International Telecommunication Union criticised for its role in internet snooping
At EuroDIG, the first European Dialogue on Internet Governance, the scientists and experts of the Council of Europe have sharply criticised the International Telecommunication Union (ITU) for acting behind closed doors in its initiatives towards cybersecurity standardization. Bertrand de la Chapelle, godfather of the first EuroDIG on behalf of the French government, said EuroDIG should tell the ITU to allow all interest groups to participate in discussing new technology standards. The recent meeting in Strasbourg emphasized the idea of cooperation between governments, the industry and users as one of the central points to be presented at the UN Internet Governance Forum in Hyderabad.
Just recently, the ITU's work on standards for back-tracing IP addresses caused something of a furore. Yet, said Bill Drake, a scientist at the Center for International Governance at the Graduate School in Geneva, this work was only a tiny part of the work being done in the sensitive area of IT security. He warned that China, Russia and the USA could become the new axis of evil, pushing forward the integration of new ways of snooping on the internet. There was in his view an ambitious agenda extending beyond technical questions all the way up to legal regulations to counter cybercrime.
If you had access to the documents, Drake said, you could see everything that was going on, but the ITU was not an open organisation. Drake's criticism was echoed by other representatives of non-governmental organisations, complaining that draft standards in domains that were of great significance for all users, such as identity management, were not being made available to the public or to interested circles. Drake warned that ITU member countries and its member firms might thus be setting the agenda for the ways and means in which the internet could be used in future. When he mentioned possible problems with the work of the ITU to non-governmental organisations, he said, they dismissed the ITU as a powerless "dinosaur". But he recommended by contrast that European governments and organizations should make a clear demand for more transparency from the ITU. If Europe did not do this, he stressed, neither the USA, Russia, nor China could be expected to do so.
Thomas Schneider of the Swiss Office for Communications pointed out that, during the last general meeting of the ITU, the so called Plenipotentiary Conference of the Member Countries, a series of European countries had insisted, jointly with Switzerland, on the ITU experimentally allowing public access to the technology documents. The ITU had now carried out a series of consultations, he said, but each time only a handful of experts had spoken up. If the Europeans did not get involved in this process, it was to some extent their problem.
Alexander Seger, head of the Council of Europe's Division of Economic Crime, expressed further criticism of the ITU. Up to a year ago, he said, the experts of the Council of Europe had worked together quite well with the ITU as the organisation commissioned with following up on the World Summit on the Information Society. But, ever since the ITU had published its cybersecurity agenda, there had been enormous problems with such cooperation. Seger demanded that the ITU return to its role as an organizer of the process. The Council of Europe is also concentrating heavily on the topic of security as a custodian of the Cybercrime Convention.