This is our 80th edition of The SCAN – Selected Curation of Articles on Net-Governance. Feel free to share your suggestions with us at SCAN@thegovlab.org.
Bennett, Cory. Security clearance hack stretches back full year. The Hill. June 19, 2015.
- Late Thursday night, Office of Personnel Management (OPM) officials acknowledged that “a data breach exposing security clearance data occurred a full year ago.” This means that the hackers had a full year to explore and take as much data as they wanted. According to the author, “The OPM’s inability to uncover the malicious actors will also likely generate new rounds of criticism of the already embattled agency and its director, Katherine Archuleta.”
Canadian government websites go dark after ‘cyber attack’. BBC News. June 17, 2015.
- On Wednesday, Canadian servers suffered a massive cyber attack, and government sites were shut down for several hours. The hacking group Anonymous claimed responsibility, saying it was “in retaliation for the recently-passed anti-terrorism law, known as C-51.” The group also declared that this bill is “clear violation of the universal declaration of human rights” and that it “targets minority groups and dissidents alike.” The sites are now back online, but officials say they do not know whether any data had been taken.
Corwin, Philip S. Electronic Frontier Foundation Tells ICANN to Delete URS from .Travel. CircleID. June 15, 2015.
- In this piece, Corwin discusses a recent request made by the Electronic Frontier Foundation (EFF) for ICANN to “drop the notion of applying the Uniform Rapid Suspension (URS) dispute resolution system to .Travel and other legacy gTLDs without undertaking a full Policy Development Process (PDP).” According to the author, ICANN misstepped when they decided to impose these regulations on .Travel in an effort to increase consistency across all gTLDs. Corwin praises EFF and says they made a valuable contribution to ICANN accountability by expressing strong opposition to this attempt to sidestep proper decision-making processes.
European court blames website for hosting offensive comments in ‘shock’ decision. RT. June 17, 2015.
- This week, free speech activists were disappointed with a decision from the European Court of Human Rights approving the Estonian justice systems right “to fine a news website for user-generated hate comments under an article.” Delfi AS v Estonia, was rooted in a nine-year case over an article about a ferry company that contained hate speech in the comments underneath. According to the judge, the article itself was balanced, but the comments underneath contained hate speech. The judge concluded “the ability of a potential victim of hate speech to continuously monitor the Internet is more limited than the ability of a large commercial Internet news portal to prevent or rapidly remove such comments.”
Evans, Stephen. South Korea provokes teenage smartphone privacy row. BBC News. June 16, 2015.
- The South Korean government recently ruled that “people under 19 who buy a smartphone must install an app that monitors their web activity.” This measure would also allow parents to block access to “undesirable” sites. This move has raised a national conversation about the extent of government paternalism in Korean digital communications. According to the author, most teenagers seem to resent this new measure and many argue that “learning to control what kinds of media are encountered on the net is now a part of growing up.”
Fung, Brian. Time Warner Cable will be the first to get hit with a net neutrality complaint. The Washington Post. June 16, 2015.
- Just a few days after the new net neutrality law officially took effect in the United States, San Diego–based firm Commercial Network Services (CNS) stated that they plan to file a complaint against Time Warner Cable for charging “unreasonable rates to deliver its streaming videos to Time Warner’s customers.” CNS streams live video over the Internet, and according to the company’s chief executive Barry Bahrami, Time Warner’s interconnection practices have not been ‘just and reasonable’, as required by the new net neutrality rules. The FCC has not weighed in on this matter yet, and each filing will be evaluated on a case-by-case basis.
Gallagher, Sean. Encryption “would not have helped” at OPM, says DHS official. ArsTechnica. June 16, 2015.
- Last week, hackers gained access to sensitive data on millions of employees and contractors within the Office of Personnel Management (OPM) system. According to Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment, encryption would not have helped in this instance because “the attackers had gained valid user credentials to the systems that they attacked — likely through social engineering.” OPM leadership noticed the breach when the agency was updating their tools and capabilities. According to Director Katherine Archuleta, the breach would never have been discovered if not for these updates.
McCabe, David. House panel approves bill on Internet domain transition. The Hill. June 17, 2015.
