Check-in and access this session from the IGF Schedule.

IGF 2024 DC-DNSI Governance Gaps in addressing online harms: NIS2 and Beyond

    DC

    Dynamic Coalition on DNS Issues

    Roundtable
    Duration (minutes): 90
    Format description: This will be an inclusive roundtable discussion focused on examining how to address governance gaps in multistakeholder responses to online harms. Specifically, the session will look at (a) the impact of emerging regulation, with a focus on the global impact of the NIS2 Directive and (b) how industry can collaborate more closely to resolve persistent governance gaps. The session will host 6 speakers from across sectors and regions including representatives from civil society, technical community and industry.  Organisers will offer an interactive setting with both in-person and online participants.

    Description

    During the IGF 2023 in Kyoto, the DC DNS Issues initiated a conversation focused on identifying existing governance gaps in addressing online harms (see our report: https://intgovforum.org/en/content/igf-2023-dc-dnsi-closing-the-governa…). For this IGF, the dynamic coalition intends to pick up the discussion initiated at the last IGF and continue to unpack what it takes to bridge these gaps.

    First, what does the DC-DNSI mean by governance gaps? 

    When dealing with online harms, each actor in the ecosystem has different roles, responsibilities, and capabilities –whether that is a registrar, a registry, a CDN or an ISP. Now, there are different governance models that guide roles and responsibilities of these various groups. For example the ICANN community and the gTLDs operate governance by contract. The ccTLDs, on the other hand, develop local governance models based on their relationships with local governments and local Internet communities. Hosting companies and providers are subject to the laws of their respective jurisdictions, and operate in response to that regulatory guidance. In the overlap of these various models, there are governance gaps still remaining that affect and shape how the ecosystem is able to effectively respond to online harms. 

    Specifically, the DC-DNSI produced two calls to action in Kyoto, which the session proposes to pick up on: one on supporting policymakers and one on industry collaboration.

    The workshop will be structured around these two actions:

    Segment A:  Supporting policy makers in developing adequate measures for addressing online harms: reflections from the NIS2 Directive

    The first call to action from Kyoto focused on how industry, technical community and civil society can best support policy makers. This initial segment will take the recently implemented NIS2 directive as a means to reflect on this call to action. 

    The NIS2 Directive is an example of where regulation has been proposed to increase the overall standard of cybersecurity. However, it has complex implications for the Domain Name Industry. The difference in implementation within member states may also cause jurisdictional challenges that could further fragment the governance landscape. There are also different approaches to regulation beyond the European approach. 

    Emily Taylor, CEO and founder of the DNS research Federation will begin by addressing the basics: She will introduce: (a) what the NIS2 directive is and its implications for the DNS industry; (b) how the directive is being transposed in the EU and potential fragmentary effects observed to date; and (c) its extraterritoriality effect beyond Europe.

    Bruna Martins dos Santos, Non-Commercial Stakeholder Group representative on ICANN’s GNSO Council (invited, awaiting confirmation) will speak to diverging views on how to deal with online harms, and implications on human rights such as the right to provide. She will in addition  discuss possible ways forward to reconcile differences in approaches.

    Bertrand de la Chapelle, Director of the Internet & Jurisdiction Network (invited, awaiting confirmation), will address questions of jurisdictional challenges emanating from the directive, and the impact on the broad range of industry stakeholders –from registries and registrars, to hosting providers and online platforms.

    The first segment will wrap up with a brief conversation on what additional steps industry can take to support policy makers.

    Segment B: Promoting industry collaboration

    The second segment of the conversation will pick up on the second call to action from the DC’s Kyoto session on how to encourage greater industry collaboration up and down the Internet stack.

    Keith Drazek from Verisign will discuss the importance of working across silos to ensure responses to online harms are proportionate. He will flesh out principles identified by the registry community as important in addressing online harms.

    Jean Jacques Sahel from Google will introduce a perspective from large platforms in dealing with online safety, and introduce concrete examples on data-sharing practices to curb online abuse.

    Chris Buckridge, Internet Governance Specialist and MAG member, will moderate the discussion.

    To facilitate interaction between onsite and online speakers and attendees, we have a combination of four speakers on the ground, and two speakers remote, as well as an onsite moderator. 

