Cooperation Working Group

Tuesday, 22nd May 2019

At 2 p.m.:

Julf: Hello everybody. I almost automatically said good morning because so many years in a row we always had this our first morning session after the whiskey BoF. So we are really enjoying the fact for once we are in the afternoon although of course immediately after lunch.

Welcome to the Cooperation Working Group session. I am Julf, for those ‑‑ for the one person who didn't know it. Co‑chair together with Acchilleas. And I will very quickly going to run through the mandatory bureaucratic stuff here. I am sure you all very carefully read the minutes of the last meeting and so if you have anything to remark about them, or corrections, please speak up now. No? So we hereby approve the minutes of the last meeting.

The next thing is we have to approve the agenda and you see the agenda here on the screen, except of course there is always a last minute change and this time we really wanted ‑‑ we are trying to compress this programme a little bit and squeeze in at the end a talk about update on what is going on with the Christ Church call which is a very, very topical thing right now, we wanted to squeeze in that at the end if that's okay with you guys. Thank you.

That means we can carry on with the actual programme.

Acchilleas: Thank you. Our first presentation by Patrick Penninckx who is heading the Council of Europe, an institution and organisation that is the oldest European organisation and also Patrik is happy enough not having to worry about Brexit and the UK as they will remain members of the Council of Europe anyway.

PATRICK PENNINCKX: Exactly. Hi, good afternoon. I am not used to the whiskey parties and then afterwards having to speak early morning, so you will have asked me how should I recognise you when you come to the meeting, I said to make it simple I will wear a suit so that's the reason I am wearing a suit today, nothing else obviously.

Just a quick thing: Because I had made a PowerPoint presentation and so on but we have ten minutes so I'd rather go quickly to the point and if there are elements that you would like to know more we can further discussion that afterwards.

The first thing, Council of Europe, I don't know if everyone knows what that is but we are a distinct institution from the European Union. We are right now 47 Member States and until Russia decides to leave, which we hope it doesn't, but of course there are quite a number of institutional discussions about this, we are still 47 Member States and we have a number of observer states, including the United States, including Canada, including countries like Mexico and holey see so this is the context in which we are working. We are an inter‑governmental institution so we are not a super mechanism, we don't issue directives but work a lot on soft law and that is quite crucial because that soft law is also afterwards implemented through the European Court of Human Rights when it comes to human rights issues. And with that, I have already clearly marked my point, in fact the key mission of the Council of Europe is to stand for human rights, rule of law and pluralism in Europe, pluralist democracies so that is quite crucial to all of this.

Now, some time ago, about a year‑and‑a‑half ago, Council of Europe, or two years ago, we decided we should strengthen our cooperation with business. Now, the thing is that when it comes to certain issues like Internet governance, digital development, we have always been very much involved in what is called the multi stakeholder dialogue, and that is crucial to the decisions that have been taken by the committee of ministers of the Council of Europe, we strongly believe in that in that, we strongly involve civil society, we have done that for ages, human rights organisations, but more recently, also business.

And that's the reason of my talk to you today. That is that, within our Internet governance strategy 2016‑2019 one of the specific items that we put forward was to strengthen the partnership with business and business associations. Primarily in the field of Internet governance in the broad sense of the word

So that is the Council of Europe Internet governance strategy and we were also thinking what is in it for business. I think especially after Niels' input yesterday in the academic initiative in ‑‑ yesterday afternoon, I think it was quite crucial to see to which extent the ethical human rights dimensions also transpire into the technical community, and I think that is ‑‑ that is essential, because there is no technology that is free of values. So, for us, it is important, us Council of Europe as trying to defend and stand for human rights and so on, it is crucial to look at how can we ensure that within what we are designing, implementing, can we already engage in human rights reflections. And that's why not only business associations and businesses, but also certainly the technical community of ‑‑ is of great importance.

Even if you would not be interested in organisations like the Council of Europe, the Council of Europe may be interested in you, because in fact quite a number of the soft law recommendations that the Council of Europe issues, that the committee of ministers of the Council of Europe issues, is directly related to also this community. For example, a number of the most recent ones, I brought you some examples of this, recent recommendations, which have been adopted by those 47 countries, for example, on the free trance bandwidth flow of information on the Internet, roles and responsibilities of Internet intermediaees, protection of journalists and safety of media actors, Internet freedom. So you see, and most recently, we issued a recommendation on the whole issue of the manipulative capacity of algorithm I can processes and of course that is something that we are clearly interested in also in light of the democratic developments and so on.

So what is in it for business is also actually to access those 47 countries through their governmental representatives. Why is that important? That is in many countries initiatives are taken that go in one or the other direction, but there is not necessarily a much coordinated approach and that is what we try to do at the level of the Council of Europe: Coordinate those approaches and also analyse and assess them from a critical human rights perspective. When Germany takes, for example, some measures or France, take certain measures to, for example, limit terrorist content or limit hate speech content, our reflection is always, what are the implications of that, for example, for free speech, freedom of expression and how does that relate to the European Convention of human rights? So we take a critical stance also to what these developments are in the countries that are promoting certain legislations at some point in time.

So, it's also a possibility to influence a development of Council of Europe policies on the Internet, on digital development and so on.

And so we started this about two years ago through an exchange of letters with companies, 14 Internet companies and associations so far have joined the cooperation, the partnership, and two new partners joined last May and there is ongoing discussion with other potential partners. Some of you may recognise your own companies there such as Deutsch Telecom, and others which are listed here including also a number of associations.

It was also last year that we had the first official exchange between business and our committee of ministers, and that is quite important. We intended and we have done so to first of all also listen, not just say we have to come up with certain directives of what they need to do, and that is very much unform, very often the approach of governments, that is you need to do that. We wanted to reverse it and say, we want to listen to you first in order to be able to then start when we develop regulation and recommendation to our first governments that we have first listened to what you have to say on this and what is also feasible and what is not feasible and what are new developments, what are trends that we need to be aware of that are going to impact not now but they are going to impact in two or four years. For example, when we started to work on agriothymic processes about four years ago the policy makers at that given point in time, had no clue, were not at all speaking about it, but one or two years afterwards Angela Merkel in one of her key speeches mentioned the algorithmic processes so it's for us to anticipate and that we can do together with communities and technical community in order to be able to identify those.

So that is quite crucial. So we discussed, for example, issues like cyber security, data protection, content moderation, E participation. The Council of Europe is, of course, very broad because this European Convention of Human Rights is translated in numerous different treaties at international level, or cooperation mechanisms. There is, of course, the so‑called convention 108 on data protection, there is the Budapest convention on cybercrime but there is around, let's say, about 220 international treaties that have made more precise what is European Convention of Human Rights is to be in all areas of work. So we also need to ensure that that cooperation is not solely at the level of the ‑‑ at the level of law‑making but also in education and others.

So, we discussed this, for example, democratic processes in micro targeting, data protection, content moderation, cybersecurity, and the role of artificial intelligence in all of that.

To give you a few examples, for example, we are organising the world forum for democracy in 2019 and the key topic there will be information and democracy. As you can understand, this is obviously something that is closely connected to the work of the Internet intermediaees and Internet service providers but also the technical community.

Last February, we organised a major high‑level conference with the participation of ministers and state secretaries on governing the game changes, what are the impacts of artificial intelligence on the development of human rights rule of law and democracy. So these are things that we consider in a constant basis.

We also work on, for example, issues like within the committee, Council of Europe committee on counter‑terrorism, terrorism on the Internet, how do we deal with it, what are the recommendations we would like to put forward.

Another example, the study of the European Commission against racism and intolerance, to look into discrimination, artificial intelligence and algorithmic decision‑making.

So as you can see also in education, also in ‑‑ on hate speech, we do intend to cooperate and we continue to do so. For example, right now, we are also elaborating a new recommendation on the whole issue of algorithm processes where we have constant participation of Deutsch Telecom, Microsoft, Google, Euro IsPa and others who are involved in that policy making process, including also on data protection, on cybercrime, as I have mentioned before. The participation of companies depends a lot on their own areas of interest. So if, for example, certain companies have more keen interest to work on child protection, they will work with us on those topics.

