Categories
Community Networks Growing the Internet

Community Network Champions Take a Rural Dip in India

By Digital Empowerment Foundation

In the last 25 years, half the world has been connected to the Internet and the almost infinite opportunities it has to offer. Most of these, among the 3.5 billion connected individuals of the world, are people who are largely economically empowered, literate, and reside in urban or accessible areas. However, there is also half the world that is yet to get online and access what the Internet has to offer them.

The biggest barrier to widespread connectivity is the high cost of infrastructure. With many telecom companies unwilling or unable to build infrastructure in far flung and rural areas, large swathes of the world have remained in media darkness. Evidently, most of those who are excluded from digital ecosystems are people who are largely at the bottom of the pyramid and reside in rural or inaccessible areas. They are people who have not been connected by the mainstream Internet Service Providers (ISP) – and who may have to wait a long time to be connected.

So who will take the responsibility of connecting them?

It has to be the community themselves.

Over the years, community network providers have proved to be great enablers for bridging the digital divide. Some of these networks are located in Latin America, Africa, Asia Pacific, Europe, and even the U.S. Passionate and innovative community members have been able to leverage varying technology, tools, regulations, and socioeconomic and cultural conditions to bring Internet connectivity to their people. However, these efforts are scattered around the globe, and mostly implemented in silos.

In an effort to amplify such efforts across the Asia Pacific and learn from each other, the Internet Society and Digital Empowerment Foundation organized a 10-day experiential learning program for Community Network Champions from the region, as a follow-up to its second annual Community Network Exchange. As part of this program, eight participants from Haiti, Bahrain, Nigeria, Kyrgyzstan, Philippines, Kenya, and Indonesia traveled to New Delhi and Guna to immerse themselves in intensive training on deployment of wireless networks, its operations, and management.

In these 10 days, Roel Vincent Vistal, Dhinesh Pandian, Ahmed Abdulali Abdulaziz Husain Alaali, Asanbaev Isabek, Reynold Guerrier, Erzhigit Imamov, Irine Chepngetich Misoi, and Paul Henry Yauko not only learned how Digital Empowerment Foundation is using unlicensed spectrum and frugal technology to connect the unconnected (most recently through its DIY Internet in a Box solution), but also brainstormed on new ideas for connectivity, challenges of community networks and policy recommendations for connecting the rest (while navigating multiple hospitality and logistical challenges of staying in rural India).

Reynold was particularly impressed by the commitment of the wireless engineers in Guna to change the destiny of their community through a bottom-up approach rather than wait for a top-down movement. Ronel could see how availability of communication services is essential to delivery of basic services, educational materials, disaster preparedness, governance, pump priming of local economy, and training local human resources, among many others. And Isabel particularly saw potential of MeraApp, an Android-based mobile application developed by Digital Empowerment Foundation to make entitlements accessible and available to the citizens, for people in Kyrgyzstan.

The Community Network Champions are now back in their home countries with revived energy and commitment to establish, scale up and strengthen community networks in their regions and bridge the digital divide.

Community networks work! Join the movement to help close the digital divide. #SwitchItOn

Categories
Human Rights Internet Governance Shaping the Internet's Future

Future Thinking: Arnaud Castaignet on Estonia’s e-Citizenship

Last year, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. In May 2018, we interviewed Arnaud Castaignet, head of public relations for Estonia’s e-Residency programme.

Arnaud Castaignet is the head of public relations for the Republic of Estonia’s e-Residency programme, a government-issued digital ID offering the freedom to join a community of digitally empowered citizens and open and run a global EU company fully online from anywhere in the world. Previously, he worked for the French President François Hollande as a digital strategist. Arnaud is also a Board Member of Open Diplomacy, a Paris-based think tank established in 2010, and a member of the Young Transatlantic Network of Future Leaders, a flagship initiative of the German Marshall Fund of the United States specifically geared toward young professionals 35 years old and younger. Estonia not only became the first country to say that Internet access was a human right, but has given their citizens free public WiFi, enabled them to vote online since 2005, and are protecting them with strong privacy, transparency and data protection laws.

The Internet Society: Estonia’s e-Residency programme bridges traditional borders by offering any citizen of the world the opportunity to become a digital citizen of Estonia. How’s that working for you?

Arnaud Castaignet: The e-Residency programme was created in December 2014 with a radical but simple idea: why should a country only offer its services to its own citizens and residents and not also to anyone from anywhere in the world? E-Residency is a transnational digital ID accessible to anyone from anywhere in the world, giving access to Estonian e-services without actually coming to Estonia. Although Estonia sees access to Internet as a right, we know access to services is totally unfair around the world. Unfortunately, if you are not from the right country, if you don’t live in the right place, you might not be able to access basic services that are necessary to create and run your business. With e-Residency, we want to provide all people with equal access to services and opportunities.

Two core values are driving our action. The e-Residency programme is inclusive: every person on the planet is able to become an e-resident of Estonia. Our programme is also empowering: we believe everybody in the world should have an equal opportunity to access the tools they need to become a successful entrepreneur and reach their full potential. We believe in this principle of fair equality of opportunity. Those who have the same level of talent and capability and the same willingness to use those gifts should have the same prospects of success regardless of their social class or origin, where they live or decide to travel. Our message to entrepreneurs is “focus on your ideas, your business, your product; we will keep the way open for you.”

The Internet Society: Is it true that even the Japanese prime minister is an e-resident of Estonia?

Arnaud Castaignet: Several Head of States became e-residents as an acknowledgement of Estonia’s advanced digital society and as a support for our innovative programme. Shinzo Abe is one of them, but also Angela Merkel and Xavier Bettel, for instance.

