|
||
|
||
In recent times, groups of people gather at the ITU in Geneva and write a “strategic plan” covering the next few years. Indeed, there is a current questionnaire to that effect. It is frozen in a world that existed 30 years ago, and by any measure, surreal and absurd. It needs to be terminated. Here is why.
The International Telecommunication Union (ITU) has existed in various forms since 1850 to perform two basic functions. It hosts global intergovernmental meetings for sovereign nations to assemble and reach all kinds of agreements ranging from treaty instruments to simple recommendations necessary for radio use and network connections for service deployments. It maintains several secretariats that help with the meetings and maintain related records. For both historical and practical reasons, it is divided into three definitive and relatively independent “sectors”—radio spectrum management (ITU-R), telecom networks (ITU-T), and development assistance (ITU-D) plus a general one for everything else and to keep the facilities running. Radio has always been the largest and most valuable sector—offering unique value propositions.
Because the sovereign nations retain their power, the ITU itself has none. In addition, today, it is the innumerable marketplaces and economies that actually provide radio and telecommunication products and services. Furthermore, the participants in those marketplaces and economies have largely formed their own organizations for collaborating and reaching agreements. With the exception of the original 1850 value propositions—enabling extraterritorial networks and services among sovereigns and avoiding technical harm—there is not much left for the ITU to deal with.
Those exceptions, however, are increasingly critical in a world of 5G virtualisation instantiations of architectures and services—including 5G satellites—with extensive, complex extraterritorial compliance obligations. What role the ITU plays in addressing them remains to be determined in future venues.
The current 2020-2023 ITU Strategic plan is an exercise in bureaucratic fantasy and obliviousness. It begins by setting forth the “ITU Strategic Framework” that begins with a narrow, one-sided vision about “an information society” that has little to do with ITU role, and a mission statement that fails to even recognize what have long been essential parts of the mission—extraterritorial harmonization of sovereign requirements, especially avoiding technical harm.
The next sub-clause on “values” is a kind of bizarre public relations statement—describing how the organisation should sell itself to the general public. Then the plan gets even crazier in a “goals” section that articulates the “ITU’s role” as facilitating the agenda of 20-year-old policy wonk creature known as the World Summit on the Information Society (WSIS).
This amazing head-scratcher of a plan gets even more surreal with an entire section on “targets” for the growth of broadband infrastructure and services manifested by economies and marketplaces in sovereign nations, not the ITU. The ITU as an organisation cannot be held accountable for targets over which it has no real ability to control. The plan is then capped off with a section on “risk” to the ITU itself along with purported “mitigations”—alluding to amusing diminutions of ITU relevance.
The “bread and butter” of the plan is found in sections implementing the Framework: results, WSIS links, and implementation/evaluation. What is actually found in these sections, however, are vague abstract values with links to ongoing ITU sector activities. The values sound nice—“growth, inclusiveness, sustainability, innovation, partnership”—and wrapped around still more abstruse objectives articulated as “knowledge sharing, coordination, collaboration, enabling, accessibility,” but useful only for public relations purposes and justifying plan meetings, associated secretariat headcounts and funding. The last is underscored in an appendix that links strategic objective resources to specific Swiss Franc amounts.
Perhaps the most edifying part of the Strategic Plan is found at the end in a “SWOT Analysis.” It grossly overstates the ITU strengths/opportunities and is significantly less than candid in enumerating weaknesses/threats. Indeed, the greatest weaknesses are: 1) that it is constituted by sovereign nations who exercise their own exclusive and complete power over all their domestic and extraterritorial telecommunication, and 2) what is achieved or not via the ITU in any of its activities and venues is dependent entirely on what the participants bring there or fund.
How this meshuga ITU Strategic Plan happened is itself part of the problem. For more than 140 years, there was no strategic plan. It was unnecessary, and the organisation functioned well. In the early 1990s, however, the ITU was faced with tectonic changes in the provisioning of global telecommunication arising from a combination of factors. Very large-scale integration of circuits combined with trivially inexpensive optical fibre and local wireless transport technologies re-architected telecommunication networks and information services. Provisioning of those networks and services shifted away from national monopoly providers collaborating through the ITU to a global commercial marketplace that established its own collaborative mechanisms. The role of the ITU as an intergovernmental organisation dramatically diminished while that of the WTO in facilitating competitive market entry increased.
Faced with these changes, Secretary-General Tarjanne sought to mollify the ITU’s nation-state membership and reshape the organisation by creating a new strategic planning unit that was justified in several resolutions adopted at the 1992 Additional Plenipotentiary conference. The author—as Tarjanne’s counselor—wrote the remit for the new unit and set the stage for it.