This is just some general statistics. But what are the current and potential areas for cooperation. As I said, we cover a broad range of issues going from bioethics to child protection, combatting cybercrime, data protection, digital literacy promotion, cultural heritage, E‑voting combatting money‑laundering etc. So there is quite a variety of issues to tackle together.

The future, of course, focuses on deeper cooperation. We will have next month an official meeting also again of the committee of ministers and Internet companies where we will discuss more the role of algorithms in content moderation, including identification of terrorist content, as well as miss and disand mall information during election campaigns and another issue that has come to the surface is definitely also the question of facial recognition.

Within that context, there is now a general reflection going on to which extent should the Council of Europe develop a regulatory instrument, a treaty possibly, on artificial intelligence, to include a number of elements of, some say put some beacons out there, do we need to do that, how should we we do that? What is the added advantage of that? Or what is not? So all of this you will find, I have got some copies of this little paper here which is a one pager on, that describes the partnership with companies and I also have some copies of the recommendations that we have issued recently. Thank you very much.


Acchilleas: Thank you for reminding us also how soft cooperation and can be very efficient, and a tool we should not neglect. Any questions?

AUDIENCE SPEAKER: Thank you for your presentation, very interesting, I am from Orange but also representing the ETNO which is the European Telecommunication Network Operator. So my question is very simple: Have you some collaboration with ETNO so far?

PATRICK PENNINCKX: Yes, we do ‑‑ ETNO is part of the partnership as well, ETNO has signed ‑‑ was one of the first signatures.

AUDIENCE SPEAKER: One of the first, okay.

PATRICK PENNINCKX: And orange as well.

AUDIENCE SPEAKER: Hi, thank you. Malcolm Hutty. I am going to make these remarks in a personal capacity but amongst one of the hats I wear is chair of the intermediary liability committee at EuroIspa which is one of your partners. I wanted to ask you about how you are viewing the issue of complaints made by states for violations of terms of service? To a very large extent intermediaries find that when they get complaints about content or users, the complaints are made not by reference to an allegation of a breach of law but by reference to an allegation of breach of the terms of service, Code of Conduct violation, whatever ‑‑ however it's phrased on that particular service. Now, of course, online services have the freedom to say what kind of content, what kind of behaviour is allowed on their surface. They don't have to permit everything that is lawful on their surface, they get to say actually, our service is for this purpose and not for that. And as a result, that makes it much easier for state actors as well as non‑state actors to use a broader sort of range of prohibited behaviours and to get out of strict questions about whether or not this crossed some kind of legal threshold into but surely you can take action anyway.

Has the Council of Europe looked at the implications of that as an issue particularly one done by state actors, and particularly one done in concert with state actors, also trying to encourage and coordinate online actors to broaden the range of prohibitions in their terms of service and narrow things beyond that which is prohibited by law? Is that something that you have looked at?

PATRICK PENNINCKX: The Committee of Ministers has actually taken a recommendation on the roles and responsibilities of Internet intermediaries, and that refers to also how the states should behave with regards to Internet intermediaries, because we feel that a number of legislations that have been passed more recently, basically puts the burden on the Internet intermediaries, puts the judicial authority in certain manner with the Internet intermediaries, and we do not think that this is a good development. So, we ‑‑ in trying to determine the roles and responsibilities of Internet intermediaries, we have also tried to limit the roles and responsibilities of the Internet intermediaries. I think it's important that any development, because the ultimate for us, the ultimate decision‑maker, will be the Europe Court of Human Rights, in a certain way a number of legislations that have been passed which puts responsibility on the Internet intermediaries, may be defaulted in a way by the European Court of Human Rights. We are not there yet but because the applications of the law have not necessarily gone through the whole national procedures when it comes to liability issue, for example, but that is certainly something that we will look into. And that is the also why these recommendations which are basically soft law, become hard law when they are interpreted through the European Court of Human Rights.

MALCOLM HUTTY: I see that. It was more the implications specifically of making terms of service to standard. I mean, if you give you a specific case then. The European proposed regulation on terrorist content online, that creates new obligations for online intermediaries to act in response to a complaint about allegedly terrorist content. It also includes statements that the services should act with respect for fundamental rights and so forth but when it does so it says, nonetheless, the service has the full freedom and retains the full freedom to say whatever it likes is not permitted on the platform. So, when you consider a particular case, an allegation, you know, a complaint by a state actor about allegedly terrorist material, when that is being made not by reference to a legal standard for terrorist material but to a terms of service violation, actually the idea that it's even embedded in the proposed regulation of the right to appeal that this was incorrectly decided, is ‑‑ but decided according to what because if the standard we can decide that we don't want it, then actually there is no real basis on which to mountain appeal. That's fine when you consider it's only a purely private matter, but when it's actually, this is ‑‑ that standard is being essentially created by coordination with state actors and is being enforced by the initiation of state actors, does that not an area of inquiry that would be relevant to the kinds of things that you look at?

PATRICK PENNINCKX: Of course, and I think for us, for the Council of Europe the ultimate check basically with the European Court of Human Rights is, was it lawful? Was that a lawful decision? Was it embedded in the law when the State decided this? That's one.

MALCOLM HUTTY: There is a difference between lawful and on the basis of law.

The second is the proportionality principle and the third is to which extent was it necessary in a democratic society.

So, these issues would seriously be looked into.

MALCOLM HUTTY: We have a queue here so I will yield the floor. I will just say I would suggest that would be something you might look into in detail.

PATRICK PENNINCKX: Thank you so much.

CHRIS BUCKRIDGE: RIPE NCC. Malcolm is a tough act to follow. I really just want to say thank you for coming and speaking about this today, and to commend Council of Europe on this approach that they are taking. I think, well, RIPE NCC has had some contact with Council of Europe over the years but I think, and it's not always issues that are so directly pertinent to what we do and so I think it's good to be able to come in and out a little bit but be be aware of the issues you are working on but I think the approach you are taking with soft law and with bringing in all of these different groups, many of whom we do work closely with in a part of that ecosystem, it really does suit well the mode of operation and policy making that this community has and it's an opportunity that the RIPE NCC is able to actually contribute there.

So, I just want to say thank you very much for that and I do look forward to seeing how we can contribute going forward.

PATRICK PENNINCKX: Thank you. And I sincerely hope that the RIPE NCC can consider, I don't know your decision‑making bodies or how you come to a certain decision, but we would certainly welcome a close cooperation with the Council of Europe. We do already do so, we already do so in a number of areas, for example on cybercrime we have cooperated, training we have cooperated so we are definitely interested in seeing to which extent RIPE NCC could be part of this partnership.

CHRIS BUCKRIDGE: And the one additional point I'd make not to you so much to the rest of the room if you are seeing issues in the presentation that Patrik made here that you think the RIPE NCC could take a position in or help to provide some perspective then please find me or anyone on the team and let us know because we are certainly very happy to talk about that.


AUDIENCE SPEAKER: After Malcolm and Chris it really goes downhill. Thanks so much, this is Niels, University of Amsterdam. In your work and in the framework you are considering on algorithms does that solely focus on con tonight moderation or could artificial intelligence and informed routing also be covered by such frameworks policies?

PATRICK PENNINCKX: Honestly, I don't have ‑‑ I don't know. Quite frankly, I have not given it a thought, and I'm not sure that the persons within the expert committee have given that a thought. But I will certainly inquire about that, and it's, just for your information, the recommendation on the possibilities of manipulative possibilities of algorithms is still under consultation, so I would, I think over the summer, there will be an open consultation to all stakeholders with regards to comments they may have on this proposed recommendation. So, I would invite you to have a look at it.

AUDIENCE SPEAKER: I will cancel my vacation.


Acchilleas: Can we pass to the next presentation by Collin Kurre and Michele Neylon, human rights assessment for registrar and hosting services.