The Internet Society: Do you think other countries will, in the future, follow Estonia’s example in offering e-residency to attract investors/businesses?

Arnaud Castaignet: We believe that, by definition, no model can be fully duplicated from one country to another. Having an e-Residency programme was only possible because, first, Estonia has been building a digital society throughout the years. It is also influenced by the country’s mindset regarding innovation and transparency, our belief in the need to build more business ties with the rest of the world, and our vision of the need for States to transform themselves into something more agile, inclusive and empowering.

But we often receive political delegations from countries willing to be inspired by our experience and we hear about projects such as “m-residency” in Azerbaijan or Lithuania’s plans to use blockchain technology to allow company creation. We are quite enthusiastic about such developments because it will force us to remain innovative. The world is changing very fast and countries can easily fall behind if they refuse to address new issues or bury their heads in the sand.

We are always willing to share our experience and expertise, not only about e-Residency, but also about how States can evolve. Just to give you an example, each year, Estonia saves the equivalent of 2 percent of its GDP by using digital signature. If this system would be generalized everywhere, many European countries could benefit.

The Internet Society: Estonia is often cited as the poster child of e-governance with its radical digital developments. Can you tell us more about what differentiates Estonia from other countries in this regard?

Arnaud Castaignet: I think the main difference is that Estonia’s digital society is based on trust. The government of Estonia is built upon a solid foundation of transparency, with personal privacy and data integrity taken very seriously. Each citizen (or resident, or e-resident) knows exactly which administration has checked its personal data. Digital society and e-governance can only be created if there is trust between the people, state authorities and private enterprises. Building trust has got very little to do with technical solutions, but has a great deal to do with mindsets and culture. Changing this mindset is much more difficult and time-consuming than creating technical solutions. This means a lot of everyday work in building openness and safeguarding privacy and transparency.

It also cannot be built overnight: it’s a long and challenging process, requiring help and collaboration from different institutional and private actors, and a matter that it feels natural to address at the very beginning of the process of digital transformation of a country. Information must be shared, administration and government must be transparent, informal forms of interaction must be built, and you need to develop internal secure IT systems for public institutions that can be trusted, from the inside and the outside.

The Internet Society: What is the feedback to your programme? Has there been backlash, especially at a time when nationalism appears to be on the rise in some European countries?

Arnaud Castaignet: We now have more than 40,000 e-residents from 150 countries. Their stories are of course very diverse but they all have one thing in common: our programme helped to solve issues faced by these entrepreneurs and freelancers around the world. These individuals now see Estonia as a problem-solving country and we are proud of it.

With e-Residency, we show that a country doesn’t have to choose between being inclusive to the rest of the world or to make its population wealthier. It is by opening our digital borders that we generate Estonia’s revenues for the future that will benefit all Estonian citizens. We know there are opposite trends in other countries and some governments are more interested in building new walls, but building barriers will only prevent their citizens from gaining new and more opportunities. Walls do not protect anyone.

The Internet Society: Blockchain underpins many of your services, but some people are arguing that blockchain’s benefits are unreasonably hyped. What has your experience shown?

Arnaud Castaignet: The Estonian government has been testing blockchain technology since 2008. From 2012, blockchain has been in use in Estonia’s registries, such as national health, judicial, legislative, security and commercial code systems, with plans to extend its use to other spheres such as personal medicine, cybersecurity and data embassies. We believe blockchain has a great potential because it can improve trust in systems and, in our case, it adds an extra layer of security.

Whether we like it or not, the world is becoming more decentralised. The development of blockchain technology should make us build new lending relationships between citizens, companies and the state. I would say it is for the best because this is one of the reasons why blockchain has such a great potential. Not only does it have the ability to remove entrenched middlemen, but it can also improve the overall transparency of our systems. Of course, coordination and openness amongst technologists, designers and citizens is necessary. However, we must not be overly optimistic about the capacity of technological innovation, on its own, to change the course of history. People always come first.

The Internet Society: Can you tell us more about how Estonia encourages transparency in legislative processes? Why is it important, in your experience, to involve all stakeholders in governance? 

Arnaud Castaignet: The Estonian public can read every draft law submitted since February 2003. This system is also using blockchain technology. Readers can see who submitted the legislation, its current status, and changes made to it as it passed through the parliamentary process. Once a proposed act becomes law, it is published in the online state gazette, another searchable database that acts as an open legal library. The idea behind it is to increase the level of transparency in the state, to cut down corruption, and encourage citizens to take an active interest in legislative affairs. In 2017, the citizen initiative portal Rahvaalgatus.ee was launched, also making it possible to compose and send collective initiatives to the Estonian Parliament.

The Internet Society: What does the Estonian digital example tell us about the future of governance? What will the role of governments be in the future? Will they become more technocratic or neutral stewards of citizens’ increasingly digital lives (taxes, e-commerce, etc.)?

Arnaud Castaignet: We are facing an unprecedented era of change with multiple waves of technology enabling new business models and reshaping our economies and societies. Increasingly accustomed to living and working digitally, citizens might now have higher expectations for government’s technological adeptness and capability in the future. Most government structures and processes date to earlier than the 1950s and some of them seem to be more interested in building new walls rather than better serving their population in the digital age. These governments may face irrelevance if they don’t adapt to the new needs, habits and practices of their citizens.

The Internet Society: With Estonia’s ID card being central to life in Estonia – including banking, benefits, paying for parking tickets, accessing medical records, voting, renewing licences, etc. – how do you deal with fears about data protection, cybersecurity, and privacy?

