Donate
‹ Back
Identity 11 December 2011

Security, Openness and Privacy

UN Internet Governance Forum – Security, Openness and Privacy
29 September 2011, Nairobi, Kenya
Christine Runnegar, Senior Policy Advisor, Internet Society

The Internet has revolutionised communication, giving ever increasing numbers of individuals across the world the ability to communicate as part of a growing and vibrant global community. It has enabled non-linear content distribution and created the phenomena of distributed “crowd sourced” “peer reviewed” information and knowledge. An often cited example, and with good reason, is Wikipedia.org – self-titled – “the free encyclopaedia that anyone can edit”. Perhaps the Internet pioneers will remember the time when encyclopaedias were expensive and updated annually. We have entered the age of Information Egalitarianism. But, that does not mean it is perfect. More work is needed if we wish to embrace this objective globally.

Openness plays a key role – in obvious and sometimes less obvious ways. Continuing with our Wikipedia example, an academic study of contributions when access was blocked by one country showed that individual contributions significantly decreased from contributors outside the country. One author concluded this is because many contributors are motivated by the idea that people are watching. (It is important to emphasise that the contributions are voluntarily provided with the knowledge that the platform is open and observable. This does not mean Internet users want their activities and private communications to be monitored.) Another conclusion one may reasonably draw from this study is that blocking access in one country can also diminish the overall value of a public resource for the rest of the world.

Openness also has a technical dimension. It is that dimension that has enabled the development of the Internet we know today that has become so fundamental that access and prevention of access are now part of the human rights dialogue. Openness in the technical sense involves transparent Internet standards development where anyone can participate on an equal basis, and open non-proprietary protocols that anyone can implement. It provides more opportunity for diversity of thought. Openness is also the ability to develop and deploy Internet applications and services without “approval”. Closely aligned to openness is interoperability. These two features have enabled extraordinary creativity and exponential innovation. Openness in technical standards development has also played a role in enhancing security. DNSSEC, developed by the Internet Engineering Task Force, is one such example. OAuth, a Web Authentication Protocol[1], is another.

A trend that seems to be emerging is the resort to technical measures to solve legal, political or social problems. This is perhaps most apparent recently in relation to the protection of intellectual property online, but is not limited to this area. Altering the way technology functions to solve a non-technical problem carries inherent risks of collateral damage to the proper functioning of the underlying technology, security and privacy, as well as other potential side effects. DNS-filtering, for example, is incompatible with DNSSEC, runs the risk of collateral harm and drives services underground, thereby undermining the stability, reliability and global interoperability of the Internet. At the same time, it does not solve the problem, as it does not remove the content or all means by which it can be accessed.

In closing then, one of overarching challenges we still face is a lack of a shared global understanding of the borderless nature of the Internet and the related inter-dependent objectives of security, privacy, openness and user choice. The IGF, by its nature and format, is an ideal place to build this global understanding.

Thank you.

1. The Web Authorization (OAuth) protocol allows a user to grant a third-party Web site or application access to the user’s protected resources, without necessarily revealing their long-term credentials, or even their identity. For example, a photo-sharing site that supports OAuth could allow its users to use a third-party printing Web site to print their private pictures, without allowing the printing site to gain full control of the user’s account.” http://datatracker.ietf.org/wg/oauth/charter

‹ Back

Related resources

INET Washington, DC to Explore Surveillance, Cybersecurity, and the Future of the Internet
Press releases15 July 2013

INET Washington, DC to Explore Surveillance, Cybersecurity, and the Future of the Internet

[Washington, DC] - At INET Washington, DC on July 24, 2013, the Internet Society, in conjunction with George Washington University's...

Comments on Draft Programme Paper for the IGF meeting
Internet Governance3 December 2011

Comments on Draft Programme Paper for the IGF meeting

23 April 2009 The Internet Society is happy to comment on the current draft program paper for the 2009 Internet...

Internet Society Responds to Reports of the U.S. Government’s Circumvention of Encryption Technology
Press releases9 September 2013

Internet Society Responds to Reports of the U.S. Government’s Circumvention of Encryption Technology

The Internet Society is alarmed by continuing reports alleging systematic United States government efforts to circumvent Internet security mechanisms.  The...

Join the conversation with Internet Society members around the world