Internet Society - News Headlines

Tusheti Community Network One Year Later: Creating Impact, Sustainability, and Scalability

Internet Society - News Headlines - Mar, 11/12/2018 - 19:48

Connecting the most remote and challenging territories of any country to the Internet can be tough. Typically, Internet access spreads gradually from urban conglomerations towards smaller hubs, and finally, to the most remote and sparsely populated areas. This is just common business sense.

Many of these remote areas are unique in terms of their people, culture, and livelihood, and Internet access can make a world of difference. This was the case when the Internet Society, together with its local partners, launched the first community network in Georgia, in the mountainous region of Tusheti, in September 2017.

Creating Impact

One year on, the Internet has made a significant difference to the lives of the Tushetians. This week, the Internet Society published an impact assessment on the Tusheti community network highlighting the transformation in tourism, e-commerce, and people’s livelihoods.

The Internet has had a positive impact on tourism through more effective online advertising and sales, and through efficiencies in businesses operations. With these encouraging developments, local residents are investing in the construction and opening of new guesthouses. The Internet has also increased the levels of safety and mobility in this remote part of the world by providing a communications channel to the doctor and shepherds as well as by enabling remote work and additional income streams.

Sustaining the Network

Sustainability, both economic and technical, is a key consideration when building community networks. In Tusheti, the network is based on a non-profit model, which makes possible affordable connectivity and sufficient margins for equipment renewals and operational support.

Tusheti Development Fund (TDF), the network owner and operator, initially offered subsidized rates to increase Internet uptake and has since adjusted the price of connectivity, providing different options in relation to Internet speed. Monthly Internet traffic has risen from 3Mbps initially to 15Mbps at the end of the 2018 summer season. Due to harsh winters, some of the equipment has been replaced and TDF has employed a local operations coordinator to provide technical support. While further adjustments to the model are possible, the Tusheti network is finding its feet in terms of sustainability.

“Hauling the Internet to an Ex-Soviet Outpost High in the Caucasus Mountains”

In January, The New York Times profiled the Tusheti Community Network. The work was extra challenging thanks to the difficult terrain and unwieldy nature of loads that had to be brought up by packhorses.

Scaling Community Networks

Following the success of the Tusheti project, the Internet Society signed a Memorandum of Understanding (MoU) with the Georgian government in the autumn of 2018 to support another community network initiative in Georgia, in the Pshavi-Khevsureti and Gudamakari regions. This network will cover 67 villages, 3 high schools, and nearly 500 families, which makes it many times larger than the Tusheti project. The operational model will remain the same – the network will be owned and operated by a non-profit entity “Mountain Community Network.”

In one year, we have moved from what was essentially a pilot project in Tusheti to a replicable and scalable approach to connect communities in remote areas. The Mountain Community Network will benefit from a wide partnership – government, business, and civil society – providing support in the shape of funding, equipment, technical expertise, and project management. The Georgian community has endorsed community networks as an innovative approach to provide Internet access in the most remote areas.

The Mountain Community Network is expected to become operational in the summer of 2019.

Read the Tusheti Case Study and learn how community networks can help close the digital divide.

The post Tusheti Community Network One Year Later: Creating Impact, Sustainability, and Scalability appeared first on Internet Society.

Senegal Kicks Off Enhancing IoT Security Project

Internet Society - News Headlines - Mar, 11/12/2018 - 16:00

On April 4, 2018, the Canadian Multistakeholder Process: Enhancing Internet of Things (IoT) Security held its first convening in partnership with the Canadian Internet Registration Authority (CIRA)CANARIEInnovation, Science and Economic Development (ISED) Canada; and the Canadian Internet Policy and Public Interest Clinic (CIPIC). Over 80 participants from government, academia, public interest, industry, and other organizations attended the first meeting and many have continued to engage at in-person and virtual meetings ever since. Over the past eight months, this group has experienced significant success in the areas of consumer education, labeling, and network resiliency. And these achievements have been well-noted on a global scale.

A delegation from Senegal came to Canada in July to meet with members of the Enhancing IoT Security oversight committee. The group was comprised of government officials, Senegal Chapter members, and staff from the Internet Society’s African Bureau. The delegation met with Canadian government officials, technologists, public interest groups, and North American Bureau staff to learn more about how and why the IoT security project was initiated, and what the group had accomplished to date. The group discussed the significant successes the Canadian multistakeholder group had already achieved, the challenges it faced, and goals for the project.

These conversations ultimately aided the delegation in its decision to replicate the Canadian process to enhance IoT security in Senegal.

On November 28-29, the Internet Society and its Senegal Chapter, in partnership with the Ministry of Communications, Telecommunications, Postal Services, and Digital Economy (MCTPEN) and the Telecommunications and Postal Regulatory Authority (ARTP) hosted the inaugural Senegalese Multistakeholder Process: Enhancing Internet of Things (IoT) Security. The Internet Society’s President and CEO, Andrew Sullivan, and I were grateful for the chance to attend and share some of the lessons learned from the Canadian process and the Internet Society’s involvement in IoT security globally. We were both highly impressed by the participation and engagement of this group, and encouraged by the motivation by all involved to work together to make a secure network of IoT devices a reality in Senegal.

On the first day of the meeting, Dawit Bekele, Regional Bureau Director of the Internet Society’s African Bureau, introduced participants to IoT, its potential positive impacts, and the security risks it poses to both consumers and networks. The group then heard from Hu Xianhong, the UNESCO representative on the Internet Universality Index project in Senegal, and Professor Ahmath Bamba Mbacke, from Cheikh Anta Diop University (ESP), about the state of IoT in Senegal.

Participants were also introduced to the idea of the multistakeholder process, its key characteristics, and some best practices the Canadian multistakeholder group has learned. These included utilizing the members of the multistakeholder group to continuously identify and reach out to new stakeholders, maintaining momentum through continuous engagement between full-group meetings, and ensuring that meetings are facilitated by an invested moderator – preferably someone who is both a subject-matter expert and familiar with the multistakeholder process.

The Senegalese participants were also interested to hear about the work that the Canadian multistakeholder group has already accomplished through its working groups on consumer education, labeling, and network resiliency. They plan to utilize the groups’ outputs, and the experts involved in their creation, as they move forward in this process.

On the second day of meetings, Andrew Sullivan; M. Abdoulaye Blade, Ministre de la Communication et de l’Économie Numérique; Ndeye Maimouna Diop, Chair of the Senegal Chapter; Alpha Abdoulaye Thiam, Director of Information Systems at ARTP (Regulator); and Souleymane Diallo, Chief of Staff of the Minister of ICTs (MCTPEN), kicked off the sessions with a conversation on the risks and opportunities IoT poses. The participants then split themselves into three groups for further discussion regarding what they consider to be the most important factors impacting the following in Senegal:

  • Security impacts on critical infrastructure
  • Security by design
  • Consumer protection

Each of the self-selected groups reported their priorities for these issue areas back to the full group, which will use the conversations as the foundation for future workshops.

Importantly, throughout the second day participants reiterated many times the importance of collaboration – both on a national and global scale – to improve IoT security, prevent consumer harm, and encourage technological innovation. This is a theme that we have consistently heard during the Canadian IoT security meetings, showing that the multistakeholder model is an important and valued approach to solving complex Internet issues around the world.

We hope that these meetings will lead to future, fruitful discussion between Canadian, Senegalese, and other global states dedicated to securing the Internet of Things.

For more information and to watch a livestream of the event, please visit our website.

Read Why the Multistakeholder Approach Works and demand that your voice is counted for a secure IoT!

The post Senegal Kicks Off Enhancing IoT Security Project appeared first on Internet Society.

Murambinda Works Community Engagement Workshop in Buhera: Meeting Challenges with Opportunity

Internet Society - News Headlines - Mar, 11/12/2018 - 14:00

Over 100 community members, including head masters, government officials, teachers and heads of primary and secondary schools gathered in Buhera rural district council of Zimbabwe on 15 November, eager to engage in discussions related to the initial deployment of the Murambinda Works Community Network. Schools, health and the local authority facilities have been earmarked as the initial benefactors for the inaugural roll out of the Murambinda Works Community Network.