Arnaud Castaignet: We must deal with any situation with full transparency because our digital nation depends on the trust of all its people — citizens, residents and e-residents. You cannot expect trust if the State is not transparent and accountable. If there is no citizen control of the use of personal data, citizens would be legitimately worried about their privacy. In Estonia, to ensure transparency and accountability, citizens are allowed to monitor their own privacy. They can trace anyone who has tried to access their data by logging on to the state portal, eesti.ee. There have been a few cases — among doctors and policemen, for instance — where people have been sentenced for unethically accessing certain databases. Protecting the integrity of our digital identity is always a top priority.

But being pioneers in these fields also means we will sometimes be among the first to encounter new challenges. Ten years ago, Estonia was the first in the world to experience a nationwide cyber-attack, for example, although no data was compromised. The attack served as a wake-up call for how the country’s digital infrastructure could be secured through radical new technology. Of course, no system can be fully secured but we still believe paper-based administrations are less secured than digital ones.

The Internet Society: Could your e-Residency programme redefine what it means to be a country in the future? Do you think digital identity will one day extend to constitutional rights or actual citizenship too, and not just everyday matters?

Arnaud Castaignet: Our secure digital identity system and e-services facilitate locational independence. The state serves not only its sparsely populated areas, but also the entire Estonian diaspora. Estonians who live anywhere in the world can maintain a connection to their homeland via e-services, contribute to the legislative process and even participate in elections. All of this facilitates the mobility of the population, while maintaining a strong link between them and public services. The e-Residency programme is now redefining this because it allows non-Estonians to benefit from these services; they use our country as a service. This was the idea behind the launch of our programme: why not also offer these e-services to non-Estonians, even those who do not reside in Estonia, who need better everyday solutions than those offered by their own states?

What we see is that this system also redefines what being an Estonian means. As President Kaljulaid said, “one can be Estonian in many ways. You can be an Estonian by thinking the same way we do, by having an interest in our country, by being an e-resident”. As I said, many e-residents want to know more about Estonia after they discover the country as a result of e-Residency. Some of them learn the language, others want to physically move here, and most of them become the best promoters of our country. They don’t give up their national identity, they add another that contributes to build their own personal identity and the way in which they define themselves. Global citizens need inclusive identities.

I, for instance, consider my personal identity as being fully global: I am an European, a French citizen of Cambodian origin, working for the Estonian government and benefiting from both French and Estonian services. Just as national identities are made up from national myths and ideas, personal identities are a construction based on several factors: the nationality and citizenship, of course, but also values, ideas, experience, areas of interests, among other things.

Right now, being an e-resident doesn’t mean having civil or legal rights in Estonia. If we reach hundreds of thousands of e-residents contributing to Estonian economy and benefiting from Estonian services, we will need to find ways for them to be more integrated to Estonian society, which will make the Estonian community much bigger. Estonia might one day have 1,3 million citizens but a community of 10 million e-residents feeling at least partly Estonian.

The Internet Society: What does this changing notion of identity mean for the future of privacy?

Arnaud Castaignet: Old, paper methods of identification – passports, birth certificates, driving licences, utility bills – are simply not suited for an online world. Access to health, banking and education also remains difficult for more than one billion people, including refugees and displaced populations, without an ID. The UN and other intergovernmental initiatives set a goal of providing everyone on the planet with a legal ID by 2030. It is well documented that those with access to a form of identity are better protected and able to access essential services than those who do not have an official identity. Digital identity and access systems can unlock a range of basic and empowering services for individuals, including financial inclusion, healthcare and education. They also hold significant promise for helping refugees and displaced populations to access immediate and longer-term services.

For public authorities, the key challenge will be to create harmonious digital bonds that secure the relationship between digital identities and wider society. This is only possible through a public framework of trust, built on guarantees of private data protection and security. To empower individuals, identity systems need to enhance security and convenience, preserve privacy and uphold individual rights and freedoms. Privacy and user control are core to realizing the full potential of digital identity. Stakeholders must create pre-emptive and responsive tools for safeguarding users against privacy violations, and establish legal frameworks and mechanisms for oversight and recourse in the event of misuse or abuse.

The Internet Society: What are your hopes for the future of the Internet? What are your fears?

Nothing new comes into our lives without a hidden curse. My biggest fear is that the Internet might help to perpetuate socioeconomic divides, especially if digital inequalities remain. In my opinion, the Internet must be a tool to reduce inequalities, whether they are digital, socioeconomic, geographical, etc. This is why topics such as net neutrality, for example, matter. When one attacks net neutrality, we know it will harm the poor because it reduces access to opportunities. We know from history that disruptive and game-changing ideas often come from the margins, not from big and established actors.

Of course, no one knows exactly how the Internet will evolve. I am convinced that, despite much of the negativity in the news right now, the overall trend appears to be positive for the opportunities that await our generation and the next one. My biggest hope is that Internet will allow more innovators to forge a way to the unknown by offering equal opportunities, thanks to access to services, information and education.  I am quite optimistic that governments and institutions will use the Internet to build more bridges and invest in skills development, and particularly soft skills – that combination of people skills, social skills, communication skills, character traits, social and emotional intelligence, that are absolutely crucial in the digital age. These skills will help citizens to adapt to disruption and will facilitate social and geographical mobility – some of the main issues and opportunities of our century – and increase the knowledge of others, other cultures and people.

What do you think the future of the Internet looks like? Explore the 2017 Global Internet Report: Paths to Our Digital Future to see how the Internet might transform our lives across the globe, then choose a path to help shape tomorrow.


