>>EMILY TAYLOR: I have a feeling that the
traffic outside is horrendous. So there may be people drifting in as we go. But we will
cope. We will cope with that. Welcome, ladies and gentlemen, to this session
on, do we still trust the Internet? I suppose there is an assumption there that we ever
did. But we have got a fantastic panel here to begin our discussions, but we are also
very much counting on you as the audience to get involved in the discussions at an early
stage. We are going to run until 7:00 tonight. My name is Emily Taylor, associate fellow
at Chatham House and editor of the journal of cyber policy. We have three wonderful speakers
here this evening. First of all I’d like to introduce Marina Kaljurand, who is the former
Estonian foreign minister, she is a career diplomat and a lawyer as well and has also
been an ambassador of Estonia to many countries, including Israel, Russian federation, Kazakhstan,
Mexico, Canada and the United States. She has been as part of her role with the
Ministry of Foreign Affairs, she has been part of the U.N. group of governmental experts
which is a process that’s been running for quite some time and I think you have been
part of that since 2014, so I’m hoping we will have a bit of a update from you on that.
Also is co-chair to the global commission on the stability of cyberspace. I’ll run through,
before we ask you to take the floor, run through our other speakers as well. We have Dr. Patricia
Lewis, very own research director at the international security team at Chatham House. And has had
a variety of former posts, including deputy director and scientist in residence at the
center of nonproliferation studies in month era, was a director of the U.N. institute
for disarmament research and also served with Hans Blix as part of the weapons of mass destruction
commission between 2004 and 2006 which must have been a very interesting time.
Then I’m very pleased also to welcome Sally Wentworth, who heads up the Internet Society’s
public policy activities, she’s formerly a public servant, assistant director for telecommunications
and information policy in the office of science and technology policy at the White House,
that must have been a challenge to fit on the business card and was also the principal
policy advisor on Internet policy issues at the Department of State in the United States.
That is our panel. We are also here, I should also say that these discussions will be on
the record this evening. So with that, Marina, it’s a great pleasure to have you here this
evening. The floor is yours.>>MARINA KALJURAND: Thank you for the kind
introduction. I’m honored and privileged to be on the same stage with these ladies. I
have to say that it doesn’t happen often that there are women discussing Cybersecurity.
I very much hope that men from the audience will jump in with their remarks, questions
and comments. Yes, I come from Estonia. It’s a country that
is dependent on Internet. It’s the country that has majority of its life on the Internet,
which the country that can’t imagine on-line services, on-line voting, digital signatures,
without the Internet. That is why the questions of free, open accessible
Internet and Cybersecurity have been always high on political agenda in my country. In
my remarks, I would like to talk about two things, international cooperation, and multi-stakeholder
approach. International cooperation, if you remember the attacks of 2007, which were the
first attacks in the history of mankind against a independent sovereign state for political
reasons, one of the lessons that we learned then was, if we want to have global, secure
cyber stability, then we need international cooperation.
We need international cooperation on global level, we need it on regional level, we need
it on bilateral level, all levels. Yes, I have had the chance to represent or to be
part of the United Nations discussion on Cybersecurity in the form of GG, which is three letters
for a very long name of the governmental group of governmental experts, but yes, we were
mandated to look into Cybersecurity from the perspective of international peace and security,
which means that we did not discuss Internet per se, but we couldn’t avoid it. We didn’t
use the word, Internet, because Internet governance and questions like that were outside of the
mandate. But what I can say after the discussions that
we have had in the United Nations is that ideological division, we see today in the
world, is becoming bigger. 2017 was a year when 25 experts representing different countries,
different political systems, could not agree on a consensus report. That is something that
is worrisome, and that is something that does not make anybody happy about that.
I have to be frank and open, that we could make progress on four subjects, new threats,
confidence building measures, capacity building measures, norms, political norms, responsible
state behavior. We could not agree on applicability of international law, we could not repeat
what was agreed in the United Nations already in 2013, already in 2015 and that is a pity.
But we have to take forward what was discussed on the stability of cyberspace, on protection
of critical infrastructure, as I said, not using the word Internet, but ICTs enabling.
So from there, I would go to multi-stakeholder approach. I would argue that for the first
time in the history of mankind, states and governments can’t alone deal with Cybersecurity,
for me it equals to free and open global accessible Internet.
If I might draw a parallel, maybe it’s like Internet governance, that started like a subject
delivered by a, handled by a group of academicians, a pure technical subject which has grown much
wider now. Cybersecurity has been a domain of governments, but at the moment as there
is not enough political will for governments to continue or to deliver something specific
in that field, governments have to look at multi-stakeholders.
