The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.
***
>> MODERATOR: Hello, everyone. Thank you for joining to the an Open and Democratic Internet Digitization Era. Organized by the Tour Barkha Manral and Allia Rezzal from the NetMission Asia.
Welcome, everyone, and this is about the Open and Democratic Internet. And as we know the internet is the foundation of the basis of our emerging technology and open to all interoperability and reliance on the open protocol.
We will be looking at the internet. Why it's centric and located for the continued promise of the Open Senate. Our goal is to prevent the transformation of the internet into the rules and the community and into the ecosystem.
So in this discussion we are going to go through the submission of the crucial issue for the nature of the internet. So we are going to begin by addressing the challenges in the open technology landscape.
This session we are going to have the speaker Edmon Chung for the Visitor of Affairs. And Paola Galvez with the Civil Society, and Amrita Choudhury, Civil Society, Asia-Pacific Group. Nur Adlin, the privacy specialist from the University of Malaysia. Mr. Henry, Civil Society. So That's all we have for the speakers. At the very beginning question throughout the opening.
So the first question will be how can we be looking at the promise of our open digital -- that support the transparency and accountability while also preventing the emotion of the user privacy controlled by guidances and the recommendation of the internet into the isolated ecosystem.
So I will let you invite the speaker to respond to this question based on your --
(Audio Difficulties)
For giving the opening remarks and respond to that question.
>> EDMON CHUNG: Sorry, if you were asking for me, sure. I guess it's me. The audio is -- because the audio is coming through a little shaky. Hello, everyone, this is Edmon. First of all, I think the topic itself is very timely. In fact, maybe slightly overdue. This is something that is very important in terms of the -- how we looking at democratizing the governance of different platforms and how we utilize the internet in an open and interoperable way.
I was going to just give a little bit of an introduction and come back to Phyo's question about the first policy question. First of all I guess one of the thing that I find quite encouraging, space I will in the development of the internet governance ecosystem, especially with the protocol side, is the IETF for the internet engineering tank force. In the last couple years, I kind of reconnected with the internet engineering task force, the IETF. But before that, actually I was participating all way through about 2014, and human right considerations, privacy considerings, was almost unheard of.
Last year, in 2023, I started reengaging in the IETF discussion. And to my surprise -- and you know actually pleasantly surprised, when we talk about protocol these days, actually beyond what we call the security considerations or international considerations human rights and privacy is now a feature -- featured prominently in protocols as well. And I think that's a very healthy development.
And when we talk about -- as the way that this session frames it in terms of a democratic approach, we are really not talking about what somebody -- you know what many people point to democracy is in terms of voting and a bit more antagonistic kind of campaigning but for the governance aspect in my mind is much more participatory and also what we have come to treasure and call a multistakeholder model. And when we talk about multistakeholder, of course, stakeholders include youth, and the technical community, which make the biggest difference.
Because even in multilateral forums, there would be mull stakeholder consultation but it's in civil society. But when we talk about the multistakeholder in a democratic model we are talking about youth and the community being able to participate in an equal footing. And I think that's the major difference here.
Now back to Phyo's opening question about the issue of privacy platforms and fragmentation of the ecosystems, I think they kind of come hand in hand. And in essence an open digital architecture, I think it's not only built on interoperability between systems and between jurisdictions, one of the -- kind of a high interest topic these days is about the digital sovereignty.
A lot of times when we talk about digital sovereignty -- or countries governments like to talk about data localization much more in terms of digital sovereignty, a national digital sovereignty. But I think when we think about digital architecture and if we really want to address privacy and we really want to address issues about multinational platforms we need to deal with digital sovereignty on a personal level, whether we have personal digital sovereignty.
And I think for countries, governments who really want to support privacy and support data "localization you have to take it to another level for a person to be able to have ownership, thible to move data, and the ability to withdraw consent about their own personal data. And that, I think, is the key aspect.
Because privacy by design doesn't mean confidentiality of the data, it means that the platforms do not keep data at all from the start to begin with. And that's what I think personal digital sovereignty is about. I will stop here for policy, because I've taken enough time. But I understand that there are a couple of point. But I want to start with the note that multistakeholder model comes hand in hand with many issues we have today and digital sovereignty we need to dig down to the level of personal digital sovereignty.
