The following are the outputs of the real-time captioning taken during the Tenth Annual Meeting of the Internet Governance Forum (IGF) in João Pessoa, Brazil, from 10 to 13 November 2015. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record.
***
>> ANNE CARBLANC: Bertrand gave us the room in time. Perhaps we want to start. Is it okay with you? Nicolas, you're very far, why don't you come here, yeah? Mike, thank you for joining.
Thank you very much for all that are in the room. We hope you find this open Forum entertaining. Okay. It's about next ministerial in 2016 in Mexico, Cancun. And you see the title of the Ministerial on the screen, digital economy, growth, social prosperity. Just a few words to tell you that in the area of the digital economy, the OECD is not organising conferences very often.
The first conference, international conference, was organized in 1998 on e‑commerce in Ottawa. The second conference on the future of the Internet economy was organized in Seoul, Korea, in 2008, this is going to be the third one. It's eight years after the last one. But it's not very frequent. What are these ministerial events? They are events that bring together members from OECD members and partner economies. And in Mexico, we will have our 34 members plus 19 non‑members and they also bring the stakeholders who work on a regular basis with us at the OECD, meaning the business community, the trade unions, the civil society and the Internet technical communities.
These stakeholders will organise a full one‑day series of Forums before the Ministerial itself starts. And we expect to have Ministers going to the stakeholder forums, and stakeholders, of course, will be in our panels.
Very briefly, there are four key Ministerial themes that will be discussed. The first one will be around the Internet openness, which is an issue present in many, many discussions.
It will also be about digital innovation.
The second theme will be around building global connectivity.
We will have a session on trust., a theme on trust.
And then a theme on jobs and skills, because many policymakers around the world begin to worry about whether ICTs, the Internet, are destroying jobs or creating jobs, in which industries. So the first theme is Internet openness and innovation. The first panel will focus on substantiating, discussing how to substantiate the link between the openness of the Internet and trade, innovation and entrepreneurship and economic growth and social well‑being.
The second panel will discuss about policies to discuss digital innovation around the economy. This one is a different format with several countries sharing their experience.
The second theme on building global connectivity will look at convergence and what it means, convergence, notably in terms of regulatory and policy implications.
The second theme will focus on the Internet of Things. Tomorrow's Internet of Things. And the discussion is going to be broad. It's not going to be just infrastructure. It will also look at consumer protection, privacy and security and business models.
The third theme will be on trust with consumer trust and a focus on not only electronic commerce but also the sharing economy, the emerging sharing economy.
And the second theme will be on collaborative action for managing digital security and privacy risks.
And the last theme, jobs and skills will have two sessions. In those sessions, we will not only have Ministers in charge of digital economy or ICTs or communications, we will also have Ministers of labour and ministers of education. And it's our first attempt to begin to push for this cross‑government, which, one, they will need to be, all of government as the digital economy becomes pervasive.
So, you can find filler information at this address.
So with this, what I would like now to do is very briefly introduce our panel. We have five panelists. Two of them are member countries: The United States with Tracey Weisler and undersecretary from Sweden. And then we have civil society, Mark Rotenberg. Nicolas Seidler and ‑‑ from ItaC.
If I could stay start with you, and you stayed away from me, Nicolas, can you tell us in three, four minutes, welcome back to these issues and we'll interact with the audience. What do you think of the key challenges and opportunities for the development of the digital economy that you would like to see Ministers and stakeholders, ItaC in particular, discuss during the ministerial?
>> NICOLAS SEIDLER: Thanks, Anne. And good morning, everyone.
So I think that one of the first questions I asked myself when thinking about the Ministerial was: What's different from 2008‑2016? And I think that at a very high level, one of the fundamental changes is that actually the Internet is not this separate cyber world that's separate from the real world. And actually we see that over the years, IP communications have connected not only devices and computers but also get into our cars, our hospitals, our electrical grids.
So I think that the Internet has really become ingrained in our society.
Economy, it has changed the way we actually interact with each other, the way we learn.
And I don't think that we actually use the term cyberspace anymore. It sounds a bit old fashioned. I'm actually wondering if eight years from now if we will actually talk about the Internet economy, it will be the economy with an Internet component.
So from that perspective, I think that's the real benefits and opportunities that we need to address. I would just like to raise four here.
The first one I think that is really key for policymakers and stakeholders to take into consideration is trust. And I think that the ability to push innovation while maintaining the trust of users could be one of the biggest challenges ahead of us. We have more and more data flows, which means more growth opportunities in database services in the economy. But it also creates more risks that this data may be compromised, stolen or used beyond privacy expectations. So we do need trust frameworks in the development of database services.