The CEO of Murambinda, Mama Emilie gave a welcoming speech followed by the district school inspector of Buhera who talked about the importance of equipping their schools with ICT. “We cannot imagine a good curriculum that has not taken into consideration ICT. The partnership with Internet Society is a blessing to the district. We want to support it until infinity,” he said. The inspector also mentioned some of the challenges they are facing in their schools including the lack of power, unavailability of computers and connectivity. (Since 2015, 1200 teachers have been trained in ICT, but couldn’t do much with their acquired knowledge.)

TelONE, the national Telecommunications parastatal company with infrastructure in Murambinda Town, was also present at the workshop. “One man cannot make it but we can work together and get everyone connected,” the representative said, which gave everyone present hope that the Service Provider will also support the community network.

The board member of Murambinda Works noted that community networks are real projects that need the support of real leaders. He stressed for the need of a right mind set change as connectivity results of individual and community empowerment. “In community networks, no one must be left behind. The community must be part of the revolution,” he added.

A representative from the department of health also spoke about the advantages of being connected in a hospital. She gave the examples of how connectivity could promote the e-health system and the continuous professional education of doctors.

In his presentation about understanding community networks in Africa, Michuki Mwangi highlighted that the Internet is a network of networks and everyone should have access to it. “Africa still remains to be the least connected continent in the world. We need to connect the rural areas. The community needs to come together and build their own solutions to connect the unconnected.”

He also explained that community networks provide cheaper alternative connectivity compared to what is provided by mobile operators. Furthermore, access provided by community networks can be used to leverage education and employment opportunities while promoting innovation and creativity.

Solomon Kembo, president of the Internet Society Zimbabwe Chapter, also gave a short presentation on what the chapter is doing with regards to IoT and using Raspberry Pi as a cheap computing resource for education purposes. The participants who were largely teachers were very interested in the Raspberry Pi as an inexpensive alternative given that it can work off grid – as a low-powered device for the schools that are looking to build labs.

Murambinda Works initially started in early 2002, as an Internet café providing connectivity to the community. The café also offered printing and photocopying services in order to sustain the connectivity that was there. Later on, partnering with the Ministry of Education, Murambinda Works introduced a training on computer literacy aiming at building the capacity of teachers in ICT. The training was given across the entire district of Buhera covering close to 218 primary and secondary schools.

“After the training was given we began to receive requests for connectivity from the teachers of the various schools in the district. When people think of connectivity they think of Murambinda Works. So that is when the Internet Society came in,” said Joseph Bishi, member of Murambinda. Now, once the infrastructure for connectivity is all in place, the Murambinda Works Community Network will be connecting 8 schools, 1 nurse training school, and offices of the Ministry of Education as well as the local authority.

There is a lot of excitement and support from the authorities and members of the Buhera community towards the initial deployment of the Murambinda Works Community Network. Participants were able to see demonstrations of locally-developed solutions that offer use cases with great benefits for rural hospitals and schools. Remarkably, during the workshop, the district CEO approved a proposal for land to be donated to Murambinda Works to build a permanent facility for their network operations. This outcome was a clear indication of trust and intrinsic relations, with all the local stakeholders, and an important factor for success of the community network. Many left the community engagement workshop with a strong belief that connectivity indeed results in individual and community empowerment.

Community networks are for the community by the community, and the people of Buhera are ready to own their community network and support its growth as they go forward. In community networks, much of the work is human social engineering, hence the role of women is also seen as critical in this community.

“I thought that the Gombe mountain was important because it brought rain, but now I see that it is also important for bringing the Internet,” said the Chief of Gombe area in his closing speech. Gombe mountain is a high point 16 kilometers to Murambinda town and will host one of the main masts for the community network. The workshop closed with traditional blessings from the elders leaving everyone enthusiastic for the connectivity to come soon.

Community networks work! Become a part of the movement. #SwitchItOn

The post Murambinda Works Community Engagement Workshop in Buhera: Meeting Challenges with Opportunity appeared first on Internet Society.

The Week in Internet News: Australia Adopts Controversial Encryption Law

Internet Society - News Headlines - Lun, 10/12/2018 - 15:30

Australia vs. encryption: The Australian Parliament has passed a law that requires tech companies to give law enforcement agencies there access to encrypted communications, the New York Times reports. Several tech companies and privacy groups opposed the law, saying it hurts efforts to protect data from hackers. Fortune, which called the law “draconian,” says it will create headaches for large tech companies.

Slow rolling: While several news stories this year talked about quantum computing being an eventual threat to encryption, that possibility is still more than a decade away, according to a report from the U.S. National Academies of Sciences, Engineering, and Medicine. The U.S. may need to invest heavily in quantum computing to retain a global lead in the technology, the report recommends. Nextgov has the story.

Filling the pipes: Botnets of compromised Internet of Things devices make up more than three quarters of the malware on communication service provider networks this year, up from 33 percent of the malware in 2016, Infosecurity reports. Hackers are increasingly targeting IoT devices instead of PCs and other traditional systems.

Blockchain tackles phishing: A company called MetaCert wants to use blockchain to help fight the scourge of phishing emails, Wired.com reports. The company has been complying a database of web addresses known to be used by phishers and a database of safe addresses, and it plans to use blockchain to help people submit addresses for the lists.

Router mining: About 415,000 routers are compromised by cryptocurrency miners, BTCManager.com says. The number of compromised routers has grown significantly in recent months.

Do you know the risks of what you’re buying? Get IoT smart!

The post The Week in Internet News: Australia Adopts Controversial Encryption Law appeared first on Internet Society.

Future Thinking: Orla Lynskey on Data in the Age of Consolidation

Internet Society - News Headlines - Ven, 07/12/2018 - 16:36

Last year, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed Orla Lynskey to hear her perspective on the forces shaping the Internet’s future.

Orla Lynskey is an associate professor of law at the London School of Economics and Political Science. Her primary area of research interest is European Union data protection law. Her monograph, The Foundations of EU Data Protection Law (Oxford University Press, 2015), explores the potential and limits of individual control over personal data, or “informational self-determination’” in the data protection framework. More recently, her work has focused on collective approaches to data protection rights and mechanisms to counterbalance asymmetries of power in the online environment. Lynskey is an editor of International Data Privacy Law and the Modern Law Review and is a member of the EU Commission’s multistakeholder expert group on GDPR. She holds an LLB from Trinity College, Dublin, an LLM from the College of Europe (Bruges) and a PhD from the University of Cambridge. Before entering academia, she worked as a competition lawyer in Brussels and as a teaching assistant at the College of Europe.

The Internet Society: You recently edited a symposium edition of International Data Privacy Law (IDPL) in which you argue that the interplay of law related to data protection, competition, and consumer protection is at a crucial crossroads. Why, and how does this play out in the Internet domain?

Orla Lynskey: These areas of law are at a crossroads in two senses. The first is that there has now been increasing recognition from regulators that they do overlap in some circumstances. A good example of this is the reference in the Microsoft/LinkedIn merger decision to data protection as a parameter on which firms compete, or the claim that Facebook is abusing its position of market power by making access to its service conditional on excessive data collection on various third-party websites being investigated by the German Competition Authority. However, we are also now at a crossroad in a second sense: having recognised that these areas of law need to be applied in a holistic manner, we now need to consider from a practical, procedural perspective how this overlap can be managed.

You’ve written elsewhere that digital consolidation can have an effect on digital inequality by giving platforms not just market power, but also the “power of providence.” What do you mean by this and how does it impact marginalised communities in particular?

Providence is defined in various ways, including as a form of non-human influence that controls people’s lives. I argue in the paper that dominant digital platforms have a “power of providence,” as they are – like the eye of providence – all-seeing: they have the ability to link and analyse diverse datasets in a way that provides a comprehensive overview of the lives of individuals, rendering them transparent in the process. Furthermore, they can use this unique vantage point in order to influence individuals in ways that we might until now have viewed as dystopian, for instance through personalised political advertising. Finally, the Internet’s architecture and the terms used to describe its processes (for instance, “machine learning”) give the false impression that the way in which our data is used to influence us online and nudge us in particular directions is untethered from human input, or is “neutral.” In this sense, it is given a quasi-divine status.

I suggest that this power of providence can have the particularly pernicious effect of exacerbating existing societal inequalities. I argue in the paper that this ability to use data to influence people can be used to discriminate, to differentiate and also to create perceptions. For instance, I was able to draw on the work of other scholars to indicate that data mining facilitates differentiation on the basis of socioeconomic status, which is not something that discrimination law prohibits. This research suggests that the poor are subject to more surveillance with higher stakes and are particularly vulnerable to data mining processes as a result of the devices used to connect to the Internet (notably, mobile phones which are less secure than other devices). While differentiation via data mining is not the sole purview of platforms which such power, their privileged position gives them superior data-mining capacity and means the existing information and power asymmetries are exacerbated.

