Asia Pacific Regional Internet Governance Forum 2018 Port Vila Synthesis Document – Draft 1

1 Leave a comment on paragraph 1 1 Key Issues in the Asia Pacific – Empowering Communities in Asia Pacific to build an Affordable, Inclusive, Open and Secure Internet

2 Leave a comment on paragraph 2 1 Cybersecurity

3 Leave a comment on paragraph 3 11 Cybersecurity is a growing concern, especially in the era of Internet of Things and proliferation of automation. There is urgency to increase technical capabilities and address gaps that may arise from innovation, including risk mitigation strategies and incident response capabilities. Most cybersecurity measures in the APAC region are yet to catch up with the exponential growth of ICT infrastructure and online services, particularly in developing economies. When we think about securing the Internet, ultimately it means preventing cybercrime and the ability to trace criminal activities.

4 Leave a comment on paragraph 4 10 Multiple stakeholders play a key role by working together to mitigate cybercrime. Law enforcement, security research centres, and the technical community comprising CERTs, network operators and IT professionals, amongst others, are critical to ensure a safe Internet environment for users. Collaboration between law enforcement agencies and the technical community is needed to ensure practical and reasonable solutions to security issues. In this regard, the meeting recognised the Pacific’s efforts to establish CERTs in Papua New Guinea, Tonga, and Vanuatu as they will play a critical role in incident response and developing technical capabilities in the region. Having a regional forum in conjunction with technical/academic meetings or conferences is an effective way to include Technical community to discuss a feasible plan for cyber security policy. A multi-stakeholder approach to identify and address key risks is a positive way forward to addressing cybersecurity issues which within the Asia Pacific region.

5 Leave a comment on paragraph 5 4 The future stability and security of the Internet highly depends on the successful implementation of policies and best practices, and the increased implementation of IPv6, DNS Security Extensions (DNSSEC) and routing security. Increased effort is required to develop, implement and revise minimum standards and best practices that address identified key risks for end users, organisations, and critical Internet infrastructure. Existing cybersecurity standards such as ISO 27000 security Series standards, encryption standards etc. can be referenced as guidelines. Critically, the development and implementation of policies and best practices must be balanced with the protection of individual privacy rights. When developing standards, emphasis should be placed on understanding local culture and norms which may result in different perceptions of threats to security within the APAC region.

6 Leave a comment on paragraph 6 3 Key cybersecurity issues raised were on the impact of emerging technologies such as IoT, and continued access to Whois, which is a system critical for incident response purposes. With billions of IoT devices, applications and services already in use, and more coming online, IoT security is of utmost importance. Poorly secured IoT devices and services could serve as entry points for cyber-attacks, threatening the safety of individual users and compromising sensitive data. Such attacks on Internet infrastructure can affect the delivery of services such as healthcare and basic utilities. Action against cybersecurity threats such as IoT-based Distributed Denial of Service (DDoS) attacks need to be collectively taken by IoT device manufacturers, service providers, users, standards developing organizations (SDOs), policymakers, and regulators to protect the critical Internet infrastructure. Additionally, it is important to increase awareness, that CERTs have continued access to Whois, as public accessibility might be restricted due to privacy considerations. Not only the technical operators but the end users also need to be trained on security techniques and methodologies as a preventive and proactive measure.

7 Leave a comment on paragraph 7 3 At the APrIGF there was wide acceptance that to mitigate security concerns and fight cybercrime, there is an urgent need to propagate cybersecurity education, awareness and strengthen the technical capabilities. This demands more capacity building programmes and activities to strengthen the knowledge and capabilities of the technical operators. More dialogue and discussion around addressing cybersecurity gaps are also required.

8 Leave a comment on paragraph 8 0 Online Privacy and Protection

9 Leave a comment on paragraph 9 15 Privacy and data protection are critical issues now, especially as they may come into conflict with freedom of expression, and can result in data-driven discrimination. It is important to protect and respect the rights of users while ensuring digital security as a whole. In addition, it is vital for all stakeholders to cooperate and collaborate on effective policies and frameworks to uphold the freedom of expression online, free flow of information, and the protection of children and youth and women online. The Internet community should take a proactive approach (contributing to the efforts of regulators and legislators to strengthen online privacy and data protection), and also collaborate with agencies and organisations which are trying to combat ‘hate speech’.

10 Leave a comment on paragraph 10 3 Emerging national and regional personal data protection laws, regulations and non-tariff measures (NTMs) have strengthened privacy considerations, especially those that have extraterritorial enforceability that affect the Asia Pacific region. As tensions between contractual compliance obligations and national legislation arise, capabilities in monitoring legislation as it progresses must be improved to avoid multi-stakeholder processes being trumped by regulatory processes.  Privacy by design needs to be emphasized along with informed consent standards and provisions for data access should be developed via a multi-stakeholder approach and rooted in human rights principles and the internationally recognized right to privacy.

