1. From Surveillance to Cyber War: What are the Limits and Impacts?
Moderators: Jan Kleijssen (Council of Europe) and Chris Bronk (Rice University)
Description: The Snowden revelations have touched off widespread criticism and alarm of government organized mass surveillance and computer network exploitation and attacks. Yet even liberal democratic governments require well-equipped law enforcement, intelligence, and armed forces to enforce the law and secure themselves from threats abroad. The world can be a nasty place, and we have to live in it. Both mass and targeted surveillance, including computer network exploitation and attacks, are likely going to be a part of the that world for the foreseeable future. What are the proper limits and safeguards of lawful intercept? Do we need new forms of oversight and accountability? How do we reconcile the seemingly conflicting missions of agencies charged to protect domestic critical infrastructure from attack while developing ways to compromise networks abroad? Is there an arms race in cyberspace? How do we control it? Can we develop norms to limit global cyber espionage?
2. Our Data, Security, and the Digital Commons: What are the Challenges and Opportunities?
Moderators: Heather Leson (Humanitarian OpenStreetMap Team) and Meredith Whittaker (Google Research)
Description: The world of Big Data is revolutionizing research, humanitarianism, conflict prevention, open accountable governments, and the work of secretive intelligence agencies. This working group will explore the opportunities, tensions, and challenges of data collection and use in business, government and civil society. What are the data needs from different stakeholders? What are the unforeseen risks, especially security risks, that go along with them? How can we ensure the privacy and confidentiality of our data? Do we need to encourage more emphasis on digital security? What are the ethical and legal issues that need to be considered? What are the tradeoffs and risks?
3. Building Transnational Epistemic Communities around Cyber Security
Moderators: Fieke Jansen (Hivos), Guy Berger (UNESCO), and Joshua Corman (Sonatype)
Description: Traditionally, the Internet functions remarkably well largely because of transnational networks of engineers—the security community—who work on the basis of reputation and trust. Many members of this distributed security community come from the private, non-profit, advanced research, and civil society sectors. Over time, the autonomy of these networks has subtly eroded, and hierarchical elements have been gradually introduced. Technical governance and standard setting forums have become increasingly politicized as the stakes have become higher and governments have intervened. National law enforcement and intelligence agencies are not only more present at the Internet technical and standard setting forums, but they are also playing a more influential role in response to cyber security policing. Some of the Snowden revelations have shown a more nefarious intervention: subterfuge designed to covertly influence the decisions of the security community. While networked peer production governance of cyber security has not been entirely overturned or subverted, the general trend is towards more state involvement, hybrid forms of networked-hierarchical practices, growing secrecy, and politicization of technical standards.
What type of strategy would be needed to reverse this process? Is it possible to recover trust and reputation among these security communities in the wake of the Snowden revelations? Is it possible to immunize the security community from national rivalries and the type of secrecy that goes along with it? How can a distributed model of security co-exist with an international system in which states are increasingly viewing cyberspace as a domain to be contested, fought over, and controlled along national or regional lines?
4. Towards Responsible and Transparent Data Stewardship
Moderators: Andrew Hilts (Fortitude) and Rebecca MacKinnon (New America Foundation)
Description: In the span of a few short years, we have essentially turned our digital lives inside out, entrusting huge volumes of data to third parties that would have been unimaginable even a decade ago. This entrusting includes not only the data we are conscious of and deliberate about (such as e-mails, texts, etc.), but also that of which we are largely unaware, such as the metadata contained in the beacons of our smartphones or the headers of our emails. Almost all of these third parties are private companies of various sizes, geographical locales, and market segments. Whether and under what conditions these companies share the data they collect from and about us is generally speaking a mystery, but has become an issue of intense public concern in the wake of the Snowden revelations. How do we encourage the private sector to become more responsible and transparent stewards of the data they manage? Why are some companies in some jurisdictions and domains more transparent than others? What pressure points are most useful in encouraging companies to adopt transparency reports?
5. Power Shift? Governance Models for the Next Billion Online Users
Moderators: Milton Mueller (Syracuse University) and Hanane Boujemi (Hivos)
Description: This workshop will explore how the governance of the Internet might adjust to the ongoing shift in the population of Netizens as the next billion online users arrive from the Global South. The workshop will focus on the impact of two geopolitical change agents in particular: the Snowden revelations and the World Conference on International Telecommunications (WCIT). Exposures of NSA surveillance have triggered both nationalistic reactions (e.g., data localization efforts in Brazil) and dramatic moves toward heightened globalization (e.g., the US Commerce Department’s willingness to end its control of ICANN, and the Brazil Multistakeholder Meeting on the Future of Internet Governance). The clash between governance models at the 2012 World Conference on International Telecommunications led to the fragmentation of the International Telecommunications Regulations, a schism which pitted Western developed nations with established internet economies against many developing nations. Are Snowden and WCIT fragmenting—or unifying—the geopolitics of Internet governance? What mechanisms can ensure the integration of the global South in the policymaking process?