When I say multi-stakeholders, I mean industry, private sector, civil society, IT community,
all of them. Here I see a role also for a group of, for global commission on stability
of cyberspace, an international platform that was launched nine months ago in Munich at
the Munich security conference, which has 27 commissioners. One of the commissioners,
Olaf is sitting here in the room. I’m proud to chair the commission, and our commission
has stepped in, not to replace U.N. institutions, not to replace any governmental institutions.
But to look into the subject of Cybersecurity, stability, open and free Internet at the time
when governments for political reasons have taken time off if I might put it politely.
So what has our commission done? Our commission proposed a couple of weeks ago our first norm.
The commission is supposed to propose recommendations and specific norms to states and governments
that are needed to secure Cybersecurity. Our first norm was as follows: Without prejudice
to their rights and obligations, state and nonstate actors should not conduct or knowingly
allow activity that intentionally and substantially damages the general availability or integrity
of the public core of the Internet, and therefore stability of cyberspace.
We decided to start with a public core of the Internet. There were difficult discussions
during the drafting. I hope that at some point Olaf can look into that because we started
with philosophical questions, what is Internet? Is it the public good? What is it? There were
technical questions. How deep and how specifically should we define, what are we protecting when
we say that the public core of Internet has to be protected?
To conclude my introductory remarks, 2016, 2017 for me went into history as the years
of hacking democracy. When I look to 2018, then unfortunately I see that there is appetite
and there is interest in the fragmentation of the Internet.
I don’t know whether we can avoid it or not. But I would argue that definitely it’s not
in the interests of my client or the interests of all people.
>>EMILY TAYLOR: Thank you very much. (applause).
Dr. Patricia Lewis.>>PATRICIA LEWIS: I’m going to talk about
our commission in that case, because you talked about yours. I was, Chatham House is Secretariat
for another commission which we did with CG in Canada, called a global commission on Internet
governance which is a precursor to your commission. We came up with the idea of a social compact
for the digital society. We outlined the core elements of that, which one could argue is
the public core of the Internet that you say. We say there must be mutual understanding
between citizens and their state, and that the state takes responsibility to keep its
citizens safe and secure under the law, while in turn citizens agree to empower the authorities
to carry out that mission under a clear accessible legal framework, that includes sufficient
safeguards and checks and balances against abuses. Businesses must be assured that state
respects the confidentiality of its data and they must in turn provide their customers
assurance that their data is not misused. There is a urgent need to achieve consensus
on a social compact for the digital age in all countries. I think that this is really
the public core, this is the agreement that we must have between all of us. When the Internet
first started, and it grew as you rightly say from a community that I was part of to,
into something that was a fantastic resource for those of us working in exchanging information,
exchanging papers, connecting with each other in a completely different way, and forming
neural network if you like. And the idea of it spreading and becoming something for everyone,
building on how everyone was already using E-mails and creating this network that then
the Worldwide Web was able to superimpose itself on and create what we now think of
as the web and the Internet, almost as if they were the same thing.
And it has connected us, and it has provided us with information that we never had access
to before. One of the things I think about, about our late digital natives, those who
have grown up with the Internet, their brains are brilliant because they don’t keep all
the extraneous information that we had to learn by rote. They can just access it. They
have a second brain, the brain that is separate in their iPhone or a brain that is on their
laptop, soon in other devices that they have access to and much easier. But they are relying
on this brain to be trustworthy. So in order to be able to trust in something it has to
be trustworthy. But let’s not throw away what is the most amazing source, protect it and
make sure it is there for us. I think the thing is that when we are on-line
as human beings, we are, as we are, we are still humans online, but as we find out in
our own lives that when the rules change we often change our behavior. I was talking to
a criminologist, somebody who is an expert in criminology. He told me that just about
everyone breaks the law when they have the opportunity. Usually it’s in a small way and
it’s things like speeding, I’m not looking at anyone in particular. Or parking, you know,
parking, anyone who parks in a disabled space, I’ll come after you. But we do behave differently
when we think we are not going to get caught. We do behave differently for example when
it’s nighttime compared to when it’s daytime. We behave differently in different contexts,
modify our language when we visit our elderly uncle, or we perhaps speak in a different
way when we are with younger people rather than older people, that so when we are on-line
we behave a bit differently. That has to be understood and recognized, rather than try
to force everyone to behave in a particular way on-line.
We need to create an Internet that is for the people who use it. I always think about
the Internet as being a guardian, and it’s a guardian which requires a lot of tending,
but it’s a garden with lots of different areas, areas of shade, areas of bright sunshine,
pathways, there is public spaces, there is private spaces. And there is always something
nasty in the woodshed. There are ducks on the water, all of that.
If we think about that and think how we can create that as a public space for everybody
to be able to use, from young through to old, it’s a much better way to think about it.
We have to make it safe and secure, which are two different things. Some languages it’s
difficult to discriminate between those two concepts, but it is slightly different.
