FINISHED COPY
NINTH ANNUAL MEETING OF THE
INTERNET GOVERNANCE FORUM 2014
ISTANBUL, TURKEY
"CONNECTING CONTINENTS FOR ENHANCED
MULTI-STAKEHOLDER INTERNET GOVERNANCE"
04 SEPTEMBER 2014
11:00
DYNAMIC COALITION ON THE INTERNET OF THINGS
***
This is the output of the real-time captioning taken during the IGF 2014 Istanbul, Turkey, meetings. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.
***
>> AVRI DORIA: Good morning. It is still morning. And it's time to start in fact it's already a couple minutes past starting. So what this is is the Dynamic Coalition on the Internet of things. The schedule today is fairly full and so I wanted to get started much let me give you a recap of the agenda since it has changed a little since it was last put out. In the first place we will be having a discussion of what is being called the mind and treasures much over the last year the Dynamic Coalition has met at least once, there's been a lot of online discussions, a paper was developed that is available online. And today we have a bunch of really quite distinguished speakers to basically speak about various aspects of things that had been referred to in that paper and perhaps some other issues that were important.
And because this is a Dynamic Coalition, as opposed to a workshop, we'll then basically talk a little bit about the action plan for next year because as a Dynamic Coalition we don't just meet once a year, but basically we try to work through the year producing something like the paper that was produced this year at various other conferences so we want to talk about the action plan. So be thinking yourselves if there are things that you think we should be doing or meetings that we think should be brought into all this or other groups that should be brought into all of this effort so please let us know. That will be at the end. We will also be picking a new chair.
Maarten has indicated a willingness. I've been doing it for two years. It's time we get someone more active and more, you know, energized. I'm not very energized in this case. You can tell my low level of energy at the moment. Without boring you further ‑‑ and that's basically our agenda. Is the Dynamic Coalition, does anyone think the agenda should change? Fantastic. In which case I would like to turn the floor over to Maarten who will give a talk on the paper that's been produced and introduce this session and I'll basically be introducing our speakers as I call them to speak as opposed ‑‑ and Maarten if you want to give a little bit about yourself other than that your charitable have PIR, please do. Thank you.
>> MARRTEN BOTTERMAN: Thank you, very much, Avri. Thank you for inspiration of leadership, to help continue making this happen the Dynamic Coalition is really to move from A to B, not to just talk with each other when we are in yet another IGF. Talking about the subject during the European IGF in Berlin it became very clear there are so many aspects that are relevant because of the things on the Internet. It's not a different Internet. It's not one network like the Internet; it's the network of networks. Yet new things become possible and need to become possible.
So the Internet of things is focusing on some of the specific government issues that we are to face. And in that we recognize there's a lot of treasures to be discovered to be uncovered, to be accessed by making better use of the potential that all the concepts behind the Internet of things bring. At the same time we are aware it's a mine field, potential mine field in several aspects so hence the title pressures and ‑‑ mapping the treasures and mines for Internet of things.
Second reason to just make a map rather than tell you how to deal with it is because it's a global thing here. And in different parts of the globe, different stakeholders you may want to do different things with it, yes it's important for all to recognize all those position treasures and mines would be. So what we distinguished is a couple of subjects you heard come back earlier and also this morning at the 9:00 workshop on this hosted. But first there's privacy. A conscious dealing with data collection and access. It's security. It's where data access is important but also of course tampering of data that are part of this new network of things. It's so important and often forgotten, on the business agenda sometimes on the political agenda it becomes salient, and its ethics. And for ethics an Internet of things to be ethical it requires that people know what it's about. It requires informed people and requires listening to people. This is also business issue on the long‑term.
Also in Berlin Eric Smith from Google was there and he was talking about the right to be forgotten, something that costs a lot of effort at Google. We of got a Google representative here so I won't spend too much on it but basically he embraced in the end the concept that was pushed upon him by the court because he recognizes very much that the right to be forgotten is something people want. And another aspect which is more technical, maybe not obvious but it’s spectrum. Today spectrum is not a problem for Internet of things and maybe tomorrow not either. But at some point if the enormous‑on do we need to be conscious already today of how we develop these networks to avoid. And these are more or less the government issues identified.
Standardization identifiers important subjects are not that much on the Internet Governance level. These are happening. So having said that, obviously the aspect there is to look in what you want to avoid but rather than these things happen in new ways, develop in new ways. So the panel of people here that you don't call a panel but committed contributors are those people who have been thinking about these subjects and invitation is really to come from their perspective what they think is key in moving forward with that agenda and make sure we can reap the benefits and ending up that ends by doing this on a global level. Avri?
>> AVRI DORIA: Thank you. So our first speaker is of committed contributors and I sit corrected, thank you. I'll even actually stand corrected, is Dr. Hosein Badran, director of special projects at QCRI. I'm asking folks to limit to five minutes. I'll hold up four fingers when it's close to five minutes. Dr. Hosein Badran.
>> HOSEIN BADRAN: Good morning. It's a pleasure to be here. I'm humbled to be on this panel. I'm trying to bring the point of view of emerging economies to the usage of IoT and machine to machine communication. I'm based in the Middle East, from Egypt, lived in Dubai. So in emerging economies, emerging markets, IoT and machine to machine communication has a real potential not only to improve the life of citizens but actually to be a vehicle to move very serious economic challenges, having to do with food production and distribution, having to do with irrigation, having to do with usage of oil. Perhaps some of us wouldn't know in some countries government is oh obliged to subsidize gas consumption by vehicles by cars to its citizens.