>> MODERATOR: Thank you, Edmon. As you mentioned the multistakeholder is upon even for the digital architecture that can support the digital accountability. So I would like to ask Mr. Henry from the government perspective, how do you first start the deployments of the open digital act that can account for digital transparency accusation.
>> HENRY: Thank you for the question. Thank you for this very important question.
That's the question I feel. So maybe I can start with there. Maybe can I start with a funny story I discovered recently. In 1865 -- that's a while, the French --
[ Speaking in French ]
Discovered these new technology telegraph, and they thought, wow that's a very compromising technology. How can we be sure there will be a resource for peace and prosperity and commerce. Because for them commerce was a source of peace.
As I said we should be sure that we find a way to be sure that we can send international telegraphs. So they did convene, international conference in Paris, 1865 and they did decide to develop together a photograph and to enforce this. They didn't start the first ever international organization, the ITU. At this time it was International Telegraph Union -- It Became the International Telecommunication Union. So that's a long story. I want to share this. But we have to record it. The history of it is the story of the internet and everything good that happened.
You could not conceive the internet revolution and now the AI revolution without TCPIP, the web, Wi-Fi, Bluetooth, Linex? Et cetera. The story is (?) and the question is not should we protect them or do they matter. The question is why does other actors don't recognize its importance. And why do most of our core citizens make the confusion between big tech companies and the public actors like states and the internet.
So I totally agree with what Edmon said, it was important. But that's not enough. For me the question is good balance between common and pleasure and how to protect the common and the comments and for this I just share few idea. But the open standard directly attacks. Because everyone is using them. So they are not directly attacked. They are just next. And they are neglected in a time of -- interpretation of competition. And kind of pleasure. Because to find a business model, the most easy is to capture stimulus torque constrain them to remain in your small enclosure.
So the question is how to do politics without being criticized. Because the question is really political, that's about how do we want to live together. And it's not politicized because it's not right or left or this party or this party. And that's an important question. Sadly I don't have the answer.
But I just have a few ideas. First, because you are the use of the world, and I'm a veteran of this. I started my first internet company in 1995, I remember at this time, more people knew how (?) and now most of our (?) my daughter, for example they don't pay attention. They say I'm in internet, when they are on TikTok or Facebook. So first we have to raise awareness of friends and families, and to really explain that there is something in the internet. There is something named the web. And something else that is a company, et cetera.
Probably we can have different policies I think that most people make the confusion, for example they towel me the GDPL, the European regulation and privacy is fragmentizing the internet. I say no the internet is an imposter too. And rules to regulate companies like cars so on the one hand free distributed unique internet. And on the other hand, ask for some accountability and responsibility to companies. You have to understand this.
We have to say to our friend and colleagues don't be a passive consumers. Pay a attention, be skeptical. Try to understand how it works.
So I will finish with this, because we have 3 minutes. But my point is that this is about politics. We have to raise a level of awareness. We have to explain again and again. And we have to have a clear view that this revelation would not have been possible without an important set of principals and that's the power of this time. They just use it. Maybe they did part of this. They are not the owner of this. And we have a right to reclaim and protest and say no, you are just using our infrastructure. Please respect it.
>> MODERATOR: Thank you, Mr. Henry for the -- given the lots of ideas.
That's the impression we have to think about, how we navigate with the open internet and also they offer challenges. So I wanted to ask to Paola how does the transparency open architecture. Maybe we can think about from the privacy perspective. The floor is yours.
>> PAOLA GALVEZ: Thank you very much. First, let me start with why it's so key and this -- open policy is so key. And this comes from my record as a lawyer. My vocal in law. I'm happy to hear the diversion perspectives, Edmon and Mr. Henry from the technical part but I've been working in technology policy from the government sector and now as independent and also from the Civil Society Organization. And I've seen it's a key.
And it allows for exclusive activity that no one is allowed into our perfect systems. And on the other side I can truly see the power and potential on transparency. I've worked in public procurement solution in my country and with Colombia, and later I can explain this use case. But I truly believe that you have seen open standards and open search tools and standardized data. Really helped transparency in governments for a small business, for instance.