We have to make it reliable. That is one of the big issues for people, how reliable is
it, not only reliable in terms of whether you can access it or not but also reliable
in terms of the information that it gives out. If you go to a particular search engine
and you only get a small percentage of the available information that is not reliability.
People are beginning to look for other ways of finding information as a result.
But it has to be accessible primarily to everyone. I think Sally, you are going to get into the
issue of net neutrality which is the decision today but it’s a big worry that we have.
In the end, what it does come down to is whether or not we can trust the Internet. I think
that’s got a lot to do with the way we think about trust in our societies. In some societies,
there is a high relationship of trust between the government and its people, and I suspect
in Estonia that is true. And in other countries, there is a very low
level of trust between the people and the government for good reason. So in those countries,
for example, they might want to use encrypted technologies, but in so doing they think they
are going to draw attention to themselves. They are frightened to, even though it might
protect them, they are frightened to actually use them.
How do we create an Internet where those people in countries where their governments literally
cannot be trusted, they are not trustworthy, providers of the Internet, how do we provide
an Internet for them? People are very tech savvy and able to get around, they do workarounds
the untrustworthiness. We have seen it in the Arab spring, China and Russia, people
who know how to do it can find a way around restrictions, around the surveillance and
snooping, but ordinary people can’t. I was in a country once that has very severe
restrictions on what you can see and can’t see. I found that for example I couldn’t look
up anything that might have shown me a bare arm or bare breast, so if a woman is looking
to find out about breast cancer, for example, she might not be able to in that country,
because unless she knows how to get around those restrictions, she won’t be provided
with that information. So I think a lot of it is cultural, and what
worries me at the moment is that we seem to be instead of bringing people up, and raising
ourselves up together, we seem to be going down, more to the bottom, and thinking, if
that country is going to do that, then why the hell don’t we? If there is no trust and
security there, why should we provide it anywhere else? That really worries me.
I think governments need to provide security and security and privacy are two sides of
the same coin. If you need to be, to trust in the privacy, you need to have really good
security. To me that is all about providing the right
sort of protection for people on the Internet. That is where I would like to see this discussion
go.>>EMILY TAYLOR: Thank you very much. Before
turning to our next speaker, Sally, I would also like to acknowledge and thank very much
the Internet Society for your support and great collaboration this year, and it’s great
to have you here. I’d also like to do a little trailer for our latest issue of the journal
of Cyber Policy which we have done in partnership with you. We have one or two of the authors
here in the room this evening. There are copies upstairs, so please do take one if you can,
and if they are all gone, it’s open access for this whole month. I thought I’d interject
with that.>>That competition.
>>EMILY TAYLOR: Yes, it’s your competition. There is a, Patricia has found a deliberate
error, may be deliberate error on the cover, here is a clue, it’s in the word search somewhere.
>>PATRICIA LEWIS: Every issue has got a different set of words in the green words around the
eye. I don’t know if you notice that. But every issue is different. This issue has got,
there are different words, but there is a deliberate mistake. We are offering a bottle
of champagne for, we will give you until a certain time in the reception, we will announce
it, if someone comes forward with where they can find the deliberate error. (chuckles).
>>EMILY TAYLOR: That was a little bit of a detour. Sally, we are delighted to have
you here this evening. Welcome to Chatham House and look forward to your remarks.
>>SALLY WENTWORTH: Thank you. I’ve already gone a little cross-eyed trying to find the
error but I haven’t found it yet. I would first like to start by also thanking
Chatham House for, I think we have had this wonderful partnership over the last year,
and it has certainly opened us up to a new audience and a new environment, and given
us a chance to wrestle with some difficult issues, alongside Chatham House, whether we
were talking about the implications of the Internet for society, or this tussle between
technology and law enforcement in the space of encryption. These are issues that are front
and center to the future of the Internet, and we think that Chatham House and the environment
that you provide is a real opportunity to wrestle with some of the issues, the leading
issues facing the Internet and all of us who care about it. So thank you for that.
At the Internet Society, we have a long and deep history of, and commitment to the core
values of the Internet, which both of you have spoken about very eloquently.
We believe in an open network of networks that is global, that creates opportunity for
people, that drives innovation and creativity around the world, regardless of frontier.
And provides a space for people to express themselves safely, securely, with trust. I
think we are finding ourselves at a moment in time when all of these values seem to have
been put back on the table to be reexamined. I think we find this particularly right now
in this country, in the United Kingdom, in my country, in the United States, and elsewhere,
where we are really challenging this notion of, is the Internet really good for us? All
these questions about democracy and the implications of technology for public discourse and society
are things that we should and appropriately wrestle with. Am I safe, am I secure, is my
data being protected? Do I even know how it’s being collected and by whom? These are all
questions that are on the table by users and being discussed by individuals in ways that
would not have happened even a year or two years ago.
