Session
Dynamic Coalition on DNS Issues
Roundtable
Duration (minutes): 90
Format description: This will be an inclusive roundtable discussion focused on examining how to address governance gaps in multistakeholder responses to online harms. Specifically, the session will look at (a) the impact of emerging regulation, with a focus on the global impact of the NIS2 Directive and (b) how industry can collaborate more closely to resolve persistent governance gaps. The session will host 5 speakers from across sectors and regions including representatives from civil society, technical community and industry. Organisers will offer an interactive setting with both in-person and online participants.
During the IGF 2023 in Kyoto, the DC DNS Issues initiated a conversation focused on identifying existing governance gaps in addressing online harms (see our report: https://intgovforum.org/en/content/igf-2023-dc-dnsi-closing-the-governa…). For this IGF, the dynamic coalition intends to pick up the discussion initiated at the last IGF and continue to unpack what it takes to bridge these gaps.
First, what does the DC-DNSI mean by governance gaps?
When dealing with online harms, each actor in the ecosystem has different roles, responsibilities, and capabilities –whether that is a registrar, a registry, a CDN or an ISP. Now, there are different governance models that guide roles and responsibilities of these various groups. For example the ICANN community and the gTLDs operate governance by contract. The ccTLDs, on the other hand, develop local governance models based on their relationships with local governments and local Internet communities. Hosting companies and providers are subject to the laws of their respective jurisdictions, and operate in response to that regulatory guidance. In the overlap of these various models, there are governance gaps still remaining that affect and shape how the ecosystem is able to effectively respond to online harms.
Specifically, the DC-DNSI produced two calls to action in Kyoto, which the session proposes to pick up on: one on supporting policymakers and one on industry collaboration.
The workshop will be structured around these two actions:
Segment A: Supporting policy makers in developing adequate measures for addressing online harms: reflections from the NIS2 Directive
The first call to action from Kyoto focused on how industry, technical community and civil society can best support policy makers. This initial segment will take the recently implemented NIS2 directive as a means to reflect on this call to action.
The NIS2 Directive is an example of where regulation has been proposed to increase the overall standard of cybersecurity. However, it has complex implications for the Domain Name Industry. The difference in implementation within member states may also cause jurisdictional challenges that could further fragment the governance landscape. There are also different approaches to regulation beyond the European approach.
Emily Taylor, CEO and founder of the DNS research Federation will begin by addressing the basics: She will introduce: (a) what the NIS2 directive is and its implications for the DNS industry; (b) how the directive is being transposed in the EU and potential fragmentary effects observed to date; and (c) its extraterritoriality effect beyond Europe.
Bruna Martins dos Santos, Non-Commercial Stakeholder Group representative on ICANN’s GNSO Council (invited, awaiting confirmation) will speak to diverging views on how to deal with online harms, and implications on human rights such as the right to provide. She will in addition discuss possible ways forward to reconcile differences in approaches.
Bertrand de la Chapelle, Director of the Internet & Jurisdiction Network (invited, awaiting confirmation), will address questions of jurisdictional challenges emanating from the directive, and the impact on the broad range of industry stakeholders –from registries and registrars, to hosting providers and online platforms.
The first segment will wrap up with a brief conversation on what additional steps industry can take to support policy makers.
Segment B: Promoting industry collaboration
The second segment of the conversation will pick up on the second call to action from the DC’s Kyoto session on how to encourage greater industry collaboration up and down the Internet stack.
Keith Drazek from Verisign will discuss the importance of working across silos to ensure responses to online harms are proportionate. He will flesh out principles identified by the registry community as important in addressing online harms.
Jean Jacques Sahel from Google will introduce a perspective from large platforms in dealing with online safety, and introduce concrete examples on data-sharing practices to curb online abuse.
Chris Buckridge, Internet Governance Specialist and MAG member, will moderate the discussion.
To facilitate interaction between onsite and online speakers and attendees, we have a combination of four speakers on the ground, and two speakers remote, as well as an onsite moderator.
The onsite moderator will actively manage the flow of discussion, ensuring that both onsite and online participants have equal opportunities to contribute and engage. We will employ interactive tools such as Q&A opportunities integrated with the virtual platform. Presenters will encourage active involvement from all attendees regardless of their location. The comments and questions of online participants will be monitored during the whole session and our seasoned moderators will ensure that there is enough time left for questions at the end of the discussion with panellists. Recognising the importance of social media engagement, we will also use event-specific hashtags on social media platforms to encourage broader engagement and discussion beyond the session itself. Additionally, the designated session chat room will be available for ongoing dialogue and networking among participants, ensuring a rich and dynamic experience for all attendees, whether onsite or online.
