Re-drafted resolution from India at the ITU Plenipotentiary

ITU’s role in Improving Network Functionalities for Evincing Trust and Confidence in IP based Telecom Networks

The Plenipotentiary Conference of the International Telecommunication Union (Busan, 2014),

recalling,

Resolution 101 (Rev. Guadalajara, 2010) of the Plenipotentiary Conference, on ‘IP-based networks’, in which Member States resolved to vest ITU with the mandate to collaborate and coordinate with relevant organizations involved in the development of IP-based networks and the future internet;

Resolution 102 (Rev. Guadalajara 2010) of the Plenipotentiary Conference, on ‘ITU’s role with regard to international public policy issues pertaining to the Internet and the management of Internet resources, including domain names and addresses’;

Resolution 130 (Rev. Guadalajara 2010) of the Plenipotentiary Conference, on ‘Strengthening the role of ITU in building confidence and security in the use of information and communication technologies’;

recalling further,

Paragraph 39 of the Tunis Agenda, on building confidence and security in the use of ICTs by strengthening the trust framework;

Paragraph 46 of the Tunis Agenda, on ensuring respect for privacy and the protection of personal information and data;

Action Line C5 of the Geneva Plan of Action, on ‘Building confidence and security in the use of ICTs in realizing Information Society’, of which ITU is the sole coordinator;

the ongoing work under SG17 of ITU-T on ICT Security Standards Roadmap and under other questions, and SG13 on Next Generation Networks;

recognizing,

that equitable, fair and just allocation and assignments of resources related to packet networks are necessary for telecom/ICT development, and require facilitation and collaboration among relevant organizations and member states for planning, implementation, monitoring and cooperation in its policies;

that for proper functioning of a telecom network, resources namely, among others, naming, numbering and addressing are necessary;

that, Council Resolution 1305, identified public policy issues related to International Internet (telecom/ICT management), such as security, safety, continuity, sustainability, and robustness of the Internet (telecom/ICTs), and Council Resolution 1336 adopted at its 2011 session established a working group of the council on Internet Public Policy (CWG- Internet) whose terms of reference are to identify, study and develop matters related to International Internet Public related issues including in resolution in 1305.
that for security and safety of telecom/ICT services, member states need to develop appropriate legal, policy and regulatory measures, which need to be supported by technical capabilities of networks;

that the private sector should play an active role in day-to-day operations, innovation and value creation;

that a multi-stakeholder approach should be adopted, to the extent possible, at all levels to improve the coordination of activities of international and inter-governmental organizations and other institutions involved in telecom/ICT networks based on IP technology;

considering,

that all future networks are likely to be packet-based, delivering several telecom services presently based on IP technology;

that modern day packet networks at present have many security weaknesses, including those relating to records of network transactions;
that at times, even for local address resolution, the system has to use resources outside the country, which makes such address resolution costly and to some extent insecure, and may result in violation of privacy by other State, even without any recourse to address the privacy violation issue citing non applicability of privacy protection laws to non-citizens or by having different laws for citizens and non-citizens;

that at times, communication traffic originating and terminating in a country also flows outside the boundary of a country making such communication costly and to some extent insecure, and may result in violation of privacy even without any recourse to address the privacy violation issue citing non applicability of privacy protection laws to non-citizens or by having different laws for citizens and non-citizens;
that IP addresses are not contiguously distributed, which makes the tracing of communication difficult in case of need as per national laws;

resolves,

to address systematically the issues in the considering part of this resolution, seeing their criticality to deliver ICT-based services through public telecom networks, in view of ITU’s role in “Building confidence and security in the use of ICTs”, fulfilling of which is a fundamental need in realizing Information Society,

instructs the Director of the TelecommunicationsStandardization Bureau,

to undertake study in collaboration with relevant organisations蜉 involved in the development of IP-based networks and future networks:

to explore the development of naming and numbering system from which the naming and numbering of different countries are easily discernible;
to develop principles for allocation, assignment and management of IP resources including naming, numbering and addressing which is systematic, equitable, fair, just, democratic and transparent;

to make recommendations on network capability which ensure effectively that address resolution for the traffic originating and intended to be terminated by the user in the same country/region takes place within the country/region;

to undertake study in collaboration with relevant organisations1 involved in the development of IP-based networks to recommend a system that ensures effectively that traffic originating and intended to be terminating in the same country remains within the country;

to undertake study in collaboration with relevant organisations1 involved in the development of IP-based to recommend effective ways for maintaining faithful records of transactions through the network;

to undertake study in collaboration with all stakeholders involved to study the weaknesses of present protocols used in telecom networks, and develop and recommend secure, robust and tamper-proof protocols to meet the requirements of future networks in view of the envisaged manifold increase in traffic and end-devices in the near future in the light of IoT and M2M needs.

invites Member States and Sector Members

to participate actively in the discussions around these issues and to make contributions.

