflection of the way the Internet operates on the technical level. Without cooperation, he posited, the Internet wouldn’t be the amazing technology that it is today.
The main tension, Wolfgang Kleinwächter argued, is that the multistakeholder approach came about as a political compromise between different nation states embodying different ideals, and it relies on the willingness of those who traditionally hold the power (i.e. governments, large corporations - although even here, the extent to which groups hold the most power varies across geopolitical borders) to do so.
While some organisations or processes claim to take a multistakeholder approach to Internet governance, it’s interesting to take a closer look. For example, Richard Hill argued that the IETF is not, in fact, multistakeholder because it is open to individuals, rather than representatives from distinct stakeholder groups. (This wasn’t framed as a bad thing, by the way - just an interesting take on something that many of us would have held up as one of the obvious examples of a multistakeholder approach to Internet governance). A Declaration for the Future of the Internet, on the other hand, was written by just one entity (the US government), yet upholds multistakeholderism as one of its key principles. (Is “multistakeholder washing” the new green washing? If so, you heard it here first!)
There were also some really good questions and comments from audience members, such as: Who’s responsible for the primary failure of the Internet; namely, that most of its control lies in the hands of a few large corporations? I won’t spoil the answer for you, though - because you should really check out the recording of the session for yourself
- Suzanne (22 June 2022, 10:30 UTC)
Day 1: Participating in the UN Processes
The keynotes of the first day of EuroDIG focused on ramping up participation in the ongoing UN processes. The UN Secretary-General’s Roadmap for Digital Cooperation outlined eight Key Areas of Action:
- Achieving universal connectivity by 2030
- Promoting digital public goods to create a more equitable world
- Ensuring digital inclusion for all, including the most vulnerable
- Strengthening digital capacity-building
- Ensuring the protection of human rights in the digital era
- Supporting global cooperation on artificial intelligence (AI)
- Promoting trust and security in the digital environment
- Building more effective architecture for digital cooperation
The UN Secretary-General presented his report "Our Common Agenda" in September 2021, in which he looks ahead to the next 25 years and presents his vision on the future of global cooperation. In it, he reiterated his call to “protect the online space and strengthen its governance”, including through a proposed Global Digital Compact. The Office of the Secretary-General’s Envoy on Technology is in charge of the implementation of the Secretary-General’s Roadmap (above) and the Global Digital Compact, with consultation with the Member States, the technical community, businesses, civil society, and other stakeholders. In preparation for next year's Summit of the Future, the Office launched a survey open to all stakeholders. Please consider submitting your input directly, by 30 September 2022. You can also take a look at other's submissions. Finally, for those of you who do not wish to submit an individual contribution, there is EuroDIG! As a the European regional Internet governance forum, they are planning to also make a submission. EuroDIG will soon launch a survey, via which you are welcome to submit any feedback. The deadline for this will be around end August. EuroDIG will organise an extra session to discuss and condense the feedback, after which they will submit it to the Envoy's survey.
Not all governments across the world agree to letting others stakehoders (other than governments) to the decision-making table. This is our chance to prove to them what a valuable contribution we all can make. The technical community should not miss the opportunity to get involved.
- Gergana (21 June 2022, 13:30 UTC)
Day 1: Is Europe headed in the right direction?
The third and final session on the topic of digital sovereignty focused on whether Europe is keeping Internet infrastructure secure and open. Has Europe been over-regulating the digital sphere in recent years? Of course, there were a range of opinions that fell into both the “yes” and “no” columns. Some pointed out the need to shine the regulatory spotlight on big tech’s dominance in an effort to maintain Europe’s sovereignty given the continent’s increasing dependency on those players. Others pointed out that, while big tech might be the main target, so much regulation has only made it more difficult for small and medium businesses to keep up with compliance.
Several speakers pointed out Europe’s lack of investment in key spaces including 5G, AI and cloud infrastructure, and argued that the real issue is not too much regulation or the threat from the US or big tech, but a lack of home-grown competition in these areas.
It also seems that “surveillance capitalism” is becoming one of this year’s EuroDIG buzz words, having made several appearances during the three digital sovereignty sessions. There are clearly still lots of open questions about what to do with all of that data being collected - not only by big tech but many smaller companies too - and how to ensure users’ rights when it comes to how their data is being collected, accessed and used.
