Home / Blogs

The ITU 2018 Plenipotentiary Conference: An Analyst’s Long-Arc Perspective

Next Monday, 29 October, most of the formal representatives of the world’s nations will convene for three weeks to collectively consider the most significant developments in global network communications networks and services, and make multilateral adjustments in a treaty instrument signed by almost every country at the end. They will also elect heads of the various International Telecommunication Union (ITU) secretariats and permanent bodies for the next four years. Once called a “conference of high contracting parties,” it is today referred to as the “plenipotentiary conference” because the representatives can act and sign for their Nation States. PP-2018 is being hosted by the UAE in Dubai.

This multilateral process has been occurring for the past 168 years since nations first decided to interconnect their communication networks and services. Contrary to purported experts, the ITU is *not* part of the U.N., but its own independent treaty-based organization which has an agreement to facilitate U.N. member needs through its own separate instruments and activities that date back a hundred years before the U.N. came into existence.

It is also worth noting that it was the U.S. after both the First and Second World Wars who was chiefly responsible for creating the contemporary ITU—writing its treaty instruments and hosting the related multilateral conferences in Washington DC and Atlantic City. The U.S. at the time was seeking cooperative international global solutions for internetwork and security challenges posed by new technologies spanning multiple national jurisdictions, and one of the principal leaders, Jerry Gross, was subsequently elected Secretary-General. Until the mid-90s, the U.S. dominated almost all the many ITU venues.

I have had the privilege of writing some of the history and analyzing the “Plenipots” for the past fifty years—including stints on the inside both as a ITU Member U.S. government employee and helping running the PP-1989 Nice Secretariat. It is making “legislative sausage” on a global scale. My interest as a lawyer and engineer analyst variously in government, industry and academia is public international law and the treatment of major technical and operational challenges.

Worth noting is the larger reality that the ITU activities have always set on a global political-economic ecosystem that shapes where and how communication products and services are created and made available in the marketplace. Both the individual national and institutional players in that ecosystem have changed significantly over the past two decades. For example, there has been dramatic transformative shifts from legacy government-provided telecommunications to diverse mobile offerings and internets, and now to NFV and 5G combined with the proliferation of device connectivity and big data analysis. Institutionally, the industry work has shifted massively to 3GPP and a mix of non-ITU venues.

The principal enduring requirement—maintaining sovereignty

Every nation has absolute, sovereign jurisdiction within its geographic boundaries over its communication networks and services, including radio emissions and satellites. It is the basic predicate of public international law and national existence. Every nation asserts its absolute sovereignty. Its assertion has existed as the threshold provision in every related treaty instrument. Every communication and radio emission that crosses a national boundary occurs pursuant to ITU treaty provisions—with the understanding that each nation nonetheless still has absolute jurisdiction within its borders and can establish additional non-contravening arrangements.

Sovereignty became a challenge when networks were first interconnected across national borders in 1850, and increased with each new technology—especially radio internets a hundred years ago, then radio communication satellites in the 1960s, then data communication internets in the 1970s.

Today, similar challenges arise from virtualized extraterritorial networks and services instantiated across national boundaries—both NFV (Network Functions Virtualisation) and so-called Over the Top (OTT) manifestations provided from cloud data centers. It is a profound change for network architectures and provisioning with substantial obstacles. Emerging use of ephemeral end-to-end encryption dramatically escalates the jurisdiction (and security) concerns. Rational nations are not likely to forfeit needed controls over these implementations—which if not accomplished multilaterally, will result in domestic Balkanisation within each country that will drive up provider costs. Some treatment of these prominent exterritorial developments that adversely impact the exercise of national sovereignty were expected at PP-2018.

The second enduring requirement – maintaining cybersecurity

Cybersecurity challenges today have become enormous as a result of multiple legal and technical factors. As with sovereignty, national security requirements have been a fundamental component of ITU treaty instruments since their inception.

Although cybersecurity solutions were developed for the radio sector a hundred years ago, the challenge for internetworking platforms on top of transport services have proven intractable and become exponentially devastating over the past two decades in part because Member nations have been unable to cooperate in establishing necessary multilateral legal, technical, and operational platforms and practices. Tossing the problem to “the marketplace” or end-users has also proven to be a non-solution.

The emerging use of ephemeral end-to-end encryption is beginning to create significant vulnerabilities as both criminals as well as nation-state sponsored adversaries adapt the platforms for theft, fraud and regime-change tactics by tunneling into remote servers and user end-points. Here also, significant treatment of cybersecurity was expected at PP-2018.

The PP2018 proposals

Extensive proposals were submitted by six regional blocs: Africa; Asia-Pacific; Arab; CITEL (Americas); Europe; RCC (Russian Regional Commonwealth). An additional nine proposals were separately submitted by: Argentina, Canada, Costa Rica & Dominican Republic; Brazil; Canada & USA; Central African Republic; China; Germany; India; Switzerland; USA. A common practice in recent Plenipots, the proposals focussed on the Resolutions contained in the Final Acts rather than organic provisions of the Constitution and Convention. The documents are publicly available.