COLLIN KURRE: Hi there, good afternoon. It's actually great that we are following Patrik's presentation because this is a very similar vein but we are kind of narrowing the scope a little bit to focus on one small collaboration that our organisations did, along with the Danish institute for human rights which is a national human rights organisation coming out of Denmark.

Michele, would you like to introduce yourself.

MICHELE NEYLON: Thanks. So I am the founder and CEO of black night, we are a hosting provider and registrar based in Ireland. So, Collin Kurre and her colleagues have been attending ICANN meetings for the last couple of years, I think she cornered me in a corridor somewhere and said hey, would you like to do this, this human rights impact assessment thing, and I am like right, okay, maybe, what the hell is it. We started talking about it from there and I suppose the first thing just I would say before we get into what we actually did, was for me when I heard people talking about human rights I always had this idea in my head of owe he pressed people ‑‑ oppressed peoples, down trodden minorities, all those kind of things, when you think of human rights at a high level that is the kind of imaginary that comes to mind. Whereas when we started looking at this closely and wrapped our heads around what they were talking about, that wasn't really what it was about, it was more looking at our business in and how it impacts human beings and their rights or lack of them. So I will go back to you.

COLLIN KURRE: And then I would just mention that we our third collaborator from the Danish institute, they were really integral to getting this project launched so I think we need to give credit where credit is due there and we are actually adopting the methodology that they have deployed with big companies around the world in a variety of sectors.

So moving on. Why should we care about human rights here in the Internet industry? For a long time there was this kind of feeling that technology was neutral or maybe that things that happened online, on the application layer were perhaps not of as much concern as making things work on a lower layer. However, in recent years, recent decades, we have really moved beyond netiquette which was this kind of ‑‑ behaviour that have proven insufficient to deal with the real world problems that we encounter on the Internet. But the question remained: What standards are we going to move towards? Would it be standards of well‑being, code of conducts, ethics? And we believe that moving towards internationally recognised human rights frameworks as Patrik elaborated before, is a more ‑‑ a better approach because, unlike codes of conduct or ethics that might vary from different groups or different professions it's very clearly defined, it's been a lot of, we have had infinite publications and interpretations from courts of law around human rights. It's also more universally agreed upon than standards of well‑being which could be very relative.

So working from this basis of internationally recognised human rights frameworks and the legal bases that they are routed in, we moved on to focus on the United Nations guiding principles on business and human rights which attempts to bridge the divide between states and companies and defines that the states have the duty to protect human rights and that corporations and businesses have the duty to respect, and that both must provide remedy to any kind of human rights violations that may occur.

So, I actually brought a few brochures about the application of the UN GPs to the Internet industry, and it kind of spells out a few of the reasons why these types of companies would or would not adopt them. So they are on this table over here if you want to grab one of those.

So, this is all very high level so far and it's kind of in keeping with the presentation that Patrik got ‑‑ presented but we wanted to focus on what the specifics of the collaboration would like like, how is this kind of collaboration or how are these assessments ‑‑ how is corporate human rights due diligence implemented. (Look like).

So, looking at human rights due diligence and practice, it is a continuous and ongoing process, it's not something that you can do and say it's done and dusted and we don't have to do it again. These are ‑‑ this is kind of one of the established frameworks for, that's coming out of the Danish institute and their toolbox for assessing human rights which I would be happy to share with those who are interested. So it's important to first develop a policy commitment for human rights and begin assessing the impacts that your business might have. After that, you are meant to integrate these findings and this is supposed to be an iterative process. So like I said when you release a new product and when you have any kind of change in your business model, consider the impacts that might have. In terms of your responsibility to the community and to it the broader society, tracking and monitoring and then communicating and reporting on these, both the impacts and the measures that you have taken to mitigate potentially harmful impacts, are equally important.

However, in this exercise, we were really focusing on beginning to define what the human rights impacts might be in the space for actors such as registrars because this is something that hasn't quite been fully explored in an operational way. It's important to note here, however, that generally in terms of the United Nations guiding principles standard a human rights impact assessment would consist of third party verification and as well as meaningful engagement with affected rights holders. Because this collaboration and this exercise is still in the beginning phases of trying to determine what types of tools and methodologies might be applicable to infrastructure providers, it does not include this kind of meaningful engagement with affected stakeholders. Therefore we refer to this as a gap analysis or scoping exercise because it's not quite the standard of a full‑blown impact assessment.

So looking at the different types of human rights impact assessments that exist so far, you could have integrated HRIA that could be done alongside regulatory impact assessments or privacy impact assessments that are referenced in the GDPR, standalone HRIAs are sometimes have a perception problem because if just a company performs its own HRIA without any engagement from civil society or from national human rights organisations, then it could be seen as rights‑watching or not fully encompassing and alternatively, if you have a strictly community‑led human rights assessment they might not have access to the knowledge or the processes that would really be necessary to have a really rigorous assessment. And it might be seen as unfairly biased against the company.

So for sector wide impact assessments that is something that already exists in things like fishing fisheries or textiles in certain countries. It would be something that would be very difficult to implement in the ICT sector but nonetheless there is certain actors looking out for impact wide assessments within Europe. However what we were trying to do is work together and have an iterative process, a multi‑stakeholder impact assessment where it was a kind of iterative process.

MICHELE NEYLON: So I mean, one ‑‑ I don't have thousands of staff and offices spread across the globe. I have less than 50 staff. And while headline concept of doing something like this was attractive, obviously we didn't have the resources to spend huge amounts of money, time or whatever on this. So the ‑‑ so I think that first off, it wasn't terribly painful, it wasn't particularly hard. So I think we kind of went through a process where Collin Kurre and her colleagues sent us over some initial queries and we worked with them remotely via e‑mail to look at those things, address those questions and as we moved the project forward we agreed that they'd come on site and do two things: One was to gave bit of training to our staff, which was kind of cool, and they haven't revolted since, which is good. And then we spent like a day kind of going through in more detail various questions and things, and I think part of the key thing to understand with this process was, they were very conscious of the fact that one size does not fit all, that it's very different if you are doing this with a company our size versus say a GoDaddy or Verisign or somebody like that who would be significantly bigger and would have different powers, as it were. I mean, for us, for example, we might be in a position to influence the policy of our local ccTLD because we are a large registrar for them so they might care. Whereas if for example we don't like what Verisign is do, vine going to politely tell us to get stuffed. We can't move the needle on that. The other thing as well, we were looking at it in terms of our policies and processes with respect to our staff, policies and processes with respect to suppliers and then policies and processes with respect to our clients. So looking at a kind of three kind of strands, as it were.

Again, you know, with say, for example, with the suppliers, it depends. I mean, obviously if I buy 1,000 euro worth of equipment from a company that turns over several billion a year, they don't really care if I don't like something they are doing, whereas different paradigm if it's the same simply we have more kind of power in the equation, I suppose.

Back to you.

COLLIN KURRE: This concept of leverage was really important throughout and we were trying to take into consideration the unique context and capacity of the company that we were working with. And as Michele highlighted there were several aspects to the assessment, looking at a lot of supply chain areas, so, yes, employment, procurement, provision, etc., and the real meat of where the collaboration came into play was the provision of goods and services. So that's where we had a lot of questions and we had a lot of collaborative thinking in terms of what types of elements would be important, what are the salient rights which we identified to be privacy, security ‑

MICHELE NEYLON: Privacy and security were the main ones. I mean, the kind of things for us was kind of interesting with some of this, we are an Irish company and based in Ireland, we generally try to respect Irish law, most of the time. So certain things are kind of obvious, you know, don't go employing five‑year‑olds to clean the toilets. I mean, this is illegal, you know, you can't do that. So actually, what they were suggesting is okay, we know you know it's illegal and you are not going to do it, why not just document it. It's a silly example. But those kind of things that we would have just taken for granted. I mean the kind of things like antislavery policy for example, we didn't have one.