Photo credit: Web Summit

Categories
IPv6

Google buys a /12 IPv4 Address Block

As per the RIPE Stat – BGPlay, Merit Network Inc (AS237) withdrew its advertisement of 35.192.0.0/11 on 18 October 2016. It didn’t ring any bells because they have plenty of IPv4 address space, but on 21 March 2017, ARIN announced that 35.192.0.0/12 has been added to the transferred list.

As no-one was advertising this block on the Internet, it was unclear who’d bought such a big block and at what price. On 29 April 2017, Andree Toonk (founder of BGPMon) tweeted about this announcement and surprisingly enough it was announced by Google.

More digging in RIPE Stat – BGPlay suggests that Google started announcing 35.192.0.0/13, 35.200.0.0/14, 35.204.0.0/15 from AS15169 on 12 April 2017. As per the Whois information, Google has allocated this block for Google Cloud customers *** The IP addresses under this Org-ID are in use by Google Cloud customers ***

This transaction of more than a million IPv4 addresses started a debate why Google had to make this move when their IPv6 stats suggest that IPv6 deployment is increasing worldwide and most of their services are already available through IPv6.

The above graph from the Google IPv6 Statistics shows a growth of almost 7% in the last 12 months. This looks great but is that enough? The answer is of course not. Other statistics from the APNIC IPv6 Measurement Map show another side of IPv6 deployment status around the world. It is much better than previous years and it’s improving every month but is still not close to satisfactory.

Google has to serve its customers all around the world and if those customers don’t have IPv6 then they need to give them the option of IPv4. As rightly commented by Mark Smith on the AusNOG mailing list,

“The reason why I think Google buying the /12 is significant, despite Google services being thoroughly IPv6 enabled for quite a while, they’re not buying those IPv4 addresses to solve their own lack of IPv6 deployment. They’re trying to overcome others lack of IPv6 deployment, and paying a large amount of money to mostly solve somebody else’s problem rather than their own. I can only see them and others in a similar situation tolerating those costs for a limited time. They have a financial motivation to actively minimise or avoid those costs sooner rather than later.”

To summarise the discussion, whether it’s Google or any other major cloud or content provider, they can’t serve you IPv4 forever and may give up on you sooner or later. If you are an ISP not providing IPv6 to their customers then your customer will move to another ISP, and this is only a matter of time.

If you want to find out more about how to deploy IPv6 in your network, you can check out our IPv6 resources, attend any of our upcoming IPv6 training (workshop/tutorial) around the world, or reach out to us and let us know how can we help.

Categories
Internet of Things (IoT)

IoT Trust Framework Released – Momentum Growing

The Online Trust Alliance’s IoT Trust Framework is rapidly evolving to be the foundation of an international effort to integrate security, privacy and sustainability in IoT devices and services. Developed over the past twelve months, the Framework represents collective input from over 100 organizations who, through a multi-stakeholder process, established a baseline Framework of 30 essential criteria. The goals of the Framework include providing prescriptive guidance to help establish security, privacy and sustainability as product differentiators and part of the consumer value proposition. Combined, they offer consumers added transparency, choice and control of the security, collection and use of their personal data.

Released simultaneously at the RSA Conference in San Francisco and at a meeting with two-dozen consumer testing organizations in Brussels, the IoT Trust Framework is now being embraced by developers, retailers and trade organizations. Collectively this coalition cites the importance of the Framework to help address many IoT shortcomings, while accelerating innovation and demonstrating a commitment to self-regulation. Supporting the implementation of the Framework, OTA released a draft resource guide and related resources. More >

Media coverage has been extensive including The Financial Post, Fortune, CBS News and others. (See other media coverage). At the RSA conference, attendees stressed that the Framework can and should be adopted today as it rests on established practices, protocols and methods rather than forcing new procedures. In Brussels, participants validated that the Framework’s principles are applicable globally and are essential criteria for any product testing and certification programs. Additional public statements of support have come from the International Telecommunications Union’s IoT Global Standards and theNational Association of Realtors Smart Home initiatives.  These accomplishments have been made possible through the hard work and input from over 100 OTA and IoT working group member companies.   Thank you!

Industry Leaders Embrace the OTA IoT Trust Framework

“Newcomers who are not technologists will face challenges. As soon as you put a sensor on something, and collect and send data, you are in the data business. Now all the issues of data hygiene and security matter,” remarked Harvey Anderson, Chief Legal Officer, AVG Technologies. “The OTA Framework is a great tool for developers large and small.”

“The OTA Framework helps to identify major security and privacy gaps which exist in many IoT devices and services. For example data minimization is critical. The rise in data collection begs the questions of stewardship: how much to keep, how long to retain and where to store. In addition to security fundamentals, it is critical that choice and transparency be provided to consumers,” notedBrian Witten, Senior Director, IoT Services, Symantec.

To learn more and get involved and make security and privacy part of your IoT value proposition,contact us!

Categories
Community Projects Growing the Internet Improving Technical Security Internet Governance

Day 2: Collaboration and Community at IGF 2016

Welcome to Day 2 at the 2016 Internet Governance Forum!

Today will be packed with discussions focusing on the importance of working together, being inclusive, and empowering people to fight for the Internet they want.

Join online and tell world leaders that your voice must be included Internet policy discussion.  The IGF is a great place to start.

Take Part Online

  • Register to take part from wherever you are!