And it's very actually important to realise that this is not only about ICT companies. In that there are more and more industries that, traditional industries that integrate ICTs now that deal with vast amounts of data. And also public administrations. And that leads me to my second point, which is security, starting with well known example, which is the theft of data from 20 million civil servants following the intrusion in the U.S. office of personnel management system in 2015. And I know that some people here have been victims of that.
And, you know, from SMEs to public administrations, there are so many more actors that deal with data that we need to integrate a culture of managing security risks across a very wide range of stakeholders.
The third element I wanted to raise is the ability to scale. And that relates to IP addresses, which is a topic close to the technical community.
You mentioned convergence. And I think that as we converge to all IP networks and as more devices get online, we also need more address space to scale.
And all these devices and also the 4 billion people that have yet to connect to the Internet will need IP addresses to talk to each other and to network. This has traditionally been done with what we've called IP version 4, but back in the day, the engineers didn't think the Internet would be so huge and actually became a really big thing and we sort of ran out of those unique IP addresses.
So now there's something called IPv6 that increases immensely the number of addresses available. And I think that it is really key that this technology is deployed more widely, especially when you think that there are some estimates, of course estimates are estimates, but there will be 50 billion devices by 2020. So that's really needed for IP addresses.
And the last element I wanted to raise is related to openness, and more specifically open standards.
The reason we have the Internet we have today is that the Internet architecture works on a set of protocols and technologies that are developed openly and free to use, like the Internet Protocol itself. And these are really the foundations of an interoperable network of networks, that is unfragmented, and also the core of what we sometimes call permissionless innovation. And permissionless innovation, an example that we often use is to say that when ‑‑ decided to create the World Wide Web, he didn't have to ask Vint Cerf or an organisation to do it, or his government, you can just create services on top of that architecture. So that is something that we also think is very important to keep in mind as part of the Ministerial.
>> ANNE CARBLANC: I've noted the desirable would be something on trust, something on security, the culture of managing risk, something on the ability to scale, and on openness. I would like you to think a little bit between while we go to the other panelists about how you would see that translating to, for instance, ministerial declaration coming out of Cancun.
Now, if I may go to undersecretary from Sweden, what do you think of the challenges and opportunities that you think should be addressed? And what should be the countries' highest priorities in boosting ICT adoption, for instance? Are there any low hanging fruits that remain to lift SME's performance on this indicator? Thank you.
>> Thank you, Anne, that's certainly a good question. What I'm thinking of is is quite concrete digitisation of SMEs. There are certainly many different challenges that need to be addressed. And our Minister of IT will be present in Cancun, but this is not what he will speak about in Cancun because I don't know that yet. I haven't written it.
[Laughter]
Or my colleagues, I don't know who will do it.
But I'm thinking in this context specifically of digitization of SMEs. For several different reasons.
For growth, we need to have innovation leaders, but we also need to have innovation followers. There are many, many businesses that are struggling to remain competitive in this globalised economy where new technologies are being used more and more. Not everybody is coping with that.
There was a study in Sweden being made by one of the consultancies a couple of years ago and they showed some very clear regional differences when it came to use of ICT.
For instance, on the West Coast of Sweden, there were a very low level of e‑commerce being used, for no apparent, particular reason. Whereas in the far north, which is quite isolated, there was quite much more. And there were differences also between industries. So we were thinking of how we can help these, how is it possible to address these differences? How is it possible to have more smaller and medium sized enterprises engaging in Internet of Things, automation and robotics and also services such as cloud‑based services and so forth?
I think there is an analogy here that can be used. I'm not a train buff, but my analogy is of a train set. You had the locomotive in the front and you have a very long and very heavy train set. The locomotive is always pulling. You never have a locomotive at the end that is pushing, they're always pulling.
But if the terrain is hilly or very curvy and the train set is long and heavy, the strong locomotive and the heavy tail end will actually, in the middle of the train set, lift or rip the cars off the track.
So sometimes you need to have a second engine in the middle of the train set. I think this analogy applies here, as well. Not all industry, not all companies can be leaders, but you need to support those that are further back, as well.
We're talking in Sweden about the programme that hopefully will be able to take place at least as a pilot in not too far a future. We have a regional ‑‑ we have a national agency with regional contact with industries. We are thinking of having them engaging with manufacturing SMEs where we regionally have a cluster of, say, 10 different companies that network with each other, share experiences, and take classes over a period of time to learn about the opportunities offered by digitization and to see how that can develop.
There is a precursor to this programme, as well, which is focused on, it's called the production lift. This would be a digitization lift. But production lift where industries are learning about new production methodologies and so forth. And we have a very good experience with that. It's been very, very successful. So it's a matter of raising the minimum level of digitization of companies.
I think there's also actually, speaking OECD language here, we need to have some theory to it. Some evidence‑based which is always good. And there is some evidence that having a second engine is actually very useful.
