After the Brexit vote, I wrote that there could be an impact on EU registrants based in the UK. Over the past year, the UK government has been engaged in negotiations with the EU to navigate the application of Article 50 and the UK's exit from the European Union. While there has been a lot of focus on issues like the customs union and the border between Ireland and Northern Ireland, the eventual departure of the UK from the EU will have a tangible impact on the European digital economy. more
Security for Internet-connected devices, the "Internet of Things" (IoT), is critically important. Now, more than ever, it is top of mind for device manufacturers, network operators, consumer advocates, lawmakers, and government regulators -- domestically and internationally. In the face of recent attacks, government authorities and consumer advocates have proposed legislation, frameworks, certifications, and labeling schemes. more
In the current debate over the balance between privacy and Internet safety and security, one of the unanswered questions is: "How will those responsible for protecting the public interest gain access to the non-public data in the WHOIS databases post General Data Protection Regulation (GDPR)?" In an attempt to prevent WHOIS data from going "dark," several community members have been working for the past weeks to create a model that could be used to accredit users and enable access to the non-public WHOIS data. more
ICANN has consistently said its intention in complying with the European Union's General Data Protection Regulation (GDPR) is to comply while at the same time maintaining access to the WHOIS domain name registration database "to greatest extent possible." On February 28, ICANN published its proposed model. Strangely, while ICANN acknowledges that some of the critical purposes for WHOIS include consumer protection, investigation of cybercrimes, mitigation of DNS abuse, and intellectual property protection, the model ICANN proposes provides no meaningful pathway to use WHOIS in those ways. more
Washington may be the first state to approve a net neutrality law that applies to all wired and wireless Internet providers in the state. more
In mid-March, the group dubbed by Wired Magazine 20 years ago as Crypto-Rebels and Anarchists - the IETF - is meeting in London. With what is likely some loud humming, the activists will likely seek to rain mayhem upon the world of network and societal security using extreme end-to-end encryption, and collaterally diminish some remaining vestiges of an "open internet." Ironically, the IETF uses what has become known as the "NRA defence": extreme encryption doesn't cause harm, criminals and terrorists do. more
The compliance deadline for the European Union's General Data Protection Regulation (GDPR) is nearly upon us, the unveiling of a proposed model to bring WHOIS into compliance is said to come from ICANN next week, and everyone is scrambling to understand all that's involved. Implementation of a revised WHOIS model is clearly on the horizon, but what comes after may be the real story! Specifically, if WHOIS information becomes more than nominally restricted, what's the consequence to the data controllers (ICANN and the contracted parties) who implement this revised model? more
There is an urgent need to clarify the GDPR's territorial scope. Of the many changes the GDPR will usher in this May, the expansion of EU privacy law's territorial scope is one of the most important. The GDPR provides for broad application of its provisions both within the EU and globally. But the fact that the GDPR has a broad territorial scope does not mean that every company, or all data processing activities, are subject to it. more
Black's Law Dictionary defines it as "the extraterritorial operation of laws; that is, their operation upon persons, rights or jural relations, existing beyond the limits of the enacting state, but still amenable to its laws. The term is used to indicate jurisdiction exercised by a nation in other countries, by treaty..." Extraterritoriality is also the most significant emerging development today in the law shaping virtual network architectures and services that includes OTT and NFV-SDN. more
The American industry lobby (AT&T, Verizon, and Comcast) successfully pushed the regulator to get rid of net neutrality, but they are not stopping there. They can sense the opportunity under the Trump Administration to roll further back any regulations that stand in the way of maximising their profits. As all three largely enjoy geographic monopolies in their regions of operation, there is little competition driving innovation forward, so their aim is to milk the networks that they currently have in place for as long as possible. more
Montana Governor Steve Bullock signs an executive order requiring ISPs with state contracts to adhere to internet neutrality principles. more
Landline networks like the old phone system and the new(er) cable systems do lend themselves to monopoly or at least duopoly outcomes. Building these networks is both very expensive and requires myriad government approvals. Once a system is in place, it is hard for anyone to raise the capital to duplicate it. Even a network of wireless towers is hard to compete with. more
There is growing concern about how ICANN will comply with the EU General Data Protection Regulation (GDPR), whose enforcement sanctions come into force in May of 2018. How will ICANN comply with GDPR without unduly restricting global Internet users' access to the public WHOIS database? For nearly the past 20 years, Internet users, businesses, law enforcement and consumer protection agencies have relied on WHOIS as a necessary resource. more
In 2018, Internet Governance will be one of the top priorities in the geo-strategic battles among big powers. In today's world, every global conflict has an Internet-related component. There is no international security without cybersecurity. The world economy is a digital economy. And human rights are relevant offline as well as online. It is impossible to decouple cyberspace from the conflicts of the real world. more
Two weeks before depletion of the American Registry for Internet Numbers (ARIN) IPv4 free pool in September 2015, we published an article recommending that the ARIN community adopt transfer policies that encourage trading transparency and improve whois registry accuracy. By eliminating needs justification as a pre-condition to updating the registry, we argued that ARIN could eliminate existing policy-based barriers that have kept many otherwise lawful and legitimate commercial transactions in the shadows. more