Can competition law challenge the power of providence? What about data protection law? How can these work together to protect digital rights?

Competition law provisions are the only legal provisions explicitly designed to constrain the exercise of private power and so it makes sense to consider whether they can be of assistance in challenging this power of providence. I believe that, at a minimum, competition law should not make matters worse by, for instance, facilitating data-driven mergers that further consolidate our data in the hands of a very limited number of private actors. However, in some circumstances competition law could also limit abusive behaviour – for instance, exploitative terms and conditions for data usage – by firms with market power.

That said, competition law has its own limits and should only ever be a part of the overall jigsaw puzzle, with data protection law playing a leading role in regulating how our personal data can be used. To date, EU data protection law has not been robustly enforced, but I am one of those who remain optimistic that with stronger enforcement this system could be really effective.

If data protection, consumer protection, and competition law are all important in challenging harmful digital dominance, how do the different regulatory agencies responsible for dealing with these respective issues work together without encroaching on each other’s domains? Is there a need for better multistakeholder collaboration in this regard?

It is this question – of the division of labour between regulatory authorities – that has yet to be really ironed out. Ideally, as the European Data Protection Supervisor has proposed, these agencies would collaborate with one another under the auspices of a “Digital Clearing House,” or something similar.

Germany recently announced plans to try to curb digital dominance using competition law. Have you noticed any trends when it comes to other competition authorities’ responses to tech dominance around the world, and particularly how they are defining relevant markets?

There is definitely a growing recognition of the power of technology companies amongst regulators, and the wider public. This may be where competition law hits its limits, however: competition law provisions do not prevent a company from acquiring a position of market power, they simply make it unlawful for that company to abuse that position of market power in a way that is exploitative or that would exclude equally efficient competitors from the market. Economic regulation could, for instance, force tech companies to ensure structural separation between various operations (e,g., a structural separation between Facebook and WhatsApp). However, this would require legislative intervention.

The exception to this is in the context of mergers, where competition authorities get to look at the potential future impact of a transaction on the market. Here, I have argued in the past that data-driven mergers should be treated in an analogous way to media mergers and subject not only to an economic assessment but also to a broader non-competition assessment to gauge their impact on data protection and privacy. This is one of the ideas being considered in Germany and I think it is likely other competition authorities will introduce similar measures in due course.

What do you think of the idea that user data should be given digital property rights (i.e., that platforms should pay users for their data)?

Property rights in personal data are a terrible idea: they offer no real advantages compared to the current legal framework and risk exacerbating information and power asymmetries while undermining data protection as a fundamental right. Giving property rights in data would not strengthen our hand when it comes to negotiating with the tech giants, rather it would simply mean that we would lose all rights over that data once we entered into contracts with these companies. I also worry that going down this route would make data protection a luxury that can be enjoyed by those who could afford not to have their data processed, even perhaps creating the skewed incentive to reveal more data, or more sensitive data to profit from it. This is incompatible with the EU Charter right to data protection. I discuss this issue in my book on the foundations of EU data protection law. 

Is there hope in data portability as a way of countering data effects and addressing consolidation concerns?

Potentially. One explanation for the GDPR right to data portability is that it may empower consumers to switch service providers if they are unhappy with a service (for instance, to switch from Facebook to a mythical alternative if you are unsatisfied with the quality of the data protection offered). However, as I discuss in my research, the impact of this right on competition and innovation is ambiguous. It could, for instance, deter innovation by locking in the standards used by incumbent companies or increasing the costs of startups. This is all the more so as it does not require interoperability. However, whether interoperability is desirable from a data protection perspective is equally contestable. I would suggest that portability should be viewed through the lens of individual control over personal data rather than simply as a market tool, given these ambiguous effects.

What are your fears for the future of the Internet?

My main fear about the Internet is that a medium which promised so much for the advancement of rights – such as freedom of expression and of association – may end up having corrosive and divisive real world effects. One of the advantages of the Internet was that it offered people the opportunity to connect with those with similar niche interests (the Eric Cantona Appreciation Society, for example) but the personalisation of all content, including for instance political content, may push this to an extreme. That is not to say that personalisation is the only factor feeding into this concern, needless to say.

What are your hopes for the future of the Internet?

I think the Internet at present is based on a data bubble that needs bursting. The primary example of this is the excessive data processing that online behavioural advertising entails. Even if we could argue that processing of personal data is the quid pro quo for access to online services and content that are free at the point of access, the amount of personal data processed for that exchange is clearly disproportionate. Regulators have not yet gotten to grips with this but data protection law provides a potential ground on which to challenge this processing: when considering whether consent is freely given, utmost account needs to be taken of whether the service is made conditional on consent to unnecessary processing. I have not yet seen any empirical evidence that convinces me that online behavioural advertising is so much more effective than contextual advertising that it justifies this excessive incursion into our rights.

We’re getting ready to launch the next Global Internet Report! Read the concept note and learn how the Internet Economy might shape our future.

The post Future Thinking: Orla Lynskey on Data in the Age of Consolidation appeared first on Internet Society.

Jason Donenfeld Honored with the ISRG’s Radiant Award

Internet Society - News Headlines - Gio, 06/12/2018 - 18:20

Earlier this week Jason Donenfeld received the Radiant Award from the Internet Security Research Group. Jason is an accomplished engineer and a creative thinker, which makes his work clean, simple, and takes it a step beyond – most notably in WireGuard, an open-source secure VPN tunnel.

We are proud to have enabled this award. Let me explain why.

At the Internet Society we care a great deal about the technologies that help to establish trust between people around the globe, while those people may have never interacted before.

One of the groups we proudly partner with is the Internet Security Research Group, the non-profit behind the Let’s Encrypt initiative. In the 4 years since Let’s Encrypt was launched, it has changed the landscape of web traffic encryption. Whereas in 2014 around 30% of pages loaded by Firefox where loaded over a secure channel, that number has increased to over 75% by now. I believe that rise in secure web traffic is in large part the result of the work by Let’s Encrypt.

Before 2014 it was somewhat costly to get a web certificate, a critical piece of authentication material that is the basis of establishing global trust. Both in terms of money as well as operational costs – these things had to be configured and maintained. The genius of Let’s Encrypt is that it reduces both to being nothing. They provide the certificate for free and allow for a fully automated workflow.

Obviously the Let’s Encrypt operation itself costs money. It must provide a secure and reliable service and that means system, network, security, and software engineers have to do real work. The funding for that is provided by sponsors, such as ourselves. However, the Let’s Encrypt project relies on the vision and the capabilities of engineers who put their minds to making the Internet more secure and privacy respecting.

We often forget that technology can have a huge impact on how we operate with our society, and often we miss out on recognizing the leading vision of engineers. The Radiant Award addresses that. It identifies individuals whose contributions make the Internet more secure and privacy respecting. It gives them a face and a voice.

Making the Internet more secure is not exclusively the realm of a few big tech companies, it is the work of millions of professionals who strive to make society better by making the Internet a little better. The IRSG’s Radiant Award honors the work that those professionals do outside of a corporate structure, work they do on their own time because they think it is important to help improve the Internet. That is why we are proud to help honor to Jason Donenfeld, who shares his own thoughts in this blog.

The post Jason Donenfeld Honored with the ISRG’s Radiant Award appeared first on Internet Society.

A New Voice Joins the Chorus: Welcome to the Colombia Chapter!

Internet Society - News Headlines - Gio, 06/12/2018 - 11:29

A new Internet Society Chapter has been founded within the Regional Bureau in Latin America & Caribbean. The creation of the Colombia Chapter is today officially announced at Universidad del Rosario, in Bogotá.

Our desire is to extend a gracious and inclusive welcome to all the 67 founding members that have been active members of the Internet Society for several years, and to the ones that have recently joined the community to be part of the Chapter.

The Chapter invites you to join the live broadcasting starting at 8:00 AM (UTC-5) with eminent guests speakers such as Juanita Rodriguez Kattah, Former Vice Minister of Digital Economy, Hugo Sin Triana, Director of Innovation in Info Projects, Valérie Gauthier, Director of the Department of Applied Mathematics and Computer Science (MACC) at the University of Rosario, Nancy Quiros, the Internet Society’s Chapter Development Manager for Latin America and Caribbean Region, and Javier Pinzon, Member of the Colombian Internet Governance Forum.