I saw about a year old McKinzie study. They were raising the issue can we increase the growth level globally that is needed to maintain the level we have in the light of demographic challenge? The demographic will have fewer people working so we need to raise the level of growth to maintain what we have today.
And the response was yes. In about half or a third of this will be from new technology and innovation and about two‑thirds or half, depending on if we're talking about developing nations or developed nations, will come from what they call catchup improvements. So the second part of the train set which are many more. Those industries are many more than the ones in the front, than the leaders.
So they're showing that there's some evidence to this theory, as well.
And then, finally, I also believe that if we can interest these regional companies with taking part of new technology and new services, I think they, as well, have the chance to become innovators, at least it's a possibility.
So that's many different challenges. But digitisation of SMEs and raising the lower half, I think that's a big challenge. Thank you.
>> ANNE CARBLANCThank you very much for speaking to this because, in fact, you're right. When they have the availability of the infrastructure, all companies are using, in Europe, at least, the U.S., there's a high level of use. But when you look at what type of use is made of ICTs, you see that especially for SMEs, they are using at the minimum level for email, website presence. You look at the type of more complicated software, planning development, or use of the cloud, you see that they are really lagging behind. And that's a real issue. Because we have evidence saying that startups, young startups, innovative startups are the ones which create the most, the highest level of jobs. And we need to help more SMEs innovate. So thank you for raising that.
Now I would like to turn to civil society and Mark and ask you, Mark, among all the issues, the four themes that Ministers and stakeholders will address to try to maximize the benefits of the digital economy, what would you see as a successful outcome for civil society? Thank you.
>> MARK ROTENBERG: Thank you, Anne, and thank you for the opportunity to participate. Before answering your question, if it's okay, I'd like to say a few words about civil society's participation at the OECD. I also wanted to say hello to my friend Meryem Marzouki who was one of the original organizers and one of our Civil society friends who I see here today.
We've been working with the OECD for over 20 years to promote an active voice for civil society participants. And many of the issues that we worked on in the early days I think are still relevant today and still relevant for the Ministers.
Our focus included strong encryption technology, privacy protection, consumer protection. And those issues, in fact, were all addressed at the Ottawa Ministerial in 1998. So I got into my wayback machine and saw all of that still relevant.
And then, of course, we worked in anticipation of the last Ministerial in Seoul, and at that time created a formal presence for civil society at the OECD through the, wait for it, Civil Society Information Society Advisory Council, what we call loving lie C‑sack, CSISAC. And that's where you'll find all of our information. Now, CSISAC is a very important organisation because it is the basis of civil society participation today at the OECD. Let me tell you what our key areas of interest are. They include freedom of protection, transparency, employment, access to knowledge, Internet Governance, open standards knelt neutrality, balanced policies, pluralistic, dim teal inclusion, I hope I didn't leave anything out. It is a broad agenda. But it does reflect our aim to capture and present the interest and concerns of NGOs around the world. And I think we've done that over the years in a fairly good way. And of course we're look looking forward to participation in Cancun in June next year. We would very much welcome participation of NGOs in that event. We've created a platform for people to sign up and participate.
Now to answer your question. Other stakeholder groups will present concerns such as the business perspective through BIAC. Or the labour perspective through TUAC or another perspective through ITAC. Our focus is likely to be on Human Rights and fundamental freedoms which we see as the core concern of Internet users today particularly after some in the European Union that have established privacy protection and ‑‑ as fundamental rights. So those will be key issues for us to present to the ministers. But all of the issues that I outlined in the goals of the CSISAC will be discussed, as well and presented in Cancun.
>> ANNE CARBLANC: Thank you for that and thank you for explaining how the civil society got organized at the OECD. But if you can think in between, before the end, as to what more precise outcome you would like to see in the ministerial, because we're here to not only take your input but also take your questions and suggestion of the there is still time. We are developing the programme and the declaration.
Now, I would like to turn to Tracey Weisler from the United States to ask her what she thinks are the key challenges and opportunities for the development of the digital economy. And in particular what would be the desirable outcomes with regard to communication, infrastructure and services policy? Not only in Cancun but also beyond. Thank you.
>> TRACIE WEISLER: Thank you, Anne. Thanks for the invitation to join my colleagues here. I see quite a few of them in Paris. It's always good to see them when it's a bit warmer.