COLLIN KURRE: But it becomes more relevant when you see the ‑‑ UK anti‑slave act which imposes this kind of obligation so in effect this type of gap analysis can identify potential pressure ninths might be a matter of legal compliance now, but could very well be in the future so it's quite useful to develop things like having the supplier Code of Conduct, for example, which is something that we helped them work on. It might not be as relevant when you are talking to GoDaddy but it could be very useful if you are considering buying new servers from an entity in town and you want to say have you considered where your ‑‑ where the metals are sourced from and things like that.

Let's see. So specific elements of the tool, the way that it works is, you saw the little kind of cascade back there. It's essentially a big, a master monster spreadsheet and we carry it out via a questionnaire. And it is a very iterative process. So we ask a question saying do you have this kind of certification and this standardisation, do you have a playbook in place to respond to requests for user data, things like that. And then the answers would be yes, no, requiring more information, etc. The part where the collaboration comes into play is that we don't always hit the mark, sometimes the questions that we are envisage aren't necessarily as technically viable as we might think so this is where it was very useful for us to have a kind of dialogue and he would say that doesn't make sense for me and my company and we would say okay, let's back tram and let me tell you what we are actually trying to look at and measure here and we would work together to develop an indicator that would be applicable, ideally not just for black knight but for other similar companies that offer similar services. So the goal here was to, in addition to have a mutual exchange of knowledge, but also to begin developing tools that would be applicable for other similar businesses within the space, which is something new that hasn't quite ‑‑ that hasn't been developed yet.

So, outcomes of the process.

MICHELE NEYLON: This one for us, what did we do? Did we kind of get a document and go oh that's nice and then we shred it? I mean, for us I think it was an interesting process to look at did we have some of these policies, I think there was one, for example, a whistleblower one that my HR manager was having terrible difficulty getting her head around how do we do this in such a way that we can do it so that it complies with both, the unemployment law, how we can do that, for our staff. Just like documenting some of the things we were doing, and then looking at documenting things that we hadn't really been doing. So, for example, as you can see from the slide, the slide gives me about as much information as our transparency report as you are likely to find because I still haven't had time to sit down and write the damn thing but we have been documenting it as part of that so at some point over the next six months maybe, when I get a free afternoon I will write it all up and you can see the crazy requests we get from law enforce.

COLLIN KURRE: What that looks like for us was rolling up our sleeves and doing a deep dive into everything that black knight does. So we reviewed all of their policies and talked to quite a few members of staff to try get a feel for what their business model is, how they operate, that way we could make sure that our recommendations were things that were grounded in reality and things they would be able to act on in a specified time‑line, be it three months, six months, one year, and then we tried to put all of these recommendations into a follow‑up action plan and then we were checking up throughout and so when there were questions about Code of Conduct or we agree that we need a human rights policy what should it look like and we say here are some suggestions.

MICHELE NEYLON: And we are done.

Al Acchilleas: Thank you.


Any questions? No. So thank you very much.

COLLIN KURRE: If anybody is interested in seeing the tool that came out of this or learning more about the collaboration or potentially how it could be applied to your company then feel free to find me, I will be around all week.

MICHELE NEYLON: You can also ask me how painful it was and I will be honest.


Acchilleas: Time for Chris, our regular update on ITU.

CHRIS BUCKRIDGE: Hi everybody. So, tone is very important in these presentations. There we go. Okay. I have been, had the dubious pleasure over the last many years of very regularly reporting on the work that we do with the ITU, and the tone of these presentations is generally, I don't want to say apocalyptic, but concerning, mild concern for what the ITU might be doing and the work that RIPE and the Internet are all about.

I am hoping today's presentation can be a little bit more positive than that. And actually, the interesting thing is that this RIPE meeting actually has a pretty heavy ITU presence in the agenda. I am going doing into why that is, but this is not the only iTouch update you are going to be seen at RIPE 78 if you follow my simple instructions here. But the overall message I guess that I want to leave with you (no I touch) the RIPE NCC and the RIPE community, we are working together with community members are actually working quite well with the ITU and understanding how these processes are going. Maturing our engagement there.

The other thing to note about this presentation is, it's a bit of an advertisement, advertorial, maybe. I am going to steer you off in the direction of some other presentations, which cover the work that we have been doing more practically with the ITU in the last 12 months or so. So the first of those, and I will gist give you the highlights here because Marco will go into the details, is a review of the ENUM delegation procedures and this is something that the RIPE NCC has been doing in coordination with the ITU for many years now, managing ENUM delegations, and we saw a reason to review that, which turned to be actually quite a process, working with the ITU, the Internet architecture board and the RIPE NCC to manage this process. Marco is going to talk about that in the DNS Working Group but it's an example of the practical work we do with them.

Study group 20. IoT and smart cities. This is again a follow‑up from some previous work that was brought to this community, specifically in Marseilles, two RIPE meetings ago, we had a session in the IPv6 Working Group where some work that was being done by the study group 20 was essentially an IPv6 addressing plan, to which the RIPE NCC and our colleagues said this is not really appropriate work for an ITU study group to be doing, this needs to come to the experts the people who have the authority in this space which is the RIR community. That happened, the RIPE community's feedback went back. That has resulted in dot dot dot and I will let Marco fill you in in the IPv6 Working Group. But again I think it's been a positive example of the engagement that we can have there with the ITU by having a mature process for that engagement.

So then the rest of this presentation and it's not a terribly long one, I am going to devote to the Plenipotentiary 2018.

So Plenipotentiary 2018, the Plenipotentiary is a major conference that the ITU holds every four years and it essentially sets the direction for the ITU in that coming time period. It decides on the senior management of the organisation, it agrees on resolutions that cover a whole range of different topics, and basically, yeah, we want to be there to understand what the ITU is going to be doing in the coming period.

This meeting took place over three weeks, so it's a considerable commitment, in November last year, in Dubai, and we participated, we had I think three or four people there from the RIPE NCC at all times. We were somewhat lucky in that we obviously have the RIPE NCC staff based in Dubai so we were able to leverage a bit of that. The high‑level issues that were under discussion there, and I am really keeping it quite high level, of course the role of the ITU in relation to the Internet. This is a topic that has been under discussion for many years now, working out where ‑‑ what sort of decisions are appropriate to be made in the ITU, how the ITU sits in relation to Internet issues as Internet and telecommunication become ever more interlinked. There is ‑‑ there was new leadership decided at the sectoral level and this was an interesting development because we saw particularly a new head of the development sector, and this is Doreen, who is an American woman, the first woman actually to lead one of the ITU sectors, but who has worked in the ITU secretariat for a considerable number of years and US state department before that and interested to see how she is going to push that over the coming years. What we are hopeful of it can be a bit more of an opportunity for cooperation with RIPE NCC and other I‑STAR partners towards capacity building in the Internet space.

And then I think the other real key thing that came through here was the remit of the ITU more generally so I mentioned in relation to the Internet, but I think it was interesting to see in some of the discussions where some Member States of the ITU are pushing that organisation. An example of this: So this was a press release that made its way into my inbox early in the conference, I think during the first week. Good news, it was about Doreen's election, the first woman to be elected there. Does anyone want to guess what I might find a little strange about this headline? No. Okay. The it doesn't stand for technology, it stands for telecommunications. What we saw in the conference was really a push to take ITU into spaces like AI, like all of the applications for technology in things like smart farming and smart cities, once you start saying telecommunications includes smart everything, you kind of talking about everything today and so there is a question there of what is the remit of the ITU, how broad does it go and can we consider its authority to be in this space? And this was really I think at the heart of some of the really interesting and rather lengthy discussions that happened in Dubai.

Now I gave a presentation on this last October in Amsterdam at the last RIPE meeting and so I am not going doing through in detail all of this, but you can download the slides if you have got a smartphone, you can perhaps use the QR code there, I have been accused of being in the pocket of big QR how I have been pushing these in slides. There is more details there on the resolutions that were proposed, and also some diagrams showing the structure of the ITU if you are interested to learn more there.

But the short version is, there were a group of resolutions which informally known as the Internet resolutions. These were obviously of great interest to us to see what happened there and see some of the proposals and there were a number of new resolutions proposed, one on over the top servicings, artificial intelligence and one on participation of small and medium enterprise in ITU activities.

