Global Principles for the Stability and Resilience of the InternetEuropean Commission

28 September 2011 - A Workshop on Security in Nairobi, Kenya

Also available in:
Full Session Transcript

September 28, 2011 - 14:30PM

***

The following is the output of the real-time captioning taken during the Sixth Meeting of the IGF, in Nairobi, Kenya. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

***

 >> ENRICO FORTI: So, ladies and gentlemen, thank you very much for joining this workshop this afternoon.  This workshop deals with the Global Principles for the Stability and Resilience of the Internet.  I will have the pleasure to moderate the discussion today with the panelists and as much as possible interacting with you.  So it will be structured in the following way.  And panelists, who will be introduced in a second, will have five minutes to ask to reply to one set of questions of what is, in their opinion, the most important challenge that we face to save resilience and stability of the Internet and whether we can do something about it and how.  There will be, of course, an introduction to these principles made by Antti Peltomaki. 

   So the sequence will be Antti Peltomaki will start and present these principles.  We'll have them -- Professor Michael Rotert, Chairman of the German ISC, will present more about what is their background and what is their interest in this session.  We'll have Daniel Wilson follow, senior policy adviser at BBC.  Andrei Robachevski is a programme manager of ISOC.  And finally Ben Wagner from the European University Institute in Florence. 

   So after the presentations by the panelists, we will have approximately 40 minutes to interact with you, so it's very important that you actively participate into this -- to this session, and we'll have the last minutes dedicated to the answers that will be provided by -- by the panelists.

   So let me start straightaway to -- from my left side by presenting to you Antti Peltomaki.  Myself, I'm Enrico Forti from the European Commission.  Sorry, I forgot to present myself.  I'm the last-minute moderator of the session.  It was supposed to be moderated by Andrea Glorioso, who was supposed to be here.  I'll do my best.

   >> ANTTI PELTOMAKI: Thank you and good afternoon everyone.  Looks like we have had a couple of sessions already in here where I think the Internet principles have been discussed, and I think that there has been kind of a an observation that there is certain kind of proliferation of different principles in relation to the Internet, but I think that already -- there has been production of the principles when it comes to the question of Internet resilience and stability, and I think that that's where perhaps kind of a recognition that the networks are really kind of a critical infrastructure for all different kind of socioeconomic activities, and I think that they are really playing a role in our lives and boosting economic growth, and, of course, that's why we all recognize that there has to be kind of a concerted action, really, to make our best to have the stability for them.  And I think that there is incidents for years that could majorly cause economic and social damage, and I think that that has been also the reason why the European Union has also been rather active in producing a certain kind of a policy.  Guidelines, communications, we are trying to really emerge, so I think that inside of the -- among the Member States what is the Government line and I think not only on the (off mic) but I think not only in the private layers but the civil society as well. 

   And I think the first communication and first action plan on the critical infrastructure protection was 2009 to 2011, and the action committee worked with the members for the guidelines and principles for stability for Internet, and I think that you are having principles available for you.  I hope that you have had the chance, really, to go through them, and I think that that's where perhaps we could say that it's based very much on certain kind of general headlines I refer to.  For us it's the role of the public in ensuring the appropriate level of the preparedness, and I think very much, then, also the observation and I think that underlining the importance of the stakeholder approach as it's really kind of a question of the public/private partners that has to be in place, the EU security industry markets, and I think it's very much the European point of view, which I think makes kind of an observation that we are much better off if our industry is strong in this field.

   The risk management culture, openness and interoperability, open standards, cooperation and mutual assistance, promotion of tools such as (off mic) education.  And I think also there is guidelines where I think we have tried to clarify among the European players who should be active on different principles, really, to start thinking of more actionable ways and means to address these issues.  I think, of course, we tried to lay out kind of a certain kind of common understanding what are the basic values and then principles that are directing our work, but, of course, I think that the challenge definitely is there that how to then define the next level of what should be done and by whom and what type of procedures, and then models we have to have in place.

   But I guess that perhaps I should more or less say that this is very much where I think that there's ongoing work, but I think that the basics of these principles were meant -- were developed together with the Member States experts that they are not only guiding our work in Europe but they are our contribution also to wider global agreement on what are the basic principles that should guide whenever we really start thinking of what type of arrangements we are having in place in the European Union.  Thank you.

   >> Thank you very much, Antti.  I'm now passing the floor to Michael Rotert.  Thank you, Michael.

   >> First let me thank you for inviting me for this event and giving me the opportunity to give my ideas about the resilience and stability of the net.  First a few words to ECO why I'm sitting here at least.  ECO -- it's a German association, 550 members, but we are also running the DE-CIX, that is the German Commercial Internet Exchange where a couple of hundred providers from all over the world are tied together, and it's one of the three major Internet exchanges we have in Europe.  It's the largest one.  It's also the largest one of the world currently from my knowledge, and we have, as far as I know, at the exchange, a throughput of approximately two terabit per second.  So it's quite a major part of the stability and resilience of the net.

   But let me come a little bit more to the infrastructure as such.  We all agree, I guess, that the Internet is a critical infrastructure, so it's essential to maintain its stability and reliability.  It's a network of networks, and therefore you cannot see the Internet as -- consider the Internet as a single point of failure.  There is no single point of failure.  And the design of the net coming from the military area was designed as being redundant and of course a little bit of resilience already built in.

   Regarding the structure of the Internet organizations as we have ICAN or WIPE, which does all the addressing in Europe and part of Africa, to my knowledge, are strongly -- strongly committed to scalability, diversity and robustness.  And this is true for most all of the ISPs and the exchanges as well, and therefore I'm pretty much confident that a collapse of the whole Internet is something I -- I don't see.  But it's not the network on its own.  Resilience and stability of the net is also relying amongst other partners on power suppliers, and who wonders, stability and resilience of power suppliers may also rely on the net.

