For the past decade, the Asia Pacific Regional Internet Governance Forum has remained as one of the most important venues for regional Internet governance policy-shaping processes and discussions. It acts as a cornerstone in bringing together over 300 multi-stakeholders from over 20 countries across Asia Pacific each year to take part in advancing the Internet governance development. This year APrIGF entered its 10th year since its initiation and I was fortunate enough to be selected as a fellow to participate in this particular forum.
The main theme for this year’s APrIGF is ‘Enabling a Safe, Secure and Universal Internet for All in Asia Pacific’ with six sub-themes being, Safer Internet, Cybersecurity & Regulation, Access and Universality, Emerging Technologies & Society, Human Rights Online, the Evolving Role of Internet Governance & Multi- Stakeholder Participation, and Digital Economy. During the Capacity Building Day (Day 0), fellows were divided into several buddy groups based on their sub-theme of choice. Since I am a law graduate and my area of interest has a lot to do with Cybersecurity, Data Protection, Privacy, Digital Citizenship and Internet Safety, I decided to go for the sub-theme Safer Internet, Cybersecurity & Regulation. Therefore, most of my key takeaways from the APrIGF revolves around this particular sub-theme.
In the past few years, we have been witnessing growing concerns on issues such as misinformation, data breaches, organized cybercrimes, fake news, hate speech and harassment, online violence and terrorism, etc. This has led to a decrease of trust and the introduction to various state regulations to mitigate the cybersecurity risks. In order to maintain a good online hygiene, it is important to discuss the correct policies and suitable governance models that should be adopted to deal with these issues and achieve a safer Internet. This APrIGF has managed to shed light on what should be the key considerations for states in creating these regulations, how can we maintain legal interoperability of laws and extraterritorial data protection on the Internet, whether the Internet should be regulated by the states solely, what are the impact of existing regulations on the Internet and how should the balance be drawn between state interference on Internet infrastructure and a free and open Internet. At the same time, APrIGF 2019 also celebrates diversity for a peaceful collaboration towards a safer Internet by making sure that the Internet community are able to participate more actively in the international cybersecurity discussions.
At the end of the forum, a representative from each group were asked to present on the takeaways gained from all the workshops under their respective topics at the closing plenary. I volunteered to represent and speak on behalf of my group on Safer Internet, Cybersecurity & Regulation. Here are some of the takeaways that I have gathered from this sub-theme
The session “Know Your Net – Working Together to Address Internet Security and Standards” highlights the importance of DNS security to protect the infrastructure from various attacks such as DDOS attack, cache poisoning, DNS hijacks, DNS abuse and misuse. One way to tackle this problem is by deploying DNS Security Extension or DNSSEC to our Top Level Domains (TLDs) and secondary level domains. There must also be collaboration with Internet Service Providers (ISPs), Domain registries and registrars in implementing these changes. Other than that, I have also learnt how to protect and secure routing tables infrastructure from rerouting our messages to unknown locations, and this is by deploying Resource Public key infrastructure (RPKI) and through Digital Authentication. On IPv6, the panel concluded that it is crucial to promote awareness and educate governments, ISPs and everyone involved in the shaping of the internet on IPv6 and inform them on the urgent need to migrate to IPv6 following the final release of IPv4 by the Internet Assign Numbers Authority (IANA) in 2011.
In my opinion, this particular Internet governance forum has no parallel. It was one of the most special Internet governance events that I have attended so far as it was truly inclusive in terms of age diversity. This is evident from the session on Internet safety which was led by a group of primary school children where they spoke on their research on how to promote safer Internet from their own perspectives. The children emphasized that the mental health component in Internet Governance issues are intertwined with social issues and hence, the topic of mental wellness and online safety needs to be addressed through education. They also pointed out the need to continuously be included and heard in Internet policy-shaping processes and the importance of balancing both child and adult perspectives in promoting the welfare and wellness of children online. Other than that, there was also a session designated to discuss on the importance of having child safety complaints mechanisms. It was decided that other than spreading awareness and having parents, teachers, government and operators coming together to tackle the issue, people from all over the world can report on online child abuse through the Internet Watch Foundation.
Another very interesting discussion was pertaining the topic of a “Localized Internet”. The main issues include identifying how establishing borders on the Internet would affect Internet governance and telecommunications, whether Internet localization is driven by technical or political reasons, the growing interest in governance of international data flows and national governments control over this data, the risks that local intranets can pose to the global Internet and whether a localized Internet can or cannot coexist. The panel agreed that the Internet develops in response to needs of the users and that it continues to bring new possibilities to everyone. Alexandar Isvanin from the Internet Protection Society in Russia voiced that the Internet is a marketplace of opportunities above all and that borders on the internet would limit people’s opportunities, which means that they would result in less openness and accessibility to the internet. However, there are also positive aspects of internet localization such as the development of the local hosting and local internet providers as well as expanding data processing centers. Nonetheless, the global Internet community must come up with a solution soon so that the trend of internet localization does not result in technical and socio-cultural issues and so that the internet can remain universal, open and accessible for everyone.
Furthermore, the issue of Internet shutdowns was also discussed in this forum during through the workshop “Honey, I Shut the Internet. Dealing with Internet Shutdowns in Asia Pacific”. According to the #KeepItOn Coalition tracker, out of the 371 documented Internet Shutdowns across the world between 2016 to 2018, 310 shutdowns took place in Asian countries. This does not only create major barriers to access and freedom of expression, but also poses huge consequences such as hindrance to education, and blockage of access to channels for safety and healthcare, as well as interruption in businesses. For example, the ‘Internet Blackout’ report from the Indian Council for Research on International Economic Relations (ICRIER) showed that between the years 2012 to 2017, 16,315 hours of Internet shutdown in India cost the economy approximately $3.04 billion. In this APrIGF, the panel highlighted the importance of striking a balance between national security and the safety of all individuals. It was also suggested that if Internet shutdowns must happen or is the only way out to a certain problem, it should be done in a transparent manner. This is because most of the shutdowns in the past few years were not transparent and is only done to protect the interest of certain parties. Other than that, in making security recommendations pertaining to this matter, there must be understanding and communication with target groups.
In my opinion, the most interactive session that I attended in this APrIGF was the session on fake news through the workshop “Coping with Misinformation in an Era of Information Deluge: Who is Responsible?”. In this session, ‘fake news’ was defined and the terms ‘misinformation’ and ‘disinformation’ were differentiated. Both misinformation and disinformation can be regarded as fake news, but the major difference between these two words lies in the intention. When people circulate misinformation, they usually believe in the information they are sharing. However, when people spread disinformation, they usually do so with the intention of misleading others. The panel also addressed why fake news is a growing concern and what drives people into disseminating false information, one of them being the fact that fake news can undoubtedly be regarded by irresponsible party as a big business today. One of the panelists suggested that governments must provide a transparent channel to verify various news and that criminalization must not be the only solution to this problem. There was also a question on whether we should just leave it to machine learning algorithms to detect fake news or whether we should deal with it in a retrospective manner. In my opinion, machine learning algorithms may not be a good idea as it is very difficult to detect intent through text. This is because there are layers and layers to the human language, and it is hard, if not impossible, to teach this to machines.
I can safely say that APrIGF 2019 has to be one of the most interesting, interactive and inclusive Internet governance event that I have ever been part of. I have learnt so much from my participation in this particular forum as a fellow and I wish to continue working with other stakeholders to push the Internet governance agenda in my country and region forward for a better future Internet.
By Aisyah Shakirah Suhaidi, APrIGF 2019 Fellow & ISOC Malaysia Member