Blocking Content: Issues, Principles and Paths Forward ISOC

28 September 2011 - A Workshop on Security in Nairobi, Kenya

Also available in:
Full Session Transcript

September 28, 2011 - 11:00AM 

***

The following is the output of the real-time captioning taken during the Sixth Meeting of the IGF, in Nairobi, Kenya. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

***

 

>> THERESA SWINEHART:  Hi, okay.  Good morning, everybody.  We obviously have a very full room and a very full panel, so we're going to try to manage this as well as we can.  We want to make sure that we have discussions with panelists but also from the audience.  So we're going to try to make this as interactive as humanly possible.  My name is Theresa Swinehart.  I'm with Verizon Communications.  What I'm going to do is try to moderate this and be the taskmaster on keeping everybody on time.

Given the panelists, I want everybody to quickly introduce themselves.  We'll go through a big picture of what it is about and we'll go through a discussion asking panelists questions but also allow for engagement with the audience.  With that, if I could ask with the end of the table start with a brief introduction.

>> SHANE TEWS:   I'm the Vice President for Global Public Policy and Government Relations.  So we'll be talking about ‑‑ I'll be looking at it from the pure DNS perspective.

>> BJØRN‑ERK LUDVIGSEN:   I'm with the Crime Against Children at Interpol.

>> SHAUNDRA WATSON: I'm with the U.S. Trade Commission and International Government Affairs and International Security and cybersecurity issues as well.

>> I'm Chair of the Advisory Committee of ICANN.

>> ANDREY KOLESNIKOV:  I am Andrey Kolesnikov.  I run the Russian domains.

>> CYNTHIA WONG:  I'm Cynthia Wong, and I'm the Director of the Global Internet Freedom Project at the Center for Technology.  We're a Washington, D.C.‑based NGO that works on civil liberties issues. 

Quick plug.  I have a paper up here on this issue if anyone is interested.

>> PAUL BRIGNER:  Hi, I'm Paul Brigner and the Chief Technology Officer for the Motion Picture Association of America.  We represent the motion picture studio, Walt Disney, Paramount, Sony, Fox, Warner Brothers.  And I focus on technology issues.  So DNS is one of the major issues I've been focusing on.

>> JASON WEIL:  Hi, my name is Jason Weil.  I'm an engineer for Time Warner Cable.  Dual role there and development organisation.

>> KURT LINDQVIST:  I'm Kurt Lindqvist.  I run one of the 30 DNS and also provide DNS servers around 30 countries.  Operational side.

>> ANDREI ROBACHEVSKY: I work as technology manager and I'm one of the organisers of this workshop.

>> THERESA SWINEHART: We will be logistically challenged, but we'll do our best.  Fantastic.  With that, I'm actually going to ask Andrei to provide the overview, provide some background for those not familiar with the issue and frame the discussion and then we'll go into questions.  Thanks.  

>> ANDREI ROBACHEVSKY: Thank you, Theresa.  Maybe a short introduction and kickoff presentation on the background.  Next slide, please.  The issue we will discuss at this workshop is illegal online content.

So for the purpose of this workshop and taking that we don't have much time, let's assume that we are talking about illegal content and there is no dispute that this conduct is illegal, right?

Related to freedom of speech this is outside the scope of this workshop because otherwise we'll never manage to do this in 90 minutes.

It's a serious issue.  We all acknowledge that.  It forces criminal activity and damages the Internet and reputation of the Internet.  And there are several options to attack this problem.  Attack the source or block.  We'll discuss this.

There are challenges.  Otherwise we wouldn't have this workshop, wouldn't we?  That cross‑border issues.  For instance, source and consumer may be in different countries, different jurisdictions.

And definition of what is illegal may also differ.

Finding a solution is finding a fine balance.  It's not straightforward.  It's not that easy.  Solutions may have implications for privacy and security.  They may impact the global Internet and its novelty of potential and also they may curtail international principles of rule and law and due process.

Well, let me present case in point, DNS filtering.  And present ISO position.  And we released a position paper quite recently.  I think some of the materials that attendees of this workshop get include this position paper.

So DNS filtering as a proposed technical method to block content consumption and users fundamental systems in the Internet, which is DNS, the main system.

And while this approach requires modification of DNS data, it requires to affect the answers to the questions and assumes the customers and assume the customers use the ISP's DNS services, which is quite common thing.

And while the attractiveness of this approach is that it can be implemented on local or national level and within single jurisdiction.  Next slide, please.

Well, this solution is not without problems.  Actually this solution has a lot of problems.  It doesn't solve the actual problem and is easily circumvented.  And the down side of this, it drives the service underground.  It puts users at risk because some of the circumventions are probably even worse than the problem we are trying to solve.

It's incompatible with DNS ‑‑ and impedes DNS deployment.  If DNS hack is deployed, this hack is indistinguishable from a hacker's attack.  And it causes collateral damage.  I mean, it's too close.  And DNS has so many dependencies that, really, it's very difficult to make it so precise that collateral damage can be significantly minimized.

And it encourages fragmentation.  Because while we're getting different views of DNS and we depart from a global coherence system as DNS should be.

And it raises Human Rights and due process concerns.

So, while just a few bullet points on the ISO position with regards to this issue, we think that unilateral modification of DNS behavior creates high security risks and filtering the global DNS has risks to users and will decrease global security.

Filtering DNS doesn't solve the problem.  And I think that's probably the main thing that we'd like to point out.  And policymakers should focus on the most effective ways to solve the problem.  In fact, it might create short‑term relief, but will leave long‑term damage to the Internet.  And that's also collateral damage that is hard to control.  And the cause of DNS filtering from that perspective outweighs possible short‑term benefits.

And DNS filtering has nontechnical implications.  Quick and easy technical solutions to nontechnical problems may infringe on Human Rights and erode trust in the Internet.

We think at ISOC that the real solution to combating illegal activities is to attack them at the source, through international cooperation.  And we understand this is challenging.  This is not easy.  But this will provide the real solution.  International cooperation provides the appropriate avenue for policymakers and the technical community to solve this problem.

Well, that was my short introduction.  And I apologize I took some time to add ISOC position, but we thought that's important.  Thank you.

>> THERESA SWINEHART: Great, thank you, Andrei.  It's obviously a very complex issue and how to deal with bad actors online is, of course, a challenge that we need to face while it doesn't harm the opportunities that exist for the Internet globally.

So with that, we're going to go into a series of questions to trigger a dialogue with the panelists and audience to see if there are creative ideas, what's good, what's going on?

And with that I'll kick off the first question, which really is:  Is blocking and nonconsensual blocking, basically, at the consumption level by technical means, is that effective?  And that sort of dialogue.  So I don't know if anybody would like to respond to that?  Okay.  We have a couple panelists who obviously eager.  Paul, if you'd like to start?

>> PAUL BRIGNER: Thank you.  Paul Brigner from the Motion Picture Association of America.  I think, yes, it can be effective as part of law enforcement scheme to start copyright infringement and other theft and other bad activities online.

You know, when you think about law enforcement, you have to know from the start that there is no 100 percent effective law enforcement mechanism.  There's always going to be circumvention.  The hardcore criminals are going to work around whatever law enforcement scheme is in place.

But you have to have a mechanism to inform users on the Internet that they're doing something that is illegal.  And today there just is not that mechanism.