The outcomes, and again this is quite high level, on the Internet resolutions, essentially the status quo. And that was an interesting outcome because you are devoting three weeks, many late nights, long sessions, to kind of come to a position where everyone said okay, well, we can't really agree on a way to make these better because what is better for someone is worse for others, so we are basically examining to end up with kind of the same thing here (going). What that meant is there was no increased authority for the council Working Group on Internet public policy making, that was a concern going in. It meant there is no real increased remit for the ITU in relation to cybersecurity, again another issue that really was causing people some sleepless nights.

And then on other resolutions, the resolution on OTTs was adopted. The title is actually only OTTs. And that in itself proved contentious but that was adopted after some very lengthy negotiations. And concerns basically, states' interest in how they might regulate OTTs, particularly in international cross‑border context. The resolution on AI was not accepted and that was following very, very lengthy discussions and again, came down to that issue of what is the remit of the ITU, how broad is it, how broad can we consider it.

One issue that proved surprisingly contentious was resolution 139 on ICTs to bridge the digital divide, and specifically language on recognising the role of small and community operators, didn't make it into the final draft. You would think relatively innocent text and it was certainly something that the Internet Society for an example was quite involved in in pushing and working with a number of Latin American states in particular. What we saw was, some Arab states and a number of African states really pushing back very hard on that and this is an example, which I don't exactly claim to understand all of the politics behind it, but definitely something where political agenda was driving this rather than some objection to what was specifically there.

The final point want to make about the Plenipotentiary is, well, this quote which I put in my RIPE Labs article summarising it really goes to the heart of the matter. And that is a sort of shorter summary. So, Ms. Sulyna is head of the mall Asian delegation and was also chair of the Working Group of the plenary so one of the major Working Groups in this session that was looking at the Internet resolutions at the conclusion she gave a speech and these two paragraphs were in there, basically noting that the work here proved more difficult an ever to reach consensus. It involved late nights, it involved people yelling at each other at times, her point and I think it's one that many people left the conference wondering about, was is this sustainable, can the ITU continue doing in this direction with entrenched positions becoming more and more entrenched and unable to find some sort of consensus agreement between them. So it's going to be an interesting four years and interesting to see how that plays out in the other major conferences coming within those four years and up to the next PP.

Looking ahead in terms of our engagement, study group 20 continues, as I say, please go to the IPv6 Working Group, Marco will talk a bit more about why we are still continuing to engage there and what the concerns are.

Other study groups. That's vague, I realise, but deliberately so, because we are starting to see these Internet questions that relate to RIPE NCC and our community popping up in various other study groups, study group two in the T sector, three, the one as well. In the coming years we will have a major event in the WTSA which is the major event for the T sector, the standardisation sector, and we will have WTPF in 2021, that was one of the outcomes of the Plenipotentiary and which will almost certainly consider Internet issues. So an ITU devoted specifically to the Internet. We will be there for that and we will work with the community make sure that you are and aware of the issues that are being raised there.

Finally, just in terms of where what are our goals, I think it's pretty straightforward for us, the goals that we have in going to these events, building on the authority and the ex per advertise that the RIPE NCC and RIPE community, policy making venue for Internet related activities in a very specific area. And identifying opportunities to better engage our community and members through cooperation with the ITU so using it to engage with our community. That's probably not something that a lot of people in Europe would recognise as a useful goal but particularly if we look to Middle East, to Central Asia, the industries there much more tightly bound to government and much closer relationship to how government interacts, and so by working with the ITU we can actually find a better way or at least improved engagement in that space.

And so that's me. Open to questions. I have also put on here if you download there should be a links to a few other summaries about the Plenipotentiary so there is the RIPE Labs one, Samantha Dixon wrote a very good one and there is a link to the ITU documents, the outcomes of the conference. Thanks.

Angst Acchilleas. Questions?

MICHELE NEYLON: Interesting enough presentation, but quite a lot of information in a very short period of time so I won't even pretend to have fully consumed all of that. I suppose the question for me really is, how can we help you to engage better here? Because the kind of thing I think that some people would be worried about is when RIPE NCC staff are off attending these things on behalf of both RIPE NCC and RIPE, that's us and it's sometimes not 100 percent clear to us exactly what the issues are you are trying to resolve and how we can help to engage with you to make sure that you are sending the right kind of messaging?

CHRIS BUCKRIDGE: I would be very careful of saying the RIPE NCC is there on behalf of RIPE or the community. I think this is a very diverse community and any claim we have to represent everyone in this room, let alone everyone in our membership or on mailing lists, is very dubious. So I think ‑‑ I do see that, as I said, we have matured our engagement here and I think that's come through working with community members who are involved in the ITU and I am looking at Jim standing behind you there as an example of that. But again, as I was saying when Patrik spoke, talk to us and let us know if you see issues that come up through ‑‑ hear about it through the grapevine. I think the iTouch is keen for more (ITU ‑‑ knowing the department of burr crassy that is involved there, so talk to us, we may have some some perspective, we may have heard about the issues or not (depth) and that may be a useful tip for us to say this is something we need to keep an eye on.

MICHELE NEYLON: While you may not be engaging there on behalf of everybody, you could still be seen as because ‑‑ and I doubt there are many outsiders who understand the difference between RIPE NCC and RIPE, I mean there is plenty of people who don't understand the difference between RIPE NCC and RIPE but it suits them.

CHRIS BUCKRIDGE: It's a grey line, outside of this room probably is a tough sell ‑‑ or at least tough to make people understand. But consider it more of for ourselves a guiding principle, I guess.

NURANI NIMPUNO: Excellent presentation as always, I will say it again, I appreciate these very compact reports because there are a lot of ‑‑ that you cover and it's great to report it back both in this format and back on RIPE Labs.

I just wanted to ask for your perspective on, so you brought up some of these challenges at the Plenipotentiary and while I have taken a little bit of a step back from those issues, I did follow it from afar, and I, you know, I was there in 2014 and I was sleep‑deprived but I get the sense that this had ‑‑ the challenges were on an even higher level this time, and the fact that there was this recognition that there was a deep divide in the room was, I find quite remarkable. And from what I understand from others, you know, it's several reasons for that, you know, the different sort of basic infrastructure issues to increasingly technical issues that maybe not everybody in the room have the competence to manage or to comment on. I think maybe also the shift in leadership in the ITU might have also changed the way you sort of manage some of these very contentious issues. So I just wanted to hear from you, obviously there was a recognition there is this increased divide and it's going to be harder to actually reach consensus on some of these things, but were there any ‑‑ have you sensed that there were ‑‑ there was any wisdom shared on how to actually resolve this, changes, you know, in philosophy or within the ITU or any otherwise reflections that might give us hope for the future?

CHRIS BUCKRIDGE: I think as you say, recognising that there is a problem and being and openly saying there is a problem here, is remarkable in itself and is the first step towards that. I am not sure there were any solutions really thrown around. I think it is interesting to see how dynamic a sort of situation is. Just sort of looking and and this is a mundane example almost but an ironic one given the discussion about OTTs that was going on, to see and to hear from people about the number of different WhatsApp chat rooms and the ways that was being used by people in the conference in a way that hadn't, certainly wouldn't have been four years ago, is interesting because it changes the dynamic and it changes what authority people perhaps feel they have on behalf of their country, there is a lot of I can't answer that right now and I am checking with my head of delegation and I think it's a bit up in the air in terms of where will that land, in terms of a new mode of discussion.

NURANI NIMPUNO: Because it can bring vitality and make for more dynamic discussions, but governments are governments and it also ‑‑ they can't always be ‑‑ make decisions on the spot or they very rarely can so can introduce this uncertainty and this, it can force people into their sort of most safest positions which means you are not approaching each other but you are falling back into your sort of default position.


JIM REID: A couple of points. First of all, Chris, could you suggest to the next piece of music is Monty Python's always look on the bright side of life. The main point I wanted to make at the mic is that you and your colleagues are doing a fantastic job here, it's an outstanding job and having seen you guys in action...


