 With that, I would like to announce our speaker Neil Stenover, who is head of digital at Article 19 and is a PhD candidate at the Data Active Research Group at Amsterdam University. He will talk to us about human rights in organisations that create new rules for the internet, for networks, and we all have a buy-to-buy. So, great welcome to him. Thank you. Hi all. I am super excited that you are all here and not in the afternoon, son. So, thanks for that. I've got way too many slides for this talk, so I am going for a UDP approach to presenting. That means you might not all get it, but I'm happy to resend at any time later during the day. But let's keep this real-time real-time. Before we dive into the talk, which I hope will be fun, I want to talk about something serious. And that is about the people that are not with us here today. About people that have given up their freedom, and in some case their lives, for internet freedom. For doing the things that we are doing here. Ali Gharafi, Peter Stoipner, director of Amnesty International in Turkey and these people are in jail. For doing digital activism, Basel got executed by the Syrian regime. For that, Allah is now in jail in Egypt. These brave Vietnamese bloggers are in jail as well. These brave Ethiopian bloggers from the Zone 9 group have been in jail, have been tortured. The internet is fun, but it can also be a very serious business. So when we talk about the internet and about securing it, let's think about the people that give away so much for this. I am Nils. I am a PhD candidate and head of digital at Article 19. Head of digital is a bit of a binary prosthesis, but that was given to me, so I'm happy to keep it. I've been working before this on digital security and freedom of expression in a lot of different countries. But I was so frustrated by teaching people digital security. We have been teaching saver sex since the 80s and it means you only need to do one thing to be safe and people still don't do it. When we work on digital security, we tell you a thousand things that you need to do and we're still not really sure that you're safe. And in the best case scenario, nothing happens. That is such a bad incentive for behavior change. And especially asking this of the people who are in extremely stressful situations where they're just trying to do work, asking them to validate keys and do all these extra things just to be productive, it's not going to work. We should be able to do better. So that is where I got interested more in internet infrastructure and tried to make things more human rights respecting by default. And I'm going to take you a bit on that trip that I've taken, which has been very much an exploratory trip. So we start with a bit of history where I can show you that I'm also a bit of an academic. So buy some quotes to lay the theoretical groundwork. We shape our tools and thereafter they shape us. When we create technology, we consciously and unconsciously embed our own thoughts, values and worldview in them. That's not special for technology. We also do that in architecture. If we make broad roads with no sidewalks only for cars, what's going to happen? More cars. If we're going to recreate large spaces with benches, trees, people are going to be outside. So the way we shape our infrastructure is shaping our societies. That's rule number one. Now I hear you thinking, well, but technology, it might be just neutral because it's not technology that kills people. It's people that kill people. So here I'm going to try to introduce the term affordances. Another academic thingy. Bear with me. It means that it's the characteristic of a technology to enable or disable certain use and behavior that makes it easier or harder to do things or even to have specific rights. And the question of course, who is creating that technology? What we also need to think of is that technology, so we talked about affordances, Neil Postman, took that to the far end and said the way technology is built is determining largely how you can use it. Well, I feel some of you getting really anxious about it because it's exactly the hacker way of breaking technology and using it in different ways, right? But it's still showing and growing the path. There is also some pretty good criticism on Neil Postman because he's saying you're putting way too much importance on the technology. That's why they also called him a techno determinist. Technology cannot solve all our problems. Having said that, technology is a very human activity, so it's intertwined with technology and human social behavior. So let's try to trace the history of technology and the history of enabling of our rights. So you've gone through the academic part, it will be much better now. So what I forgot to ask, who of you here self-identifies as a lawyer or policy person? Yes? And how many of you are technologists, nerds? Very good. So I'm going to be hard on the lawyer side. Lawyers, please help me. So let's have a short look at the history of technology. And it's important to see that during the Second World War, the first programmers were actually women working on the ANIAC machine. And the ANIAC machine computer was designed to calculate the trajectory of artillery. And a lot of resources went into this. At the same time, the Radiation Lab was set up, where for the first time interdisciplinary researchers got together to work on systems. One of the people working there was Bookminster Fuller, who stood at the beginning of the development of what we now know as Silicon Valley culture. But at the end of the Second World War, something else happened as well. And that was the Universal Declaration for Human Rights was written. It was drafted under the lead of a drafting team by Eleanor Roosevelt. And what is important to know about the Universal Declaration of Human Rights is that