I, of course, focus on movies.  When you can go to a website that looks completely legitimate and there's ‑‑ from a user's perspective, there's new websites popping up every day.  They give them their credit cards.  They think that they're going to a legitimate site and downloading a movie that has been licensed.  Well, a lot of those are actually not.  They're stolen movies.  And we have to have a way to stop that activity.  And DNS blocking can be a very effective way to do that.

>> I think it depends on what you say is effective, what is your definition of effective.  Will it stop everyone?  No.  Will it stop a lot of them?  Yes.  Will it prevent children from being reabused by showing the rape on the Internet to people again and again that use it for masturbation?  Yes.  Is that a good result?  I think yes.

You talk about bad actors.  And we have this kind of a mix between copyright infringement.  I'm not saying that is less important than what I do with crimes against children.  But I think it's important we keep these things apart.  You can have blocking without blocking everything.  You can shave without cutting your head off.  So we have the tools in place.  You don't have to use them to its full extent.

I think blocking on consumption level is effective.  I think you can apply a national law for the country.  And a country's law should apply in that country where people reside.  At Interpol, we have a worst off list that is much higher on the scale, so to speak so we only do the worst of the worst.  And this problem is limited.  This is not thousands and thousands of websites out there, it's a limited number.  It's manageable for police.  If we get cooperation from the industry, we can solve the Web when it comes to child sexual abuse.  Thank you.

>> Good evening, yeah, so for the sake of argument, I'll play devil's advocate.  And the best way to achieve what my two colleagues have just said would, of course, to block everything and only allow what's legal.  And then of course then the answer is of course it's effective.  And every country's laws are different.  What's considered illegal we have taken two mostly controversial issues, but of course every nation's law is different.  There are all we have to block are different. 

Someone who runs an operational environment we have locations in very different places around the world, very varying legislation.  If I were to make sure that filtering on a per country basis and doesn't lead, that is extremely hard, not to say costly.  It's at a huge cost to its end users and huge cost in end to you.  Because the cost operators have to be borne by someone.  And this is a very hard problem to solve because you can also not leak one country's legislation into another country because then I as an operator which assumes the role as a policing, as the police force.  And I start to apply other nation's policing laws onto other citizens and that's not quite the way the system works today, either.  And this is very, very hard to avoid.

>> Thank you, my name is ‑‑

>> BEN AKOH: I'm with the international of development.  An uncle of mine used to say that if you shut your eyes when a bad man passes, your eyes would probably remain closed when good man passes.  And perhaps I'm taking another approach on this for devil's advocate, we could block content but there may be good content out there or good people trying to access good content.  And I'm speaking about this from a development perspective.  Coming from most African countries trying to access content online or people that do business with sites in the U.S. that may be able to access content from or banking or financial sites from Africa because of IP blocking and things like that.  So this is an aspect that I think we should also think about and focus a little more on.

There are two stories I probably want to highlight here which will bring it down I think a lot clearly because I have ‑‑ and I'm approaching this clearly from a research proximate perspective, talking to people on the continent and seeing problems they face, business and entrepreneurs who are looking to build an online Internet economy for themselves and for their business.

One of the stories is that of a young student that needs to buy books for upcoming course.  He gets the reference who proceeds to the Internet to make purchases.  He logs on and completes the check‑in process.  Finds out that his credit card is declined.  This is a card he's used only a week ago in the U.S. while his entire family was on holidays.  There's no specific reason why the card should be declined.  He knew it had to nothing do with bank balances because he had sufficient bank balances.

Second story is a young West African entrepreneur just launched online business, subscribers to her new site, pay a few cents for access to online content.  She tries to access her PayPal account and that she had set up a while back and finds that she's unable to do so.  She knows that there should be a lot of revenue generated from the recent site which has an African CCLTD.  Basically an African domain name, right?  But the PayPal account is linked to a foreign account.  Her foreign bank account.  So she has restrictions in trying to purchase anything whatsoever, even access her account because she's at place where she's unable to do so.  It has economic implications for people that want to invest online.  It has economic implications with respect to the online economy, the digital economy that we probably would be talking about if we do talk about it here.

And I guess that's an angle that we should look at, as well.  What are the implications in terms of economics for people that want to partake in the global digital economic landscape?  Just a few comments for now, I suppose.

>> Very quickly.  Tweet‑length comment.  I think in assessing any strategy for enforcement of law, I think you need to very carefully weigh the benefits against the costs.  And here I think to respectfully disagree, the benefits, I think, will be quite ephemeral with rapidly diminishing returns.

As Andrei pointed out blocking domain lookups doesn't actually remove this content from the Internet.  The servers that contain them are still there.  And I think especially for users who are very determined to get at this content, actually circumventing the kind of DNS blocking that has been debated in the U.S. and elsewhere is a very minor thing.  It requires changing one setting in your computer.  And for users who may not be technically sophisticated, I think that there could easily be tools developed or have been developed already to automate that kind of circumvention.  So I think that we need to think carefully about whether the benefits are really that lasting.

>> Thank you.  Let's return to the basic.  Blocking content is blocking the results of somebody's criminal activity.  And I believe that the core question is how to unite different forces to fight the original problem instead of blocking the content for the regular, ordinary, normal people.

Also, there is a very interesting phenomenon.  Once you start tracking ‑‑ once you start putting the barriers for regular people, you basically marginalize them.  You set them up to the gray zone.  And with a strong encryption, you basically, if you push harder the Internet, the new technology will arise like ‑‑ remember the story with Kaza and then you create the undernet basically which you really can not control.  Or the control of the undernet will be so costly that there will be no effective solution for the governments to really track it.

I believe the education and cooperation between the different forces, different agencies and the different countries is a key for this problem.

However, should I say that the latest developments in this area reminds me the cold war era more and more that different countries taking different positions and trying to put these positions against each other, this is really dangerous because it has nothing to do with the Internet.

I'll  just read the statement of the Prime Minister, I often read the freedom house reports that Russia have these certain problems, et cetera, et cetera, I should just read it.  Putin said that it's always possible to control the Internet, however the problem lies not with control but whether or not government has a right to interfere.  Today nothing should be restricted, but one should just operate more efficiently in this area.  In addition to child pornography the Internet also contains information about negative political calls, Mr. Putin.  It is impossible to block it.  And one needs just to block people's awareness, shape their internal zero tolerance toward this kind of phenomenon.  Don't make it complicated.  I mean, this is issue of fighting the region, the criminal, the source of the problem, not the results.  I don't believe that there is efficient way of blocking the content.  It can be avoided all the time.  A lot of technicians around this table can say.

>> I just want to clear up a confusion, I think, among people.  It seems to be that either/or, either you block or you do something about it.  From the police standpoint, we always do both.  We block it to take away the accessibility quickly.  And then we work to try to remove the material at source.

You have to remember that the people that provide this material and the people that access it are criminals.  They have no intention of cooperating with the police.  They will not reply to our Emails or our calls or we go to court and get an injunction against them.  It doesn't necessarily help.  They are criminals.  They are just like any other criminal.