   So what I'm saying is we might miss one of the multi-stakeholder -- one stakeholder, the power suppliers, when we're discussing these issues.

   Well, those are the basics.  I brought with me, which I will come back later, two theses which I think are worth it to discuss that give a different view, not on the core infrastructure, but then I will come back more to the application layer.  Thank you.

   >> Thank you very much.  Now I'm giving the floor to Daniel.

   >> Thank you very much.  I'm delighted that the BBC can be here to contribute to this workshop alongside such distinguished delegates, and the European Commission in particular has taken a proactive -- an important role in Internet Governance, which we welcome and want to continue to support.

   But if I could turn to -- you've been subjected to my slides for some time now, and if those could come back up to my first slide in one moment.  I think I'm going to follow a similar theme to the point that Professor Rotert just makes, the value chain and the stakeholder involved in Internet resilience could be looked at in a much broader context.  So in my first slide I want to talk about the Internet to the BBC being much, much more than just the infrastructure, much more than power providers and various bits of infrastructure, whether it's the middle, end or all of that.  But actually about the content as well, the pipes and the poetry of the Internet as it's called sometimes in the U.K.

   The BBC makes its own contribution to the infrastructure of the Internet.  In fact, we're contributing, for example, 600 million pounds in the next six years to super-fast broadband in the U.K.  But we also contribute to other parts of the broadband infrastructure, and the fundamental mission of the BBC is around content.  So when we talk about resilience and stability of the Internet, yes, we should be talking about technical resilience/stability, but I think we should also be talking about the stability of the delivery of the poetry to consumers, because it's that poetry that service the content, the applications which are delivered by M structure, which can drive infrastructure's take-up and investment in infrastructure.

   So we certainly welcome the commissioners' proposals but also their recognition in their document where they underline the core values, such as the right to receive and impart information, and also the denial of this right in Arab Spring.  That's something which I want to focus on.

   It's not a problem that the freedom of expression and solely related to the Internet.  You may have seen, some of you, a protester in the Syrian protest recently holding up a sign saying, thank you, BBC.  Well, at the same time as that was being held aloft in those protests for the impartial news that the BBC was bringing, not always 100% right but certainly striving to be impartial amid a sea of misinformation.  At the same time BBC services were being jammed from within Iran, and that was the BBC's TV service.  It happened on satellite and so it happens on the Internet.  It's not a new problem either.  The BBC's Web site in China for the ten years leading up to the Beijing Olympics was at times wholly or partly blocked.

   I think this problem is also a growing problem, growing particularly because the Internet is more important to the provision of news.  So, for instance, the BBC's use of -- international use of the BBC's news is up 30% on-line in the past year and 500% on mobile.  So it really is a massive platform for where people get crucial information as to how they make their Democratic decisions and get involved in civic life.

   So we don't have all the answers on -- on solving Internet blocking, for instance.  Certainly there are some lessons from satellite jamming where the ITU has played a useful role in raising some of these issues and we've worked with other international broadcasters, but we do have a multi-stakeholder approach and working with the European institution, the international institutions like the IGF can be a core component of this.  Thank you very much.

   >> Thank you very much, Daniel.  Andrei?

   >> Thank you.  My name is Andrei Robachevski.  I work for the Internet Society and I would like to thank the organizers of this workshop for inviting me and giving me an opportunity to comment on the principles and some of my opinions.

   When you ask about the challenges to stability and resiliency, I would like not to talk about technical terms but maybe look at some other challenges, like I think one of the challenges that -- in responding to legitimate concerns and real threats regularly is we fail to find the right balance between objectives of guarding security and the organization of corporations themselves.  They are crucial to the Internet.  And while reading through the principles I had a feeling that the authors share this concern.

   Just to give you an analogy, let me mention the Locomotive Act that was part of the United Kingdom back in 1865.  While this act required self-propelled vehicles on public roads in the United Kingdom to be preceded by a man waving a red flag and blowing a horn.  Why?  Because the beagles at that time were considered dangerous.  A few pets were killed and that was kind of a measure.  Well, this measure basically stole all innovation in the automotive industry in the U.K. for the rest of the 19th century.

   There is a certain tendency to look at the solutions at the national level.  I mean, it's completely understandable, but as a matter of fact the Internet -- things that disability often happen outside national borders.  Seeing this type of solutions, ignoring this type of solutions or trying to substitute, you know, for that complexity may lead to fragmentation of the net and hindering of its innovative potential.  So a fine balance should be found here.

   We think that the real answer to improving stability and resiliency lies in international cooperation and multi-stakeholder cooperation.  The Internet causes a paradigm shift in stability and resiliency of national structure but also how people access concealment, receive information on the Internet, there needs to be dialogue and cooperation concerning the long-term impacts of concrete actions.

   Another thing I wanted to point that the history of the Internet tells us that mutual support moves us farther than (off mic) solutions.  It has been traditional in the Internet community to have collaboration to resolve situations and work proactively to prevent issues, and that needs to be recognized in terms of its effectiveness.  Thank you.

   >> Thank you very much.  I'll give the floor to Ben.

   >> Thank you very much.  My name is Ben Wagner.  I'm at the European University Institute of Florence, I'm an academic working on mainly the Government's expression and I'm also currently organizing the Dynamic Coalition on freedom of expression which will have its meeting right after this session in workshop room 1 right next door if anyone should be happening to want to go there.

   As a point that's closely relate to do this framework I'm also currently working on the global study of privacy and privacy laws in different parts of the world for UNESCO and perhaps there are people in the audience who might be interested in developing that.  I think that there's a question here and when we're talking about resilience and stability, and the importance of the term is evident.  I don't think there's anybody in the room who would seriously question this, but I think it's important to preserve the resilience and stability of the a free and open Internet, and this is a stability of expectations and a stability in Government structures.  The expectations people have that when they use the Internet, that they will have a guarantee of basic rights and basic principles that they can expect when using it.  And it's promotion of trust, both in protection of personal data but in the expectations of speech is crucial to achieving this stability Internet that we're all hoping to achieve. 

