Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Digital governance, like all governance, needs to be founded in guiding principles from which all policy making is derived. There are no more fundamental principles to guide our policy making than the Universal Declaration of Human Rights, (UDHR). This article is Part 2 of a series of articles exploring the application of the UDHR to rights issues in the cyberspaces of the Internet ecosystem. The previous article in the series explores the foundations of the UDHR. more
Major European legislation, the General Data Protection Regulation, evoked substantial change in the way we deal with the visibility of domain name registration information, and understandably those that use that data to solve problems are concerned about these changes, and some have even called for a U.S. legislative fix. However, a more in-depth look at the issue and the policy-making surrounding it will show that there is, in fact, a process already well underway to address the situation. more
One could think that the authors of The Universal Declaration of Human Rights (UDHR) -- adopted in 1948 -- had the Internet in mind when they declared in Article 19: "Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers." All human beings are entitled to certain rights, and it makes no difference if they choose to exercise them in a town square or an Internet chatroom. more
A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints." more
EFF's Senior Legislative Counsel, Ernesto Falcon, in a post on Monday has argued that major ISPs in the U.S. -- the likes of Comcast, AT&T;, and Verizon -- are aggressively influencing legislators to stop the deployment of DNS over HTTPS (DoH), "a technology that will give users one of the biggest upgrades to their Internet privacy and security since the proliferation of HTTPS." more
The Chinese Communist Party's app called Study the Great Nation released in January is reported to have "superuser" access to the entire data of over 100 million Android-based phones via a backdoor. more
For decades, the US government has fought against widespread, strong encryption. For about as long, privacy advocates and technologists have fought for widespread, strong encryption, to protect not just privacy but also as a tool to secure our computers and our data. The government has proposed a variety of access mechanisms and mandates to permit them to decrypt (lawfully) obtained content; technologists have asserted that "back doors" are inherently insecure. more
The U.S. House Judiciary Committee is investigating Google's plans to implement DNS over HTTPS (DoH) in Chrome according to a report by the Wall Street Journal over the weekend. more
Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it's unclear that it accomplishes these goals. On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). more
A letter, signed by 51 CEOs, was sent to U.S. House and Senate and leaders of other committees today urging policymakers to pass a comprehensive national data privacy law. more
As part of a larger effort to make the internet more private, the IETF defined two protocols to encrypt DNS queries between clients (stub resolvers) and resolvers: DNS over TLS in RFC 7858 (DoT) and DNS over HTTPS in RFC 8484 (DoH). As with all new internet protocols, DoT and DoH will continue to evolve as deployment experience is gained, and they're applied to more use cases. more
Privacy problems are an area of wide concern for individual users of the Internet -- but what about network operators? Geoff Huston wrote an article earlier this year concerning privacy in DNS and the various attempts to make DNS private on the part of the IETF -- the result can be summarized with this long, but entertaining, quote. more
There has long been pressure from governments to provide back doors in encryption systems. Of course, if the endpoints are insecure it doesn't matter much if the transmission is encrypted; indeed, a few years ago, I and some colleagues even suggested lawful hacking as an alternative. Crucially, we said that this should be done by taking advantage of existing security holes rather than be creating new ones. more
New Zealand's Domain Name Commission (DNC) wins in court against the US company DomainTools for "illegally scrapping personal information" of .nz domain name owners. more
EU holds an eight-hour-long hearing taking an extensive look at whether US surveillance practices break European data protection laws. more
A World-Renowned Source for Internet Developments. Serving Since 2002.