So, I think that we should step back and remark on the fact that that is healthy, that we
shouldn’t shy away from those conversations, and even though we at the Internet Society
will advocate strongly for the Internet, we are not going to shy away from the difficult
questions that I think we need to collectively answer.
On the security front, it’s an interesting evolution of the discussion, the discussion
around Cybersecurity for a long time was very isolated between governments in one space,
talking, and it was very much a nation state to nation state almost warfare, shutting things
down, and we still see that certainly. And then the technical, commercial discussion
about data integrity and securing the infrastructure, and all the things that need to be done to
create a secure on-line experience. These discussions were over here, separate
from each other. What we have clearly understood now is that that is not realistic. It is not
appropriate. And it’s not productive. It doesn’t move anything forward as Marina pointed out.
When you only have governments in the room trying to solve things that inherently affect
and users and the private sector and all these communities, it’s a very difficult conversation
to have. We do think that organizations or groups like
these commissions are incredibly important in moving the conversation forward and giving
us a new way of thinking about these things. I think for us, it’s important to not lose
sight in all of this, of the implications for the end user, right? And sometimes when
we get into a debate over national security or over big trade agreements for example,
it’s easy to get the big players in the room, the important people, to sit around a table
with some notion that they are going to solve things. When you have something like the Internet
that is so global, so integral to all parts of our lives, I think we have to have, take
a little dose of humility in terms of how far those kinds of conversations can go.
This year, the Internet Society, shameless plug but we turned 25 years this year, and
we took the opportunity to do a report with our global community and partners on where
the Internet might be going. I think when we started, we thought maybe we would have
an epiphany and declare where the Internet was going. I think quickly we realized that
that was not humble. And what we came up with instead was some potential futures of what
we heard from the people in our community. It was very enlightening, at the same time
we are writing this all of this news is coming out in the United States and Europe and elsewhere
of all the sort of terrible things that are happening alongside this technology. And to
get on calls or in meetings with the youth part of the Internet Society, or our African
chapters, and to hear from them, not the cynicism, not the terror, but the opportunity, right.
The comment was the Internet is life. The internet is our opportunity space. All these
decisions that you think you are taking, you better not lose sight or foreclose those opportunities
from us, because we are getting on-line now, we are the digital natives, we are the future
of this technology. I think in all of these conversations, we
have to keep that in mind. But they also expressed a real fear. They express this fear that as
this security conversation comes together with the cyber, the more sort of technical
discussion, that the individual liberties, the freedoms that they have come to expect
are going to be compromised away in the name of security. They see this happening in their
own countries all the time. We need to shut down the Internet because we have an election
coming up. We need to curb what’s app because we want to prevent this protest from happening.
These governments are getting more and more innovative in the approaches that they use
to secure the Internet, to secure the experience, to secure their societies in ways that ultimately
undermine the rights and freedoms of citizens. We have to be, I think take that into account
as we deal with these issues of security.>>EMILY TAYLOR: Thank you very much. I’m
going to go to the audience for questions. I’d also like to hear from Andrew Sullivan,
one of our authors. But before I do, while you are all warming up your brains to think
of questions to ask our panelists, I’m very struck by first of all, you, Marina, talking
about governments taking time off to put it politely, I’d love you to expand on the nonpolite
version of that one. (chuckles). Also, you mentioned about people, both of
you, security being about people security. We have an all-woman panel this evening. I’d
like you to give me very quick thoughts about the on-line misogyny, the hate, you mentioned
Patricia, about the, we want to be going high but we all seem to be dragging each other
down. Why do you think this is happening and what should be done about it? Marina?
>>MARINA KALJURAND: Really good questions, but just to elaborate on the polite way of
saying, what I saw today in the United Nations, what I saw today globally, U.N., okay, I’m
critical towards U.N., I don’t think that U.N. is the best organization. But, that is
the only thing we have today. That is the only thing we have today.
It’s so well-positioned to talk to all the countries, because Cybersecurity should not
be a topic for rich white countries, we have to talk to developing world. 150 countries
today don’t have a clue what Cybersecurity is, those will be engaged and I don’t see
it. I see when the countries get together, they start reading political declarations
by cyber sovereignty, about individual Internet and that is something that worries me.
I don’t want cyber 9/11 to happen before countries get together, start discussing constructively
and start agreeing on something. That worries me.
>>PATRICIA LEWIS: One of the things we have come up with, Marina, is in other arenas,
we have had similar problems, and cyberspace is, if you like, a fairly new technology,
but we have had other technologies and other spaces. One of those is actually outer space.