   It's also known from the Arab Spring example is extremely pertinent, that when the Internet is restricted either through cutting off the Internet completely or filtering it or blocking it, this creates problems and difficulties and referring to one of the previous speeches also from the European Commission, I think it's important to recognize that the Internet is not only a social and economic space but also a political one, and it's political component and dimension should not be ignored or forgotten especially in the context of resilience and stability.

   The way the Internet functions and however stable and useful it can be, it's so part of our social fabric that it will only be useful and an Internet that we are able to use and able to function in a way that is useful for the societies we live in if it remains this free and open Internet, and to that point I'd also like to suggest, it was mentioned by one of our previous speakers from the European Commission, the strengthening of the Europe security markets.  I think this is important but it's important within the boundaries of clear ethical frameworks, and I think that if European countries, as is currently the case, are exporting censorship and surveillance, which also uses part of the Arab Spring, this is not helpful for the stability of a global Internet in which we hope to develop both at an economic, political and social level.  And having looked at the statements made by the previous speakers but also at the document prepared here on the resilience and stability principles, I think that it's an excellent first start and I think there are future discussions that can be had on this which will be extremely valuable. 

   While I agree with many of the previous speakers that the rights aspects is certainly mentioned, I think it's important that this is strengthened and it's raised further.  There's a certain argument made here that Human Rights frameworks and Human Rights within themselves in a document such as this must come first, even if we're talking about resiliency and stability.  So I think at the end of the day when we're talking about a resilient and stable Internet, it's a Internet that promotes trust.  It can unable social, political transformation but also trust it will be open and safeguarded.  I think if we're trying to move toward a resilient and stable Internet it's the sort of Internet we need.

   >> Thank you then.  So I'm now opening the floor.  I would just as a brief introduction thank you for -- to the panelists first of all.  I have a request -- but just as an introduction to the next round, first of all I'd like to welcome a member of the European Parliament.  I will give her the floor after a few words that I want to say.  This workshop, of course, is a very good opportunity for all of us to have a sort of common understanding.  I think that this was a bit the exercise that was meant to -- the objective of the exercise of this -- designing those principles, and to have an exchange, a wider, I would say, exchange, on only the European exchange, with a wider audience and confront those principles with your views.  So before giving the floor to Teresa that asked for it, I would suggest in your intervention that you introduce yourself, number one, and then you have the possibilities to, of course, add what is in your view the challenge, the major challenge in this context, and of course all the comments to the previous interventions are welcome.  So this is a sort of package intervention that I would invite you to provide.  So I give the floor first to Teresa.

   >> Thank you very much.  Welcome my friend for giving me the floor.  I just want to say a few words on what our views in the European Parliament on this very interesting subject.  Of course in the European Parliament we are completely aware, and of course we share the opinion that the silence is needed.  We also share the (off mic) to that conclusion.  Internet is a critical infrastructure on which our lives and prosperity depends, that it has become essential for the modern life.  For that reason it is increasingly used by consumers, business and Governments, et cetera, and all this led to a growing dependence of our societies on the Internet.  This increasing dependence, together with the increasing sophistication of service, gives the Internet more vulnerability and this vulnerability will require greater resilience and stability.  That is clear.

   We have heard also many times in this forum that we all share the responsibility to make the Internet more reliable, and of course European Parliament is not an exception.  On the contrary, European Union elected by all citizens, we are ready to work with the European Parliament to get solutions (off mic).  Our aim is to establish a strategy in the context of the action plan of the European Commission that already Mr. Peltomaki mentioned a strategy to assure an appropriate level of readiness, and a stable and long-term framework to guarantee the resilience and the stability of a -- to allow stakeholders to know their rights and obligations and for the (off mic) without undermining Internet's resilience.  In this sense we believe that the -- it's of crucial importance that public authorities work hand by hand with the private sector, with the civil society, and with international organizations.

   From European Parliament we are convinced that we should -- that we should work in that direction, but always according to the core values that we are at -- that they are at the very origin of the Europe processes.  For us, choosing legal solutions to save the stability and resilience of Internet should not undermine the respect for human dignity, freedom, democracy, equality, the rule of law and the respect for Human Rights.  Even more I personally think that the Internet stability and resilience are preconditions for the full enjoyment of fundamental rights and freedoms, not only in Europe but also at the global level.

   In order to get these targets we agree that several actions should be taken.  Some of them were already identified by the agency -- by your agency (off mic).  Let me just mention a few of them.  We are convinced we need to understand the lessons, which should be achieved through investigation of the events.  We need to ensure the collection processing, storage and performance of data.  We need to share information, best practices, and also to (off mic) important decisions which should be the traffic in case of crisis, these make a lot of sense and are very important to the discussion.

   Forgetting all that, from the European Parliament, we may contribute in many different things.  For instance, we think that we can contribute, for instance, in supporting founding key research on topics of resilience, especially now that we are starting to discuss the new framework programme, we can contribute working in the (off mic), we continue to promote international cooperation, as already was also mentioned here and to support many different actions in some areas that we could learn also in this forum, and of course I have been listening with great attention.  My question to the panelists will be, what else we can do from the European Parliament in order to support such important issue.  Thank you very much.

   >> Thank you very much.  There's a question.

   >> My name is Maciej Tomaszewski.  I'm the remote moderator.  We have a question.  The question is, the view of public authorities being compliant with Human Rights and openness as well as (off mic), don't you consider that all governments before implementing Internet restrictive, should be impact or such decision in terms of the consequences for the DNS that blocking itself (off mic) the circumvention actually calls.  So the question is more or less about the impact assessment.

   >> Right.  So I'm giving the floor to Ben and also to Michael, but first Ben.