What we want to do with blocking ‑‑ and I'm just going to say, this is a relatively small problem.  We have 367 domains on our list.  That means those are the domains that contain children younger than 13 victims of severe abuse.  That is not a big number.  Last week 644,000 new domains came online.  And we blocked 367.  Many countries that have national list, it's usually less than 1,000.  So this is not a huge problem.  So let's not throw the baby out with the bath water here and say we can't have blocking tools that will destroy the Internet.  You're techie people, you should be able to find a solution to limit the child sexual abuse access to the Internet while at the same time keeping integrity of the network.

>> Okay.  I'm Michael from the German Internet Association.  One of the gentlemen before mentioned development of blocking and filtering technologies.  You should bear in mind that whatever technology you develop in this area will and can be used in other countries to oppress civil society because the technology is just the same.

>> THERESA SWINEHART: What I'm going to do is tee up the next question which is going to be relevant for the audience and engagement, so let me just frame the question a little bit and then audience participation.  And have discussion with the panelists.  We've heard the technical factors.  We've heard the implications across jurisdictional borders.  We've heard a little bit about the economic implications and blocking good things versus bad and all of that.  So, really, what are the short‑term and long‑term gains and losses and potential gains and losses?  What are your thoughts around that?  Panelists, audience, ready?

>> Okay, I'm from frontier Finland and I'd like to point out that in many cases, the blocking actually makes it difficult to attack the source.  It works in two ways which both have been observed.  First even if the policing principle is supposed to be both, there have been case where police does not want to do more than block, easier to block.  And, second, the blocking actually helps the criminals as an early warning system.  It lets them know that they have been seen and then they move elsewhere.  Like police notifying criminals that hey we have been seeing you but we won't arrest you yet.  Thank you.  

>> THERESA SWINEHART: Nobody from the panel right now?  Let me get you first.

>> I'm not hearing people address the issue of blanket blocking, which Ben brought up earlier where whole regions have been blocked from accessing commercial activities on the Internet because of small amounts of Cybercrime relative to the pro portion of Cybercrime which emanates from other economies which are allowed to continue.  This is blanket blocking.  And it's a terrible form of I don't know exclusion, let us put it that way of exclusion, of whole populations and countries from accessing the net.

>> Can you define what you're considering blanket blocking?  We're not quite clear what the definition.

>> I'm talking about the fact that if you are trying to use a credit card which you have established in the U.S.  For example, I have a credit card with my bank in New York, which is legitimate.  But I cannot use it from my home in Ghana.  I will be blocked from making any commercial purchase because I am coming from a .GH domain.  If you are in Nigeria, it's the same thing.  What he's describing is a young entrepreneur using a PayPal account which is legitimate but she cannot do business on it because she's working out of Nigeria.  So as long as you are Nigerian citizen living in Nigeria you're not going to be able to do anything are on the net because you have blanket blocking of anybody who is coming with a domain address when you're accessing and they see the address and it's coming from Nigeria, you'll be blocked.  And that is because of some illegal activity.

>> THERESA SWINEHART: We obviously have a lively discussion going already.  I'm going to allow respondents.  We'll start with curt and then we have some panelists.

>> Just a comment on the blanket blocking.  Again, it's hard to do this.  If you want to do very fine grain blocking, it's very hard to do.  And you don't even have the criminal activity.  There's you about how to do the blocking.  I'm from a tiny island in Scandinavia.  It has the domain ax, which is unheard of.  We people contact us Facebook and my space because they haven't bothered to put this into the geotreking system.  Might not be an issue.  But it is very technically hard to do the filtering.  Let's face it.  It's not that easy.  For 300 domains for your particular problem, but we had people that want to have border filtering, we have other issues about filtering in general it is actually quite hard.  And to the question what is the short and long term gains and losses?  Well the short‑term gain is that if you only talk about in cyber world the only thing you want to filter is 300 domain names, can we do it?  Yeah, of course.  But then we have the losses that it is not just about 300 domain names, about all the other illegal content that people want to bring into discussion.  And that's a much, much, much larger problem.

>> Yes, the situation Time Warner Cable.  I guess I'm the only service provider here on the panel.  So I'll address my concerns on the question here.  So I do think in the short‑term the blocking will be effective.  My longer concern is as a provider of services, one of the things I need to provide is an efficient DNS caching server infrastructure.  I'm very concerned about if this does keep expanding and then people have already been mentioned can easily reprogramme their caching result to another one outside the country or something along that nature, there is concern that I can no longer provide effective DNS servers to those customers at this point.

>> So I would just like to kind of address the technical issues here.  There's been the statements said that this is a very costly and very onerous approach.  And I would say that from my knowledge and from most technologists I spoke to that's not the case.  In fact DNS systems already have this type of capability built in.  It's not something new.  It's something been around for a long time.  In fact, there was a recent OFCOM report that this was probably the most expedient way to go about blocking illegal content online especially when it's matched with a more comprehensive legislative approach using stopping the payment processing and search results, et cetera.  So it can be very effective.  And it actually is, from a technical perspective, I would argue not onerous or difficult.

>> THERESA SWINEHART: Just going to go down.  And then get back to the audience.

>> CYNTHIA WONG:   To my colleague's point, I agree it's not an either/or solution.  Addressing illegal content addresses a number of different tools in government and corporate toolboxes.  But we need to conduct a really sober assessment of the long‑term and short‑term benefits against the costs.  And I'm not just talking about technical costs or rather economic costs but also the social costs.  And I think that the costs of did DNS blocking come in several different categories.  First is the cost to cyber security.  And I'm actually going to defer to some of my colleagues on that point.  But I think there are some real concerns about how DNS blocking might undermine cyber security in the long‑term.

And I think there's also costs to the Balkanization of the Internet that it creates this situation where governments will use the DNS system to enforce their local law, which has much more bigger consequences outside of their own jurisdiction.

But the point I want to focus on here is the costs to freedom of expression.  And I know that this panel isn't about free expression but I think there are some overbreadth concerns here.

Domain names are not just about single websites but they also might host things like email servers or other kinds of services online.  And so when you take down or when you block a domain, you may be blocking more than simply just the Web site that might be selling illegal content but also things like email servers.  And that raises some serious, I think, collateral damage and free speech concerns.

We saw one example of another kind of overblocking the U.S. when the U.S. government seized a domain called moo.com.  But that domain actually contained about 80,000 other subdomains.  And when you went to any of these subdomains you were redirected to a site that said "this site has been seized due to child abuse or child pornography investigation" which is a very serious allegation.  And so I think there are some collateral costs, social costs that we should also take into account.

>> Since I don't really believe in effective DNS blocking, I'll come back to the blanket blocking and give an example of Russian Federation.  Four years ago, it was almost impossible to pay by local credit card for any service outside of Russia.  Especially in America and Europe.  Now it is gone.  Sorry to be cynical, but the number of the transactions and the volume of the financial transactions coming from Russia overcome the risks, the financial risks of the banks to fit the fraud.  That's number one.

Second, actually the local police became working more effective dealing with the fraud credit cards.  It's not politics it's just technical and financial issue.  Thank you.

>> I think there are several different things that we're talking about here.  First of all, regarding precision.  To be able to do effective blocking if you want to do blocking at all, you need to be precise.  And using something higher up the value chain, the higher up the value chain you are, the more unprecise the blocking will be.  That's just the fact.

So blocking, for example, and also the closer to the source, the better the blocking actually will be effective.  So that's why removing the actual content is probably the best blocking you can do just by removing it.