But other part is how it promotes inclusion. My whole career I've tried to breach the gender gap. In the opening ceremony we heard from the different excellencies and authorities how important is this, and how this gap is increasing rather than bridging. And I do believe that this makes it easier tools that are accessible to everyone and can help girls, women getting to these detail era and promoting open standards with a general lens. I can speak about this later.
Now going to your question, Phyo about privacy and how we can support these principals. So this may not come as a surprise but as a lawyer I truly believe we need tie prove regulation or regulatory framework. That can really be implemented and that means having multistakeholder discussions that bring legitimate regulation. Because I've seen many cases in Latin America -- I am from Peru, and I can tell how sometimes these regulations are approved without the appropriate discussion in congress and when it's time to implement, it's very hard. This is one thing.
Second to encourage the adoption of privacy by design principals. So many times I hear countries that do not have the protection laws. And that's a problem that should be tackled. Because data protection regulation is a must to previous the users of privacy but even though when we do not have, this I truly believe that the civil society can work hand in hand so that this principal of privacy by design can be from the very beginning of any development of technology. Ensure that all the companies really embed a strong set of word to protect the user data. I may be running out of time so last but not least my only point that I would like to add, the importance of fostering international cooperation between developing countries and developed countries, it is really important to collaborate borders and to harmonize the standards practices and to ensure the global flow of information without compromising local privacy norms.
And also to set international standards that can help also because we want our economics to prosper. And this can be an idea to follow, for instance, the council of Europe, AI convention which is the first one of its kind of the UNES recommendation on AI. So thank you for the conversation. I will say this lastly.
>> MODERATOR: Thank you, Paola. The highly importance about the International Corporation. Yesterday there was a session talking about the privacy and data related -- for using -- especially the data coming from the global stock. And they talk about how we prefer from the global -- how they are also using from AI and the relative evolution. So that is what we can see that we are -- we also need to look at the international corporation for making sure that those who are -- those people around the world need to be respectful on their data and privacy that way.
So I will go to our last speaker Amrita on the accountability and transparency in your opinion.
>> AMRITA CHOUDHURY: Thank you. And thank you for having me. Let me tell you I'm not a technologist. I just work on policy. So I will be looking at it from a social-political lens. If you want to actually foster an open digital architecture system, which actually supports transparency and accountability. And I think this is what most governments and even civil society are asking from companies today. I think -- even the open standards has to kind of -- I would not say work hard but at least look at certain aspects. For example at times the security of the systems is a concern. And that's where many of the monopolistic technologies get an image that they had the security standards upgraded, even though.
But I agree with most of the panelist, for example concepts like human rights by design and privacy by design should be enshrined in any kind of technology which is open standard or even proprietary for it to work. Because I think those are fundamental thing which any platform of any kind should have it. In terms of erosion of privacy, that's a huge concern globally. We see the number of data breeches. We see the antitrust issues which are coming up daily in different countries without consent, children's data, even though is used so any kind of platform and obviously we do think when you have an open architecture where people build upon it with software and other technologies these would be considered.
And I think there should be more discussion. It should not just be technical people there.
The other relevant stakeholders. I would not say multistakeholder but I would say the actors who are important need to be there, not for tokenism but when things are being built they can give their perspective. Have you considered these issues, that these things are there, that the systems don't have biases.
We have been talking about AI. We do talk about datasets of global going but there are biases. There are racial biases. Are we taking those into consideration? How transparent and accountable are those systems and how it is being used? So I think those things are important. In terms of when you have issues about the second aspect which you had is monopolistic control of tech giants, I think -- first we have to agree that the systems work. It is easy for everyone to use. They understand the paths people. We cannot deny a Google or Facebook or a meta. Giving the services which everyone can use.
So if you want to have those kind of services begin to peel, it has to be easy to use. It has to be in different languages so different people can use, it not only delicious, is it has to be very easily useable. For example if you are in a developing country it has to be more friendly. 90% of the people use it in mobile but if you are building systems for laptops it's not going to work so you have to look at the practicality. And for that you need funding.
And I think if governments or -- you know even foundations can put in a lot more money or give them incentives to work I think -- it can help to support the open data or open systems, people who are building upon and technologists who are working on it.
