EU Internet Policy & Governance

The Internet should remain a single, open, free, network of networks, subject to the same laws and norms that apply in other areas of our day-to-day lives and governed globally by multiple stakeholders in a an inclusive, transparent and accountable manner, according to a Commission Communication published last week.

The Communication entitled “Internet Policy and Governance - Europe's role in shaping the future of Internet Governance”, published on 12 February 2014, sets out the Commission’s ‘vision’ for a common European vision for Internet governance. The Communication builds on the European Commission's previous Communication on Internet Governance from 2009.

The Commission envisages a sustainable multi-stakeholder model of Internet governance aimed at defending and promoting fundamental rights and democratic values based on a set of clear rules that would guarantee, as a single, un-fragmented network, subject to the same laws norms and judicial remedies that apply in other areas of day-to-day life.

The Commission believes that the EU institutions and Member States need a common vision for the future model of Internet governance and that the EU, and the world at large, needs to take a conscious position on the future shape and development of Internet governance.

The Commission wants the economic potential of the Internet to be able to be fully exploited so that individuals can access the content, goods and services they want, and control which personal data they want to share or not. This will require secure, stable and resilient networks as the basis of a trusted and flourishing Internet economy. Furthermore, the Commission believes an open and free Internet can contribute to social and democratic progress worldwide.

However, the Commission points out that in recent times, conflicting visions on the future of the Internet and on how to strengthen its governance model have intensified. Revelations of large-scale surveillance programmes and a fear of cybercrime have affected trust in the Internet.

A continued loss of confidence in the Internet and its current governance could slow down innovation and the growth of European internet companies which in turn could lead to pressure for new regional and national governance structures that might lead to a fragmentation of the Internet.

A Principles-based Approach

The Commission affirms that the EU is committed to ensuring the Internet should remain accessible in the same manner, irrespective of the location of the user and the provider.

According to the Commission this commitment is ensured through the Commission’s “COMPACT” approach, which builds upon the Tunis Agenda of 2005, which defines the Internet as “a space of Civic responsibilities, One unfragmented resource governed via a Multi-stakeholder approach to Promote democracy and Human Rights, based on a sound technological Architecture that engenders Confidence and facilitates a Transparent governance both of the underlying Internet infrastructure and of the services which run on top of it.”

However, the filtering traffic at borders or other purely national approaches could lead to fragmentation of the Internet which in turn could compromise economic growth and the free flow of information.

While the Commission does not want to exclude diversification of the underlying infrastructure such as local internet exchange points and transmission capacity, as well as measures necessary to protect fundamental rights, the Commission is also conscious of the need to prevent the fragmentation of the Internet

Although Internet governance principles have been developed in various fora, the Commission points out that in most cases these are only supported by a limited set of stakeholders, or limited in geographical scope.

Therefore the Commission calls for a process leading towards a more broadly supported and coherent set of principles for Internet governance consistent with fundamental rights and democratic values, with all stakeholders.

The Commission therefore proposes to help discussions among stakeholders, including via multi-stakeholder platforms and the High Level Group on Internet Governance. The Commission also invites the Council and the European Parliament to contribute to these discussions.

Cooperative Governance Framework

The Internet Governance Forum (IGF) has emerged from the World Summit on Information Society (WSIS) to facilitate discussions amongst all stakeholders, many of whom had not cooperated closely before. The Commission considers it necessary that the quality and format of conclusions of the Forum are improved so that they have more impact on global Internet governance and policy.

The Commission also believes that stakeholders involved in Internet governance should communicate more through issue-based dialogues instead of through new bodies. However, the Commission considers that it is essential that a sustainable model is needed that clearly defines the roles of actors in the governance process, including the role of public authorities to fulfil their public policy responsibilities consistent with human rights online. This model would necessarily require a shared commitment by all stakeholders to a coherent set of Internet governance principles.

Also essential would be accountability mechanisms for actors on the Internet including organisations responsible for key Internet tasks. The Commission suggests using self-assessment and independent peer review to strengthen implementation and recommend improvements. The Commission highlights the use of multi-stakeholder review panels by the Affirmation of Commitments of the Internet Corporation for Assigned Names and Numbers (ICANN), as an example of good practice that could be used by other organisations.

The Commission therefore commits to engage with stakeholders with a view to:

(1) Strengthening the Internet Governance Forum (taking account of the Recommendations of the Working Group on Improvements to the IGF);

(2) Clearly defining the role of public authorities in the multi-stakeholder context, consistent with an open and free Internet;

(3) Assist issues-based multi-stakeholder dialogue and decision-making between organisations and fora.