The second thing that I heard a claim that the DNS system includes support for blocking, that is just completely wrong.  What you can do in DNS is that you can claim that you are authoritative for a domain name that you're not authoritative for.  Which means that what you can do is you can lie.  That is something that everyone can do and that is also one of the reasons why it's easy to circumvent the blocking which makes it imprecise if you use DNS as a blocking mechanism.  This lying is what was pointed out in the introduction exactly what DNSSEC is actually indicating and this is another reason why using the DNS for blocking mechanism is not effective.  So yes it will be hard to sort out use the DNS to access the content that people are not supposed to access if it is the case that they do things in DNS.  But as we pointed out in our report, SAC050 sack 50, that the cost if you do the cost and benefit calculation, you will see that as a result, that using the DNS is not very effective at all.

Regarding the lack of ‑‑ and regarding presession, I also would like to bring up once again the size of the list.  If you talked about 300 domain names, that would be one thing.  But there is in fact not what is happening in the world.  Okay.

The last thing I would like to say is that I heard a request that the technical community should work on better tools than DNS blocking.  And I will say we are trying to do that.  I would like to talk about blocking and how to remove content, but this session, once again, is about the very ineffective tool by DNS blocking and I ask myself:  When should that stop so we can move forward?  We're wasting our time.

>> Absolutely.  Absolutely.

>> I would love if you make a new tool.  I'm just a provider of content.  I'm not a techie person.  I'm like a mere mortal policeman.  But I do know something about child sexual abuse.  That's why I do it.  I can say if this is a child and what sort of abuse it is and if it's illegal or whatever in legislation or whatever criteria that we set.

When we look, we only do domains for the Interpol worst off list.  So it's only domains.  And contrary to popular belief, perhaps, there's not a much, a lot of mix between legal and illegal content.  They will make pure sexual child abuse domains and they will call it very pure, child sexual abusive or that will be their trademark how people will find them because they need to be found.

If there is illegal material on the domain, we believe that whoever owns the domain is responsible for the content on that domain.  You cannot sell heroin and milk from the same shop and expect that the police will not have an interest in you and close your shop down.  Remove the heroin and you can sell your milk as much as you like.

I believe that local law should apply in the country.  My law that my people have decided is the rule set for my society are the ones that should also apply on the Internet.  So I believe in fragmentation if you like of what's legal on the Internet.  But there should also be some overarching things that we say it's illegal everywhere and for child abuse this is what we do with this worst off list.  If we disagree with whatever a country says is illegal then we have to attack that government and say we disagree with how you run your country and how you're applying your laws to your people.  You shouldn't have to make the Internet this cesspool of free things that everyone can access just because there are some countries that would try to limit it.

So I urge or I advocate for a fragmentation of the Internet if you want where local law applies to the people and the machines and the networks that reside in that country.

>> THERESA SWINEHART: We have quite a few and then we'll come back.

>> So one of the things that the domain name area both registries and registrars kind of go up and down the ladder because what we're dealing with here.  We've got technical people and I absolutely understand and believe what Patrick is saying.  And one of the reasons why DNS works as well as it has is because it's a consistent response.  You always get the same response.  As an end user, you always get the same response.  As an end user if you don't get if same response you probably think something is wrong with your ISP.  So Time Warner has to take a bunch of calls from their customer base and they don't understand where the problem lies.

So we have a m all tie‑layer issue of how do we educate people around this and how do we do the practical application of wanting to block content and where's the appropriate level to have it?  So this is a dialogue I think we'll be continuing to have for quite some time.

But needing to understand that doing it the wrong level really does cause reverberation within the system, which is a challenge to resign very quickly around.

So I appreciate everybody's view on that but do understand the challenge that the true DNS architects are dealing with.

And then as far as dealing with the challenge of the of the content, I absolutely understand the compassion much wanting to get it off as fast as possible, but then understand that if you do it at the wrong level, you may end up taking down somebody's entire system if they're on a multi‑tenant server capability and we're still struggling to how do we do that is education.  The person who is requesting the takedown happen that they understand enough about the system to request it at the right level so you're very pinpoint directed at what you're trying to do.

>> Thank you.

>> BEN AKOH: Thank you.  You raised a very important, some important points around costs around economics, technical, financial.  And I think those are very key point that we need to perhaps pay attention to in the short and long‑term.

I would add to your points in those directions, in that direction.  And maybe prefix it with an example or rather a comment that someone had said that the financial institutions like Mastercard and Visas exist in these countries and do good business in these countries where they're mostly restricted.  So there must be a reason why they're still remaining in those countries.  And that's economies of scale that you're talking about, right?  Which in this case the small businesses that they are engaged in far outweigh the risks that they will probably be faced with.  But that in the short‑term might be advantageous to them.  In the longer term, though, that doesn't work because you want to expand the business to a much larger number of people.  The implications, therefore, is that within the short‑term, it has implications on the economics in the country. 

But I think another point I want to raise is the long term costs of development.  And that is that if the lifeblood of society's economies, financial transactions is restricted in such form, how ‑‑ what sort of implication does that have on the long‑term development?

I think there's lots of implications here because people would not have access to funds.  We see a different Kenya today because of the alternative forms of financial transactions that have provided access to people in places where they cannot ‑‑ ordinarily wouldn't be able to have them.

Now, in a case you would argue for innovation, right, as a means of counteracting what may have been restrictions in this area.  But what the truth of the matter is as far as finances would not be able to conduct business internationally.  And we need to look at that longer term implication.

Finally I think that we may be talking ‑‑ this is now on the economic perspective.  We may be talking amongst ourselves and maybe preaching to ourselves.  I think everybody on the panel seems to agree that DNS blocking is not the way to go.  But people that should be here that are not here, the financial institutions, given the multistakeholder nature of the IGF, how can we bring those people to the table with the guys at Interpol, I'm not sure whether they talk to them already, I'm sure with money laundering, yes, but within the Internet economy, that's totally new place.  And I'd like to hear from you what you think about this economies as it relates to financial transactions down to the individual level.  Thanks.

>> THERESA SWINEHART: Yes, the gentleman and then you.

>> This is from the Iranian organisation ‑‑ private sector ICT activities in Iran.  Actually regarding the question, I want to bring up one of the direct impacts of blocking in the Internet.  When I say blocking, I mean also in containing filtering systems.  I think always there is a way to bypass this blocking.  And by doing this, we are just simulating the people in the communities to find out those bypassing techniques.  We are just starting some kind of process that goes on and on.  And we just try to find better blocking systems and then we find better bypassing systems.  And I think it will not resolve the problem.  Thank you.

>> Hello.  My name is Constance burger from ministry of the interior in Germany.  And I want to introduce about our experiences with it and the theme because I think child pornography is also a big thing we have to fight against.  And in Germany was implemented the act of ‑‑ access to child pornography in 2010.  And for applying this to Germany it did not block access to websites but activity removed pornography sites from the Web.  And during this year, the success of effectiveness of the leading child pornography from the net was evaluated.  And we had success, a colleague of mine told me from 98 percent in two weeks.

I think this is very, very good success.

