The Digital Services Act and Why the Architecture of the Internet Must Be Preserved

Earlier this year, as part of the European Digital Strategy, the European Commission announced a Digital Services Act package to develop new and revised rules to harmonize and deepen the Single Market for digital services. As a part of that initiative, it also initiated a public consultation to scope the specific issues that may require regulatory intervention.

The Internet Society submitted recommendations in response to the critical issues raised in this consultation. One of the key considerations that we hope comes across in this submission is that in order “to design better regulation for the Internet, it is important to understand two things: the first one is that today’s Internet, despite how much it has evolved, still continues to depend on its original architecture; and, the second relates to how preserving this design is important for drafting regulation that is fit for purpose.”

As noted by the Commission, the scale of digital services is substantially different from 20 years ago, when the E-Commerce Directive was introduced. New actors and new services have emerged, creating a much more complex ecosystem. This new ecosystem presents new challenges, particularly with regard to illegal and harmful activities and content online. Current discussions and regulatory initiatives Continue reading

The Economics of Trust: Overcoming Obstacles to Better Consumer IoT Security

In 2018 the Internet Society launched the Trust by Design campaign, to make sure that security and privacy features are built into Internet of Things (IoT) products. We focused our activities on consumer IoT, a segment particularly vulnerable, despite having the biggest share in the IoT market. We believe trust should come as standard, and so we’ve been working with manufacturers and suppliers to make sure privacy and security are included in the initial design phase all the way through the product lifecycle, as outlined in the OTA IoT Trust Framework. Our work does not stop there, as this goal can only be achieved when consumers drive demand for security and privacy capabilities as a market differentiator and policymakers create a policy environment that strengthens trust and enables innovation.

Consumer IoT devices and services without adequate security pose a wide range of risks, from directly threatening the security, privacy, and safety of their owners to the devices themselves turning into botnets that can initiate DDoS attacks against the Internet. As more and more connected devices with weak security are rushed to the market due to competition and cost concerns, missing trust is deeply rooted in economics. To better understand the Continue reading