11 Leave a comment on paragraph 11 4 As cross-border data-flow increases with the proliferation of online services, differing levels of protection in relevant jurisdictions and general lack of user awareness, the highest level of protection should be guaranteed as a default safeguard and international minimum standards should be created.

12 Leave a comment on paragraph 12 3 Data protection is a new concept for the Pacific region, and while national data protection laws are important to safeguard collection and use of personal data, capacity building initiatives are also needed to educate end-users on the value of protecting the use of personal information online.

13 Leave a comment on paragraph 13 1 Access and Empowerment

14 Leave a comment on paragraph 14 8 The immense potential of the human capital in Asia Pacific beckons for reliable, robust, and high-speed access to the Internet in order to excel in the digital age. Enabling access not only involves building infrastructure or connectivity, but also refers to other aspects such as access to knowledge and information, affordability, accessibility, inclusion, diversity, digital literacy etc. Resources and support that help to empower access need to be considered. The key to socio-economic progress in the developing societies is quality education, and the delivery of education resources requires an accessible, affordable and open Internet. Often the last mile connectivity becomes a major barrier to access, especially in the landlocked and small island developing countries.

15 Leave a comment on paragraph 15 4 The use of emerging low cost network solutions such as Community Networks not only provide access but also empower the local communities to become an active part of the Internet operations. The provision of Internet access should be backed up by meaningful local content and demand-driven solutions that propel Internet usage in the country. Governments, more particularly in the Pacific sub-region, should be encouraged to play an assistive role by creating an enabling Policy environment, conducive business incentives, expanding universal access, improving digital literacy and offering capacity building initiatives. At the same time, Internet shutdowns and restrictions are detrimental to the freedom of expression and right of universal access to Internet.

16 Leave a comment on paragraph 16 3 By engaging youth and marginalized communities into the Internet development process can lead to a more inclusive and equitable Internet access for all users.

17 Leave a comment on paragraph 17 3 Similarly, it is imperative to devise a comprehensive disaster management plan, including Internet accessibility before and after the disaster, in order to save human lives and improve emergency response time. It is the collective sentiment of the Asia Pacific community that the right balance of facilitative Policies, lucrative business models, smart users and awareness campaigns can bridge the digital divide that exists in the region.

18 Leave a comment on paragraph 18 4 Digital Economy and Emerging Internet Technologies

19 Leave a comment on paragraph 19 6 Digital Economy has been taking over everyday life, not only with e-businesses but also with emerging technologies. In the coming years, it is expected that the digital trade and e-commerce will be the key enablers of the global economic growth and will change the ecosystem of the traditional trade. Innovation of emerging Internet technologies will also help improve and accelerate global trade.

20 Leave a comment on paragraph 20 8 Disruptive innovations such as Blockchain, cloud computing, IoT, Artificial Intelligence (AI), etc. have the potential to redesign our interactions in business, politics and society and change existing economic structures and financial ecosystems. However, as they inevitably challenge traditional national borders, international cooperation is needed to align these emerging technologies and the existing social system. Algorithm discrimination, AI ethics and competing concerns of data privacy, censorships and surveillance that uses emerging technologies need to be weighed against technology as a tool to benefit society.

21 Leave a comment on paragraph 21 5 The development of all the new technologies contribute to the development of the markets. In facilitating this development, all stakeholders need to balance economic development with fostering innovation and civil rights involved in this social improvement through new technologies. Progress of each economy toward the UN Sustainable Development Goals by 2030 also requires national strategies that integrate social and economic measures which can embrace all these emerging technologies. Good national governance and legislation are prerequisites for successful economic development, not to mention supranational cooperation.

22 Leave a comment on paragraph 22 3 Digital economy also inherently involves legality of data ownership, cross border data flow and data localization. International businesses and enterprise will face complicated compliance issues involving foreign jurisdictions, and some countries have already enacted strict data localization laws which ensures the national governance of the data of their nationals. The emerging trends on the Internet seems to go against the primary ethos of the Internet – the one Internet, and the Internet communities in general are pushing back against the localization of data and balkanization of the Internet as a whole.

23 Leave a comment on paragraph 23 4 Governments around the world, instead, can provide an environment which help free flow of data with transnational laws, which will ultimately the enterprises to raise the new technology innovation and cultivate talents. MLATs and other regional agreements are now being drafted also to make sure collaborative works of different jurisdictions to govern the data transactions and the Internet society in general. Regional cooperation can be one of the ways to ensure the related level of trans-border digital economy will ultimately benefit the society with innovations and foster peace through trade.