So my name is Tracey Weisler from the U.S. Federal Communications Commission. But today I actually wear a different hat, which is as Chair of the CISP, the CISP, at the OECD. And just to give you a two‑minute advertisement, I guess, for the Working Party that I Chair, the CISP is the communications infrastructure services policy Working Group. And we are a group that I like to say is on the move. And I say that because the Working Party has a wonderful mix of expert staff from ministries and regulators. And as anyone who's worked with either cadre of those folks knows, sometimes we don't just agree and sometimes we don't agree at all or never agree. So it's good that our conversations about regulatory issues are charged office, and there is a lot of back and forth with textual changes and revisions. And we've begun recently doing a lot of collaborative work where we come together as virtual drafting groups and we take the text on, pen in hand. So I have to say the Working Group is something I really enjoy Chairing. And I think that more importantly the output has been considerable over the past year and I'll just say a couple things about what we've done.
We had a mobile markets paper which was really a seminal addition to the analysis on how a fourth player in a mobile market affects the end‑to‑end competition for the consumer. And I will say it was picked up by the BBC and The Economist which was actually great. But what happened in the wake of that paper being published were mergers. So actually in Austria, Germany and Ireland, you found they went from four to three operators. So it was a very interesting way to look at the arc of research affecting decisions or not in Europe specifically in this case. And I think the paper still stands today of being a very interesting discussion of how the economics of the mobile market are working and when they're potentially not. So I commend it to you.
Secondly we looked last year of the economics of spectrum. Spectrum is an area that the OECD has not treated in full very much at all and I think we should go back to that. That's something I'll say at the end which is looking ahead past the ministerial, I think spectrum needs to be on the docket, on the list. And the economics of spectrum paper actually looked at various case studies including the FCC's incentive auction which was a two‑sided auction, a pretty complicated endeavor that will actually unfold later this year into the spring.
And finally another excellent paper and highly readable and I would commend it also to you is a paper on municipal broadband networks and how to think about where the markets do not work ideally, how public municipalities, these are anywhere from a small community to a larger city, have gone in to think about how to creatively finance those networks and deploy them.
So just three advertisements for past work. All this to say that CISP is a sound, empirical and often ground‑breaking group of folks that are pushing out analysis that I think can be very helpful in facing today's challenges on the regulatory side.
So what about the Ministerial? Well, we need to look at the regulatory context inside of the whole question of the digital economy. And so at the CISP, we chose to focus on two issues, digital convergence and IoT. It wasn't a very hard choice because I think that among the list of things that we wanted to look at, those issues popped up right to the forefront. And so we're going to frame them in background papers for the ministers' analysis and consideration.
But what I would actually argue that, in fact, digital convergence is not the actual issue inside the OECD circle, that is. The transformation of the PSTN to IP‑based broadband networks anticipated in Seoul in 2008 have actually, in fact, become a reality. And today's broadband platform, I would argue, is the general purpose network that enables deployment of a broad range of traffic types, content devices, applications.
So these new innovative and sometimes disruptive technologies and service offerings present challenges for policymakers, regulators and others.
And it's not so much inside the CISP that we're looking at the policy regulatory goals, those haven't changed. But what we're trying to understand is how this changes things in terms of the entities that might be subject to regulation. And so that's a really key question today.
We also are looking at opportunities for lightening the burden of pushing out legacy regulation on to new actors.
So in this environment, we felt that digital convergence is an important topic because it really makes sense to take an inventory of the change in the market structure and their implications for public policy and regulation.
So, in fact, the paper that will be coming out is called "beyond digital convergence." So it tries to push the frontier of some of these questions. And I think that as it was a collaborative effort with the UK, the U.S., Mexico, Korea, Canada and Italy, some of whom are in the midst of their own. And I would call out the UK on this, their own digital convergence review, I really think the paper is going to be a very top level to really bottom down approach at looking at these issues in a very new light. And some of it fairly controversial. I mean the questions of innovation, investment and the virtual cycle are things that are embedded inside of a lot of different constructs, including the net neutrality debate.
So, policy questions regarding IoT. Well, it's pretty clear. Bob Pepper actually had to leave our group today, he just left the room, but I was using his statistics of by 2019, 10.5 billion devices are operating online.
Certainly challenges and opportunities present themselves. And I think that even yesterday, we had an amazing and very interesting, for me, seminar on the connected and autonomous vehicle possibilities. And this was an OECD seminar put on by Lorrayne Porciuncula, who I hope I'm pronouncing her name correctly. And that's one small corner of the IoT space. And I think the richness of that hour and a half conversation, which we actually had to cut off, was very telling to me as someone who is just starting to look at IoT policy issues, anything from liability came up, the soft sim issues, numbering, the idea of a unique identifier that these cars will provide and what that means for aggregated data that implied a great deal of security issues.
So the IoT work for Cancun builds on the OECD's past work, including two years ago a very M2M paper by Rudolph Vanderberg and it tries to take a look at what would happen in the space in the years ahead.
And I'm just going to give you a snapshot of kinds of suggested policy actions in this paper that are going to be put out for policymakers and stakeholders to consider, just two or three things that might be interesting.