The large attendance (approximately 120 participants) at the launching event, speaks to the need for a Chapter to join the Colombian community’s efforts to ensure an open, globally connected, trustworthy and secure Internet for everyone.

The Chapter will encourage the need to generate programs, projects, and initiatives for social development in Colombia supported in the massive access and use of the Internet. The team has a great multistakeholder set-up, including the public and private sector, the technical community, academics, students, civil society, and Internet users.

A community of like-minded individuals and entities will collaborate on the development of different projects in several key interest areas: Internet Exchange Points (IXPs), IPv6, cybersecurity, youth, the gender divide, connecting the unconnected, public policy, and especially the implementation of Community Networks and Internet of Things (IoT), currently fostered by the Internet Society through comprehensive campaigns offering a wide range of activities.

“Currently the Colombia Chapter has more than 450 members nationally and internationally,” says Martha Liliana Sanchez Lozano, president of the new Colombia Chapter. “Our Chapter will be always made up of individuals and multiple stakeholders, who share an interest and belief in the principles and values of the Internet Society for the benefit of all citizens and residents of Colombia.”

What are the main objectives?
Our objectives are guided by the “Drivers of Change” and critical areas of impact for the Internet of the future that have been identified in the Internet Society’s 2017 Global Internet Report  and the Internet Society 2019 Action Plan adapted to the Colombian context.

  • Generate and promote spaces for dialogue, meeting, participation, and collaboration on issues that affect the evolution of the Internet
  • Join efforts, complement, and work collaboratively with the Colombian Internet Governance Forum (IGF) and other actors to encourage the development, evolution, and use of the Internet.
  • Promote the development and strengthening of the Internet infrastructure in Colombia.
  • Promote the adoption of all types of measures aimed at increasing the confidence and security of people in accessing and using the Internet for the healthy development of the digital economy in Colombia.
  • Support the identification and search of solutions and cyber security measures that improve the protection of individuals and enterprises that access and use the Internet in Colombia.
  • Encourage the development of expertise, know-how, and skill to face the Internet of the future.

During the next few months, you will be also learning about our initiatives to help Colombian women and youngsters on reaching the Sustainable Development Goals.

What are your plans in terms of membership and self sustainability?
Initially we will use a management model where no annual fees will be charged to the Chapter members and we will focus on consolidating a model of self-financing and financial autonomy in which donations that can be obtained from allies and organizations associated with the Chapter will be an important income, but not the only one of its kind. The General Assembly that will be conformed with participation of all Chapter members, may determine the future financing schemes aimed at strengthening the Chapter financially for the development of its corporate purpose and the execution of the planned activities. These schemes can be of two types: annual membership dues and donations.

We encourage people to be part of the Internet Society and the Colombia Chapter, as well as to mobilize volunteers who wish to participate in the development of the different activities of the new Chapter. All Internet Society members in Colombia and beyond are invited to join the Colombia Chapter via the Internet Society’s Member Portal  > My Account > My Chapters > Join a Chapter.

The future of the Internet depends upon people!

Our mandate is to sing for everyone. This is everybody’s chorus.

Wishing the new Colombia Chapter all the very best!

Read more about this event and watch the livestream

The post A New Voice Joins the Chorus: Welcome to the Colombia Chapter! appeared first on Internet Society.

Kindergarten Tech Cop: The Job I Never Wanted

Internet Society - News Headlines - Mer, 05/12/2018 - 18:43

This month, we’ve asked parents to share their experiences of raising kids in the tech age. Today’s guest author is Sara Given, creator of the viral blog “It’s Like They Know Us,” which skewers the myth of the perfect parent. She’s also the author of Parenting Is Easy: You’re Probably Just Doing It Wrong.

“Mom, what’s your passcode?”

I looked up to find my 5-year-old daughter jabbing her finger at my iPhone screen. She continued, “My school iPad has a passcode. What’s yours? I need to take pictures of the cat.”

This was a tame request compared to her other inquiries, (“Can I have a little brother?”), but it bothered me for two reasons: First, I knew that if I gave her that passcode, she would immediately take 5,000 pictures of the floor. And second, I hadn’t considered that at age 5 she’d already be so immersed in technology. That she’d know the lingo. That she probably already had more Instagram followers than me. #floorpics

While my daughter chattered away about the cartoon-character math app she’d been using in class, I found myself facing a dilemma: I want to limit my child’s exposure to anything more complicated than an Etch-A-Sketch, and she desperately wants the opposite. In my defense, an Etch-A-Sketch won’t track your data or sell your financial information to some shady dude thousands of miles away. People can’t hack your Etch-A-Sketch and draw inappropriate things on the screen. (You still have to do that the old-fashioned way). No, an Etch-A-Sketch just works for a few weeks before parts of the screen go dead for no reason and it gets thrown into a box in the basement. Those were the days!

But my daughter, like most kids her age, feels differently. And she does have a point. I would much rather learn math from my favorite TV characters instead of an old workbook. (I bet Chip Gaines is great at trigonometry). Plus, all of the flashy new toys have some kind of online component. Even Barbie, who turns 60 this year, comes with WiFi capabilities. The technological advancement of society isn’t going to slow any time soon. My choice now is to navigate the digital landscape one step ahead of her, or invest in a nice rocking chair where I can sit and yell at passersby about how it used to take 5 whole minutes to log onto the Internet. 5 MINUTES! And we LIKED it! That dial-up screech made us feel alive!

So as fun as it would be to lean in to geezerdom, I will do the responsible thing and start researching: What is the best way to secure our family devices? How are kids her age being monitored at school? Are cartoon genies really qualified to teach math? It will be time consuming and probably a little confusing, but so is all of parenting. And who knows, maybe someday my daughter will pursue an exciting career in tech; it is certainly the way of the future. But for now, she’ll just have to settle for taking pictures of the kitchen floor.

The connected future is here. Imagine the possibilities. #GetIoTSmart

 

The post Kindergarten Tech Cop: The Job I Never Wanted appeared first on Internet Society.

The Benin Chapter Wins Chapterthon 2018

Internet Society - News Headlines - Mar, 04/12/2018 - 21:00

The winner of this year’s Chapterthon was announced this Tuesday, 4 December during InterCommunity 2018.

Chapterthon is a global Internet Society (ISOC) Chapters and Special Interest Groups (SIGs) marathon, where all the Internet Society members can participate by developing a project within a timeline and budget to achieve a common goal. The project winner is selected by the community through online vote.

This year our community worked on the Internet of Things (IoT) – The future is ours to shape.

Every year, the Chapterthon brings enthusiasm and excitement amongst our community. During two and half months, 43 Chapters and Special Interest Groups (SIGs) from across the globe worked alongside to bring awareness on the Internet of Things (IoT) to their communities. They ran over 200 training sessions and workshops, engaging students, entrepreneurs, and local governments. They organized national campaigns, their projects were mentioned in local newspapers, and their message was brought to the most remote places. The Chapters also developed IoT applications that may in the future improve the lives of people in their communities, and amongst some of the projects are improved transport systems, agriculture, energy management, home protection, and healthcare.

The projects that received the highest number of votes are:

First Place: Benin Chapter – IoT LowHightech: A connected object creation workshop

The project is a connected object creation workshop with recycled material followed by a public lecture. An awareness campaign and training in the creation of connected objects took place during 5 days of activities at the University of Abomey Calavi with a free initiation of 20 people (10 women and 10 men) over a period of 4 days. The project reached out to approximately 150 people in relation to possibilities offered by connected objects and the challenges of security.

Second place: Brazil Chapter InspetorNET – A smart device to inspect small ISP infrastructure

The project goal was to develop an IoT device to help small ISP and community networks to deliver better service, particularly in regions lacking proper infrastructure. The device will help to monitor and predict potential problems in the network due to environmental conditions and electrical network problems.

Third place: Afghanistan: Incredible IoT – Afghanistan Chapter

The project proposed an awareness of IoT topics, where school and university students will learn from technologists and IoT experts through information sessions, a bootcamp, and a hacking project in target schools. Students will develop IoT pilot projects using Arduino kits and conduct ethical hacking showing the importance of IoT security. A wrap-up event and an exposure visit will be held in Kabul University.

Congratulations to the Benin Chapter, Winner of Chapterthon 2018, and to the three finalists! 