   >> Thank you.  I think I could answer that question quite easily by saying yes and that would be it.  It's an interesting question, and I think there need to be more steps undertaken to assure that it's not just the potential impact that is assessed but also long-term studies help in understanding the extent to which by filtering the Internet or disconnecting from the Internet can fuss the people that rely on it and also the longer term social and economic fabric which is interwoven with the Internet and which can't be fully separated from it.  Thank you for the excellent question.

   >> Thank you very much, Michael.

   >> Well, I already promised before that I -- I have two declarative statements, but one of the statements now perfectly fit into the question from the remote, and also to what the parliament told us.  That is, the more functionality or security measures edit to the core infrastructure and which may not be essential -- may not be essential features for the technical transport layer of data, the less resilience and stability of the core infrastructure you will have, which means -- Ben mentioned it.  If you put the inspection, if you put blocking and filtering at the transport layer, which means ISP level where all the lines are running, this has an impact on the stability of the network, which cannot -- which I think is currently underestimated, because when you have blocking this, for instance, with 10,000 entries or 15,000 entries according to a study in Australia, you may have a performance degradation of the net by something between 25 up to 75%, depending on the filtering technologies you are using.  And this is -- I would say where the Human Rights issues are meeting the technical issues of the net and both should be considered whenever measures on protecting whatever part of our population are -- are considered or discussed.

   >> Questions from the floor?  Yes.

   >> My name is (off mic) and I work for net node and we run a exchange point in Sweden.  (off mic).  We are one of 30 DNS (inaudible) servers.  I believe the discussion here and I think there's a fundamental piece missing here.  And that's what you mean by resilience because the very fundamental, resilience is to have data that someone wants to access in some -- during some point.  And the data has to be resilient, the receiver has to be resilient and the path has to be resilient.  That's true resilience.  Most of the time we talk about the Internet as a critical resource, we assume it is because they have to distribute information that is very important, most likely in terms of national crisis.  In most countries in the world I wouldn't even know what that Web site was.  I wouldn't know what the data is they were trying to distribute.  That's a very fundamental problem.  Which is the data we're trying to get to?  If it's a crisis in most European countries I think that for example, probably one of the most important storage because there is no Government (off mic) which is digital certificates, this is the Government trying to communicate to citizens. 

   And I think we have to first decide what is it we're trying to create by resilience?  Either we try to do a systematic -- a system resilience and try to improve the Internet in Europe or the world or whatever, and that's good too, and that's quite easy to do.  Europe has the most number of Internet exchanges in the world.  We are the most interconnected, most densely networked place in the world and the European network is the most resilient piece of it.  Incorporate -- it's very easy to do, just requires deregulation.  That was irony, by the way.

   So I think that the question to the panel is exactly what is it we're trying to make resilient?  Is it day-to-day network operations or is it some critical information you believe we have to distribute?

   >> Thank you very much.  Any answer for the key players here in the panel?  In particular maybe from the BBC, how -- this question of what are you trying to get resilient.

   >> Sure.  In terms of how you'd prioritize or single out particular data on the Internet as being of a special importance, I don't have an answer.  I mean, clearly that would be something of great value.  But I suppose where I come at this is, as I mentioned earlier, the lessons learned from other platforms, and the BBC at the moment has a duty on its linear -- on its linear platforms, on radio and on television, to in emergencies broadcast emergency programming at the behest of Government, and it's one of the very few areas, actually, where Government can give orders to the BBC in matters of genuine national crisis.  There's a clear blue water between the Government and the BBC in other areas.

   So I think an interesting question in response to that is to what extent do you need to also look at complementary means of dealing with crises when potentially the whole of the Internet is inaccessible.

   I just quickly want to pick up on the point made a moment ago by Professor Rotert about the technical rights of Human Rights issues, because I think you're absolutely right and I also think it works the other way when you look at what happened when the U.K. Government recently talked about potential restricting access to social media.  It wasn't primarily -- I think the political arguments that dissuaded them from doing that.  It was meeting the major companies involved, the Googles of the world and I think the BBC was involved in discussion, and it was around search engines and the difficulty of achieving the political/social goals they were trying to achieve because the technical means couldn't deliver that.  So I think it plays both ways in that sense.

   >> You want to add something?

   >> Yeah.  I think if we talk about resilience, not quite sure which resilience, without propagating something which might be difficult.  If you look at power suppliers or if you look at water suppliers, you can ask the same question, and I think you have a certain resilience in power and in the water suppliers running into each house.  So the same resilience should be on the net, and I think we're on a good way, but that is nothing for leaning back and saying, well, we're safe and sound.  Because there are a lot of incidents and accidents which may happen somewhere in the world which then are breaking the resilience of the net as they can do on the power lines.  We had the incident in Germany on the power lines which reached down to Spain and everywhere.  So if we have the same resilience as on power and water, I think this is a level we should be able to achieve and I believe we're quite close to it.

   >> Thank you very much.  Andrei?

   >> I'd like to make a comment on the resilience, I think resilience in the Internet lies in distributive nature and diversity, and this diversity is achievable through open standards.  So I would say things filtering or, you know, blocking or some modifications of the standards.  They are not improving the resilience, they're decreasing the resilience.  That's one point.

   Another point, compared to other infrastructure, Internet in many cases prove to be more resilient.  Like, you know, Japanese tsunami, certain -- like power grid was down, the Internet continued to function, and that is not because this diversity was mandated somehow but because of cooperative nature of the Internet and here to come to my previous point when there are matters we make, we need to find ways not to hinder this collaboration and mutual support.

   >> Thank you very much.  I would like to invite the floor to share some experience and -- please.

