Session
Organizer 1: Civil Society, Asia-Pacific Group
Organizer 2: Civil Society, Western European and Others Group (WEOG)
Organizer 2: Civil Society, Western European and Others Group (WEOG)
Speaker 1: Nilay Shah, Civil Society, Asia-Pacific Group
Speaker 2: Mishi Choudhary, Civil Society, Asia-Pacific Group
Speaker 3: Greg Nojeim, Civil Society, Western European and Others Group (WEOG)
Speaker 4: Robyn Greene, Private Sector, Western European and Others Group (WEOG)
Speaker 5: John Ackerly, Private Sector, Western European and Others Group (WEOG)
Speaker 2: Mishi Choudhary, Civil Society, Asia-Pacific Group
Speaker 3: Greg Nojeim, Civil Society, Western European and Others Group (WEOG)
Speaker 4: Robyn Greene, Private Sector, Western European and Others Group (WEOG)
Speaker 5: John Ackerly, Private Sector, Western European and Others Group (WEOG)
Format
Classroom
Duration (minutes): 60
Format description: The classroom format will be best suited for this session as we plan to bring together industry specialists, regulators, civil society, and experts. We will be presenting views from both the global north’s as well as the global south’s experience with encryption and regulatory mandates. Participants will have much to gain from seeing the panelists engage with each other, and will also have the opportunity to participate in the discussion through questions. However, the primary purpose of this session is knowledge dissemination, and the classroom format will be most relevant here.
Duration (minutes): 60
Format description: The classroom format will be best suited for this session as we plan to bring together industry specialists, regulators, civil society, and experts. We will be presenting views from both the global north’s as well as the global south’s experience with encryption and regulatory mandates. Participants will have much to gain from seeing the panelists engage with each other, and will also have the opportunity to participate in the discussion through questions. However, the primary purpose of this session is knowledge dissemination, and the classroom format will be most relevant here.
Policy Question(s)
1.How can lawmakers ensure that they take only proportionate measures that preserve encryption while also fulfilling national security/CSAM prevention mandates? Are there alternatives to anti-encryption mandates that can fulfill societal interests?
2. Where should regulation flow from to preserve communications security? Is the national, regional, or international level the right place to consider this question?
3. Who would be the most affected in case of acquiescence to demands to break encryption? Who stands to gain or lose if we have systems that cannot comply with access desires to encrypted communications from authorities?
What will participants gain from attending this session? Opinions on encryption from industry specialists, regulators, civil society, and experts. Views from both the global north’s as well as the global south’s experience with encryption and regulatory mandates. An insight into commonalities if any, and future plans of action. The importance of encryption and why is is so crucial to protect this bastion of free speech.
The interplay between regulatory action, user harms, and the roles that platforms can play in this regard.
Description:
With more and more of our lives being lived digitally, end-to-end Encryption (E2EE) in our personal communication remains probably the last bastion protecting our data from government access and helping to preserve our privacy in an increasingly surveilled world. However, even this proverbial last frontier has been facing ever more vicious assaults. Across jurisdictions, countries have tried to compel companies to build backdoors that break encryption, or mandate tech companies to identify the originators of messages. In recent years, governments and agencies from both the global north and global south have changed their stance on E2EE. Some examples are the traceability provisions in the Indian IT Rules, 2021, the European Union’s CSAM scanning proposal, the Technical Capability Notice that the UK has served on Apple to compel it to build in a backdoor to its encrypted iCloud service, and the U.S. state of Nevada's fight to ban the offer of E2EE to minors. In this light, it seems to be the right time to discuss the necessity of, and the future of, end to end encryption and its impact on privacy in an evolving world. Considering the requirements States around the world are imposing, the regulations and standards governing communications security are in a state of flux. As a multi stakeholder body, the IGF is an ideal forum in which to consider these questions and propose a path forward. Losing E2EE, in an age where basic digital rights are already being eroded, could be catastrophic for the most marginalized and vulnerable communities in our society. The implications for tangible, real-world harms to emanate from this move, particularly in least developed countries, need to be better considered before any further decisions are taken.
With more and more of our lives being lived digitally, end-to-end Encryption (E2EE) in our personal communication remains probably the last bastion protecting our data from government access and helping to preserve our privacy in an increasingly surveilled world. However, even this proverbial last frontier has been facing ever more vicious assaults. Across jurisdictions, countries have tried to compel companies to build backdoors that break encryption, or mandate tech companies to identify the originators of messages. In recent years, governments and agencies from both the global north and global south have changed their stance on E2EE. Some examples are the traceability provisions in the Indian IT Rules, 2021, the European Union’s CSAM scanning proposal, the Technical Capability Notice that the UK has served on Apple to compel it to build in a backdoor to its encrypted iCloud service, and the U.S. state of Nevada's fight to ban the offer of E2EE to minors. In this light, it seems to be the right time to discuss the necessity of, and the future of, end to end encryption and its impact on privacy in an evolving world. Considering the requirements States around the world are imposing, the regulations and standards governing communications security are in a state of flux. As a multi stakeholder body, the IGF is an ideal forum in which to consider these questions and propose a path forward. Losing E2EE, in an age where basic digital rights are already being eroded, could be catastrophic for the most marginalized and vulnerable communities in our society. The implications for tangible, real-world harms to emanate from this move, particularly in least developed countries, need to be better considered before any further decisions are taken.
Expected Outcomes
The outcomes we expect from this session are:
Finding possible alternatives apart from weakening E2EE.
Find avenues for collaboration between regulators, civil society and industry.
Identify potential joint actions from experiences in the global north and global south.
Further,
Learnings from this session will be further disseminated in India through capacity building trainings.
Hybrid Format: We will facilitate interaction between onsite and online speakers and attendees through a moderated Zoom link. We will livestream the session, and also provide opportunities for online attendees to ask questions of the in person speakers through a chatbox.