Globalisation of Core Internet Decisions

Although the Internet works without oversight by international intergovernmental bodies, the Commission believes the legitimacy of current governance could be improved through a greater international balance within the existing structures.

The Commission argues that ICANN must become global due its vital support function of societies and economies in the whole world. The Commission points out that the leaders of organisations responsible for the coordination of the Internet's technical infrastructure called for the globalisation of ICANN and IANA functions to be sped up in their Montevideo statement in October 2013.

According to the Commission the Global Multi-stakeholder Meeting on the Future of Internet Governance, to be hosted by Brazil in April 2014, should identify concrete steps to address the globalisation of ICANN and the IANA functions.

The Commission meanwhile will work with all stakeholders to identify how to globalise the IANA functions, whilst safeguarding the continued stability and security of the domain-name system and establish a clear timeline for the globalisation of ICANN, including its Affirmation of Commitments.

Multi-Stakeholder Processes

The Commission supports a ‘genuine’ multi-stakeholder approach for Internet governance in order to foster legitimacy. Although various forms of multi-stakeholder processes exist this does not guarantee the legitimacy of their outcomes.

The Commission proposes that multi-stakeholder processes in relation to Internet policies must fulfil (along with fundamental rights) the following minimum requirements:

(1) Transparency – This means all stakeholders should have meaningful access to and information on the organisational processes and procedures under which a body operates. This should prevent in particular any proxy activity for silent stakeholders.

(2) Inclusiveness and Balance - A reasonable effort to reach out to all parties impacted by a given topic must be made, and fair and affordable opportunities to participate and contribute to all key stages of decision making should be offered, while at the same time avoiding such processes being dominated by any particular stakeholder or those with vested interests.

(3) Accountability - Clear, public commitments to be held accountable to stakeholders or independent supervisory bodies. This also means that any party can seek redress through effective dispute resolution mechanisms.

Multi-stakeholder approaches also need to make efforts to counter the significant differences in the ability to participate across the various stakeholder groups to better ensure representativeness, such as by allowing remote participation by default and recognising those different stages of decision making processes have their own requirements that may involve different sets of stakeholders.

The Commission welcomes and encourages stakeholder groups to continue working on the development of multi-stakeholder guidelines. However, such processes should not affect the ability of public authorities to ensure their public policy duties including the right to come forward with regulation if necessary.

The Commission therefore calls upon stakeholders to strengthen the sustainability of the multi-stakeholder model by making it more inclusive, transparent and accountable. The Commission promises to work with stakeholders on the exchange of best practice.

The Commission also identifies the broad range of Internet-related policy areas and its complex institutional framework, as an obstacle to effective participation in Internet policy making for many stakeholders.

The Commission wants more efforts to be made to expand multi-stakeholder structures in countries that are insufficiently represented. The Commission suggests making access to forums and information by remote participation in meetings a general rule. In the future, data mining and data visualization tools could be applied to openly available data and information on Internet policy and governance to increase stakeholder participation on a broader scale.

The Commission therefore plans to develop a global online platform, (to be called the Global Internet Policy Observatory - GIPO) for the monitoring of Internet policy-making, regulations and technology. The platform would aim to help identify links between different forums and discussions, making it easier for stakeholders with limited resources to follow, understand and engage with Internet governance and policy.

The Commission proposes to launch the technical development of the Global Internet Policy Observatory (GIPO) in 2014 as a global resource and calls on stakeholders to make efforts to promote multi-stakeholder processes in countries and regions where such processes less developed or do not exist.

In 2014 the Commission states that it will continue to strengthen its development assistance programmes in support of media development and freedom of expression, as well as technological, policy and regulatory resources related to the Internet.

The Commission points out that there is experience with multi-stakeholder models for the formulation of Internet-related policies at the national level which could serve as possible examples of best practice. The need to have a consultation mechanism in place is key and this needs to be adapted to the pace of technological change and the resulting implications on Internet governance related policy. A continuous dialogue with a wide range of stakeholder groups is suggested.

Another important function could be to help coordinate the activities of existing advisory bodies in the EU. The Commission considers that it needs to be able to engage more actively with the diverse set of Internet stakeholders in Europe, including grass-roots initiatives.

