Monthly Report 10/2022 - Executive Summary

Volume 1, October 2022, No. 8

The contentious issues at the ITU General Conference in Bucharest, which ended on 14 October 2022, were Internet governance (Resolution 102) and cybersecurity (Resolution 130). As to Internet governance, it was the role of the ITU in the management of critical Internet resources (domain names, IP addresses, Internet protocols) that was discussed. Regarding cybersecurity, the future of the 2007 Global Cybersecurity Agenda (GCA) and ITU's role in international cybersecurity negotiations were the issues. Resolution 102 does not expand the mandate for the ITU Council Working Group Internet (CWG-Internet), at the same time it continues to block equal participation of non-state actors. What is new is the emphasis on the "sovereign and legitimate interests" of governments in ccTLD management. Resolution 130 does not provide for a new version of the GCA. The discussion on an extension of the mandate was postponed to the next ITU-PP (Dubai 2026). Both compromises take the ITU out of the firing line of the geo-political disputes about the future of the Internet for the moment. Thus, new opportunities are opening up for a more relaxed relationship between ITU and ICANN. The new ITU Secretary General Doreen Bogdan-Martin has exchanged friendly letters with ICANN President Göran Marby. However, the reference to ITU Council Resolution 1305 (2019), whose "to-do list" includes all previous controversial issues (DNS, IP, IPv6, OTT, etc.), suggests that some ITU states (Saudi Arabia, UAE, Russia, Iran, Algeria, China) will continue to bring forward proposals such as New IP or IPv6+. [1] The ITU's role in preparing the WSIS+20 review conference in 2025 was reaffirmed, and a new, albeit limited, mandate was given to the ITU for the issue of artificial intelligence. The theme for the "World Telecommunication Policy Forum" (WTPF 2025) has not yet been determined.

The new UN Tech Envoy Amandeep Singh Gill continued his series of consultations on the Global Digital Compact (GDC) in October 2022 at numerous Internet conferences. [2] In his statements, the Tech Envoy emphasised that the GDC, which is to be adopted at the "UN Future Summit" in September 2024, is a "government-led process" but must be based on a "meaningful participation of non-state actors". 31 March 2023 has been set as the new deadline for the submission of proposals. In September 2023, first drafts will be discussed at a ministerial conference in New York. On 27 October 2022, the EU Commission announced that it was going to support the work of the UN-Tech Envoy with one million euros. [3] The money will be used primarily to finance outreach activities.

On 7 October 2022, the UN Human Rights Council (HRC) adopted HRC Resolution 51/22 on the protection of human rights in relation with the development and use of Internet-based autonomous weapons systems. The HRC Advisory Committee is requested to submit a study by 2024 that investigates the human rights implications of the development of new AI technology in the military sector. Civil society, the technical community and the private sector are explicitly invited to participate in this study. [4]

The second EU-US Joint Technology Competition Policy Dialogue (TCPD) took place on 21 October 2022. It dealt with competition law issues in connection with mergers of transnational Internet groups. The aim of the dialogue is to prevent the emergence of digital monopolies and oligopolies, so that competition on an equal footing and on the basis of clearly defined rules can be guaranteed. [5]

On 8 October 2022, the US government published ideas for the regulation of artificial intelligence. In a "Blueprint for an AI Bill of Rights: Making Automated Systems work for the American People", five principles – including system security, protection against algorithmic discrimination and data privacy – are put forward for discussion. [6] The "US AI Bill of Rights" is the US answer to the "EU AI Regulatory Package" pushed by Brussels. There are many similarities between the two projects, but also major differences. The "risk-based approach" favoured by the EU has not been taken up in the US paper.

On 11 October 2022, US President Biden published the key points of the new US cybersecurity strategy. Under the motto "Lock our Digital Doors", an 11-point program is presented, which covers the protection of critical information infrastructure up to the development of international cybersecurity standards and digital education. New certification and labelling procedures shall enable US citizens to recognise which hardware and software is "secure". New forms of "multifactor authentication" are going to be introduced. The International Counter Ransomeware Initiative (CRI), founded in 2021, will hold an international conference on 31 October 2022 to fight cybercriminals and state cyberterrorism. "Quantum Resistant Encryption" is to be introduced. A new "National Quantum Initiative" shall secure US leadership in the development of quantum computing. [7]

On 18 October 2022, the Freedom House presented its annual report "Freedom on the Net 2022". According to the report, Internet freedom worldwide has declined for the twelfth year in a row: More than three quarters of humanity live in states that perform Internet censorship. This situation enhances Internet fragmentation. The open Internet is increasingly becoming a "patchwork of repressive enclaves". The Internet countries with "the greatest freedom" are Iceland, Estonia, Costa Rica and Canada. Germany ranks seventh but is criticised for releasing state Trojans and blocking streaming services and Russian state media. [8]

At the "Digital Summit" on 10 October 2022 in Tallinn, EU Commission President Ursula von der Leyen advocated better protection of critical Internet infrastructure such as submarine cables, through which 99 percent of global Internet traffic passes. She called it a new "frontier of warfare". In the struggle between autocracies and democracies, she said, the digital sphere is not a "sideshow" but it is in the centre. Europe must become more independent and develop new partnerships. The "European Chips Act" and the "Global Gateway Project" serve this purpose. According to her, the future of the digital world will also be decided by the standards and norms that are chosen. Ursula von der Leyen hopes that European standards – GDPR, DMA, DSA – will become global standards. [9]

At the CyFy conference in New Delhi, which was a face-to-face event for the first time in three years, Indian Internet Minister Rajeev Chandrasekhar affirmed on 27 October 2022 that India will participate in all initiatives that are useful to Indian companies and Internet users in India. India does not want to be drawn into a "cyber war" between the USA and China, he said. India is involved in the Internet activities of the China-Russia led Shanghai Cooperation Organisation (SCO) as well as in the G7. Its engagement is guided by the motto "India First". The aim is to develop an AI-based Internet economy in India. India supports the multistakeholder model but relies on strong state regulation. The EU's regulatory initiatives are a "source of inspiration" for India. They are, however, not copied but adapted to the needs and conditions in India. The country now has 800 million Internet users. CyFy has been organised since 2012 by the Open Research Foundation (ORF), the most important policy think tank in India. Parallel to the conference, the 2nd EU-India Cyber Consultations took place. India will assume the presidency of both the G20 and the SCO in 2023. [10]

Mehr zum Thema