We at the RIPE NCC have spent a lot of effort trying to get policymakers to understand the need to protect the public core of the Internet, and I’m guessing that, if you’re reading this blog, you likely believe that’s a worthwhile goal. The problem we continually face is that there isn’t a single ideal, authoritative definition of exactly what constitutes the public core of the Internet. After listening to the three sessions, I was struck by how that need is more pressing than ever. We actually brought the idea of defining some RIPE Principles to the community at RIPE 83 last November. Maybe it’s time to stir that pot again…
- Suzanne (21 June 2022, 12:30 UTC)
Day 1: Digital sovereignty and the Internet infrastructure
The second session on digital sovereignty looked at the impact on Internet infrastructure, using examples like the Network and Information Security 2 (NIS2) directive, the Digital Services Act (DSA) and the DNS4EU initiative. How will these affect the core of the Internet? And how compatible is the notion of sovereignty, illustrated by these examples, with the multi stakeholder model?
Innocenzo Gonna (Internet Exchange Namex) stated that the goal of sovereignty is understandable from a government perspective. The challenge however lies in the contradiction between the ambition of sovereignty and the global nature of the Internet. At the end it boils down to technical implementation. Governments think of the Internet as telecommunication services and big tech, which is an oversimplification of the existing ecosystem.
Secondly, the EU needs to be careful when regulating the Internet because of the potential costs and negative consequences for operators. For example CSAM - the proposed regulation for preventing and combating child sexual abuse - puts operators in an impossible position, as they are expected to both uphold the principle of end-to-end encryption and simultaneously monitor their users’ online behaviour - two technically incompatible tasks. Further, if agreement is reached that obliges operators to legally break encryption for CSAM, where will this stop? Surely, if a precedent to break encryption is made, in a few years there will be calls to do so for other reasons - for intellectual property for example. Where would it stop?
Callum Vote (Internet Societ) remarked that we do not see the term "sovereign" in EU legislative proposals, but only in declarations. Legislation such as the NIS 2 Directive focuses on cybersecurity, redundancy and continuity. The risk with top down management is that it might be an incentive for other countries to do the same. The EU cannot criticise other countries for enforcing top down regulation if it also does the same. Especially when concerning the DNS, this could lead to a fragmented Internet. Root servers might be out of scope of NIS 2, which is a good thing, but other parts of the DNS are still there, which can set a dangerous precedent.
Members of the audience expressed their confusion at the EU Commission's wish to regulate DNS. What are the (perceived) harms they are trying to fix? The COVID pandemic showed that the Internet is robust and functioning without regulatory intervention. Having DNS4EU might work well, but it also opens the door to unpredictable situations. What if a legal order requires a filters be configured?
Innocenzo pointed out that EU initiatives are very complex and time consuming, involve many stakeholders and usually end up in a compromise. That can be detrimental technically.
Lucien raised the concern that NIS2's article 23 on data accuracy is rather vague. This is a concern for ccTLDs, who might not be able to implement it consistently in the 27 different EU member states. This can hamper the competitiveness of the EU domain industry and in turn weaken sovereignty. He also pointed out that EU Directives leave a lot of room for interpretation to Member States, which is not beneficial for companies operating across the EU domain market.
- Bastiaan (21 June 2022, 11:30 UTC)
Day 1: What is digital sovereignty?
Digital sovereignty is a hot topic in the IG circles for a few years now. During the IGF meeting in 2019, German chancellor Angela Merkel outlined her idea of digital sovereignty. She clearly differentiated her understanding of the concept from isolation, protectionism and state censorship, and emphasised instead that it can also be an expression of sovereignty, to advocate a joint, free, open and secure global internet.
Since then there’s been a lot of discussion and activity around this issue, with planned regulation and significant investments by the European Union. At this year’s EuroDIG, digital sovereignty is one of the central points of discussion. The main track is divided into three subtopics:
- Principles and definitions
- Impact on Internet infrastructure
- Opportunities and threats to the Internet
Setting the stage for a later discussion, it was necessary to hear how a diverse group of speakers would define digital sovereignty in their own words. As expected, they came up with slightly different definitions. But what they all had in common was the notion that it should provide European citizens, business and governments control over the direction of the digital transformation and should be built on European values, upholding the fundamental human rights and democratic principles.