Some countries pay in port liter of gas by $1 and sell it to citizens 1/10 of the price, the rest is government subsidy. Tens of billions of dollars are spent every year in increasing fashion year over year to subsidize oil consumption, food imports and similar activities. We can optimize the usage and distribution of goods such as gas and we have seen through some experiments about 60% of this subsidy can be availed through use of technology. So we can utilize machine to machine, smart cars, to improve the economic situation desperately needed in major economies. One other example is the water consumption and irrigation.
Some countries again, using Egypt as an example, the Nile is a source of water and now the Nile is threatened by new dams being built down the stream in Africa. So using irrigation in a very smart and efficient way is very important to lively hood of citizens of millions of inhabitants of Egypt and Sudan and the represent of the continent. If we talk about mines, we have some examples of utilizing IoT, for example, here this is an example where a company is collecting traffic data from cars and vehicles. This data really has no legal framework of collection and distribution so the issue of private, usage of data is an issue that is not on the agenda yet unfortunately but requires a legal framework to put in place to utilize the usage of some data. There are needs for filling the vacuum and building applications consumers use and getting to know and feel the benefit of using.
So they get framework as an important aspect. A treasure that I can mention is the area of innovation. Innovation is very significant apparently to applications on smart firms. Applications on IoT and machine to machine communications is an area that does not need huge necessarily a huge company to build such applications so this opportunity for emerging economies, emerging companies to utilize this sector of machine the machine communication to develop applications that target again the real need of these economies with a small capital for investment but have opportunity to innovate and utilize opportunities and research opportunities in these economies. Thank you.
>> AVRI DORIA: Thank you. Do we have Dan Caprio on the remote to speak? He was one of our remote participants that was going to speak and I want to check if he's there. No, he's not. In which case, Vint is next in the alphabetical order. Please, Vint.
>> VINT CERF: Thank you, very much. Let me start out by suggesting that the policy side of this has to reflect on what property we want this Internet of things to exhibit so the policy question is what kinds of common properties should we want in this machine to machine environment. I'm just going to mention some really hard problems which in my view have not been solved and which have to be solved to make in a safe and useful kind of innovation. One is trying to configure large numbers of devices, both fixed and model.
Here's what I'm worried about. You bring something home and it needs to be configured as part of your home system and you put it into configuration mode and the next think you know you accidently start controlling your neighbor's equipment. We have to have strong access control mechanisms to confine the controls of these machine devices. Second thing is that we need some standards and I think IP version six is going to play a big role but the standards create the kind of opportunity you were mentioning. Once you create standards then third parties can offer to manage your devices for you. A third‑party can intervene to manage and monitor those systems on your behalf which creates new jobs and new businesses.
There is an example of an organisation that if you don't know might be of interest, it's called the IPSO for Internet protocol smart objects. And it's having meetings over the course of the year to bring people together who are interested in knowledge devices that have this property that they can communicate with each other and can be involved and monitored. Google has acquired a company called nest which makes devices like this with heating and ventilation and air conditioning. As time goes on it will be impossible to buy a stupid processor.
Sometimes you think of this Internet of things is simple little devices with not very much horsepower. Your refrigerator is going to have the ability toy to run a full up Linux operating system. It may not use that power to do very much but what if somebody infects the refrigerator with a virus and uses all the power of the process are to do some harmful thing, I'm worried about the head line that says bank of an America attacked by a hundred million refrigerators around the world. Of course that's intended to be funny; it's actually a serious potential hazard. You mentioned a little bit about available spectrum.
And I'm going to argue that ‑‑ last point ‑‑ that we have not used the existing spectrum very well. In fact with the arrival of more processing power and multiple radios, we should be able to co habit in the frequency spectrums already available far more efficiently than we have before. As we move up into the higher frequencies, 85 gigahertz or so, you can build antennas that will use the spectrum more efficiently. So we just barely have begun to design and build systems to take advantage of processing power to use our available resources more effectively.
>> AVRI DORIA: Thank you, the next speaker is Norell Clark (phonetic) who is director of operations and deputy CEO of Australian communications consumer action network. Police.
>> NORELL CLARK: Thanks. I've spent a bit of time on the ISOC board but I'm not speaking in that capacity today. I want to put it in more of the consumer perspective here and I heard it from my colleagues and I will agree with Vint that spectrum is a scarce resource and inefficiently used resource. We certainly have not used it efficiently in time.
Certainly I can see a world where there is the position for all of my devices to offer up a bit of spectrum to share and mediate the passage of data from here to there but at this stage I don't think we are at any level near that networking that I can see in the future where a consumer would have control over what Bandwidth they see and what services they offer up and what they receive. But we are a long way off from that. What I want to do is try and come back to what I see as very important and that is the eight consumer rights, the basic rights. And these of not really worked into this technology at this stage. I think that is mainly because it is such an evolving area.
A number of us who have been happily connected to the Internet for a good 20 years now have seen this sort of thing come but it is only being recently that we have had these sorts of devices like smart TV's and personal gadgets, people are happy to adopt this stuff and are embracing it with the gusto we really haven't seen up until now. So the first consumer right is the right to satisfaction of basic needs. I can see pros and cons coming from the Internet of things. Clothing, shelter, health care, it can play a large part in delivering those things to us.
They can also allow or prevent us from getting access to these sorts of things. So next one is the right to redress. And that is where consumers receive fair settlement of just claims including compensation from misrepresentation, shoddy goods or other services. There are an awful lot of shoddy goods out there and we are not as consumers get appropriate recompense or redress for these shoddy devices. The area where it's the most shoddy is security and I don't think I'll get any complaints or disagreements there. We are not able to appropriately apply levels of security and I don't think we are getting the level ever redress when our security is breached and privacy is lost. The right to consumer education. Well, I think that one is missing also. That's not being met at all in the area of the Internet of things. The level of consumer information that is provided with the smart TV's is very, very low.
