In the digital age, personal data protection has become paramount, with regulations like the General Data Protection Regulation (GDPR) shaping global practices. One area significantly affected is the public availability of WHOIS data, a critical resource in the domain name system. WHOIS traditionally provided detailed contact information for domain registrants, but privacy measures have redacted much of this data in recent years. more
The recent adoption at the end of December of the new EU Directive for a high level of cybersecurity across the Union -- commonly referred to as "NIS2" - paved the way for important updates to the domain name system (DNS). Most significantly, Article 28 of NIS2 and its related recitals resolved any ambiguities about the public interest served by a robust and objectively accurate WHOIS system that permits legitimate access by third parties to data... more
Recently ten Democratic Members of Congress wrote a letter to Alan Davidson, head of the NTIA, requesting that the "NTIA immediately cease the public disclosure of personal information about users of .US" country code top-level domain (ccTLD). This communication highlights a significant concern regarding domain registration data: the need to protect the privacy rights of Registrants. However, an equally significant concern regarding registration data was raised... more
Avivah Litan, the storied Gartner analyst, laid it down succinctly for insiders in her blog two and one-half years ago. She said, "Web 3.0 will transform us from Web 2.0's monetization via surveillance capitalism and advertising to monetization built directly into the protocol that is equally available to any connected user." Translated, that means we'll control our destiny by owning and managing our credentials for logging into systems, content, financial resources, and, importantly, our data. And, we are told, blockchain technology will enable all that. more
Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more
One of the consequences of the Jan 6th events is a renewed attention towards Surveillance Capitalism as a key doctrine undermining democracy. This 2-part series of articles discusses the emergence, rise, and fall of Surveillance Capitalism under the premise that the better we understand the danger at the door, the better we are able to confront it. more
Internet Governance, like all governance, needs guiding principles from which policy making, and acceptable behavior, are derived. Identifying the fundamental principles to guide Internet ecosystem policy making around digital citizenship, and around the integrity of digital practices and behavior, can and should start with the Universal Declaration of Human Rights, (UDHR). more
The ICANN 69 meeting has come to a close, with no progress on DNS abuse or implementation of the Privacy/Proxy Services Accreditation policy (PPSAI). While ICANN is uniquely positioned to do so, it refuses to do anything proactive about DNS abuse, with its executives overtly attempting to limit its role to data collection. Moreover, its refusal to implement community-driven initiatives such as the PPSAI points to a growing trend where ICANN is backing away from its public interest responsibilities, to the detriment of the Internet and its users. more
There is a lot of discussion about the Expedited Policy Development Process (EPDP) Phase 2 report on evaluating a System for Standardized Access/Disclosure (SSAD) to non-public gTLD registration data after the decisions taken by the GNSO Council on September 24th. Notably, the Business Constituency (BC) and the Intellectual Property Constituency (IPC) have voted against the adoption of the Final Report of the EPDP team. more
Chinese technology policy is now more effective even than their naval posture in the South China Sea, and both are playing out in full sunshine. This success is not about the hardware pillar of Chinese tech policy, though: its focus is the structural approach China and, increasingly, other stakeholders are taking to global Internet Governance... Late in the Year of the Pig just gone, China's offer of a New Internet Protocol was chewed over in senior-level advisory groups of the International Telecommunication Union (ITU)... more
Surveillance capitalism monetizes private data that it collects without consent of the individuals concerned, data to analyze and sell to advertisers and opinion-makers. There was always an intricate relationship between governments and surveillance capitalists. Governments have the duty to protect their citizens from the excesses of surveillance capitalism. On the other hand, governments use that data, and surveillance capitalism's services and techniques. more
The video-conferencing company Zoom is facing a class-action suit filed on Tuesday accusing it of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted. more
I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..." more
In 2019 under the aegis of the Internet Governance Forum, a pilot project was conducted into the causes of and solutions for the, in general, slow deployment of internet security standards. Standards that on mass deployment make the Internet and all its users safer, indiscriminately, immediately... Recently the report 'Setting the standard. For a more Secure and Trustworthy Internet. The Identification of Pressure Points in Society to Speed up Internet Standards Deployment', was published on the IGF website. more
Business email compromised (BEC) attacks targeting American companies are exploding, with an increase of over 476% in incidents between Q4 2017 and Q4 2018. Up as well is email fraud with companies experiencing an increase of over 226%. These highly targeted attacks use social engineering to identify specific company employees, usually in the finance department and then convince these employees to wire large sums of money to third-party banking accounts owned by the attackers. more