In outer space, there is a real divide between what can be agreed in the security sector
and what con be agreed in the peaceful use sector. What the U.N. has done usefully is
divided up those two arenas, and parked if you like all the really difficult security
issues into one place where we know we are never going to find agreement fully, unless
suddenly the lion lies down with a lamb and there is a opportunity. Then all the peaceful
uses has been put in another arena. There fantastic work has been done on codes
of conduct, on guidelines such as the removal of debris from the outer space orbits which
is a real problem. Progress has been able to be made on the peaceful side, and while
progress that can never be made if you like on the conflict and military side has not
then dragged back the peaceful side. I think we can do something similar in the international
cyberspace.>>MARINA KALJURAND: Briefly, if I may talk
to, I don’t think we can do that because in cyber we already see the hybrid. We see cyber
is being used together with chemical weapons. We have war in Georgia where people died.
Cyber is being used on military basis. We can’t waste time on thinking about new codes
of conduct. We have to look into what we have today. We have international law. 2013 we
agreed international law applies to cyber. We have to start looking into that. Writing
something new, it’s the future. We have to do today what we have and in the frames we
have. We have to avoid gray zones.>>PATRICIA LEWIS: I don’t think we should
go into gray zones but we need to think about the future as well as today. It’s not good
to think only about today, we have to lay down things for the future. That is something
women can do at the same time.>>SALLY WENTWORTH: You asked the tricky question
in terms of, I think, the behavior towards women on-line, and I think you said the on-line
misogyny and hate. Someone, I think it was Vince, Vint Cerf said it recently, he imagined
that a society would emerge out of the Internet. And in any society, that emerges, there is
the good and there is the bad. I think we see that certainly happening in
the Internet Society, in the Internet community. And it is devastating, and I think we shouldn’t
underestimate the power that words have, when written and/or spoken against people. It is
profound. And I think it’s probably happened to all
of us in one form or another on this stage. On the other hand, trying to be an optimist,
this year we identified 25, under 25, young people, 25 young people under the age of 25
who are changing the Internet in their countries. Several of them were young women who are using
the Internet to teach women’s health in countries where it is not discussed or common, to create
a space where women can fight back against domestic violence, to turn this, what could
be a very negative experience to empower women. I think it omits the hate and the challenges
that come with that, I guess I look to those young women who are not willing to be silenced,
are not willing to be put back in a corner, and who are just going to keep forging ahead
and demand equality and all the things that are due.
>>EMILY TAYLOR: Thank you very much. Who would like to ask a question? Goodness, right.
Okay. And I’ve got Andrew as well. I’m going to take a question from you, sir. And then
I’m going to come to you, Andrew.>>AUDIENCE MEMBER: Thank you very much. House
of lords, I’m interested in the urgency question which Marina has just alluded to. The exam
question of today’s discussion was do we still trust the Internet? My slight concern is that
we trust it too much. This morning I sat in a meeting of a organization I chair, which
is looking at the way in which people are scammed by fake goods. They recognize fake
goods as not being real when they see them in a market store but if they see them on
Facebook or on Twitter, they buy them. And the scammers get rich.
We have had a bombardment of fake news as the president of the United States likes to
call it, from all quarters, perhaps undermining electoral processes, warfare by other means
going on. We have people who, when they search for prostate cancer or breast cancer on the
web, end up being bombarded with information suggesting that there is some magic herbal
cure and that you should avoid any form of conventional medicine.
There is a urgency about this at all sorts of levels because people are too trusting.
I’d be interested to know what the panel thinks could be done in the short term, as opposed
to the long term, when we would all grow up and realize how we need to use the Internet.
>>EMILY TAYLOR: Hold that thought. Andrew, have you got a a —
>>AUDIENCE MEMBER: Andrew Sullivan, it’s an excellent question. I don’t speak for anyone,
by the way, which is my usual condition. This is an important question, I think, that
was just asked and I want to pick up on something that Sally said a moment ago, because there
is really a grammar problem here. If you think about the Internet, we talk about it, and
it looks like a noun, like the table. But it’s really a mass noun like the traffic.
The traffic is bad or is the traffic good or whatever.
We did a bad sales job with the Internet. We sold it as a thing, of something that people
can go and it’s one place and so on. What’s happened here is now we have this difficulty
where people who are experiencing what really amounts to an environment are asked to either
trust it or not, make a decision. Do you trust the Internet? Well, do you trust the world?
I don’t know. For what purpose? When I go into a shop, I think this is an excellent
analogy, when I go into a shop, I look around. Is it a sketchy place? Does it seem to be
in the high street with all of the expensive rent? It’s got the logo on the outside. It’s
probably a real shop. Or else they got a very expensive scam they are running.