In devices like wearable computers, the level of consumer information there is really not sufficient to my mind either. The right to a healthy environment, well that is one in which I think we can see a great deal of promise coming from the Internet of things. If you excuse me ‑‑ the right to safety. Well, if I get back to shoddy goods, the area of the right to safety with these sorts of devices is arguable in some ways and less arguable in others. Given if we to think about devices where very little computing capacity and very little feature capacity, there's the possibility that they will act inappropriately with electricity sources, electrical sources. And therefore cause short-outs, brown-outs, et cetera. So that's an area I think that could be informed. I think I've also mentioned the right to be informed.
The right to choose. Well, at the moment I think there is an improvement in the level of choice that is available but with it being such an evolving area, there is very little which we can compare one item with another. So it is difficult there to say that we are yet at a stable point where we can make a fair assessment. And the right to be heard, the right for consumers to voice complaints and concerns about products. Well, if we are in an area where there is very little in the way of standards, then how is there a place to complain? How can there be a place to complain? Who do I talk to when it breaks? There's my original supplier, yes, but some most cases we have got a point where it's a disposable environment. We are living in this ever increasing pile of garbage. So I think I'll leave at that point and before I get the single finger from Avri.
>> AVRI DORIA: I wouldn't do that. Okay. Thank you very much. So the next speaker I have is Hiroshi Esaki. Please, the floor is yours.
>> HIROSHI ESAKI: (Off mic.) ‑‑ thank you. I mean, important thing you already cover was security, though ID is also very important. Because working around IP addresses an ICT Internet infrastructure, when we are talking about IoT we have another very different stakeholder, say sensors, people, they don't like TC IP basically though we have to connect them so you have to have unique ID to work with them for the shared infrastructure. That is one of the point I think very important thing. I'm also belonging to the wide project that is the old project working around regarding IoT. We started work around 2,000, I think. My colleagues first connected every single (?) then what we can do? I started working around 2,000 around smart building business then a lot of unlikely people working around lights; they don't use TV IP at the time so they are coming to us.
Then that is the ‑‑ I'm trying to make an ecosystem that is basically designed of the Internet architecture. That I learned from Vint when you came to Japan. The essential design of the Internet is one shared set for multiple purposes. And doesn't expect any use of how to use the infrastructure. So that is important thing, how we accommodate if we allow unexpected use of the system or data that is one of the challenges we have to think about in the case of the IoT.
Also, I'm already thinking about ecosystem regarding the smart building system. I started work from the business point of view energy saving that that is not a good business, the business continuation plan. The other one is improvement of productive efficiency. That is a direct inference of the business budget. The last one is a new business. In order to introduce new business we have to make a consensus the different use of the infrastructure from the original design and implementation. For example, I'm working around just simply because of the energy saving, after LED lights able to work as access point for communication, already 100 meg is available. Yet another interesting use is the LED is a very accurate location detector.
The lights can be kind of crazy GPS satellite. 10 or 20 centimeter accuracy of the positioning we can have, which means originally LED was energy saving. Once we connect them a lot of the applications we can introduce. In the case of my building I tried to introduce different devices, 30% cut in total, 40% cut we made with two year term of the investment. That is important. We have to show them the economy as well as opportunity what we can do using the practical test of the practical system. We designed this as a base of the data centric net data.
Data is a shared data depository. End the data to the data depository then any single user application be able to access the data depository. That is a design of the building my smart campuses. That is I try to avoid in the fragmentation of the networks. When I talk with the building industry, that is a very fragmented isolated network because of the isolated no security data they think about. That's a story. So I always say to them welcome to the shared infrastructure. Then we are going to make a new application, new ecosystem. Thank you.
>> AVRI DORIA: Thank you, very much. And my next speaker is Ram Mohan. Please, Ram.
>> RAM MOHAN: Thank you for this opportunity. Clearly we understand the promise of the Internet of things, greater operational efficiencies, and of course totally new business models. But I wanted to focus my comments on some of the implications of the physical world that becomes an immense 24 by seven channel for data. Clearly at the Internet of things connectivity is a big part of it and anything that can be connected can be exploited. And so I think we are looking at a new security landscape that is going to emerge.
Vint talked about configurability of devices, I think that's an important thing. There's another consideration, how do you update software on devices that have been installed by the billions? What do you do about embedded systems? You have processes that have software embedded in them; it's not just the application oriented pieces. But when those pieces of software, embedded systems have vulnerabilities what is a solution? A whole sale completely throwing it all away doesn't really appear to be a feasible idea.
Third thing that I wanted to talk to mention is interoperability. We are in a fragmented and specialized environment when you look at the Internet of things. Now you hear a call for a standardization that will potentially down the road get to us come in API that allow these objects to talk to each other. I pose to you that doing that now creates a new set of vectors for coordinated attacks. And that again changes the way you look at security, the way you look at managing these devices.
One of the things, let say you do have this world where these interconnected devices and objects and you have standardization and you have some thoughts of addressing a tacks, massive attacks that get launched, the current mitigation model it is for attacks those models are desperately into need of update. Today if you look at massive attacks, a very common approach is to shut down the source of the attacks. In the Internet of things that could easily result in your home alarm system being rendered inoperable or your thermostat disconnected from the entire home. Or your insulin pump for that matter, right. So I think the mitigation model for attacks has to be rethought and significantly changed.