there is no other international norms document that has been accepted by more countries. So it's the biggest agreement on norms that we have. But it is not a hard agreement. And I'm not alone in this frustration. Also, if you reread the anecdotes from the UK delegation, they really wanted to make it international law, but they couldn't get through it. That only happened later on when we got the international covenant on civil and political rights. And that was in 1966. So with these treaties, the Universal Declaration became international law in parts. And not only in 1966 the international covenant on civil and political rights happened, but also the international covenant on economic, social and cultural rights. Why do two treaties at the same time? Why not fold them into one? It's because of the politics, stupid. The civil and political rights were the wishes of the America and the Western Europe bloc, and the international covenant on economic, social and cultural rights were the wishes from the Soviet and the G77 bloc. Later we also had, and so there was a lot of contention between the two, give and forth, and these two were seen together with the Universal Declaration as the international bill of rights. There are also other conventions that codify human rights, such as the international convention on the elimination of all forms of racial discrimination, and the convention of the right of person with disabilities, and the convention on elimination of all forms of discrimination against women. This is international law, and governments should do everything to protect these international laws and enshrine them in their own national laws. Once you've done that, you've ratified the treaty. Then, fast forward in history, Berlin Wall fell. So the contention between the Soviet and the Western bloc kind of dissipated, and this was enough for Francis Fukuyama to say, this is the end of history, liberalism has won, welcome to the future, this is going to be freedom for everyone. The middle class will rise, and with the growth of privatization, everything will be good, and liberal democracies will flourish under capitalism. That was the promise that was made to me, and it was not true. At the same time, after the fall of the Berlin Wall, we also see the rise of internet hosts. So this huge wave of privatization went together with the building of the internet infrastructure. So if we think back about the previous world communication network, which was the Telegraph, and the Telegraph was completely regulated nationally by governments and internationally by the oldest UN body, that's even older than the UN itself, is the UN Telegraph Union, which nowadays is called the International Telecommunications Union. Only governments have a say there. But the internet was not built on government standards. It was built in another form of governance. We'll talk about that more. But let's go back to the human rights story. Because then in the 2000s, people realized if it's only governments going to protect human rights, then we're not going to get far, because some companies are actually getting quite on par with governmental power. So how are we going to keep the governments to account? Well, first in the early 2000s, we had the UN Global Compact. And the UN Global Compact said, you need to have a corporate social responsibility strategy, CSR. How many of you have heard of that? Good that I'm telling you then. And corporate social responsibility was pretty much, you can have an oil leak here, you can build a school there, you're good. So that's, and everyone after a while said, this is not really good, or this is not good enough. But it created the awareness that companies had a responsibility to do something about human rights. And then in 2011, under a committee drafted by John Roggy, the UN guiding principles for business and human rights were thought up. And they're actually quite simple. There are three pillars. The responsibility to protect, the responsibility to respect, and the right to remedy. So it reaffirms the role of governments to protect human rights. They should go out and do everything within their ability to protect human rights that are universal, inalienable and interdependent. Then the corporations and non-state Xers had the responsibility to respect human rights. That means that they have the responsibility to look within their own policies and operations and do a human rights impact assessment to understand how they impact, and here comes the important part, directly or indirectly human rights. So with that is also the introduction of the concept of chain responsibility. So, and you've heard about this. You've heard about this in the garment industry, where Nike and Adidas had sweatshops in Bangladesh, India, etc. With the push of the UN guiding principles for human rights, it was much easier to hold them to account, and many of these have now signed it and got it into place. Same with the mining industry, same with the banking industry, not in the IT industry. We think of ourselves as being completely ahead, but actually we're pretty much behind the curve. And the forgotten pillar, the right to remedy. That's the possibility that if your rights have been violated, you have a way to access to that beset right. That can be via national law, but corporations should also provide that possibility to set that right. So now let's go back to the internet and let's see where those two worlds merge. So let's differentiate three different layers. Yeah, we can go all OSI about it, but we're going three layers. The physical layer, the logical layer, and the social or the application layer. And where we're talking increasingly about human rights, and in this schematic provided by ICANN, everyone puts human rights on the application layer, because that's what people can see, that's what