CHRIS BUCKRIDGE: I will point to Marco who is behind you there particularly who is ‑‑

JIM REID: Marco has done a fantastic job, and I am very, very grateful for his assistance and cooperation on things that I am trying to achieve there but also I think you are under playing a little bit of the role you and your colleagues are doing in this setting because another key part of what you are doing, I know you are, but maybe other people don't, you are engaging with like‑minded friendly governments who are trying to advance the agenda for the betterment of the Internet which is not necessarily with the case of people that participate in the ITU and it's good to work with those governments to see hopefully common sense can prevail.

To the comments that both Michele and ‑‑ is to perhaps give more information to the RIPE community about the upcoming topics so that the people here can talk to their ministers and governments back home because that's how the they kind of influence. Certainly if you can go there and present on had been a of the RIPE community and RIPE NCC that is all well and good, you are a sector member, you are at the back of the room it's the Member States that make decisions, by talking to your government representatives and if you can help people to say these are the hot topics and might want to discuss with your governments back home.

Finally to Nurani's point about the rationale of the ITU, a lot of decisions are based on geopolitics and not immune to discussion on either technical facts and that is a fact of life. So we have to realise that that is part of the problem space that goes on in the ITU discussions, it's not about technology or whether some prevailing system is right or wrong it's about politics and certain cases we will see one Member State will oppose something from another Member State just because it's from a state and that is just another fact of life. And we have to realise that is the part of it too, it's not necessarily about rational decisions based on sound engineering principles, that's just a fact of life too.

AUDIENCE SPEAKER: Three years ago you, Chris, presented something about representation of technical community in Internet governance, and mentioning ‑‑ related activities like Whois. So three years past since your presentation called technical community representation in international Internet governance. Well, did something change since then, any follow‑ups and actually how technical communities is technical community is being represent ared in such organisations because you said we need to be careful, since that presentation what has changed and how things goes?

CHRIS BUCKRIDGE: I think when I say RIPE NCC's engagement here has matured and it's not just the RIPE NCC, I think, ISOC, Internet Society has also matured its engagement, ICANN is evolving there, they are actually looking to become a member of the ITU this June, so that would be a change in their relationship to it as well. So we are seeing a little bit more coordination of the technical community and active engagement of the technical community. So I think that's probably the biggest change and it's a gradual one and not a sort of black and white shift but it's something that is positive, I think.


Acchilleas: Can we move please with Carolina.

CAROLINA ARE: So my name is Carolina, I am a second year PhD student at city University of London. Just as a headsup my background is slightly different from the technical Internet side of things, I am a social scientistist, I have experience in journalism, my PhD is criminology and I have worked in PR for six years and I am more on user/academic side of things, I would welcome your feedback a lot on how to solve this problem at the end.

What I am going to be talking to you today is how the infrastructure of social media has enabled users to pretty much make the most out of it for their own reasons. My paper sits at the intersection of criminology and social media studies, due to my background and the aim is to identify the typical patterns of flaming, which I define as also digitised hate speech on high profile criminal cases. And this is because it's, it will become apparent it sounds like something that only evil people would do but it's something we could all do, precisely because of how social media works. So what I would like to do after this presentation and through my PhD in general is to find these indicators that together show why in these particular cases certain contents should be removed and regulated and how we can do that.

So, if you have been following the news around social media you probably know different platforms have different ways to regulate content that doesn't comply. So, Facebook, for instance, recently made the news because it rightly removed a bunch of far right content but then you get platforms like Instagram and their shadow band which has been affecting women that show some skin due recent US laws relating to sex work, no women, no skin, and there is platforms like Twitter which are also notorious for their refusal to regulate anything freedom of speech related, and I get this headline from buzz feed from a few years ago says everything what they think about it.

So in terms of flaming and what it is, I call it ‑‑ well flaming is in the generation of trolling so I am sure you are all aware of that, it's the annoying person trying to disrupt the conversation, it's the guy tills you are fat while you are trying to make an important argument or sends you a link that means nothing and, it's playful rude and annoying but hardly ever a crime. Flaming, however, is proper online harassment, so it's threats and repeat and often group‑led abuse, and goes beyond the mere conversation disruption. Some people say it's a silencing strategy to get people away from social media altogether and often protects sexual orientation, race, religion etc.. I am looking at high‑profile cases however, because the protected category idea changes in terms of high profile criminal cases. These people might not be a protected category any more because of their gender or sexual orientation or what happened to them or their families.

So, I am arguing that flaming and cyber harassment is a translation ‑‑ online translation of hate speech in real life and in real life hate speech is regulated by‑laws so why should we not do the same online, either on a platform level to start with or on a governmental level? Plus, hate speech and whether it's online or off‑line has long‑term consequences because it brings us to accept derogatory statements as normal and it makes us think that demonising a certain group of people is completely normal. There is a sense of impunity that comes with it as well because if you think you can say anything about a group or a person then the step to thinking that you can do anything to them, it's not really that far. For instance, in the UK, during well, I am saying the B word, in the times of Brexit, unfortunately, a member of parliament Joe Cox was murdered and although the person that murdered her was not a troll or a flame troll, he was consuming quite a lot of this very extreme content. So I mean I am not saying everything you read online you will end up doing but for certain people it does have consequences.

In terms of my studies, so I am focusing particular high profile criminal case which is the disappearance of Madeline McCann, especially after the Netflix documentary, I am sure we are all aware what happened Madeline is or was a three‑year old British child that disappeared from her parents' holiday home in Portugal in 2007. Yes, 2007. But, there is a community of users on Twitter that are still tweeting about this every day, no matter whether there is news about the case or not. So, what I have done is, through the Twitter APII have done some data scraping and I analyse 500 tweets containing the hash tag McCann which is what these users use to comment on developments. They post daily and single out Madeline's parents or other people in the case as perpetrators or disappearance or death according to them and it's a blend of defamation and other horrible stuff that develops into a web of conspiracy theories and fake news. I was starting out with a metadata analysis and discourse but I couldn't analyse words within one tweet if I didn't look at the whole conversation. This is what I ended up doing and there is threads, it's quite depressing after a while. But what I wanted to do was observing the conversation to identify and regulate behaviour that counts as flaming on high profile cripplical cases to provide a modus operandi of what this behaviour is.

As you can see here, these are cover images from some of the most prolific users on the platform. They are already quite opinionated, so abduction, or scam, do you believe them, something is reflected in his glasses, I don't even know. This brings us to think, to ask ourselves, who has the right to discuss a highly private case at the end of the day, you know, because it spans everything from her parents' behaviour as parents or why did they go out, everything like that. In a format that leaves a permanent mark because now it's online ‑‑ it's not your comment that you make with your friend in the pub any more. On top of that when does conjecture become harassment or defamation and when does a community that is chatting about something that counts as current affairs start potentially committing a crime?

In terms of the background of my paper and what I'm using hashtag McCann for is to say flaming is not an act of a few crazy psych paths. It's something we could all do this, this is a popular case the hashtag ‑‑ we could technically go and write something like that too if we became very opinionated about it. And what I am arguing is that flaming on high profile criminal cases isn't happening in a vacuum but is a product of the social and political climate of our days and obviously a result of the affordances of social media. So it's a way for a fringe of society to come together and communise which has obviously resonated with them so hashtag McCann is a fully‑fledged community. The not a few nut jobs going there and tweeting. These people know each other even if just on an on‑line basis. There is pro and anti‑McCann camps and they insult each other every day. There is influencers in the communities and tollers, so the influencers will create and share content, they will translate from Portuguese police file and the trollers will retweet it across the board pretty much. What I found quite interesting in my data collection is they talk to each other mainly outside of working hours, this means they are normal people, have normal jobs and life, many of them have profile pictures with their families, "mother of three" "pensioner" whatever, it's not your psychopath murdering a member of parliament outside Westminster it's ‑‑ the age group is very much it's very much over 50 and that is the probably because these are the people that really resonated with the McCann case when it first came out because they consumed the media a lot and they resonate because they are parents. And they don't agree with the McCanns' parenting, object maybe they are very self right us Mel enials posing as other people. The social circumstances are very important for my thesis and argument because what I argue is that especially in the past few years we have seen, as we have seen from protest votes like the election of trump, Brexit and stuff like that, people are increasingly not trusting elites, they think they are covering up the truth or chem trails, all of that stuff. There is a high incidence of belief in conspiracy theories. From this IRL powerlessness these Internet communities are finding a stage to air their contempt on. And the hashtag McCann community on Twitter is maybe for these people an opportunity to solve the case, it gives them a sense of purpose as is shown by terms by looking for truth, justice for Madeline, which is actually written in their bios, it looks like it's their calling because if you think about it, if like ‑‑ if you could think of one of the most horrible things to happen in our society, the kidnap or murder or disappearance of a child, something horrible happening to a child that's at the right at the top and if the culprit isn't found, if we don't know what happened, then it means that the authorities have failed. So these users are taking it up to be the detectives, to be the loan her rows that are solving this case for them it's almost like virtual signalling and the commitment they have signals this.