At the enterprise level when you're an organisational enterprise that is focusing on the Internet of things and thinking about what to do with it, I think most enterprises today are focused on the data element. They are dealing with volume, velocity and structure of the data that is coming in. In other words, tremendously high volume, but it's reasonably steady volume, it's not often big peaks but it pretty steady volume of data coming in but the velocity is increasing over time. The structure of the data is not very good right now. It's quite unstructured data. I think most enterprises and the managers of enterprises are thinking about simply the first general railings of thinking what to do with that data but there are three things, data storage, data analysis and data protection.
All three of them were significant effort and thought because data comes in in an unstructured manner has to be stored and analyzed but it feels to me with billions of devices with lots of data come in the concept of centralized data storage is going away where you have to think about distributed data storage. Then you have to think about data governance. All you do what remote storage Bandwidth as well as a capacity to store all data. 2020 estimates there are going to be 26 billion units that will be connected. We have many things to think about on how to actually make all of this interoperate and be secure.
>> AVRI DORIA: Thank you. Next there's Rolf Weber, please. Thank you.
>> ROLF WEBER: Thank you, very much. I'm pleased to add a few words to distinguished comments of my fellow panelists. Let me start of the many things that have already been addressed the general remark that new technologies and new business models also calls for new legal rules and regulation. And just to go back to the history of the Internet, the famous declaration of independence issued by John Perry bar low in 1996 saying that we don't need legal norms for cyberspace as turn out to be a complete illusion. Now I'm not saying that law is the most important discipline.
Law did not cause development or invent new business models but laws should be considered as a serving discipline and eventually law can prevent that technology and new business models going into a wrong direction. And on this premises I would like to look a little bit back to the last 3 or 4 years and alert at least those who are not familiar with that to the fact that the European commission has established an expert group some 3 or 4 years ago. The experts were asked to study different elements and different problems in relation to the Internet of things.
That time there was quite a strong rejection of these efforts expressed by the officials of the United States and after two years of work the expert group has produced a certain report but the commission decided not follow-up and somehow surprisingly enough all of a sudden now the department of (?) Of the United States is starting to take into the related problems. So this also shows that maybe the commission was slightly on the wrong track because the commission put much emphasis on governance, questions on the Internet of things which doesn't seem the appropriate way to go forward. However, basic problems of to be tackled and most of these basic problems have already been addressed by my fellow panelists much I think foremost we will be confronted with many new challenges in the field of data protection and the field of security. Somehow data exchange between machines does not mean that we do not have personal data.
Second, obviously if you look at data protection we have the problem that we do not have a harmonized set of data protection rules and this would probably require business to do own efforts in order to see to it in particular data transfer doesn't cause further problems. Then you have security, this has been addressed. We have Human Rights involved, corporate and social responsibility. I'm not going into the aspect of consumer rights because this has already been nicely addressed. We have interoperability, we have the question of standardization, standardization makes sense but if we have only one global standard you might be confronted the antitrust problems. So there's a lot of doing legal fields and I can only invite community not to forget about the serving discipline.
>> AVRI DORIA: Thank you. Okay. Next I have Kuo Wei Wu who is national information infrastructure enterprise promotion association, the CEO and is also a member of the ICANN board of directors, please the floor is yours.
>> KOU WEI WU: Thank you. I think it's my advantage because I think everybody already layout all the scenarios so I try to bring a little bit difference to what is previous speaker is saying. As you know I actually from Taiwan and Taiwan is a very important OEM site for any kind of ICT device from the PC, not beak, up to even the chips. From my experience from Taiwan and also Asia, the people begin to talk about IoT from almost 1996‑97, until now. And from the very beginning I think one of the very hard issues is talking about many different kind of technology. I like to particularly point out one thing for all of you is remember because most of the manufacturing is in Taiwan. And the design is outside of Taiwan.
And to be honest, in my experience for example at this point, Wi-Fi, almost 89% of the SS device is manufactured by Taiwanese company. And the problem is the interface between the designer and the manufacturer, to be honest, sometimes is missing. So, for example, the Cisco design or Google design and you send it out to the manufacturing it goes to the very tedious stuff, you have to describe clear enough or the manufacturing engineer were based on what he understand to implement it for you. And there is always, always be forget. If I remember back to year 2,000, John Cranson (phonetic) told me one thing, is it possible Wi-Fi device designed to go to Taiwan to talk to the manufacturing engineer. Because you remember the Wi-Fi in the big conference was actually conflict. And it can be resolved by manufacturing. And this will always be forgotten.
So I think this is one thing when we are talking about the IoT, we are not only talking about the policy label Internet Governance label, design label, don't forget the manufacturing label you must have a very good communications. The second thing regarding Internet Governance particularly in IoT is another issue particularly for I think many people know that runs particular to systems. And a lot of people don't know who run that. Who run the server for (?)? And is that a policy oversight? Or anybody look at that issue? And well I think you know who ‑‑ you know. And what we are going to govern in this part?
So finally, I think I’d like to say IoT, since there is a smart devices getting close to the personal data, even the medical, health, data, whatever, I think is very important to lay out all the difference between this data is mine, anybody cannot touch, or the device provider and then go out of the Internet. So it's a three different circle we need to clear cut which part is mine, without me even the provider cannot touch that. And that has to be defined well. Thank you.
>> AVRI DORIA: Thank you. I wanted to check before I move to participants in the room whether ‑‑ no, there is no ‑‑ can. Thank you. I've learnt a lot just listening to the scope of what went on in the range. We have got about 20 minutes now where I would like to get whether it questions or contributions and I'll come with the microphone and I'll try to do it. Is there more than one microphone?
>> Would you allow a little bit of interaction among the panelists from the consequences of what we have heard from others?
>> Just the early speaking panelists. I want to get in the cue.