I have to mention there's no intervention from public authorities in the Internet.  The federal criminal police request the content providers to delete the content and checks after a time.  The providers remove the content.  And this process works.  We are working together with in hope and other NonGovernmental Organizations.  So for instance the colleague of echo is here and could you explain some technical details if you are interested in.  Thank you.

>> Thank you.  Brian Cute with public interest registry we're the operator of dot org.  What I'd like to hear more ‑‑ and I think the problem's been framed very well.  I believe there's problems with blocking.  I believe that violations of intellectual property rights should be addressed.  I believe criminal activity should be addressed on the Internet.

But beyond framing the problem, how are we, as industry and civil society, going to coordinate better and more effectively with governments on these issues, within the context of the multistakeholder model?  I mean that's really a discussion we need to be having above all else.

There's registries, there's registrars, there's ISPs, there's web host providers payment providers.  One of the challenge is we don't all gather together under the same tent regularly.  Registries and registrars and some ISPs are at ICANN and other services providers are gathering in associations or within their national jurisdictions where they offer service.  But this is a fundamental challenge for us.

So what I'd like to hear is people's thoughts about how can we, and I put the impetus on industry and civil society here, how can we coordinate better with governments?  What can we do within the multistakeholder model to come together on this?

Clearly there's some division from the intellectual property side of the community and the operator side of the community on these questions right now.  But we need to get beyond just framing the problem.

>> THERESA SWINEHART: And then we'll segue to you.

>> Thank you.  My name is Sebastian from the ‑‑ Internet center.  I think my observation is that we have now a contest between legal and legitimate business and illegal and illegitimate business.  So the Cybercrime we are talking about that we are trying to fight to block is a form of business in itself.  It's an economy growing out there.  So I think then the solution lies first in identifying which one is legal and legitimate.  And this is ‑‑ process.  And then how do we handle the illegal and illegitimate?  Again use using the multistakeholder process.  The technology we are trying to develop, we can be aware that they can be used for both bad and good purposes.

I think if we had deep cooperation and partnerships between governments, businesses and the tech no scientific communities investing their energies and resources and time and research in innovation so that at least they can be able to be ahead of this illegal and illegitimate innovators.  Also researching technology to use in their criminal activities.  But at least we need to be ahead of them.  That's one way to go about it.

The other way is that with this deep collaboration and cooperation, then it may be possible through continuous interaction as we are viewing between the government, business and the scientific community to really know that ‑‑ to keep updating ourselves about the possibilities under the emerging criminal activities, the dynamics they are taking so that in the long run, it is possible to make it more difficult for these criminals to sustain their criminal activities when we have collaborative approach than doing it because you find many governments don't run as fast both in innovation and opposition of skills as the businesses do.  Thank you.

>> Thank you.  I think this has been a wonderful teeing up for a next phase of an important dialogue.  Andrei has a few comments to make and then we'll be pose something questions to go into that direction.

>> ANDREI KOLESNIKOV: Yeah, I think it's very important to just remind that while three years ago at the IGF everybody agreed that there is absolute evil which is child pornography.  There is no different interpretation of the Internet over this issue.  And the colleague from Germany gave us a nice example about the in hope.  The in hope initiative is actually a good sample for other issues.  We can use it as an example because it works.  Just talking about Russia, there's about 50,000 tickets per month opened ‑‑ 5,000 over the child pornography.  And 900 resulted in putting it down.  And it works.  It works through the borders.  It doesn't involve the NGO.  You don't have to run to your press and ask them the permission to put down the child pornography.  You can do it by yourself.  And it's an issue of the local civil society and Internet community.

But that's an issue.  I mean everybody agreed that it's evil.

Over the other issues there will be problem because different nations understand this criminal and uncriminal differently.

>> THERESA SWINEHART: We're going to have Andrei and then we'll do.

>> I'm another Andrey.

>> ANDREY ROBACHEVSKY: I think we'll segue into another part much our discussion.  We want to concentrate on the solution to the problem.  And it's important to understand what the problem is.  And the problem is not so much that content is accessible but that content exists.

And many things that were discussed now in this debate, they remind me of like curing disease with painkillers.  So now we want to have more discussion on this dialogue and defining avenues and solutions to the real problem of bad actors and illegal content on the Internet.  And I would like to maybe flip one or two slides?  Once more.  Yeah, right.

Okay.

>> THERESA SWINEHART: Just to tee this up.  We've heard references to tool boxes and where things might be more effective, we heard references to social and economic impacts.  And we've heard reference to coordination and cooperation among civil societies, governments, businesses to try to achieve results.  So what might be some public‑private international cooperations with existing tools?  Or are there other tools that might be worth considering?  And how do we build on the discussions that are here?

The gentleman over there and then I'll go to the panel and then back to the audience.

>> [Inaudible] thank you.  My name is Adrian Dwyer, and I'm the Executive Director of INHOPE.  In hope represents 40 national hotlines around the world all receiving and dealing with reports of many child pornography or images of child sexual abuse.  Now they all work within their own national set protocols and have their own set agreement with law enforcement.  In fact to be a member of INHOPE you have to have very strong relations with industry, law enforcement and government to actually become an in hope hotline.

In hope have members who do deploy blocking and filtering in their country.  Some members actually involved in the compilation of the lists where used to block and filter.

We also have members hot lines from various countries which are very opposed to that view.

In hope themselves stands that we support anybody who takes whichever action within their own country and their own procedures in order to assist in the removal of this material and restrict access.  So we represent hotlines which deal with blocking and filtering and those which are opposed.  So we cover the whole limit.  But certainly as in hope, we are an international tool which is used to pass reports of illegal content or possibly illegal content swiftly from hotline to hotline or nation to nation in order that can be dealt with locally and as swiftly as possible.  So that's basically the in hope network and how we fit into this situation here.

>> THERESA SWINEHART: Thank you very much.  To the panelists.

>> SHAUNDRA WATSON: I should note that these are my own views and not the Commission.  

But I'm glad that the question was asked ‑‑ and this is really the area where the FTC has really focused it is approach on the enforcement efforts public private cooperation and something that we worked on extensively and looking at prevention and encouraging industry, stakeholders to adopt practices that limit the risk to consumers.  We've looked at public‑private international cooperation in the context of actual enforcement proceedings and investigations and how we can collaborate in terms of sharing of evidence, particularly not just from industry but from academia and other government agencies, particularly in our sort of quote/unquote "high tech" cases where we have to rely on the expertise of others in this area. 

And also a big part of our effort here is consumer awareness campaigns.  So these are sort of some approaches that we haven't discussed during this panel yet but these are other sort of mechanisms at getting at bad actors on the Internet. 

And just in terms of public‑private cooperation, we've done a lot in this area.  And I think someone mentioned one of the real challenges here is identifying all of the relevant stakeholders to insure that we're really developing comprehensive approaches to having everyone in the same room.  So everyone in the Internet ecosystem. 

And we worked a lot with domain name registrars and registrees.  There's always a lot of focus on ISPs.  Someone mentioned the financial sector, which may not necessarily be represented here, but they're represented elsewhere.  But we need to engage like domain name resellers and basically everyone who has a stake in this issue.  And I think one of the challenges is that we have these discussions with some of the relevant people but not necessarily all of the relevant people at the same time.  And that's just on the private sector.  And that also applies on the government or in the public sector, as well.