24 Leave a comment on paragraph 24 0 Diversity and Inclusion

25 Leave a comment on paragraph 25 3 Diversity and inclusiveness are fundamental principles of Internet governance and key to shaping our sustainable future where everyone’s voice is heard. Capacity building efforts in engaging women, youth, people with disabilities, and other marginalised groups, including indigenous people and non-English speaking population are important and should be encouraged. The digital economy, including e-commerce and innovative technologies, can contribute to the empowerment of  women and marginalized groups.

26 Leave a comment on paragraph 26 2 Efforts must be made to make the Internet more hospitable, safe and open to everyone. Online content should be available in all languages wherever possible, including encouraging the development and use of Internationalized Domain Names (IDNs). Online accessibility and the availability of services online particularly for people with disabilities remain a priority. Development of content on the Internet should include accessibility as part of the agenda as such accessibility features can add to the user experience. This could be achieved with various technological developments such as voice assistants and character recognition software. More can be done to involve people actively in developing inclusive technologies and online content. Further, inclusion should also shape the technology in a way that allows diverse social cultures to accept and adopt the Internet easily. The Internet community should work with different communities such as the education authorities to develop programmes for digital literacy in all languages. While designing and implementing capacity building programs, particularly when engaging youths, factors such as age and usage interests of the target groups should be accounted for and leveraged upon to expand their usage of the Internet.

27 Leave a comment on paragraph 27 0 Policies should effectively encourage building skills and ensure the Internet remains an open and safe environment for users. Policy reforms are needed to ensure gender-inclusive access to the Internet, increasing digital literacy, enhancing ICT skills and Science Technology Engineering and Math (STEM) studies, and building networks amongst women. Economic incentives to encourage diversity in the workforce should be explored. Focus is needed on building trust online, including better legislation and enforcement of laws against online abuse and harassment. More consideration should be given to safeguard the wellbeing of vulnerable groups such as children.

28 Leave a comment on paragraph 28 1 The Internet should be easily accessible to the diverse social cultures to adopt, using the Internet to bolster their various communities. Thus, universal acceptance and internationalization and localization practices should be widely promoted as norms on the Internet.

29 Leave a comment on paragraph 29 0 Multi-stakeholder Participation in Internet Governance

30 Leave a comment on paragraph 30 0 Collaborative multi-stakeholder participation is acknowledged globally as the most productive approach to outreach and capacity building for Internet governance. However, many parts of the Pacific has a traditional hierarchical approach, the cultural model of decision-making creates a barrier that prevents communities from experiencing the full benefits of a model that encourages a discussion on one topic involving multiple perspectives provided by voices of all ages and backgrounds.

31 Leave a comment on paragraph 31 2 Access to the Internet and education and capacity building on basic concepts of the Internet is needed in the Pacific (especially as reflected by the YIGF) before concepts of Internet governance are introduced. Internet governance should be a natural progression through the school curriculum. Many APrIGF Pacific participants admitted that they were unaware of what the Internet was and how it worked, let alone how its governance is managed. This made it more difficult for them to contribute to discussions with their Asian counterparts on topics concerning the wider Asia Pacific region.

32 Leave a comment on paragraph 32 1 Capacity building efforts to encourage new participants should be undertaken and different approaches need to be identified to spread the awareness about Internet governance within different communities. Transforming complex and technical Internet governance issues into understandable language for all can encourage more participation. Creating ways to encourage newcomers to speak up and tell their stories is a good start. In addition, benefits and expectations of these multi-stakeholder discussions and forums must be clear and effectively conveyed.

33 Leave a comment on paragraph 33 1 When knowledge is lacking, engagement doesn’t really happen. True engagement can come about through an academic education but with regards to Internet governance, enhanced learning is being encouraged through participation in Schools of Internet Governance (SIGS), Internet Governance Academies (IGAs), and national and regional IGFs – all of which introduce new learning and capacity building through the multi-stakeholder model and create new networks at regional and local levels for participants from diverse backgrounds, encouraging greater knowledge and best practices sharing. Fellowships offered by I* (I-star) organisations[1] are welcomed within the Asia Pacific region to usher new leaders and newcomers into the Internet ecosystem. Attracting participants to these learning platforms at local or regional level facilitate more multi-stakeholder participation that can increase individual contributions from the Asia Pacific region at the global IGF level.

Source: https://comment.rigf.asia/asia-pacific-regional-internet-governance-forum-2018-port-vila-synthesis-document-draft-1/