>> AVRI DORIA: I got you. I saw a couple hand, I saw 1, 2, 3, 4, 5, 6 hand. I saw seven hands. Wow. Okay. But your hand ‑‑ eight hands. Okay. And thank you, please keep short. You know there's a lot of people.
>> AUDIENCE: Rudolf van der Berg. I'm happy to hear the consumer issues discussed, we have a consumer policy commission and they're going to write a thing on consumer policy in the Internet of things for upcoming digital economy outlook which will have a whole chapter on the Internet of things. Second of all, one element that I missed that is being mentioned is the trade issues involved because we now have such a fragmented market at several countries on the producing side and while Taiwan is not a member so we don't talk to them that much but there are other members who manufacturer a lot of stuff, they are very worried that they will be making equipment that they cannot actually sell globally because there are no global uniform harmonized standards or at least the idea of a kind of harmonized system that you can work from. And that is something I think we will see a lot of work on in the coming years to get a kind of harmonized framework that at least works across the 34 ECD countries and across the world.
>> AVRI DORIA: You kept it below five minutes, I ask every to do that.
>> AUDIENCE: I'm a lawyer and the question is about the role of the Domain Name System. Do you see the IoT that we -- obviously machine to machine communication doesn't need a dot com human readable system in the middle or are we going to see something else like the EPC for RFID chips? And we are starting to talk about a thing naming system. The consequences of that if we are going to keep the main names in the mix they don't need to be human readable, they can be strings of letters or numbers but it leads to the policy question of which registry are they going to come from, are you going to have to pay ICANN for the millions of names to be used. So what is the role of domain names inside an IAT?
>> So my first reaction is you may need identifiers for these devices just to manage them, register them and move them from one authority to another and domain names are a perfectly reasonable way to do that. They don't have to be memorable in the same sense that we think of domain names you're trying to recall if these devices are either mobile or portable. The binding of the identifier to the IP address maybe more dynamic to the sorts of things that have fixed location and that may be a challenge.
>> The other importance, the uniqueness, the global space. I mean every single IoT system using local management. So we to have ask them, we to have teach them that we have to use global unique ID.
>> Basically right now the problem is that for example is not many people recognize that and how to layout.
>> AVRI DORIA: Sorry, I can't get this other one to work. You were the third hand I saw.
>> AUDIENCE: Thank you, very much. I'm from department of telecommunications department of India. Basically there's a lot of work and implement policy formulation so we are going to form some policies on these things but basically this is a workshop we are on this collaborative approach, unless this collaborative approach for M to M manufacturing and M to M proliferation, my question to the panel is how we are going to sort out issues on supportive devices of M to M import from one place to the other one and how do you choose? Number two, it should be unique. What we are going to do in the M to M devices in the mini schemes. Things are going on. I'm having the device from other country so how the sim will be related? And India is going to have more than 1,500 billion such type of issues. These are scaled up. So how we are going to have collaborative approach among the bodies? Thank you.
>> AVRI DORIA: Would you like to give a quick answer?
>> This is Ram. I don't think the answer is solely the governmental bodies. I think the first order of work to be done here is to think about interoperability and the stopped dads for interoperability. Until those exist, adding regulation isn't going to do much. Once device actually understand how to talk to each other and then I think you can start the think about the policy frameworks and what the regulatory frameworks might be.
>> (Off mic.)
>> I'm not even speaking through the microphone. Sorry.
>> (Off mic.)
>> You pointed out the standard the very vital issues and those things we are taking care of. So the only issue is of course these things are going on simultaneously, but at the same time the collaborative approach ‑‑ like we did in the case of the (?) I think we need to have the governance forum in the future. Governance forum so all the things can take place. Thank you.
>> AVRI DORIA: Thank you. And the next ‑‑ please.
>> A brief response to that. I think you do need to get back to your own consumer law. While certainly for some classes of device there are strong rules in place but until we get to a more mature set of systems where we can classify groups of devices and perhaps have clear arrangements in place for both those devices and the higher order services for them you have to rely on your own basic consumer law and I would really reinforce you that you need to have that and it needs to be strong and effective within your country.
>> AVRI DORIA: Thank you. Moving on?
>> Alexander Climberg (phonetic), Harvard. I'm a security guy so I worry about a lot of things. I think I should be more worried about global unique identifiers especially when they're fixed. Within the present context have IPV six. My question is even though it's a partial contribution to IP V six address, are you suitably reassured that anonymity is given even though the fact we know it's possible to de‑randomize numbers easily these days.
>> AVRI DORIA: Anyone want to take that one? We can move on and you can come back to it later. Okay. I was trying to do that before but then you guys wanted to jump in quickly so I changed my mode. But I'm willing to go back to letting them talk. Please pass the microphone ‑‑ no. Okay. You've got it. Talk.
>> Thank you. I would like to learn about the importance of IP version six protocol for the Internet of things. Thank you.
>> AVRI DORIA: Thank you. Let get one more question in. I've got a hand right there.
>> Robert Pepper, San Francisco. So on the standards questions, one of the issues we see are all these various verticals. You have smart manufacturing, smart grid, supply chain. They're all working separately, all migrating to IP with V six but inoperability is not there yet. So this is one of the standard questions in bringing them together.
Earlier in a situation I suggested at the latest ITF meeting there were people from all these various sectors there, it's not just an ICT industry issue. B, there's going to be a wide diversity of devices with a wide diversity of requirements, all kind of devices that will have no compute power or user interface and those devices are going to be the ones that are going to be in the billions faster in terms of the machine the machine deployment whether it's in smart cars, transportation, embedded for environmental sensing, it's going to be automated irrigation and fields, et cetera. And the question is the spectrum requirements for diversity of devices with diversity of requirements as well as the interoperability across all of the various verticals.
