John Stankey, President and CEO, AT&T: "Data consumption right now is growing 40% a year."

With growth rates less than half of the predictions, a data-driven FCC and Congress has no reason to rush to bad policy. Wireless technology is rapidly moving to sharing spectrum, whether in-building small cells, WiFi, White Spaces, Shared RAN or tools of what the engineers are calling hetnets — heterogenous networks. The last thing policymakers should do is tie up more spectrum for exclusive use; shared spectrum often yields three to ten times as much capacity.

Bad compromises on the video spectrum are unnecessary because plenty of spectrum is unused. That includes the 20 MHz that M2Z would be building out today if Julius hadn't blocked them; the 20 MHz the cable companies are sitting on and want to sell to Verizon; and the 30 MHz or so Stankey identifies as fallow at AT&T.

40% growth is still substantial, but wireless technology is improving at a breathtaking pace. LTE has about 10x the capacity of 2.5G and 4x the capacity of 3G. LTE Advanced, deploying beginning 2013 at Verizon, is designed for 10x the capacity of LTE. Putting more spectrum to use would be great, but let's do it right.

Wireless speeds are actually going up dramatically, with AT&T delivering 2-5 megabits to most of the country and Verizon's LTE delivering 5-12 megabits to 2/3rds of the population. Verizon is ahead of schedule to bring 5 megabits+ to 92% of the country in 2013 and 96-98% in 2015-2016. AT&T and Sprint have raised capex to catch up. 80%+ of the U.S. will have a 5 megabit offering in 2013-2014, 90%+ by 2015 or sooner. That's without any additional spectrum.

Today's wireless networks are designed to be shared: towers, WiFi, White Spaces, DAS and small cells all working together. The best engineers in the world are working on RAN sharing, SON, hetnets, 8x8 MIMO and techniques I'm writing about in my next book, Gigabit Wireless. AT&T in fact is one of the world leaders in DAS, WiFi and femtos and behind the scenes a key thought leader. There's wonderfully exciting stuff I'll be doing my best to translate for non-engineers.

Takeaway: The future is sharing the airwaves so let's get the policy right.

Written by Dave Burstein, Editor, DSL Prime

Lying at the heart of the cycle is the fact that these hot threats have never been particularly new. Within the security community, we tend to talk about the evolution of the threat landscape. If you speak with the relevant experts about a particular threat category you'll uncover that the back story to many of these "hot threats" often goes back a decade or two. Mobile malware threats are certainly no exception.

A history lesson in the evolution of mobile malware is hopefully not required, beyond to say that today's hot threat has evolved over a couple of decades and poses less of a technical challenge than many believe or commonly portray. But as history so often reveals in these cases, when a new threat is similarly labeled and thrust into the limelight for the first time, there's all too often a stampede towards apparently novel and threat-specific solutions.

Solutions (and I use that term very loosely) within the mobile malware threat mitigation arena are increasingly difficult to differentiate from one another. In the confusion of defining a new threat and the nomenclature that accompanies it, the underlying technologies and viability of their approaches can get lost rather easily.

What is the "Mobile Threat"?

When I meet with customers, prospects and journalists, I get a lot of questions about the Mobile Threat. In particular, how should businesses work to defend against it? My immediate response tends to be "what do you define as the mobile threat?"

The term "Mobile Threat" is amorphous — it has become a catch-all to encompass anything not physically tethered to a network and happens to be newish from a technology perspective, and likely subject to some new (previously unencountered) formulation of evilness. That sounds like a kind of wishy-washy definition (and it is), but catch-all's usually are. Instead, I'd rather focus on one aspect of the Mobile Threat — that of the mobile malware threat.

As I described in a blog entry illuminating a handful of security predictions for 2012, mobile malware threats continue to be misunderstood. It's all too easy to dive deep in to the various technologies that expose mobile devices to new forms of attack and vectors of compromise; just as it's rather easy to describe the various built-in technologies that the developers and engineers of the mobile devices have included to prevent many of the "legacy" threat categories we're already all too familiar with.

You could spin a lot of cycles looking into the "what if's" of mobile security threats but, at the end of the day, if you want to determine which threats and attack vectors are going to be the most immediate and protectable concern for your organization you only need to understand two things — how do your employees really use their mobile devices, and how are cybercriminals going to monetize their control of these devices?

For a moment, think about this. While Smartphones and Tablets often share a common operating system and maybe even the same application markets or stores, they are used in different ways, at different times, to accomplish different tasks. For this reason the attack vectors cybercriminals (and espionage-focused agencies) choose to launch against them are different for each category of mobile device. The tools — of which the most commonly encountered category is "malware" — are likely to be transportable between devices, but the vectors for installation and the type of meaningful information that can be extracted via them are quite different.

When it comes to the cybercriminals that target mobile devices (which constitute the core element of the "Mobile Threat"), it is interesting to note that they're pretty much the same entities that have been historically successful in targeting traditional non-mobile devices. That shouldn't really be a surprise to anyone — it's all about monetizing the victims. If a particular cybercriminal group specializes in online banking fraud and a third of their potential target list shifts to tablet-based banking applications, they need to make a business decision — do they target the new platform or optimize their attacks against the traditional devices. As mobile application use increases, there's an increasing driver for cybercriminals to invest in new mobile tool development. Similarly, if employees are wirelessly connecting to corporate systems and assets using mobile devices in preference to other traditional platforms, the attackers are forced to target these new devices and develop the appropriate tools.

It's important to note that, while the end-point device is physically changing and the specifics of the tools the criminals need to develop and install upon the compromised devices is also changing, at the enterprise network and Internet infrastructure level there has been no change in criminal behaviors; nor is any change actually needed by them. The vast majority of C&C communications are HTTP-based regardless of the malware family or compromised device type. By speaking the same language, the cybercriminals can keep their existing infrastructure… business as usual!

Written by Gunter Ollmann, VP of Research at Damballa

It is January 2012 and we keep our heads above the mobile data deluge, even if barely, thanks to a gathering avalanche of LTE networks.

Even the wildest prognoses proved conservative as the GSMA was betting on a more 'managed' progression through intermediate steps of gradual increases reasoning that the use of existing investments should be maximized while price declines and threats to existing roaming and SMS revenues also had to be 'managed'. Continuity implies to postulate that transitions should be gradual, not chaotic or highly disruptive. The last two years, however, turned out to be rather disruptive after a plateau of relative tranquility powered by a steady traffic and revenue growth in the wireless data world. But over the last year we have rather unexpectedly seen industry pillars including Microsoft, Nokia and RIM heaving and creaking under the mobile broadband gusts. Once unassailable Symbian now fades away and Android dominates the charts. Cloud computing combined with ever more Intelligent and versatile end devices is likely to further upset a relatively stable decade when some dominant computer and handheld operating systems were revenue and profit gushers with every new version they issued.

It still holds that faced with deluges of data and floods of handsets and applications, a drought of IP addresses might be perceived as a rather minor issue in the scheme of big things that would be resolved in due time anyway. As address depletion became a reality, the excitement was limited to the circles of digerati and cognoscente but went largely unnoticed by the vast majority. Not so when broadband networks fail to deliver enough bandwidth to provide a satisfactory user experience.

Back in June of 2009 there were no LTE networks operational. Ten of them were forecasted to go live by the end of 2010. The very first to become commercial was Teliasonera in Norway and Sweden on December 14th 2009. In the US, MetroPCS was first of the mark on September 21st 2010 followed by Verizon Wireless on december 5th the same year. In Canada, we saw Rogers Wireless start LTE service in july 2011 with Bell following in September 2011, the same month as AT&T Mobility.

Latest GSM Association figures (registration required) show us that as of January 5th 2012 we have 49 operational LTE networks in 29 countries and 229 deployment commitments in a total of 79 countries. And obviously LTE networks have to be able to talk to each other. This in turn is generating furious activity to deploy IPX exchanges to provide data and voice roaming in an all IP environment, a topic by itself, and keeping a number of us quite busy over the last six months.

And what about IPv6 in all of this? It is or soon will be under the hood. Verizon announced from the start that their devices would support IPv6 as recommended in the LTE specifications and they kept their word. Some mobile network operators have been rather discreet but are quietly working on their IPv6 deployment. They consider upcoming IPv6 support as implicit; IP addresses are IP addresses, their format is irrelevant to the general public.

Mobile operators often cited lack of LTE ready enabled end devices as a delaying factor. That argument is now passé. End of October, the GSA listed 197 LTE enabled devices from 48 manufacturers, up threefold since February 2011 and the list includes 27 smart phones. And If you happen to be enjoying the Consumer Electronics Show in Vegas this week, LTE devices are hot!

Now that both voice and data are becoming more widely available as voice over LTE concerns move backstage, competitive pressure should start working its magic. The choice and the application versatility of LTE enabled devices associated with quality of service and adequate pricing is what turns on a mobile broadband hungry public.

We already start to feel the acceleration of the LTE powered mobile broadband bullet train. The art will be to translate this in IPv6 traffic growth forecasts. I have a vague feeling that the most accurate forecasts will unlikely be based on some prudent extrapolations.

Let IPv6 enjoy the LTE ride.

Written by Yves Poppe, Director, Business Development IP Strategy at Tata Communications

2011 has been a significant year for the technology sector globally. Information technology is touching more people in more ways than ever before.

Developed markets will be considering a 2012 in which business innovation, competitiveness, and service differentiation are built on ubiquitous broadband, cloud computing, smarter mobile computing, and an increasing plethora of Internet-connected devices. By contrast, securing the technology future for developing markets demands that attention be placed on more fundamental issues.

Here are five key tech issues for the emerging markets in 2012.

Internet Infrastructure

The build-out of critical Internet infrastructure is critical to economic diversification and sustainable development. Initiatives to improve routing of domestic Internet traffic and provide new, more optimal routes for regional Internet traffic must be accelerated through the build-out of Internet exchange points (IXPs). One top of the exchange points must come expanded terrestrial and mobile broadband networks.

Implications: Internet service providers (ISPs), governments, and businesses must work together for a faster roll-out of national and regional infrastructure. This is the key to unleashing ICT-based innovations and spurring the market for digital content and mobile service delivery.

Incentive Regulation

The agenda for infrastructure development must be guided by informed government policy. This is particularly crucial in smaller economies where market size does not present sufficient incentive for private sector investment. Incentive regulation to improve the current weak frameworks for stimulating growth and protecting consumer interest in the ICT sector will be demanded by the private sector. At the same time, governments will increasingly recognize that national benefits of ICT-enabled growth are too important to leave to the private sector to set the implementation agenda. More stakeholders will call for ICT adoption to be set within a wider context of national development.

Implications: Regulators have to adapt more quickly to technology changes. They must take the lead in ensuring that market forces align to social development objectives. Done well, this can translate to increased business innovation, improved delivery of government services, and greater consumer choice.

Cybersecurity

Cybercrime will increasingly challenge resource-constrained businesses and governments. Businesses, especially those with large, high-value networks, like financial services providers and energy companies, will require greater support cover not just nationally but regionally. A coordinated approach is critical to guiding national action and ensuring consistency and compatibility of action among nations. If regional governments are to secure their information and communications systems, identifying and investing in a central point of coordination for cybersecurity must be a top priority.

Implications: Governments must put aside petty internal and intra-regional differences and cooperate fully to ensure that cybercrime does not disrupt already fragile local economies and markets.

Mobile Phones, Mobile Apps, Mobile Services

Growth in mobile computing uptake and the availability of mobile apps that address local needs will continue. It will be driven by consumer-focused apps, but eventually business apps will catch on. As smartphones proliferate and mobile providers upgrade their networks to provide customers with faster mobile broadband access, software developers will have greater incentive to build apps. The improved user experience resulting from faster mobile data plans means that consumers will also have greater interest and incentive to use mobile apps and services.

Implications: The education sector must evolve to supply the human resources needed to support, not only the creation of digital content, but the development of new, digitally driven innovation and enterprises. This will create opportunity in the private and NGO sectors for training and capacity building beyond the traditional approaches.

Open Data

As governments increasingly recognize the potential of open data, they will move to make their datasets publicly accessible. Progressive administrations will seize the opportunity to demonstrate their commitment to transparency and accountability. Of course, they will also benefit by shortening the timeframe of new service roll-out and shifting the burden to innovators and entrepreneurs.

Implications: A huge opportunity has opened for entrepreneurs, researchers, and society. More public awareness is needed to stimulate innovation, collaboration and, most important, more efficient, personalized services for citizens.

Onward to 2012

There is wide recognition of the value of building knowledge-based economies and of investing in technology-driven systems. These are fundamental to economic and national development. There is also no denying that the technology revolution is exposing antiquated infrastructure and institutional processes; testing the philosophy and approach to education; highlighting the imperative for new approaches to human resource development; and creating new, strategic challenges for business, education, and political leaders alike.

Advances in technology have exacerbated the vulnerability of states to externally developed and controlled intellectual capital. The central role of information and communications technology in modern society amplifies the debate on priority and significance of deliberately cultivating and securing indigenous intellectual capital.
From all indications, 2012 will be a continuation of the positive trends and innovations that gained momentum in 2011. The most forward-thinking, innovative organizations will continue to adopt and deploy technologies to improve efficiencies and better engage customers and citizens.

In 2012, these developments in emerging markets will require strong, ethical leadership to ensure that investment in technology is matched by commitment to equitable social development.

Written by Bevil Wooding, Internet Strategist, Packet Clearing House

Solid hits for both carriers: not homeruns, but very strategic singles and doubles.

What results from these deals? Well on the positive side the two major carriers have more spectrum to satisfy consumer demand. On the negative side this spectrum initially was acquired by companies that offered the prospect for more competition. The competition will not occur, so the incumbents have even less downward rate pressure and the incentive to innovate.

No one has convinced me that the wireless marketplace in the United States has too many carriers and too much competition. Quite the contrary. But no carrier wants to compete with two "too big to fail" giants who have the customer base and spectrum to make quite costly competitive market entry, or even competition by existing carriers. These barriers to entry solidify incumbent market dominance, something the FCC could have prevented if it had reserved spectrum for new carriers and nondominant existing carriers.

This would not "promote competition for competition's sake." Instead it would enable sustainable competition to flourish in much the same way that airport authorities do not allow one or two airlines to capture all the landing slots. Airport authorities have learned the hard way that allowing one carrier to dominate results in higher prices. While price sensitive customers can vote with their dollars and take alternative transport, or drive to another airport, wireless subscribers have limited options.

Might a further consolidation of spectrum — the functional equivalent of landing slots — result in higher prices in the "robustly competitive" U.S. wireless marketplace?

Written by Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law

… guide the FCC's work on technology and engineering issues, together with the FCC's Office of Engineering and Technology. He will advise on matters across the agency to ensure that FCC policies are driving technological innovation, including serving as a resource to FCC Commissioners. He will also help the FCC engage with technology experts outside the agency and promote technical excellence among agency staff. He will be based in the FCC's Office of Strategic Planning and Policy Analysis.

Henning brings an excellent background to this role, having been one of the co-authors of the Session Initiation Protocol (SIP - RFC 3261) and the Real-time Transport Protocol (RTP - RFC 3550 and 1889), the two main standards used in most Voice over IP (VoIP) systems today. Henning is also the author/co-author of over 70 other RFCs and countless Internet-Drafts and has been active with the Internet Engineering Task Force (IETF) since the 1990's. He also served on the Internet Architecture Board (IAB).

Given the recent FCC workshops on the transition of the Public Switched Telephone Network (PSTN) to new technologies, it's great to have someone with Henning's background and knowledge in a prominent role at the FCC. Henning himself noted this in an email to the IETF DISPATCH working group mailing list, where he noted that the FCC is definitely seeking input from technical folks.

Obviously in this new role he'll be working not only with real-time communications but also with the wide range of other areas that the FCC covers. Regardless, it's excellent to have someone with Henning's background providing this level of advice and input to FCC activities.

Prior to joining the FCC, Henning has been a professor and chair of the Computer Science department at Columbia University. In my experience he's also just an all-around decent person and I'm very much looking forward to seeing what he'll do at the FCC.

Written by Dan York, Author and Speaker on Internet technologies for over 20 years

http://www.fcc.gov/events/public-switched-telephone-network-transition

Given that the workshop was 4 hours long, you may or may not want to watch the entire session. The workshop was divided into four hour-long panels that consisted of brief presentations by the various panelists followed by questions to each panel from the moderator and attendees. FCC Chairman Julius Genachowski also appeared briefly to provide a few comments.

The order of the workshop panels is as follows (and differs from the planned agenda only in that FCC Chairman Genachowski's comments came between the first two panels):

• The Impact of Broadband Communications on Public Safety and Network Reliability
• Remarks by Julius Genachowski, Chairman, FCC
• Disability Access in Substitute Services
• Technical Capacity, Capabilities, and Challenges Facing Future Rural Networks
• Identifying, Evaluating, and Transitioning Key PSTN Edge Functionalities (e.g., alarm monitoring, medical devices, and consumer equipment)

In his comments, FCC Chairman Genachowski discussed how the world is changing and moving to an IP network. He highlighted that 19% of the nation's telephone connections are already interconnected VoIP and 30% of Americans have cut the cord and moved to wireless. He spoke of the role of IP networks in unleashing innovation, contributing to job creation, education, etc. and indicated he and the commission are seeking answers to questions such as these:

• how do we minimize consumer disruption in the move?
• how do we ensure public safety access?
• how do preserve and promote disability access?
• how do we ensure ubiquitous access?
• how do we ensure access to high quality service?
• how do we best foster innovation?

He emphasized that the current PSTN is reliable and accessible and we don't want to lose benefits of old system. He indicated that he wants to enable the private sector to take the best benefits of PSTN and bring those into the future while taking advantage of new technologies.

The panelists in each section all saw the transition as inevitable, indicated it was already well underway and raised legitimate concerns to be considered with regard to their topic area. For instance, the sheer number of installed devices connected to the PSTN will take quite some time to change over to devices that can work with IP networks. An example was given that a standard for alarm systems over IP was only standardized within the TIA in 2007 and a similar standard for smoke alarms over IP was only standardized in 2010. It will take quite some time for devices with those standards to propagate out into commercial availability and transition options may need to be evaluated. Similarly, while the use of traditional TTY devices continues to decline, there is still a huge installed base. These TTY devices are designed to work over the PSTN and the traditional protocol used does not work well over IP. These devices will need to either be replaced or have a transition device such as a terminal adapter installed to work over IP networks.

All in all it was quite an interesting session and hopefully did provide the FCC with the type of feedback they were seeking. The second FCC workshop on the PSTN transition takes place tomorrow, December 14, 2011.

Written by Dan York, Author and Speaker on Internet technologies for over 20 years

TD-LTE offers the potential for utilizing unpaired spectrum and enhancing operational efficiency.

Worldwide, the technology is being rolled out in a number of countries including China, Japan, Saudia Arabia, Sweden, Poland and more.

China Mobile is cooperating with a number of countries worldwide. Underlining the need for cooperation, the dream is for "one device that could be used around the world," and China Telecom believes that this would come true in a 4G era.

Currently accepted by ITU-R as an IMT-Advanced candidate technology, an issue which will be high on the agenda of the upcoming ITU World Radiocommunication Conference in 2012, the session summed up the potential that TD-LTE offers in delivering next-generation wireless services, the current state of play, and how sustained international cooperation and debate will help usher in the next generation of wireless technology.

Written by Paul Budde, Managing Director of Paul Budde Communication

Read full story: Bloomberg

"Today, US carriers have 538MHz of spectrum. And, additional 300MHz of additional spectrum waiting in the wings. But, only 192MHz is in use today."

Perhaps if we had an effective "use it or lose it" policy in place, or a heavy tax on unused spectrum a more vibrant market for this spectrum would emerge. But today, the problem is not a shortage of spectrum but the fact that what's out there is not being utilized.

Obviously things vary by geography, but Citi's summary is completely justified. Their methodology is thorough both as to who owns what and what is deployed county-by-county for 3100 separate counties. Here's the summary of what's in use:

and here are the details on what's currently owned by US carriers:

So why would we repack the TV broadcasters and auction off that spectrum when we've just finished putting in place unlicensed access to TV white spaces? Unlicensed spectrum will be heavily utilized while more exclusively owned spectrum will just add to the pool of under utilized resources.

Written by Brough Turner, Founder & CTO at netBlazr

Wireless is not a solution to the significant broadband problems the USA is facing. As a shared technology this means the more users on the network the slower the system will be. This, then, creates the opportunity for the carriers to introduce capped prices, and soon wireless broadband will either become too expensive for most Americans or they will get a second-rate quality based on low speeds.

The new plan seems to be driven more by the failed attempts in previous initiatives to roll out more broadband infrastructure. Wireless plans were first pursued after the National Broadband Plan (NBP) was launched, but didn't go anywhere.

In my view these are parallel developments — we need both mobile broadband and fixed broadband (ultimately fibre). In principle, the NBP addresses the fixed plan, but there is no action on that front. DOCSIS 3 networks will fill the gap for the time being, but longer term we will get a skewed development, which will not be a good one if. Nevertheless the American entrepreneurial spirit may kick in and eventually nationwide and affordable fibre may be rolled out.

As we have been saying for the past three years, none of these plans will be successful unless the US accepts some form of structural change to its telecoms environment. The market is totally dominated by AT&T and Verizon, and according to Bruce Kushnick, Chairman of Teletruth, and Executive Director of New Networks Institute they have proved to be all-powerful — nothing will pass Congress that has not been approved by these two companies.

Such monopolistic behaviour is hampering any development that would lead to a large-scale deployment of affordable high-speed broadband.

The risk is that a desperate Administration may apply most of the latest stimulus plan to the telco and cable vested interests, without any benefit to innovation, competition or affordable broadband access for all Americans. The Administration is in desperate need of money and the wireless plan needs to be funded through the spectrum auctions.

It's difficult to clear already allocated spectrum, and spectrum auctions have always been used as a revenue raiser. In practice this means that AT&T and Verizon buy it all up in order to keep out competitors. Without the pressure of competition this also stops any innovation, improvement of the services or achieving more competitive prices.

As soon as any moves are made towards an increase in competition, innovation or affordability, the telcos will sue, or put an end to any such activities through co-opted whole-state legislatures. They are greatly supported here by the media. The telcos have essentially paid off the major media through their advertising purchases. Any analyses of telcos' plans in the mainstream media are devoid of any criticism — 'we won't say bad things about you and you'll give us ad revenues'.

Furthermore, the massive consolidation of the original Bell companies did not just mean that they got larger; they also acquired a lot more money to develop a national lobbying plan, using the combined resources of 10-12 very large companies.

Back to the wireless broadband plan…

The main aim of the wireless broadband plan in the new stimulus package seems to be the public safety network.

According to one of my other American colleagues Fred R. Goldstein, the principal of Ionary Consulting, the plan includes reallocating the D Block for public safety (costing US$3 billion) and US$7 billion to support the deployment of this network, along with technological development to tailor the network to meet public safety requirements. This is part of a broader deficit-reducing wireless initiative that would free up public and private spectrum and enable the private sector to deploy high-speed wireless services to at least 98% of Americans, even those living in remote rural and farming communities. In addition, freeing up spectrum from the private sector through voluntary incentive auctions would raise money to pay for these investments in public safety and also reduce the deficit.

The concern here is that the Administration seems to have sided with the monopolists, AT&T and Verizon, against competition. Verizon has already said that it will cover 97% of the population with its mobile network, and small players have a bit more, so there's nothing the government needs to do to reach the goal in the above political paragraph.

Just to recap, the Lower 700 MHz band includes the public safety broadband block (PSB) and the adjacent D Block. The original 2006-2007 plan, sponsored by Frontline Wireless, was to operationally combine the two. The operator (only Frontline was really a contender) would run the network for the public safety agencies and simultaneously provide wholesale commercial service to MVNOs. The commercial share of capacity would be capped in normal circumstances at around half, but in emergencies it would be lowered to around a quarter, giving PSB users more access. This would have worked. The focus was not on commercial designs, but on giving PSB users what they needed, which is more reliability under certain failure modes.

The FCC then wanted to auction off the D block, expecting Frontline to bid real money for it. The terms, however, were unbalanced — requiring Frontline to pay for the licence up-front and to then negotiate with the PSB licensee, the Public Safety Spectrum Trust (PSST).

The PSST had no downside risk if the negotiations failed, while Frontline would lose its money. Frontline could not accept these and other terms, so it withdrew at the last minute — hence no D block licence.

The FCC Opened for Comments in 2008 after that auction failure, and got the predictable responses. T-Mobile and other small carriers wanted the D block to be auctioned without letting Verizon and AT&T buy it. However, the incumbents wanted to give the entire spectrum to Public Safety, or to let them buy it and run it; but they did not want the FCC to reserve it for small players or newcomers like Frontline.

Since then the FCC has given advance licences to some public safety agencies (states, cities) to start building their own LTE networks for public safety broadband. So what the Administration's latest plan seems to do is cancel the whole D block concept and simply expand the PSB to include the D block, so the public safety agencies will have a heap of reserved spectrum, and no newcomers will be allowed this 'beachfront' (good for longer ranges) spectrum.

Verizon and AT&T end up with a duopoly on below-1000-MHz spectrum. Also the Administration will provide the duopoly with US $7 billion to help the public safety agencies build these networks.

Then the Administration hopes that TV stations will give up their broadcast channels and the TV band can be repacked again (it was repacked just two years ago for the DTV transition). This will be a battle in itself but if it eventuates it will allow some more channels to be auctioned, so AT&T and Verizon can buy them up and keep anyone else from competing.

Also repacking of TV spectrum will reduce the amount of available White Space, only a few months ago the FCC agreed to make this spectrum available to unlicensed users. As a result of the new policy  the White Space option will become much less common and  will mostly only  be limited to rural areas where the spectrum is less crowded.

Written by Paul Budde, Managing Director of Paul Budde Communication

But is Google doing the deal at least partly to give it leverage over wireless providers? I think so. The biggest threat to the growth of Smart Phones and tablets and other Google businesses like YouTube is the imposition of data caps and metered pricing by wireless providers like at&t and Verizon Wireless.

The providers would like to charge by the number of bytes transferred — similar to the way they charge for voice minutes today. Content providers (including Google) don't want an expensive impediment in the way of their content distribution. Providers of software and hardware for tablets, Smart Phones, and computers (including Google) don't want these devices to be less useful because content delivery to the devices is expensive. Not a moral issue here but a business one, although — in the long term — I think unlimited data plans lead to more growth for everyone (and proved that to my own satisfaction with the launch of AT&T WorldNet, which popularized all-you-can eat pricing way back in dialup days).

Today the handset manufacturers, with the exception of Apple, are at the mercy of the carriers, especially in the US where most phone are locked to the wireless network that subsidizes their initial purchase. If the manufacturer doesn't have a deal with Verizon or at&t, they can't get the volumes they need to be a serious player in the US market. iPhone as a must-have device for networks began to upset that balance of power; but Steve Jobs hasn't yet used Apple's muscle to build a US market for open iPads or iPhones which can run on any network given the right prepaid SIM card.

But Google is much more in the content business than Apple is — even given iTunes. Google has more to gain by stopping the spread of bandwidth caps and metered pricing before they become universal for wireless and spread to wireline as well. Google knows that the wireline providers, especially the cablecos who don't want their chokehold on content delivery loosened, would like nothing better than to move to metered pricing themselves.

A handset maker owned by Google can introduce a product without carrier backing and without the need to lock into any network. The product can be cheap to grab marketshare; the product can be subsidized through ads delivered rather than voice or data minutes sold. If the product is incredibly compelling as well, the major carriers will be forced to let it onto their networks as an open device. Customers who bought their phones from Googlerola will find it easy to switch between networks to get the best deal. Competition between carriers will then be based on service quality and pricing only; competitive pressures may well force them back to offering unlimited data. Google wins both as a content provider and as a client provider.

The announced at&t/t-mobile deal will, if approved, shift power to the carriers by eliminating a disruptive competitor and concentrating spectrum ownership. The Google/Motorola deal shifts the balance of power away from the carriers.

Dan Frommer speculates:

"If Google and Motorola can push the price of smartphones down even more, and if carriers can accelerate the uptake of mobile data plans, this could be good for them. But there's also the chance that Larry Page has a long list of wacky, disruptive ideas he wants to try, focused around handset distribution and pricing, ad subsidies, etc., which could take real leverage away from carriers. Their path toward dumb pipe status seems to be increasing by the deal. This will likely end up better for consumers but could be annoying for the carriers."

But it doesn't stop there. As Peter Kafka points out on All Things D, Motorola Mobility, the company that Google is proposing to buy, is the world's largest provider of set-top boxes. Suppose set-top boxes were not subsidized by or distributed through cable and satellite companies. Suppose they came from Googlerola and were so good at what they did and so cheap on the open market that the content distribution networks had to offer them without a specific lock to their content in order to stay in the broadband ISP business (even though they'd still be able to charge for content). That would be the end of any thought of metered pricing for wireline Internet service. Another threat to Google would be eliminated. More content opportunities would open up.

The acqusition be all about the patents as most people are saying and as Google broadly hinted; but, as Stacey Higginbotham and Katie Fehrenbacher writing on GIGAOM say: "if Google wants to use Android as a way into the home, Motorola's home automation, set-top box and broadband gear businesses now gives Google a platform from which to jump."

Written by Tom Evslin

In June, the net neutrality debate took an unexpected turn when the Netherlands leap-frogged the USA to became the first country to legislate for mobile net neutrality. Business models for fixed and mobile networks must shift toward volume charges.

The net neutrality debate has been seen not having much relevance outside the USA because the plight of carriers there was aggravated by unlimited usage. US carriers objected to carrying the extra traffic generated by the likes of YouTube and BitTorrent and others including Google objected to the carriers' crude attempts to manage traffic by restricting customers' access to such sites.

The issue came to a head in 2008 when the FCC ordered Comcast, a cable TV and Internet access provider, to cease blocking or downgrading certain users' access to some peer-to-peer download services. The FCC's ruling, however, was subsequently struck down on appeal over the FCC's authority to implement net neutrality regulations.

US state of play

The FCC rallied and in December 2010 issued a new policy (still to be tested in a federal court) that sets three basic rules for net neutrality¹:

• Transparency. Fixed and mobile broadband providers must disclose the network management practices, performance characteristics, and terms and conditions of their broadband services;
• No blocking. Fixed broadband providers may not block lawful content, applications, services, or non-harmful devices; mobile broadband providers may not block lawful websites, or block applications that compete with their voice or video telephony services; and
• No unreasonable discrimination. Fixed broadband providers may not unreasonably discriminate in transmitting lawful network traffic.

It is interesting to note that only the first of the FCC's three rules applies equally to fixed and mobiles providers. But for mobiles, the no-blocking rule applies only to services "that compete with their voice or video telephony services” and mobile providers are not mentioned at all in the third rule because "existing mobile networks present operational constraints that fixed broadband networks do not typically encounter. This puts greater pressure on the concept of "reasonable network management" for mobile providers".

But mobiles are under pressure. Free Press wants the FCC to take a close look at Google's move to curtail access (making them "unavailable for download” via the Android Market) to independent tethering apps. Google says it is doing this in response to requests from wireless carriers. But Google's Droid partner Verizon says "Google manages what's available in the Android Market."

When Verizon acquired massive amounts of spectrum in the 700MHz "C Block" auction back in 2008 it promised to adhere to the FCC's "Open Access" rules which forbid carriers from trying to "deny, limit, or restrict the ability of their customers to use the devices and applications of their choice." In the new Report and Order (Paras 134-135), the FCC has hinted that its powers may not be restricted to users of this part of the spectrum. Again, this must be tested in court.

Dutch policy

The Netherlands has gone further. In April 2011, KPN announced plans to charge mobile customers extra for using Skype and WhatsApp (an application that for $2 pa enables smart phone users to send messages for no additional charge). KPN does not reveal much but last year Telstra's messaging revenues were over $1 billion and over 9 billion SMS were sent from its mobile phones. So, losing voice and message revenues to Skype, Facebook and WhatsApp could seriously dent profitability.

To charge users access to such services, KPN would need to look at the data being transferred, using "deep packet inspection." Following protests about possible privacy violations, politicians moved quickly to stop the plan. In June 2011, the Dutch parliament passed a bill which will force mobile Internet providers to let customers use Skype and other rival services on their networks without charging extra or giving preferential treatment to their own offerings (and not to place cookies without express permission from the end user).²

KPN has responded [Business Week 19 July] saying that from September the cheapest advertised price for one gigabyte of mobile data will be part of a euro50 ($70)/month package, compared with current packages under euro20 ($28) that include unlimited data. This is similar to the moves that US fixed carriers have made by moving towards Australian style monthly caps.

Expect to see mobile handset prices increase and more volume-based charging. The latter makes sense for both fixed and mobile networks and is the next logical move after caps.

¹ FCC (December 2010) Open Internet Rules, Report and Order 10-201.
² http://www.physorg.com/news/2011-06-dutch-parliament-mobile-net-neutrality.html

Written by Henry Lancaster, Senior Analysts at Paul Budde Communication

What's so interesting about networking the home?

Well, if you regard challenges as "interesting", then just about everything is interesting when you look at networking in the home!

It's been a very long time since the state-of-the-art in home Internet was plugging the serial port of the PC into the dialup modem. Even the ADSL modem, even when combined with some for of WiFi base station, is looking distinctly passé these days. Today the home network is seeing the intersection of a whole set of interests, including the phone service, the TV service, home security services, energy management, utility service metering, possibly other forms of home device monitoring, and, oh yes, connecting the laptops and the mobile devices to the net. And of course it's not just a home LAN over a wired network. WiFi home networks are commonplace, and of course there are various Bluetooth devices. Maybe sometime soon it will be common for the home network to also host some form of 3G femtocell as well. But these days even that level of network complexity is not enough.

Increasingly, the home office is part of the work office, and if there are a number of residents at home then the home network may be an endpoint for a number of corporate and institutional Virtual Private Networks (VPNs). Within all this mélange we want sophisticated security. It's not just protecting the home network from the neighbors, but the security requirements include the ability that allows individuals to partition off their work-VPN part of the home network from other home users. Oh, and for resiliency we might want a second provider, such as a mobile service to the home, so we might want to add site-based multi-homing to the mix. And now we need to make all this fly in both IPv6 and IPv4.

That's a massive agenda of requirements. But to make this situation truly challenging, we can't expect every home to come with an IT Operational Service Manager to ensure that all the various devices you bring into the home and connect to the network all function as required for the home's particular requirements. Indeed, we can't expect any home to be so lavishly supported, nor can we afford to support home networking with a bevy of specialized call centers with on-demand support specialists expert in the panoply of consumer devices that are being sold today.

With home networks the bottom line is that the consumer is effectively on their own, and all this equipment better just work straight out of the box. No configuration, no buttons, it just has to work!

Routing @ Home

The evolution of networking at home has progressed from a single computer to a basic Local Area Network (LAN), and from there to an ether-bridged network with a number of WiFi and wired LAN segments. All these environments have a single common architecture of a single "boundary" unit that acts as a point of demarcation between the Internet Service Provider (ISP) and the home network. This unit is generally called Customer Premises Equipment (CPE), and typically encompasses the functions of a modem, IPv4 NAT, DHVPv4 server, DHCPv6 server, security firewall, bridge and rudimentary router.

But it's unrealistic to assume that home networks will continue to use a centralized model that places the entire management functionality of the home network in a single unit. So how should we view home networks? Should home networks be a single bridged LAN, or are we seeing the evolution of home networks into multiple distinct domains with a routing fabric to glue them together? And if this is the case what routing protocol should be used?

I have noticed in the low end of the CPE market it's not uncommon to see a rudimentary routing functionality supported by RIP. Now, thankfully, its RIPv2, so the routing protocol can be configured with variable length subnet masks, but even so, RIP is a very basic and simple routing protocol. But perhaps in this environment that might be a positive factor rather than a liability, in so far as RIP is simple enough to be auto-configurable. On the other hand if there is an emergent need for more complex functions then maybe we need to look a little harder at what options are available.

One of these more complex functions is the issue of subnet management. In IPv6 the CPE will collect an IPv6 address prefix. This differs from the conventional IPv4 environment where the CPE is typically assigned a single IPv4 address. So the ensuing question is: Is it possible to automate the distribution of IPv6 subnets across the entire home network? What form of management protocol is appropriate for this role.

And of course the world gets a whole lot more complicated if the home network has two (or more) service providers. In the IPv6 environment this starts to become a challenging task, not only with the distribution of multiple subnets across the home network, but also in the issue of exit path selection. If the home network is exercising due diligence to prevent source address spoofing it is also necessary for the home's routing infrastructure to deliver an outgoing packet to the "right" exit ISP, where the source address of the outgoing packet needs to match the address prefix provided by the corresponding ISP's service. In other words there is a requirement for source address routing in the home. This is a challenge that was not really addressed by the Site Multi-Homing Working Group (SHIM6), despite the best of intentions, and it represents an even greater challenge if the intent is to provide mechanisms that can achieve this in an unmanaged home network environment.

I must admit to some concern here. We've managed to keep routing work by using two principles. The first is to try and keep the routing task as simple as possible. Routing propagates a single "best" path to a destination. It does not necessarily do this quickly, nor necessarily does it carry around with it a whole set of alternatives. It does just one job. And with that we've been able to keep routing working. The second principle is to admit the that we have never really succeeded with the first principle of functional simplicity and we have always had expertise at hand to oversee the routing function and apply manual patches as required! The specialized requirements for the home network appears to be breaking both principles. The requirements are certainly not simple and I see a mix of routing techniques, including various forms of policy-based routing requirements entering the discussion. Secondly, there is no assurance that if things fail there is expertise at hand to mend the failure. Indeed the more complex the routing environment the greater the potential for complex forms of failure. Indeed as we contemplate ever more complex requirements in the home network, the greater the risk of encountering failure "by design" where it is just not possible to design products for this environment that can just work.

Names @ Home

What should I call my printer? More to the point, how should I identify my WiFi printer to all those devices at home that want to use it to print. I'm sure that I would not like to use a proprietary naming scheme that requires me to add additional name resolution software to every device at home that wants to print something, nor do I want to transcribe IP addresses into everything. I'd like my printer to get dynamically assigned IPv4 and IPv6 addresses when the device is plugged in and switched on, and have the printer's name published via a generic name resolution mechanism, namely the DNS.

But most of the time the rest of the world has no need to know the name of my printer at home, and I'm not sure that it's a good move, security wise, to gratuitously publish information in the public DNS. So what I would like for my printer is some form of "local" or "scoped" DNS, where I can name my printers, my disk servers, and other devices that I have at home in the context of my home and not have this information leak further afield. Is this scoped form of name resolution possible in the context of the DNS?

Multicast DNS (mDNS) is perhaps one of the strongest candidates for this role. In essence mDNS replaces the explicit server / client structure of the DNS with a scoped name subdomain of .local that is inherently scoped to the scope of the associated multicast domain. This allows a client to perform DNS-like name resolution functions on a local network without the need to configure a conventional DNS server environment, and without the need to obtain global delegation of a site name in the global DNS.

An alternative approach is to use a conventional DNS delegation and conventional unicast DNS queries and responses. Clients are able to use DNS Dynamic Updates to update the local DNS server with their details as they come online. The DNS server itself can be advertised to all clients via the Simple Service Discovery Protocol (SSDP), as part of the larger Universal Plug and Play (UPnP) framework.
Sensing and Serving @ Home

Where too from here? It's certainly the case that electronics has managed to pervade just about every device at home. Electricity meters are morphing into household energy management systems, and many other household appliances are now controlled by internal processors. But individually configuring each of these devices is a forbidding task. Even adding an interface to allow manual configuration can often be a challenging objective.

So the objective here is to define a standard mechanism to allow sensors to sense their local environment when powered up, obtain an IP address, advertise their existence and capabilities to the network, and, as appropriate, rendezvous with the sensor's controller or controllers across the home network.

This is another instance of a more generic class of automating the installation and use of services in "lightly" managed or even unmanaged networks, and intersects significantly with the objectives encompassed with SSDP and uPNP. The potential volume of such devices places this more squarely into a class of IPv6-only services, I suspect, which is a significant extension to the existing IPv4-centric uPnP frameworks.

What is needed here is a bootstrap protocol that can provide a connecting device with:

• address configuration
• routing setup
• name management and name server discovery
• discovery of other services and controllers
• security capabilities

Securing @ Home

One of the most significant issues with home networks lies in the area of security management. Host computers in a home network often want to place a very high level of implicit trust in their immediate network neighbours at the same home. Its not unusual for hosts in a home network to share printers, file servers, data, and even user profiles. Indeed, its probably commonplace. But beyond this local security domain a host should become paranoid and treat all connection attempts with suspicion. But where does the local trust domain start and stop? What is the "local" security boundary?

This is difficult to answer in an automated fashion. It's no longer the local LAN, particularly as as home network transition into routed networks. It's something to do with a local multicast scope, but that assumes that its possible to define a multicast scope that encompasses the local trust domain of the home network, and to do that we are back at the same question.

And even if you thought you might have a clean answer to that question, you need to remind yourself about telecommuting. With telecommuting there is a requirement to partition out an entire local network segment and lift it out of the home environment and the home security domain and transplant it into the work security domain.

Everything @ Home

Home is certainly the new field of engagement for networked good and services. But its certainly the most challenging environment. Its an environment where out-of-the-box interoperability is of paramount importance, and therefore its an environment where standards really matter. And, perhaps surprisingly, its one of the networking environments that appear to raise the most challenges. It's an unforgiving environment where there is no real substitute for simplicity and reliability in a plug and play world. And for the IETF's Homenet Working Group, there is really a lot of work to do to take a diverse set of approaches used today, add a bucketful of IPv6, and produce a coherent set of outcomes in the form of standards that support robust capable home networks that work in an unmanaged environment. By any metric that's a big ask.

Ahhh home! There really is no place quite like it!

Written by Geoff Huston, Author & Chief Scientist at APNIC

This 2 day meeting, "The Internet Economy: Generating Innovation and Growth”, had the objective of exploring a number of current issues in the public policy space, including:

• how best to develop high speed broadband access,
• how to leverage broadband for economic growth,
• metrics of broadband development and its impact, and
• how best to maintain openness and promote continued growth.

The presentations I heard at this meeting could be broadly classified into a number of themes, as outlined below.

Public Policy: The Internet as a brilliant success of Multi-Stakeholderism

The first theme was somewhat self-congratulatory in nature, and noted that the Internet has been very effective in achieving economic growth. One speaker cited from a McKinsey report that the level of economic growth attributable to the Internet in 15 years, as measured by GDP growth, equalled the level of GDP growth experienced in the Industrial Revolution over 50 years.

The speakers who talked to this theme espoused freedom of expression, freedom of governance, and freedom of enterprise — online. The Secretary General of the OCED proposed that the OECD, and its working methods of inclusion of governments, the private sector, civil society and the technical community, was uniquely positioned to further this effort. As he noted in his presentation to this meeting, "The OECD has already established many of the social norms that define the Internet today." He espoused a light touch public policy environment as a platform to provide growth, and a driver of innovation that improves efficiency and growth. In other words, when handled with some consideration and care from a perspective of public policy and governance, the Internet will continue to play the role of a critical enabling tool for wealth creation.

The prevalent meme of today appears to be "multi-skateholderism," which appears to relate to today's mixed environment of public and private sector activity, coupled with explicit recognition of civil society and other vested interests, including the technical sector as stakeholders in the process.

The tone of such presentations on the success of the open Internet and upon light touch public policies and multi-stakeholderism was generally upbeat, with some concessions to the challenges of security and net neutrality, but overall there was a sense that if the process was well structured, then such challenges could be properly addressed to the satisfaction of all.

In many ways this is little more than self-congratulatory rhetoric about the positive outcomes that have resulted from the general deregulation of the telecoms sector in the late 20th century and the associated shift of the model of service in this sector from a single public sector utility telecom operator to a diverse set of competitive private sector actors. However, an implicit subtext within this theme was a critical commentary on alternative approaches to coordination frameworks for national and international communications, notably the ITU-T, and a rather barbed criticism of the ability of such treaty-based institutions to perform the necessary structural changes to their institutional model that would allow the institution to reflect the broader set of stakeholders that are peer players in today's landscape. Perhaps behind the rhetoric is one more piece of preparatory activity in the extended leadup to the renegotiation of the world telecommunications treaty by the set of nation states that have some level of commitment a communications industry structure that is now largely based on private sector activity within a framework of open competition, and a general desire to reduce, to some extent, an indefinite continuance of the encumbrances, obligations, and structural cross-subsidies that are associated with the current treaty obligations that stand behind the ITU-T.

The Faltering of the Traditional Carrier

A number of speakers on the topic of broadband infrastructure were critical of today's network infrastructure. A salient comment I heard at one point was: "This sector really has a problem in meeting demand."

Some of the now-privatised telcos (for example, the presentation from Telecom Italia) were effectively claiming that with the impositions of net neutrality and the imposition of a public policy agenda of ubiquitous equitable access for all to a high speed broadband infrastructure funded through private capital investment was not a viable proposition.

The broader question was raised in a presentation from the Korean delegate, who raised the question as to who should fund broadband network infrastructure construction. The Australian presentation made that case that such large scale broadband infrastructure projects exceeded the capacity of private enterprise, and therefore the responsibility to lead such projects fell to the public sector. Although it has to be noted that this leadership comes at the considerable cost of around $2,000 per capita in the Australian case, and it therefore takes a relatively robust economy to underwrite such a significant level of public capital expenditure within the broader collection of public sector issues. Many other OECD economies appear to have largely left the activity of the construction of broadband network infrastructure to the agenda of the private sector, particularly where financing is concerned, and limited their involvement to cheering from the sidelines. The outcomes so far from such an approach are not exactly stellar.

Another carrier, AT&T, asserted that public communications policy in broadband infrastructure is being driven by a vocal minority rather than the mainstream and asserts that this imbalance in policy formulation will result in subsequent retrograde intervention that will restore what he termed as "20th century regulation." He argued for continuance of deregulation and a "hands-off" policy response by government. He noted that a policy priority of broadband access, at an affordable price, as a enabler of economic outcomes, and a lever to improve delivery of social services and utilities. Interestingly, he noted a $95B infrastructure investment by AT&T over the past 5 years and claimed that this cost could not feasibly be recovered from the end user base because the imposition of additional costs onto the consumer base would exclude large sectors of users from the network, and this would be counter to a an objective of ubiquity of access. Given the stated preference for continuation of an industry model that is a deregulated industry lead by private sector investment, it would appear that AT&T is constructing a case to forego the concept of network neutrality with respect to their carriage services, and they apparently wish to have the ability to impose additional costs on content industry actors if they want to have high speed visibility to users on AT&T's broadband network and recover a significant proportion of their investment in this manner.

Network neutrality is a significant issue in today's industry, and it appears to be used by the carriers and operators as a keyword for their lack of incentive for infrastructure investment beyond the existing cooper loop wired infrastructure, citing that net neutrality acts as an investment disincentive that brings the financial returns on capital investment in infrastructure below what they consider to be acceptable levels that are able to meet the cost of private capital in their enterprises. At the same time they are pointing to the lack of radio spectrum as the reason for a lack of further investment in mobile data infrastructure, and accusing application developers of generating mobile content applications that make extravagant use of bandwidth, and hence extravagant use of spectrum as being part of the problem they face.

With some small level of dissension, there appears to be a general admission that demand on today's Internet is not only outstripping current levels of supply, demand growth now is outstripping the sector's business plans, capital investment capability and even technical capability, and the resultant need to exercise common constraint in an environment of limited resources is counter to an industry whose relatively crude content and service models appear to be based on continued abundance of the basic commodity of bandwidth and ubiquitous connectivity.
Security and Privacy

This is one of those mantra topics - everyone agreed that security is a Good Thing (at least I heard noone argue against the concept!), and all speakers who touched upon this topic appeared to agree with the proposition that this was a current issue and by no means a solved problem. But where to go from here was definitely not so clear.

It was clearly recognised that the quantity, breadth and detail of information that is now online poses some serious concern. The risk profile of unintended information exposure now includes individuals, organisations and even nation states. The security industry is becoming overwhelmed with the onslaught of new threats on a continuing basis, and the underlying concern is that the current level of cyber attack may mutate at any time into attack profiles associated with cyber warfare between nation states.

Industry commentators perceive this topic to have a low priority in the political agenda, where politicians want lower prices and greater regulatory control, while the ability of the private sector to invest in the necessary resources and measures to support greater levels of online security is limited by the relatively low value placed on this activity by end users. In some ways the issue of security in todays networks, particularly as they relate to high end security measures that are capable of defending a national communications system against broad scale infrastructure attack of a scale and intensity anticipated in the context of a concerted and well resourced attack (such as envisaged in a cyber warfare attack, for example), is seen to be beyond the scope of conventional private sector infrastructure operators. At the same time the public sector is showing some signs of uncertainty as to how to engage with this agenda, as this is a matter that is well beyond simple regulatory responses.

Hand-in-hand with security is the topic of privacy. It was asserted that the challenge about privacy is not about technology, as today's technology is adequately capable of supporting privacy, but is about the nexus of privacy policies and technology. In order to implement scalable systems that respect and adhere to privacy policies and are functional, there is a need to invest in an effort to define common privacy and authentication standards, i.e., standards relating to the nature of credentials that appropriately define individuals and roles, reputation mechanisms and validation of such credentials and the associated topic of negotiation of trust. The privacy management reference model is looking at operational privacy management in online services, and public standards need to be considered in the development of services. There is some optimism that policy entropy and conflicting standards can be addressed, assuming that the various actors in the area talk to each other and work in the context of industry-driven standards that are based on interoperable implementations. There is the expectation that the industry can deploy systems that can manage privacy conflict and ensure compliance with public policy frameworks that would engender trust and confidence. It was suggested that governments need to support the effort to foster the greater use of standards organisations to facilitate the development of data privacy standards and their adoption.

IPR and Intermediaries

This is a long-standing issue in this sector. The copyright holders have been reluctant, or incapable, on the whole to modify their business model to adapt to the capabilities of computing systems and computer networks to replicate and redistribute content. In the face of monotonically declining sales revenue of traditional media, and the collapse of many of former major players in the media-based content distribution industry, the content industry resorted to legal means to attempt to curb the decline in their industry.

The Digital Millennium Copyright Act in the United States is perhaps the most well known, but no means unique, example of this push for legislative remedies to unauthorized redistribution of content, and the industry has, at least in the realm of the public policy debate successfully managed to apply a lexicon that includes emotive terms such as "theft", "illegal", and "piracy" to such redistribution activities and have this lexicon adopted by the broader industry and in public policy debates.

However, such actions have been largely unsuccessful in terms of reducing the level of such unauthorized redistribution of content and the associated revenue leak that such redistribution represents to copyright holders. The copyright industry has now turned its attention to attempts to coerce the carriage providers to act as co-opted vigilantes in the efforts to enforce intellectual property rights.

This effort runs counter to the general principle of the role of a common carrier, where, in somewhat approximate terms, the carrier is bound to respect the privacy of the parties to whom it has contracted to act as a carrier, and in return is not held to be liable for the content carried across its network. However, there is a strong push to have the public sector to force the carriage sector, and all others who act as "intermediaries' in the provision of services and content to users, to play an active role in enforcing the intellectual property rights of copyright holders of the material. Rather than starting from an assumption that carriage providers and intermediaries are not liable for the content they carry on behalf of users, the default position being pushed in the context of this OECD meeting is one of assuming that such liabilities already exist, and the consequent agenda is to "limit" such liabilities.

It has been pointed out by critics of this approach (such as in a recent blog on this topic) that the wording of the communiqué from this meeting that some of the stakeholders, notably the technical community according to this particular critic, acted in a way that played into the hands of the IPR efforts: "Lacking the historical perspective, ITAC failed to see the camels nose being inserted under the tent in the IPR and Intermediary Liability sections."

Some of the presentations at the meeting were staunchly in favour of the copyright industry's proposals for making carriers and ISPs liable for content. In particular the presentation by Vivendi went as far as claiming that the entire content creation industry would come to a complete halt if IPR theft was not halted using all available means. The assertion was made in this context that: "Copyright is a key component of economic growth."

An alternative view was put forward by Deezer (and presumably Pandora, were they to be present) is that "piracy" is just one competing service model for distribution of content, and the real goal of this industry should be to create business and service models for the distribution of content that represent a superior service proposition to users as compared to resorting to unauthorized redistribution of content in the form of "piracy". Such new service models should allow IPR to be respected and due royalties paid in the use of copyright material. From Deezer's reported commercial success, this is evidently an achievable objective.

In any case, the default position of assuming some unspecified level of liability on the part of intermediaries, including carriage providers, and the need to "limit" this liability with respect to copyright material was maintained in the deliberations prior to this meeting, and the Civil Society Information Society Advisory Committee (CSISAC) was unable to endorse the resultant communiqué.

IPv6 - The Elephant in the Room

Oddly enough for a meeting that was intended to discuss the public policy aspects of the internet's future growth and the maintenance of the Internet's openness and ability to innovate, evolve and generate societal wealth through efficient and novel forms of connectivity and communication, the one topic that implicitly threatens the entire framework of today's Internet rated barely a mention in the meeting, namely the exhaustion of the IPv4 address pool and the industry's marked indifference to adopt IPv6. It was the unacknowledged elephant in the room.

While one speaker, Vint Cerf, highlighted the need to place IPv6 adoption as a matter of urgent priority in the public policy agenda, and noted that without IPv6, innovation on the Internet will suffer and beneficial outcomes from an open and accessible communications environment would cease, and we simply have no alternatives at this point in time. He noted that if this meeting can conclude with the imperative to deploy IPv6 across all parts of the Internet, then it would be a useful meeting with a positive message. Oddly enough, the chairman's summary at the end of this particular session omitted any reference to IPv6, despite this topic being the major theme of Vint's presentation.

There was certainly an air of disconnection that persisted through the meeting on the continued omission of any mention of IPv4 address exhaustion and the risks posed to the further growth of the Internet if IPv6 is not adopted in a timely manner. It got to the point that when a speaker from the UK Regulatory Office subsequently mentioned IPv6 and the need for the public sector to actively support its adoption, parts of the audience broke out in spontaneous applause.

It appears that despite many years of active promotion of IPv6 the message is still not getting heard within the area of public policy. The comprehensive transition of the Internet to IPv6 is a central pillar of any expectation that the Internet can continue to grow and sustain a vibrant environment based on open competition and innovation. So far we appear to have failed to effectively make that case that in a networked environment that stalls on IPv6 the resultant NAT and ALG-ridden IPv4 environment is one where the current incumbents will hold all the addresses and any further competitive entry into the Internet by new actors, at both the levels of carriage and content services, would be effectively limited to the terms and conditions imposed by the incumbents. Such a scenario is about as good a definition of the failure of an open market as one could find, and its one that the Internet would do very well to avoid.

Where To From Here?

Somehow I'm missing the sense of driving optimism and opportunity that was associated with the 2008 OECD Ministerial on the Future of the Internet Economy. It's not clear to me that multi-stakeholderism is sufficiently powerful a mantra to shake off the issues that confront this industry as it slowly shifts into a phase of success-disaster.

Yes, the mobile market is a massive commercial success, so much so that we are now running out of useable spectrum space in the most populous parts of the networked world.

Yes, the wired internet is transforming our economies, so much so that the pressure to recable our infrastructure from copper to fibre is now an essential prerequisite to keeping pace with demand, but the capital is not there and the sustainable carrier business models are not there to undertake this effort.

Yes, the provision of content is a runaway success, but the copyright industry still cries foul and in an effort to curb some of the reported massive damage being inflicted to the entertainment industry there is an effort to rip apart the principle of common carrier and hold all elements of this industry liable for the unauthorised distribution of content.

And yes, we've managed to distribute billions of computers, but at the same time we've managed to create significant areas of vulnerability, and we are now witnessing the exploitation of these weaknesses shift from elements of organised crime to the distinct possibility of cyber warfare waged between nation states.

But I don't believe that any of these issues present insurmountable challenges. In seeking productive responses to these challenges we need to make sure that we are looking in the right place. These problems appear to arise from an intersection of rapid shift in the technology base of this industry intersecting a set of business and policy frameworks that are often somewhat conservative in their response to change. I would like to believe that many of the answers we are looking for lie in adaptation of business models and public policy frameworks, and the tools that will best assist this common effort are probably economic in nature.

For that reason I believe that the OECD has a valuable role in the coming months and years, and I am heartened to see the OECD continue to engage all stakeholders in a public dialogue that I hope will be ultimately fruitful and productive for the future of the Internet.

Written by Geoff Huston, Author & Chief Scientist at APNIC