The idea of creating a strategic plan with associated activity seemed reasonable in 1992. Over the years, as the tectonic changes played out, the plan became bloated with ever more meaningless material—ultimately becoming a placeholder for the Internet public relations material by the late 1990s, followed by WSIS promotion a few years later. It became a means for different secretariat factions and constituencies to lobby for funding allocations. The Strategic Plan exercise has definitely outworn its value and become counterproductive. It should be terminated. The ITU activities and roles ultimately fall to the participants in semi-autonomous individual constituent bodies and its sovereign Members to decide and fund.
Note: The author has participated in ITU strategic activities for nearly five decades within the U.S. government, the ITU itself as counselor to two Secretaries-General, and to multiple companies and non-profit organisations; and co-authored the 1982 book, The ITU in a Changing World.
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byCSC
A World-Renowned Source for Internet Developments. Serving Since 2002.
By any measure, cybersecurity including especially cyber defence against an exponentially growing array of cyberthreats, is the most significant challenge facing telecommunication users, industry, and basic societal systems today. The subject dominates today’s ICT dialogue.
The ITU’s own public international law since 1850 has made cybersecurity a fundamental component of the ITU role. See Public international law of the international telecommunication instruments: cyber security treaty provisions since 1850. Thirty years ago, perhaps the most effective cybersecurity platform developed—Secure Data Network Systems (SDNS) - was added into the ITU standards process and treaty provisions. See Secure Data Network Systems (SDNS) Access Control Documents. A decade ago, the most comprehensive cybersecurity information exchange suite—CYBEX—followed. See https://www.itu.int/ITU-T/recommendations/index.aspx?ser=X.
Yet to read the ITU Strategic Plan, there is a complete lack of cognizance of the mounting cybersecurity challenges and virtually no response. In the current ITU Strategic Plan, cybersecurity appears only trivially in passing—strangely as a “sustainability” goal to improve “cybersecurity preparedness of countries” implemented an ITU-D sector objective for developing countries.
Inquiring minds would ask how a meaningful and relevant ITU Strategic Plan could demonstrate such cyber-obliviousness toward what is one of the greatest challenges facing ITU Members and users worldwide and been a core component of its role since its inception. Indeed, going forward, these challenges will increase with extraterritorial deployment of 5G virtualisation of network infrastructure and services. If the ITU Strategic Plan cannot comprehensively and substantively address such an essential ICT challenge today, it becomes meaningless and deserves termination.
As I wrote on CI (https://rmf.vc/CIBBToInfrastructure) what used to be telecommunications services are now applications. Is the ITU capable of shifting from a service-provider framing to an infrastructure framing?
5G and trying to solve problems such as security within a network seems like an attempt to return to the intelligent network.
The ITU-R and ITU-T (which are the two relevant ITU sectors involved here) have long ago shifted to an infrastructure approach. It is reflected in group TORs and specification products over most of the past 20 years or more. The ITU-T Study Groups are devoted to different infrastructure components and operational requirements. Rather little activity deals with services anymore. It is also worth noting that 5G is the province of 3GPP and GSMA, and secondarily ETSI, not the ITU. Many ancillary groups, including the ITU sectors (especially in ITU-R) merely support some of the capability requirements with specifications and liaison comments as needed. Also worth noting is that the global mobile communication infrastructure upon which the world relies (including internet connectivity) is specified and "regulated" by 3GPP/GSMA. This includes security capabilities. With this said, the ITU does have existing and potential new derivative cybersecurity roles as the only global intergovernmental organization for ICT infrastructure. For example, the treaty and technical provisions relating to radio-based cyberattacks extend back more than a hundred years. As long as national sovereignty exists (which seems now stronger than ever), those sovereigns need to develop the arrangements and requirements for extraterritorial architectures and services. It seems better done in a multilateral setting rather than creating 193 x 193 matrix sets of bilateral agreements.
The key phrase is “infrastructure upon which the world relies (including internet connectivity)”. Today that’s inverted, with telecommunications being but one application built on top of a packet-based infrastructure. I’ve compared it with going from railroads to streets.
This is a difficult concept (as I try to explain in https://rmf.vc/CI5GPast). It means that there is no concept of something to subscribe to. It’s telling that the most serious attacks happen outside the networking facilities. We do need treaty negotiations but it’s not clear that the ITU is the appropriate place to negotiate policing and extradition.
The comments section isn’t the place for a full-depth discussion, but we can continue it elsewhere if you’re interested.