And these are my perspectives. They may differ of but having regulations to encourage them would help. And if you are talking about fragmentation of the internet into isolated ecosystem, again, all fragmentation is bad. You may arraigning one IP6 is fragmented but it's not ingrate because if you want to go to IP6, you have to change your infrastructure. Even the IPCs are not investing in it. And GP results are considered fragmented but was it necessary to protect the data privacy of peeps? I guess so.
So not all fragmentation is bad. And countries and nations would obviously want to protect their interests. We have seen a lot of things, right. We have seen the regulations and other things. And nation states and bad actors so one may want to protect their interest. But have you to see the cost that we are protecting. Is it really going to help you? And the others in the long run? Or is it going to harm? So I think it's a very thin line. I may be seeing a controversial statement but it needs to be seen what kind of fragmentation are we talking about.
>> MODERATOR: Thank you, Amrita. Mostly when we are talking about fragmented issues we are talking about -- actually Amrita is not the last speaker. We also have Ling. The floor is yours. Can you unmute yourself. Technical can you please unmute to Nur Adlin. Hello, technical team?
>> NUR ADLIN HANISAH: Hi. Everyone, can you hear me? Okay.
(Speaking Non-English Language).
Good afternoon, ladies and gentlemen. It's an honour to be here again the experts I'm Nur Adlin Hanisah, and my relationship is between law and collaboration. As a legal scholar I have dedicated my carrier to exploring how we collaboration the transformative of digital policy with economic principals such as pricey, fairness and inclusivity. In my work I have a gap between technological investment and emphasizing accountability in our evolving digital ecosystem. Today I would like to discuss a topic that is central to these efforts and open integrated internet and digitization era improving for the internet B1.
The digital presents us with an opportunity but also challenges that requires thoughtful and collaborative solutions. By balancing innovation and responsibility, I believe we can build a digital future that is fair, inclusive and resilient for everyone. We can foster digital architecture by addressing these pressing challenges using a multifaceted approach and multistakeholder including governments and Academia and Civil Society. I would like to emphasize more on the significant role of regulation in assuring accountability, creating uniform standard, and having a balanced approach.
The EUCPR is a good example of -- according to the regulation, it's the reason that controls the identifier on three main focuses. The GDPR has established itself as a benchmark for other countries to follow. GDPR has transparency with the rights of the -- and aligns with other standards to 7001. And W3C standards that promoting principals with accountability and interoperability. This helps reduce the complexity and compliance everywhere from fragmentation.
The data privacy laws are emerging and being amended as we speak. Folk the kingdom of Saudi Arabia presented that law came into force last year and became fully enforceable in September this year. Another example is my country, Malaysia, the privacy law this year introducing including mandatory data presentation for the possibility.
The entry reported that 194 countries have data privacy laws. Regulation need to be flexible and obligated to reflect technological advancement. This shows that regulation will not become obsolete in the face of rapid change. Robust regulation must be accompanied by effective advancement to ensure that organizations compliance.
When it comes to the compliance, there is no one size fits all solution for each organization to address its unique circumstances. Even a country with data privacy regulations, since privacy practices almost have similar templates, that company can voluntarily adopt -- by implementing privacy by design such as inclusion and (?) and innovation.
A common misconception that strong regulation start with innovation. However they say otherwise. And openly regulation and innovation particularly for smaller (?). The OECD to harness providing guidances to country on how to adapt regulatory framework and challenges and tune of innovation to enable governance outcome.
So the key of this regulation is the balancing between the innovation and regulation. Thank you.
>> MODERATOR: Thank you. You mentioned the symbol and even through the GDPR is from the global outside, they are also categories you mentioned about -- this can be the reference that we can practice. But in the global side as well. Having regulation and the -- adopting the policy by referring to the standards. Thank you for mentioning about this. And I have to pass the floor to our online moderator for the next part of our session. Barkha the floor is yours.
>> REMOTE MODERATOR: Thank you for passing it on. We have a connecting patients which can't be forward to the session, but I would like to ask every speaker to stick to 2 minute because we are lacking time. So how can open standards be enhanced to better accommodate the face of technological change and foster agenda and responsiveness for challenges and responsibly. So I put the floor to Nur Adlin if she can sum it up in 2 minutes.
>> NUR ADLIN HANISAH: Thank you very much, Barkha. As I mentioned before, it must be possible for the practice. And it must not be recently outdated. It must be updated from time to time. Thank you.