Out of 10, these are three. Assess the legacy policies and practices that were designed for a specific objective; i.e, meeting with some type of market failure but where new technologies have provided the tools to empower consumers.
Secondly, ensuring international frameworks. That's always an interesting idea and aspect to OECD discussions. So an international framework that would enable trust in the IoT. Privacy, reliability, consumer rights, all affect the pervasiveness and longevity of IoT devices.
And, lastly, I think as a regulator, certainly one I would train in on is formulating numbering policies that ensure effective competition in the IoT space. This has to do with the allocation of IMSI numbers used buy sim cards, encouraging innovation by IoT users and also trying to stimulate the rollout of IPv6.
So that's a snapshot on our IoT work. But you asked me about outcomes. So this is the American term where you do a softball landing, which is to say I'm not going to do a home run here on this using the baseball analogy.
I actually don't know what will be the outcome of the ministerial panels on these two fronts. But what I would hope ‑‑ and this is Tracey Weisler speaking, not the FCC‑‑ is I hope there really isn't consensus because I think that should the ministers create a circle of debate and discussion and walk away doubting their own national policies and priorities and applications to date of those, I think that's a successful ministerial.
I also think that it's not the idea of "us" at the OECD, us, the 34, I think it's the idea of enlarging the tent, creating a bigger tent. So that what I really would hope at the end of Cancun is that ministers from South Africa and Indonesia hopefully from LAC, Uruguay, Paraguay and Peru, they that leapfrog some of our old technology thinking and that they leave armed with something they can deploy.
And, finally, I hope it's not too maudlin or sentimental, but I hope the OECD brand is upheld in Cancun in that OECD has been for so many years an excellent arbitrator for empirical analysis and for multistakeholder decisionmaking and best practices discussion. Thank you.
>> ANNE CARBLANC:Thank you very much, Tracey, for this very complete overview of old the supporting work, the work which underpins the discussions that will take place under the theme "building global connectivity." There will be, in fact, a number of practical questions as to whether you need to keep separate regulators, as to whether the numbering for IoT, should it continue to go through telecom operators?
We hope that there will be a few not provocative, but interesting questions to have different points of view during the Ministerial.
Now, I would like to turn to Joe. And, Joe, could you share with us some insights on how the business community sees some of the challenges that are facing governments today? Thank you.
>> JOSEPH ALHADEFF: I think we'll talk about some of the challenges that are facing society today because we don't necessarily just speak about what governments are facing as challenges.
So I mean the theme of the Internet and Mark mentioned going back through time, well actually I was sitting next to Mark through most of that time, and Mike Nelson was in the room through most of that time, and Anne was trying to herd us in a direction through all of that time. So we're members of a club that's very exclusive.
The theme, one of the high themes of the Ministerial is the open Internet. And the OECD has done some significant work in data‑driven innovation.
And when we think about data‑driven innovation, we think about the comments that were previously made about permissionless innovation, which is an important element of that.
Of course we also, then, realise that we work across different policy regulatory environments. And the importance of the rule of law there and the importance of the ability to bridge across those policy environments at the principal level which is what OECD documents do so well because their principles work across the regulatory environment that allows a cohesion of better understanding of policy. And then when we think about creating that regulatory policy or different policies, we think about the policy interoperability, because we will not have a homogeneous set of policies.
So when you think about business and when we think about the Internet and we think about something like the IGF, we actually understand that we are now talking about a milieu that does not actually have temporal or geographic limitation. Networks are global. Many business models are global. Social interactions among people are global. Those things are happening.
Yet we live in a regulatory frameworks that are local, national, regional. And so the ability to do that policy interoperability is very useful.
And then the OECD does these ministerials and they become either the scene setting or the inflection point. And I would argue that Ottawa was the scene setting. Ottawa was where we ended up figuring out what was the appropriate level approach and nature of regulatory approach to the Internet.
Seoul was the inflection point because in Seoul, we came to the idea of "gee, we've learned lessons over the last few years, and how do we look at implementation"? So Seoul was understanding how do we better implement our policies because of these new environments?
And now as we get to even more breadth of information, even more breadth of technologies that can assist, even more concerns about the implications of what those technologies do, we may be at another one of these scene‑setting moments.
So I cannot underscore the importance that Cancun is in terms of its timing. And the Ministerial is going to be dealing with questions that are questions that are not necessarily novel, but near the questions that are redefining what our ecosystem is.
So I wanted to think about the ministerial in a thematic fashion and get to what. So we get to the policy questions that's one of the things the Ministerial is doing. Then Tracey was talking about encouraging the takeup of IoT across sectors. And I'm going use that as a microcosm concept because this is true across the other concepts, as well.