   >> Thanks, Mr. Chairman, and (off mic) Italy, the Italian parliament.  I think that the only way for guaranteed stability and resilience is the open access, not neutrality, because other states are very difficult and dangerous.  We have in Italy a large debate about Internet neutrality.  A proposed (off mic) is difficult but is possible, we hope.  Policy proposal along neutrality prohibition against blocking, prohibition against discriminating, full task (off mic) against wireless platform.  I feel that this is -- the point now of Internet stability, Internet freedom.  (off mic) Italian professor wrote the Bill of Rights in Internet Government forum 2005 -- '6.  The point of view is that.

   >> Thank you very much.  Other intervention in that field?  Touching upon that neutrality, which is hot subject or --

   >> (off mic)

   >> Yes, please.

   >> Hello, my name is Maria (off mic) and I work for the Swedish Government.  I would like to echo my -- well, fellow colleague from that note and I would like to add a few things, because I think you are mixing up a lot of things here in this theme.  If we talk about resilience on a cable basis or are we talking about the content or are we talking about the -- well, what layer in the -- are we talking about?  And all these different layers have different problems, challenges, and of course different players that are actually running the different services or resources or whatever you say.

   So I think it's a little bit confusing discussing all of this in one go, as -- that's all I have to say.  Thank you.

   >> Well, actually I think that the idea was to present the broad principles.  Of course the idea here is not to resolve the question of resilience.  That would be very ambitious and we're not going to even resolve it in the five minutes the panel has had to intervene, but we're trying at least to share some views, and it is true that of course the question of the resilience on -- I would say the -- where the target of the resilience should be, should be on the network, should it be on the data, is a question, but I suppose that this is a question that is encompassed in the overall discussion that we have to go ahead.  I don't know if one of the panelists want to react on this question, and I have also myself another question, what would be, in your view, and what is up to now and what should be the balance between the role of the public authorities and the private sector in making sure that these principles are a good basis and that could be elaborated.  I don't know, maybe if Antti wants to --

   >> Yes, there is still having something (off mic) what is the resilience.

   >> Please, have the floor.

   >> I was going to offer to help you with the definition of resilience.  So we have actually done a lot of work with governments and other parties on resilience, and if you make this in the most simple thing, there is two users of resilience, it's me as a customer to my ISP and the level of resilience is between me and the ISP.  The more I pay the more resilience I get.  There's no public -- there's no public interest in it.  It's only my desire as a customer of how much I pay.

   The other piece of this is me as a citizen, who in case of -- I mean, I'll state an example.  When as a kid I grew up in Finland we used to have phone books that said in terms of crisis, we should go inside, close the doors and windows and turn on the radio and wait for instructions.  It has happened today.  You can see what everybody does is they go to the newspaper Web site and click reload until the page uploads.  Better it would be if there was a system that I as a citizen knew to get authority -- I knew it was authority information what's happening, I knew where to go.  Unfortunately, we heard the BBC apparently has some demands to publish this information on radio and TV, but (off mic) have to do this (off mic) probably not.  And I actually think this is more interesting, is that how do you sit -- the Government communicate to the citizens in the 21st century if we have a new crisis, and we do.  We've had it in Europe, we've had it in the rest of the world.  How do you get this authority information out?  That's a different level of resilience that is of interest to -- of public interest and something that might be worth discussing and contributing.  I understand the panel would like to talk about Human Rights and freedom of speech but with all due respect, that's actually (off mic).  All the carriers, in order to achieve resilience will have to do some form of measurement just to make sure we have enough capacity.  It is happening every day.  It's not traffic as Human Rights but the tools are there, but for resilience what we have to do is to define what is the data we want to make resilience available to whom?

   >> Thank you.  I think that maybe the panel wants to react.  No?  So other questions?  Please.

   >> Thank you.  I am Pierre (off mic) from Belgium, and I would like to share with you a particular experience regarding net neutrality in Belgium.  So last year there was a judgment between the main newspaper in Belgium and Google about a copyright, and after this judgment, which was bad for Google, Google decided to suppress the indexation of the main newspapers and so it last one week and during one week it was not possible to reach the newspaper through Google.  Eventually it was possible to find a solution, an agreement between those parties, but to my opinion this question is -- can constitute an issue regarding the freedom of the press.  Thank you.

   >> Thank you very much.  Any question?  Intervention?  So what about the -- the question, European, I would like to challenge the panel on the -- what do you feel the responsibility is?  Again, I mean, I would like to make clear that we understood that maybe the target of the resilience has to be a little bit actually defined, but in your view, what is the share of responsibility between the public authority's intervention and what kind of intervention could be envisaged, and the role of the private sector?  This is my question to the panel.  Any ideas?

   >> I'm not so sure if I have any ideas, but that at least I can try to -- perhaps I will very much turn this question back to court, because I think if you ask all of Europe, what is the data that we have to make resilient, of course it might be understood in political terms.  It's much, I guess, closer if you are thinking of the whole of the network and I think if you are concerned if it's -- that it's really functioning as it's supposed to do, what are the technical issues that we have to address, what kind of layers in that respect, and I guess that then I really turn to you and I ask you the same question, perhaps we think about the political answers, then we are having expression, it's hard to say whether it's Human Rights or whether it's freedom of expression or our lives -- or whatever.  Whenever we have been doing this kind of CIP communications and of course it has been always kind of a rather heavy exercise because we are having so many players on the field, and I think it's exactly the public and private sector and the kind of (off mic) model, and I think whenever we're trying to address these issues, the most -- most networks are private owned and privately run and I think then it's very much a question of what is the role for the public to address those issues, and whenever we discuss among the (off mic) members, there are a lot of sensitivities who should really be deciding on those issues, and then what is the role for the European Union in relation to back to the Member States also. 

   But I guess the challenge is there really to define the core on the basis of -- perhaps now we are still on the level of the principles, but I think that then -- I think that two rounds of these communications that we have agreed among the Member States, I think that it's definitely kind of an uphill struggle and I think it's a question of how you really define that the two should be involved and how they should really start to cooperate together.  But I ask devil what the responsibilities are, we have a lot of responsibilities in this game and they should be partly responsible for having an understanding what are the kind of political view and what is the kind of data take has to be resilient, and I can that the technical community has to be -- I think that the technical community has to be kind of telling me and my colleagues what to do.