We would also like to thank all of the Chapters that participated in this year’s Chapterthon and helped make it a success!

While we are all excited by the success of the projects implemented and proud of our community, we are also aware of how much still needs to be done to make the Internet of Things a reality in all parts of the world, as said by the many testimonials from our Chapters:

Mali Chapter: “In a word, this project has made it possible to highlight that the Internet of Things is no longer a myth for developing countries, it is a reality. Everyone can implement it to help their community.”

Bangladesh Dhaka Chapter: “Our workshops are completed, but we want to continue. We want to spread IoT at all school levels in Bangladesh.”

Barbados Chapter: “We identified 500 individual students who were exposed to the Co-Pilot Pass Wi-Fi system and the IoT videos. Just imagine how many people could be exposed to safe IoT usage if this method was introduced on a busy transit system with hundreds of users.”

The Chapterthon, once again, was a success not only by the global level it reached, but also by showing that through commitment and hard work, we can shape the future!

Thank you Internet Society Community!

Watch the projects video:

We’re looking for new ideas from people all over the world on how you can empower your community using the Internet. The Beyond the Net Funding Programme funds projects up to $30,000.

The post The Benin Chapter Wins Chapterthon 2018 appeared first on Internet Society.

Join Us to Discuss Attack Response at Internet Scale

Internet Society - News Headlines - Mar, 04/12/2018 - 15:29

How do we coordinate responses to attacks against Internet infrastructure and users? Internet technology has to scale or it won’t survive for long as the network of networks grows ever larger. But it’s not just the technology, it’s also the people, processes and organisations involved in developing, operating and evolving the Internet that need ways to scale up to the challenges that a growing global network can create.

One such challenge is unwanted traffic, ranging from spam and other forms of messaging-related abuse to multi-gigabit distributed denial of service attacks. Numerous incident response efforts exist to mitigate the effects of these attacks. Some are focused on specific attack types, while others are closed analysis and sharing groups spanning many attack types.

We are helping to bring together operators, researchers, CSIRT team members, service providers, vendors, information sharing and analysis centre members to discuss approaches to coordinating attack response at Internet scale. The Internet Society is sponsoring a two-day “Coordinating Attack Response at Internet Scale (CARIS) Workshop” intended to help build bridges between the many communities working on attack response on the Internet and to foster dialogue about how we can better collaborate.

The workshop will take place on February 28 to March 1, 2019. Full details including submission instructions are available. The submission deadline for two-page position papers is December 16, 2018.

The post Join Us to Discuss Attack Response at Internet Scale appeared first on Internet Society.

Bilim Bulagy: A Spring of Knowledge in Kyrgyzstan

Internet Society - News Headlines - Mar, 04/12/2018 - 14:59

Kyrgyzstan’s transition to post-Soviet renovation toward a free market economy has had severe effects on the nation’s educational system. Having limited resources, schools in Kyrgyzstan desperately need more teachers. Currently, there are over 2500 teaching positions not being covered, most of them in the fields of natural science and mathematics.

Aiming to cover the need of affordable education, The Internet Society Kyrgyzstan Almaty Chapter developed Spring of Knowledge, a project supported by the Internet Society Beyond the Net Funding Programme, to provide new learning opportunities via digital self-study materials, such as offline access to Wikipedia, the Khan Academy online courses, as well as eBooks and video lessons in local languages.

Isabek Asanbaev, Project Manager

“The provision of textbooks in schools during the 2013-2014 academic year was only 73%.” explains the project manager Isabek Asanbaev. “The Kyrgyz Republic was ranked last in mathematics, science and reading among nations that participated in the 2006 and 2009 rounds of the Program for International Student Assessment (PISA). The National Sample-Based Achievement Test (NSBA) showed the same trend of underachievement. Our project aims to provide an opportunity for children to continue learning through self study in schools that don’t have enough teachers and books.”

What motivated the Chapter to take this initiative?

“One of our Chapter members, the engineer Erjigit Imamov, has been working on a prototype for several years, and consequently presented the prototype to the other members and the Board. The concept was considered very practical, innovative, inexpensive,  and with high potential for impact. So we decided to define some pilot locations of where to start the experiment, calling the device Bilim Bulagy (Spring of Knowledge in the Kyrgyz language).”

Erjigit Imamov, inventor of the prototype

How can this project be a great opportunity for the local community?

“We signed a Memorandum of Understanding with the Ministry of Education and Sciences, to cooperate on the implementation of the project. The cooperation framework, elaborated by the Chair of the Kyrgyzstan Almaty Chapter Talant Sultanov, will also facilitate the negotiations with stakeholders in the government.”

“Local communities can benefit by using the digital library to learn new skills and improve their education. In our communities, many people with understaffed schools resort to inner migration to give their children a chance at a better education in the capital or a regional major town. This project is also a big opportunity to not abandon their homes for such communities.”

Tell us what you expect to achieve, listing 3 main project objectives.

  • Improved learning outcomes in mathematics, natural sciences, and reading skills
  • Increase schoolchildren’s involvement in the educational process
  • Stimulate schoolchildren to learn independence and responsibility for their own education

Talant Sultanov, Chair of the Kyrgyzstan Almaty Chapter

Talant remarks that the Spring of Knowledge’s devices will also be able to help rural libraries: “We have piloted in one of the libraries near Bishkek. This initiative drew interest from different partners and stakeholders. For instance, a local NGO, Urban Initiatives, is helping establish cooperation with libraries. In the meantime, the Soros Foundation and USAID expressed interest in distributing these devices to dozens of their partners in rural areas of the country.”

How will the project contribute to the Chapter’s local presence and Internet Society’s mission in general?

“The project contributes to the United Nations Sustainable Development Goal 4 – Quality Education – and has caught the attention of many donor organisations that support the development of education in Kyrgyzstan. The kickoff meeting of stakeholders was a major success, drawing the interest of Open Society Foundations, UNICEF, USAID, the Ministry of Education and Sciences, as well as other public education professionals. The US Embassy has provided an additional grant to the Chapter for this project, and the Chapter’s local presence has increased significantly. The project supports education in a developing country, which is one of the Internet Society’s major activities helping achieve its mission.”

Watch the video with Erjigit demonstrating the Bilim Bulagy device:

Do you have a great idea to make your community better via the Internet? Apply for a Beyond the Net grant, which funds projects up to $30,000 USD, and follow Beyond the Net on Twitter!

The post Bilim Bulagy: A Spring of Knowledge in Kyrgyzstan appeared first on Internet Society.

Botswana Chapter Digital Literacy Program Seeks to Empower Rural Village Development Committee Leaders

Internet Society - News Headlines - Lun, 03/12/2018 - 20:00

The newly charted ISOC Botswana Chapter is set to spread the Internet Society mandate in Botswana through engagement with relevant stakeholders. The diverse team of technical, communications, and policy practitioners will venture into impact initiatives to complement the Internet Society mission and mandate. As a Beyond the Net 2018 beneficiary, the local chapter is embarking on a project titled: “Internet for Development of Rural Botswana: Empowering Village Development Committees Through Use of the Internet.”

The Village Development Committees (VDCs) are the custodians of community development initiatives. VDCs operate on values of engagement, consultation, and participation and this project hopes to contribute in enhancing these values using the Internet. The digital literacy trainings program is designed to target VDCs leaders in 4 remote regions with the aim of empowering these village leaders with digital tools and resources. VDC Tech Champions will be identified and will be responsible for continued facilitation of the digital literacy training program.  To facilitate future support, ISOC Botswana will donate laptops and wireless Internet modems to ensure resources and access.

Beyond the trainings, this project will collect impact stories of the anticipated improvements in VDCs’ operations, relating to digital access and engagement. The hope is to eventually expand the program to other regions of Botswana.

In October 2018, the project was successfully launched in the Boteti District by His Honor the Vice President of the Republic of Botswana Honorable Slumber Tsogwane. In his remarks, the government of Botswana committed to support initiatives by the ISOC Botswana Chapter and its partner entities. The hope is for ISOC Botswana to join the conversation on Internet policy and actualizing the e-government strategy. Phuthego Chere, the ISOC Botswana president called on support from relevant stakeholders for future expansion of the initiative to reach other areas of Botswana.

Digital literacy is a sure way of ensuring that rural communities become players in the digital economy. It is therefore with much excitement that the Chapter looks forward to implementation of the project and contributing to the of the Sustainable Development Goals theme of leaving no one behind.

