NINTH ANNUAL MEETING OF THE
INTERNET GOVERNANCE FORUM 2014
"CONNECTING CONTINENTS FOR ENHANCED
MULTI-STAKEHOLDER INTERNET GOVERNANCE"
04 SEPTEMBER 2014
WILL CYBERSPACE FRAGMENT ALONG NATIONAL JURISDICTIONS?
This is the output of the real-time captioning taken during the IGF 2014 Istanbul, Turkey, meetings. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.
>> BERTRAND de LA CHAPELLE: So thank you so much for coming at 2:30. I know the challenge of other workshops is strong. There are many other topics that are interesting, and the food up there is also very good, so I appreciate the effort that everybody has made to come here. As indicated, this is a workshop on an interesting and quite up‑to‑date topic which is: Will Cyberspace Fragment Along National Jurisdictions? As a starting point, beyond highlighting that, you may have noticed that this is the third workshop in a track that we tried to highlight and that we co‑organised in a way with ISOC and CGI. The first one was on the first day, more oriented towards the technical aspects of fragmentation. The second one took place yesterday on the more economic aspects of fragmentation and maybe we have the opportunity to come back to that a bit.
And this one is more dedicated to I would say legal and jurisdictional aspects of this issue. My name is Bertrand de La Chapelle, I'm the Director and co‑founder of the Internet and Jurisdiction Project, with Paul Fehlinger, who plays the role as Remote Moderator. We announced this initiative 2.5 years ago to deal with this issue of the tension between the cross‑border nature of the Internet and the National jurisdiction.
Without coming into too much detail, the project is developing an international framework, a transnational framework, a due process framework for transboundary requests for domain seizures and access to user data. It has involved more than 70 entities, many of which are represented around this table. Most of the speakers in this panel have followed closely the project. We conducted a series of meetings around the world in more than 10 countries, 15 meetings in the last two years, in more than 10 countries, plus outreach meetings in more than 20 countries, such as this event.
And there's also an observatory that supports the work of the Internet and jurisdiction project that is now composed of 33 international experts producing a newsletter every month with jurisdictional cases.
I won't get into too much detail. There was a flash session at the beginning of the week on Tuesday. The video is online, and it is a one‑hour presentation of basically where the project is, and what is the framework that is emerging, the operational framework, that is e‑learning to organise the relationship between the different actors.
I'm particularly happy to have the panelists who are around this table. You saw them on the presentation of the workshop, but I would like to list them in no particular order.
On my left is Guy Berger was the Director of Freedom of Information and Media Development at UNESCO.
[ Off microphone ]
What did I say? Freedom of Expression. I cannot read my notes. Sorry.
Vint Cerf is the Chief Internet Evangelist at Google. Some people around this room may know that he has other qualifications, but I won't delve into this.
Ankhi Das, sitting next to him, is the Director for Public Policy for Facebook in India, and for India and South Asia.
Michael Niebel is the Advisor for Internal Policy and Technology at the European Commission, and he was actually the lead in the Task Force that prepared the Commission Communication on Internet Policy and Governance that many of you might have seen.
Next is Benedicto Fonseca Filho, Director of the Department of Scientific and Technological Affairs at the Ministry of External Relations, Itamaraty of Brazil. If you didn't know him before this IGF, I'm sure you now know him very well, because he's been prominently showing the work that Brazil has done on those topics.
Norbert Reidel on my left is the Commissioner for International Cyber Policy in the German Foreign Affairs Ministry.
Joana Varon is an independent researcher in Brazil, but she's working on those issues of Internet Governance for a long time. She was formerly with ‑‑ she's working with ITS and other organisations.
Elvana Thaçi is in the Information Society Department of The Council of Europe, and she leads many of the work that is done in that regard.
I think I've made the list. Kathy Brown should be joining us ‑‑ the President and CEO of ISOC should be joining us momentarily. She had a little bit of overlap so she should be arriving soon.
I recognize in the room a lot of people that have followed those issues for a while.
I want to acknowledge also though he's not formally on the panel but he certainly will have comments to make as well. Mr. Sastrosubroto ‑‑ it's always difficult to pronounce ‑‑ the former Director‑General of ICT Application in Indonesia, and was the Chairman of the Steering Committee of the IGF in Bali last year, and who is currently a senior researcher in the Indonesian Institute of sciences, and also a member of the Indonesian National ICT Council.
So without further ado, this panel and this workshop is organised and convened by the Internet and jurisdiction Project but it is an opportunity to place the work we're doing in the larger context which is this debate about fragmentation. One of the big challenges that we're confronted with, you've heard this word fragmentation in many sessions, in many discussions. What is at stake here is that what people call fragmentation, and there are many, many words, is actually a result. It is a consequence. The real cause is the challenge of legal competition.
It is the fact that the legal landscape is fragmented. That is the starting point. We have the National laws, and only a certain number of international arrangements. And so one of the challenges is, and I would like to start with this, we will have a first round of exchanges on this issue of fragmentation: What are the unintended consequences of the discussions and the decisions that are being made in the different countries? What is their challenge of applicable laws for the different actors? And more afterwards on some of the elements that have emerged in the discussions we've led regarding how to handle the interaction and the interoperability between the different actors at the legal level.
So maybe I would like to start in that regard, and it makes only sense when we're talking about fragmentation, we naturally make it as a reference to something that is not fragmented. So as I said, the legal system is fragmented, so why is there an issue about fragmentation? So I will probably start by asking Vint, as we discussed very briefly yesterday, how this question is coming in an environment where at a technical level, the infrastructure is, and the logical infrastructure, is intended to be non‑fragmented and global?
>> >> VINT CERF: Thank you very much. Let me start out by observing that as you point out, the network is in some sense fragmented because countries are free to interfere with the technical operation of the network. The consequence of that is that the parties using the network don't always see the same thing, don't have access to the same thing.
That wasn't the original intent of the design. The design was intended to be uniform in the sense that wherever you were anywhere in the world, when you looked up a Domain Name and got an address, you'd get to the same place everyone else would, or to the same information. And without going into a lot of technical detail about any cast versus other kinds of point to point transmission, it was intended that everybody had access to the same thing.
In the legal regimes that have grown up around the Internet, it's no longer the case that everyone has access to the same thing, and when we move away just from moving packets around and doing lockups in the Domain Name System up to the content level, there are different views of how people's access to content and their permission to generate content varies from one place to another.
And so what we're seeing is diversity and non‑uniformity in terms of ability to access and to generate content on the network, and that is harmful, at least in one sense, and that is that we don't have the ease that we had in the earlier days when this was an academic activity to get access to information that we all wanted to share. We wanted to make it easy for everyone to see what other people had done in the research world. That's how we worked with each other. We shared our information. We didn't buy it from each other. We traded information. And that collaborative attitude was very much a part of the original Internet design but now we're in the real world, and it's less uniform than it was before.
>> BERTRAND de LA CHAPELLE: To piggyback on what you just said, this distinction and the structure and layers of the Internet means that as you notice, the title has been voluntarily chosen as cyberspace fragmentation, as opposed in a certain way to the infrastructure of the Internet. We didn't want to talk about Internet fragmentation, although there are many aspects that are related to that, and you can talk about open standards versus closed standards, gated, and so on. What we're talking about here are mostly things related as you said to what people do on the Internet, like the behavior, the content and this sort of thing.