    The onsite moderator will actively manage the flow of discussion, ensuring that both onsite and online participants have equal opportunities to contribute and engage. We will employ interactive tools such as Q&A opportunities integrated with the virtual platform. Presenters will encourage active involvement from all attendees regardless of their location. The comments and questions of online participants will be monitored during the whole session and our seasoned moderators will ensure that there is enough time left for questions at the end of the discussion with panellists. Recognising the importance of social media engagement, we will also use event-specific hashtags on social media platforms to encourage broader engagement and discussion beyond the session itself. Additionally, the designated session chat room will be available for ongoing dialogue and networking among participants, ensuring a rich and dynamic experience for all attendees, whether onsite or online.

    Organizers

    Emily Taylor, DNS Research Federation, Civil Society, Western European and Others Group (WEOG) - Speaker and Organiser

    Carolina Caeiro, DNS Research Federation, Civil Society, Latin American and Caribbean Group (GRULAC)- Organiser

    Georgia Osborn, DNS Research Federation, Civil Society, Western European and Others Group (WEOG)- online moderator and rapporteur

    Speakers

    Emily Taylor, DNS Research Federation, Civil Society, Western European and Others Group (WEOG) - (confirmed)

    Jean Jacques Sahel, Google, Private Sector, Middle East and North Africa (MENA) (confirmed)

    Keith Drazek, Verisign, Technical Community/ Private Sector, Western European and Others Group (WEOG) (confirmed)

    Bruna Martins dos Santos, Non-Commercial Stakeholder Group representative on ICANN’s GNSO Council, Civil Society, Latin American and Caribbean Group (GRULAC) (confirmed)

    Bertrand de la Chapelle, Director of the Internet & Jurisdiction Network, Civil Society, WEOG (confirmed)

    Chris Buckridge, Internet Governance Specialist and MAG member, WEOG (moderator, confirmed).

    Onsite Moderator

    Chris Buckridge, Internet Governance Specialist and MAG member, WEOG

    Online Moderator

    Georgia Osborn, DNS Research Federation, Civil Society, Western European and Others Group (WEOG)- online moderator

    Rapporteur

    Georgia Osborn, DNS Research Federation, Civil Society, WEOG- rapporteur

    SDGs

    9.1
    10. Reduced Inequalities
    17.6

    Targets: Goal 9: Industry, Innovation and Infrastructure Target 9.1: Develop sustainable, resilient, and inclusive infrastructure The event proposal focuses on discussing the extraterritorial impact of the NIS2 Directive regulation on DNS abuse beyond the EU, particularly in Global South regions. The session highlights how long-arm European legislation, like GDPR and NIS2, can disproportionately burden Global South regions, despite their limited influence in crafting these regulations. This discussion advocates for inclusive governance practices that consider the diverse economic and social contexts of different regions, promoting multi stakeholder governance structure, equitable participation and decision-making in shaping regulatory policies that impact digital infrastructure, focusing on improving the accuracy of domain name registration data, which entails action all the way to the level of resellers and privacy/proxy providers, to promote effective cybersecurity practices on a global scale. Goal 10: Reducing Inequality The proposal highlights how global regulations like GDPR and NIS2 can disproportionately affect regions with varying economic capacities, such as the Global South. By discussing these impacts and raising awareness, the session aims to contribute to reducing inequalities in Internet governance. Goal 17: Partnerships for the Goals Target 17.6: Enhance cooperation for access to science, technology, and innovation The session intends to examine the broader ecosystem affected by the NIS2 directive, which involves multiple stakeholders, including domain registrars, resellers, and privacy/proxy providers. By shedding light on these complex interdependencies, the event aims to advocate for more transparent and accountable governance practices in the context of internet regulation in addressing DNS abuse. By bringing together stakeholders from diverse backgrounds and regions, the session aims to foster partnerships for leveraging technology and innovation to improve DNS practices, facilitating conversations on governance gaps in addressing online harms.

    Key Takeaways (* deadline at the end of the session day)

    The NIS2 Directive highlights the need for better global coordination to address extraterritorial impacts, compliance challenges, and disparities, particularly in the Global South.

    The ICANN Process shows the importance of adapting multi-stakeholder models to be more efficient and inclusive, ensuring diverse voices are heard and governance gaps are closed. The importance of an inclusive process ensures better regulation and industry practices.

    Cross-industry partnerships and proactive engagement can tackle online harms more effectively than regulation alone, offering practical and flexible solutions.

    Call to Action (* deadline at the end of the session day)

    Engage diverse stakeholders, especially from underrepresented regions, to assess and address the global impacts of digital regulation and encourage more discussion. Streamline processes and broaden participation to engage diverse stakeholders and ensure multi-stakeholder approaches are more agile, inclusive, and impactful.

    Create frameworks for collaboration that align stakeholders on data sharing, cybersecurity, and governance challenges, reducing fragmentation and improving outcomes.