We’re looking for new ideas from people all over the world! Find out how to empower your community using the Internet. The Internet Society Beyond the Net Funding Programme funds projects up to $30,000.00.

The post Botswana Chapter Digital Literacy Program Seeks to Empower Rural Village Development Committee Leaders appeared first on Internet Society.

Nominations Now Open for 2019 Public Interest Registry (PIR) Board of Directors

Internet Society - News Headlines - Lun, 03/12/2018 - 16:42

The Public Interest Registry (PIR) is the non-profit operator of the .ORG, .NGO and .ONG domains. If you or someone you know has the interest and qualifications to help guide the future of PIR, the Internet Society invites you to consider a seat on the PIR Board of Directors.

In 2019 there are three positions opening on the PIR Board. These three directors will serve a 3-year term that begins mid-year 2019 and expires mid-year 2022. Prior board experience is preferred. All directors must be able to read and understand a balance sheet, as well as read and communicate effectively in the English language.

More information about the position, the qualifications, and a link to the nomination form can be found at:
https://www.internetsociety.org/pir/call-for-nominations/

The deadline for nominations is 15:00 UTC on February 4, 2019.

The post Nominations Now Open for 2019 Public Interest Registry (PIR) Board of Directors appeared first on Internet Society.

The Week in Internet News: Huge Data Breach at Hotel Chain

Internet Society - News Headlines - Lun, 03/12/2018 - 15:51

Millions of records stolen: Marriott International, one of the world’s largest hotel chains, has reported a data breach affecting up to 500 million customers, the Washington Post reports. The breached database includes information on guests staying at Sheraton, Westin and St. Regis hotels. The 500 million records lost makes it the second largest data breach reported.

Encryption debate back yet again: U.S. deputy attorney general Rod Rosenstein, best known for overseeing the investigation into President Donald Trump’s ties to Russia, has renewed the Department of Justice’s long-term call for encryption workarounds in tech products, Wired.com reports. Addressing critics of encryption backdoors, Rosenstein said: “Just because people are quick to criticize you does not mean that you are doing the wrong thing. Take it from me.”

Countering view: Meanwhile, Robert Anderson, a former top cyber official at the FBI, said that since leaving the agency and working on cybersecurity issues, he now understands why tech companies would oppose government efforts to break encryption. Companies “entrusted by the clients who have given them information” have a responsibility to protect it, he said in an FCW.com story.

Someone’s watching you: Chinese Internet companies have begun to keep detailed records of users’ personal information and online activities, CNN.com reports. Under new government rules, companies are required to log the activities of users posting in blogs, microblogs, chat rooms, videos, and webcasts.

Virtual taxes: In an effort to attract blockchain businesses, Ohio will accept tax payments in bitcoin, the blockchain-powered virtual currency, CNBC.com says. That may not be such a good idea, however, given that the value of bitcoin has fallen about 70 percent this year.

Secure phishing: Nearly half of all phishing websites now feature the secure padlock icon that supposedly indicates a safe e-commerce site, Krebs on Security says. The padlock indicates the data transmitted is encrypted, but it doesn’t necessarily mean it’s a legitimate site, Krebs notes.

Advancing AI: Artificial Intelligence will improve in 2019 with more advanced chatbots, AI recruiting tools for hiring departments, and AI-based intelligent search, Entrepreneur.com writes. Coming soon, in addition to speaking to Alexa, you’ll also be able to talk to your car, TV, refrigerator, and even your lamps, the writer suggests.

Read “Customer Data Isn’t Always an Asset: Lessons from the Marriott Data Breach.”

The post The Week in Internet News: Huge Data Breach at Hotel Chain appeared first on Internet Society.

Customer Data Isn’t Always an Asset: Lessons from the Marriott Data Breach

Internet Society - News Headlines - Ven, 30/11/2018 - 22:38

As data analytics have improved, the massive amounts of data that companies acquire from their customers has only gained in economic value. In the corporate world of today, this data can be a real asset for companies. However, as today’s news, that the records of over 500 million guests of Marriott International’s Starwood division hotels were involved in a data breach, makes clear, corporate thinking about the value of customer data needs to be reevaluated.

Especially when it comes to corporate acquisitions, companies need to start treating customer data as a potential liability, as well as an asset.

In September 2016, Marriott International acquired Starwood for $13.6 billion. When Marriott International sought to buy the Starwood hotel chain, Starwood’s customer data, played a central role in their reasoning for the acquisition. Citing higher income and better brand loyalty among program members,  Arne Sorenson, the Marriott CEO, specifically referred to Starwood’s loyalty program as a “central, strategic rationale for the transaction.” Loyalty programs, in addition to attracting repeat customers, also “provide hotels with a wealth of information on their guests” which hotels can use to “create laser focused marketing campaigns for various different kinds of guests.”

While Marriott International successfully acquired Starwood, its valuable loyalty program and customer data, they also unwittingly acquired a data breach in progress, which would lead to future damage to their global brand.

As an internal investigation has suggested, the criminals behind this recent data breach had been inside the Starwood’s networks since 2014 – two years before the acquisition. These criminals gained “unauthorized access to the database, which contained guest information relating to reservations at Starwood properties on or before 10 September 2018.” For some customers, this information includes personal information like contact information, mailing addresses, names, and even passport numbers. Marriott International has also been unable to rule out the possibility of payment information, like credit card numbers, having been stolen as well.

In news reports, this is not Starwood’s data breach, but Marriott International’s. And this incident is already costing the company. Overnight, their stock price dropped by over 5%. Like any data breach, this incident will harm trust between the company and its customers. To try to rebuild their customers’ trust, Marriott International has: set up a website about the incident and a dedicated call center; said it will send out email notifications to those impacted and will pay for a year’s worth of a monitoring service to alert them if their personal information being shared online (in some countries). All of this takes money and resources.

The Marriott – Starwood acquisition and data breach provides an important lesson: when a company is negotiating an acquisition, data security and data handling practices must be a central part of the negotiations, and a company’s due diligence.

When Marriott International acquired Starwood and its data, they also acquired the risk associated with storing and handling that data. Digital security is a crucial part of a corporation’s bottom line, and security incidents can quickly become disastrous for a business. Before making acquisitions, companies need to carefully look at the digital security and data handling practices of the businesses they seek to acquire, analyze the risks, and reassess.

How much risk am I really willing to pay for? Is $13.6 billion and a data breach a fair deal?

The post Customer Data Isn’t Always an Asset: Lessons from the Marriott Data Breach appeared first on Internet Society.

A Critical First Step for IoT Security in Senegal

Internet Society - News Headlines - Ven, 30/11/2018 - 16:00

As barriers to entry start to fall, the Internet of Things (IoT) industry could provide Africa with an opportunity to build a brighter economic future.

Several countries are already establishing tech hubs that could supply the infrastructure to fuel IoT, and while there is still a wide gap between the haves and have-nots of Internet access, with more than 60 per cent of Africa still offline, it’s easy to build a case for connectivity.

Mass urbanization is on the rise, and investing in the infrastructure needed to fuel future smart cities and connect more Africans to the opportunity the Internet offers is a logical step forward. But it’s also important that security is in place to support this promising new economy.

Unfortunately, many IoT devices are rushed to market with little thought for basic security and privacy protections. In a world with so many newly connected things, it’s hard for consumers to keep up – and to know if manufactures are protecting their privacy and security.

To address this, Senegal has taken a critical first step. They’ve signed a memorandum of understanding with the Internet Society to strengthen IoT security. Together, they will develop an IoT Security Framework for Senegal using the multistakeholder collaborative governance process – a process that is accountable, sustainable, and effective.

It’s a noteworthy moment for Senegal, which is one of the first African countries to champion the multistakeholder process to tackle emerging IoT issues.

The MoU , signed by Senegal’s Minister of Telecommunications and the Digital Economy HE Abdoulaye Bibi Baldé and the Internet Society’s CEO Andrew Sullivan, lays out a common strategy to develop and promote the digitization of Senegal and its role in the IoT revolution – based on principles of security and trust. It emphasizes close cooperation and sharing good practices – committing to enhance cooperation while respecting each other’s strengths. It also facilitates coordination of resources and skills from partners in Senegal and establishes a responsive and coherent network of allies.

