Category Archives for "Internet Society"

Middle East Chapters Advocacy Meeting

Last month, the Chapters Advocacy Workshop for the Middle East, took place in Beirut Lebanon. The two-day event hosted Chapter leaders and representatives from  Bahrain, Egypt, Jordan, Lebanon, Saudi Arabia, Morocco, Palestine, Somalia, Syria, United Arab Emirates, and Yemen. While the focus was on MANRS (Mutually Agreed Norms for Routing Security), it also included representatives from the Blockchain SIG (Special Interest Group).

During the two days, we discussed many issues related to the Middle East Chapters and their concerns, the 2019 plan of the Middle East Bureau, the strategic vision for the Internet Society, and the 2020 planning process. We acquired feedback from the delegates on our plans and community facing processes. We had ample staff representation that contributed immensely to the workshop, including, Sally Wentworth, Salam Yamout, Konstantinos Komaitis, Sally Harvey, Nermine El Saadany, and Aftab Siddiqui.

Aftab initiated the workshop with an introductory session on MANRS. He gave a technical breakdown on what MANRS is about before moving onto a hands-on workshop. The second day opened with an introduction to the 2020 Strategic Plan, followed by a PEST analysis led by Sally. Participants gave feedback on what’s important to their Chapters and to themselves as members Continue reading

Improving Routing Security: Microsoft Joins MANRS

In November, a routing incident in Nigeria caused Internet traffic to be rerouted through Russia and China. It lasted for just over an hour, but during that time, it significantly affected some cloud and search services globally, including Spotify and Google’s Search. It was one of more than 10,000 incidents, such as route hijacking and leaks, that occurred in 2018. Past events have led to large-scale Denial of Service attacks, stolen data, and financial losses.

The global routing system is the backbone of the Internet. It determines how everything – from email messages to videoconferences to website content – moves from network to network. The November event, caused by a configuration mistake with a small ISP in Nigeria, shows that routing incidents can have significant global effects – impacting the security of the Internet itself.

A number of network operators around the world – including Oracle, GÉANT, and Comcast – have joined MANRS to address these types of routing threats. The Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society, does this through technical and collaborative action across the Internet. Those who join agree to take meaningful action to keep the Internet safe for everyone – Continue reading

The Week in Internet News: San Francisco Bans Use of Facial Recognition by Police

No cameras, please: The San Francisco Board of Supervisors has voted to ban the use of facial recognition technologies by the policy and other agencies over privacy and civil liberties concerns, the New York Times reports. Even though police across the country have used the technology to identify criminals, facial recognition has raised fears of abuse and of turning the country into a police state.

Broadband in space: SpaceX had planned to launch a rocket containing 60 satellites designed to deliver broadband service, but the company delayed the launch a couple of times, first because of wind and then because the satellites need a software update, ExtremeTech reports. The launch was supposed to be a first step toward Elon Musk’s plan to create a space-based broadband network.

Broadband in drones: As an alternative to satellite broadband and other efforts, SoftBank is looking at ways to provide Internet service by drone, the L.A. Times says. The Japanese telecom carrier recently announced it is working with drone maker AeroVironment to build a drone capable of “flying to the stratosphere, hovering around an area for months and serving as a floating cell tower to beam internet to users on Earth.”

Just Continue reading

Envisioning the Future in the Middle East

How can the brightest minds help transform the Middle East for the better? The MIT SciTech Conference hoped to find answers. The annual three-day conference, which took place 19-21 April in Boston, Massachusetts, brought together students and professionals from across North America and the MENA Region. This year’s theme was “Envisioning the Future: Cities of MENA,” and included an IDEAthon on Energy, Innovation, and Infrastructure.

Many people from all over the globe attended the conference, mainly Arabs who were also successful tech entrepreneurs, leveraging the Internet to reach communities across the world. They also spoke about their innovations and inspired the young participants, who included MIT students, through panels, keynotes, ideation processes, and SciTech talks.

The first day started with a tour of MIT Labs and the launch of the IDEAthon. After initial sessions and introductions, participants were left for the night to work on their ideas. Those ended up being presented at the end of the third day to judges, with cash prizes awarded to winners so that they could turn them into reality by implementing them throughout the Arab world.

