CDT POLICY POST Volume 7, Number 13, November 12, 2001

A BRIEFING ON PUBLIC POLICY ISSUES AFFECTING CIVIL LIBERTIES ONLINE
from
THE CENTER FOR DEMOCRACY AND TECHNOLOGY

CONTENTS:

(1) Proposed "OPES" Protocol Advances; Policy Issues to Be Considered

(2) Background on Internet Standards, Technology & Policy Project

(3) Increasing Public Interest Participation in Standards Processes

(4) CDT Seeks Input on Public Policy Issues Arising in the Standards Context

(1) PROPOSED "OPES" PROTOCOL ADVANCES; POLICY ISSUES TO BE CONSIDERED

As part of a major new project to increase the public voice in Internet standards setting processes, CDT has been engaged in the debate about a proposed new Internet protocol named "Open Pluggable Edge Services" ("OPES"). In late October, the Internet Architecture Board recommended conditions that should be met if work on OPES continues, and in so doing cited CDT's policy concerns and urged that they be addressed.

The OPES protocol would enable an intermediary (such as a cache operator) in the middle of an Internet communication to alter the content of the communication as it passed from sender to receiver (for example, to insert an advertisement or screen the content for viruses). Although there would certainly be beneficial uses of the proposed protocol, it raises serious policy concerns about data integrity and privacy.

In early August, after analyzing the OPES proposal and concerns that had been expressed about it, CDT submitted extensive comments to the Internet Engineering Steering Group, a governing committee of the Internet Engineering Task Force ("IETF"). Following those comments, we participated in discussions on the OPES mailing list with proponents of the protocol. The proponents advanced a number of changes that addressed some of our concerns. In follow-up comments, we suggested that the OPES protocol effort should be permitted to proceed, so long as strong privacy and data integrity protections could be incorporated into it.

Last month, after reviewing the OPES proposal and the concerns raised by CDT and others, the Internet Architecture Board ("IAB") released its advisory comments on OPES. The IAB considered many of the issues that CDT had raised and recommended that any OPES effort must include strong protections for data integrity and privacy. CDT will be participating in any further discussions on OPES.

CDT's original comments on OPES are at http://www.imc.org/ietf-openproxy/mail-archive/msg00828.html.

Our follow-up analysis is at http://www.imc.org/ietf-openproxy/mail-archive/msg00935.html.

The IAB's analysis of OPES can be found at http://www.ietf.org/internet-drafts/draft-iab-opes-00.txt.

The draft OPES charter can be found at http://www.ietf-opes.org.

(2) BACKGROUND ON INTERNET STANDARDS, TECHNOLOGY & POLICY PROJECT

The OPES proposal highlights a broader issue.

The Internet has tremendous potential to promote free expression and individual liberty. But will future technologies maximize this potential? Or will new ways to use the Internet have hidden downsides, such as a reduction of privacy? Will the technical requirements of new Internet services require resources beyond what individuals or small organizations can afford?

Increasingly, technical decisions about the Internet and its development can have far-reaching policy consequences. Often these technical decisions are made with little public awareness or input. At the same time, lawmakers and public interest advocates often debate policies governing the Internet without adequately assessing their technical merit or impact, and without appreciating how public policies can affect or even harm the technical development of the Internet.

To address these concerns, CDT has created the Internet Standards, Technology & Policy Project. A multi-year effort, the project has two goals:

promote public awareness of and, where appropriate, involvement in the standards-setting, technical governance, and industry bodies that make technical decisions for the Internet;
build better communication among technologists, public interest advocates, and academic policy leaders working on issues with broad relevance to Internet policy.

To direct the Internet Standards, Technology & Policy Project, CDT has recruited John Morris. John combines both a technical background and a law degree. He was one of the lead trial lawyers in the Reno v. ACLU case that first defined the high level of legal protections that speech over the Internet merits.

(3) INCREASING PUBLIC INTEREST PARTICIPATION IN STANDARDS PROCESSES

Decisions about Internet technical standards or network architecture are generally not made by government agencies, which are under legal requirements to solicit and respond to public comment. Instead, decisions are made by private sector technical standards groups, including among others:

the World Wide Web Consortium (W3C):
the Internet Engineering Task Force (IETF):
the Internet Corporation for Assigned Names and Numbers (ICANN).

Historically, public interest organizations have not been involved in the decisions of these bodies. CDT seeks to promote a greater understanding of and appreciation for the work of these standards groups among a broader community. CDT does not seek to change the focus of the standards bodies away from technical decision-making, or to slow their decision-making processes.

As a critical first step in this process, CDT itself is now directly participating in the activities of the key standards bodies.

Within the IETF, in addition to OPES, we are actively participating in the "geopriv" working group that has been tasked to develop technologies to protect privacy in geographic location-based services.
Within the W3C (of which CDT is a member), CDT is actively engaged in the debate about the patenting of protocol technology and the issue of "royalty free" versus "reasonable and non-discriminatory" licensing of patented technology.
CDT is active in a wide range of issues within the ICANN processes.

To broaden awareness and participation, we are planning a web site that will report on the work of the leading standards bodies and explain what issues are being addressed by the standards bodies and what policy concerns they raise. Through this web site, CDT hopes to give policymakers and public interest advocates an understandable window into the work of the standards bodies.

Further, CDT plans to work with a small network of technologists who can follow the work of standards bodies and explain emerging standards issues in non-technical terms.

(4) CDT SEEKS INPUT ON PUBLIC POLICY ISSUES ARISING IN THE STANDARDS CONTEXT

A major challenge facing CDT's Internet Standards, Technology & Policy Project is how to track the activities of the many different relevant standards bodies and identify the potential public policy impacts that new and proposed standards could have.

In this effort, CDT welcomes input from technologists active in Internet standards setting bodies about activities and working groups that are likely to have significant impact on civil liberties, privacy, or other public policy concerns. Although we likely cannot pursue all issues raised to us, receiving advance notice of emerging policy issues will be critical to the success of the Project.

Input can be sent to the Project Director, John Morris, at jmorris@cdt.org.

Detailed information about online civil liberties issues may be found at http://www.cdt.org/.

This document may be redistributed freely in full or linked to http://www.cdt.org/publications/pp_7.13.shtml.

Excerpts may be re-posted with prior permission of ari@cdt.org