On the international politics of ITU negotiations

Heading into the last week of the International Telecommunications Union Plenipotentiary in Busan, the fault lines on crucial Internet-related issues appears fairly clear. The ad hoc group on Internet governance, set up by the Working Group of the Plenary, has sought earnestly to churn out a final, agreed text of Resolutions 102, 103, 133 and 180 (see background here) but consensus has been far from elusive on substantive issues. At the time of writing, the Indian proposal on the ITU’s role in realising a secure information society is yet to be introduced (early indications are it will be moved tomorrow morning). For the most part of this week, India has carefully stayed away from some of the more contentious issues that have consumed the ADHG’s time. At the heart of this debate is the ITU’s role in Internet governance which the Plenipotentiary has the power to modify, if it so chooses. Russia has been at the forefront of a small, but vocal group of countries (the Arab states being an important constituent of this group) that want the Union to play a significant “policy-oriented” role in Internet governance. This includes, but is not limited to:

1. An enhanced role played by the ITU secretariat and the Council Working Group-Internet in submitting reports to the UN General Assembly on Internet-related public policy issues (Res 102)
2. Acknowledging at the ITU that the “management of the registration and allocation of domain names and IP addresses must fully reflect the international and multicultural nature of the Internet”. (Res 102)
3. Acknowledging at the ITU that all governments “should have an equal role and responsibility for international Internet governance” (Res 102)
4. Encouraging ITU member states to “protect their Internet Protocol-based networks from unlawful surveillance….through the development of international Internet-related public policy” (Res 101)
5. Getting the ITU to express concern about the “lack of international legal norms, elaborated under the auspices of the United Nations…with binding force for States and other stakeholders, for governance and use of the Internet” (Res 102)
6. Asking ITU member states to “refrain from using ICTs involving the extraterritorial interception and monitoring communications in a way which violates the privacy of communications and users’ personal data protection” (Res 130)

The response, or to be more precise, opposition to proposals of the sort mentioned above have come from an equally vocal group led by the United States (with UK, some EU states, Australia, Japan and Canada being constituent members). Broadly speaking, their response has followed these lines of argumentation.

1. The ITU does not have the regulatory capacity or mandate to take on substantive themes in Internet governance.
2. IG principles have already been agreed upon in avenues like the NETMundial and ICANN dialogue processes, and do not need rephrasing or articulation at the ITU.
3. Amendments mooted (on issues such as submission of reports to UNGA, regional and international cooperation on cybersecurity measures) already find place in ITU text in some version or the other.

The reason or motive behind each specific proposal (or rebuttal) may vary but the underlying narrative is the same. On one hand there are those who believe that the ITU must take on greater IG responsibilities, while on the other there are those who want no change to the Union’s mandate. In the larger debate on a “multistakeholder” model of Internet governance on issues including, but not limited to the IANA transition, this schism is important to take note of. Some countries are clearly comfortable with the ITU, whether on account of their principled opposition to multistakeholderism or concerns regarding accountability in the MSM model. Sample, for instance, this debate on Resolution 130 on Friday night regarding “regional and international cooperation” on cybersecurity measures. The original proposal by Cuba read:

…invites Member states

to strengthen regional and international cooperation, taking into account Resolution 45 (Rev. Dubai, 2014), through the conclusion of agreements and implementation of measures to facilitate the reduction of risks and threats to confidence and security in the use of ICTs;

In addition to the several objections it had on this specific proposal, the United States at the end of a long (and exhausting!) debate suggested that member states be invited to strengthen ….cooperation with “all stakeholders”, which the Russian and Iranian delegations took immediate exception to. Russia was of the opinion that issues concerning national security is a matter to be handled by States and not non-governmental entities, while the Iranians were more direct. “Who are these stakeholders?” asked the Iranian diplomat, “would any person on the street be considered a stakeholder?” Iran elaborated its point further, suggesting that domestic agencies that are in charge of cyber-issues should consult internally with stakeholders but that ITU member states cannot be held to a resolution that “invites” (and thus puts a legal-moral imperative on) them to cooperate regionally and internationally with them.

The merits of these proposals and counter-proposals aside, it is clear countries that are mooting Internet governance reform proposalsnat the ICANN-level are making careful interventions to ensure that the ITU and ICANN universes do not collide.

For instance during a discussion on Resolution 180 (Facilitating the transition from IPv4 to IPv6), Russia led a proposal asking the Plenipotentiary to facilitate the transition “considering that”

c)that many developing countries want the Telecommunication Standardization Sector (ITUT) to become a registry of IP addresses in order to give the developing countries the option of obtaining IP addresses direct from ITU, while other countries prefer to use the current system;

The United States raised its objections to this proposal, suggesting Res 180 is on transition from IPv4 to IPv6, and “has nothing to do with registries.”

On the other hand, states that have raised objections to the NETMundial/ICANN dialogue have made a concerted effort to voice their IG priorities at the Plenipot. India has not offered a hint as to where it stands on this debate, but more should become clear as the delegation moves its draft proposal tomorrow (post on that to follow).