>> >> VINT CERF: If I could give you a concrete example: From time to time, the intellectual property rules or copyright rules cause content not to be available in Country A when it's available in Country B. Sometimes you'll get a note that says: Sorry, can't show you this video. It's not allowed in this country, for whatever legal reasons. So that's a concrete example at a much higher level than just fragmentation of the underlying technical facility.
>> BERTRAND de LA CHAPELLE: As a demonstration of the diversity of legal norms happen, Benedicto, if I can, pick on you first and maybe on Norbert briefly afterwards, different countries have different rules applicable to content and also behavior, and I know that in Latin America, in Brazil in particular, there might be specificities regarding the National laws that make things illegal in Brazil or in other countries, and not necessarily in another European or North American country. And there's also the question of: What is the applicable law regarding access to data and protection of data?
Can you briefly tell us how from the Brazilian Government perspective this question of how to determine what is the applicable law resonates? And if you can, I think we need all to speak a little bit close to the mic so that everybody hears.
>> BENEDICTO FONSECA FILHO: Well, thank you, Bertrand, and good afternoon to everyone. I think this issue can be looked into from different angles. I would maybe touch it from the angle of those who need to enforce legislation as you have said, legislation regarding crimes that are committed with the use of Internet. Some of those crimes that are not directly linked to the Internet they can happen in the real world, and also individual world. And there are differences of between nations, and it is ‑‑ I refer that the majority of cases in justice is limited in its enforcement powers that is mandated by law, refer exactly to limitations when in contrast to other countries the request for cooperation is not granted on the basis of different legislation that prevails in that country. A very concrete example is in the most cases in which we have had difficulty applied to differences with the U.S. legislation in regard to crimes related to sex online kind of activities, related to illegal practices, bullying and sex exploitation online, that in our cases would demand some legal action, and when we approach the U.S. authorities, we form that ability to see it from a different angle and they rely more on the Freedom of Expression. The adults are not considered crime so cooperation cannot be granted so I think that indicates maybe the kind of issue that we should look into.
It's not an easy thing, as you have said, because under each National jurisdiction, there is an understanding that countries have sovereign rights determined there so how can we reconcile that is an open question to which we are collectively looking for ideas. And I think this project might help very much. Thank you.
>> BERTRAND de LA CHAPELLE: In particular, if I may mention one second, if I remember correctly, there are situations in certain countries in Latin America ‑‑ I don't remember exactly whether this is the case in Brazil ‑‑ where laws for defamation have particular provisions regarding situations when there is for instance a voting process, elections, or things like that, where it is criminal in that particular moment to have defamatory statements. This is not the case in other countries necessarily. However, it is a legal basis in those situations.
That is an example I think of the type of tensions that can exist where the law in one country is ‑‑ where the user is, is different from the law where the platform or the operator is. Is that ‑‑
>> BENEDICTO FONSECA FILHO: Yes, absolutely. In our case, for example, the electoral law forbids some practices in the political world and then we have cases in which the justice requires providers to remove some content on the basis of the analysis that this would go against what is lawful in the country, and again, there are some collisions and different interpretations because it is not evidence for those providers that they should abide. So there is also an issue about this. And I think this would differ from country to country, but with significant impact on the way we relate to providers.
>> BERTRAND de LA CHAPELLE: And there's actually a difference between the actual treatment of the content and the potential request for obtaining information about the person. We'll come back to that a little bit later but that's a distinction that is useful to make. Norbert, if I may, France and Germany have one thing in common among other things, is that we have legislations that are based on historic practice, or historic experience, sorry, regarding hate speech that is relatively specific, and maybe there are other specificities. How does the question of applicable law is viewed from Germany regarding international platforms or Domain Names?
>> N. RIEDEL: If you are asking which law applies, I don't have an answer. But I think we have to see that the wide variety of legal instruments exists that have either already applied, or could be applied, to Internet Governance, and in Germany, we use a notion which is quite unspecific and you cannot translate it. It's ‑‑
[ Speaking German ]
Maybe it's something like international Internet law or international law of the Internet, or even global Internet law. But what is important is that we see that this includes legislation, social norms, self‑regulation, court decisions, soft law, or whatever you can think about. So what we are doing at the moment is we are starting a process. We will have a workshop next week in Berlin together with different stakeholders bringing them together, and make a mapping of what already exists, because I think it's a big surprise ‑‑ it was a big surprise for me ‑‑ that there are already so many instruments or legal entities you can use maybe, or which are already used. And now the problem is to have a summary, to know what exists, and then you can discuss what is needed.
>> BERTRAND de LA CHAPELLE: So in a certain way when you look at the system the way it works, the traditional way is to use a geographic criteria, territorial criteria in most cases to determine the applicability of laws and without getting into details, one of the challenges is that in any transaction or interaction between actors who are in different countries you get the localization of the user, the localization potentially of the user they interact with, the location of the server, the location of the incorporation of the platform, or the entity. And so it is always interesting and I want to highlight it: It is very rare when official representatives say ‑‑ which is the reality ‑‑ we have problem identifying what is the applicable law. And what you're describing is a sort of Web of laws and norms and principles. And when you look at the definition of Internet governance there's this list of principles, norms, rules, decision making procedures and the challenge that we have today is the what we could call the spaghetti bowl of regulations and norms.
I have Guy Berger wanted to make a quick point, and Vint.
>> GUY BERGER: Thank you. I wanted to step back a bit because I think these are useful for highlighting the problems. But if we go back a little bit first of all, it seems to me that as everybody here understands but is worth repeating: Fragmentation is the antithesis of the Metcalfe network effect. What's important about that is if you don't have a network of networks, if you have restrictions on interconnection at content layer, service layer or even technical layer, actually everybody loses. Much as those who are disconnected in one way or another because of the net cough effect. I think that's very important why this is useful. Maybe I can speak later. At UNESCO we have a concept Internet universality.
Just as I think in terms of international Human Rights, people speak about the free flow of information across borders, the default on the Internet should be one Internet, okay? Now, there's in the free flow of information you have some limitations, very circumscribed, but the norm is free flow. The sanctity of the Internet. We need to think that law, we shouldn't just jump into law as if that is the solution, because a great deal of dispute resolution can be done independently of law, or be done with minimal law, and the example is mentioned of defamation.
A lot of defamation cases can be resolved through self‑regulation. Doesn't have to go to law. It goes to law in the last instance if there's refusal and I think that your project has a great role to play not in focusing on law as your first instance but on promoting self‑regulation and mechanisms that those involved can actually communicate through the self regulatory space. Law becomes a much more complex and final resort for trying to deal with these kind of things.
If you want to save the Internet from fragmentation I think self‑regulation and mechanisms is the way to go.
>> BERTRAND de LA CHAPELLE: I want to take one word that you used that will become as a recurrent thread in many of the discussions is the word "default." I think it's very interesting to think in many cases about what should be the default approach, the default norm, the default principle. I'll come to that later, but for instance in the discussions that we lead or facilitate, the notion that when there is a request, the notification of the user should be a default is an emergent principle that is becoming very strong.
Just one issue we may delve a little bit deeper on what you put behind self‑regulation because there are conflicting interpretations of the term self‑regulation and the role of the actors and the platforms and their interfacing with public authorities is at the core of what we're discussing. Vint wanted to say some and Elvana.
