Huawei's proposed "New IP" sparked charges the company and possibly the Chinese government are trying to hijack the internet. ICANN, ITU and others said the protocol's specifications and purported uses are so hazy it can't be considered as an internet replacement. Huawei said it's trying to improve existing IP versions 4 and 6 and denied it's working for the Chinese government. The project's link to Huawei, however, "is a guarantee, in the current geopolitical environment, that it will be politicized," blogged Internet Governance Project founder Milton Mueller.
Dugie Standeford
Dugie Standeford, European Correspondent, Communications Daily and Privacy Daily, is a former lawyer. She joined Warren Communications News in 2000 to report on internet policy and regulation. In 2003 she moved to the U.K. and since then has covered European telecommunications issues. She previously covered the U.S. Occupational Safety and Health Administration and intellectual property law matters. She has a degree in psychology from Duke University and a law degree from the University of Tulsa College of Law.
Efforts to create a standardized system for access to private domain registrant data are in disarray after ICANN constituencies objected to portions. The system for standardized access/disclosure (SSAD) proposal is phase 1 of an expedited policy development process (EPDP) for compliance with EU's general data protection regulation (GDPR). Some claimed opponents are trying to cling to the old Whois system despite its illegality. The EPDP team now must look into two more contentious issues.
ICANN efforts to align domain name registration rules with EU privacy law continue but no board action is expected at the Oct. 19-22 virtual meeting in Hamburg, Germany, said gTLD Process and Integration Manager Steve Chan Thursday. The expedited policy development process team working on a temporary spec for generic top-level domain name registration data compliant with the EU general data protection regulation published its final report Aug. 10. It recommends a standardized system for granting access to and disclosure of nonpublic gTLD registration data. Chan couldn't predict when directors might consider the recommendations, which first need approval by the Generic Names Supporting Organization Council followed by another public consultation. It's unresolved whether the rules should apply to legal and natural persons and questions about data accuracy, he said at a policy update webinar. GDPR compliance remains a high priority for the Governmental Advisory Committee, said ICANN Senior Policy Director Rob Hoggarth. In August, GAC published a minority statement on completion of the second phase of the Whois policy development process. It said the proposed regime for access to nonpublic registration data is fragmented; doesn't include enforceable standards to review disclosure decisions; and doesn't adequately address consumer protection and trust concerns. A minority of the Stability and Security Advisory Committee also opposed (SAC112) the recommendations, saying the process didn't provide results that "are reasonably suitable for security and stability." An Oct. 21 session at the ICANN meeting will address the impact of Whois changes under GDPR on end users and public safety.
As fallout from the annulment of Privacy Shield continues, industry and regulators in the U.S. and EU are struggling to decide how to maintain trans-Atlantic personal data flows, they said. The European Commission plans to launch an “adoption process” for new data transfer mechanisms in “the coming weeks” and hopes to finalize it by the end of the year, European Commissioner for Justice Didier Reynders said Thursday, noting there won't be any "quick fix."
Africa needs a unified policy approach to its domain name market, speakers said Monday at an ICANN virtual forum on the African domain name system. Among other problems are widely divergent charges for domain names, ranging $3-$500 across the continent, said Moctar Yedaly, African Union Commission information society division head. The COVID-19 pandemic offers lessons for the African continent, said South Africa Central Registry CEO Lucky Masilela. In addition to harmonizing domain prices, the sector must address issues of trust and security, he said. Africa is a youthful continent, and younger people must be empowered to have their own internet identities, he said. Business barrier issues are hampering DNS markets, said Ghana Dot Com Chairman and former ICANN board member Nii Quaynor. The DNS is a public good that exists only because people are willing to use its identifiers, he said: The DNS community must manage it responsibly to ensure the internet is stable, inclusive and accessible globally. Governments should foster a friendly policy environment to allow trust, and refrain from getting into managing top-level domains, he said. As Africa migrates business to the local internet, governments must address governance through more bottom-up, multistakeholder processes, Quaynor said. They must lower business barriers through such things as a continental free trade area, and should commit to using their own country-code domains, he said. It's in every administration's best interest to safeguard the DNS, said South Africa Domain Name Authority Chairperson Palesa Legoze, whose organization manages the .za ccTLD. Countries' whose country-code top-level domains (ccTLD)s have few registrants should look at the pricing and quality of service offered, she said. Governments can fund ccTLD managers until they're viable and have the volume of domain name registrations needed, she said. Nigeria has over 200 million people and not many domain names, but it's working to correct that through offering flexible policies and pricing, encouraging the hosting of local content and creating good content, said Nigeria Internet Registration Association Executive Secretary Edith Udeagu. Foreign domain names are viewed as better than local, so her organization tries to encourage enterprises to use .ng names and websites rather than just social media platforms, and tries to spur websites that host local content, she said. Quaynor warned against nationalism. A business that serves a particular area will want a domain that shows that, but Africa-wide companies should choose, for example, .africa or .com. Legoze urged Africans to coalesce on DNS policies, to "come together and speak with one voice."