Whereas, on the Internet, there is no difference between the scamy place and the expensive
place and so on, you can’t tell the difference. The key and the direction we have to move
is to give people those kinds of cues in the environment where they are on-line. There
is no way to do that right now. I think that this is part of the key to solving most of
these problems, to give people the kinds of clues, when you are walking through a sketchy
neighborhood, you know, look around or don’t give them your credit card or don’t hand it
over and keep your eye on it. That is a sort of important facility that you have as a human.
If you are complete naive, if you are a child you don’t know how to do that yet. As you
grow up you learn those things sometimes painfully. This problem is that our entire world is experiencing
that same growth, where we are learning about how things can be abused in a culture that
is growing along with us. I don’t have a magic solution for the short term answer. To a certain
extent, I think this is the kind of pollution that causes us the opportunity to say, now
we understand where this pollution is and then we create social responses to that.
But we talk about the Internet right now as though it’s another place, as though it’s
another thing outside of our society. But it just isn’t anymore. We are going to have
to learn as a culture how to interact with this thing, but we don’t want to kill it.
That is actually the thing that I’m most worried about, that we are going to kill it instead
of fixing it.>>EMILY TAYLOR: Like Steve famous phrase,
never trust a computer you can’t throw out a window. We can’t do that with the Internet
anymore. It is ingrained in our society. To Mr. Harris’s question are we trusting the
Internet too much? And the idea of, how do we get our streets smarts, if you like, often
phrase about, so develop those intuitions on-line.
>>I wonder if I can throw out a question to everybody. How much responsibility do the
websites have and the companies that run them? Let’s take one of the marketplace websites
we can think of e-bay as being a typical example but there are many others.
They do have responsibility. They do have a mechanism when you buy something and it’s
not as advertised, you can let them know and they can try to negotiate a refund. It doesn’t
always work, there are problems with it but it’s not different from buying something from
a shop and you have time to take it back. They have taken the responsibility in the
mechanism. Companies like Airbnb do something similar, with assurances that they provide.
The question that we always have, and this is the issue, I think, is what do the social
media, what responsibilities do the social media websites have? Are they content for
publishers, do they have responsibility for the content on the paper they are putting
on and I think people would feel uncom for thible if they were censoring the content
but they could be helping to modify behavior — uncomfortable.
I’m thinking if you go to a forum where people are debating, houses of Parliament, there
is a modification, there are rules and there are ways in which you can and can’t behave,
things you can and can’t say. We can try to say if you are going the participate on this,
this is the way you need to behave. There are certain behaviors which are not acceptable
for this particular social media.>>EMILY TAYLOR: Who makes those rules? Is
it down to the social media platforms on their own?
>>SALLY WENTWORTH: I think that is the challenge. It’s been fascinating to watch. A number of
years ago if we had had this conversation, I think the social media or many of the sort
of intermediaries would have said, not us, we are intermediaries and we have no role
in this conversation, other than to transmit the content from the provider to the user.
That is what we do and whatever package we send it to you in.
That is no longer the stance. I think that stance is starting to shift, because it is
the case that these are platforms that are huge parts of our society, and I think are
starting to see some responsibility that goes with that.
I don’t think that it’s a good business proposition to be the purveyor of fake news. I don’t think
that that is anything that is anybody’s long term business interest.
But at the same time, I think we as a group of users have to be careful about ceding too
much power to these companies to make those decisions, right? I do think a multi-stakeholder,
a set of norms, a some sort of compact, however we want to package it up, we have to decide
what’s acceptable, and what we are looking for, what is our demand on this, rather than
just ceding it over to a big commercial entity to make that decision for us.
This is no longer just a marketplace, but they are part of our social debate. I think
the last thing I would say though is, there is a tendency in these conversations to put
the responsibility on all these parties which is fine, but I think as end users, we have
to take a piece of the responsibility. I think digital literacy, we should not underestimate
the importance of that, the importance of giving people tools or developing tools where
they can make smart decisions on-line. It is no longer simply responsible to just
hand your credit card to any website, or to click on every E-mail that comes in from an
unknown sender. We have to do better as end users in taking some responsibility for what
happens. Having said that, the tools can be overly
complicated for the average user, and it’s a hard thing. But whenever I’m in these conversations
I at least like to put the plug in that we own a little bit of this.
>>EMILY TAYLOR: Thank you. Marina.>>MARINA KALJURAND: On the question you raise
for me there are two sides, there is information out there in the Internet like Patricia and
Sally said, but at the same time, there are on-line services, where governments have obligation
to secure, security of the integrity of data, security of exchange of data, authentication
of people. Here comes the question of trust. As I said I come from a country where we have
3,000 on-line services, government can’t impose it on us. We are doing because we trust government,
and government has promised to make the services secure. So far, government has not teasing
us so we still trust our government so there is information out there where we have to
be smart, what is fake and what is not and there are on-line services where governments
have responsibility and have to take the responsibility. Thank you.