>> >> VINT CERF: Thank you, Bertrand. I just wanted to draw attention to one other reason that this kind of fragmentation can occur, and it's business reasons. My wife doesn't like this, but it turns out that Downton Abbey shows in the U.K. starting in September and it doesn't come to the United States until January, unless you happen to have a VPN ‑‑ oh, I shouldn't have said that.
So ‑‑ and these are not considered ‑‑ first, you don't appeal to law perhaps other than the rights of the copyright owners to decide when and where and how their content can be displayed but I want to make sure that we don't accidentally make it sound like it's always the law that intervenes or the Government that intervenes. Sometimes businesses choose to share information or not share it based on what business models they have.
>> BERTRAND de LA CHAPELLE: But in that case, there is a strong backing by legal rules that are being permitted.
Elvana, you wanted to chime in.
>> E. THAÇI: Yes, thank you, Bertrand. I'd also like to step a little back and try to see fragmentation as a result and to better understand the reasons, what are the causes for this result. I think we need to focus on the lack of legal certainty and predictability in relation to jurisdiction issues and I will explain what that means later.
So essentially here, the debate is about different countries have different approaches to questions of where to exert personal jurisdiction. Questions of choice of law. And third category of questions is enforcement of judgments across borders.
On the Internet we see these questions appearing, emerging, in relation to e‑Commerce issues, in relation to free speech, defamation law, but also intellectual property.
I'll focus on free speech and defamation law because these areas fall within the mandate of the organisation that I work for. So two examples, first in relation to defamation. We see the phenomenon of forum shopping. There are different laws in different countries, different regimes for defamation and that's an incentive for parties to go to the forum to shop for the forum which gives the better outcome for the claim.
As an organisation, we have looked at this issue of libel tourism, and we have produced a document, it's a recommendation by the Committee of Ministers which can be consulted. Another example is the restrictions that are placed on content by states on the basis of a National understanding as to what is legal and what is illegal.
>> BERTRAND de LA CHAPELLE: You mean by filtering or ‑‑
>> E. THAÇI: Whatever measures of restricting.
>> BERTRAND de LA CHAPELLE: Decision taking at a National level.
>> E. THAÇI: Yes, but these measures can have impact across borders, because they prevent people in a second, in a third country to have access to a certain content.
But we know that there is no uniform understanding internationally what is legal and what is illegal, so there we have a difficulty. And the question then becomes how to challenge in the second and the third country a measure that is taken in the first country.
So there are no simple solutions to these questions, as we all know, and if we apply the traditional legal tests of jurisdiction, that is, for example, the effects of screen, what we'd have there is the mere accessibility of a website in a country would bring that website in the jurisdiction of that country.
And the consequence of this is that a website would be subject to the laws of every single country in the world. But this is unsustainable and this leads to unsolvable conflict and litigation, so there is a need to address that issue.
Also, states placing restrictions on the content on the Internet create problems for the free flow of information across borders, and for the openness of the Internet.
So there comes into play the risk of fragmentation, because of the absence of legal predictability and legal certainty on the Internet. So this is what I'd like to suggest as an angle to look at the risk of fragmentation.
>> BERTRAND de LA CHAPELLE: This actually links quite directly with what Guy was saying and what you're saying, whether it is universality or whether it is free flow, this notion that there's a default, and that any exceptions should be based on some kind of framework, leads to the next question you were asking which is in the absence of a framework the uncertainty leads and I will come to Michael, the way it seems to happen is that there are basically two reactions in this environment apart from Forum shopping.
One is to basically re‑territorialize, i.e., to establish the validity of the National laws through mechanisms, and we can talk a little bit later about a potential trend, and I'm happy to welcome Kathy Brown.
You're welcome. I already said you might have a little bit of delay so you're perfectly within the delay. Thank you.
So basically there are two tensions, and some of you know that I used to work for the French Foreign Affairs Ministry and the challenge for the exercise of sovereignty is when you're confronted in an environment like this one, you have to find the tools that are available, and if there is no international Treaty, if there is no international framework you use your tools and your tools is your National legislation. This leads to a legal competition that goes in two directions, either bringing the different operations on your territory to establish the maximum extension of the criteria of local justification for jurisdiction, or in the reverse, using the leverage of either the location of the operators or the servers or the companies to extend your jurisdiction extra‑territorially.
In many respects, this is one thing we saw directly last year with the revelations and the burden it put on the Snowden revelations and the burden this application of extra‑territoriality puts on operators that are based in one particular country.
Michael, you wanted to intervene, and maybe as the European Commission is confronted with a National ‑‑ sorry, a Regional multiplicity of norms and rules, harmonization is possible when there is a modicum of convergence but at the global level I suppose that there is less likelihood to have harmonization on substance, right? Michael.
>> MICHAEL NIEBEL: Thanks, Bertrand.
>> BERTRAND de LA CHAPELLE: Close to the mic because they don't capture.
>> MICHAEL NIEBEL: Thanks, Bertrand. First of all, I want to challenge something. There's not a kind of fragmentation process. I wanted to challenge Vint ‑‑ I dare to ‑‑ on the aspect something has grown around the Internet to fragment things. What my experience is, having accompanied legislation in this period when this thing grew, was that for a long time, the law's side and the business, they didn't know what to do. This thing happened, and it grew, and now they have very often the technology to deal with it. Your friends from the copyright lobby, for instance.
So that's one thing. In addition, they have friends from France, they have created new instruments, so you have this kind of ‑‑ this hybrid development. You mentioned we have in the Union, we have experience, yes, we have, probably the only bloc that has experience in doing these things, but then again you're old‑fashioned saying harmonization. That's an old‑fashioned approach even in the Union. We're not all the time harmonizing. We're having different and softer ways, but what we've done is even in the analog world, is to establish free flow of people, of goods, of services.
So we have experience in doing this, and let's face it, in the Union at the beginning we couldn't have television reception. We had to establish it. We had to kind of get this. And some copyright flows are still not there. That's one of the things we're lagging behind. But there is a lot of things we had to do at a minimum level so things could flow, so I think we can still learn from that.
And I think one notion and I wanted again to go to the other side of the table, when he talks about ‑‑ of the networks, I'm going beyond that but I use a common language.
[ Speaking language other than English ]
In the ‑‑ we are really looking at some fabric which is beyond the traditional acting between nations. There are many levels of norm‑setting, well the IATF if it does an RFC sometimes they don't know but they are setting rules and norms that impact.
So ‑‑ and ICANN, I see Michele there. We're in a group that talks about the new directory services. When we look at the location and the question, how can we organise free data flow? We have to look at the conflicts of data transfer, data retention around the world and that's in a global system and that's done via ICANN.
Is it the back door or not?
>> BERTRAND de LA CHAPELLE: The thing I would like just to chug in what you said, the example of television or telephony is an interesting one because in this case it didn't work exactly this way. In the case of telephony and television, you needed harmonization and you needed a rule to make it transborder. Whereas the characteristic of the Internet is that it has been, unless I'm mistaken but it has been structured as transborder on the technical level, and let's be honest, or candid, in a lot of cases, the very early solution for law not going into the John Perry Barlow there's no law which makes no sense, but the first solution was: Company incorporated in country X, law of country X applies through the Terms of Service with the close of jurisdiction. And little by little it became obvious that this was not a sustainable solution as a whole, and that a combination of these criteria and the applicable local laws had to be invented, so I think you're absolutely right and harmonization is clearly not in the mood at the moment even in the European Union but in our environment one of the challenges that we see is harmonization on substance particularly on Freedom of Expression and so on is at least very, very far in the future.