people understand. But somehow these layers are forgotten layers, whereas if we think back about affordances, these lower layers actually make possible everything that is on top. So perhaps we should try understanding what the impact is of the logical and the physical layer and how that is done. So let's have a look at that. And then we get into this weird beast of the multi-stakeholder model. No one really knows what it is, because there are many different forms of multi-stakeholderism. Some more formalized, some less formalized, some more accessible, some are less accessible. So I'll give you a few examples where we can have a look at. So let's start with the World Summit on Information Societies in 2005, which was still a UN meeting, but a lot of people were invited to come and to work on a joint outcome document, which was the Tunis agenda, and there in the 42nd point, which was not on top of their priority list, they reaffirmed the commitments to freedom, to seek, receive, and impart and use information. So the connoisseurs among you might know that this is exactly the language of Article 19 of the Universal Declaration of Human Rights, so the right to freedom of expression. But here, according to the lawyer weasel words, we also must protect and respect the provisions for privacy and freedom of expression as contained in the relevant parts of the UDHR and the Geneva Declaration, which means if you put in the relevant parts, you can always argue that it's not relevant for that place. But still, it was the first place where human rights got anchored. Then jump forward, you see we're going forward to history. Human Rights Council in 2012 said the same rights that people have offline must also be protected online. A bit of a no-brainer, right, because it's not another dimension, and it's still people, but it was an understanding that we needed to think that the old UN frameworks, the old laws, did not really cover that. And that thinking was really pretty much right, as Edward Snowden has showed us. And then everything got kicked into a higher gear, because the UN General Assembly agreed on the right to privacy in the digital age, where it called upon all states to respect and protect the right to privacy, including in the content of digital communications, to take measures and to review their procedures, practices and legislation. So they should do stuff. Normally when the UN says people need to do things, quite a lot must happen. And this was because Dilma Rousseff, the then President of Brazil, was part of the eavesdropping program that was uncovered by Edward Snowden. And so the Brazilians together with the Germans led this resolution. And it also led to the establishment of a special rapporteur on privacy. Then Brazil organized the Net Mundial Conference in São Paulo in 2014. And that was actually quite interesting, because it was the first time that in the front there were four miclines. And the miclines were for civil society, academia, business, technical community and governments. And people could queue up and it would go round robin. And this confused everyone. Because it was diplomats used to be speaking on behalf of their country, after some hacker. It was really weird, but we managed to get an outcome document. And some found it stronger, some found less representation in that. With civil society, for once we were the best organized stakeholder group. We had one text on which most people agreed. In the end we got a bit snaked by the lawyers of the private sector. But you live, you learn. And what was there is that there is the declaration to the UDHR. But also boom, ICCPR, ICSCR and the Convention on the Rights of Persons with Disabilities. So there is this increasing body of human rights language. But this is all theory, right? They can say everything in Geneva, they're not running the internet. So let's see where the rubber hits the road. Let's have a look at ICANN. Who of you knows what ICANN is? Oh, so good. So ICANN is administering policies and operations for the root zone of the DNS, right? I'm so happy I don't have to explain ICANN. But ICANN is also an example of a highly formalized form of the multi-stakeholder model. It means that the policies for the different top-level domains, the country code top-level domains, and the generic top-level domains, .banana, .amazon, etc., are managed in different spaces, as well as the addressing supporting community. So the handing out of the IP blocks. And then there are also other groups that can have an impact and a review of the policies that are made by these bodies. And within these bodies there is then a sub-categorization of civil society, of intellectual property lawyers. So it's highly structured. And then you think that's a lot of structure. Then within all these bodies there is also a process on how the policies get developed. So you can notice that ICANN is pretty much... colonized is maybe not the right word. But there are a lot of lawyers. And so everything is put down into processes. This helps into transparency, but it also takes you one and a half year to actually understand the processes. So almost all meetings of ICANN, all mailing lists and all video calls are transcribed. But before you understand what is actually being said and how it works, it takes you about one and a half year. So that is where transparency is not the same as having easy access in those policy discussions. So you need a lot of resources, knowledge, networks and understanding, and also money to be able to participate in the meetings. Then something interesting happens after the Snowden revelations. Because ICANN was... So originally the DNS was managed by John Postel. When the root zone was managed by John Postel, when the internet got more important, the US government, the NTIA, the Department of Commerce said, okay, we need to