These are some of the tweets I collected. They are using flaming scripts remember when I talked about hate crime, there is a way of demeaning the target for what they represent. This is what they are doing. The McCanns are liars, they lavish media attention and don't have a conscience," they are trying to pretty much destroy them, not only as the McCanns but as people, and because of that they deserve everything that is being said to them. This is one of the worst tweets, including spelling mistakes, but you could say why I am saying this is flaming. This is a murder accusation targeted at parents who have lost a child, they don't know what happened to that child and then if they were to go online they would see that, they have pretty ‑‑ they are pretty much putting their lives into an evil ‑‑ which is why what I am saying ‑‑ so these are my five indicators of flaming on high profile criminal cases and the contextual vulnerability of the McCanns is what I argue similar to hate speech cases.

They are the parents of a missing child going through a harrowing experience. On top of that, the content that people are writing about them is pretty harsh, it's insults, it's misogynist towards Kate McCann, murder accusations and cover‑up, accusations of being a spy, there is everything, and the intensity. So I have analysed 500 tweets but actually in the space of just over a week, through the API scraping I picked up 2000 and this was a normal week where nothing was happening in the news. So, imagine when something big happens in the news or when Netflix documentary came out, these went on and it's almost like taunting considering the intensity. Before you could just say it to someone and no one would care if it was in the pub. But now it constitutes publication and can be found all the time by both the McCanns or anybody else which brings me to the next point. The legal implications of this are really important because first of all in the past journalists that have published similar content about the McCanns fined and had to pay thousands in libel, slander, whatever it was. But on top of that if you think about the whole idea of a fair trial if you were a juror, like called to testify ‑‑ or to called to decide whether, you know, whoever is arrested for the McCann case in the new developments you would probably think it was the parents anyway because you can't get away from the case, you would have an opinion already about it. And obviously there is the harassment side of things, the viciousness of the language used in a delicate context and in repetition, makes this beyond legality, beyond freedom of expression and something that everybody should have the right to share.

So, the bad parenting, lies, murder and cover‑up scripts are something that are used very specifically in this case but are actually being replicated and you will signed they will tweet about other cases such as the murder of Meredith Kercher and the language used is the same over again. It seems like they are targeting the same person even if the case is pretty much.

We are coming to my recommendations, pretty much as I said, I don't have a tech background so it's is he hard for me to say this is how you should structure the response to these things. But what I am saying is that, as I said flaming can jeopardise the rights to a fair trial. You need a balancing act between freedom of expression and, you know, censorship pretty much for commenting on this case. And it's hard for me to say as I mentioned, you negotiation you should do it this way what I am saying is that because of the contextual vulnerability of victims of high profile criminal cases it's not any more about you shouldn't use this word, it's about you shouldn't use this word against these people in this context. So yes you need an algorithm but also a human to kind of judge whether that's okay or not okay.

So yeah, this is pretty much me.

Feel free to feedback, help me with any infrastructure‑based comment. And that's it. Thank you so much for listening.


JIM REID: A couple of comments. First of all, I wish you would not use the term flaming because I am a an old fart and it was a fairly robust style of debate and it did not have this poison about it and it would be a pity if that original meaning was lost, hacking used to be something that was a good thing and now everything attack on a computer is hackers. It's a shame but there we go. It's very good to get this kind of information here for the technical community but I wonder if some of these comments should be played back into your background in journalism and there is a lot of ‑‑ where they just pick and quote and some random tweets and there is no recognition of the validity of the source of that information, the provenance of the information, it's just Twitter users say it blah‑blah‑blah and that approximates to journalism. I think it's important lesson for editors and people in that frame, but you have got to do the same kind of recognition that you walked there about there that what happens with the technical folk.

CAROLINA ARE: First of all with your flaming comment. I found hundreds of definitions of flaming going from, something like the 80s to now and there is a lot of talk about flaming in terms of how, you know, certain users ‑‑ certain users are flaming especially women. So it's a tricky term to apply and I'm wondering actually if I should just go with cyber harassment or digital hate speech.

JIM REID: Abuse?

CAROLINA ARE: Yes abuse. It's a tricky one so thank you for that comment. In terms of lazy journalism and PR, completely agree. What I am finding here the majority of users are getting their messages about the McCanns the media and recycling it in more of a toxic way. And also, this is the whole problem in the trolling debate, right, because journalists define trolling as just one thing. They don't see it as, you know, a playful thing. They only see it as the bad thing which has resulted in a lot of confusing definitions in academia as well. So the emphasis that you have given me on definition is really appreciated and I think everything else we have to be really careful about how we frame these things because we don't want freedom of expression to be jeopardised.

JIM REID: Of course.

AUDIENCE SPEAKER: You focused very closely on the McCann case in this and made some recommendations that seem to be focused on protection of criminal justice, but I'm ‑ difference unclear really whether you were trying to use this case simply in the context of the criminal justice protection, I mean in the UK we have actually very strong ‑‑ strict laws relating to sub judice which don't necessarily apply in this case because no case pending but nonetheless if it is criminal justice focused then that's one thing. Are you trying to use this to make a case for a more generally rebalancing towards being more restrictive of user generator content in a broader context than just criminal justice

CAROLINA ARE: So the second thing you said. This is another issue with this type of research, that there are so many different laws used to regulate social media content at the same time so there are so many legal reasons why what's happening now is wrong so I am kind of just using it as a case study to show everything could go wrong and stuff like that in real life has been punished through law and to make a case for it.

MALCOLM HUTTY: If you want to make that case for a broader thing as I am sure you are well aware there are many who view those making that kind of case as seeking to reassert a form of control for more traditional media norms and attempting to prevent or restrict challenges to essentially socially discourses by clamping down on outsider voices. And so, and in particularly in very divided political times, you know, you mentioned the B word first so I feel free to, you know, I was wondering if you could answer that by telling me of an example that you have studied of where you think unacceptable trolling and harassment or flaming, whatever you want to call it, has been done that you have identified in a substantive way by or in the aid of a cause for which you are sympathetic and against one to Des pies.

CAROLINA ARE: First of all what you are saying is very right, there is a challenge here, you can't go and regulate outsider or non‑traditional content, this is not what I am trying to do, which is why the human element is very important, we are not trying to restrict minorities from talking we are trying to see where it's harmful. In terms of enemies and friends, I can't give you an example of like actual flaming but I can give you an example of loads of stuff on Instagram that has been banned, from minority communities and I, for instance, think that's wrong and censorship, as I mentioned at the beginning.

MALCOLM HUTTY: You are making a case for censorship so I was looking to see where you can think of where you would want censorship of someone who is doing it in support of a cause that you support or where you are trying to essentially are you willing to play both sides or is this simply a motivated form of reasoning?

CAROLINA ARE: I think I would be willing to play both sides because it's a contextual issue. You can't just say, you know, like, for instance if someone were to say I personally don't like the McCanns when they speak publicly, I think they are cold, I can't sympathise with them. It's not nice, but it's hardly a crime. But if you say ha ha brushing off the ‑‑ there is your daughter's body, it is finding the balance.