Well as you think about the takeup of IOTs across sectors, one of the things you have to think about is trust. And trust has elements in it. And those elements are essential. Those elements are transparency, those elements are security, those elements are privacy. Those are all elements of trust because a person is putting their data into a system. They may not understand the entire system. So they have to have trust in the system that the system is going to treat the information fairly and that there will be accountability as to how it's used and managed.
After that, the OECD has been working on ‑‑ well one of the ways that you might establish trust is through the adoption of a digital security and privacy risk management framework. And so the OECD has been doing work on these topics because those are some of the management paradigms, of assuring that you can take advantage of the benefits while appropriately addressing the risks and making sure that the residual risk after it's been addressed to the extent it can be is still acceptable in light of the benefit that's being received. So those management frameworks become very important.
So what do you do you start to put all these elements together? Because at the end of the day, ICT should not be an end to itself, it is a means to an end. And what are those ends? Those ends are obviously economic growth. Those ends are obviously societal benefit. Those ends are obviously inclusion. How do you get there? How do you enable those ends? The trust issues. Privacy, security, transparency. Individual empowerment. Governance issues. Accountability issues.
How do you, then, assume all those things happen? Innovation, because we should understand innovation is not just in business models. Innovation also has to be in policymakers. Innovation has to be in regulators. Innovation has to be across the entire ecosystem. Innovation is not limited to a technology or a business model.
Data analytics should make us understand how well our policies are working. All of these elements should be used broadly and across the ecosystem. This is not a ‑‑ we should be learning our lessons and moving them across our applications.
And after that, we may have new ways to provide flexibility and innovation into the workforce. We may be able to enable SMEs and entrepreneurs. Those are all great things. But those are all things that actually sometimes create dislocation. So we need to address the dislocation that creates. It's dislocation sometimes in terms of jobs. It's dislocation sometimes in terms of workplace environments.
Inclusion means dealing with those issues, also.
So I think the ministerial is coming at a time when we have a lot of difficult issues to face. But we also have the potential for unprecedented opportunity. And we shouldn't be afraid to seize the opportunity. We need to seize the opportunity. But we also need to understand how to deal with the underlying factors. Thank you.
>> ANNE CARBLANCThank you very much, Joe.
I would like to ask if anyone in the audience would have suggestions as to what a meaningful outcome of this Ministerial could be? You've heard about ‑‑ we've set the stage for you. Now let's think. It's going to be Ministers from different countries, not only OECD, agreeing to do, to say, to declare a number of important elements and to push for future work.
So I open the floor to the audience. Michael, please.
>> Michael: I thought that was an incredibly useful. I'm Mike Nelson I work for cloud flare which is in San Francisco. I also teach at Georgetown. And in the wayback I worked at the White House and went to the OECD for very good advice on encryption policy. Painful advice.
But I do think that Joe's exactly right. Ottawa was an incredibly important scene‑setting event. And the most important thing that happened there was that ministers woke up and realized there was an Internet economy that they'd better start paying attention to.
But almost as important was just a few sentences that the ministers agreed to that said: Let's not put tariffs on international movement of data and software. At the time, the customs agents were already trying to figure out how to make sure they could charge tariffs on CDs and downloads of software. We could have held things back two or three years if that had gone forward of the but the ministers stood up and said, no. Tariff‑free Internet. They did some useful other things. They pushed forward some OECD projects. But the unique thing about the Ministerial is the ministers can all come together and say at a very high level, "this is our goal."
We have five issues, at least, that are as big and hairy as that issue was. We are setting the scene for this new world of what I call the cloud of all things, everything connected to the cloud, all this big data. And we're not addressing the big changes that have to happen.
One of the problems that I worry about, we're a small business. We're up to 200 people now. Started the year when I joined we were 135. We now have three lawyers. We had one just last month. But we have to have lawyers because everybody is now expecting us to do everything. The IT industry has done such a good job of convincing governments and customers that we can do everything, they now want us to do everything. So they're asking us to stop jihadists, stop online pharmacies, prevent piracy, prevent hate speech. I mean, just all these new obligations are being proposed as things that we should take care of.
We cannot do that and build this New World of great new applications. Certainly we can't do it for free. So if we can do something to address the data localisation issue, because we're being told "oh you can make it all work. You can just keep German data in Germany and Brazilian data in Brazil."
We can't. We can't provide our free service to the world if we have to segregate by country.
We're being told "you're liable for every time that one of your customers does something we don't like." And this is a huge problem. And it's going to hit us. It's going to slow down all sorts of innovation.