institutionalize this. And they contracted ICANN to do that. Which means that the US still had contracting power over ICANN. And this was something that after the Snowden revelations, the US said, we're happy to give this up. We're happy to give this up, but not to anyone. We're not giving this to another government. We want to give this to the international internet community. This was a new thing. And this is, I think, why multistakeholderism is important, not only because we love the internet, but it's also an innovation in governance. So a sovereign state was able to give out something so important, such an important asset, as control over the DNS. So they said, we need to develop two plans, one technical plan and one plan to improve ICANN's accountability. And we succeeded. You can ask yourself, was this really an internationalization? Because if you look at the language that the NTIA and the Department of Commerce itself put out, it might also be a privatization. And actually there were two press releases. One for internal use in the US, where the NTIA said, we're going to have the private sector take the leadership for DNS management. And in the international statement they said, we're going to internationalize DNS management. So that's something to be cognizant about. But the good thing, part of the accountability work was an inclusion of ICANN to respect internationally recognized human rights. So we were able to put that in before the transition happened, but we weren't able to negotiate all the details. So in Workstream 2, which was the part that would happen after the transition, we were supposed to develop a framework of interpretation for the human rights bylaw, and a lot of people were very afraid that Workstream 2 would be the graveyard of ideas. That's okay, if we push it through for the transition, and then after that nothing will pass. But hooray, we almost have consensus on the framework of interpretation. The last public comment period ended, and we're now reworking that, which means that by the end of the year, ICANN will respect human rights, at least according to its bylaws. This is a slide that you cannot read. You can find this graphic as well on ICANNHumanrights.net, and I'll also put the slides in the description of the talk afterwards. So this is a simple mapping of all different rights, only the GNSO, which was the part that makes policies for the generic TLDs, is touching upon, ranging from freedom of expression, freedom of association, due process, participation, the right to security. So we tend to think that the internet stops at freedom of expression and the right to privacy. But there are way more things mediated by the internet nowadays. It's the right to political participation, the right to due process, right to education, right to science. So all these things, we also need to take into account when we think about infrastructure. Does this mean we're now protected from evil takeovers in ICANN? No. But we definitely have an easier tool to have a look at ICANN, because this means that ICANN will do human rights impact assessments of all its policies. And at the moment when they're doing that, civil society or anyone for that matter can drop in and see, you've missed this, or you should think about this, which means that you don't need to be entrenched in the trenches of ICANN all the time to be able to keep them to account. So hopefully this is a good thing. So let's now have a look at a bit more of the nitty gritty technical bits, because your nerds really stuck a long time with the lawyer stuff, and I'm thankful for that. So what is interesting is that the primacy of the internet is that it's a network of networks. And in that it's a bit incongruent with human rights, because human rights always argues from the basis of the rights holder, the user. But on the internet, users cannot simply claim their rights. Every time you want to connect, you need to ask, can you please give me an IP address? Will you please route my packets? Pretty please? Will you not drop them? Can I please connect without accepting your horrible policies that I do not even know about? This is an inherent part of how the internet is designed. And that means that the people running the networks are always in control. I'm not saying this was intentional. I feel actually pretty okay to say that this wasn't intentional, but it is an affordance, a characteristic of what we've built. So in some senses, we may have it made it harder to protect human rights online because of the infrastructure we have. Again, that doesn't mean, think of Kronzberg's law, that the internet is totally bad. No, it has good parts and it has bad parts. But we need to think about that when building it. So don't leave the rights to the lawyers. Oh, they'll take care of it. Because the rights are being part of the internet that we build, consciously or unconsciously, we're programming in what we think and who we are. And if we want to make the internet a real global network, we need to think with people that are not only from the global north, because half of the world is still not connected to the internet, which means that we're also reproducing a network on which many people might not feel at home. And that pains me, because the internet has always, for me, feel like a place of freedom. For many others it might not. A friend of mine, and he called it engineering performance art, made a programming language in Arabic. And he said, why do you call it engineering performance art? He said, because it's not going to work. GitHub fails, parsers fail, nothing works. Like, UTF-8 isn't even the norm for non-Latin characters. So what we're saying to people who are not using the non-Latin script and often to people not speaking English, not only on the content layer, but also on the development layer, like, this is