MALCOLM HUTTY: I will give you some more time to respond to my challenge.

Rumy: I have a question from remote participant. Carsten Schiefner. Two questions but I am merging in one: Do you have experience of banning or any other repper cushions actually help or would this person turn up again with another name? And the follow‑up question, do you have any other proposals how to deal with this as it appears to be increasingly pressing, getting more out of hand by the day?

CAROLINA ARE: Right. So in terms of them popping up again, yes it's been shown, the conversation that I have analysed actually showed some users suddenly disappearing and then coming back under different pseudonym and being outed by the community itself. So, that is one problem. In terms of other suggestions on how do it, I think ‑‑ I think there has been an issue in the UK in the sense that the press has been let to say so many things about this case that now people feel entitled to do the same. So, I think it's more of a social ‑‑ like there needs to be a change in how we use social media, which has ‑‑ which I think is already happening with younger people. They are ‑‑ especially my students, like generation Z I would say, they are kind of like no, you don't behave like that so I think there needs to be a Code of Conduct that is implemented within like how people take up social media themselves. I think there needs to be an education about self‑regulation first, which is something that I don't think we have ever thought about before, if that answers your question.

Julf: Can I cut the questions here, we are five minutes over time.


Julf: I have a short announcement, those of you who want to vote at the meeting tonight and haven't registered yet do it now.

MILTON: Julf asked me to report about the Christchurch call. How many of you have not heard about it? I see zero hands. That was a joke. The Christ Church was a submit between few governments and big social media platforms it was held on Paris on May 15th as part of the terrorist attack in Christchurch, it was led by New Zealand's Prime Minister who partnered with the French government to seek new ‑‑ as a good example of what we heard something bad happens people see that social media users or social media use is associated with it and the attention becomes diverted to the social media, so instead of having a major conversation about terrorism, white nationalists, anti‑Muslim sentiment, gun control we are almost instantly talking literally within minutes of the attack, CNN in my country was ‑‑ had some social media expert on saying that Facebook should have prevented this person from uploading the Facebook live thing or the attack. And to be sure, the people in New Zealand were really shocked by the up load of this video and it managed to survive on the Internet for about 20 minutes and this led to the Prime Minister's initiative, she really doesn't want that or anything like that to happen again.

So 17 countries and eight tech companies agreed on text called the Christchurch pledge which you can see in that first link if you have access to this slide and I have the goal of eliminating terrorist content and vile enter extremist content online. Interestingly, some of the people, governments did not sign on to this text are the US, China, Russia, south Korea and Finland. It's a strange combination. I don't know anything about why, for example, South Korea and Finland did not sign on to it but I ‑‑ or why China and Russia didn't. I do know why the US didn't.

A day before the summit there was a voices for action meeting between the Prime Minister and civil society groups, that meeting precipitated by Internet NZ played a big role in mobilising civil society groups to participate and she was actually there at the meeting but unfortunately could not be here because she was flying back from Paris rather than flying over here again. So, I am filling in and reporting on that. The civil society groups released a statement which was largely critical of the effort and particularly the rather exclusive and government led approach taken to the matter. So you can find civil society statement on the call and that platform which all of you could join would be a way of participating in the ongoing discussions between civil society and the technical community about the Christchurch process, shall we say.

So, what are the key concerns here: In effect the pledge will encourage social media platforms to pre‑emptively detect and block the uploading of content that is deemed terrorist or extremist. That of course raises all the definitional questions which we are starting to discuss right here about what qualifies as terrorist or extremist. We have a common pattern now, this is another kind of, I don't know, not depressing is maybe too strong a word but we see this again, it's a repetitive pattern in which the governments who are pushing for some new form of content regulations say of course we are committed to the principles of free, open and secure Internet, human rights and fundamental freedoms but we want to do this. And that's just should be a flag, if you see that, pay attention not to the of course we are committed part, pay attention to what they want to do.

So, the interesting thing here is that the platforms are already doing a lot of what they wanted to be done through algorithmic selection and some of them are fairly confident that they can do it even more. But they are being asked now to take "transparent specific measures seeking to protect the up loafed violent and extremist content and to prevent its dissemination on social media and content sharing services ". I would introduce important distinction between preventing the up load which means you know what it is before, nobody has seen it but you have an algorithm that tells you this is something you need to prevent, in in which case somebody has seen it and reported it, we civil society is very interested in maintaining a strong distinction between those two things and most of us were not very happy about this whole idea of pre‑emptive regulation. They have an interesting concept they want the platforms to use algorithms and other processes to redirect users from bad content or to use it to promote credible and positive alternatives or counter narratives. So this is kind of like in the old days when you tried doing to a porn site you would get sent to Disney. So I think they are talking about doing that in a little more sophisticated manner. And again, it's a little bit creepy to some of us, again other people would think maybe this is a great thing. But the idea that they are detecting that you are an extremist and you are trying to find one thing and they are directing you to what they consider to be pro social content, something that really needs some thought. But again, I think the governments are urging the platforms to do this.

So, in terms of process, you know, if you are committed to multi stakeholder governance at the global level for the Internet, you can only agree I think that this was not a good process, that essentially a few governments got together with a few platforms and said let's do something, let's create a new policy. Because of Internet NZ and some other civil society pressure the process was slightly opened up but the civil society and technical community was not in the room when the pledge was moderated and signed and they were definitely sub or theinated throughout the process. There is a lot more detail here but that's a basic report. Any quick comments or questions?

MILTON: I didn't know this was so boring.

CHRIS BUCKRIDGE: RIPE NCC. Very quickly, I think the Christchurch call is quite an interesting development in one sense because Jim mentioned before the work bringing together like‑minded governments in settings like the ITU. I think what we see here that definition of like‑minded governments who have a common idea of keeping the open Internet and keeping the Internet open is not quite as static as it maybe once was. We are seeing governments pressed by the citizens and by events to take stronger stands than they have in the past and that's coming into conflict there occasionally. So yeah. Interesting development.

Julf: Thank you for that addition. Right, with that, with only 15 minutes over time, I close this working session. Thank you.

AUDIENCE SPEAKER: Any other business. So I would like Chris Buckridge to tell something about Russian IGF which appeared some time ago, it's not IGF, it does not have multi‑stakeholder processes and other things, and it appears a bit late resolution of such, when firstly all participants supported in nine of ten paragraphs rights of governments over Internet and again, RIPE NCC, ISOC, anyone from ISOC here, I see Andrew Sullivan, no? ISOC and, and I can support this, kind of this IGP. Lately with help of RIPE NCC resolution hasn't changed from all participants to all organisers ‑‑ so I would like to discuss because I think it's the best thing for organisations, RIPE NCC ‑‑ like RIPE NCC and international organisations supporting not every ‑‑ not every activity should be supported and they should very accurately consider where they participate and what ‑‑ so maybe Chris tells the story more in better English I think.

CHRIS BUCKRIDGE: I am going to be very brief because I know the stenographers also need too have a break. And I don't think I am really in a position to tell the story but what I will say is we absolutely do follow ‑‑ and events like these national IGPs evolve over time. Sometimes they evolve in good directions and other times you have situations where one stakeholder group becomes predominant or takes a different role. We understand we need to follow those developments and we are committed to working with multi‑stakeholder kinds of events. If they go off in a different direction we absolutely reevaluate our participation there, and that's something that we have to do not just with the Russian IGF but plenty of others around the service regions

ALEXANDER ISAVNIN: Just make your evaluations more transparent in public.

Acchilleas: We have a mailing list.

Julf: There hasn't been much traffic on the mailing list. So please, make it live again.

PAUL WILSON: APNIC. Alexander has just reminded me to remind you the next coming Asia Pacific regional IGF meeting is happening in the RIPE region from the 16th to 19th July. So this is an interesting conjunction and intersection of our regions in that the Asia Pacific regional IGF includes the greater Asia region and so everyone and anyone interested would be very, very welcome.

Julf: So if that distinction whether it belongs to one or the other has led to wars, so let's not go there too actively.