   >> Thank you.  I think that Ben wants to intervene.

   >> Yes, just a follow-up on the questions on the type of resilience we're looking for and to follow on on the comments that were made here.  I think that it's very important to see that the public sector is essentially providing a framework within which this resilience and stability is possible, but also to see that the private sector is equally important because it provides a huge amount of plurality within that framework, different views, different opinions, different suggestions, different ideas, and when you ask what's the data that we will need in a time of crisis and what is the critical infrastructure going to provision that, I think my honest answer to that would be, we can't know that in this room, because this is the data that we don't know about yet and the public authorities in these situations may not be capable of providing.  And the more we're able to give individuals the ability to access as much information as possible and to make up their decisions, this plurality, at least in the system of governments we tend to live in, will ensure that this information gets to the individuals who need it. 

   And from my own experience of living through the riots in London several months ago, with all due respect to the BBC, who were extremely valuable and important source, it was always noticeable that simply for production reasons and basic problems of scale and structure, there was a several-hour time gap between things happening on the ground.  I was living in hackney at the time and it wasn't the nicest place to be and the BBC would report but they would simply report hours after because they need to collect the data, verify it and put it up.  And in this time, in this space between the ability to get good reporting out, it's necessary to create opportunity structures in times of crisis, whether it's through social media, through Twitter, through any other important data that can be reliable, and these opportunity structures allow you to get a rough understanding of a very important question, is it safe to go out on the street right now or should I stay at home because the streets downstairs are being smashed up or there's youth coming from different directions and I'm not quite sure yet where they're coming from?

   So I think that the being sure about this danger is not a question we can answer, but we can safeguard the plurality to ensure that this will be possible in the future and restricting social media in these regards would have precisely the false impact because we would be depriving people of the opportunity structures they need between getting ahold of the information that matters to them and making the decisions that are important to their lives.

   >> Thank you very much.

   >> I certainly agree with Ben, also living in London and the hackney at the time, but, you know, that different media play better in different situations, and what we see more traditional media, the BBC was also tweeting from their journalists on the ground and using social media too, was the ability to provide the context analysis and get the oversight of having a team of journalists across the city, across the globe for other stories.  So I certainly agree.

   And I also agree that social media has changed vastly since -- I think three years ago I heard stone talk about the social -- between Twitter talk about the social alchemy of Twitter, the example he chose to use was how a friend found out he was in Boston airport at the time sitting in a bar waiting around with nothing to do, and that was to him the social alchemy.  Well, I think Twitter can do more than that in recent events, in Arab Spring, in London and many places show that.

   I suppose to come back to what type of resilience we're talking about, I think there is a sliding scale, and I think while Ben is right that we can't know what information is the most essential or we can't -- we can't predict what information will come of use at times of crisis, I utterly support the notion that we need to keep as much information available, as much information on-line as possible.  I think there were some things like -- there are some things, like, for instance, like the floods that there were in England a few years ago, where knowing which roads were open, knowing how to contact the local authorities was crucial, and that was done primarily by local radio.  But there are some bits of information in some situations where I think you can say one source is likely to be more useful than others.

   But I think the point on neutrality raised earlier, I mean, I do see that as a more distant area of resilience, but I do think it is relevant to the resilience debate because it's about the long-term resilience of the Internet ecology and, you know, comes back to this point that private companies will not be incentivized to invest in the building out the distribution networks, making those distribution networks viable and resilient unless there's a consumer demand for the consent in the first place, and I think we can't forget that interdependency.  Yes, it's not about crystal infrastructure, technology and solutions, which clearly need to be looked at, very important, particularly for military/political reasons, but, you know, it does matter to the long-term resilience of the Internet as a platform.

   >> Thank you very much.  One question and then --

   >> Hello.  I'm Martina (off mic).  I think that this discussion has to do with critical infrastructure in many layers and so brainstorming, we may look at legal framework solution when the resilience is not there, but going, let's say, to the basic infrastructure of the Internet, the network itself, which is by default resilient, do you still think we may need a legal framework for that if it is resilient already?

   >> Thank you.  Okay.  That was just the direction I had in mind when I asked for the floor but you came first.  What do we need authorities for or what do we need governments for?  I think you raised this question when you talked about the second round already, or where would you put the governments in.  I think the maximum I can see, and that is -- but that would be the most important point is coordination function, definitely not hard law or directive function. 

   Coordination function, in my sense, is very important, because that leads me also to my second declarative statement, which is putting more security and resilience into the core infrastructure, which are the basic -- the hardware, cannot compensate lack of development and implementation of services and applications.  So on one side we're talking about the applications, like social networks and everything.  On the other side we say, well, we have to preserve, for whatever reasons, the technical infrastructure, and I think there needed to be someone in between and talking to both parties whenever you can define them or not, and coordinate those functions.  Because there are a lot of applications around which are lousy implemented which may have effect on the network as such, and no one -- and everyone blames the other one and then people may ask for laws.  But I can tell you, and I talked to the German Government a couple of times and they said to me, well, what about self-regulation?  I mean, self-regulation, you cannot self-regulate everything everywhere, because there must be a little bit of legal certainty some places, but if you make hard laws for everything, then you will definitely fail.  It just takes too long.

   >> Thank you.  I think Andrei asked for the floor.

   >> I just wanted to make a comment.  I think to make this discussion more tangible, it would be helpful if we discuss what kind of problem we are trying to solve.  Because there are different contexts that we can think of, and while the Internet is not everywhere resilient, but -- for instance, this continent -- in many countries the Internet is not resilient, and there are certain matters that can be taken -- certain solutions that can be applied to make the Internet more resilient, like (off mic) more Internet exchange points, for instance, bringing local content to the country, for instance.  So this is what -- I can see this is a problem and we can discuss a set of solutions and we can discuss a set of principles that we will follow to achieve those solutions, but I feel if we just, while in general discussing how we can make the Internet more resilient and stable that makes it not very tangible, you know, for real outcomes.