Day 2: Wednesday, December 7

WHAT WHEN / WHERE ISOC REPRESENTATIVE
WS191: “Are we all OTTs? Danger of regulating an undefined concept” 09:00 – 10:30
Workshop Room 1
Raùl Echeberrìa speaking
WS143: How to acknowledge Cyber Evidence – Reform/New Parallel Law 9:00-10:30,
Workshop Room 5
Walid Al-Saqaf speaking
Sustainable Development, Internet and Inclusive Growth 10:00 – 13:00
Main Session Room
Raùl Echeberrìa speaking
Lightening session: South Summer School on Internet Governance SSIG 13:50-14:10
Lightening Session Area
Olga Cavalli speaking
WS 238: Community Connectivity: empowering the unconnected 15:00 – 16:30
Workshop Room 2
Christian O’Flaherty speaking
WS 152: Working Together: Collaborative Security in local contexts 15:00 – 16:30
Workshop Room 3
Olaf Kolkman and Hiroshi Esaki speaking
WS 159: Encryption and safety of journalists in digital age 15:00 – 16:30
Workshop Room 6
Sebastian Bellagamba speaking
ITU Open Forum: WSIS Action Lines supporting the implementation of the SDGs 16:00 – 17:00
Workshop Room 4
Constance Bommelaer speaking
WS: CICG-A new Social Compact for Internet Governance 16:30-18:00,
Workshop room 5
Sally Wentworth speaking
DIPLO Open Forum 17:00 – 18:00
Workshop Room 10
Constance Bommelaer speaking
Technical community reception (ISOC, ICANN, NRO)
RSVP required
18:30-20:30
PALCCO, Concession Hall
Multiple ISOC staff

Quick Links

Categories
IETF Internet of Things (IoT) Open Internet Standards Technology

Rough Guide to IETF 97: Internet of Things

The Internet of Things (IoT) is a buzzword around the Internet industry and the broader technology and innovation business. We are often asked what the IETF is doing in relation to IoT and in this short post for the IETF Rough Guide to IETF 97, I’d like to highlight some of the relevant sessions scheduled during the upcoming IETF 97 meeting in Seoul. First, though, I’d like to add a small advertisement for you to tune into the ISOC@IETF Briefing Panel on Tuesday, 15 November, during lunch on “The I in IoT: Implications for a Global Open Internet.” Registration to attend onsite is full, but you can watch the webcast live via this page.

Before talking about specific activities taking place in Seoul, I’d like to highlight a couple of recent IETF Journal articles that provide some background on IETF activity related to IoT. In “The Internet of Things Unchecked,” Dave Plonka provides a very timely call to take the threat posed by unmanaged IoT devices more seriously. Dave also includes some fascinating measurement results. “Low-Power Wide-Area Networks at the IETF” provides an excellent overview of the new breed of wireless technologies that are emerging to support a huge variety of IoT applications and introduces the new ipwave WG (more below). And finally, Samita Chakrabarti provides an update on the activity of the IPv6 over Networks of Resource-Constrained Nodes (6lo) Working Group that is developing specifications for running IPv6 over a range of wireless technologies suitable for IoT applications. More details of their meeting are provided below.

It’s also worth noting that the IAB is concerned about the risks posed by unmanaged IoT devices and recently held a workshop to discuss the challenges of providing software update mechanisms for constrained embedded devices. A draft report of the workshop proceedings is now available. The technical plenary in Seoul is also relevant and will include a moderated discussion of the recent Denial-of-Service attacks involving the use of compromised or misconfigured nodes and the architectural issues associated with the network being vulnerable to these attacks. There is some more detail here.

The Thing-to-Thing Research Group investigates open research issues in turning the IoT into reality. They will be meeting on Wednesday afternoon in Seoul to report out on various recent activities. The group will also be meeting jointly with the Information Centric Networking RG on Sunday November 13 in the morning (0900-1200), and there is a ‘Managing Networks of Things’ workshop taking place, also on Sunday, in the afternoon (1300-1700) at the Kensington Hotel Yoido.

The 6lo WG defines mechanisms to adapt IPv6 to a wide range of radio technologies, including “Bluetooth Low Energy” (RFC 7668), ITU-T G.9959 (as used in Z-Wave, RFC 7428), and the Digital Enhanced Cordless Telecommunications (DECT) Ultra Low Energy (ULE) cordless phone standard and the low-cost wired networking technology Master-Slave/Token-Passing (MS/TP) that is widely used over RS-485 in building automation. They will be meeting on Tuesday afternoon in Seoul.

The 6tisch WG was chartered in 2014 to enable IPv6 for the Time-Slotted Channel Hopping (TSCH) mode that was recently added to IEEE 802.15.4 networks. They are meeting on Thursday morning in Seoul.

Following on from a successful BoF meeting during IETF 96 in Berlin, the IPv6 over Low Power Wide-Area Networks (lpwan) WG has been chartered and will be meeting in Seoul for the first time. Typical LPWANs provide low-rate connectivity to vast numbers of battery-powered devices over distances that may span tens of miles, using license-exempt bands. This new WG will meet on Monday afternoon in Seoul.

Another relatively new WG is the IP Wireless Access in Vehicular Environments (ipwave) WG. This group’s primary deliverable is a specification for mechanisms to transmit IPv6 datagrams over IEEE 802.11-OCB mode. ipwave will meet on Wednesday afternoon in Seoul.

The core WG aims to extend the Web architecture to most constrained networks and embedded devices. This is one of the most active IoT working groups and they will be meeting twice in Seoul, on Wednesday afternoon and Friday morning.

Security for IoT is addressed in several WGs including the ace WG that is concerned with authenticated authorization mechanisms for accessing resources hosted on servers in constrained environments. ace will meet on Thursday afternoon.

