Why You Should Be Worried About The ITU's Bizarre Claim To Have A Mandate Over Internet Security

from the looking-to-remain-relevant dept

Mon, Oct 8th 2012 7:35am — Mike Masnick

We just recently wrote about how the UN's ITU (International Telecommunications Union) has been seeking to massively expand its mandate to take over international governance issues related to the internet, based on no real mandate other than one of its own making. Because of this, there are reasonable fears that it will end up creating dangerous rules that favor the incumbent telcos (often closely associated with certain governments) over what's actually best for the internet. Part of that analysis suggested that this was about the ITU trying to remain relevant in any way it could. After all, the core reason for the ITU existing for more than a century and a half was to deal with how different telcos would do the kinds of things that people no longer rely on telcos for. Because of that, they've basically been pretending that they should be involved in all sorts of unrelated things.

For example, plenty of the recent discussions coming out of the ITU have been focused on internet security issues. And you could argue that there are some significant security concerns that need attention. But is the ITU the proper body for this? Almost certainly not. Anthony Rutkowski has written up a history of the ITU's relationship to security noting that, at best, the ITU has tended to completely ignore security issues, and at worst, "treated security as a kind of vague requirement." The conclusion is pretty clear. The ITU isn't the proper body to be dealing with security at all. It has neither the mandate nor the necessary expertise.

So why is this ITU security history relevant today? Because its Secretary-General's new draft of an unneeded and worthless treaty instrument called the International Telecommunication Regulations mentions the word "security" no less than 36 times. Although the term "security" is never defined, the draft leaves the impression that the ITU is competent to deal with the subject of network security.

The reality today is that almost all work relating to network security occurs in myriad other public-private global bodies where it is pursued on a significant scale among expert communities. It is that array of work in other venues that is used worldwide. What purports to occur in the ITU is basically irrelevant and involves a relative handful of people who appear at meetings or workshops in ITU-T, ITU-D, or the General Secretariat for the purposes of maintaining largely website-based fictions to appear responsive to some political mandate of its conferences or leadership. Although a few knowledgeable and dedicated individuals participate in its work, the ITU as an institution has not possessed in modern history, and today does not possess the competence to deal with the subject matter of network security; and treaty mandates will not alter that reality.

Any treaty-based reliance on the ITU's network security competency would be perilous for the global infrastructure and irresponsible for nation States to recognize. I should know — I was the designated leader of the ITU-T cybersecurity work for the past four years who had to deal with these realities.

In other words, yet another overreach by the ITU to take on something it is not qualified to handle, and which will almost certainly result in a bad situation, driven by political interests, rather than actual security issues.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: internet security, itu, un

9 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

That One Guy (profile), 8 Oct 2012 @ 7:55am

Great, now they've done it...
They used one of the words from the 'List of words and phrases guaranteed to turn a politician's brain off and force him to vote yes'.
[ link to this | view in chronology ]
Zakida Paul (profile), 8 Oct 2012 @ 8:10am

Everything that bodies like these and politicians do is for the benefit of multinational businesses to the detriment of the general public.

The problem is that these companies have become too big to ignore and the public are too small to matter. Until that attitude changes the status quo will continue.
[ link to this | view in chronology ]
Anonymous Coward, 8 Oct 2012 @ 8:30am

the way things are going, the internet is going to be used only by governments and certain businesses/industries. the general public is being restricted more and more by lies, bullshit and fear mongering put out by those mentioned above. this is the only way it is going to be able to be regulated and all those various bodies jockeying for position will end up with their own particular parts to keep working. because atm governments cant get the amount of tax they want, cant monitor all the users and uses there are and companies haven't got the control they want, the public will be forced out. think about it. the general populace having more use of something than anyone else, especially those in official positions? it's gotta be stopped and quickly!
[ link to this | view in chronology ]
Ninja (profile), 8 Oct 2012 @ 10:29am

Nowadays everyone seems to think they should have a mandate over the Internet in general. So I'll launch my candidature for a mandate over the Internet. If I get voted as President of the Internet I vow to just leave it the fuck alone to follow its natural course while forbidding technologically impaired people such as Chris Dodd and Llamar Smith from accessing it. Because I can.

Let the voting begin ;)
[ link to this | view in chronology ]
- u know me, 8 Oct 2012 @ 10:40am
  
  Re:
  +1
  [ link to this | view in chronology ]
Annynomine, 8 Oct 2012 @ 1:46pm

Ignored
The internet has ignored the ITU for the last 3 decades. It will keep doing so.

What was that line about routing around damage, again?
[ link to this | view in chronology ]
Anonymous Coward, 8 Oct 2012 @ 5:03pm

Regulatory Capture
This attempt to interfere by the ITU is a fine example of regulatory capture by telcos. The ITU is pretending to be a regulator -- it isn't, of course, the true regulators are the various national government departments of communications, worldwide. However, the telcos have bought the story that the ITU is a regulator, then they have duly captured it. Now the ITU is doing the bidding of the telcos, attempting to get more money to the telcos. They are attempting to put up gateways, where the telcos can sit and collect fees.

The ITU is actually a standards body. They are reasonably good at that and that is what they should stick to.
[ link to this | view in chronology ]
bikey, 9 Oct 2012 @ 3:19am

ITU
This takeover may well not be 'of its own making'. Let us remember that AFTA was negotiated under the auspices of the most brain dead of international organizations - the UN International Customs Organization- not because it had any expertise but because it wasn't infected with the success of other countries like WIPO and WTO. I suspect there's a mercan somewhere in the woodpile.
[ link to this | view in chronology ]
bikey, 9 Oct 2012 @ 3:20am

ITU
This takeover may well not be 'of its own making'. Let us remember that AFTA was negotiated under the auspices of the most brain dead of international organizations - the UN International Customs Organization- not because it had any expertise but because it wasn't infected with the success of other countries like WIPO and WTO. I suspect there's a mercan somewhere in the woodpile.
[ link to this | view in chronology ]