As with the Internet itself, the ever-evolving nature of IoT means new capabilities and security weaknesses are being discovered every day. To safeguard the future of the Internet and its citizens, we must stay on top of the potential security threats posed by IoT. We can start by using strong passwords, keeping our devices up to date, and following other best practices. And we can demand that manufacturers do their part, too.

We all have a responsibility to look after our digital well-being. IoT manufacturers, IoT service providers, users, standards developing organizations, policymakers, and regulators must take action to protect against threats to our security and privacy – as well as the Internet infrastructure. The IoT Trust Framework outlines some of the steps they can take.

Senegal can serve as a model to other African countries for how meaningful security initiatives and the multistakeholder process can be adopted across the continent to secure IoT.

Read Why the Multistakeholder Approach Works and demand that your voice is counted for a secure IoT!

The post A Critical First Step for IoT Security in Senegal appeared first on Internet Society.

New Report: Major Online Retailers Increase Email Marketing Trustworthiness and Follow Unsubscribe Best Practices

Internet Society - News Headlines - Mer, 28/11/2018 - 18:10

Today, the Internet Society’s Online Trust Alliance released its fifth annual Email Marketing & Unsubscribe Audit. OTA researchers analyzed the email marketing practices of 200 of North America’s top online retailers and, based on this analysis, offer prescriptive advice to help marketers provide consumers with choice and control over when and what messages they receive. The Audit assesses the end-to-end user experience from signing up for emails, to receiving emails, to the unsubscribe process and its results.

In the 2018 Audit, seventy-four percent of the top online retailers received “Best of Class” designation, meaning they scored eighty percent or higher in OTA’s analysis of their email marketing. In addition, ten retailers received perfect scores, meaning they adopted all twelve of OTA’s best practices. They are: Dick’s Sporting Goods, Home Depot, Lands’ End, Musician’s Friend, Office Depot, OpticsPlanet, Sierra Trading Post, Staples, Talbots, and Walgreens.

In the subscribe process there were several positive findings. The percentage of sites that had subscribe forms that were easy for the user to find was 94% in 2018, up from 85% in 2017. In addition, one-quarter of sites offered incentives such as free shipping to entice users to subscribe, down slightly from 28% in 2018.

Another positive note from this year’s audit was email security. The use of Sender Policy Framework (SPF), a technology used to detect forged email addresses and prevent malicious emails such as phishing attempts, was used by 100% of the sites audited. DomainKeys Identified Mail (DKIM), a similar technology used to help authenticate the sender of an email, also reached 100%. Adoption of similar security technologies such as DMARC and TLS also improved significantly in 2018. All of these technologies help protect users when subscribing to retailers’ emails.

An area for concern in the signup process, however, is the low percentage of retailers asking users to provide geographic information (just 14% of sites). Collecting geographic information is important as regulations evolve around the world, such as GDPR in the EU. It is in retailers’ interest to collect geographic information to properly segment their users depending on the regulatory regime where each user resides.

In the unsubscribe process the vast majority of retailers not only adhered to most of OTA’s unsubscribe best practices, but went well beyond the requirements laid out in regulations such as CAN-SPAM or CASL. Fully eighty-four percent of retailers had unsubscribe links in their emails that were clear and easy to find, a significant increase from 76% in 2017. In addition, the vast majority of sites (89%) immediately honor unsubscribe requests, i.e. the user receives no further emails after unsubscribing.

The full report and an infographic are available at https://otalliance.org/2018-email-marketing-unsubscribe-audit. We encourage you to read the report and, if you are involved in email marketing or retail, apply the OTA’s unsubscribe best practices for your organization.


The post New Report: Major Online Retailers Increase Email Marketing Trustworthiness and Follow Unsubscribe Best Practices appeared first on Internet Society.

The Third India School on Internet Governance

Internet Society - News Headlines - Mer, 28/11/2018 - 15:37

The third edition of the India School on Internet Governance (inSIG) took place from 13–15 October 2018 at the India International Centre in New Delhi in partnership with the Internet Society Indian Chapters: Delhi, Trivandrum, Mumbai, and Kolkata.  It was supported by the Beyond the Net Funding Programme with the participation of Olaf Kolkman, the Internet Society’s Chief Internet Technology Officer.

Ninety participants joined a three day activity event which included  workshops, role play exercises and discussions. The event focused on educating emerging leaders from India and other South Asian countries, such as Afghanistan, Bangladesh, Nepal, and Sri Lanka on their role in the global Internet Governance ecosystem.

On 12 October 2018, two events were co-hosted: Firstly, The Internet Infrastructure Security Day, a workshop to learn more on pen Internet standards and sharing good practices as part of the Global Forum on Cyber Expertise (GFCE) – and secondly, India’s first Youth Internet Governance Forum (YIGF), which conducted multiple sessions on topics of relevance to young Internet users, particularly those in secondary school, college, and early employment. Both events were live streamed and viewed by over 1,500 participants.

A range of several industry experts offered insight into India’s Internet story and the potential for future impact. Taking into consideration that India should have a strong position in the realm of Internet Governance and its role should be commensurate with the strength of India’s IT industry and the size of India’s Internet users base, which is currently the 2nd largest in the world.  Presently, there are 234 million Indian-language Internet users compared to 175 million using the English language. Over the next five years, 90% of users are expected to be those of Indian language. A domain name with .भारत will make websites more accessible for such an audience and efforts in breaking the language barrier, will in turn, offer a chance to the next 500 million people to obtain online access.

How can the Internet can become a transformative power in India by 2020, and not just an enabler? ” The Indian community believes that global Internet Governance can only be functional, effective and credible, if all relevant stakeholders are contributing to the process.” remarked Dr. Govind, President of the India Delhi Chapter.

We’re looking for new ideas from people all over the world! Find out how to empower your community using the Internet. The Internet Society Beyond the Net Funding Programme funds projects up to $30,000.00.

 

The post The Third India School on Internet Governance appeared first on Internet Society.

2018 Survey on Policy in Asia-Pacific: We Need to Do Something About IoT Security

Internet Society - News Headlines - Mar, 27/11/2018 - 16:41

Earlier this year, we asked Internet users across Asia-Pacific just how secure they thought their smart gadgets were. The findings, gathered from 950 respondents in 22 economies, yielded some interesting insights. Over half of those polled lack confidence that IoT devices are sufficiently secure. A similar percentage feel that they do not have enough information on the security of their device.

As connected devices move into our personal spaces – homes, offices and our bodies – amassing more and more data about us and our activities at a dizzying pace, our report, published last week, highlights how much work still needs to be done to build trust in the Internet of Things (IoT) ecosystem.

Asia-Pacific is undoubtedly a major area of growth for the IoT industry, with countries like China and India rapidly becoming some of the biggest markets for consumer IoT devices. We are also a formidable producer, with established brands like Xiaomi and Samsung churning out wearables, smart appliances, and virtual assistants, and numerous startups joining the fray.

Indeed, the report found that a substantial number of respondents already own IoT devices, with a further 73% planning to purchase an IoT device in the next 12 months. But this enthusiasm can’t conceal the fact that most IoT devices land on our shelves without adequate security and privacy safeguards, making them vulnerable to information leaks and attacks by cybercriminals. Incidents like the Mirai botnet in 2016, which essentially exploited unsecure CCTVs whose default passwords hadn’t been changed, gave us a preview of things to come. Connected toys listening in on conversations at home, or smart speakers that can make online purchases without the owner’s knowledge, were just some of the security flaws exposed by researchers this year.

And consumers are waking up to these risks: More than two-thirds of survey participants worry about hackers gaining access or taking control of their devices and personal information. A similar percentage are concerned about personal data leaks and being monitored without their knowledge or consent.

Security certainly is a shared responsibility – users also need to take steps to keep their devices secure. But as we found in the survey, there are currently not enough tools available for them to do this. For instance, over 70% of respondents would like the option to delete the data collected by the device, and to know more about how it is used and who it is shared with, overall demanding more control over their personal information.

This task falls primarily on device manufacturers and IoT service providers. Significantly, nine in ten respondents would like for security and privacy protections to come as standard across all IoT devices, with two-in-three respondents citing this as a key factor that would influence their purchasing decision.

For governments, one of the ways to steer industry in the right direction is to promote the use of trustmarks – visible indicators to signal that a product abides by a set of security standards. This is already a widespread practice in the food sector (e.g., fair trade) and among electronics and equipment suppliers (e.g., energy star). Tellingly, more than 90% of respondents stated that they are likely to purchase IoT devices that have a security guarantee (through a trustmark or certification label).