not your network. You do not belong here. You need to adapt to us. And that is a problem. Yay. But there are many ways to go, and there are also many cool developments. And it is of us to be aware of that and work on it. So let's have another look at another body that is important in the development of the internet, the internet engineering task force. Who of you knows what the IETF is? I love this audience. So good. So something really cool, what we're now doing to take care of the steps, and a colleague of mine said it so greatly, like, why was God able to create the world in six days? Because there was no pre-installed user base. So what we need to do now is that we need to work with all those horrible legacy stuff and just build tunnels upon tunnels and tunnels and tunnels. But that also creates a lot of latency, right? So TCP, you want to establish a connection, SYNARC, SYNARC, you want to do a TLS handshake on top of that, network getting convoluted, shit. So some folks at Google, largely, have developed a new implementation, which is called QUIC, which is pretty much TCP plus TLS over UDP. And it has encrypted almost all the headers. So the sent IP, receiveIC, it's encrypted. It's awesome. And it's by default. It's good. And here, the market powers of Google are quite interesting because they can roll it out really quickly between the Chrome browser and the Google servers. Boom. Then we have a lot of uptake. So then these big companies can actually do something good, which is great. At the same time, there are also some other actors in the IETF. So, for instance, in the discussion on TLS 1.3, there is a strong draft that we should include forward secrecy. Then the banks or other large financial institutions came in and said, no, no, no, no, no, no, no, no, no. No forward secrecy. Because we have so many boxes, and they said this, we have so many boxes unless we had a problem and we had 60 people on a call, we couldn't fix it. It was a problem in a database. So network traffic that we cannot encrypt is a DDoS attack on our system. They're like, oh, my God. It's like you don't even have a panel to check the performance of your databases. So just because they do not want to adapt to an environment in which they have forward secrecy, it doesn't mean they cannot decrypt. They can decrypt at the end points, right? But they want to decrypt in flight. And they said, we only want to do it in the data centers. But why only do it in the data centers? If you only want to do it in the data center, why make it a standard in whole TLS so that everyone can do it? And what is really problematic is that the American Standards Institute, NIST, is supporting this. And NIST has already been pounded one time by the NSA with weakening crypto protocols. And this is shamelessly happening again. So we need to be strong. And that's why we need your voice in the IETF. But these are the problems that we know about. Security, privacy issues, we can make them better. We have quick. And what the quick people said, there was so much fun, is that they said, OK, if you're going to get forward secrecy out of TLS 1.3, we'll implement it with forward secrecy in quick. Fuck you. Pretty nice. So can internet protocols further impact human rights? So within the IETF and the Internet Research Task Force, we set up a research group to start thinking about this. And for that, we needed to try to translate technical concepts into rights. So then you got crazy shit like this. And there were so many discussions to be had about all these different definitions. And also, what does equals mean? Right? Because if you have this, will you automatically have freedom of expression? No. It creates an enabling environment. And this is part why it's important to implement the UNGPs, the Rugby Principles, because then we get to make better policies. Because no part of the internet rules the whole internet, but we need to understand which part of the internet impacts what. Else it's also impossible for policymakers to make same decisions and they're going to make stupid, broad-hand policies because they send, hey, if you cannot make it clear where we should act, we'll use a hammer, because we make laws. That's what we do. So there were a lot of other rights that we've been trying to think of. And two years of thinking and discussing in the human rights protocols considerations, a research group in the IRTF, resulted in the draft on the research into human rights protocol considerations. And that actually gives you a guideline for protocol developers to think about their human rights impact. And this is going to be an RFC by the end of the month. So we'll have an RFC on human rights. Yes! But that means that we now need to leverage those tools. So we have made the steps from saying in general, this is important. Now we're enshrining it slowly but surely, but now we need people to use this because else it'll be dead letters. So what is good stuff in the IETF? While researching for the human rights work, we found a lot of good RFC. Who knows what an RFC is? Okay, very good. I love you. So these are a lot of good RFCs with very interesting rights knowledge. But in a lot of them it was not made very explicit. So we had to do a lot of anthropology and exploring and to understand, doing a lot of interviews. But increasingly language is becoming more explicit and there is more space for civil society in the IETF. And there is a lot of interesting stuff going on. TLS 1.3, DTLS, UTA, which is finally making a pinning for SMTP necessary, KERDOL, cool stuff. You'll like it. Come to the IETF. What is not so good and why we need you to be there, these are the amount of RFCs published and this is by which organization. And I can tell you, the first eight ones are companies. The universities that are in there is because the early RFCs were produced