So, for example, I am with a consumer protection agency of the United States.  And we work a lot with our other foreign counterparts who work on consumer protection and privacy issues around the globe.  Well, we also in the U.S. have a very cooperative relationship with our criminal counterparts because we don't have criminal jurisdiction.  And I'm not sure that that's the case around the globe.  And I've been to conferences where they're working on Cybercrime issues.  And I've about into consumer protection conferences and we're all talking about the same thing.  And so we should just ensure that everyone who has a stake, whether it's from the public or private sector that we're all in the same room talking about these issues.

And likewise I think there are a lot of different for where we're discussing these things, but I think ‑‑ which is great ‑‑ but I think one of the things that we should do is take an inventory of ongoing efforts because in some cases there is duplication of effort and some of it is regional. 

So last year I attended the West African, the first West African Cybercrime Conference.  And that was great and there was a lot of good discussion.  And I thought, wow, these were the issues that we discussed in Strausburg at the cybercrime conference, and this is something that I discussed in Washington at something else I attended.  Wouldn't it be great where we were developing a comprehensive solution to these issues?

And I've also been in situations where there's been reluctance expressed both on the public sector and the private sector, there were some ‑‑ in a global setting, some foreign government agencies who were more reluctant to cooperate with industry in their country because they were afraid of the perception that they would be would appear to be cozy with a particular company that they were supposed to be regulating.

And on the business side, I've heard comments saying well this doesn't affect our bottom line, so it's not our interest.

But I think we need to sort of move away from those things.  And at the FTC, we cooperate all the time with industry and we have workshops because we sort of follow this multistakeholder process.  But at the same time, we still enforce our laws effectively.

And one other thing I'll just say is I think it's important for us to have this dialogue between the public and private sector because we really need to understand how the other entity works.  So for law enforcement agencies, we might have a request for information, but we don't really understand the cost to ‑‑ we may not understand the cost to the company of producing the information, the time to produce it or the burden on that particular entity.  And that entity, I heard people say "okay, well we'll ‑‑"

(no audio).

(Skype connection lost, redialing).

(failed to reconnect).

>> We have too much cases to do.  And there are only three things the police don't have enough of and it's money, people and time.  So we need to reduce it.  And for us having systems like blocking, preventing crime is always cheaper than investigating it.  If there's no crime being committed, we don't have to spend money investigating it.

And then on a prevention parts, having a blocking system like we do, we always tell people that they have been blocked.  We don't put them into a black hole and pretend that the service doesn't work.  We will say that this happened.  You have been redirected.  These are the reasons why.  This is what you did do to complain about it.  This is what you can do to report about it to INHOPE, for instance, from this stop phase as we call it.

It gives a presence on the Internet.  It says that the Internet is not lawless.  You may be watched.  You may be seen, may even investigated and tried in the end for whatever crime you commit there.

It's like when you see a police car going down the highway, you look at your speedometer.  You check your seat belt is on, lights is on, is everything okay.  You throw the cell phone in the back seat.

[Laughter]

This is what we do.  We just tell them that theres a chance you may get caught.  When the police car goes off the road, it's still possible to speed but you may choose not to do that and you chose not to do that while you saw the police being present.

At Interpol we are working with the likes of ICANN.  We are now trying to get into the GAC, the government advisory board, sorry, committee, to have a voice there to say well for law enforcement, this is a problem.  You need to think about this when you do the rules for registrars and registrees.  And of course we would like to go up the food chain all up the way up and say let's take up this domain at its roots.  Let's nip the bud of it, so to speak.  That would be good for us if we could find a way to do that that is transparent, that is accountable and that everyone can live with.  Thank you.

>> THERESA SWINEHART: I'm going to panel and then to the audience.

>>I did want to highlight a public private cooperation.  In Paris in October, the London action plan, which is a global public‑private enforcement network that the FTC has been very active in over the last several years and several other of our counterparts around the globe, they are having a joint conference with MAAWG, which is the Messaging Anti Abuse Working Group and association to discuss cyber security issues and public private cooperation. 

And in addition, it's basically a week long activity.  And so the London action plan is going to meet with the OECD's committee on consumer policy to discuss their 2006 recommendation on enforcement cooperation on spam issues and some of the issues that are really important to us.  And there are some other ‑‑ the EU's consumer protection cooperation network, which is an EU‑wide consumer protection network based on an EU regulation.  But that group will also be meeting with all of the entities that I just described, also focusing on cooperation, on Internet consumer protection issues.

But in any event, there are a host of organizations that work on these issues that will be focusing on public‑private international in Paris in October.  So this is just one of many examples where it actually is happening.

>> Thank you.  Comment on what you just stated on showing a web page.  I don't see the connection between showing a web page or not for people using web service to be able to access information and do DNS blocking.  When I'm saying DNS blocking is not effective and should not be done.  I'm not saying you should not display the Web page to people.  And I do not understand why we are connecting the two with each other.  That's the first thing.

The second thing is that from a Human Rights perspective, I don't know if we have any ‑‑ I think Human Rights people are actually in a different session at the same time.

[Laughter]

Which is kind of interesting.  But I've been working with the Swedish foreign ministry quit a lot and, frankly, with the UN special rapporteur on freedom of expression on the Internet.  And one of the things that the Swedish position that was also signed up 40 countries in the Human Rights council in June this year said very explicitly that of course law enforcement and other kind of functions must of course get the tools they need, but we also have to take into account the impact it has on the ability for people to actually live up to the Human Rights.

So when talking about, so that is also something that needs to be taken into account when calculating the cost on balance.

But once again, I don't see the connection between blocking and DNS.  That is what I'm saying is ineffective.  I'm not saying we should not display web pages to people when they are accessing something using a web service.

>> Yeah, just iterating the numbers.  The number out of the 5,000 calls for the child pornography, there are only 100 individual domains.  And if you go down, it goes about 10 in the national domain names.  So this is not ‑‑ DNS is not an issue.  The content should be blocked if, on a different level, of course.  It's social networks and cloud computing and you know what I mean.

>> Thanks.  I just want to first of all fully acknowledge the very real challenges that law enforcement is facing.  I mean this is a really pernicious problem, child abuse images in the criminal networks that promote it.  And I want to acknowledge that and also acknowledge the challenges to are companies that are really trying to enforce their intellectual property.  So in the spirit of offering constructive solutions, one of the things that we've discussed in the U.S. as an alternative or at least maybe a first step before we go down the road of Internet blocking is enlisting the help of financial and advertising intermediaries.  So the credit card companies, the ad networks and the intermediaries that allow payment online who may or may not knowingly or unknowingly be doing business with sites that are selling illegal content.

Focusing on these intermediaries don't really raise the same kind of security or overbreadth concerns that the DNS system does raise.  And on the other hand focusing on the source of money for these sites, the source of their profits could actually be even quite effective, I think.

Of course, I think we need to think about some of the unintended consequences of this approach and to really build in fair process and all that to address the kinds of blanket blocking that we were discussing earlier.  But it's another thing I think to consider as part of the toolkit.

>> This is very quickly.  I think I want to place an emphasis on the platform such as the IGF that it's useful platform to have this sort of conversation especially with financial institutions that are directly involved in what we're talking about.  And the fact remains that up until now when we engage financial institutions we rather engage financial institutions that are in the field of technical service provision as opposed to the actual financial institutions that should be doing the work, that actually do work within the sector.