Infrastructure is a challenge in the MENA region, especially with a rapidly growing population, and the conference Continue reading

WhatsApp: How a Bug Relates to the G7

On 13 May, more than a billion users saw the messaging application WhatsApp being updated. At the same time reports appeared that a vulnerability had been used in attacks that targeted an unknown but select number of users and was orchestrated by an advanced cyber actor.

Facebook, the owner of WhatsApp, reported it fixed a vulnerability – a buffer overflow, a fairly well known type of vulnerability – that was, according to media (see references  below), used in the spyware product Pegasus from the NSO Group, an Israeli company that sells spyware to governments and intelligence agencies all around the world.

Two observations:

  • Despite best efforts, bugs in software exist – if critical bugs in global communication systems are found they can have a global impact. There are two additional observations that come with that:
    • WhatsApp is a valuable target, if bugs exist they will be found and exploited.
    • A process that allows for bugs to be reported, promptly fixed, and automatically rolled out are crucial elements to maintain (or restore) trust in this sort of software. There are sectors of the industry (anybody listening in IoT land?) that can learn from how this is handled by Facebook.
  • The Continue reading

The Week in Internet News: Broadband Project to Nowhere

Dead end: ProPublica has a story about Kentucky’s $1.5 billion broadband expansion program, which the story calls an information highway to nowhere. The program is behind schedule and over budget, with the state’s IT chief directing money to other projects and partnering with commercial ISPs.

Broadband billions: Meanwhile, the U.S. Department of Agriculture says that bringing broadband to unserved areas of the country would generate $47 billion of new economic activity a year, according to a story at Broadband in rural areas would enable precision agriculture technologies, which allows high-tech crop management based on sensors and other connected data sources.

I can’t Google: Finally, our broadband access trifecta of stories concludes with a Cronkite News story about the lack of access in many U.S. tribal areas. “Just Google it” has become a bit of a joke among the Hopi tribe in Arizona because many areas don’t have Internet access.

The luxury of privacy: Consumer privacy online can’t be a luxury good that only the rich have access to, Google CEO Sundar Pichai said recently in an opinion piece at the New York Times. Speaking at a conference, Pichai also spoke in favor of privacy legislation Continue reading

Introducing The Internet Society Accessibility Special Interest Group

An ordinary day on 9th April 2019 was turned in to an extraordinary one, as our efforts bore fruit and we finally succeeded in chartering the Internet Society Special Interest Group on Accessibility. The Internet Society Accessibility Special Interest Group or ISOC Accessibility SIG/ISOC A11y SIG is intended to serve persons with disabilities to ensure the Internet and digital domain is for everyone.

Over 1.3 billion people worldwide – about 15% of the world’s population – experience some form of disability. The Accessibility SIG, with a people-centric approach, is aimed at providing interested participants a platform to discuss the Internet-related accessibility issues faced by the people with disabilities and to try to find the solutions to those issues. It also aims to provide a collective voice to a community that the UN calls the world’s largest minority.

The SIG also represents a journey for all of us who are members and who are dedicated to creating equal access to the Internet for everyone regardless of disability. The journey at the Internet Society started with the establishment of the ISOC Disability and Special Needs Chapter in 2002. Along the way, many dedicated and tireless workers, like the late Cynthia Waddell Continue reading

Talking Internet of Things in Canada at IoT613 This Week

This week, 8-9 May, we’ll be at IoT613 in Ottawa, Canada, talking about our work on “Trust by Design” – the idea that privacy and security should be built into Internet-connected products, and not just an afterthought. We have been working with manufacturers to embrace the Online Trust Alliance’s IoT Trust Framework, which identifies the core requirements manufacturers, service providers, distributors/purchasers and policymakers need to understand, assess and embrace for effective IoT security and privacy. We also work to encourage consumers to demand security and privacy and to help policymakers create a policy environment that strengthens trust and enables innovation.

This week in Ottawa, we’ll have an Internet Society booth at the event both days, and on 9 May, Mark Buell, North American Bureau Director, will be part of an “IoT in Canada” panel that will “explore current IoT trends in Canada, identify the benefits of IoT for businesses and citizens and find out how Canada’s IoT ecosystem stacks up compared to the rest of the world.” Mark will speak about the Canadian Multistakeholder Process: Enhancing IoT Security, an Internet Society-led initiative to develop a broad-reaching policy to govern the security of the IoT for Continue reading

The Week in Internet News: Unencrypted USB Drives Pose Security Risk

No encryption for U(SB): About 55 percent of U.K. businesses don’t encrypt information on USB drives, according to the result of a survey published at Information Age. Also, 62 percent of executives surveyed admit to seeing USB devices in unsecured locations such as desks, drawers, and exposed office spaces.