But the technology is making things accessible without having had to do this. Maybe I'll take the opportunity and segue to ask Ankhi to chime in on this relation precisely of first of all the sort of principle that is emerging under the label of the default is access. I think I saw a lot of people nodding when this was discussed.
So the default of the network is access, and ISOC is with the IGF developing the standards but they established in universality and this accessibility. How does ISOC see the challenge of the legal fragmentation of the applications that are on this infrastructure of the use that people make of the Internet?
>> K. BROWN: I think I'm going to be brief and very high level because I haven't heard your conversation already, and I apologize for being late. I don't want to repeat things people have already said. I suspect Vint has already talked about the universality, if you will, of the technology. Having been in Government for a long time dealing with the other technologies, like television, like telephony, we know that there were both legal, but also actual technical and sometimes physics problems with interconnection so think about broadcast. We still had to figure out how far the signal went before we could harmonize the technology itself.
Similarly, with the wireless platform, right now, right here, there's still border disputes all over the place with regard to how far the signal goes, and therefore who owns it. I was on the other side of the river from New York in Canada, and had this wonderful signal coming in from the New York carrier. So I sent them a note and said: Thank you very much. I suspect that you're surprised that you're letting your customers roam around in Canada. But they're not surprised, of course, we know that, just because the physics itself is a challenge, by the way. On top of the physics, obviously, are the rights of nations in their view to allocate scarce resources. After all, that's what licensing was about, right, both on the telephone side as well as the television side and broadcast side.
You see this also with respect to spectrum licenses, et cetera. So there's a Governmental notion that you're allocating scarce resources, and they do that either by lottery, by auction, by license, but that's done.
The Internet did not grow up that way. That's what's amazing about it. There is no such thing as a license to get on the Internet, unless Governments impose them, because there's not a physics problem. There's an infrastructure issue with whether the infrastructure is there to carry this layer of the Internet over it, but there is not a necessity to allocate a scarce resource.
Given that, the question of whether and what runs over it should, therefore, be regulated is one that I don't know for sure that I can speak for all of The Internet Society, but in my own view, is not only unnecessary, but even under the old law would be seen as a services issue, which in my view has a whole other kind of thing going on, and probably a violation of any other kinds of existing tariffs that that's being done.
The point being however that to get into a licensing regime on a technology that doesn't itself require it seems to me the wrong way to go, and that we need to be thinking about other kinds of jurisdictional, if that's even an appropriate thing to do. Bertrand and I have had long talks about once you start talking about this being a jurisdictional problem, perhaps you make it that. And it's really not.
So I'm not suggesting that local countries don't have some interest in what may be happening with respect to getting the technology, with respect to some of the, let's call it, effects or implications of the technology, but as to the technology itself, there has never been a need for it.
>> BERTRAND de LA CHAPELLE: I think the reason precisely as Kathy said that there is a jurisdictional dimension is on the use of the Internet, i.e. the layer regarding content rather than the infrastructure itself. I think that's quite clear.
>> K. BROWN: Could I just? So Vint has written a very excellent paper on social issues that arise on the Internet, which is a whole different category than the use of it technologically, in my view. And I think these things are important to make these distinctions.
>> BERTRAND de LA CHAPELLE: Absolutely, and before you arrived, this is the explanation that I mentioned regarding the use of cyberspace fragmentation versus the infrastructure fragmentation.
One thing I wanted to move to is that as the description was made of a tangle of applicable potential norms, a tangle of criteria based on territoriality and so on, I don't want to open the whole can of the applicability of mutual legal assistance arrangements which do not apply to a lot of the issues related to content.
The fact is that there is not a relevant framework or a set of frameworks that are available, and the end result, apart from the unintended consequences of this piling up of legislation, is the increase of direct transboundary requests from law enforcement or courts or public authorities, in general, directly to platforms that are located in another country, and maybe Ankhi can you give us from Facebook perspective and in India how you feel that on an almost daily basis?
>> ANKHI DAS: So I think there are two aspects to those type of requests. One is on content take down and the other is on sort of user data, user information. And I think that there are cases of applicable law in genuine cases of crime and it's nobody's case that those kinds of things will get contested but the point is that the requesting process has to follow a certain standard of review. It has to follow due process.
It cannot be like an e‑mail request from a private IT or law enforcement official and we see a lot of that. When we started we saw a lot of that. Thankfully ‑‑
>> BERTRAND de LA CHAPELLE: When you say a private e‑mail?
>> ANKHI DAS: Personal e‑mail ID of a law enforcement official without any authentication. This is an authorized functionary of law enforcement Agency.
>> BERTRAND de LA CHAPELLE: I'm law enforcement from country X.
>> ANKHI DAS: Yeah, and you see that kind of request. There is no ‑‑ in the notices in the demand itself, there is no correlation as to what is the trigger in terms of the violation of the applicable law. There's no recital of that. And it's like we want this user data and this content needs to be taken down, so there's been a huge amount of work which private sector has done in terms of law enforcement Agency outreach to build capacity, to explain to them that due process and particular mechanisms of requesting have to be followed.
What we've done at Facebook is we've published our law enforcement guide on our site. We hold trainings and reach out to law enforcement agencies where we try and educate them about this request protocols. I think it's a lot of noise you see around jurisdiction but the tension emerges in these edge cases which are speech related because the international standard on that and National laws there is inconsistency between that.
And what we in the political speech cases or in speech cases as you know most platforms would look at international standards, and that's where sort of global platforms will say follow MLAT, and Governments get upset about that. Governments get upset about that because they feel that MLAT is equal to no. That is because efficiency in the MLAT SIM. It's a G to G issue and private sector gets penalized because it's caught in between this Web so we've been advocating at every Forum. It's been a drum beat. We've been pounding on every door, and we've born saying that there needs to be an efficiency in the MLAT process both in terms of the requester country as well as the U.S. Government.
One thing we've been talking about a lot in India is can you kind of have a beach head or a clearinghouse in sort of important country, like Regional ‑‑ create like Regional hubs and carry on these G to G conversations to build capacity to make sure the form factors are followed, evidence is appropriately produced so that the efficiency processes are dealt with? We don't want to get into that as private sector. We don't want to tell them how to do it. We feel there is an efficiency in bureaucracy in G to G, and users and platforms are suffering and this is something which they really need to sort out.
>> BERTRAND de LA CHAPELLE: But in that case and just to clarify the term for those of you who are not familiar with the term MLAT, Mutual Legal Assistance Treaties that exist among a certain number of countries on a bilateral basis most of the time. It's mainly for criminal issues and it has one big challenge is that for them to work correctly, they first need to exist, and they do not exist between all countries and secondly they usually need dual incrimination so it needs to be criminal in country A and criminal in country B, which if I take again the example of Germany or France or Brazil, for that matter, the laws what they are in those countries and the laws are not criminalizing the same thing on both sides. So one element I pick from what you said, and it's actually a nice connection to part of the work that is being done in the project, in the Internet and jurisdiction project there's a common request format to interface and interoperate between the law enforcement and the requesters, and the companies.
Is that something that facilitates the work? And how can it facilitate the interaction?