>> AVRI DORIA: Thank you. If we want to get a couple of people to answer that, in the meantime could you bring the microphone down to the area because I've had a couple of hands going up a lot lately. So please who would like ‑‑ Hiroshi, please.
>> HIROSHI ESAKI: With my understanding, why the Internet success or fall was we defined the gateway allowing the sub system doesn't care about which protocol can apply. Then the system from the gateway using the same protocol, same address. Then eventually the local network going to use TCPIP. So once we share the data, the different industry segment first, then we may allow to use proprietary system at the beginning.
>> AVRI DORIA: Thank you. It's wonderful to hear that I started my career writing gateways at Proteon. Anyway. Anyone else wanted to answer that one?
>> I wanted to respond to a couple of things on the security question about de‑randomization. I think it's a valid issue. If you're looking for guarantees, this is security, there's no such thing. But I would like to also bring up another thing. We are talking about ephemeral device binding to addresses, things that bind and then unbind and move on. With that we are going the see I think changes in how the protocols actually work and interconnect with each other and there's work to be done there.
>> Thank you. Yes?
>> I also wanted to get to that question a bit. At this point in time in the rollout of IP V six there really isn't a strong standardization. Until we get some sort of maturity there and a strong sense of best practice, then I don't think it's a huge concern to consumers. And the other part of that Mac address issue is, by all means correct me or attack me but the other thing we have seen too in Mac addresses is a lot of the manufacturers don't seem to understand what they're for either. We have seen a use amount of reuse of Mac addresses and you can get software to change Mac address. What we originally thought of as being a really unique identifier, this was a good thing, that went years ago because the folks didn't know what to do with it and didn't abide by that so that gets back to standards and adherence to standards.
>> Yes, I see your finger on the button. Yes.
>> Could I also get into the cue in addition to trying to respond?
>> AVRI DORIA: Why don't you take it now since you're already on the mic.
>> Okay. Thank you for that. I want to point out that unless we have a set of agreements about the properties that we want these devices to exhibit, this is a policy question, we won't be able to say very much about interoperability. I hate the idea of gateways because it's just another damn box that you would have to configure and could fail. But I understand as a pragmatic point a lot of people using different protocols to control all these devices. Here are some things that did not come up in this conversation so far. One of them is safety. We talked about security but I think safety is going to be even more important. You don't want devices that turn out to put you at risk, physical risk, potentially. So that's one point.
Second thing is wearables have the property that they are both mobile and portable. There's one of them. I'm not wearing my Google glass right now because I loaned it to one of my engineers. But these are coming and we have to factor that into our architectural design. The last point I wanted to remind you about is liability. And what obligations the maneuverers of these things might have. It gets a little scary. I think about the with the Google self‑driving car. The first time there's an accident, who is liable? Is it the programmer? Is it the company? Is it something else? I think the machine to machine communication and Internet enabled machines will invoke some of that issue as well.
>> Thank you. Okay. I want to go back down to the room here and okay. Yes. And I've got one and then you will be after.
>> Okay. First thing I --
>> AVRI DORIA: Introduce yourself.
>> Electronic frontiers, Australia. I think it's important and forgotten it provide an extraction mechanism we can use for many other purposes. So there's a lot of good reason to be there and we will find many reasons even if the name on the end of the string looks like blah, blah, blah. But the question really and it touches on things that Vint said and Ram said earlier, so I looked earlier in the year there was a security incident where they had broken into a company's network via a security floor in LAX.
And sort of really I mean that one thing really brings the points it not just that there will be flaws but as Ram said we need not to just configure them but actually update software. That is an enormous horrible problem but the one we absolutely have to solve and I see here the way we think about operating systems for computers are these are very important things and we need to have service agreements and we need to keep them updated and the manufacturers must have mechanisms to push out security. Embedded devices, maybe the manufacturer he might put out an update but coupled together with whatever version have Linux they have, those years engineers have been moved from that project and manufacturing we do not do that. How do we insure that we shift manufacturing of these smart devices from this model of it's the functionality you bought it to no we have to absolutely have mechanisms to update the operating systems to patch operating systems of millions, billions of devices. That seems to me to be a big problem, where do we start?
>> AVRI DORIA: Thank you. Please.
>> AUDIENCE: Thank you. I'm a member of the Dutch senate. I'm very happy to hear that consumer rights are addressed. I didn't hear anything about the ethical question, maybe if someone wants to tell, the ethical question, the ethics. At this moment consumers are not actually involved with the process. We heard this morning as well during this session there. And it might be that we need different consumer rights because we are entering a totally completely new world. Many aspects of the points that you addressed are issues for consumers as well. I think coming also to your question what do we need to do more, it would be favorable if we had some kind of platform for interaction with consumers so they can be involved with the process and think along the way things are happening.
>> Thank you.
>> That's a wonderful suggestion for moving forward. I can only take 1 or 2 more questions.
>> May I quickly respond?
>> AVRI DORIA: Please.
>> As a quick response to your ethical question (overlapping voices) up in the second round in fact at the beginning not on the table but it came up and there is some research in this field.
>> AVRI DORIA: Thanks. A quick answer from here and two last comments and then we'll go to time out.
>> AUDIENCE: I think that's a very important issue ethical side but also I ask myself how about human beings? Really do human beings need all those things and are they ready emotionally? Psychologically? And we should ask many questions, I don't want to take time.
>> AVRI DORIA: Thank you. Those are good questions but are human beings ever ready emotionally would be my question? (Laughter) Okay.