>> REMOTE MODERATOR: Thank you for your quick and small answer. You have just completed it in 2 seconds only. Thank you for that. I will ask Edmon to deliver his answer for this question.
>> EDMON CHUNG: Sure. Thank you. Well I guess I touched on that a little bit. But would add that the protocols development or the open standards development, whether it is in IETF or other parts of the internet governance ecosystem, I think itself needs to improve in terms of evolving the governance processes and to more agile ability to address. But I think the -- one of the things that is really critical in the next few years is how the global multistakeholder model works with the local multilateral systems that have legislations and so on.
I agree with Henry earlier very much whereas the standards are not under threat right now.
It's largely neglected. And that is reflective of some of the local legislations as well or regional. When we looking at GDPR, I don't think on its own it creates any fragmentation. In my mind it's a genuine attempt to bring privacy to the forefront. But what about it did unintentionally was that -- what was legged for a higher user level for privacy actually had an impact on the main registrations.
For example, where the who is information and the registration information is -- you know suddenly disappeared. And that is the kind of threat that fragmentation brings. And that comes back to -- I think one of the key issues is how do we work -- how does the local legislation work to compliment the global multistakeholder model whereby the technical community and a Civil Society and the Academia are all participatory in the agenda setting as well as decision making process. And then inform the local legislation so that -- you know the two of them don't step over each other.
I think that is what the internet governance ecosystem really needs to figure out in the next few years, which addresses the issue of the pace of technical change and the agility in the standards development process.
>> REMOTE MODERATOR: So Edmon, a technical person. In any emerging technology we still consider and always consider the policy maker. So I would like Amrita to answer this.
>> AMRITA CHOUDHURY: Thanks, Barkhh. If you are saying how can operate standards better the pace of technology. I think more dialogue between technical communities who are standard making and also using these standards to build up within the countries they may not have the same technical expertise. So having more dialogues on that amongst the different actors or the people who would be impacted, impact assessment is important.
And I'm taking it from what Edmon has decided is an example that many times the unintended impact of a regulation is not part of it. So better impact assessment could be something. Obviously when you are using open standards, et cetera, some things -- you know scalability of the technologies which we need is something which needs to be looked at. The security. Many times -- you know you have scaled to some end but there are human costs for developers and I'm talk from those who use these standards later. The compliance enforcement part later on, I think those are certain things which come to me at the top of mind which need to use. That thank you.
>> REMOTE MODERATOR: Thank you. And I would like to hear Paola.
>> PAOLA GALVEZ: I think first (?) frameworks and I consider the Europe AI convention, AI and the Rule of Law and Human Right. Yesterday they mentioned how difficult it was to find a regulatory framework that is technological neutral. That can be future proofing.
That's the word we used and I found it very, very important because how to design the standard that -- they keep changing. We have seen AI doing some -- performing some actions in 2022. And now -- well, I don't know what will happen next year, right. So flexibility and implementation is a must in my opinion. And now how the standards are applied. But this comes with the dynamic -- and I would temporal if not annual or as much annual feedback loops.
For instance for this convention, for instance they have created this group that we review the document along the time because if it must be updated it should be. So I truly believe that this could be a solution. And I cannot avoid mentioning the literacy. Because we cannot forget the citizens that are the ones being impacted by these technologies. When I was working in the government of Peru, I created the programme called -- (?) once again I need tree Pete on the gender gap. So creating programs is a must. And if possible -- that's why I mentioned it because I know people from governments and privacy hear. Best are the programme that target to girls and women.
Because we need them to understand how this open standard and how these technologies are working because they are part of this discussion as well. And nowadays -- and I see the question to enhancing democratic and citizen engagement. Now -- especially in Peru, all the regulations must be under public participation process, but how can this public participation process be effective if our citizens do not understand what is being regulated, discussed or even created in the standards, right. So this is a leg, I would that is instrumental for the future of the internet. Thank you.
>> REMOTE MODERATOR: Thank you, Paola for the answers at the same time. So coming to Mr. Henry, the world in a digital role and I find Henry is in digital affairs so I would like to update discussion how can digital affairs still contribute and still manage the balance between the open standards and making it private at the same time to better accommodate the technological pace and changes we are facing as by aim or by the EOCR passing down. Thank you.