   >> Thank you very much.  We have a question over there.

   >> Patrice Lyons.  I am corporate council, Corporation for National Research Initiatives, and I don't know if you would permit me an observation rather than strictly speaking a question.  Would that be acceptable?  Thank you.  My work on the Internet, and I won't bore you with all the details, but I go back to the '70s, '80s, the early days, and I was actually counsel to CNI at the time when Bob and Vince Surf were working together to move the Internet out of Government.  And as counsel in setting up the IETF and the Internet Society and a lot of the procedures, there was considerable confusion about what it meant to be the Internet.  And at the time I asked them if they would get together, and here's the basic group that brought you the Internet, to actually come up with a definition of what they were talking about, because I found that I needed it for explaining for legal purposes what this was.

   So they did, and the definition is still up -- in those days we had a federal networking council that we had to go get permission in order to have a commercial use, and then gradually that changed and then the Internet really took off.  But I see here there's a lot of reference to different concepts, and I'm going to quickly give you top-level what I understand.  The Internet, rather than being a network, the group there that was assembled agreed that it was a global information system.  The key factor was IP, its logical extensions and follow-ons.  TCIP, its logical extensions and follow-ons or other IP compatible protocols, the applications that were made available in that environment and then the enabling communication's infrastructure.

   So in essence the Internet is the protocols and procedures.  It's information.  And I think there is sometimes the notion that it's in the bits and bytes and we even had someone saying, well, the pipes, pipes in the ground.  No, no, no pipes.

   Bob Kahn, in the course of the working group on Internet Governance, we put in a paper where instead of having things layered, we actually suggested that the technology was moving away from the layered approach.  We had a more integrated approach, that you'd be able to see through the layers for management tracking and various very important issues, especially from a security perspective, and we were particularly interested in managing the information at various levels of granularity, and I won't get into the details of that right now.

   But essentially with the mobile environment, Vince and Bob had done a paper, the world of no bots, the late '80s and here you had the mobile programming environment, you don't say, whoops, got to go around, go someplace else.  It was a managed environment, and in that context it becomes a lot easier to address some of the issues in the mobile area and there's been a lot of discussion here about the mobile Internet.

   But if you want to get the basic definition it's still up there from 1995, if you do FNC Internet.  And the resolution that addresses this, after considerable discussion they came up with this, is still there, and it might provide some guidance as we move forward here.

   >> Thank you very much for this extensive view on the --

   >> Please forgive me.  I went on, perhaps, into too much detail.

   >> Thank you.  Are there any questions?

   >> A quick comment.  I'm (off mic).  Co-founder and spokesperson for citizen advocacy group.  I feel bad for two reasons.  First of all, because I missed most of the panel, and second, because I have to restate what I said already in other working groups.  But one of the core principles of the Internet, we are defining it here, is its universality.  It's the fact it's one global structure, one Internet for everyone, which is the same everywhere on the globe, everywhere where you're connected to the Internet, that is.  This universality of the Internet is under attack, a complex question of net neutrality, which is an empty term to define which network management policies are harmful to fundamental freedoms, to innovation, and to competition, and which are the network management policies that are part of an operator's job to maintain infrastructure and make it grow properly.  But also the universality of the Internet is under a threat by those so-called voluntary measures that are pushed in the throats of every Internet actor.  I'm thinking of the actor agreement, and its measures to further infringement that are being imposed under the threat of criminal sanctions for aiding and abetting infringement on a commercial scale, which basically could mean anything that goes big on the Internet.

   So this is -- this is a major trend today.  It is reflected in the conclusions of the G-8.  It is reflected in the OEC guidelines for Internet policy.  It is present in (off mic) commissioner for market, internal market and its IPR guidelines, IPL strategy.  So I would like to after the comments maybe, the people of the panel, what about this conflict between the global Internet and those -- those measures being imposed in the name of copyright?  Sorry for the trouble.

   >> Who wants to take the risk?  Any ideas on this challenge?  This was a challenge.  We asked for it.

   >> Yeah.

   >> Please.

   >> Well, I think this is a very specific aspect we're talking about with the copyright infringements and all the copyright stuff.  You may put it down to the area of it's a problem of the rights holders industry rather than of the artists or whatever you have, and what I can see here is that this industry is made obsolete by the rights holders' industry.  It's made obsolete by the Internet.  There have to be found new ways as in other businesses to make good use of the Internet for the sake of the artists, and they just have to rethink their model of licenses.  This is why we can talk about copyright infringements, because someone licensed it.  Because that was -- that model came from a time where we were talking about continents and times between the -- making films and movies public, and this is no longer -- this does no longer fit into the Internet environment, and therefore I think it's no reason to cut people after the Internet because they find something on the net which they download then.  The artists and this type of industry has to find its way to protect themselves in the Internet as other industries did in the past as well.

   >> If I may, a very quick follow-up, I agree on that, but it's not exactly my question --

   >> One second.  I would like to give the first floor to Ben and then to you again.  Thank you.

   >> I think to respond to that question as directly as I can given the context of this panel, I think it's relatively clear from the -- from the academic research I've seen on various means of enforcing copyright infringement through filtering package inspection, that attempts to filter out certain types of content from the Internet, automatically make the Internet brittle.  We've heard this from the industry associations already here on the panel, and this brittleness is simply a question of competing goals and competing interests.  Are we prepared to accept a lesser resilience and lesser stability of the Internet in order to ensure that this -- the interest of this group are enacted and perceived as such or are we not prepared to accept that?  This is a balance that needs to be found and made in the form of competing rights.  There's not necessarily a solution where we can forget copyright and where this will be the beginning after new world.  I think that there are certain rights there which need to be considered, but the question is a question of balance and finding an appropriate proportion solution to what may be legitimate rights.