- On Wednesday, a House committee passed a bill “that would give Congress more oversight of the plan to give up America’s control of the Internet domain name system.” Because some lawmakers have expressed concern about the transition, this bill was proposed “to give Congress time to review the proposed transition and require a Government Accountability Office audit of the transition.” According to Representative Greg Walden, the bill would stop lawmakers from attempting to limit funds for implementing the proposal.
Strickling, Lawrence E. Stakeholder Proposals to Come Together at ICANN Meeting in Argentina. National Telecommunications & Information Administration (NTIA) Blog. June 16, 2015.
- In this blog post, Strickling discusses the NTIA’s priorities for the upcoming 53rd ICANN meeting in Buenos Aires. He mentions that the next step for the IANA transition will be for the IANA Stewardship Coordination Group (ICG) to “combine proposals into a consolidated transition proposal and then seek public comment on all aspects of of the plan.” Strickling then poses a number of questions that he hopes stakeholders will consider regarding the draft proposal, and ends with a hope that the community shifts focus to how they will implement the recommendations made. He concludes with a call for all global stakeholders in this process to “work together constructively to complete this final stage of the transition.”
Razumovskaya, Olga. Russia Proposes Strict Online Right to be Forgotten. The Wall Street Journal. June 17, 2015.
- This week, the Russian government proposed a “right to be forgotten” rule that is “significantly stricter than its European counterpart.” The Russian law does not require individuals to provide specific hyperlinks when they request information to be deleted, which gives their right a far greater reach (than in Europe, where they are required to point to links that they want removed). Additionally, the new law extends “the right to erasure to public figures and information that is considered in the public interest.” Search engine companies, including Russia-based Yandex, would be required to comply with the law in order to do business in Russia.
Ruiz, Rebecca. F.C.C. Votes to Move Forward With Plan to Subsidize Broadband for Poor Americans. The New York Times. June 18, 2015.
- This week, the United States Federal Communications Commission (F.C.C.) approved “a proposal to explore subsidizing broadband Internet for poor Americans.” The plan was introduced last month by Chairman Tom Wheeler, and will allow the Commission to include new anti-fraud measures and incorporate broadband Internet into an existing program that subsidizes telephone service. After the announcement, Democrats “celebrated the significance of taking aim at the so-called digital divide, the social and economic gap between those with access to technology and those without it.”
Papers and Reports
Who Has Your Back? 2015: Protecting Your Data From Government Requests. Electronic Frontier Foundation. Available at www.eff.org. June 2015.
- This annual report evaluates technology companies’ policies that involve protecting user rights. The Electronic Frontier Foundation uses five criteria to assess company practices and policies: Industry- Accepted Best Practices, informing users about government data requests, publicly disclosing the company’s data retention policies, disclosing the number of times government seek the removal of user content or account and how often the company complies, and pro-user public policies, including opposing backdoors. Among the report’s key findings, nine companies received all available stars, and AT&T, Verizon, and WhatsApp lagged behind the industry in standing by users.
Wilson, Andi, Kehl, Danielle and Kevin Bankston. Doomed to Repeat History? Lessons From the Crypto Wars of the 1990s. Open Technology Institute. June 17, 2015.
- This paper reviews a period in the 1990s that has come to be known as the “Crypto Wars” and attempts to distill lessons that are relevant to today’s battle between government actors and privacy advocates regarding encryption technologies. The authors review instances of “sustained, coordinated effort among industry groups, privacy advocates, and technology experts from across the political spectrum to push back against government policies that threatened online innovation and fundamental human rights.” The article advocates that the key players in this space today should learn from the past instead of reviving the same conflicts.
Asia Pacific Regional Internet Governance Forum (APrIGF). HNET.Asia. June 20-July 3, 2015.
- This is a regional initiative on Internet governance designed to provide “an open platform for multi-stakeholders to discuss and identify issues and priorities, and ultimately advances the development of Internet governance in the Asia Pacific region as well as bring forward and contribute to the wider global Internet community.
ICANN53. ICANN. June 21-25, 2015.
- ICANN’s 53rd meeting will “provide the opportunity for an internationally diverse group of individuals and organizations to come together and discuss and develop policies for the Internet’s naming systems.” There are many options for remote participation, including video and audio streaming, scribing, chat, remote interventions, and transcripts.