>>EMILY TAYLOR: You, sir and I’m going to take two or three questions. I’m going to
go to you and then you, ma’am and then you, Maria. I’ll try to get back to everyone.
>>I’m a freelance marketing consultant. My question is will the decentralized Internet
will resolve the problem of trust, because if it’s, when it’s based on Blockchain everything
can be traced back. Even a fake product can be seen that it’s fake, what do you think?
>>EMILY TAYLOR: Thank you. So there is Blockchain.>>Louise Bennett, I think one of the key
things is that we are in a moment now where parents don’t necessarily know how to teach
their children how to behave on-line. I would particularly like to bring up the question
of how that is done in Estonia. I was there this summer, at the Euro dig, and I’ve been
talking with people at the university of Tallinn about some of the education programs.
While in the UK we are developing better education in computing, we are not dealing with what
I would call the moral and ethical side. But there is a very good program in Estonia on
critical thinking for children at primary school age as we would call it here. I think
it’s very important that that type of thing is taken forward, so that people understand
how to be safe on-line, understand who to trust, and I’d like you to tell us a bit more
about that.>>EMILY TAYLOR: Thank you. I’m going to — I
had Maria next.>>Maria Fairl, I’ve seen over the last couple
days headlines about NATO officially and publicly declaring it’s going to use cyber offense
capabilities against NATO’s, what is nice word for this, unpreferred states. That is
clearly, I don’t think it’s perhaps a difference in activity but it’s a very different public
stance. I wonder what the panel’s view is in terms of do we still trust the Internet,
when it is quite publicly a factor for offensive capabilities.
>>EMILY TAYLOR: We don’t all have to answer everything. But we have something about, is
Blockchain going to save us? Could you tell us about education, and learning critical
thinking, in Estonia and also about NATO avowing cyber offensive capabilities. Who wants to
go first? Estonia and teaching.>>MARINA KALJURAND: Thank you because I agree
with you, governments have to provide possibilities, opportunities of taking advantage of the ICT
capabilities but also talk about as we call it cyber hygiene. Yes, we started a program
for our first graders, we wanted to start at the early stage but you can’t reach out
at a earlier stage, not all kids are going to kindergarten. The first time we get all
the kids together is the first grade. It’s cyber hygiene, it’s programming. Schools have
free hands. Some schools have introduced special subjects, other schools have, are discussing
cyber hygiene when discussing other topics. But yes, we think it’s crucial. Cyber hygiene
being taught not only to kids but my mother is 92, she is typing, she needs exercises
of cyber hygiene. Maybe another quick point on offensive. As Estonia being NATO member
state, it’s time to be frank and open. Yes, we have defensive capabilities, yes, we have
offensive capabilities. So far when governments were not ready to talk about defensive, that
wasn’t right because we had them. We have them and we are delivering them. What is important
again international law, when used, because we have retaliation, we have measures in international
law, we have it in U.N. charter, article 51 inherent right of self defense. We have all
these norms, which means that if we talk about offensive, we have to be within the framework
of international law. That is the basic line.>>EMILY TAYLOR: Thank you. Blockchain, anybody?
>>SALLY WENTWORTH: Not my particular area of expertise but I would use this as my colleague
Olaf pointed out there is a nice piece in the journal about the implications of Blockchain
for society for human rights, might be something to think about.
This notion of decentralization as you pointed out has been really core to the Internet since
its earliest days. It is a theory that allows you for redundancy, resiliency, and I think
to your point, potentially improves the environment of trust. So to the extent that, as Blockchain
develops and is widely deployed, and we see great interest in the technology, particularly
in developing countries where it provides a mechanism or a tool to protect records,
right, individual records that aren’t trusted to be put in the hands of a government or
there aren’t mechanisms to do that. I think there is real opportunity there.
I think it’s, it remains to be seen. It’s still on the horizon. But I think we should
be optimistic and take lessons from the past to see how they can take us forward in a Blockchain
environment.>>PATRICIA LEWIS: I think anything that provides
authentication, verification, and integrity, to data, to communications on-line, including
all sorts of encryption, is in the interests of security and provides privacy and security,
and those two things come together in that. What I would say though is that there is no
perfect system, and as technology goes on, even technologies like Blockchain will be
vulnerable. To rely on them as best as you can is good,
and it increases security. But there is no such thing as a hundred percent security.
As we go down to more and more powerful computing, particularly as we go into quantum computing,
those things will not be as secure. If you build overreliance on those things, you will
end up with a problem. You need to be continually developing security measures and encryption
measures and so on, in order to be able to stay ahead as technology develops, more generally.