While most of the proposals are generic and certain to be widely supported, a substantive focus also emerges on sovereignty and cybersecurity—manifested through resolutions on OTT provisioning, cybersecurity, and revision of the International Telecommunication Regulations (ITRs).

OTT. The OTT concerns internationally are a parallel to Network Neutrality domestically. Along with network operators, nations assert a right to control the communication services on their infrastructures to meet their own requirements—including sovereignty. OTT developments are also a precursor of NFV and 5G implementations of virtualized services and a fundamental change in how network communications are implemented. From a sovereignty perspective, the “global rules of the road” are fundamentally important for every nation. At the PP-2014, only the Arab bloc mentioned OTT developments. Now, four years later, OTT related proposals were submitted by four regional blocs (Africa, Arab, Europe, RCC) plus Brazil and China individually.

All of the proposals except China’s offer different versions of a new resolution on OTT that largely call for further study over the next four years. The Africa bloc expresses a specific concern regarding OTT end-to-end encryption. Rather than proposing a new resolution, China simply notes that “fast growing OTT, in particular, has posed unprecedented challenges to the development and security of telecommunications/ICT worldwide” and calls for its consideration as part of further studies related to amended International Telecommunication Regulations.

Cybersecurity. Because countries treat national security as a fundamental role of the State, cybersecurity provisions have been a basic component of every treaty instrument since 1850. Those provisions are scattered throughout the bodies of the instruments. With the increasing introduction of DARPA internet platforms in public infrastructures beginning in the mid-90s, cybersecurity emerged as a serious network security challenge. The scaling security incidents resulted in the first explicit Plenipotentiary resolution in 2002—subsequently known as Res. 130 and prescient in its articulation of the problems.

The Resolution evolved and expanded every four years since 2002, and for PP-2018 is the subject of all the regional bloc proposals (except RCC) plus Brazil and India. All the proposals are a variation on similar themes—calling attention to the problems and for all ITU bodies and participants in its work to collaborate globally to meet growing threats and challenges. Brazil called for use of the concept of cyber-hygiene that has been appearing in national cybersecurity strategies, as well as using the common term “cybersecurity” rather than the odd political construct “building confidence and security in the use of information and communication technologies.” Although cybersecurity remains a profound threat for every nation, the complexity and dynamics of the challenges in a global intergovernmental setting seem to elude definitive solutions.

ITRs. Among ITU treaty instruments, there are presently two sets of International Telecommunication Regulations (ITRs) - one signed by essentially all nations in 1988 to enable public internets and facilitate global trade in services, and another in 2012 signed by half of those nations. The divergence represents a bifurcation among nations on the role of multilateral instruments and ITU bodies as facilitating institutions. Entwined are concerns of sovereignty and cybersecurity, as well as growth and control of global markets for products and services. The divergence resulted in a PP-2014 resolution calling for additional dialogue and study—designated Res. 146.

Five regional blocs (Africa, Arab, Europe, CITEL, RCC) submitted proposals plus China. The proposals not unexpectedly reflect the existing divergence with Europe opposing any further ITR related efforts, and the others offering Res. 146 changes that continue the efforts and look toward further consideration at PP-2022. RCC offered a detailed composite of the 1988 and 2012 ITR provisions and suggesting a harmonization among them.

Although the divergences here have existed since the inception of the ITU and its precursors, current nationalistic trends are leading away from convergence and cooperation, so the course for the near future remains uncertain until triggered by evolving extraterritorial or cybersecurity requirements. In the meantime, Res. 146 seems likely to remain in modified form to continue study and dialogue.

The PP2018 elections

The elections are comparatively uneventful. The current Secretary-General Houlin Zhao is a highly regarded and experienced leader set to begin his second term and running uncontested. Other positions among the various ITU secretariats and boards are either uncontested or being pursued by multiple highly qualified candidates. The organization’s construct of relatively independent sectors largely driven by industry contributions—except for the very large Radio Sector which is driven by every nation’s spectrum management agency—is a proven construct that continues to serve common global needs.

The Long Arc

Although there are contemporary challenges, the PP-2018 should finish successfully. The submitted proposals are rather generic and designed to promote unity and stability. The process of reaching agreement on Final Acts tends to result in provisions on which every nation can give nuanced approval—sometimes combined with clarifying statements. For 168 years through constant technical and political-economic changes in the world, the value proposition of engagement and cooperation under the ITU aegis have remained compelling.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Anthony Rutkowski, Principal, Netmagic Associates LLC

The author is a leader in many international cybersecurity bodies developing global standards and legal norms over many years.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC