Policy & Regulation

Policy & Regulation / Featured Blogs

The Crypto Wars Resume

For decades, the US government has fought against widespread, strong encryption. For about as long, privacy advocates and technologists have fought for widespread, strong encryption, to protect not just privacy but also as a tool to secure our computers and our data. The government has proposed a variety of access mechanisms and mandates to permit them to decrypt (lawfully) obtained content; technologists have asserted that "back doors" are inherently insecure. more

US Court Upholds Repeal of Net Neutrality

The DC Circuit Court of Appeals ruled on the last day of September that the FCC had the authority to kill Title II regulation and to repeal net neutrality. However, the ruling wasn't entirely in the FCC's favor. The agency was ordered to look again at how the repeal of Title II regulation affects public safety. In a more important ruling, the courts said that the FCC didn't have the authority to stop states and municipalities from establishing their own rules for net neutrality. more

Internet Consolidation at EuroDIG 2019: Questions in Need of Answers

At EuroDIG 2019 a workshop was organised around the topic of consolidation on the Internet. It was organised around four angles: technique, competition, society and human rights and; future research. One thing became extremely clear: no one contested that consolidation is taking place nor that this already has and will have an impact on the Internet and consecutively on society. more

Watch Live Tonight – 2019 Internet Hall of Fame Ceremony

Tonight (27 Sep 2019) you can watch the 2019 Internet Hall of Fame induction ceremony streaming live out of Costa Rica. Eleven individuals from six countries will be inducted into the Internet Hall of Fame (IHOF) today. The 2019 class of inductees have expanded the Internet's reach into new regions and communities, helped foster a greater understanding of the way the Internet works, and enhanced security to increase user trust in the network. more

The End of the Road: ICANN, Whois, and Regulation

There's a well-documented crisis facing the domain name system: very few who rely on domain name registration data from the Whois database to perform vital functions can do so any longer, which is escalating consumer harm and abuse on the internet worldwide. And the problems, thanks to ICANN's overly restrictive policy post-GDPR and a failing policy process, are piling up. more

Domain Name System to Be Featured Prominently in Upcoming Review of EU Safe Harbor Rules

In July 2019, Netzpolitik and others leaked an internal document by DG Connect that outlines the European Commission's thoughts on an update of the E-Commerce Directive. Based on this document, it seems that the domain name system and its actors will be prominently addressed in the Ursula von der Leyen's Commission-cycle from 2019 to 2025. more

The Operationalization of Norms and Principles on Cybersecurity

With two simultaneous processes getting underway in the UN General Assembly's First Committee, the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) on Cybersecurity, and several technology and multi-stakeholder initiatives pushing cybersecurity improvement, the world of cyber norms has become both more interesting and more complicated. more

DoH Creates More Problems Than It Solves

Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it's unclear that it accomplishes these goals. On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). more

What Is the Purpose of ICANN's Comment Periods?

Almost every institution which purports to provide space for public accountability includes some sort of formalized process by which the public can have their say. And in almost every instance, they struggle with a tension between the desire to provide a commenting process which is meaningful and substantive (or, at least, which appears to be so), and a desire to adopt whatever course of action the institution thinks is best. more

What is a Security Mechanism?

Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more