by universities. So because of different reasons, academics and let alone civil society is completely underrepresented. I'm not saying people that work at companies are evil. No, not whatsoever. I'm saying that they are inhaling the fumes. They need to get something done. They're not getting paid to think about human rights. So we should remind them while working on that. And actually they are quite susceptible. Engineers like to solve problems. So let's help them make clear what the problems are and what net we actually want. So what is really ugly and what is also a problem for the IETF and that's what you hear over and over is that the IETF is not the protocol police. These are open standards. Everyone can implement on the internet whatever you want. Permissionless innovation. But what we see is an increase in centralization. We see this on the physical layer with ISPs taking over but it's going to be far fucking worse with 5G which is decided on what 5G is and this is really crazy. In a closed industry body, the 3GPP to which you not get access if you're not a company or not affiliated with a company. And China, the European Union and the US are all battling to be the first to implement 5G whereas we have no idea what is in the spec. So we're just giving them the keys to our spectrum and our stuff. It is so frustrating. And then there were some good parts potentially in it like the open spectrum but then with LTE over Wi-Fi they are going to squat the open spectrum directly and then the netto end effect will be we do not have access to the frequencies and they do not need to pay frequency auctions anymore. Really frustrating. Then in the IETF we had the thing that the internet is end to end. Because IP and the objective is connectivity. End to end is dead, man. It's really sad. If you look at how much content is going through content distribution networks and how much of these content distribution networks are breaking SSL and TLS, it is really a mess and we do not have clear transparency about what they're doing let alone that we know how it's routed because BGP is not transparent. BGP, nice hobby as well, we should clean it up once. Then on hardware we also see a few dominant organizations and well the application layer is all the hype about that. So what does that mean? What are we looking at? Well, it can take different forms. There is some good, some bad and a lot of opportunities and the internet is still a very exciting place and we need to remember that rights are like muscles. You need to train them else they go away and if you train a lot then you know sometimes you might break a bone. That's not so bad. So know about internet governance and know about infrastructure because the infrastructure is what determines what's happening on top. So we need to think about the breaking decentralization of knowledge which means getting it out of the patents and out of the trademarks and getting out of the companies to understand how they are running the networks. We need to fight for our right to science which is also a human right. We need to be able to find out how the networks work because it is nowadays our public sphere that is mediated by the internet. It's about voting, it's about your primary contact to your government, to your representatives but it's also your freedom of association that's largely mediated by the internet. So we need to ensure that we know how it works that we can also ensure that we can keep our rights. Then we need to ensure that we're building a real global network for the people not for the networks, not for the operators, but for the people. And that is something that a lot of the people in the IETF do not necessarily have in mind. They're working on really hard problems for operators but we need to ensure that the end user is better represented and that we as end users also understand the systems better. So we need to take power and rights into account in the design of all technologies because we shape our tools and thereafter they shape us. Thanks very much. Right. We do have quite some time for questions. Hello, hello, hello, hello, hello, hello, hello, hello, hello. Which are the tie, which are the tie between patents and protocol. Okay, so a lot of protocols that are implemented are actually not open protocols such as in the IETF and especially on the lower layers when it comes to physical connection and what is implemented in proprietary systems, they are trademarked so we do not know what they are and we cannot access them. The IETF actually was formally set up and set up for the Internet Society to protect the engineers in the Internet Engineering Task Force from patent claims because a lot of times companies want to standardize their technology so they'll be able to sell the middle boxes. And the funny thing is that a lot of people working in the IETF have trademarks on technology for which they want it to be compatible. That's why probably the banks really do not want to change their technology because then they need to change and because they haven't used open source, they have a vendor lock-in and then they need to pay the vendor a lot to change that. So we need to explain to the banks, you shouldn't have vendor lock-in and you should definitely not put the costs for you having a shitty system in the whole of society. Hello? Yeah. So you talked about IETF and everything that's still not going good yet and this almost sounds like a recruitment speech rather than just some information. So are you recruiting for somebody? Are you forming teams? Yes. I recruit barbarians. For what? Tell me. So we're both active in ICANN, the IETF, the IEEE. We're now also working in the ITU to make work more transparent and we always need people. And the way you can interact is help us simply do in the IETF for instance do human rights impact assessments