6. Recommendations
In times of difficulty, [the best way forward is to] find easy common ground and build on that. Post-transition, it is much easier to build on the common ground, i.e. that governments should not play a single determining role in internet governance.87
The following recommendations are directed to EU institutions in general as different bodies within the EU institutions lead on particular aspects of internet governance. However, the EU Delegation to the US is uniquely placed to work closely with US colleagues and EU institutions, to build consensus – particularly in relation to the sensitive issue of the proposed taskforce.
Build on common ground
1. Build capacity by encouraging the participation of moderate, European and likeminded stakeholders in internet governance.
This approach should improve the quality of decision-making by identifying what perspectives and voices are missing from current debates, and fill gaps on a case-by-case basis. Internally, the EU should ensure that its coordination on internet governance cuts across different functions and responsibilities (e.g. security, human rights, innovation, competition and the Digital Single Market) to raise awareness, build internal capacity and engagement. This will foster a higher level and more critical engagement with US counterparts.
2. Create, in partnership with like-minded stakeholders, a taskforce on effective, multi-stakeholder internet governance
The US and EU, in partnership with likeminded states, stakeholders and organizations should establish a taskforce that brings together a diverse group of stakeholders, who would eventually self-manage according to principles of inclusion, transparency and balance. The US and EU should be prepared to take a sustained, proactive role in shaping the taskforce’s terms of reference, protecting against capture and fostering effective, collegial working methods. The taskforce at an early stage should establish meaningful dialogue with China about the future of internet governance.
The taskforce is not intended to compete with, or replace, existing processes, but to work within them to monitor their effectiveness, and identify policy gaps. To minimize suspicion, and secure buy-in from the notoriously prickly multi-stakeholder communities, the EU Delegation should seek to build consensus with US colleagues and key stakeholders on how best to move forward with this proposal. Possibilities for constructive beginnings to the project could:
- Start the conversations informally before making any public announcements.
- Work closely with existing institutions – the Internet Society for example may be a potential collaborator – and seek out influencers within the ICANN and IGF communities.
- Persuade like-minded community leaders – across all stakeholder groups – from those environments to chair and play proactive roles.
- The EU and US should be prepared to make commitments to participate proactively, and to provide co-funding in partnership with other stakeholders but should not be perceived as ‘owning’ the process. Successful examples include the Global Commission on Internet Governance, which was established by Chatham House and CIGI, or the Global Commission on the Stability of Cyberspace, which is funded in part by the Dutch government, and has an independent secretariat comprising two think-tanks.88
The tasks ahead will have the following focus:
- Evolving the principles and practices of multi-stakeholder internet governance in consultation with all stakeholders and ensuring that it remains fit for purpose in the relevant forums.
- Map cybersecurity policy development in the US and EU jurisdictions to make sure they align or at least support the same values, to support the free flow of goods and services across borders.
- Publish an annual scorecard to monitor the effectiveness and accountability of multi-stakeholder governance across the institutions and processes active in internet governance, based on robust, meaningful key performance indicators. The taskforce can make comparisons between multi-stakeholder organizations and multilateral processes such as ITU. It is expected that the multi-stakeholder organizations will show better accountability, transparency and regular review.
- Identify emerging issues and gaps in the existing policy landscape, bringing together appropriate stakeholders to resolve complex, and contentious problems affecting the internet space.
- Engage in capacity-building and training to cultivate the active participation of individuals from across the range of stakeholder groups who are capable of adopting a wider viewpoint (as opposed to pursuit of short-term, narrow self-interest), which is compatible consensus-building within the multi-stakeholder model and the furtherance of shared EU–US values within the ICANN environment.
- Cultivate cross-cutting dialogues that bring together individuals and organizations working in disjointed silos (e.g. cybersecurity, internet governance, human rights, tech platforms).
- Establish annual awards that identify good practice, and recognize individuals’ commitments to furthering inclusive, moderate, multi-stakeholder policies.
Immediate, targeted interventions for the EU institutions
3. Work through non-governmental, like-minded stakeholders to achieve stronger multi-stakeholder participation.
Engage in regular coordination of European (and like-minded) participants prior to key events (ICANN, IGF, EuroDIG). This could be started informally through calls, face-to-face meetings, or a social event at each meeting. Coordination would enable the Commission to understand the range of topics in which European participants are engaged – where gaps and opportunities for influence exist. Conducted in a sustained way, such coordination could embed a culture of working through non-governmental stakeholders to support the ICANN model.
4. Foster a balanced outcome on WHOIS and GDPR
In addition to the work the Commission does in ICANN via the EU GAC representative, it should contribute more proactively to the work of the EPDP on gTLD Registration Data primarily – but not exclusively – through the EU GAC representative on the team, and dialogue with European EPDP members. The Delegation of the European Union to the Council of Europe (EUDEL) may have the ability to coordinate closely with US counterparts on key topics and prior to meetings, and feed this information to relevant Commission offices and the Directorate-General for Justice and Consumers (DGJUST) and Directorate-General for Communications Networks, Content and Technology (DG CONNECT). Additionally, the Commission could coordinate a briefing or joint written advice from across law enforcement, business and data protection representatives (e.g. from DG Home, Justice, Connect and EDPB and possibly EUROPOL) to provide moderate implementation advice for the contracted parties, and make the point that GDPR sits within the general legal framework and supports the objectives of law enforcement, subject to necessity, proportionality and in accordance with the law.
5. Strengthen cybersecurity awareness and input throughout the ICANN process
The SSAC is an influential body within ICANN, which is struggling for capacity to proactively participate in community policymaking. The Commission should work with relevant stakeholders to strengthen SSAC’s membership – helping to identify suitably qualified women, European and like-minded individuals (from any region) who have the requisite skills and who are capable of influencing a moderate, security conscious policy debate throughout ICANN.