EuroDIG 2018 in Tbilisi: exploring new frontiers and looking into the (digital) future
From 4-6 June, CENTR attended and participated in the eleventh edition of EuroDIG, which this year was taking place in warm and welcoming Tbilisi, Georgia.
In the afternoon of Day 1, CENTR gave a 90-minute training on how the internet and the DNS work, followed by questions from the audience. It was a great opportunity to review the basics with a group of about 30 attentive participants. It also gave a better sense of why policy and internet governance discussions matter in the grand scheme of things when it comes to understanding their impact on the technical aspects of the DNS.
Among the many sessions of interest, a few that we were able to attend covered topics such as the ever-so-popular GDPR, challenges to the DNS and its future (which conveniently followed our training), the slow adoption of IDNs (universal acceptance) and the European plans to combat fake news.
The session “Is GDPR still a mystery?”, which a clever participant mentioned should be called “Is GDPR still a misery?”, was structured in a way that allowed a broad overview of the subject by sub-dividing it into 8 sub-topics:
- Impacts on the private sector and discussions around the data controllers and processors;
- Impact on social media platforms;
- DPAs and penalties (measures of enforcement);
- Impact on WHOIS;
- Consent (when and how to ask, etc.);
- Data subjects’ rights and awareness; and
- International data transfers (adequacy decisions, certifications, etc.).
The participants were split into 8 groups to each discuss these topics with dedicated leads. The WHOIS group was led by Elena Plexida, formerly from the European Commission and now working for ICANN. A few CENTR members were represented in this discussion, as well as a GAC member and RIPE NCC. The government representative mentioned that the GAC is coming up with a draft proposal for a code of conduct, which is one avenue explored to find a solution to the WHOIS (privacy) issues. Most participants agreed that there are valid reasons for the WHOIS to exist, that a dark WHOIS was not an option and that a federated access solution (accreditation system) seems like the most reasonable way forward, even though it may still take some time for the multistakeholder community to agree on the details. ICANN highlighted that there is no one, single database (therefore, many data controllers), that local law supersedes any contract with ICANN, that there are several usages for the WHOIS and that a bottom-up approach takes time. Participants agreed that a roadmap is clearly needed, as well as more transparency, more awareness and more educational material.
The session titled “DNS quo vadis – addressing challenges and the future functionality of the DNS” was organised in the form of a panel discussion, which included interventions from ICANN, Europol and DENIC. ICANN shared on the DNS being built on a low common denominator, admitted that there were pressures on the system as protocols evolved and mentioned the importance of monitoring alternative naming systems. Europol talked about criminal uses of the DNS, highlighted its vulnerabilities (to which Peter Koch’s DENIC disagreed), acknowledged the patches built over time, but that these patch-ups made LEAs a bit blind. DENIC mentioned the KSK-rollover challenges, the DNS’ complexity and operational challenges to it due to the concentration in TLDs and DNS providers through mergers. Another point made was that the biggest challenges now were security (DNSSEC) and privacy. All participants agreed that the highest priority for the DNS moving forward was technical stability and that despite the emergence of a few alternative identifier/naming systems, no one could imagine any of them replacing the DNS any time soon.
Another sub-topic that was raised with regards to the future of the DNS was its role in fighting abuse, a topic that is of high interest to many registries. Participants agreed on the importance of education and awareness in the field, highlighting that the DNS is a neutral infrastructure. Regulatory bodies can help reduce abuse, more monitoring tools are needed, but a participant even stated that the DNS is an enabler of cybercrime. Clearly the debate is still ongoing when it comes to using the DNS to combat illegal content, despite the fact that according to our own training on how the DNS works, it is clear that using some form of DNS blocking is a poor solution to this issue.
The one topic that was raised in many sessions was the society-wide problem of "fake news". In a dedicated flash session on day 1, the European Commission explained the reasons behind the EU Communication on "Tackling online disinformation: a European Approach" that was published on 25 April 2018. Part of the outreach is the establishment of a Forum that will include publishers, LEA and advertisers. In its Communication, the Commission proposes a EU-wide code of practice on disinformation, support of an independent network of fact-checkers, and tools to stimulate quality journalism. Questions from the audience underlined the issue here: What is fake news? Some of the comments drifted into vaguely related areas such as "trash" content. It is highly questionable that this is an area where regulation would be helpful.
Last but not least, from a technical and logistical point of view, this EuroDIG meeting exceeded most expectations. There was good quality live streaming and remote participation available for most sessions, interactive participation tools and efficient live reporting, all in a well set-up venue at the heart of Tbilisi. CENTR would like to warmly thank the EuroDIG secretariat for its fantastic job on such a successful event!
The consolidated programme of EuroDIG 2018 can be found here