Routing for IoT is tackled by the roll WG which focuses on routing protocols for constrained-node networks. Wednesday morning is the time for them to meet in Seoul.

Finally, in addition to the new protocols and other mechanisms developed by IETF working groups, IoT developers often benefit from additional guidance for efficient implementation techniques and other considerations. The Lightweight Implementation Guidance (lwig) WG is developing such documents and they will meet in Seoul on Thursday morning.

If you have an interest in how the IoT is developing and being standardised in the IETF, I hope to see you in person or online at some of these meetings during IETF 97.

Relevant Working Groups, BoFs, and Events at IETF 97

Technical Plenary
Wednesday, 16 November 2016, 1640-1910, Grand Ballrooms
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ietf/

t2trg (Thing-to-Thing) RG
Wednesday, 16 November 2016, 1520-1620, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/t2trg/
Charter: https://irtf.org/t2trg

6lo (IPv6 over Networks of Resource-constrained Nodes) WG
Tuesday, 15 November 2016, 1550-1820, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6lo/
Documents: https://datatracker.ietf.org/wg/6lo/
Charter: http://datatracker.ietf.org/wg/6lo/charter/

6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG
Thursday, 17 November 2016, 0930-1100, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6tisch/
Documents: https://datatracker.ietf.org/wg/6tisch/
Charter: http://datatracker.ietf.org/wg/6tisch/charter/

lpwan (IPv6 over Low Power Wide-Area Networks) WG
Monday, 14 November 2016, 1550-1750, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/lpwan/
Documents: https://datatracker.ietf.org/group/lpwan/
Charter: https://datatracker.ietf.org/group/lpwan/charter/

core (Constrained RESTful Environments) WG
Wednesday, 16 November 2016, 1330-1500, Studio 2
Friday, 18 November 2016, 0930-1130, Studio 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/core/
Documents: https://datatracker.ietf.org/wg/core/
Charter: http://datatracker.ietf.org/wg/core/charter/

ace (Authentication and Authorization for Constrained Environments) WG
Thursday, 17 November 2016, 1520-1750, Studio 4
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ace/
Documents: https://datatracker.ietf.org/wg/ace/
Charter: http://datatracker.ietf.org/wg/ace/charter/

roll (Routing Over Low power and Lossy networks) WG
Wednesday, 16 November 2016, 1110-1210, Park Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/roll/
Documents: https://datatracker.ietf.org/wg/roll/
Charter: http://datatracker.ietf.org/wg/roll/charter/

lwig (Light-Weight Implementation Guidance) WG
Thursday, 17 November 2016, 1110-1210, Grand Ballroom 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/lwig/
Documents: https://datatracker.ietf.org/wg/lwig/
Charter: http://datatracker.ietf.org/wg/lwig/charter/

ipwave (IP Wireless Access in Vehicular Environments) WG
Wednesday, 16 November 2016, 1330-1500, Grand Ballroom 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ipwave/
Documents: https://datatracker.ietf.org/wg/ipwave/
Charter: http://datatracker.ietf.org/wg/ipwave/charter/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf97.

Categories
Community Projects Internet Governance

Bringing Youth to the Internet Governance Discussions

Many young people age 18-25 are the first generation of adults to grow up not knowing the world without the Internet. For those that do not have access, they are some of the people that are pushing hardest for it.

Young people are shaping online culture in so many ways. They use the Internet to meet people around the world, create the videos that go viral, they create art that moves us and start and stand behind online social movements that make us think.

They are building their dream Internet.

And yet when it comes to policy discussions, most of them are not at the table.

We want to change that.

Last year, we partnered with the Brazilian Internet Steering Committee (CGI Brasil) to launch a pilot program called “Youth@IGF.”

It saw 120 young people — aged 18-25 — from around Latin America and the Caribbean, go through a series of online courses about privacy, security and Internet governance. They came from a wide variety of backgrounds, ranging from programming and engineering to law and activism. More than 70 went on to attend one of the world’s most influential meetings in Internet policy, the Internet Governance Forum.

Many of the Youth@IGF participants went on to form the ISOC Youth SIG; our first special interest group focused on how governance issues affect young people.

This year, we’re expanding Youth@IGF to include young people from around the world with NIC México and the Government of México as proud partners. Together, we’ll put 200 young people through online coursework, and send the top performers to the IGF in Guadalajara.

“These young people are among the next generation of Internet leaders. They are the ones who will take up the mantle to help figure out how to preserve the privacy of Internet users, how to make a more secure Internet, and how to connect the next billion users. It’s crucial we get them involved now” says Toral Cowieson Senior Director of Leadership Porgrammes at the Internet Society.” The Youth SIG is already helping start many of these discussions among both their peers and the generation of teenagers coming up behind them.

When it comes to Internet governance, we don’t need young people to be the future. We need them to be part of the present. Youth@IGF is one of the ways we’re making that happen.

If you qualify, we urge you to apply now and build your #dreamInternet.

For more information and application, please visit Youth @IGF Programme pages:

Categories
Community Projects Growing the Internet

Local Content in Local Languages Matters

Sub-Saharan Africa has seen great improvements in connectivity infrastructure and affordability in recent years. In particular, in some countries up to 90% or more of citizens have access to mobile Internet signals. In spite of this, Internet adoption is stagnating in many countries. The report “Promoting Content in Africa” poses that in order to spur growth, a greater emphasis on the demand for Internet connectivity is required. The report focusses on a number of issues which need to be addresses in order to facilitation content creation and availability, thereby improving the value of Internet connectivity to potential users in Sub-Saharan Africa.

