The Internet Governance Project (IGP) issued a set of reports analyzing the current "state of play" in Internet governance. The reports were commissioned by the United Nations ICT Task Force as an input into the deliberations of the UN Secretary-General's Working Group on Internet Governance (WGIG). The report identifies the international organizations and agreements affecting the Internet, and points out where there are conflicts and gaps. more
Today is Holocaust Remembrance Day. Today we remember that the Nazis rounded up Jews, Roma, political dissidents, and other "undesirables" using the best data and technology of the day and sent them off to concentration camps. We don't normally deal with this type of political reality in ICANN, but now is the time to do so. In 1995, the recently formed European Union passed the EU Data Protection Directive. more
IGF-USA full day conference at the Center for Strategic and International Studies (CSIS) in Washington DC to be held on Thursday, July 14, 2016 from 8:00 AM - 7:00 PM. Key forum topics include IANA transition, ICANN accountability, broadband access, online privacy, Internet of Things, and digital trade. more
What happens when you open an email and allow it to display embedded images and pixels? You may expect the sender to learn that you've read the email, and which device you used to read it. But in a new paper we find that privacy risks of email tracking extend far beyond senders knowing when emails are viewed. Opening an email can trigger requests to tens of third parties, and many of these requests contain your email address. more
I like the drift of the Pulver/Evslin proposal on emergency communications, and wish there was as vigorous a debate going on over here. I just hope we in the UK aren't jerked out of complacency by some major disaster -- although widespread use of pre-paid cellular means the problem of sunken landlines isn't as acute. Yet I can't help but wonder why the poor public has to wait for a disaster before they're given partial control over how their number maps to different destinations and services. Why can't I get a voicemail service from someone other than my connectivity provider? Why is ENUM hostage to the telcos, whose interest lies in ensuring that new services can only come from them? more
The best part is ... this isn't one of those 'now that I've got your attention' tricks, like one of those old "free beer" posters; there really is a ton of stuff happening above the 49th parallel this summer. To begin with, as a precursor to Canada's Anti-spam Law coming into effect later this year, the Office of the Privacy Commissioner, the Canadian Radio-television Telecommunications Commission, and Industry Canada have all issued regulations, the latter two in draft form with an RFC. more
CAUCE, the Coalition Against Unsolicited Commercial Email, has looked back at the notable events of the last decade in our industry. Each year/link in the post explodes to a discrete blog entry with a month-by-month break-out of notable events. more
With the Online Trust Alliance Town Hall Meeting and Email Authentication Roundtable next week as well as the RSA Conference, I decided to pause and think about where we are and where we might be headed with regard to email authentication. Over the years, many of us have collectively worked to provide a framework for authenticating email... more
Internet Governance, like all governance, needs guiding principles from which policy making, and acceptable behavior, are derived. Identifying the fundamental principles to guide Internet ecosystem policy making around digital citizenship, and around the integrity of digital practices and behavior, can and should start with the Universal Declaration of Human Rights, (UDHR). more
Remember when Gmail launched in 2004, and everyone said it was going to kill Hotmail, Yahoo!, and AOL? Six years later, and this chart shows pretty clearly that while gmail has grown, only AOL's pageviews have fallen. The rest have held fairly steady. So what's everyone freaking out about? more
A recent story today about discussions for an official defense Botnet in the USA prompted me to post a question I've been asking for the last year. Are some of the world's botnets secretly run by intelligence agencies, and if not, why not? Some estimates suggest that up to 1/3 of PCs are secretly part of a botnet. The main use of botnets is sending spam, but they are also used for DDOS extortion attacks and presumably other nasty things like identity theft. But consider this... more
The Metropolitan NY Chapter of the Internet Society continued its popular series of public events at the Jefferson Market library in Greenwich Village with a panel discussion on WHOIS policy, moderated by Danny Younger. This is a contentious issue, involving tradeoffs between privacy, anonymity, and accountability. more
One big story of the day was Facebook's new and improved terms of service which this Consumerist post flagged and which set off a firestorm of controversy... What Was Facebook's Mistake? Facebook could have avoided much of the controversy by providing its users some advance notice of the upcoming changes. more
The Federal Trade Commission and NIST had a two-day Authentication Summit on Nov 9-10 in Washington DC. When they published their report explaining their decision not to create a National Do Not Email Registry, the FTC identified lack of e-mail authentication as one of the reasons that it wouldn't work, and the authentication summit was part of their process to get some sort of authentication going. At the time the summit was scheduled, the IETF MARID group was still active and most people expected it to endorse Microsoft's Sender-ID in some form, so the summit would have been mostly about Sender-ID. Since MARID didn't do that, the summit had a broader and more interesting agenda. more
A series of attacks on the Email Service Provider (ESP) community began in late 2009. The criminals spear-phish their way into these companies that provide out-sourced mailing infrastructure to their clients, who are companies of all types and sizes. ... On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially. Email lists of at least eight financial institutions were stolen. more
A World-Renowned Source for Internet Developments. Serving Since 2002.