>> AUDIENCE: Sandra Hoferichter. It's funny I would like the catch up with the thing the two ladies said before and maybe we should consider there are a lot of men talking and the ladies are somehow the ones raising the concerns. My concern actually is although I'm a fan of new technologies and try to use as much as possible, how much of autonomy of our basic human abilities we are going to give to machines in the future? I mean, things like open the window when the air is too humid, regulating the heating when it's getting to warm, darken the light.
All these things if we are giving them to machine I fear at one point we won't be able to have a feeling a sense of when we need to open the window, when we need to regulate the heating, when we need to darken the light. And I mean such developments that happen in the past as well. At the moment when people decided not to shoot their animals by them self and prepare them but going to the butcher and buy them there. So we gave away already some kind of ability to serve our basic needs. And in the future I think this could be extended and this very small example for this development is that how many or can you even remember the phone numbers of your father, sister's brother's husbands? I can't. Because I'm using that model home and everything is in there. I'm depending on that quite a light. The engineers should always at least consider if someone was choosing to go the old fashioned way still be able to be able to by a refrigerator that is not able to track the bank of a America. And I have a fear this is not going to happen.
>> AVRI DORIA: Thank you. One last.
>> It was quick.
>> AUDIENC: Thank very much. I'm from Russia, from Moscow. Actually I would like to continue with the safety because the thing is when we have smart devices we have seniors, so they have data. And how we can be sure, you know, how we can guarantee they generate proper data. How we can guarantee it's reliable data. And when we are talking about machine to machine communications, so obviously we should be ‑‑ we should insure that machines receive proper data otherwise we can have toasters doing something bad or heating system. Thank you very much.
>> AVRI DORIA: Thank you. So I would like to give people on the participants on the dais, the committed contributors, I can't wait to become a contributed contributor with an opinion because I have so many I've kept to myself. You wanted to comment on one comment on one thing.
>> A equip I wanted to make. I think you were asking for the right to turn it off so instead of the right to be forgotten we evolved to the right to turn it off. Perhaps that's not such a bad thing. I think in this context, too, the gentleman here was mentioning things about unreliability of this data. This data will often be inherently unreliable because of the size of the devices they really can't do that much that's great.
Another point David raised back here was requirements for updates and things. I think that the model is fundamentally wrong in a lot of our consumer devices. The incentive is wrong. The incentive within this market is you just sell more. If it doesn't do what people expect, you just buy another one or you take that one and throw it away. This whole disposability concept means that the incentives for manufacturers provide updates are not there. They want to you buy a new one, not fix the old one. And that does not lead to a right to a healthy environment.
>> AVRI DORIA: Thank you. Who else would like to make a comment please?
>> Regarding the guarantee, the government wants to control the guarantee than lab making a regulation though the regulation doesn't work in a case of uncertain environment. But so that is the reason why they have been using liability, I believe. Liability means try the best effort to compensate some kind of thing and providing the best effort quality of function based on our best knowledge.
So that is saying we ask this problem as well, always the government wanting to make a regulation in order to protect end users that's not true. The thing we have to do is we have to provide the opportunity or right or capability for the end user to be able to control, be able to see what is going on in the system. That is what we have to provide. That is reason why we always in the open system, providing a transparency. For example, we’re making a strong fight with the government about smart meter issue (?) Though we’re asking them and the user has a right to read the data, to use the data so the user has a right to be able to correct and use the data. That is yet another important thing.
>> AVRI DORIA: Thank you. Ram, you wanted to comment and Hussein wanted to comment.
>> Thank you. Norell talked about what I call the Kleenex model for devices, disposable model. Underlying this is at a sustainable recycling model doesn't really exist and manufacturers ought to think about a sustainable recycling method that in many ways might be a start of a solution for the software update and the embedded systems problem. And there might be economic incentives for that. Down the road I expect also to see potentially a market exchange for used Mac addresses or reusable Mac addresses and there's a security vector there as well. And finally, if manufacturers of these devices don't exercise care we can see a future where there will be a global market for used devised that can be repurposed to bring new security threats to if front. Devices that appear to be trustworthy but it's really more than a Trojan horse, it's more like Trojan mites.
>> Thank, very much. Very rich discussion. As we see IoT starting to go into maturity early maturity phases, we have seen it before as vertical coming up with standards, focus on these particular verticals like transportation, health, automotive industry. I think now it's very important that for global adoption of IoT both developed world and developing countries that these come to consensus or a place of where they can come together. Verticals inside the verticals or verticals together. Hopefully the IETF will be the place where in takes place. Global standards are needed, not only vertical standards. So this is good news that is happening and a direction we should support through the IETF. Availability I hear the concern and except the comment from my fellow panelists. So in central location where you are in making a decision based on the data you receive you go through a process of data cleaning, identifying what data is really flawed and use data that is more liable to make up your discussion. Last point shouldn't forget about use of machine to machine and IoT for emerging economies. Not only to better the standard of living for humans but basically being able to help them live and support and necessities in terms of reducing subsidies, availability of food, availability of water for irrigation and drink.
>> AVRI DORIA: Thank you. Kuo Wei Wu.
>> KOU WEI WU: I think we are talking about two different lines and trying to think about the mechanics and how to intercommunication between these two lines much one line is from idea to the innovation, to the development, to implementation, to the markets. And then we are talking about safety, security, ethic, liability, whatever. Now I think the community we need to think about in which states in what area we are thinking about ethic, we are thinking about liability issue. So I think we should view the mechanism for the community. Think about how to communicate between the development lifecycle and the security ethical liability issue. I think there might be a fundamental we have to think about it.