So bank and insurance firms, for instance, are people that we want to directly link with and bring them to the table in order to provide solutions.  I know we have alluded to many individual original initiatives that have taken place in the west and in North America.  I happen to live there now.  And I understand how it works in those contexts.  But having originated from a context where, from a development context where this is important I think financial institutions should also wear the hat of development from the site of the globe to see how we can bring solutions to this.  And so if we're talking about financial institutions that need to come to the table, which financial institutions are we talking to?  And where they're located and how can we bring a broad sector of financial institutions to the table to find solutions to this?

>> THERESA SWINEHART: Very nice helpful segue both the audience eye.

>> To talk about what venues exist what venues can be used in different ways.  What venues can cooperate with each other as part of this discussion.  To the lady and then I have the lady over there and then the gentleman here.  And is there anybody else in the audience?

>> Can we move to another slide, please?  Next slide?

>> Louise Bennett, BCS.  I'm very aware that the blocking child pornography has been pretty successful.  But we shouldn't fool ourselves that this is stopped, child pornography.  It has simply moved to social media.  Certainly that's our experience on the UK.  You stop one type of fraud and frauds still exist and money is still there to be gained.  They move somewhere else.

I think what we have to recognize is that the Internet gives an unprecedented scale, speed and low cost of entry for all sorts of criminal activities.  And it is extremely difficult for bureaucracies, particularly international bureaucracies, to have the agility to deal with that.

So I think one of the key questions the IGF should be asking itself is:  How can they move more quickly to solve these types of very difficult problems?  Because they pop up somewhere else and you've got to deal, as several people have said, with the source.

>> Thank you.  Poland.  I hope we are Human Rights defenders so I can give you Human Rights approach.  Along with Internet Society we did a lot of work in Poland to prevent the law of Internet blocking over the last two years.  We got to the point where we really had regular meetings with the government to think about the alternatives.  Of course we criticized blocking to are the reasons mentioned here.  We do say that the removal is possible and the removal is the way forward.  And the main contra argument we always hear from the government is well we would like to remove but there is no interstate cooperation, the police from Russia, the police from other countries does not react.

We have voices saying this is not true.  Still they say so.  We respond saying well there is international cooperation.  Like we have the committee here and the Internet‑related structures.

And then we hear very good counter argument which I would like to pose here for discussions.  What is legitimacy of this?  If we have public‑private cooperation and not including judges, not including police or including police which is not skilled or comes from the countries which we do not trust for their rule of law, well how do we deal with this?  Can we remove content without legitimacy behind that action?  Would that be really a viable alternative to blocking?  Or we end up having exactly the same problem?

So that's my actual question to you, to our panelists, what sorts of checks and balances could we imagine here?

And what agents would be legitimate agents?

I cannot think about ICANN myself.  I can think about ISPs and registrars but only after some kind of legitimate decision has been taken by the court or at least on the police level.  Thank you.

>> Hello, everyone.  My name is Andre Sharapovich from Russian Federation, maybe the third Andre in the auditorium.

[Laughter]

I would like to say that some comments at first according to the public opinion of the users of the Internet, majority of users are against any kind of blocking.  Any news concerning new initiatives for blocking facing some problems with the negative reaction of user (auditorium?)

So I'd like to stress some major points.  According to my opinion, there is no crimes which could be committed completely online.  All the crimes are made in the real life and then come to the online sphere or otherwise.  They are planning online and committing in the real life.  So there are some examples.  For example, in Egypt, we are not, in political situation there, but during the revolution is not excluded them, people who ‑‑ also agreed with the Internet, with the social networking.

Also in England when it was social protest in the summer, people ‑‑ sell the wrong stuff through the websites, that's the first point.

The second point that's why blocking could prevent real crimes committed with the issues of the Internet with websites.  So personally I could welcome all the initiatives for improving blocking mechanisms both technical and political.

Also would like to say that machinery blocking, automatic blocking by using the software, special software is not effective.

For example, my machinery antivirus software Internet security blocking website of the conference against chilled pornography because of the wording "child pornography" there.  So it's better to improve political measures together with technical issues for effective combating crimes committed with Internet.  Thank you very much.

>> I actually have a comment on the topic.  I think we have good examples of international best practice when we have issues that need to be addressed internationally and where we want countries to sign up.

You have within the UN framework an international Convention that countries will sign up to.  And you negotiate the terms of the International convention.  For example, the convention on the discrimination against all forms of women you have ‑‑ to check progress.  This is one area where we have to have such a mechanism to allow countries to have clearly defined what they are signing up to and then we will track which countries have actually signed up to that international convention on how we are going to control Internet in terms of these criminal type of issues.  Because I think we have to be very clear on what is criminal and what everybody is going to recognize as criminal and where we have some of the freedom of association and freedom of speech and Human Rights issues that our colleague from Russia just came up with which can be interpreted on a national level.

So I think that really gets into how we're going to develop solutions.

Now, the absence of the financial partners here makes it difficult for us to know which fora in which to negotiate.

But just as an economist and logically, since I think the bulk of credit card market we know who the major players are, I think these can be engaged with.  And we just have to find where they meet together and talk to them about some of those issues.

But definitely our colleague from the U.S. mentioned how you can pull together those different groups in the U.S., Europe and Africa together to discuss this kind of thing.  It shouldn't be too difficult to pull together something like that.  And this can be a very concrete outcome of this particular workshop.  So thanks.

>> Hi, my name is Grady Johnson.  I'm with the Association for Progressive Communications.  And my project is actually literally called Internet Rights are Human Rights.  So there are a few of us in the room, Human Rights defenders.

I think that the debate here so far, it has been good, but I think we are glossing over with one of our assumptions is very dangerous.  I think we need to make distinction between different forms of illegal content.  The child pornography and media piracy do not warrant the same type of response.  We have to always consider the costs and the benefits with what we're trying to deal with.

No one would argue that child pornography is a terribly heinous crime and it warrants perhaps much more extreme responses than other types of illegal activity.  And just the final thing to consider is a very important legal principle and that is that extreme cases don't make for good laws.  So we should not be basing our policies and our legal approaches around really extreme things like child pornography.  I think that always has to be dealt with on a case by case basis and should not be the foundation of how we approach these problems.

>> Thank you.  Nice segue, thank you.  So I'm going to, in light of time and in light of the debate right here, give the opportunity for all the panelists to make some closing observations.  But really a focus on what we might want to consider also as next steps.

We've heard about different tools, different forums, different cooperations.  Obviously there's no question one has to deal with that actors on online, there's national laws, illegal activities.  There are problems.  We need to find solutions towards those that work across‑the‑board.

So with that, I'd like to give the panelists an opportunity for the closing remarks.  But really focusing on what the take‑aways are, what the next steps might be, where some partnerships might be.

So with that I'm going to start on this side just a headsup, if somebody's not ready then I'll jump ahead.  You can go first, sorry.

>> So I think my take‑away really is that we need to look at the bigger picture and we need to not only consider consumer and social content but the whole food chain.  And bring them all together and discuss this issue comprehensively.  That is the only way we can find solution.

I think we also need to make international cooperation more visible and more ‑‑ emphasize the role of this cooperation.