>> ANKHI DAS: I think there is value in terms of looking at building more common form factors and also because you're speaking the same language and also making sure that you're using cooperation mechanisms to structure this rather than getting into the fragmentation mode. So I think there needs to be an impasse in terms of international cooperation both on a bilateral basis as well as coming together as a community to make sure that people understand this one thing, which I'd really be interested to see, is that how the I and J Project involves more law enforcement agencies, more National Governments to create an appreciation for this model, because the awareness level in the field is so low. We're sitting here, we just sort of presume this would be automatic knowledge. It is not.
And sometimes there are very real situations of law and order which they're dealing with. So I think the more we can get out there and kind of make sure that law enforcement agencies were using the Cybercrime sort of Forums as well as the ICT bilateral forums which exist on a bilateral basis between various countries to bubble this up but this is a very urgent requirement because if this doesn't get resolved, and that infrastructure is used both in terms of efficiency and G to G international cooperation aspects don't get addressed unnecessarily I think everybody will end up paying a cost and it will not be good for anybody.
>> BERTRAND de LA CHAPELLE: Actually this picks on one thing I wanted to mention earlier, which is the sort of negative sum game type of thing, and unintended consequences of National decisions that may come.
I may turn to Joana on the continuation of this problem of direct request, because there is a contentious issue, and I say it in the presence of the very companies. There are a certain number of comments that say: Isn't it a little bit worrisome that the companies are now placed in a position of having to made decisions on freedom of expression or on privacy? And the reason is basically because you cannot know which court could be the right court to decide.
How to handle this thing?
>> JOANA VARON: Hi, everyone. Thinking about your question and what has been discussed in terms of the standard should be free flow of information, the scenario changes a bit when we were talking about access to user data because then you're talking about privacy right and then it's not access, free flow of information, that kind of information, which is user data.
And of course, that became lately a matter of surveillance besides a matter of user's privacy. So I want to bring an example so we can have this discussion in an empirical manner as well.
There is a remarkable law and we fought a lot for this, Marco Civil.
>> BERTRAND de LA CHAPELLE: For those who don't know, the Marco Civil?
>> JOANA VARON: It's a Civil Rights framework for the Internet in Brazil that addressed users' rights and responsibilities of intermediaries, and so on. Basically speaking.
And then there are in that Bill, there is a particular Article which is very interested in terms of jurisdictional conflicts. It's Article 11. I'll read it really fast. It's not that boring.
It says, in any operation of collection, storage, retention and treating of personal data or communications data by connection providers, and Internet application providers where at least one of these acts takes place international territory, the Brazilian law must be the mandatory respect, including in regard the rights to privacy, to protection of personal data and to secrecy of private communications and logs.
And as a user and advocate, I read this Article and I said great. Brazil is trying to protect our privacy, and, yeah, I don't really know how this will be applied, but let's see.
And then recently, we had a case in which National law was applied, but actually against user privacy because we have one Article in the Constitution that relates freedom of expression to a prohibition to anonymity, and then one app was launched in Brazil around the world which is called Secret, and it was meant to allow exchange of ‑‑ between people, anonymously. And this app has been prohibited in this Constitutional Article and by that, online stores had to remove that app from users, from mobiles of users that have already downloaded it.
So National law was applied, but not particularly to protect our privacy. And then it's an example in which the developers had an issue of that, the online platforms, but also users that wants to access a particular app of service.
So the question that remains is how to deal with that. If you go to international level, you should set some standards, but where we go to all the international forums, I'm currently trying to map by issues, and while we see that the discussions to solve those issues are not yet ‑‑ the discussions to solve jurisdictional problems are not yet issue‑based, and I think that's something that the Internet and jurisdiction is trying to make in a multistakeholder manner and it's very valuable.
>> BERTRAND de LA CHAPELLE: One of the things without interrupting you is, there is a clear expression that emerges in all those complex systems which is the law of unintended consequences. What is meant by that is that you may want ‑‑ I mean, Elvana was mentioning the fact that sometimes you get one country making a decision that seems perfectly okay and it has an impact transboundary.
Or you get one actor making one decision that seems coherent, but if every actor does the same, it actually does not scale and it becomes harmful for everyone. The interpretation of something that is intended in one direction can lead to something that was not intended.
So it is another layer of complexity which is not conflict of law but which requires spaces for discussion, and for dialogue, so that the different actors can understand what their joint action is producing that is positive or negative.
I want to continue the discussion but as there are many people in the room who have been involved in those issues for a while may have comments or questions at that stage, I will open the floor briefly.
You have on your seat or on your table a leaflet that basically describes the components that the regime that is emerging or the framework that is emerging is composed of. And basically, it's built around two pillars, one regarding how the requests are being formatted and transmitted, and that includes what Ankhi was mentioning regarding request format, and elements in particular ensuring that there is a legal basis for every request that is being mentioned in the request itself.
And that there's a notification of the user by default, plus databases for transparency reporting, and legal reference database so that there is a knowledge for all the different actors of what is the applicable law in the different countries. Today it's done by the different companies but it is naturally duplicated and it's out of reach for a lot of smaller companies.
So that's the first element of the regime that basically is about what I would call the plumbing, like, how do you format a request? How do you send it? And how is it computed?
The most important part that we will move to now is what are the criteria that are being used when the request is being sent to a private operator? And this private operator has to weigh a large number of criteria and make a decision that in many cases is close to what a court should be making.
And so before we get on to that particular element, if anybody has a question or a comment at that stage, we are already well in the discussion. Is there anybody? Or is it so clear that you just want to get to the next stage? Please. Okay. Is there a roving mic somewhere? Excuse me. Is there a roving mic?
Oh, yeah. Paul? So here, and the gentleman here, and then behind. Yeah. And Benedicto.
>> R. LANE: Hi, I'm Rick Lane with 21st Century Fox. One of the things that we found interesting was as part of the Aspen Institute's Aspen idea project they had a term in there called the seamless flow of information versus the free flow because of the jurisdictional issues.
An example of that is sort of the EU privacy directive and its relationship with the U.S. in terms of the safe harbor and that was created and you had completely different privacy laws with the U.S., and they were incompatible as one point and there was concern that the EU would cut off an information flow back and forth through the U.S. and they came up with a very interesting concept that allowed for the seamless flow, once the agreements were reached.
And that I think makes more sense in this jurisdictional fight because you're always going to have nations who want to protect their sovereignty, have different rules of law but what you want it to do is be more seamless. You start off with the default of free, free flow of information but then there has to be a seamless issue, and you try to work that out in a way that is seamless to the customers. It's never going to be perfect. We can't try to make it perfect but having the EU safe harbor kind of contract and relationships may be an interesting way to do it that allows for the seamless flow of information, and not just the free flow.
>> BERTRAND de LA CHAPELLE: Thank you. There's another wording that is floating around and that is being explored at the moment by the CG network which is, legal interoperability which is another ‑‑ we're all toying about those concepts.
I have if you don't mind, I will keep the panelists for after just this brief round, unless you want to chime in very briefly. But I have this gentleman, this gentleman, the lady here, and maybe another one there.
>> N. TANDON: Thank you. Good afternoon. And thank you for the opportunity. My name is Naveen Tandon, and I'm President of the Global Carriers Association in India called ACTO. I have a comment and a question. Going by the title of the workshop it says will cyberspace fragment along National jurisdictions? In my view isn't it already fragmented? It is. And there are two aspects which I would like to bring to the gathering today. One, when we talk about mutual Treaties, global networks, we feel that the cyberspace is already interconnected. It's not fragmented because of the legitimate need to be sharing information amongst each other to be more secure because you don't become secure if you sit in your room and just lock the door.
