Why You Should Be Worried About The ITU's Bizarre Claim To Have A Mandate Over Internet Security

from the looking-to-remain-relevant dept

We just recently wrote about how the UN's ITU (International Telecommunications Union) has been seeking to massively expand its mandate to take over international governance issues related to the internet, based on no real mandate other than one of its own making. Because of this, there are reasonable fears that it will end up creating dangerous rules that favor the incumbent telcos (often closely associated with certain governments) over what's actually best for the internet. Part of that analysis suggested that this was about the ITU trying to remain relevant in any way it could. After all, the core reason for the ITU existing for more than a century and a half was to deal with how different telcos would do the kinds of things that people no longer rely on telcos for. Because of that, they've basically been pretending that they should be involved in all sorts of unrelated things.

For example, plenty of the recent discussions coming out of the ITU have been focused on internet security issues. And you could argue that there are some significant security concerns that need attention. But is the ITU the proper body for this? Almost certainly not. Anthony Rutkowski has written up a history of the ITU's relationship to security noting that, at best, the ITU has tended to completely ignore security issues, and at worst, "treated security as a kind of vague requirement." The conclusion is pretty clear. The ITU isn't the proper body to be dealing with security at all. It has neither the mandate nor the necessary expertise.
So why is this ITU security history relevant today? Because its Secretary-General's new draft of an unneeded and worthless treaty instrument called the International Telecommunication Regulations mentions the word "security" no less than 36 times. Although the term "security" is never defined, the draft leaves the impression that the ITU is competent to deal with the subject of network security.

The reality today is that almost all work relating to network security occurs in myriad other public-private global bodies where it is pursued on a significant scale among expert communities. It is that array of work in other venues that is used worldwide. What purports to occur in the ITU is basically irrelevant and involves a relative handful of people who appear at meetings or workshops in ITU-T, ITU-D, or the General Secretariat for the purposes of maintaining largely website-based fictions to appear responsive to some political mandate of its conferences or leadership. Although a few knowledgeable and dedicated individuals participate in its work, the ITU as an institution has not possessed in modern history, and today does not possess the competence to deal with the subject matter of network security; and treaty mandates will not alter that reality.

Any treaty-based reliance on the ITU's network security competency would be perilous for the global infrastructure and irresponsible for nation States to recognize. I should know — I was the designated leader of the ITU-T cybersecurity work for the past four years who had to deal with these realities.
In other words, yet another overreach by the ITU to take on something it is not qualified to handle, and which will almost certainly result in a bad situation, driven by political interests, rather than actual security issues.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    That One Guy (profile), Oct 8th, 2012 @ 7:55am

    Great, now they've done it...

    They used one of the words from the 'List of words and phrases guaranteed to turn a politician's brain off and force him to vote yes'.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    Zakida Paul (profile), Oct 8th, 2012 @ 8:10am

    Everything that bodies like these and politicians do is for the benefit of multinational businesses to the detriment of the general public.

    The problem is that these companies have become too big to ignore and the public are too small to matter. Until that attitude changes the status quo will continue.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Oct 8th, 2012 @ 8:30am

    the way things are going, the internet is going to be used only by governments and certain businesses/industries. the general public is being restricted more and more by lies, bullshit and fear mongering put out by those mentioned above. this is the only way it is going to be able to be regulated and all those various bodies jockeying for position will end up with their own particular parts to keep working. because atm governments cant get the amount of tax they want, cant monitor all the users and uses there are and companies haven't got the control they want, the public will be forced out. think about it. the general populace having more use of something than anyone else, especially those in official positions? it's gotta be stopped and quickly!

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Ninja (profile), Oct 8th, 2012 @ 10:29am

    Nowadays everyone seems to think they should have a mandate over the Internet in general. So I'll launch my candidature for a mandate over the Internet. If I get voted as President of the Internet I vow to just leave it the fuck alone to follow its natural course while forbidding technologically impaired people such as Chris Dodd and Llamar Smith from accessing it. Because I can.

    Let the voting begin ;)

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    u know me, Oct 8th, 2012 @ 10:40am

    Re:

    +1

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Annynomine, Oct 8th, 2012 @ 1:46pm

    Ignored

    The internet has ignored the ITU for the last 3 decades. It will keep doing so.

    What was that line about routing around damage, again?

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Oct 8th, 2012 @ 5:03pm

    Regulatory Capture

    This attempt to interfere by the ITU is a fine example of regulatory capture by telcos. The ITU is pretending to be a regulator -- it isn't, of course, the true regulators are the various national government departments of communications, worldwide. However, the telcos have bought the story that the ITU is a regulator, then they have duly captured it. Now the ITU is doing the bidding of the telcos, attempting to get more money to the telcos. They are attempting to put up gateways, where the telcos can sit and collect fees.

    The ITU is actually a standards body. They are reasonably good at that and that is what they should stick to.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    bikey, Oct 9th, 2012 @ 3:19am

    ITU

    This takeover may well not be 'of its own making'. Let us remember that AFTA was negotiated under the auspices of the most brain dead of international organizations - the UN International Customs Organization- not because it had any expertise but because it wasn't infected with the success of other countries like WIPO and WTO. I suspect there's a mercan somewhere in the woodpile.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    bikey, Oct 9th, 2012 @ 3:20am

    ITU

    This takeover may well not be 'of its own making'. Let us remember that AFTA was negotiated under the auspices of the most brain dead of international organizations - the UN International Customs Organization- not because it had any expertise but because it wasn't infected with the success of other countries like WIPO and WTO. I suspect there's a mercan somewhere in the woodpile.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This