Out of touch: As healthcare providers explore ways to use Artificial Intelligence to treat patients, the human touch may end up a casualty, NPR says. AI could “create a gulf between health caregivers and people of more modest means,” with some people not getting the human interaction with healthcare professionals that they need, the story says.

Ship it with blockchain: FedEx CIO Rob Carter, speaking at a recent conference, called on the international shipping industry to mandate the use of blockchain to track shipments, Computerworld notes. The technology could help weed out counterfeit goods, backers say.

Intelligent standards: The U.S. White House has launched an effort to develop AI standards, and it’s asking for public input, NextGov writes. An executive order on AI directs the U.S. National Institute of Standards and Technology to issue a set of standards and tools that will guide the government in its adoption of Continue reading

Register for AfPIF 2019

Join us in Balaclava, Mauritius for the 10th Africa Peering and Interconnection Forum (AfPIF) from 20-22 August 2019.

AfPIF attracts ISPs, content providers, governments, and IXP’s for three days of learning, sharing, and building business in Africa.

Why should you attend AfPIF-2019? Have a look through the AfPIF 2018 Summary Report, which contains briefs of presentations, emerging discussions, speakers, and sponsors.

Sponsorship opportunities are available to promote your business to these key audiences. Find out more about these opportunities here:

Register now to secure your place – and remember to check your visa requirements for travel to Mauritius.

Don’t miss Africa’s premier peering event – celebrating its 10-year anniversary this year!

The post Register for AfPIF 2019 appeared first on Internet Society.

How the Internet Society’s Privacy Statement Stacks Up

For ten years, the Internet Society’s Online Trust Alliance (OTA) has published an annual comprehensive survey of 1,200 sites’ security and privacy practices. The 10th edition of this Audit has been released and can be found here. As part of the Audit, we score each site’s privacy statement against 29 criteria, ranging from whether it is linked to on the site’s homepage, to whether it states how the site handles children’s data.

For this blog post, we decided to use the Internet Society’s current privacy statement as an example, to illustrate the criteria used, and to show how a privacy statement fits into the bigger picture of an organization’s privacy practices. A privacy statement is only one piece of an organization’s overall privacy practices – although, as the public-facing piece, it is of course important. Other aspects (which are not included in the OTA survey) include:

  • expressing and committing to a set of overall privacy principles
  • having internal policies and practices that put the public-facing privacy statement into practice
  • internal and external enforcement of the commitments expressed in the privacy statement

There are myriad ways to structure a privacy statement and, to be frank, many privacy statements are written with different goals Continue reading

The Economics of Trust: Overcoming Obstacles to Better Consumer IoT Security

In 2018 the Internet Society launched the Trust by Design campaign, to make sure that security and privacy features are built into Internet of Things (IoT) products. We focused our activities on consumer IoT, a segment particularly vulnerable, despite having the biggest share in the IoT market. We believe trust should come as standard, and so we’ve been working with manufacturers and suppliers to make sure privacy and security are included in the initial design phase all the way through the product lifecycle, as outlined in the OTA IoT Trust Framework. Our work does not stop there, as this goal can only be achieved when consumers drive demand for security and privacy capabilities as a market differentiator and policymakers create a policy environment that strengthens trust and enables innovation.

Consumer IoT devices and services without adequate security pose a wide range of risks, from directly threatening the security, privacy, and safety of their owners to the devices themselves turning into botnets that can initiate DDoS attacks against the Internet. As more and more connected devices with weak security are rushed to the market due to competition and cost concerns, missing trust is deeply rooted in economics. To better understand the Continue reading

The Week in Internet News: Microsoft Reduces Password Count

What’s my password again? Microsoft has changed its baseline security configuration, which had suggested passwords be changed every 60 days, Ars Technica reports. Requiring users to change passwords so often can be counterproductive by encouraging them to pick easy-to-remember passwords, the article says.