The Commission will therefore launch a broad consultation, of civil society, the technical and academic communities and European industry, as well as the European Parliament and Member States, on how to ensure transparent multi-stakeholder involvement in the formulation of future European Internet governance policies.

Technical Norms Shaping the Internet

Technical details of Internet protocols and other IT specifications can have significant public policy implications, such as data protection rights and security, or access diverse to information, and freedom of expression. For companies conducting business online, security concerns need to be taken into account.

The Commission therefore welcomes the efforts to establish approaches to specification setting based on public policy concerns such as technical guidance for privacy considerations in new protocols, the recognition of multilingualism for internationalised domain names, or accessibility standards for persons with disabilities.

However, the Commission notes that key decisions are frequently made by technical experts in the absence of broad stakeholder representation. An effective multi-stakeholder approach to specification setting needs to be taken based on interactions between technical and public policy considerations so that technical specifications more systematically take into account public policy concerns.

According to the Commission the implications of norm setting in relation to the Internet require an open public debate with all stakeholders including industry.

The Commission therefore proposes holding a series of workshops with international experts in law, ethics, social sciences, economics, international relations and technology together with interested parties to produce concrete recommendations to ensure coherence between existing frameworks and new forms of Internet norm-setting.

The Commission also encourages all stakeholders to strengthen (and where appropriate create) mechanisms to allow regular, early participation in technical decisions. These should also aim to establish the consistency of technical decisions with human rights.

Building Public Confidence

Confidence in the Internet and its governance is a prerequisite for the Internet to be an engine for economic growth and innovation, according to the Commission. Therefore the safety, security, stability and resilience of the Internet are crucial ensuring the economic and societal benefits.

The EU is addressing this through the reform of the EU data protection framework, carrying out an effective fight against cybercrime and by adopting an ambitious approach to cyber-security, through the EU Cybersecurity Strategy. The Commission commits to working with the other EU institutions to adopt and implement key legislation, including the reform of the data protection framework and the proposed Directive on network and information security, to strengthen trust online.

The Commission is concerned by certain online activities notably cybercrimes - such as online child abuse and identity theft, cyber-attacks and non-cash payment fraud, along with other forms of unlawful processing of personal data. These pose a serious threat to public confidence in the use of the Internet. The role of the technical community will be crucial, notably by ensuring confidence in IP based communications and the resilience of cryptosystems to increase the trustworthiness of IP based communications.

The Commission also considers large-scale surveillance and intelligence activities have led to a loss of confidence in the Internet and its present governance arrangements. The Commission addressed some of these concerns notably in its Communication on rebuilding trust in international transfers of personal data but feels that implications for global Internet governance still need to be addressed.

The Commission underlines its commitment to working with partners to rebuild trust in the Internet, through the strengthening of its global governance, which the Commission considers the prerequisite for a sustainable future for an open Internet.

Conflicts of Jurisdiction and Laws

The Commission identifies the tension between an international Internet and national jurisdictions, which has led to legal uncertainty in certain areas, as a key area to be addressed. The Commission therefore calls for more thorough reflection on how existing laws apply on the Internet.

Although uniform European rules on jurisdiction and the recognition and enforcement of judgments and conflict rules exist in some areas of private law, the Commission points out that, at the international level, conflict rules are insufficiently developed which leads to unsolved conflicts of laws.

The Communication highlights key examples, firstly noting that extraterritorial application of national law, often based on the geographies of the Domain Name System, has led to a number of contradictory legal decisions.

The opaqueness and complexity of non-contractual obligations of ecommerce traders, including provisions on applicable jurisdiction and law, may give rise to a certain degree of legal uncertainty. For Internet related services that are inherently cross-border in nature, such as cloud-computing services, this complexity at international level can be harmful for growth.

The Commission does however state that when addressing the issue the diversity of cases that can be subject to these conflicts needs to take into account, and it is therefore not appropriate to address them by one single mechanism.

To address this issue the Commission commits to launching an in-depth review of the risks, at international level, of conflicts of laws and jurisdictions arising on the Internet. The review will assess ways to resolve such conflicts and all the options at EU or international level. This may include legislative initiatives or additional guidelines and will build on existing policies.

Next Steps

The Communication has been transmitted to the European Parliament and the Council for examination. Either or both of these institutions can formally respond to its findings.

In addition to carrying out the different actions set out in the Communication, the Commission plans to report on the progress of its approach in 2015 in the context of global developments in Internet Governance.