How should digital sovereignty look like in practise? Francesca Bria (Italian National Innovation Fund) defined the European way as a middle road between the big tech model based in the Silicon Valley, characterised by surveillance capitalism and the so-called big-state model coming from China on the other hand. European digital transformation must be rooted in the constitutional rights of citizens, it should foster innovation and competitiveness for European companies and always aim for the sustainable growth and development.
On the opposing side of the argument we heard from Alberto Di Felice (DigitalEurope) who finds "digital sovereignty" a problematic term and doesn’t think the current regulatory wave initiated by the European Commission will have a positive impact on the tech industry in Europe. He added that the discussion doesn’t seem to be about the dominance of US companies in Europe but rather more broadly about the future of what capitalism and what social discourse should be. He suggested that before coming up with regulation, EU should push for better implementation of the existing rules. This sentiment was shared by Fanny Hidvegi (Access Now) who added that putting the EU Commission in the centre of all of regulatory frameworks on digital issues will prevent addressing the problems on a national level.
With the exception of Alberto, all speakers agreed that EU is going in the right direction in regard to the European digital sovereignty and that the planned regulation is a good way to set up a path to democratic, sustainable and inclusive digital transformation.
- Jelena (21 June 2022, 09:30 UTC)
Day 0: Taking stock of progress
It's almost two decades since WSIS - the World Summit on the Information Society. The last session of the Pre-day at EuroDIG assessed how far we've gone with achieving and carrying out a global vision of the Internet. A few points stood out.
First, the question of a global vision is still not settled. Grand words - such as global, open, interoperable, secure, inclusive - abound. It might be surprising to some, but not everyone stands behind every word. And when it comes to putting these words into practice, the global record, for governments and businesses alike, has been decidedly mixed.
Second, while the IGF has been a great forum for discussion, panelists noted that over the past few years discussion during the forum has become very "polite". The increasing politicisation of the Internet and the disagreements about a common vision, mentioned above, certainly play a role in that. This "politeness" has led to a kind of deadlock - we want to keep talking to each other, but we disagree, sometimes fundamentally. So what do we do? Panelists called on IGF participants to be bolder, both at IGF discussions and outside, when advocating for what they believe in.
Third, on a more positive note, the technical community was congratulated for doing a pretty good job during the COVID pandemic. The Internet suffered no major issues or disruptions and after a few weeks of adjustment (adding network capacity), it was pretty much back to normal. The fact that all this happened organically, without any government intervention or help, is a testament to the resiliency of the current system from a technical point of view.
Finally, panelists noted that one of the biggest change brought about by all the Internet government processes since WSIS is that now governments around the world are much more open to feedback from various stakeholder groups. Most of them now have public consultations that do receive attention and consideration. The IGF in Switzerland was the first IGF to submit text to the UN Global Compact platform and panelists encouraged future IGFs - be it global, regional or national - to continue to do so.
- Gergana (20 June 2022, 16:00 UTC)
Day 0: How to put the Katowice IGF Messages into practice?
The EuroDIG Pre Day opened with a session reflecting on the Katowice IGF Messages, which summarised the key views of the participants of the Internet Governance Forum held in Poland in December 2021. Since the introduction of Key Messages at the 2017 IGF in Geneva, they have been an instrumental tool for stronger engagement with governmental bodies and the private sector. One of the most frequently discussed issues at the Internet governance meetings is how to put them into action and how to sustain the momentum from one IGF to the next one.
Next, we heard from experts on topics of data protection, digitalisation for the climate and lawful use of AI. Ignacy Święcicki (Polish Economic Institute) shared the results of their latest research that looked at how much is our personal data, especially the one that we share voluntarily on big platforms, is actually worth. The result? Just around 2 EUR/month for the average Polish Google and Facebook user. What they also discovered is that Polish Internet users would be willing to pay such a small amount on a monthly basis to prevent big tech companies from having access to their data. Something needs to change in the way platforms handle data, but it is still unclear how to make this change in practice.
Another frequently discussed topic at Internet governance events is how to increase diversity and participation of marginalised voices. Anja Gengo (IGF Secretariat) highlighted the role of the large and ever-growing number of national and regional Internet governance forums, crediting them for the ability to reach out to communities whose voices wouldn’t be heard otherwise.
- Jelena (20 June 2022, 11:30 UTC)