At IETF 105, held in Montreal at the end of July, the Technical Plenary part of the meeting had two speakers on the topic of privacy in today's Internet, Associate Professor Arvind Narayanan of Princeton University and Professor Stephen Bellovin of Colombia University. They were both quite disturbing talks in their distinct ways, and I'd like to share my impressions of these two presentations and then consider what privacy means for me in today's Internet. more
The European Data Protection Board certainly has been keeping its records straight. Its 27 May statement starts with the following: "WP29 has been offering guidance to ICANN on how to bring WHOIS in compliance with European data protection law since 2003." All internet users have dealings with the Internet Corporation for Assigned Names and Numbers, yet the vast majority have never heard of ICANN. more
From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more
The draft e-commerce policy paper of the Ministry of Commerce and Industry of India raises valid observations concerning some of the imbalances, such as, on the excessive advantages gained by the "first movers" in the private sector, which implies advantages gained by the first -mover States on the Internet, on some of the prevailing gaps in the space and also on concerns about the abusive practices by a few e-commerce platforms and vendors. Most of these concerns are best addressed globally... more
Trademarks and brands are often among a company's most valued assets. Customers associate trademarks and brands with producer integrity. They engender consumer trust. Without TMs and Brands, companies struggle for attention and find it more difficult to link the company's integrity and trustworthiness in the marketing of its goods and services. Representing company promise and customer expectations, they are uniquely positioned to symbolize common values and aspirations. more
Mark Zuckerberg shocked a lot of people by promising a new focus on privacy for Facebook. There are many skeptics; Zuckerberg himself noted that the company doesn't "currently have a strong reputation for building privacy protective services." And there are issues that his blog post doesn't address; Zeynep Tufekci discusses many of them While I share many of her concerns, I think there are some other issues - and risks. more
One year ago, in late 2017, much of the policy debate in the telecommunications sector was raised to a fever pitch over the vexed on-again off-again question of Net Neutrality in the United States. It seemed as it the process of determination of national communications policy had become a spectator sport, replete with commentators who lauded our champions and demonized their opponents. more
The 2013 NSA revelations by the American whistleblower Edward Snowden was a stern wake call for French politicians. more
Hackers behind the massive data breach of the hotel group Marriott International Inc have left clues suggesting ties to the Chinese government intelligence-gathering operation. more
Today, President Macron threw down the gauntlet to President Trump and the US administration on Multistakeholderism. In his welcome address to IGF 2018 Paris a few hours ago, President Macron challenged IGF to become more relevant by reinventing itself in factoring in multilateralism into IGF's non-decision-making body and to move beyond the mere talk-ship lip service it has been for the last 13 years. more
My thesis is simple: the way we protect privacy today is broken and cannot be fixed without a radical change in direction. My full argument is long; I submitted it to the NTIA's request for comments on privacy. Here's a short summary. For almost 50 years, privacy protection has been based on the Fair Information Practice Principles (FIPPs). There are several provisions... more
M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group and APWG, the Anti-Phishing Working Group, surveyed their members about recent WHOIS changes. With over 300 results from security researchers, it's the broadest report yet on WHOIS use. The survey results confirm our concerns that WHOIS was a vital resource for security research, and its loss is a serious and ongoing problem. more
ICANN just recently performed a Root Zone DNS Security Extensions (DNSSEC) Key Signing Key (KSK) Rollover. The recent KSK Rollover that took place on the 11th October 2018. The KSK Rollover has been successful and congratulations are in order. The Root Zone DNSSEC Key Signing Key "KSK" is the top most cryptographic key in the DNSSEC hierarchy. The KSK is a cryptographic public-private key pair. more
At a recent workshop on cybersecurity at Ditchley House sponsored by the Ditchley Foundation in the U.K., a primary topic of consideration was how to preserve the freedom and openness of the Internet while protecting against the harmful behaviors that have emerged in this global medium. That this is a significant challenge cannot be overstated... That these harmful behaviors can and do cross international boundaries only makes it more difficult to fashion effective responses. more
New Zealand's Domain Name Commission today won a motion for preliminary injunction in a US lawsuit against the company DomainTools. more
A World-Renowned Source for Internet Developments. Serving Since 2002.