of working group drafts. Just help us analyze how these new standards can impact human rights and the earlier we do it in the process of the development of the internet drafts the easier we can change things because if you do it very late in the process it's much harder to shift. So we're also having a small public interest group in which we try to coordinate to do reviews of internet drafts and something very similar we have in ICANN as well. So please come talk to me or send me an email and I'm very happy to work with you on this. First of all thank you for a very sobering and interesting talk. I know that ICANN has profited massively from their monopolistic position and I was wondering if that's going to be solved with this new governance model. Well the problem is DNS right is that we need to coordinate to ensure that there are no wait I'll put my contacts on and then I can think again. The problem is with the design of DNS that there is a single root zone that needs to be coordinated and that's done in a multi-stakeholder way. So actually we have not had many problems with the US government intervening in ICANN so it's also a bit of a theoretical exercise. I think it's good because we're trying to understand better how this multi-stakeholder thing can work, whether it will work and whether it will make things better that remains to be seen. It's really too quick because it's only been October last year that it's gotten independent. But we're trying to do some analysis of automated analysis of mailing lists and of discussions to see how the balance shifts but what we do see and that is quite interesting is that there is a huge influx of governments in ICANN to join the conversation which is kind of legitimizing the multi-stakeholder model but on the other hand the government are only advising and not in the policy making trenches so it is such a weird beast. It still remains to be seen how this works which could radically be disrupted if we come up with something as a name coin had this implementation of DNS in the blockchain, right? Yeah, blockchain is going to change everything but you could imagine DNS done differently and that would come with other affordances. So it's... Yeah, Harry Halpin. Yes, XW3C. So I do want to mention quick note on the patent issue. So one thing that would be awesome if the IETF did and one thing that the W3C, the web standards body did correctly is they essentially have royalty free licensing so you have to remember even free and open source software can have patents. You are not immunized from patents unfortunately by using a GPL so therefore I would like standards bodies like the IETF to have better patent policies because I've definitely been on some crypto mailing lists in the IETF where people are just like literally emailing the mailing list and being like I can't read that last email because the IETF says you have to disclose all known patents so if there is a patent but you don't know about it, it's okay. It's a bit dangerous. It's better that they have the companies explicitly declare all patents and promise to license them royalty free forever. That being said, W3C is obviously really fucked up because they're pushing DRM, Digital Rights Management into HTML5 and soon into eBooks being pushed by Netflix and then with eBooks, Springer, Elsevier, everyone else is trying to close down knowledge. Could you please come to your question? Why hasn't Article 19, ICANN, the IETF, all these standards bodies which are doing something about human rights why don't they tell their fucked up younger brother W3C to get their act together or do these organizations think that the DMCA and DRM is compatible with human rights? So at IETF 101 in London in March next year we're organizing a hackathon on privacy and human rights considerations for the W3C to address exactly this and work for two days on seeing how we can integrate these concepts also in the W3C. People from the W3C will be there and I really hope that some of you will join us there too. I'm going to tweet it. Is it good? I'm at Neil Steneuver. So it's the two days ahead of the IETF 101 meeting. So we had a really good hackathon before the last IETF on HTTP status code 451 which makes legal censorship more visible but we now also really want to hack on web standards so that's going to be for IETF 101 and I'd love you to be there Harry. And thanks for fighting the DRM fight. We're not done yet. Hi. You said that we should join IETF probably to help you in doing your fights but it's my understanding that IETF is completely split in half over this topic. If it's even their concern, you know, they say we are technical people, at least one half and the other half says maybe we can take this into consideration but it's still unclear if they are the right people to address with that topic. So I think actually that the situation in the IETF is a bit better because we had a plenary talk not the last but the IETF before that where Dave Clark, one of these early Internet inventors and us talked about human rights and the fact that the Internet Architecture Board organized a plenary talk about that and there was large agreement that this is important and that the IETF should engage on it. That's a good thing. How that's going to be done remains to be seen and indeed in the TLS discussion, it was about half-half but I also had a strong feeling that the deck was a bit stacked there. So it's also for us to get engaged and help us also influence on the other side. It doesn't mean you can't and you all know when you get into the IETF you can just do a hand-wave. You need to come with arguments but that will also help us to understanding because no one understands what the Internet will be. We get to shape it. Great. There appear to be no more questions. Could I have a warm round of applause for our great speaker?