Thursday's ruling tossing out Privacy Shield must result in a speedy replacement, industry groups said (see 2007160014). The European Court of Justice nixed the personal data transfer regime because of what it considered overzealous U.S. surveillance and inadequate ombudsman protections. The decision throws trans-Atlantic data flows into turmoil, stakeholders said. Industry urged both parties to return immediately to negotiations, while privacy advocates and consumers pressed the European Commission to do more to protect citizens in future talks.
Two issues expected to be contentious at the 2023 World Radiocommunication Conference involve potential spectrum sharing in the 6 GHz and the UHF bands, speakers said Thursday at a European spectrum management conference. Agenda item (AI) 1.2 calls for identifying several bands, among them the 6425-7025 MHz band in Region 1, and the 7025-7125 MHz band globally, for mobile services. AI 1.5 considers potential sharing between users such as broadcasting services and mobile applications in the UHF 470-960 MHz band. Other keenly watched discussions include satellite and transport communications issues, they said. Agenda items are here.
The EU general data protection regulation is generally a success but needs more work, European Values and Transparency Commissioner Vera Jourova said at a Wednesday briefing. The European Commission's two-year assessment found that fears the privacy framework would be "the end of the world" didn't materialize, she said. Seventy percent of Europeans have heard of the regulation but more awareness is needed, she said. The review found the EC approach was correct, with more companies using privacy by design as a competitive advantage, and the one-continent, one-law philosophy enabling more businesses, particularly small and mid-sized ones, to operate in Europe's single market. It included a "serious to-do list," Jourova noted. One key issue is the resources available to national data protection authorities (DPAs). There was a 42% increase in staff and a 49% hike in budgets between 2016 and 2019, but the European Data Protection Board (EDPB) and DPAs must boost cooperation to provide a pan-EU data protection culture, Jourova said. The EC is monitoring DPA resources, said Justice Commissioner Didier Reynders. It's possible some national authorities, such as Ireland and Luxembourg, that handle complex cases involving big tech companies might need more capacity and cross-border cooperation, he said. "Consistent and efficient enforcement of the GDPR remains a priority," said European Data Protection Supervisor Wojciech Wiewiorowski. He proposed creating a shared pool of experts in the EDPB to help DPAs in complex and resource-heavy cases. The EC review was "thorough but critical," said Computer and Communications Industry Association Europe Senior Policy Manager Alex Roure: Two years after becoming law, companies and consumers still "lack clear guidance from enforcers which too often take diverging, national actions." The GDPR "has failed to live up to its promise," proving to be a "complicated, burdensome drain on Europe's digital economy," said Center for Data Innovation Senior Policy Analyst Eline Chivot. The review shines an "unflattering lights" on many shortcomings, yet the EC "seems determined to double down by layering on even more rules."
Domain name system abuse and IoT challenges are key issues for the ICANN community, panelists said this week at the ICANN68 meeting held virtually. Despite progress against DNS abuse, much more needs to be done, stakeholders said. Since many IoT devices will use the DNS to locate the services they need, the community must address security risks and other issues, they said.
Maintaining European network capacity during the pandemic was largely voluntary, the Body of European Regulators for Electronic Communications (BEREC) told us. Following a European Commission initiative, some larger content providers, such as Facebook, Netflix and YouTube, acted to ensure network capacity without further intervention by national regulatory authorities (NRAs), it said. Weekly traffic monitoring reports from NRAs will become monthly beginning in July because the situation is stable, BEREC Chair Dan Sjoblom said at a Tuesday briefing. The content providers' actions were "more or less" voluntary, BEREC said. "Punctual interventions were done by the operators, such as increasing the capacity of the networks, updating the network configuration and traffic (re)balancing." Sjoblom said traffic increased but operators managed well. Internet backbone, networks and internet exchange point supported the increased traffic, emailed EuroISPA Vice-President Innocenzo Genna: The increase was normally spread throughout the entire day, without specific peaks. Users may have experienced some congestion in the access part of their fixed connections because so many were using connectivity during the quarantine for different purposes, such as learning, working and entertainment, he said. "This problem reminds us [of] the importance for a proper Internet connection and the need to accelerate roll-out of very high capacity networks, as foreseen by the new European [Electronic Communications] Code." A YouGov survey showed a "significant increase in broadband usage in households during the lockdown" as the workforce logged on from home and friends and family kept in touch, said U.K. Internet Services Providers' Association Policy Head Till Sommer: The network "proved to be resilient."