>>EMILY TAYLOR: We have time for maybe one or two quick questions. The gentleman there,
and, okay, I know that there are more people wanting to ask questions. Very quickly from
you, sir, and then you.>>Hi. Question number one, with e-bay as
an example, they have already bypassed e-bay by sending a E-mail to the person, pay directly
to the bank. In that transaction, they are losing thousands on that. How does a organization
that’s brand is stolen, how do you handle that?
The second thing is, why can’t we have people validated when they buy domain, like we have
cars, we know that person has a driving license and the other stuff. When you buy a license
to do business on the Internet, we know who is responsible. The third thing, which is
a technology piece, why don’t browsers have a right click, we can then say this domain
is dodgy. That can get created electronically. We can investigate. We can use machine learning
to investigate, or we can like the fraud team can investigate with the police. There are
different things that we can do. When do we start?
>>EMILY TAYLOR: You have a mic.>>Thank you very much. I’ll try to be quick.
You made a point about safety and security being different things in the Internet. What
I’m curious about is really in terms of the policymaking, how do we go about distinguishing
between those two things? What does it really mean in the short term? Can we assure that
you are safe and secure at the same time? Because if you start encrypting things, you
encrypt things for good guys and bad guys. What does that really mean for us as a society?
>>EMILY TAYLOR: Those two are nice to set up just very final, very quick comments. I’m
going to start with you, Sally, and then come around.
>>SALLY WENTWORTH: I think what we have hit on, we have covered I think a landscape in
many ways from the nation state and cyber offensive all the way to the roles, responsibilities
of the individual. I think what this highlights is, again, what I said earlier, you used to
separate these and they were far, far apart. And it’s amazing, every conversation it seems
that I have like this, they immediately merge together.
A potential cyber offensive action by a country has huge implications for users, for anybody
caught in that cross-fire. It is not, and the safety, right, of those individuals. So
I think it is very hard in some ways to pull those concepts apart.
Probably getting some semantical agreement about that is important and useful as well.
But we are at a moment, and we are at a, I think a turning point in the Internet where
it has gone from being this thing that was over there that we went to, that we decided
to use, and then we walked away and went and did something else. The Internet is now with
us in our daily lives in ways that were only imaginary years ago. It is on you and with
you and sensing and putting data out, and the technologies are deeply personal. So we
have to wrestle with these issues with the sense of urgency, and not rely on the governments
alone to solve them, not rely on industry to make decisions on our behalf by themselves,
and to take some responsibility to be part of that dialogue.
>>EMILY TAYLOR: Thank you.>>PATRICIA LEWIS: I think there is a reason
why we are glued to our phones, and iPads and things. It’s because we all now know it’s
on the Internet, individual on the Internet, we are now the Internet. This is the point.
It has moved from being a thing, a tool out there that now we are actually immersed in
it. That is a really important transition. It is only a small step to the way we start
to chip ourselves and things actually. So in terms of security, I guess what I see the
issue of security about being the issue of data security, which includes data authenticity,
data integrity, and it’s very important and I think when you are robbed, when your identity
is taken or your information is stolen or if your bank balance, your bank is, money
is taken from it, that is about security. You can feel very unsafe as a result of that,
but that is about security. Now, safety I think is something different. I think what’s
happened on-line is that there is a sense of unease, and I don’t know if anyone ever
has played with a avatar or gone into some of these different parallel universes and
so on, but it can be very disconcerting. Because we are now points on the Internet, we are
nodes, we are now connected somehow in there. Part of our personalities are in there. When
we are being trolled on-line, we don’t feel safe. Even though we may be physically safe,
we don’t feel safe. We also know that it can move quite quickly
from being on-line in that digital space to actually being in our homes on the street,
stalkers, etcetera. That is that feeling of safety which is a different thing about the
issue of security. I might have got that wrong, but that is how it’s coming to me anyway when
I’m thinking about it.>>EMILY TAYLOR: Last word from Marina.
>>MARINA KALJURAND: On authentication, we all know the dog silting in front of the computer,
so it was yesterday. Today we have possibilities, we have means to identify, who is on-line,
who is participating in the on-line services. The last bit of promotion, look, Estonia e
residency, we are even giving the same right to foreigners. Once we identify you, once
we take your data, biometric data, we issue a I.D. card, and with that I.D. card, we guarantee
that you are the one who is participating in on-line transactions. Banking, digital
signatures, starting business in Estonia, so it’s doable.
I’m looking at how the institutions, the governments, to do the same. It’s doable. Become Estonian
e resident and start business in Estonia. Come to Estonia.
>>EMILY TAYLOR: You heard it here first, folks.
I think there is a lot more conversation to be had. But we are out of time, and thank
you for your patience and also thank you to the wonderful panelists for their insights
and remarks. There are some drinks upstairs, thanks to the Internet Society. So you are
all invited and the champagne will be delivered to whoever found the error. Half past. Thank
you all very much. (applause).