Emily Taylor, DNS Research Federation, Civil Society, Western European and Others Group (WEOG) - Speaker and Organiser
Carolina Caeiro, DNS Research Federation, Civil Society, Latin American and Caribbean Group (GRULAC)- Organiser
Georgia Osborn, DNS Research Federation, Civil Society, Western European and Others Group (WEOG)- online moderator and rapporteur
Emily Taylor, DNS Research Federation, Civil Society, Western European and Others Group (WEOG) - (confirmed)
Jean Jacques Sahel, Google, Private Sector, Middle East and North Africa (MENA) (confirmed)
Keith Drazek, Verisign, Technical Community/ Private Sector, Western European and Others Group (WEOG) (confirmed)
Bruna Martins dos Santos, Non-Commercial Stakeholder Group representative on ICANN’s GNSO Council, Civil Society, Latin American and Caribbean Group (GRULAC) (confirmed)
Bertrand de la Chapelle, Director of the Internet & Jurisdiction Network, Civil Society, WEOG (confirmed)
Chris Buckridge, Internet Governance Specialist and MAG member, WEOG (moderator, confirmed).
Chris Buckridge, Internet Governance Specialist and MAG member, WEOG
Georgia Osborn, DNS Research Federation, Civil Society, Western European and Others Group (WEOG)- online moderator
Georgia Osborn, DNS Research Federation, Civil Society, WEOG- rapporteur
9.1
10. Reduced Inequalities
17.6
Targets: Goal 9: Industry, Innovation and Infrastructure Target 9.1: Develop sustainable, resilient, and inclusive infrastructure The event proposal focuses on discussing the extraterritorial impact of the NIS2 Directive regulation on DNS abuse beyond the EU, particularly in Global South regions. The session highlights how long-arm European legislation, like GDPR and NIS2, can disproportionately burden Global South regions, despite their limited influence in crafting these regulations. This discussion advocates for inclusive governance practices that consider the diverse economic and social contexts of different regions, promoting multi stakeholder governance structure, equitable participation and decision-making in shaping regulatory policies that impact digital infrastructure, focusing on improving the accuracy of domain name registration data, which entails action all the way to the level of resellers and privacy/proxy providers, to promote effective cybersecurity practices on a global scale. Goal 10: Reducing Inequality The proposal highlights how global regulations like GDPR and NIS2 can disproportionately affect regions with varying economic capacities, such as the Global South. By discussing these impacts and raising awareness, the session aims to contribute to reducing inequalities in Internet governance. Goal 17: Partnerships for the Goals Target 17.6: Enhance cooperation for access to science, technology, and innovation The session intends to examine the broader ecosystem affected by the NIS2 directive, which involves multiple stakeholders, including domain registrars, resellers, and privacy/proxy providers. By shedding light on these complex interdependencies, the event aims to advocate for more transparent and accountable governance practices in the context of internet regulation in addressing DNS abuse. By bringing together stakeholders from diverse backgrounds and regions, the session aims to foster partnerships for leveraging technology and innovation to improve DNS practices, facilitating conversations on governance gaps in addressing online harms.
Report
The NIS2 Directive highlights the need for better global coordination to address extraterritorial impacts, compliance challenges, and disparities, particularly in the Global South.
The ICANN Process shows the importance of adapting multi-stakeholder models to be more efficient and inclusive, ensuring diverse voices are heard and governance gaps are closed. The importance of an inclusive process ensures better regulation and industry practices.
Cross-industry partnerships and proactive engagement can tackle online harms more effectively than regulation alone, offering practical and flexible solutions.
Engage diverse stakeholders, especially from underrepresented regions, to assess and address the global impacts of digital regulation and encourage more discussion. Streamline processes and broaden participation to engage diverse stakeholders and ensure multi-stakeholder approaches are more agile, inclusive, and impactful.
Create frameworks for collaboration that align stakeholders on data sharing, cybersecurity, and governance challenges, reducing fragmentation and improving outcomes.
This session was an expansion of the discussion during IGF 2023 on governance gaps in addressing online harms. Building on the previous year’s insights, the purpose of this year’s session emphasised the impact of emerging regulation, particularly with regards to the NIS2 Directive. The panel explored how industry collaboration within a multistakeholder framework can bridge these gaps with better collaboration and coordination within the industry. The session was structured into two segments: the first around the NIS2 Directive and the difficulty of implementing complex regulation. The second session focused on supporting policymakers by enhancing cross-industry collaboration. Speakers represented diverse sectors, including civil society, technical communities, and the private sector, ensuring a well-rounded exploration of the issues and participation from the audience.
Chris Buckridge, the session’s moderator, introduced the overarching theme by outlining the role of the multistakeholder model in shaping responses to emerging regulation. He emphasised the need for collaborative approaches that bring together diverse perspectives to address the complexities of online harms and their governance. The first segment set the scene by discussing the regulatory landscape and the challenges posed by jurisdictional and governance gaps.
