The Internet’s future was the reason for a major OECD conference in Seoul in June, at which Australia’s Communications Minister, Stephen Conroy, was a keynote speaker. Here, from Nigel Waters of the Australian Privacy Commission, is a rundown on the key themes to emerge: one important lesson was that there needed to be better consultation with civil society, Nigel says.

 

The Future of the Internet Economy

OECD Ministerial meeting, Seoul, Korea, 17-18 June 2008

<> 

By Nigel Waters, Australian Privacy Foundation and Consumers Federation of Australia

Introduction

Communications Ministers from OECD member countries met in Korea to review the future of the Internet for the first time since a similar meeting in Ottawa, Canada, in 1998.  The host country provided a topical reminder of the issues at stake: while Korea has the world’s highest Internet penetration rate – 94% of households had access at the end of 2007, and the Korean media report many social and economic benefits – many vested interests clearly feel threatened.

In the weeks leading up to the conference, major citizen protests against government policies used broadband communications effectively to mobilise support. The Korean President, in his speech opening the conference, felt it necessary to warn: “The spread of spam mail, lies and incorrect information, which take advantage of the anonymous nature of the internet, are threatening the peoples’ rational thinking and trust.”

This struck a very discordant note in relation to the general tone of the proceedings which emphasised  the important contribution the Internet has made to free expression.

Privacy as a major theme

Australia’s Communications Minister, Senator Stephen Conroy, chairing the main conference session on Building Confidence, emphasised privacy issues as a major factor in holding back take-up of electronic commerce.

It is not surprising that privacy was recognised as a major issue, both in the main conference and in the official Stakeholder Forums[1] which preceded it.  What is more encouraging is that it was mentioned across nearly all of the streams of discussion. Whether in relation to intellectual property protection, identity management or general online consumer protection, privacy is seen as a key consideration.

Another major theme of the meetings was online security and efforts to combat cybercrime and problems of malware and online fraud. While there was some recognition of the complex interface between privacy and security, discussion of possible conflicts did not go very deep. It remains to be seen whether measures to secure the internet, and to allow investigation of unlawful activity and facilitate dispute resolution can be designed in ways that do not involve unacceptable levels of monitoring and surveillance of internet users.

In this respect, a call at the meeting for OECD members to adopt the Council of Europe Cybercrime Convention illustrates the dilemma – while the Convention is an important contribution to law enforcement in the online world, it has some negative privacy implications, such as an increasing trend towards mandatory data retention as a resource for law enforcement, and imposition of liability and obligations on telcos and internet service providers which conflict with some of the other important foundation principles and features of the Internet.

The policy document Shaping the Future of the Internet Economy, adopted by reference in the final Ministerial Declaration, contains many commitments to address privacy issues, and draws attention to a range of Policy Guidance documents already issued by the OECD[2], and to the ongoing work of its Working Party on Information Security and Privacy (WISP)[3]. The OECD’s 1980 Privacy Guidelines Principles remain the benchmark for information privacy laws throughout the world.

Suggestions were made during the meetings that the Guidelines should be reviewed and possibly updated, and in reponse to a question, Canadian Privacy Commissioner Jennifer Stoddart suggested that the foundation of the OECD Principles on the concept of data in separate silos was antithetical to the spirit of the Internet[4]. Others warned that in the current national security and law enforcement climate, any review of the Guidelines would risk a weakening the Principles.

In his closing address the Secretary-General included the following on privacy:

 “As the individual becomes more of a focal point of the Internet economy, it is not a surprise that the currency of the Internet economy is personal information. OECD recognised the importance of personal data 25 years ago when it issued the Privacy Guidelines which form the foundation for most countries’ privacy standards. The guidelines have stood the test of time. But the growth of business models built around the mining of this data and the explosion of social networking sites, require us to better understand and analyse changes both from an economic and a social perspective – what are the risks, what are the benefits? and how do we adapt policy to this new environment? Thus, we need to assess our policies and instruments in this area. This assessment needs to be conducted on a global scale with the active involvement of all stakeholders.”

Emphasis on international collaboration on enforcement

It is encouraging that the meetings, and related documents, placed particular emphasis on the need for more effective cross-border enforcement, of consumer protection and privacy laws as well as criminal laws.  The OECD’s 2007 Recommendation on the Cross-border Co-operation in the Enforcement of Laws Protecting Privacy is an important resource in this respect and together with the parallel work of the APEC Privacy Subgroup offers a prospect of a long-overdue improvement in the level of international collaboration on implementation and compliance as well as on policy development.

Stakeholder involvement

The OECD is notable for its facilitation of input from stakeholder groups. There are two formal advisory committees, for business (BIAC) and for organised labour (TUAC), and constant recognition of the importance of input also from Civil Society and, in the context of the Internet, from the technical community.  All four interest groups were  involved in the planning of the Ministerial and in the three official stakehlolder forums which preceded the main meeting, and were given specific opportunities in the main meeting both to report on the forums and to make closing remarks.[5] 

In his closing remarks, the OECD’s Secretary General expressed appreciation for the participation of the stakeholders and recommended “… that we begin the process of formalising the participation of civil society and the technical community in the work of the OECD on the Internet economy.”[6]

Civil Society and organised labour, working in an online collaboration through the Public Voice Coalition, developed a background paper for the meetings, and a Declaration which was finalised and issued at the conclusion of the stakeholder forum, and presented to Ministers on the closing day, with more than 70 non-government signatories from around the world.  The Declaration makes specific recommendations to the OECD and its members under 11 headings including Freedom of Expression; Protection of Privacy and Transparency; Consumer Protection[7]; Promotion of Access to Knowledge; Support for Pluralistic Media; an Inclusive Digital Society and Cultural Diversity.

In a call for balanced intellectual property protection, particular mention was made of the proposed Anti-Counterfeiting Trade Agreement which is seen as a poor example both of secretive policy making and of a disproportionate response to the  pleadings of a particular interest group.  Internet specific recommendations in the Civil Society Declaration include support for multi-stakeholder governance of the Internet, and promotion of open standards and ‘net neutrality’. 

Next steps

It was recognised that Internet issues are developing so rapidly that more regular re-assessment of policies is required. In his closing address, the Secretary-General accepted an invitation from Ministers to review the declaration and the progress made towards the achievement of its goals and principles in 3 years time. 

In the meantime, the Ministerial Declaration will be followed up with specific work programmes in several different areas of the OECD.  The Seoul Forum was organised by the Committee on Information, Computer and Communications Policy (CICCP), and this committee will have carriage of much of the follow-up work, including the the privacy and security work of the WISP, already mentioned above.  In addition, the Committee on Consumer Policy (COPOLCO), which had met, also in Seoul, earlier in June, has already committed to work in the areas of combating online identity theft, strengthening mobile commerce business practices and promoting more transparency and consumer flexibility in communication services.     ENDS   ENDS   ENDS

CLA thanks Nigel Waters for his rundown on the Seoul Internet Conference 2008.