   So I think that not just filtering but also the more general question of how we consider the rights of certain interest groups in the Internet really needs to be balanced until the overall goal of globality of the Internet and its values because we may find that coming towards certain proposals or developing certain solutions may not be particularly effective in safeguarding reliability or stability.

   >> Thank you very much.  Do you want to react?

   >> No, no, this is the answer to my question.  Thank you.

   >> Thank you very much.  Any other comments and questions before we give the final word for a few minutes to the panelists and to close the workshop?  For my part it has been very interesting and challenging discussion.  I'm not sure it's the last one.  This is my first impression.  There are a number of issues that needs to be -- to be discussed, and probably agreed upon.  I think it's a challenging work for all of you.

   I would like to turn to my left-hand side to give the final word for the panelists, maybe starting with Antti.  Thank you.

   >> Perhaps only to repeat that this is challenging work and we have been working together with the Member States for this action plan, I think that now we have experts together with our own (off mic), to identify what are the principles that we have to identify for the basis of our work and then of course try to dig into much deeper in the kind of what actions are needed.  But perhaps as a very short comment on this copyright-related discussion that we are having, of course I think that whenever you are looking the whole of the agenda for Europe that we have been identifying sort of (off mic) really needs to look what is the right thing for on-line growth, and I think that's where we are facing kind of different kind of interests and of course different kind of models, and I think this enforcement of the copyright I think that has been very much one part of the discussion but I suppose another one is that how you really make the kind of (off mic) fit for the on-line world and I think that's where we are.  Very much I think that the debate both inside the European Union and even the wider world.  Thank you.

   >> Thank you very much.  Michael?

   >> Well, I can make it pretty short, I guess, because the most important which I picked up here is always the same, that is, when you talk about stability and resilience of whatsoever, one first should define the view we have on whatever is discussed with stability and resilience, that is, first do we look at the application layer, do we look at the information system as a whole.  Do we look at the technology or at the technical background with all the lines and operators where we certainly end up in the net neutrality discussion?  This is one point.

   Another point, what I've seen in the past that is -- the Internet was neglected by authorities of governments for quite -- quite a while some years ago, and then there came some activism, including the European Commission and the different governments where they imposed laws and directives and whatever and tried to get this information system, Internet, somehow in the whatever it is, right direction.

   But now we see we're coming much closer to the multi-stakeholder approach, sitting against -- sitting beneath each other discussing the issues and the authorities have pretty much learned that laws are not the right way to act firstly, and secondly, if I look at the consumers or the end user of the net, of course the different industries, they have to adopt the facilities on the one side, on the other side, talking about social networks, data protection, has become a totally different aspect when we talk about social networks, and the children are children.  The digital natives who play around with the net may think totally different about the Internet, so why should we now put hard facts into the net which will be thrown away by the next generation.  Let's make it with self-regulation, with coordination functions of the authorities, and of course with a sharp look on Human Rights and these aspects, that's much more important than always seeing the bad things on the net.

   >> Thank you.  Thank you very much.  Point taken, I suppose by the Government here represented.

   >> Thank you.  A starting point for resilience for me is looking back at what are the end goals we're trying to achieve, and it's about the social, political and economic benefits that derive from the Internet.  Now, you can single these down too much, as we've said before, stems you don't know what's going -- sometimes you don't know what's going to be valuable, but that's why I come back to my analogy of the pipes and the poetry because I'm no technologist and I don't believe that the pipes is an adequate expression for describing the entire infrastructure required to keep the Internet's information system alive, just as I don't believe that the poetry is an adequate expression of what the BBC does with its political programming, its educational programming, its entertainment programme. 

   But as a summary of the interdependency of the content, which is delivering the social/political/economic value which we want the Internet to deliver and the infrastructure which delivers that, I think it's very important to recognize that at the start, and I think the commission has done that in its thinking, talking about core values, but those core values need to be reflected in the wider resilience debate, not just as something as a checklist to see -- to see whether Internet resilience technical measures comply with.  Thank you.

   >> Thank you very much, Andrei.

   >> I think about the set of principles that was on the agenda for this workshop, I think it makes sense.  Still, I think a problem definition is very important.  What is the -- as Daniel said, what is the ultimate goal for this document?  Is it to provide some guidance and understand how we can improve resilience of the Internet and its stability, and then we need to break this down in more specific areas, whether we're talking about critical scenarios, whether we're talking about specific importance, whether we're talking about specific areas.  What is the goal to protect the Internet from some policy decisions done in the name of stability and resilience.  So I think more clarity on that side would help to promote this debate further.

   >> Thank you.  I'm sure the commission will take that point.  Ben?

   >> Okay.  A last few words.  As we mentioned here consistently, and I think this panel shows very well, is that international levels and multi-stakeholder collaboration is necessary, and I think that it's also important to suggest that even though this is a commission driven process and the commission has been very active and very engaged in this, it can't be restricted to Europe.  There's no way that Europe can solve this on its own, that we will somehow create a separate or disconnected policy that will work without consulting stakeholders from around the world.  At the same time, the debates and the values that we are creating, it was mentioned many times that the decentralized very resilient Internet that is perhaps one of the most resilient Internets we have in Europe and the world and I think this is a value that is not just worthy of Europe but something that could be hoped or dreamed for the whole world, and in this point we're creating an Internet ecosystem, it was mentioned as a global information system, an Internet ecosystem which is diverse, global and open, and if that can flourish, it should flourish not just in Europe.

   >> Okay.  Thank you very much.  I would like to thank again the panelists and all those of you that animated the debate, and I suppose that we will be here, I mean, in another place in the IGF next year, but in between I guess that a lot of work has to be done.  We are, I suppose, at the beginning of the process so thank you very much.