Second aspect comes from, and I'm not sure whether this forms part of the deliberation, is on the legitimate and the perception around how a country views the cybersecurity or cyberspace, and from that it comes the need to protect its own turf with respect to forming its own legislations and procedures to handle a request for lawful interception or for any other requirements.
So the question here is that is it good that the present system of having a connected cyberspace is good for the world? Especially the Internet and the cyberspace? Or we're happy to have country‑specific legislations and once in a while talk about a globally connected cyberspace. Thank you so much.
>> BERTRAND de LA CHAPELLE: Thank you. On a personal basis I'll come back to that, not as a Moderator. I have one comment on this.
Please, Sir. The lady next. And there was somebody behind. Is there anybody else in the audience? Michael.
>> M. DEMOUSSIS: My name is Michael Demoussis from Greece from the University of Patras and I'm a lawyer, too. So I think we live in an international order where we divide the world between states and international space and we have the seas and the air as international space, and the State territories.
So if you ask any German or Greek or Austrian or Swiss student about what is a state, what are the elements of a state, he will tell you it is the definition of Yelnik of 1911, this is three elements. This is one people and nation. This is a power over these people. And this is a space, geographical space.
Now the problem is if we can transfer this traditional definition of the State, also to the cyberspace, and if we can distinguish between cyberspace which is National and a cyberspace which is international, or if it is impossible for definition and if the cyberspace can only be international.
And so then the question is: If there is a claim of any state over this cyberspace that is related to its own existence, to its own place in the world.
And that's my question, number one. And the second is a small introduction to the second part of this session. As a practical lawyer, I had very, very recently a very strange request. A Czech user of Facebook publishes some statements about an Indian yoga organisation that might have had some negative let's say negative reactions or actions on there.
So I have been asked by the Greek organisation of this international yoga Association to act against the Czech Facebook user from Greece, because on the basis that this information is accessible from Greece, so anything that is accessible from a place justifies the application of a certain law against this person.
And so this is a question that we have in the second part so thank you?
>> BERTRAND de LA CHAPELLE: This is the typical type of case that we're confronted with. Just a very brief remark on the two last questions.
One of the objectives, I mean, the subliminal objectives of this kind of workshop and the work that is conducted, is to try to get mentally out of the dichotomy of it's either purely territorial and nation based or completely international or even Regional. One of the biggest challenges is particularly the platforms, and the operators have created cross‑border spaces, and the challenge is: How is the co‑existence of different norms managed in those shared spaces, i.e., how does sovereignty exercise itself on territories that are not bounded by very strict limitation in sovereignties that are not separated, but sovereignties that have to be co‑existing in transborder spaces, because otherwise as Guy was saying, we're killing the benefits of having the Metcalfe effect and the cross border.
Madam, and then the gentleman here and then Michele.
>> S. LUDFORD: Thanks very much. I'm afraid I'm not going to continue not on an abstract level, but on a practical one. My name is Sarah Ludford, a member of the Upper House, the House of Lords of the British Parliament, but until May, I had for 15 years been a member of the European Parliament. And I just wanted to react to the comments by the gentleman from 20th Century Fox about safe harbor, because unfortunately safe harbor has been extremely controversial in the recent past, not least following the Snowden material.
And the European Parliament actually voted to suspend safe harbor, and even, I mean you can see that even between the EU and the U.S., it is extremely difficult to create a space in which there is mutual confidence and mutual recognition of Data Protection and privacy norms, and thus you get obviously conflicting claims to jurisdiction, and so the idea would be indeed to create a space of interoperability and it looked like we were sort of making progress towards that. But that has rather been thrown into reverse.
Even to the extent that at least in a draft version of the report, the European Parliament did in the second half of last year on surveillance there was talk about a European cloud, to which some of us objected, and I think it got its way out. What on earth is European cloud, I asked, not innocently.
But that did lead us in the draft reform of Data Protection law to set up, if you like, an intentional tension which is to say that if companies have European ‑‑ data belonging to Europeans and it is subject to a foreign court order, i.e. FISA, or e.g., FISA, the FISA Court, then it could not be handed over except in the context of an international agreement. That of course sets up the conflict of jurisdictions, and I mean, of course, no doubt Europeans would say that's not extra‑territorial jurisdiction because it's about our data arising on the territory of the EU.
But I just wanted to really to slightly rain on your parade in the sense of saying, unfortunately safe harbor is not kind of going very well at the moment.
>> BERTRAND de LA CHAPELLE: Without opening the particular basket of access to user data in general and privacy, you're aware of the court process at the moment in the U.S. regarding data that is managed by Microsoft in European data centers that are being requested to be communicated in the U.S.
I think these ‑‑ if I can make a thread before giving the floor, one thing that is emerging clearly is that actors are currently wondering, what are the applicable rules? And in most cases if there is one thread and I see nodding, I mean, the problem of what I think it was Ankhi or maybe I'm wrong, but the lack of predictability, or was it Elvana? I don't remember. Somebody at the beginning said: The lack of predictability, the worst thing in law, the worst thing in the legal system is when you don't know what is applicable because you get Forum shopping, you get going around.
You get bad implementation of rules. And the challenge is that today, we are in an environment where each actor apart from meetings like this one, this is why we wanted to have the workshop here, is taking decisions on its own in a type of prisoner's dilemma situation where you don't know what the others are going to do. So this is why processes that can be intergovernmental organisations with the different actors, or when there's a meeting like was done in NETmundial or in our processes, getting the different actors together is so important.
The gentleman over there. Then Michele.
>> Can I make a response?
>> BERTRAND de LA CHAPELLE: I'd like to not open a debate.
>> R. LANE: I wanted to clarify I was talking about a format of exchange, not that the save was the perfect but to have the seamless flow of information to allow for transborder transactions of information back and forth.
>> BERTRAND de LA CHAPELLE: But I think there's a post‑workshop discussion on that.
So I had the gentleman over there, then Jimmy, then Michele, then Igor. That's good. I'm glad that the ‑‑ the microphone to the gentleman here? Just behind you there.
>> A. JAMES: Hello? Ashley James with Chalmers & Associates. I'm actually responding with a kind of general question because the idea of fragmentation at least as I understand it being discussed is something about the kind of view, kind of transparency within the space, but from all points, then as uniform as looking at all other points.
>> BERTRAND de LA CHAPELLE: The cloud.
>> A. JAMES: And whether or not that is being in some way distorted or affected. But at the same time, my question is: Does the Internet in a way have properties that help it sustain its own kind of uniform transparency?
An example of this is how quickly Mr. Cerf mentioned the VPN technology, things like this emerge and how this behavior then proliferates and allows users to in a way bypass attempts at fragmentation of the view within the space.
And then these kinds of behaviors are recognized later so very recently, in the Canadian exceptions to the copyright laws, for user generated content there's an exception that's also being review in the Irish review of the law. And part of the way that they're being sustained, these exceptions, is to basically align copyright law with the expectations of the users, but the user expectations are evolving in sort of emerging in relation with emerging activities, seem to arise within the Internet because of some of its technical properties, and because of the practices within the community.
So my question is, in a way, does the Internet have a kind of properties or ‑‑
>> BERTRAND de LA CHAPELLE: So a self‑healing system?