>> AVRI DORIA: Thank you. We are just about running out of time. I made my next to last chair's decision letting the conversation run longer. I don't expect we are going to complete any of the discussions today. Did any of the other panelists have a last word that they needed to say? Two last words.
>> One is to remember that remote diagnosis may be very important to help a user of these devices figure out what is not working. The second thing is to think about building to machine communication. You walk in and the device learns something from the place that it's in and we can take advantage of things like that to make better emergency services, mobile goes into a hotel room and there's a problem when it calls the emergency service it says in this room number, this name of the hotel, here is the temperature and the customer has fallen on the floor. We have the ability to use this technology to make our lives better.
>> AVRI DORIA: Thank you. Rolf and then Maarten. Although you'll have lots of chances to talk when this is over.
>> ROLF WEBER: Technologies are going to grow and to evolve over time so representatives of social sciences have to see it to that they have accompany technology.
>> AVRI DORIA: Maarten and I wanted to give a word to Wolfgang and then do the business.
>> MARRTEN BOTTERMAN: Rudolf had a session this morning and some good points came up and this was really good and I think a lot of material and I'm sure you'll wrap up later to combine that, right? A lot of input to what we can take forward. One thing that particularly for the lawyers or the politicians amongst us. The fact that we don't have law that is built for what we are building in a way means that we cannot hide behind it. And as a manufacturers as a service provider we have a responsibility which is not limited to one country or one jurisdiction if you want to be global. So we will need to set our own ethical standards. And we will need to be responsible and transparent showing that we are caring and doing that because the other thing the Internet where people communicate also as to transparency if you (?) One country the whole world will know.
>> Thank you very much.
>> WOLFGANG KLEINWAECHTER: My name is Wolfgang Kleinwaechter. We founded seven years ago the collection of the Internet of things and this is an example of where the governance forum is a great place that you can identify at an early time an issue and stimulate discussion across silos where stakeholders are sitting. This is a wonderful opportunity that technical people talk to lawyers, talk to Civil Society people that government are here, that we have the business people here. This is a unique setting and we should make use out of this and we shall continue with this dynamic coalition on the Internet of things and I'm also happy what the OECD had this workshop this morning and they are invited to join this Dynamic Coalition and we will talk about the plan for the future just immediately after this meeting is closed.
So I cannot give the summary from the debate but as an academic if I would put this into a Swat analysis I would say the strengths of the Internet of things that is we can do things which we were unimaginable years before t weakness is we have only little knowledge about the unintended side effects. The opportunities that we have new business chances and we can make our life easier, better organised, cheaper. But the threat is that we will lose our privacy and we can lose control over our own life and we have to take this into consideration. This would be my Swat result. Thank you.
>> AVRI DORIA: Thank you Wolfgang and thank you to the committed contributors that often go understood as panelists but thank you so much. I want to quickly ‑‑ we are not quite over. Dynamic Coalition, I said we would talk about where to go further. We don't have much time to do that but I wanted to say three things. One is at the euro dig when we had a meeting one much our intermediate meetings I committed to take a Wiki that had been created for us and populate it. I never got around to it. And I carry as I leave being chair of the coalition I will continue to carry that obligation so I will work on it and then there will be a chair ‑‑ see there wasn't a chair to beat me up for not doing it. The chair kept giving me permission to not do it but I'll have a chair that will actually make me work, I expect. He can try. I thought your idea was wonderful within the context of that Wiki or some other thing find a way to reach out and get more people, users, consumers, whatever, involved and bring them into the discussion so that we start getting those so I think that was a great idea so I'll look to keeping that.
The other thing we have got is we have a paper that needs further work that will be online and it's something that I'll set up so the people can comment on it further and see where we want to go with that. We have an e‑mail list. You can find it on the Dynamic Coalition web page that the IGF keeps so I encourage all of you to get involved and we can continue the discussion about the work we need to do, the Dynamic Coalition really does attempt to keep working. They will probably be 1 or 2 opportunities during the year to have a coalition, Dynamic Coalition meeting. I haven't the faintest idea at the moment where they are or when they will be. You know that, will come. Now the last thing I needed to do was to divest myself of the chair of the Dynamic Coalition.
Wolfgang passed it to me about two years ago and we have no process for electing. And what we have sort of formed as a tradition and if we do it now will become a tradition because doing it once doesn't really make a tradition, doing it twice might, is that as the chair I sort of request someone else to please take it away from me and we ask the assembled coalition whether they object. So I have been begging Maarten to take this away from me and he did most of the work of organising this so I would like to ask is there any objection to me handing the chair over to Maarten for the next year? (Applause)
So in closing as no longer the Chair, thank you. It's yours.
>> MARTEEN BOTTERMAN: Okay. Thank you, very much. I'm honored and a little bit worried about the coming year but I do look forward to bringing this further because I truly believe that this subject gives us an edge on what needs to happen in preparing for the Internet of the future that we care about. So my condition was that I asked my fellow contributors to continue to contribute and I promise to do so as well. If you haven't been on the list yet and you don't know how to get on the list, you can also drop your business card here and he'll be informed of the activities between the IGFs so you don't have to wait for next IGF to act on this. For sure the paper will be there, for sure we will have the kind of summary of what happened here today as we have from Euro dig as well. And you have access to it and we look forward to your feedback. And this is not something that we are doing for the world; this is what we can do with the world to bring it further. So thank you, very much. We have 18 seconds left so we are early. It's a pleasure to close this meeting and thank you for your active participation. Thank you for your contributions, committed contributors.
(Applause)
***
This is the output of the real‑time captioning taken during the IGF 2014 Istanbul, Turkey, meetings. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.
***