Big money: Facebook has set aside $3 billion to pay a potential fine to the U.S. Federal Trade Commission over its handling of users’ personal data and various data breaches, CNet reports. Some critics say the expected fine, which could reach $5 billion, is a slap on the wrist for a company that clears tens of billions a year in profits, Recode suggests.

Blocking speech: Terrorist attacks in Sri Lanka that killed more than 350 people on April 21 have prompted the government there to block social media in an effort to prevent the spread of fake news, CNN reports. While some groups praised the decision others said that restricting free speech isn’t productive, says.

Censorship on the rise: Meanwhile, it’s becoming increasingly common for governments to block Facebook and other social media for a variety of reasons. This social media blocking could lead to wider censorship efforts, The Verge suggests.

Please regulate us: Continue reading

Young People: Building an Internet for Everyone

Young people everywhere are building technology, mobilizing communities, and raising their voices to shape policies that create an Internet that’s truly for everyone.

That’s why we’re partnering with the not-for-profit and non-governmental organization AIESEC on a pilot project to train 500 young people on Internet-related skills in Bolivia, Nepal, Namibia, and Kenya.

It’s our hope that this project will be the start a journey that will result in even more young voices joining a community of thousands of people around the world who believe in the open Internet.

Young people like Pamela Gonzales.

At only 24 years old, Gonzales is the co-founder of Bolivia Tech Hub, an early stage incubator that serves as one of La Paz’s only support systems for the city’s tech community, helping entrepreneurs to learn, develop, and collaborate on new projects.

She’s impacting hundreds of lives, but she says it didn’t come easily.

In her first year of university, she partnered with a friend of hers, a local web developer, and together they secured funding and built something new.

“My mission was to find a place to learn the things I couldn’t learn in the university,” Gonzales said. “I found there were a lot of students Continue reading

Consumers International Summit: Making IoT Privacy and Security a Priority

Each day, more and more of us buy products that connect to the Internet, such as personal assistants, fitness monitors, appliances, and home security systems. Odds are you have one, two, or even more. There are more than 23 billion of these Internet of Things (IoT) products installed around the globe – roughly triple the world’s population – and that number is growing.

The Internet of Things offers the promise of convenience, efficiency, and more personalized services. However, many of these products are designed with little consideration for basic security and privacy protections.

The Internet Society and Consumers International formed a working partnership last year to address these challenges and to make sure consumers have access to trusted Internet-connected devices. We are proud to be lead partner at the Consumers International Summit, 30 April – 1 May, focused on putting consumers at the heart of digital innovation.

Consumers care deeply about their privacy, security, and how their personal information is collected and handled. On May 1 at the Summit, our President and CEO Andrew Sullivan will unveil new research from Consumers International and the Internet Society exploring what matters most to consumers when buying connected devices. He will also Continue reading

EQUALS in Tech Awards: Nominations Now Open

Are you working to building a better Internet for women? Do you know initiatives that are promoting the development of digital skills for girls? Is your organization contributing to defend the Internet by helping women get equal access to leadership opportunities?

If the answers are yes, we have something for you.

The EQUALS Global Partnership has announced that the nominations for the 2019 EQUALS in Tech Awards are now open.

The Awards recognize groundbreaking initiatives from around the world aimed at bridging the gender digital divide.

The nomination period will run until June 11, 2019. You can nominate your own initiatives or those of others for an award in one of the following categories:

  • Access: Initiatives related to improving women’s and girls’ digital technology access, connectivity, and security
  • Skills: Initiatives that support development of science, technology, engineering, and math (STEM) skills of women and girls
  • Leadership (two subcategories):
    • Initiatives focused on promoting women in decision-making roles within the ICT field
    • Initiatives promoted by tech sector companies to bridge the digital gender divide
  • Research: Initiatives prioritizing research on gender digital divides and producing reliable evidence to tackle diversity issues within STEM and computing fields

The annual EQUALS in Tech Awards are Continue reading

The Internet of Things: Why ‘Trust By Design’ Matters

Kids holding hands on fields

As we have seen vividly in recent years, inadequate security and privacy protections in the Internet of Things (IoT) can have devastating impacts – on Internet users and core infrastructure. The high profile Mirai botnet distributed denial of service (DDoD) attack in 2016 was a dramatic example of the effects of poor security in IoT devices, and CloudPets connected teddy bears were withdrawn from sale by most retailers after it was revealed that millions of voice recordings between parents and their children were exposed. But the threats from these insecure devices don’t vanish when they are updated or recalled, since there is often a large number of them still in service, and still vulnerable.