>> A. JAMES: Yeah, in a way. The capacity to protect itself and to maintain a kind of uniformity of transparency within it.
>> BERTRAND de LA CHAPELLE: Thank you. Igor and I think I will come back to the panel because time is moving forward. And you, sorry.
>> J. SCHULZ: I'm being fast. Jimmy Schulz, I'm from the Internet. I'm speaking for digital‑guerrilla.org. I'm glad Vint Cerf is here for the discussion because he's one of those who developed the Internet Protocol. When it used to be very stable and an urban legend said it was even prevented to survive a nuclear war and in fact it survived quite a number of Governments and lawmakers so far.
And now the question: So how do you deal with the fact that the net will always find a way around, and around laws?
>> BERTRAND de LA CHAPELLE: I don't know if I should answer this question. It's related to the question that was mentioned before. The routing around. The key question is whether the National laws should apply or not, and to what extent. I think the solution of circumvention is one thing that is contemplated in one dimension, but that doesn't solve the problem.
The problem, if you ask me as a French man or as a German citizen also is it good that there's this circumvention so that people in Germany can do hate speech that are absolutely contrary to the National law? I don't think it fits with the National framework of the way we want. When it is a very repressive regime where the law has been imposed and so on, probably yes and I think that's where the balance is.
But I have Michele and then Igor.
>> M. NEYLON: Thanks, Bertrand. Michele Neylon. I'm the Founder and CEO of Blacknight. We're the largest hosting provider and registrar in Ireland. I'm also several other things, but most of them aren't particularly pertinent to this conversation.
I think this session is very, very important, Bertrand. I think having as many views in the room discussing this is really important, because for a lot of us in the commercial Sector at the moment, this is a huge problem. For us as a hosting provider, we're looking at how do we expand and grow in the market? But at the same time we're also having to consider the risks.
If I start ‑‑ if I physically install hardware in Argentina or if I physically put hardware in South Africa, or in North America, what's going to happen with that? Which laws are going to apply? And I kind of know the answer.
I mean, the question you're asking is which laws apply, I think that it's kind of been answered in many respects because if you look at country codes for example, they're going to normally follow National law. And I sincerely doubt that any Government representative is suddenly going to say that Brazil's laws should be ignored in favor of Germany's laws or France's. Though I know Bertrand you disagree with that.
But that kind of thing, it's how do we actually move forward with that? How do you move forward in a fashion that allows for the respect of National laws, but without ending up in a situation where you end up with a fragmented Internet? I mean, the concept ‑‑ the concepts we're dealing with now are not going to go away. If anything, they're going to become more complicated.
I am amused that Vint mentions the issue around Downton Abbey. The same things happens with a lot of U.S. TV shows. The U.S. gets a TV show on a Saturday night. I might or might not have access to it on Sunday afternoon, using a variety of different technologies. But officially it will not air on Irish TV until Monday or Tuesday, and this is all down to, well, money ultimately. It's down to licensing, it's down to money, it's down to content control.
The other problem of course is when you're dealing with law enforcement and I see some of them sitting around the room here. And they have the MLAT but from what I have been told in various fora, it's a very, very slow, complicated process. So what ends up happening? It ends up where law enforcement try to sidestep these things, and push it on to private sector entities be they content platforms, search engines, advertising networks, domain registrars, hosting providers or others, to take action without going through a full due process.
I just think, you know, something has to give somewhere along the way. Thanks.
>> BERTRAND de LA CHAPELLE: Thank you. We have a list. I'm now closing the list of speakers because I want to finish with the panelists.
Sorry, the next one was I think Igor and then Mr. Sastrosubroto.
>> I. MILASHEVSKIY: Thank you. I'd like to support the basis of harmonization of National law. Let me bring the example. The Russian legal system is set up so that international Treaties is the priority. And the international regulation is above Federal law and National law. And let's take the example with the relation of Human Rights and freedoms. It happens the user has only the possibility to appeal to the local authority. And in case of Internet user, we are talking about common regulation and if the local authority has no regulation, or this regulation is not harmonized with the international, that's the problem. That's a gap we should fill in.
With the international regulation which does not exist today, that's the reason, the main reason we should focus on when we're talking about fragmentation.
>> BERTRAND de LA CHAPELLE: To pick on this, and I will give you the floor, and then refer to Benedicto before we finalize.
>> I. MILASHEVSKIY: To have something to harmonize with.
>> BERTRAND de LA CHAPELLE: To pick on the word harmonization and without belaboring, there's a huge distinction between harmonization on substance and harmonization on process. I think harmonization, that's a little bit the bet we're taking, harmonization on substances specially on speech related issues, and correct me if I'm wrong, is distant at best, very difficult, because the norms are going to remain very different, and in many cases, they are going to remain different because they're part of the identity of the different countries.
However, establishing an approach that ensures a better due process in the management of those requests and interactions is another type of harmonization that can help if not solve but handle the issues.
I think I need to mention that in the different interventions, we have different types of actors. Michele is a registrar, and it's a category of DNS operators that are working at the logical layer of the Internet. Ankhi was representing Facebook, and Vint, Google, who are working on the application layer. Michael Niebel, who made a brief comment, is on the providers level, as well. We had content providers.
Sir? We'll have to wrap up quick.
>> A.S. SASTROSUBROTO: Thank you, Bertrand. And my family name is rather difficult to spell.
>> BERTRAND de LA CHAPELLE: I'm familiar with that. Don't worry. A lot of people have problems with mine.
>> A.S. SASTROSUBROTO: Yeah. Let me step back a bit about the jurisdiction. I think in the real space, we always have this jurisdiction issue, and even when we are talking today, we have also jurisdiction issue. Now we are talking not on the Turkey side, legally, we are talking on the UN side, although it is written there Republic of Turkey and so on. But if I said something wrong or illegal under Turkish law, the Turkish police cannot do anything to me because I'm standing and speaking on UN soil, and it is normally written in agreement within the UN DESA and the Government. So in the real space it's a problem. Well, we know that there are many countries fighting because here they say that's my jurisdiction, that's your jurisdiction, and history showed us so many problems about that.
Now, if it is important in the real space, a big issue of real space, it is also important and will be a big issue also in cyberspace. So why not?
Now, in real space to some extent we have already some sort of convention for land, sea and air space, and we start to discuss about the other space, convention on other space in the UNGA, but my comment is that while other space is still very far away, outer space jurisdiction, we can see a lot of problem in the Hollywood movie, but not yet in the real life.
But the issue in cyberspace is already there. So it is in this respect that we need to discuss more and set up how we would like to solve the problem of cyberspace jurisdictions.
Now, before we come to a global Convention about this, before we can have an interoperable legal system in cyberspace, then as we have discussed in High Level Leaders Meeting in IGF in Bali, the default more or less, the default approach is to use good intention based on international cooperation and cyberethics, where hopefully all countries can accept that, and if a country have financial loss, other countries are requested to appreciate, to give respect to their National laws, and support each other.
So basically this is ‑‑ perhaps if this can be accepted as a default approach while waiting for a global Convention, and hopefully our cyberspace will be okay and we don't have fragmented Internet, fragmented jurisdictions in cyberspace. Thank you.
>> BERTRAND de LA CHAPELLE: Thank you. Before I give Michael I think Benedicto may have to leave so I will give him a priority, and then Michael, you will have almost the last word before I close.
>> BENEDICTO FONSECA FILHO: Thank you very much, Bertrand. I did not touch initially on the Brazilian Marco Civil framework because I thought that would not be maybe too helpful in the context of the discussion. Actually I thought it will be to use an example of National legislation it was very maybe an aspect that should be highlighted. It needs development. It had very strong multistakeholder participation, inclusivity, including by using the Internet as a tool.
It was approved by the legislative, and it provides some solutions in regard to net neutrality. There was a discussion on localization that was avoided in the end. It provides some aspects of the legislation that are applauded by everyone, others that are rather controversial but this went through Congress and this is something that followed due process according to our legislation.
So but I think the heart of the discussion here should be ‑‑ and I agree fully with your assessment that we are living, we must accept reality in which from a legal point of view fragmentation would be there and we have to live with that. So the proposal of your project which I think is very good is try to harmonize at least from the point of view of the procedural aspects, the due process that should be followed to try to organise the requests and the procedures, I think this is a good approach. It has to be whether that would lead to some actual solutions because in the end it might happen as it has been said that even following due process, we'll come up to a solution in which the person requested will prefer to abide with the law so it brings us to square one. In other cases such as an issue that has not been talked about yet but I think it's at the very heart of this discussion, another angle would be tax collection, which is something very important that should also be looked into at some point.
And just by, because I was, I had some information flowing into my computer coming from colleagues, what was said by my good friend and colleague by Joana, just to indicate that this piece of legislation that was adopted in Brazil and the protection for privacy that is provided there says that all user data can only be accessed through judiciary order, and everything will do will try to protect privacy. However, it says it has to be done under the Brazilian legislation and the Brazilian Constitution which is not overridden by the Marco Civil prohibits anonymity.
So in my opinion, it does not touch on the privacy aspect, but it forbids anonymity. To say something that is controversial especially from Civil Society that there is not an acceptance of this but it is enshrined in our Constitution. And it did not go away because we approved the Marco Civil. Thank you very much for giving me the opportunity. Congratulations for this project.
I think just to highlight also another point that wonderful NETmundial's recommendation was that this issue deserves to be pursued and be further developed by the global community so I applaud your efforts. I think this is very welcome and we'll be more than ready to contribute to this.
>> BERTRAND de LA CHAPELLE: Actually, thank you, first. But I also would like to mention, we didn't have the opportunity to discuss in detail another aspect, which was the drive and the call in some cases for data localization, i.e., having the data in the servers in the country and without getting into details, I encourage you to follow what the debate had become in Brazil because precisely you were starting from a position of strong data localization and you have incorporated in Marco Civil something that I call more scalable internationally than what data localization would have been so that's one element.
Michael, you have the last word, and then I will wrap up, please.
[ Audio technical difficulty ]
>> M. ROTERT: I'm from the German Internet Service Provider Association, as well as from the European Internet Service Provider Association, EuroISPA. I'm not sure and I was thinking all the time if either the question is correct, you put in with world cyberspace fragment along National jurisdictions, or if the question is valid at all. Given the future, having a look in the future, what is when real end to end communication comes into the scenario? And I think Vint knows what I'm talking about because that was foreseen in '69 already.
If you have no ‑‑ if there are services where you have no server in between, you don't know where ‑‑ you may not know where you end up in which jurisdiction, or in which legislation applies because you don't know where the other end is. Full stop. That's one scenario. But coming a little bit closer to the presence, what about all the apps in the Smartphones where you have no idea on what the manufacturer puts in, and where you have no chance to modify it or to go somewhere else? And you may end up in illegal areas where you even didn't want to go to. That's my 5 cents.
>> BERTRAND de LA CHAPELLE: That's a fair point. We are unfortunately at the limit of this discussion. Joana, you wanted to make a very quick comment?
>> JOANA VARON: Yes, sure. Just a close remark is that while we could see these discussions is always when there is a jurisdictional conflict we always having one side law enforcement and companies and if we don't really thinking about a process which is open that involves users, users will be always be set aside.
So ‑‑ and then that's my closing remark. Yeah.
>> BERTRAND de LA CHAPELLE: Well, I'll make a very rapid wrap‑up. You have the brochures regarding the project and I encourage you to go and watch the presentation of the flash session on Tuesday.
What I just wanted to highlight, and the purpose I think that has been largely demonstrated of the workshop was to explain why this is needed. So fundamentally it's not about what we are doing. I could go on for another two hours on the different components of the regime, and the difficulty of establishing or the importance of establishing dispute resolution mechanisms, dispute management mechanisms. What I wanted to highlight and I think it has been proven, and I'm extremely grateful for the different panelists who have accepted to be numerous and therefore to have limited time for themself to make statements, I hope each of you has also benefited from hearing the way the others was perceiving it.
The nutshell is, we are in an environment where this hodgepodge of norms and rules is making the situation so unpredictable by everyone that the biggest danger is this legal competition where everybody will take decisions that look normal, legitimate on their side, and cumulatively may have detrimental effects or unintended consequences, not only unpredicted but long‑term. There are dynamics. I give you just a very quick example. The fact that GeoIP filtering is increasingly used to manage this question of what is the legal content, access in one country or the other has a potential impact on the way the IP addresses might be distributed in the future, and the way it might be attached to the devices and facilitate surveillance and so on.
So there are many interconnections between the different topics.
If I can hope you leave with one message, it's that on all of these issues, there will not be probably one overarching framework. But even if there are efforts, and I don't want to open the debate that Igor was mentioning of whether there should be an international Treaty or different Regional arrangements or other things, even if these efforts are doing something collectively, it should be more on an issue by issue basis, like trying to sort out specific criteria. What we are doing is on transborder requests for data ‑‑ sorry, domain seizures, content takedown and access to user data. There are other processes that can deal with other specific topics. But the need of having all the different actors around the table is absolutely obvious.
And I must say that I congratulate by the way Council of Europe or UNESCO and OECD as international organisations that tried to produce mechanisms for the different actors to work together. These organisations are also participating in the process. The work flow, the work plan for the project is to develop the specification, the technical specifications, of the interfaces that have been mentioning, to document the emerging norms and criteria, and to refine the procedures for dispute management.
That's going to take place in the coming months. If you want to ‑‑ I don't know if this is working ‑‑ if you want to have ‑‑ yeah, there it is. If you want more information, please go to the Internet jurisdiction.net site, follow our Twitter site, Twitter feed. There's a newsletter every month that you can subscribe to. Don't hesitate to connect with us.
And I would be remiss if I didn't thank in the end the different actors who are actively participating in supporting the project, and make our work possible. That includes companies that are Facebook, Google, Verizon, Disney, but also ccTLDs in Brazil, in India, in Canada, in France, but also the Sigrid Rausing Trust, PIR. ISOC has been funding in the past ‑‑ and I'm trying not to forget anybody ‑‑ and Switzerland has also been funding. So I hope you appreciated this workshop. There's no hope to cover this topic in one hour and a half. I hope it gave you a feeling of the kind of problems that we are all collectively facing, and we all have a responsibility to try to think about the impact of what we are doing individually on other actors.
And thanks to all the panelists for having saved this time in your agenda. And follow the work that they are doing, as well, because it is interesting.
Thank you so much.
[ Applause ]
[ End of session ]
This is the output of the real-time captioning taken during the IGF 2014 Istanbul, Turkey, meetings. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.