And I really hope that we can move from this kind of painkillers.  Because painkillers, while they may stop working at some time if taken for a long time.  Or they may kill if you take too many of them.

>> So, yeah, I think that one of the take aways I have from here is that we have the DNS‑blocking and everything has looked like a DNS‑blocking nail and maybe it isn't.  And to follow‑up to the gentleman from Interpol is if what the police forces are missing is time, people and money, DNS blocking isn't one much those three.  Maybe we should give you the tools you need to enforce laws.

I think that we said here before this is not necessarily technical problem.  I think we need to, as also Andre said, look at the bigger pictures, bigger implications on what we can do for this and not just ‑‑ and go through root of the problem as several people mentioned.  The intermediary is not just Telcos, but the financial institutions, hosting sites, et cetera.  There is much more than going for the intermediary which is a very bad way of doing this.

>> I guess I would stress what has already been said before that going after the financial institutions and that's currently a bill that's going through the States in the U.S. government.  I think that's one of the better parts of that bill is that it's definitely going after the money that's financing these things.  So that should continue happening.

The DNS blocking seems more of a unilateral response.  And I think if we had a multilateral agreement or if we worked toward a multilateral agreement, there would be new technologies that would come out.  Or agreement that we could just go after the source of the problem and we wouldn't need some of the ‑‑ requirements that currently exist.  Right now it's the only thing that does exist.

>> I would just like to point out that it's in all of our interest here to stop this illegal activity and help the Internet become a very vibrant marketplace for content and other commerce and to stop child pornography, of course and all the other really bad things that are happening there.  And part of a reasoned approach, DNS filtering does make sense.  It doesn't break the Internet if it's done in a reasonable way.  It doesn't fragment the Internet.  It stops illegal ‑‑ it stops access to illegal content.  So you just have to, I think, look at it from that perspective and look at it from a very reasonable perspective.

It's a very exciting time for the film industry, the movie industry, what I focus on, because as you've probably all see the headlines on a weekly basis, there's new distribution schemes that are rolling out almost, it seems, every day.  Very exciting developments in content coming online and people are enjoying it.  So I think we need to ‑‑ the more we stop the illegal access, we're going to see more and more of the legal content becoming available.  And it's going to create a very vicious circle.

>> Just to reemphasize a few of my points.  I completely agree that combating online infringement, combating illegal activity and child abuses are very worthy goals.  But I think with any good policy making process we need to conduct a sober assessment of the potential benefits against the potential costs, whether they are economic or social costs, and whether they are intended costs or not.  And I think that under this kind of analysis, DNS blocking is perhaps not the best way to go in terms of cost benefit analysis.

I think to the extent possible, we really do need to focus on the bad actors themselves, whether we're talking about purveyors of copyright infringement or purveyors of child abuse material.  Because these are cross‑border issues we really need to be creative in thinking through all the different tools in our respective toolkits.

>> The Internet is not a special thing, it's part of our lives.  And crime exists five years ago and will exist the next thousand.  We can only just diminish the level of crime.  Since the Internet brings the only thing now it became international.  There is no theoretical between the nations.  So in this schema, I think that the cooperation between different civil societies and organizations and businesses work much more efficient and faster than agreement between the governments.  This is just observation.  I mean it's not my personal conclusion.  These are facts we all see.  So I think the focus should be on horizontal cooperation, horizontal line between the different organizations involved somehow in the Internet business.  And also DNS ‑‑ it's not an efficient way.

>> So to summarize what I think all said is that, yes, that interrupting the ability for people to access content is of course something a problem that we need to work with.  DNS is not the tool but you should use ‑‑ the only time I can see DNS blocking happening is, for example, what happened a few hours ago when a domain name in the Top Level Domain was blocked.  But that was just because it was ill legal use of the domain name itself, not what it referred to.

The other thing is that blocking in DNS is only ‑‑ is not stopping the ability to access the content; it stops the ability to access the content using that specific domain name.  And we cannot continue to just be sloppy with the wording.  Thank you.

>> SHAUNDRA WATSON:  I think my final take‑away is a little redundant of what Andrei and Cynthia said, which is basically developing comprehensive solutions and other tools we have in our toolbox to go after bad actors on the Internet and also making international cooperation not necessarily more visible but more effective because there's a lot of work going on, but I don't think that ‑‑ I think there is some duplication of effort.  And I think that our efforts could be more effective in this regard.

>> Thank you.  I'm going to try to be very quick.  I'm just going to say one thing first.  When we speak about this topic, a lot of you use the world "child pornography".  I looked up pornography on Merriam‑Webster yesterday.  It means material that is intended to cause sexual excitement.

This is something you should think about when you speak.  Pornography is okay for many countries.  A lot of people use it.  When we talk about child sexual abuse and the rape of children and pictures of that and people using that for their own sexual gratification, that is not pornography.  It is pornography to them.  That want to masturbate.  It is not pornography to the rest of us just so you take a note of that.

I'm not technology‑driven.  I don't care what kind of technology you use.  I just think if DNS doesn't work, fine.  Find something else that will work.  I will provide you with whatever I believe from my standpoint should be taken off the Internet and you fix the rest.  You fix the technical parts.

And I want to say one thing for Africa for this country, for instance, for Kenya, that when you don't have the same type of saturation that we have in many other countries where we, in fact, have a kind of a broken Internet, you need to build an Internet that works from the bottom up.  You need to implement the things that we need as law enforcement that you need as technical people.  You have to kind of think of these things from the beginning rather than implementing it as time goes on.  Not a Band‑Aid Internet.  It's held together by strings and rubber bands.

And we need to, you need to think about that when you design your system, your infrastructure from the ground up so to speak.  Thank you.

>> I think we need to continue to educate at every level.  This reminds me of the economic street lamp idea that you always look for your car keys where there's light even though you might not have been near light any time that evening.  So we've kind of hit the simple solutions, what feel like simple solutions and we need to delve a little further into the complexity of the you and realise it's a multi‑layered problem that we will probably have to solve at multiple levels and DNS blocking was probably a simple, quick, felt‑good solution.  But we need to continue to see how we do this and allow it to happen for the multi‑user, multi‑national concerns that we have in the room.

>> I'm tempted to say the technical solution may not necessarily be the answer, provide an answer to social problem.  But I think by that I'll be opening up a can of worms.  I'm not sure I want to.  But two or three things that come up for me.

A couple of things that come up for me is that existent global dialogue on cyber security and content blocking I think has been in the favor of the West.  And it's more tandem with protecting western interests that are not necessarily reflect on the economic growth and development of developing countries.

So I think that's an important point that I'm taking away from this.

The second thing that I probably am taking from here is that there are better ways that we could begin to think about finding a solution to identifying criminals online.  And I think there's a lot more research that is required in the area.  It may take place in a technical perspective, but it cannot be done alone within a technical dimension.  I think there are a lot more answers to the problem from social, cultural and economic perspectives.  Thank you.

>> So we've had very useful discussions and ideas and suggestions coming out.  And hopefully either bilaterally or together among the different participants there might be further dialogues either at this event or in the future.  And with that, I just want to thank the panelists and the audience.  And being so efficient that we're actually finishing a little bit early so folks can get to lunch on time and get to the next meeting.  So with that, a round of applause to everybody.  Thank you.

[Applause.]

(end of session).