And the other thing that I really think we could do is the word that you guys mentioned repeatedly and particularly Joe, transparency, transparency, transparency. The way this works better in this new world works bet certain we have more competition and there's enough transparency for consumers to know what services are being provided. And, yet, we try to have a transparency report and talk about what government, law enforcement agencies have forced us to provide them in terms of information about our customers; and we're restricted in what we can reveal. We can't say that there were seven subpoenas for data. We have to say there were between 0 and 999. That doesn't build trust. And there's a lot of other things we can do in the area of transparency that I think would be the most important thing that the OEC could do. Just a four‑paragraph statement that said the ministers realise that in this New World of the cloud, we're not going to be able to track every application, we're not going to track every bit of data but we can understand what businesses are doing much better. And there are things, concrete actions that could be proposed.
So I hope we have a headline. Right now, the headline will be "ministers meet and applaud creative work that OECD is doing."
We have a chance to do something more than that. We have a chance for the ministers to say "we're going to do things differently going forward. We've set the scene for the cloud. And this is what we're going to do." That's why I'm going to be in Cancun one way or the other.
>> ANNE CARBLANC:We'll invite you. Thank you very much. I appreciate this proposal. And I think it makes sense to try to see what is going to be the most important statement that ministers will make. Mary Anne? I would go to Miriam and then Mark.
>> Thank you. Probably we are on the same language there, Mark. I'm Miriam Mars you canny as mark said, CSISAC, speaking in my personal capacity as a CSISAC member. I would like to follow up what Mike said from a different perspective. I think what I would expect and what I'm sure many civil society organizations expect from such an exercise as the Ministerial Declaration is the recognition that the only way to be able to conduct business and at the same time to be sure that trust of the citizen and the consumer is here is to have a common framework for personal data protection. I think this would be a main achievement if we see some provision regarding this issue in the Declaration.
And the second issue that I would like to see really addressed is the issue of intermediary liability. And from the perspective that there are different kinds of intermediaries, and we have to identify these different categories of intermediaries and what kind of responsibility or liability comes with each kind.
We have the very first category, the access provider. This is pretty much regulated in Europe and somehow in the U.S. Not that they agree with the European core regulation or self‑regulation. But this is regulated.
The second category is obviously the social platform, social network, et cetera, all the Web 2.0 platforms.
And now the third category, which is completely fuzzy. I mean, the environment in which it operates is completely fuzzy is the so‑called "sharing economy" companies, the economy I would say. And we really need to clarify this. I know that the European Union is starting thinking about some kind of clarification. But obviously this is something to be done at the more global level. And OECD is obviously the perfect setting to think about that, at least.
>> ANNE CARBLANC:Many thanks, Miriam, for this suggestion. Mark?
>> Mark: Just to follow Miriam. I agree, by the way, I think the ministerial could be a strong framework to promote transporter based on the OECD guidelines. I will take this opportunity to say it is a bit of a paradox but it is important to understand in our view privacy protection is a necessary pre‑condition that enables the free flow of information. In other words, we don't see this as a balance or a tradeoff. And I think this is also a view that's widely shared, everyone from Mr. Snowden to Tim Cook at Apple, who argue for strong encryption are essentially saying that if you're going to have a trusted network for communication, you have to ensure privacy. So in arguing for privacy, we're not arguing against free expression. We actually believe that we're promoting free expression.
And the second point I wanted to make, noting that our labour colleague is not here today, one of the issues that I know is of growing interest not only to the labour groups but also to the civil society is the so‑called Uber economy. And trying to understand the growing significance of individualising workers in the workforce based on a great deal of collection of data, great deal of surveillance. We think that needs to be examined more closely by the ministers.
>> ANNE CARBLANC:Thank you. Thank you, Mark, for that. Joe?
>> JOSEPH ALHADEFF: When Mark was talking about not balancing, we've been saying for a long time the word should be optimization as opposed to balance because the answer is this is the new math. 1‑plus‑1 = 3. The whole is greater than the sum of its parts.
We also think privacy is an enabler of data flows when done correctly. The concern ends up happening that privacy is also sometimes used as a security, as an excuse for what is indigenous innovation or other national protectionism elements that have to be addressed.
Finally, at the DPA level and at the UN level there have been attempts for 20 years to figure out how did that get a privacy convention? And that hasn't come to pass.
I think I agree with Mark that at the framework level, in some ways the OECD guidelines have already been playing that, too large extent. Because if you look at the principles across the world, they are, in many ways, shared. The Council of Europe principles, the OECD principles, the principles that underline the directive, the principles that underline APEC, the fair information practice principles in the United States are all very closely related.
So the framework has a bedrock that is common. And then they diverge at the application and implementation level in the details. And as they have said in the past, the devil is in the details.