Crucially, a greater focus on local language content is required, as many potential users do not have sufficient skills in popular online languages such as English and French, but do in local languages. Currently, there are very few websites in local languages, which leads to a vicious circle with little content creations in terms of websites, which attracts few users, which in turn is little incentive for further website content creation. When direct communication such as through social media, such as Facebook and Whatsapp, is concerned, uptake and local language usage is much greater.

National governments can fulfil a key role in stimulating local language content on the web, by leading by example and ensuring that content on government websites is also available in the recognised official local languages.

Additionally, monetisation of content is currently a severely limiting factor. There are significant barriers on the payments side, which prevent users from purchasing content. However, there are even greater barriers on the payout side, which prevent content creators from effectively monetising their content. This last limitation also applies to monetisation of content through advertising. In addition to this, advertising is hindered by a very limited support of local languages, which means that local language pages cannot be monetised.

Find out more about what you can do to promote local content.

Categories
Events IETF Women in Tech

Where the world’s largest gatherings of women in technology gather: #GHC15 and ‪#GHCI15‬‬‬

Image: Vyria Paselk-Director of Internet Leadership at the Internet Society and Kathleen Moriarty-Kathleen Moriarty, Security Area Director at the IETF 

Women represent 51% of the global population, yet the statistics for women in technology are not even close to equal (some reports estimate only 26% of the computing workforce are women).

In order for the Internet to be useful for ALL we need more women shaping the future of the Internet. One organization who is working to close this gap is the Anita Borg Institute (ABI). The Internet Society has partnered with ABI for the past four years to get more women involved in technology and to get more women involved with the Internet.

Twelve thousand women from around the world gathered in Houston, Texas in October 2015 for the Grace Hopper Celebration of Women in Computing conference. I was one of those 12 thousand women. I work specifically to get more young people involved in shaping the future of the Internet and I’m proud that ISOC is committed to getting more women involved in helping make the Internet work for ALL.


Internet Society sponsored attendees at Grace Hopper India. From left to right: Amrita Choudhury, Mini Ulanat, and Suprita Lnu 

ISOC was a nonprofit gold sponsor of #GHC15 which celebrates and expands on opportunities for women in computing. As an organization we are committed to supporting and attending this event to raise awareness for our IETF fellowship programme available to technical women from emerging and developing economies (see more detail below). The conference gives us an opportunity to speak with highly qualified women interested in Internet specific technical work and encourage them to apply for the fellowship and/or share it within their companies, universities, and networks.

ISOC was also a bronze sponsor for the Grace Hopper Celebration of Women in Computing (India) conference held in Bangalore in December  2015. ISOC sponsored three technical women from our community to attend India’s largest gathering of women technologists. On the ground support was also provided by our ISOC Bangalore chapter. Our sponsored participant from Delhi had this to say about her experience:

Grace Hopper India was a wonderful platform for meeting, hearing and exchanging views with other women in technology. The conference provided great insights on how women have overcome obstacles and attained success in the field of technology.

I’m proud that ISOC realizes the importance of women’s voices in technology and I’m proud to be part of ongoing efforts to help encourage more women to take advantage of the opportunities available to make an even greater global impact!

ISOC will once again be a sponsor of the Grace Hopper Celebration of  Women in Computing Conference in Houston and we hope to see you there!

More on ISOC’s Fellowship to the IETF

The Internet Engineering Task Force (IETF) is the world’s premier open Internet standards-development body. The Internet Society Fellowship to the IETF is available to technology professionals, advanced IT students, and other qualified individuals from developing and emerging economies.

Fellows to the IETF attend an IETF meeting where they are paired with an experienced mentor and are expected to make a positive contribution to IETF work. Find out how to apply for an IETF Fellowship.

More on the Grace Hopper Celebration and the organization behind it

The Anita Borg Institute for Women and Technology (ABI) was founded in 1997 by renowned computer scientist Anita Borg, Ph.D. (1949-2003). Co-founded by Dr. Anita Borg and Dr. Telle Whitney in 1994 and inspired by the legacy of Admiral Grace Murray Hopper, the Institute’s Grace Hopper Celebration (GHC) Of Women In Computing Conference is designed to bring the research and career interests of women in computing to the forefront. It is the largest technical conference for women in computing and results in collaborative proposals, networking, mentoring for junior women and increased visibility for the contributions of women in computing. Conference presenters are leaders in their respective fields, representing industry, academia and government. Top researchers present their work while special sessions focus on the role of women in today’s technology fields.

Categories
Building Trust

Trust and Taxes

Tax season.  It’s that time again for taxpayers and cybercriminals. While earners work to complete their 1040s, criminals tune their tax fraud campaigns with increased sophistication. Reputable companies are being victimized, tarnishing their brands and impacting their business models, employees and shareholders.  In today’s world knowing who you can trust is crucial to navigating the tax season — but sadly, many companies are failing security fundamentals, consumer protection and responsible privacy practices.

The Online Trust Alliance evaluated privacy, consumer protection and security practices of the 13 “Free File Allianc”e web-based e-filing services noted on the IRS website for taxpayer use in the 2016 IRS Free e-File Audit and Honor Roll. Hat’s off to the Honor Roll recipients who demonstrate leadership when it comes to consumer protection, security and privacy for the highly sensitive information used in tax filing.