Bertrand de La Chapelle opened the discussion by highlighting the inherent tension between the transnational nature of the internet and the jurisdictional boundaries of national legal systems. He described the challenges of reconciling these differences while preserving the internet’s open and global character. Bertrand introduced the concept of the “Goldilocks rule,” which emphasises the need to balance strong, weak, and fragmented implementations of the NIS2 Directive to avoid creating further governance gaps. He stressed that compatibility amongst laws and coordinated action within the European Union are crucial for effective governance.
Emily Taylor followed with a detailed analysis of the NIS2 Directive, focusing on its implications for the DNS industry, particularly Article 28, which imposes obligations around domain name registration data. The DNS Research Federation has provided a NIS2 Tracker to document the implementation of Article 28 and Emily noted that 23 out of 27 EU member states had missed the transposition deadline, prompting infraction proceedings. She highlighted the directive’s extraterritorial effects, which disproportionately impact the Global South who may not always have a say in the process. Stakeholders in these regions often lack representation in the regulatory process but are still required to comply with the resulting rules. Emily also emphasised the role of cooperation groups like the NIS2 Cooperation Group in interpreting challenging aspects of the directive and facilitating compliance.
Jean-Jacques Sahel discussed the complexities of online harms and the increasing trend of extraterritorial legislation. He highlighted how countries across the globe, not just in the Global North, are implementing laws with potential impacts well beyond their borders. Jean-Jacques emphasised the importance of conducting impact assessments, encompassing economic, technical, and broader societal effects. He highlighted that a number of legislations relating to the internet have failed to adequately evaluate its implications, particularly on internet infrastructure. He also emphasised the need for governments to adopt a consultative, multistakeholder approach to policy development. Noting the rapid evolution of online harms, Jean-Jacques called for ongoing dialogue amongst industry, governments, technical communities, and consumer groups to better understand the practical realities of addressing these issues. He noted that a basic understanding of existing processes to flag harmful content remains low, and efforts to mainstream multistakeholder participation are necessary to ensure effective governance frameworks.
Keith Drazek from Verisign ended the first segment of the discussion by elaborating on the challenges of the ICANN multistakeholder process and its bottom-up consensus-building approach. He noted that the failure of the ICANN community to deliver satisfactory solutions had led to fragmented regulations and inconsistency is not helpful. Keith called for more efficiency and effectiveness in multistakeholder processes to avoid regulatory overreach and ensure better collaboration.
The second segment shifted focus to practical solutions through industry cooperation. Keith Drazek emphasised the need for greater collaboration across the internet ecosystem, advocating for improved coordination among registries, registrars, hosting providers, and other stakeholders. He highlighted the importance of proactively identifying and mitigating harms and ensuring that industry engagement informs policymaking. This proactive approach can help align regulations with industry realities and capabilities, reducing the risk of fragmented governance.
Jean-Jacques Sahel and other speakers emphasised capacity building as a key strategy for addressing governance gaps, particularly in underrepresented regions. They called for the mainstreaming of multistakeholder approaches at national and regional levels to ensure inclusive and effective governance. Jean-Jacques highlighted the evolving nature of online harms and the need for continuous dialogue between industry, technical experts, and policymakers to address these challenges effectively.
Participants raised critical concerns about the NIS2 Directive, particularly its potential overreach and implications for privacy rights and regulatory consistency. The “Brussels effect” of EU regulations was a recurring theme, with discussions on how extraterritorial laws impact regions like the Global South, where stakeholders often lack a voice in the legislative process. Participants also stressed the importance of sustained dialogue and improved coordination mechanisms to address these challenges.
Another key issue was the need for clarity and alignment in legal frameworks to facilitate effective cross-industry collaboration. Misaligned laws often hinder efforts to combat scams and fraud, creating obstacles for companies attempting to share information in a compliant and efficient manner. Speakers and participants alike emphasised the importance of addressing these barriers through thoughtful legislative design and inclusive consultations.
This session underscored the complexities of addressing online harms through governance and regulation. By examining the impact of the NIS2 Directive and emphasising the importance of collaboration, speakers and participants highlighted actionable strategies for bridging governance gaps. The session concluded with a call for enhanced global coordination, reformed multistakeholder models, and strengthened industry cooperation to ensure a safer and more inclusive internet ecosystem.
The panel offered several actionable recommendations to address the governance gaps discussed during the session. They called for policymakers to engage in broader and more inclusive consultations to ensure regulations like NIS2 are equitable and effective. Speakers emphasised the need for cross-industry frameworks to foster collaboration, particularly in combating scams and fraud. Capacity-building initiatives should be expanded to empower stakeholders in underrepresented regions, ensuring their voices are included in the regulatory process. Finally, multistakeholder models must evolve to become more efficient and responsive, enabling timely and impactful solutions to the challenges posed by online harms.