But one of the things that we have in APEC which the OECD has participated this is a very interesting project on interoperability and the way that project works is it says: Let us take a look at an instrument in the EU and an instrument in APEC. One of them is called the cross boundary privacy rule and a boundary. And they do a mapping between the two. What they discovered is there's about a 70 percent overlap. They are now looking at the requirements because what they looked at is of the substance and now the overlap of the requirement have.
But you don't get to have mutual recognition just because you have a 10 percent overlap. What you get is an amount of what you've done. It's administrative simplification. So that you can be in compliance but do something one time and have it used in other places so that your 70 percent in a CBPR, you're 100 percent in a CBPR would count 70 percent towards your BCR and these kind of implications help us get to a global interoperability at the policy level. While that is not the nirvana Miriam was asking for it is a step in that direction which is useful.
>> ANNE CARBLANC:Thank you, Joe. Do we have any further questions either online?
>> JOSIE BROCA: Sorry, yes, we do have a question from Japan. So the question is related to privacy and security, as well. "Governments have adopted national cyber security strategies. And this is good because security is very important for all of us. But privacy is also important. And countries do not have privacy strategies. Some of them have privacy laws, and this is good. But is it sufficient? Don't you think the privacy challenges of today require to think more strategically and holistically about privacy protection rather than only from a legal angle? What do you think about this?"
>> ANNE CARBLANCMark?
>> MARK ROTENBERG: I've always been a big fan of the OECD privacy guidelines which were adopted in 1980. Now to many Europeans, that sounds odd because the framework has no regulatory authority and there's obviously been a lot of development in privacy law since 1980.
But the remarkable insight that the OECD had at that moment in time was: How do we promote transborder data flows in a global economy? Which is a really interesting issue to confront before the Internet took hold. And I think the OECD's solution was remarkably prescient and continues to provide guidance as similar issues arise.
Now to the question that arose which is a good question. The weakness of the OECD framework has always been the lack of implementation and enforcement. So what we've always said to the member countries of the OECD is: What are you doing to give meaning to these very good principles? And I think that effort, as the questioner suggests, needs to be conducted at the same level of urgency as has the effort on cyber security because with cyber security, governments are piling over one another to try to come up with a more aggressive proposal. If China's doing this, we'll do that. And if they're do that, we'll do twice of those. We don't need to go twice as far in cyber security. We do need to go further in privacy.
>> ANNE CARBLANC:Thank you very much. Any other reaction on this? Please. Can you introduce yourself.
>> Just two questions. My name is Jim Sonoluffia (?) ICC basis. Very impressive panel. A lot of information. I'm happy to hear that you're open to invited our ministers apart part from the OECD ministers. Africa, of course, has, you know, you can say weak network security and the demand from government on business is the same as yours. So I think it would be good to extend invitation to African ministers, at least key economies. Do you plan to do this?
And then, two, I also had the ‑‑ if the issue that there was time and agreement with me there be no tariff on the Internet transactions. But unfortunately I've been seeing some VAT from some countries in Europe. I don't know, can you provide some clarification on that?
>> MARK ROTENBERG: It was tariffs on.
>> MIKE: If I can be clear. It was tariffs so we wouldn't see customs duty. That's different than a VAT. So as you said, that's a point of sale tax. This was about customs.
Imagine if you had to wait three or four days before you had you could download a $1 app.
>> ANNE CARBLANCSo thank you very much for the questions. Yes, we are thinking about inviting either associations for Africa that are dealing with, you know, the infrastructure or the digital economy or some countries. It's not yet finalised. You have the response to the other question. I see there's one minute left. Anyone wants to ‑‑ Nicolas very quickly?
>> NICOLAS SEIDLER: One thing that would be very useful for the declaration to emphasize is the value of multistakeholder cooperation. I think the OECD has been a space where it has been valuable for both governments, civil society, the community and businesses to interact and to shape soft policy. So I think that it's only natural here we are the IGF, and I think the OECD can make an important statement on that.
>> ANNE CARBLANC:Okay. Thank you. Mike?
>> Mike: I wanted to challenge to give. I teach in Georgetown. It's all about those few words. And this is going to be in end about a headline. So what's the headline you want to see in the Wall Street Journal? And it can't be OECD ministers endorse multistakeholder model.
>> ANNE CARBLANC: You did my job. Please. Well, Mike, start.
>> Multistakeholder cooperation.
>> Mike: That doesn't fit in. So my word is ministers meet to open the door for borderless cloud.
>> ANNE CARBLANC:Mark?
>> MARK ROTENBERG: Hurricane avoids Cancun.
[Laughter]
>> ANNE CARBLANC:Thank you very much for being here and for asking questions. We hope that we gave you information. You've seen on this slide that at the end you can have further information. You can also contact us if you have more questions. Thank you very much again. Bye‑bye.
[End of session.]
[Applause.]