>> HENRY: Thank you. One of the challenges that we have to enforce the open standards and digital comments. Developing them and promising them is not enough. We need to do more. And as for the --
(Audio Difficulties)
For all the ministries. For example, and that's very important, we have to use it and to contribute. When they were in charge of the French I.T. department -- I say that public servants and the right and the duty to contribute to the principals. Because we are not sure to have the right.
Then when he have to pay attention to protect when we regulate or when we differentiate. I give the point to Edmon, I know very well the controversy for GDPR. I have also the privacy for (?). I say we could find solutions that people wanted to sell the data. I didn't really look for solutions. The french, for example, we have GDPF for 40 years but not all data has to be public. If you want (?) for example you have to do it publicly. So we could have decided to stay -- some important data, this is a possible. It has to be online. It was foreseeable but have you to think about this when you prepare the law.
(Audio Difficulties)
We should impose that probability by default. So it would be a great service to open standards. We want to go further. And we tried to convinces Europe to launch a open standards and digital comments and public good. And that's my last point I think inspired by the Indian example that at some point you have to contribute on that digital
(Audio Difficulties)
We condition just wait and see and expect that the market will fix everything. We have to injection some resources in this ecosystem. That's all.
>> REMOTE MODERATOR: Okay. Thank you for the anticipates so I would now like to open the floor for the question part. If anyone has any questions they can raise their hand in the Zoom chat and for the onsite can you take care of. Phyo, if there are any questions you can take them up. I would like to tell the Zoom people they can ask their questions by the technical team there.
>> MODERATOR: I would like to comment on the chat there
(Audio Difficulties).
>> REMOTE MODERATOR: In that case there is a question. It's an open question for all the speakers, whoever wants to answer it. The question states that what actual legal steps can stakeholder groups a way to support an open and fair ecosystem. I would appreciate if each of the speakers can address this from the perspective of their stakeholder group and you can answer -- he is asking the same question to every speaker and he would like every speaker get a chance to speak on this particular question. So let's start with Edmon.
>> MODERATOR: For -- 5 minutes we have.
>> REMOTE MODERATOR: Stick to 1 minute.
>> In response to the question, I will be very quick. I agree with what Henry mentioned earlier. Nowadays users don't know enough of the underlying technology, like even the domain named system or how email works or how ICTP works. People need to be a I little bit more aware, in order to address issues like barriers of entry that is created by wall gardens what we call privately owned public space like Facebook.
How do we deal with that to redefine some of the -- how things are implemented in a more open manner to address the interoperability of the digital economy system. So from the technical community's perspective I think a lot of the platforms in the drive to "make things easier" for newcomers are actually -- you know kind of trapping us into wall gardens where barriers of entries are -- you know struck up. And that need to be reversed. And people need to actually -- I believe in the future, where people's digital literacy has actually increased and is able to operate the internet and the way that we want more.
>> REMOTE MODERATOR: Any other speaker can answer testimony we have a lack of time.
>> Did you hear me? I see the question, what -- I don't see the question any more. But the question was about how to implement human right, et cetera within protocol, I just want to say you won't find a technical answer to a particular problem. So we need to do politics, we need to stand for human right, free speech, et cetera everywhere. And not expect -- because this would be the technical solutions mistake.
>> MODERATOR: Anyone else?
>> NUR ADLIN HANISAH: From my perspective, thank you for the question. I love immigration because it really meets a collective efforts to make it work for this space. Government need to implement and enforce the policies and laws. And for the private sector, they need to adopt best practices for privacy. It depends on the uniqueness of the circumstances. It is more into art, not based on the science. So it depend on your own creativity. For the Civil Society they need to look at user's rights and awareness to inclusion and create policy makers for the governance and for the act dame I can't they need to research frameworks for accessible and digital literacy to empowerment -- I think together we can build a digital future and internet that we want. Thank you.
>> MODERATOR: Last words? Do you have a last word? Very short.
>> REMOTE MODERATOR: I will request a room photo. And you can help us.
>> MODERATOR: Thank you, everyone we would like to have a group photo. So please stay the moderator and speaker and also organizer, thank you.
>> REMOTE MODERATOR: Thank you, everyone. And thank you, speakers and putting up your points. Thank you.
>> NUR ADLIN HANISAH: Thank you, everyone.