Because of this, the Internet Society is particularly focused on improving the security and privacy of consumer IoT. As a rapidly growing area, it is especially vulnerable and has been exploited by malicious actors.

That’s why we’re encouraging manufacturers to adopt Trust by Design.

“Trust by Design” – an umbrella term that includes Privacy by Design and Security by Design – is an essential component of a healthy IoT ecosystem. It has significant implications beyond IoT for the health of the Internet as a whole, and Continue reading

The Internet Society’s African Chapters Join the African Union and Other Partners to Discuss IoT Security, Privacy, and Digital ID in Africa

In collaboration with the Africa Union Commission (AUC), the Africa Telecommunication Union (ATU), and Omidyar Network, from 8-11 April 2019 the Africa Regional Bureau successfully gathered in Addis Ababa, Ethiopia 103 participants comprising Internet Society Chapter leaders, African Regional economic bodies, privacy experts, regulators, and data protection agencies to a two-day workshop on IoT Security, Privacy, and Digital ID followed by the 2019 African Chapters Advocacy Meeting.

The first day of the workshop focused on IoT opportunities and security considerations. It explored the IoT landscape in Africa and shared active deployments and chapter-led projects. The day also discussed IoT security and privacy considerations with emphasis on frameworks that could be implemented to ensure the security and safety of IoT devices. A dedicated session on aligning policy and IoT security needs shared the experience of the Senegal multistakeholder IoT security process and motivated member states to initiate a similar process in their countries.

The second day focused on localizing the AUC and Internet Society Personal Data Protection Guidelines. Our partners AUC, Omidyar Network, Mozilla Foundation, and UNECA unpacked issues related to digital identity, personal data protection and privacy in the region. The meeting explored the nature of policies in place to Continue reading

Girls in ICT Day: Attend the Global Marathon in Digital Skills Development

There’s a lack of gender diversity at all levels in the technology sector. This is partly because the number of female students in mathematics, engineering, computer science, and science is disproportionately low around the world. So how do we close this gap?

Support for the education of women and girls in the ICT sector is consistent with the Sustainable Development Goals (SDGs) – in particular SDG 5, aimed at achieving gender equality and empowering all women and girls through, among other things, information and communication technologies.

The Women’s Special Interest Group (Women SIG) of the Internet Society is committed to promoting the participation of women in the Internet ecosystem, especially considering the importance to increase the participation of girls and adolescents in Information Technology and Communication.

This April 25, International Day of Girls in ICT, promoted by the International Telecommunication Union (ITU), aims to reduce the digital gender gap and to encourage and motivate girls to participate in technology careers. With the support of the Internet Society Chapters and local civil society organizations, we’re planning to celebrate the day with a global marathon of training in digital skills development. We want to motivate girls and teenagers to study and Continue reading

10 Years of Auditing Online Trust – What’s Changed?

Last week we released the 10th Online Trust Audit & Honor Roll, which is a comprehensive evaluation of an organization’s consumer protection, data security, and privacy practices. If you want to learn more about this year’s results, please join us for our webinar on Wednesday, 24 April, at 1PM EDT / 5PM UTC. Today, though, we thought it would be interesting to see how the Audit and results have evolved over time. Here are some quick highlights over the years:

  • 2005 – The Online Trust Alliance issued “scorecards” tracking adoption of email authentication (SPF) in Fortune 500 companies.
  • 2008 – Added DKIM tracking to the scorecards, and extended the sectors to include the US federal government, banks, and Internet retailers.
  • 2009 – Shifted from scorecard to “Audit” because criteria were expanded to include Extended Validation (EV) certificates and elements of site security (e.g., website malware).
  • 2010 – Introduced the Honor Roll concept, highlighting organizations following best practices. Only 8% made the Honor Roll.
  • 2012 – Expanded criteria to include DMARC, Qualys SSL Labs website assessment, and scoring of privacy statements and trackers. Shifted overall sector focus to consumer-facing organizations, so dropped the Fortune 500 and added Continue reading
1 2 3 45