Shockingly, however, 46% of IRS listed services failed the audit.  In particular, they failed due to poor site security and not taking steps to help protect consumers from fraudulent and malicious email – one of the criminal set’s favorite attack vectors at tax time.  The audit is based on OTA’s widely recognized industry-developed methodology which has been used in its annual Honor Roll analysis for over eight years. The metrics are reviewed, vetted and updated annually.  Beyond OTA’s metrics, this analysis also checked against the IRS’s own security and privacy mandated standards; one company is currently out of compliance on this front as well.

That so many IRS-approved e-filing sites fall so far short is more than disappointing, it is disturbing.  The history of Honor Roll analysis shows that all the current best practices OTA recommends are readily implementable for companies of every size.  That these e-file services fail to employ commonly used security standards and best practice protections highlights the need for all companies to review the basics.  Further, it’s concerning that the IRS – which should be a source of trustworthy consumer advice – provides links to these sites as authorized e-file partners. OTA urges additional oversight for all e-file sites to maximize consumer protection.

Stay safe this tax season.  Beyond confirming the trustworthiness of any service you use, follow OTA’s tip checklists for Consumers and Businesses & Tax Professionals to protect your sensitive information and arm yourself with knowledge against fraud or attack.

Categories
Building Trust Internet of Things (IoT)

It Sees You When You’re Sleeping, It Knows When You’re Awake

I love my fitness tracker.  Not only does it affirm me (I met my today’s goal!), it also supports my inner narrative (of course I’m cranky – I slept badly last night… be nice to me).  Last holiday season it was the gift I didn’t even know I wanted until I got it.  This year, we’re both older and wiser. Trust in our relationship has shifted from blind innocence to practical, mature action.  I’ve come to realize more and more about how my device gathers, transmits and stores reams of personal data on me and my habits.  Empowered with this knowledge, I see the importance of checking and deliberately choosing the various security and privacy settings and agreements my device includes.

This holiday season we estimate over 50 million connected devices will be given as gifts.  Not just fitness trackers, but also slow-cookers you can adjust from your office so dinner is perfectly hot when you get home and televisions that remember exactly where you are in which episode for each series you’re binge-watching, no matter the source. Lightbulbs tied to your mood, speakers that recognize when you walk into a room to keep your personal music following you throughout the house. These connected or ‘smart’ devices seem helpful, supportive and eager to make life nicer.  But with them comes an explosion of privacy and security concerns – particularly when gift givers and recipients have those first-love stars in their eyes.

Security and privacy researchers have already reported vulnerabilities in smart televisions, camera-enabled baby monitors, fitness bands and more.  The risks range from exposing your private data, to sharing your open/unencrypted passwords, to taking over cameras for spying on your home.  Further, the interconnectedness of the “Internet of Things” means your personal data likely is shared across many companies, not just the manufacturer of the device you chose.  Even as companies work to improve security, patch vulnerabilities and strive for sound privacy practices, new threats appear and complexity puts us at ever greater risk.

Still, there are sensible, basic steps every consumer can take to reduce their risk and help prevent exposure as much as possible.  OTA’s Smart Device Purchase & Setup Checklist provides a straight-forward checklist of privacy and security actions you can take with your smart devices.  Use these steps on devices you receive as gifts; double-check them on devices you already own; run through the list again on any device you plan to sell or give away.

The new “smart” connected devices are exciting, fun and personal in a way that may sweep us off our feet.  But without a little sensible caution personal relationships can tip over into creepy, or even dangerous, and no one wants that. Go ahead, fall in love this holiday season – just do it with at least one eye open.

To learn more about OTA’s Internet of Things initiative, please visit https://otalliance.org/IoT and check out the IoT Trust Framework, more information on the multi-stakeholder working group and a wealth of additional resources. 

Categories
Building Trust

Does Your Favorite Presidential Candidate Make the Grade?

As the Presidential race kicks into high gear, voters are evaluating how candidates will tackle tough issues on foreign and domestic policy.  Let’s hope they don’t overlook topics relating to online privacy and security.  A recent Pew Research Center survey indicates that 74% of American believe control over personal information is “very important,” yet only 9% believe they have such control.

The Online Trust Alliance (OTA) recently looked at twenty-three candidates’ websites to determine how they are managing voters’ privacy and security concerns.

What we found might be surprising. Of the twenty-three candidates’ sites reviewed, only 6 received a “passing” grade on the three areas scored – privacy, security and consumer protection.  Those 6 candidates also made the “Honor Roll” for their data stewardship while the rest (17) received a failing grade, primarily for their privacy policies.  Most candidates had clear privacy policies in place but 4 didn’t have a discoverable policy so there is no way to know what happens to ones data. Voters should also take notice that when they sign-up to support or make a donation to a candidate, that information can also be shared or sold to other like-minded organizations.  While this may be standard operating procedure among political candidates the question has to be asked why politicians aren’t held to the same standards as e-commerce websites that must adhere to Fair Information Practice Principles, clearly stating the use, sharing and retention of data.

OTA recommends that candidates’ adhere to the following best practices:

  • Have a privacy policy that is short, less than 500 words, is multi-lingual, layered and is written for consumers not lawyers
  • Make privacy policy accessible via a link on the footer of every page, date stamped with archived updates
  • Restrict data sharing to only third parties necessary to support your campaign
  • Honor a donor’s request to unsubscribe from your mailing lists and remove data from database
  • Respect a user’s browser “Do Not Track” setting
  • Prepare for a data breach and have an incident readiness plan
  • Ensure that email servers are configured to help protect consumers from spear phishing and forged email

For more information download the audit and join us for a webinar about the Presidential Honor Roll and methodology on Friday, September 25th at 10 a.m. PDT/1 p.m. EDT.