The connected environment promises convenience, efficiency, and unimaginable insight, and we are only just skimming the surface of its potential. Unsurprisingly, IoT is set to reach an important milestone next year, with consumer IoT devices exceeding the global population for the first time. It is a remarkable growth – one that is surpassed only by the threats that are increasingly tailored to exploit its weaknesses.

The connected future is here. Let’s make sure it’s secure. #GetIoTSmart

The post 2018 Survey on Policy in Asia-Pacific: We Need to Do Something About IoT Security appeared first on Internet Society.

Future Thinking: Payal Malik of the Competition Commission of India

Internet Society - News Headlines - Mar, 27/11/2018 - 16:00

Last year, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed Payal Malik to hear her perspective on the forces shaping the Internet’s future.

Payal Malik is the Economics Adviser and Head of the Economics Division (Chief Economist) at the Competition Commission of India. She is on secondment from the University of Delhi, where she is an associate professor of Economics. Her areas of expertise are competition law, policy and regulation. She has many years of economic consulting experience in network industries such as power and telecommunication, information and communication technologies (ICTs), innovation systems, and infrastructure. She was previously a senior research fellow at LIRNEasia and a senior consultant at the Center for Infrastructure and Regulation, National Council of Applied Economic Research (NCAER), India. At NCAER she was a lead researcher on various infrastructure development projects, including telecoms, electricity, highways, and water and sanitation. She was also on the team that drafted the Electricity Act of India, ushering competition into the sector.

The Internet Society: This year we’re focusing our annual Internet Futures report on consolidation in the Internet economy. We’re specifically investigating vertical and horizontal consolidation trends in and across the access, services and application layers of the Internet respectively. Have you noticed any trends in this regard?

Payal Malik: Yes, we have observed both horizontal and vertical consolidation in the Internet society. Consolidation trends have been observed in digital payment services, digital farming applications, e-commerce platforms, etc. Many cases were related to acquisition of shareholdings in e-commerce firms by investment companies. For example, Walmart recently acquired a major e-commerce firm in India and entered the market of e-commerce platforms. Furthermore, many firms in the digital space, and most of the new-born companies, fall under the de minimis exemption thresholds and hence their acquisition is exempted from notification. Thus, there may be more consolidation going on that hits the “blind spot.”

You’ve long worked on competition issues in various network industries, including telecoms. How has technology’s role in societies changed in the time since you’ve been working in this field? Have you perceived a backlash against the tech industry in India (e.g., Facebook and Free Basics)?

The technology has changed drastically especially in case of the telecom sector. With the advent of Jio (a new entrant), the total telecom subscribers in India (936 million in March 2016) increased by a massive 28% to 1,202.22 million in March 2018. Further, the prices of telecom services declined significantly and data consumption per month increased by 924%. The growth of Big Data has led to innovation, the development of new sectors, and the penetration of technology even in case of traditional sectors like education and health. The rise of Big Data has also created issues of privacy, data monopolisation, etc.

Severe backlash was witnessed against Facebook’s Free Basics services in the country and the same was banned in 2016. Consequently, net neutrality rules were notified in 2018 that prevented “any form of discrimination or interference” with data, including “blocking, degrading, slowing down, or granting preferential speeds or treatment to any content.” The view of the telecom regulator was that competition alone will not be sufficient to address the problem of telecom firms becoming gatekeepers to the Internet and strong ex-ante rules are required to regulate the behaviour of infrastructure firms such that it acts as a non-discriminatory platform. The issue of data localisation is now gaining currency in India and there seems to be some protectionist undercurrents to the whole issue.

Does this the trend impact India, or is more of a global issue?

Digital economy by its very nature is such that effects will inevitably cross state-nation boundaries and India, being an open economy, does feel the impact. Technological advances in other jurisdictions percolate to India, leading to innovation within the country, complementing the existing innovation ecosystem. We also recognise the challenges concerning Big Data and consumer privacy in the competition realm, especially as we have more players entering local markets. To address such conflicting issues we are trying to find ways and means to balance user privacy and technological innovation. We are in process of drafting privacy law which may be finalised soon and become an Act of the Parliament.

What makes the technology sector different when it comes to competition regulation?

The technology sector is different than other sectors as there are numerous relevant markets having multiple sides, each with specific competition dynamics. This makes the delineation of relevant market difficult. Further, markets are such that given market at one point in time mutates into another through the exploitation of complementarities. Therefore, a nuanced assessment has to be adopted by taking into account the facts, market, and technology in question. With the advent of Big Data in digital markets, data-rich entities are able to generate more user data with the help of feedback and monetisation loops. This leads to concerns of abuse of market power, algorithms, and collusions, etc.

As a competition regulator, how do you balance the need to not hamper innovation with the need for promoting competition?

When the cases involving dynamic competition, the Competition Commission tries to strike a balance between short-term static efficiencies and the longer-term gains that arise from innovation. Assessing technology sector issues requires an understanding of the underlying technology and a comprehensive knowledge of market developments. We’re also very aware of the fact that a given market at one point in time might mutate into another through the exploitation of complementarities. Further, during the assessment, we don’t emphasise the fact that one firm has entrenched market power in a particular industry. This is because taking such a stance would damage incentives to innovate, and would be a denial of the realities of market preferences. A nuanced assessment, based on the facts of the case and the market and technology in question, is therefore the strategy that the Commission has adopted in the analysis of antitrust cases involving digital economies in India.

Germany recently announced plans to try to curb digital dominance using competition law. Have you noticed any trends when it comes to other competition authorities’ responses to tech dominance around the world, and particularly how they are defining relevant markets? How do they differ between regions?

We do keep a track of international developments taking place in field of digital economy. Developed economies across the globe have now stepped in for curtailing digital monopolies, which may be a consequence of the economic realities of their countries, however given the peculiarities of each country these issues may have a local context. As far as defining a relevant market is concerned, we do consider definitions defined by other jurisdictions. We feel that Germany and France have adopted an aggressive approach to prevent digital dominance, which India cannot adopt at present time when digital markets are at their evolving stage. With the help of complementary laws, we hope to create a level playing field for digital players in India, including startups.

Is competition law the best solution to these consolidation problems? 

Yes, we do believe competition law is the best solution for consolidation problems. But there is a possibility that traditional asset/turnover criteria may fail to capture potentially anti-competitive transactions in the tech sector. Some transactions in this market may fall below turnover-based thresholds because the target’s products are offered for free, or have yet to come to market, and generate little turnover. In such instances, the target’s value may not best be correlated to its sales. The value of the target’s sales is a rather poor indicator of the merger’s significance for competition. Thus, asset/turnover-based notification thresholds may have a ‘blind spot’ if relied on alone. Therefore, thresholds levels must be modified to take these blind spots into account.

Is there potential in data portability as a way of countering data effects and addressing consolidation concerns?

Data portability allows users to receive their data back in a format that is conducive to reuse with another service. The purpose of data portability is to promote interoperability between systems and to give greater choice and control to the user with respect to their data held by other entities. The aim is also to create a level playing field for newly established service providers that wish to take on incumbents, but are unable to do so because of the significant barriers posed by lock-in and network effects. In line with the EU’s GDPR, Indian Data Protection Bill also gives right to data portability to users. This is important as we do believe data portability has the potential to counter data effects.

Besides the potential negative implications related to digital dominance, what are your fears for the future of the Internet?

The Internet has undoubtedly revolutionised the way people shop, work, socialise, entertain themselves, etc. It has had some very serious consequences on the democratic edifices of countries with the ability of the Internet to spread misinformation and changing people’s behaviours and preferences. Second, I will be very worried if perfect price discrimination is implementable based on the individual customer data that digital monopolies have, as this will lead to killing of the positive impact of competition in technology markets. Last, though there is no reason to believe chilling of innovation maybe the final nail in the coffin. But I think that is too apocalyptical as innovation is highly contestable. 

What are your hopes for the future of the Internet?

I hope the Internet will continue to develop new ideas, increase entrepreneurship, help make consumers’ lives easier, bring in transparency in terms of prices and quality, reduce intermediaries in supply chain, help transform societies, etc. For all this to happen, innovation needs to be protected and the government and competition regulators are aware of this need.

We’re getting ready to launch the next Global Internet Report! Read the concept note and learn how the Internet Economy might shape our future.

The post Future Thinking: Payal Malik of the Competition Commission of India appeared first on Internet Society.