Say you're walking down the sidewalk having a talk with your best friend about all kinds of things. What if you found out later that the sidewalk you were using wasn't really a sidewalk -- but instead a kind of false-front giant copying machine, unobstrusively vacuuming up what you were saying and adding to its database of information about you? Or, say you send a letter to a client of yours (to the extent you still do this), and it turns out later that your letter was intercepted, steamed open, and the contents were read... more
People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more
As a designated committee of experts prepares to draft a new treaty to combat the use of information and communications technologies in cybercrime at the UN in January 2022, it is paramount that other stakeholders oversee these discussions to avoid violating human rights on the Internet. This initiative was kickstarted by a 2019 resolution led by Russia and endorsed by other countries considered by many to behavior controversially on cybersecurity matters, such as China, Venezuela, Cambodia, North Korea, and others. more
The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. more
The Office of the Privacy Commissioner of Canada has released its long-awaited finding in the complaint against Facebook on a variety of privacy grounds. The complaint was launched by CIPPIC in May 2008 (note that I am an advisor to CIPPIC but had no involvement in this complaint). The case marks an important step in assessing how Canadian privacy law addresses social media with the Commissioner identifying some significant concerns. Moreover, as the case potentially heads to court, it will be closely watched to see whether the findings can be enforced against a global social media power like Facebook. more
A venerable old ITU tradition got underway today. Its Telecommunication Standardization body, known as the ITU-T, gathered, as it has done every four years for much of the past 100 years in a conclave of nations, to contemplate what they should be doing at their Geneva intergovernmental standards meetings for the next four years. The gathering is called the WTSA... Old intergovernmental institutional habits still continue, so the participants are gathered in a remote location in Tunisia called Hammamet. more
The Whois Task Force of the Domain Name Supporting Organization (DNSO) has been consulting with registrars over the past few months on the Whois accuracy issue for law enforcement. The Task Force has enumerated three primary areas of interest: accuracy, uniformity, and better searching capabilities. When the registrars met with the Task Force in Shanghai, a fourth area of interest was also brought forward and advocated by many of the registrars at the meeting as paramount to the other three areas. This fourth area of interest was privacy. more
The public discussion of surveillance one year on from the Snowden revelations remains a search for the biggest sinner. New stories 'outing' countries and companies are great transparency and essential for healthy societies but they have a side effect that isn't so benign: they create an evergreen source of new justifications for security services to demand more money for a surveillance and counter-surveillance arms race. more
It seems to be impossible to implement a law against spam - unsolicited bulk email - without making a hash of it. At best, anti-spam laws are ineffective; at worst, they cause more problems than spam itself. Can technology fare any better? ...But despite this flurry of initiatives, we are yet to see a definitive answer to the spam problem. An Anti-Spam Technical Alliance has been formed by Microsoft, America Online, Yahoo! and EarthLink, but these companies continue to proffer competing solutions. Meanwhile, the technology being deployed in the spam wars is causing collateral damage, in the form of 'false positives' - email that is incorrectly categorised as spam, and so never reaches its intended recipient. more
A U.S.-led Task Force in ICANN's Governmental Advisory Committee (GAC) released version 3 of its "Whois Principles" in preparation for the ICANN meeting in Brazil, where it will be debated and finalized. European countries pushed back against U.S. Government efforts to stop ICANN from respecting privacy concerns in its handling of domain name registrant contact data... more
Given that it's been a few years since my last domain name year in review, I've really enjoyed looking back at this year's biggest domain name stories and seeing how this industry has evolved. This year, in particular, has seen some notable changes which are likely to impact the domain name landscape for years to come. So without further ado, here is my list for 2017. more
There is growing concern about how ICANN will comply with the EU General Data Protection Regulation (GDPR), whose enforcement sanctions come into force in May of 2018. How will ICANN comply with GDPR without unduly restricting global Internet users' access to the public WHOIS database? For nearly the past 20 years, Internet users, businesses, law enforcement and consumer protection agencies have relied on WHOIS as a necessary resource. more
From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more
Here at the IGF in Kenya, we're debating how governments, private sector, and civil society can improve the multi-stakeholder model that's helped the Internet become such a vital part of life around the world. Makes me think of another kind of multi-stakeholder model I saw last week on a photo safari in Kenya's Masai Mara National Reserve. more
The Internet Engineering Task Force has approved a Draft RFC for "The .onion Special-Use Domain Name" by the Tor Project, the provider of online anonymity and privacy services. more
A World-Renowned Source for Internet Developments. Serving Since 2002.