DENIC-Hosted 2018 Domain Pulse Conference Revolving around Digital Change between Freedom and Security
Can digitisation succeed if technical feasibility is the only yardstick it applies? What can the digital economy do to help minimising the risks that go along with the next step in the evolution of the Internet – the Internet of Things? Does additional surveillance by the state actually bring about additional security on the Internet as policy makers tend to promise?
The Domain Pulse conference, which was held in Munich on 22 and 23 February 2018 under the heading of "Next-Level Evolution: Homo Digitalis", provided interesting propositions, forecasts and answers to these and other highly topical issues. About 450 visitors followed the presentations and panel discussions of international experts at the well-established industry gathering, which has become the most important annual event on topics, evolutions and trends around Internet domain names in the German-speaking area. Organised annually in turns by the registries of the country code of Austria (nic.at), of Switzerland and Liechtenstein (SWITCH) and of Germany (DENIC eG), this year's two-day conference was hosted by the .de manager, DENIC.
Digitisation and Society: No Chance for Success without the Human Factor
In his keynote "Digital Enlightenment - Enlightened Digitisation: From Naivety to Humanity in the Digital World", the trend researcher and futurologist Matthias Horx, who also founded the renowned think-tank institute zukunftsInstitut, dismantled the widespread digital dreams around algorithms and artificial intelligence. Only those value-added models could be taken truly serious and considered viable for the future that were based on the assumption that, in order to view and shape the future in a human context, digitisation must enter into a phase of civilisation or it had to fail. "So far, the Internet has been a kind of Wild West. It's only now that a planetary civilization is emerging - and we're all the pioneers", Horx concluded.
Is there a Means to Curb the Risks of the Internet of Things? Yes, the Domain Name System!
The special threats the so-called disruptive technologies of the Internet of Things (IoT) pose to the global society and the means the DNS industry as the operator of the Internet's basic infrastructure may provide to help reducing these risks, were discussed with the audience by the independent policy advisor, Maarten Botterman. He has been involved in IoT policy research for the European Commission for 15 years and chairs the Dynamic Coalition of the Internet of Things within the framework of the United Nations' Internet Governance Forum (IGF). In a world where billions of new IoT devices were going to be connected with the Internet each year, with estimates of 20 billion devices by 2020 being widely accepted, the DNS industry should make it its aim to connect all these devices in a secure and intelligent way. They should consider solutions that would make the Internet more reliable (and thus secure) a task of the entire society but also an opportunity for the DNS industry to grow.
Smart Driving: IoT Put to Morality Field Test
At the round table "Smart Mobility Put to the Test: Technology and Morality of Connected Driving", two experts explicated the possibilities and technical benefits of the Internet of Things with regard to a future connected mobility, but also pointed out the related ethical challenges. Dr. Dirk Wisselmann, Senior Engineer Automated Driving at BMW Group and Prof. Dr. Dr. Eric Hilgendorf, Member of the Ethics Committee on Automated and Connected Driving of the Federal Ministry of Transport and Digital Infrastructure and Head of the Robotics Law Research Unit at the University of Würzburg, Germany, jointly discussed man-machine interfaces with regard to the societal dimensions of responsibility. In Germany, so is the opinion of Eric Hilgendorf, the measures required to keep these interfaces under control and to ensure transparency and data autonomy have already been implemented: "The successful reform of the German Road Traffic Act in summer 2017 and the work of the Ethics Commission have created a robust legal framework for automated driving in Germany, which is also considered exemplary in other countries."
Added Surveillance – Added Security?
The debate on "Freedom versus Security – A Dilemma and no Way out?" saw two prominent representatives of the freedom and security antipoles. The former Federal Commissioner for Data Protection and Freedom of Information, Peter Schaar, and Wilfried Karl, President of the higher federal agency ZITiS (Central Office for Information Technology in the Security Sphere), discussed the topic from their controversial points of view. ZITiS was set up in 2017 to support federal security authorities in digital forensics, telecommunications surveillance as well as in big data and cryptanalysis. The discussion was preceded by an introduction of Peter Schaar. Based on the propositions of his latest book ("Deceptive Security. How the Fear of Terrorism Drives us into a State of Emergency" (German only)), he demonstrated how the ongoing armament of the state designed to fight terrorism is undermining democracy and the rule of law, without having a boosting effect on risk prevention. Karl said: "Unfortunately, modern digital technologies are also abused to serve criminal aims. Thus, it is essential that security authorities stay connected with the latest technical developments. Otherwise it will be difficult or in the future even become impossible for them to fulfill their protection mandate.This would definitely not be in the interest of the German citizens." Schaar then retorted: "The assertion that surveillance leads to increased security is a bold lie. Sometimes, just the opposite is true: back doors in the IT environment and the purchase of zero days endanger IT security and destroy the trust people have in information technology."
id4me: A New Free, Open and Secure Universal Single Sign-On Solution
Single sign-on (SSO) solutions provide access to all online accounts of a user via a single defined set of credentials consisting of username and password. However, existing solutions are often too complex for many applications or, as in the case of social media SSO solutions by Google or Facebook, do not offer sustainable data autonomy. The new SSO solution id4me, which was developed in a cooperation of DENIC, 1 & 1 and Open-Xchange and is going to be launched in the course of this year, aims to fill this gap: With domain names as identifiers, the open, free and secure approach to user-specific authentication for Internet services builds on existing protocols and standards (OpenID Connect, DNS(SEC), DANE, ACME). By intelligently combining them, it will allow the user to log in to a multitude of services with a single password and also to determine with whom they will share which data and for how long. Next to explaining the roles involved in this federated solution (user, identity authority, i.e. DENIC, identity agent, i.e. registrar and relying party, i.e. shop), DENIC's Head of R&D, Marcos Sanz Grossón, demonstrated the various steps of the authentication, data provision and log-in processes in a live presentation at the id4me info booth.
The Challenge of Compliance: Setting the Course for the General Data Protection Regulation
The panel discussion that followed dealt with the impacts of the EU's digital roadmap 2020: The information security and data protection officers of DENIC as well as the representatives of two international registrars reported on the challenges the domain industry has to face in relation with the EU Directive on Security of Network and Information Systems (NIS), the General Data Protection Regulation (GDPR) and the Regulation on ePrivacy. They shared the experiences gained during the implementation process and gave tips to the congress attendants that might be helpful to achieve compliance within their own companies.
Notice & Take Down: How to Deal with Illegal or Questionable Content on the Internet?
That the opinions in the different European countries sometimes vary widely when it comes to illegal content on the Internet became very clear in the related controversial debate. The legal counsels of the operators of six national and regional Top Level Domains discussed to what extent domain registries should take action in such cases, instead of leaving it exclusively to courts and regulatory authorities. DENIC's Legal Counsel, Peter Horst, has a clear view of the German registry's position in this respect: "DENIC is not the right point of contact to which to turn when it comes to content. If DENIC were to evaluate content and delete, at its own discretion, domains through which websites with questionable content can be accessed, this would be equivalent to censorship. In a democracy based on the separation of powers, no one can seriously support law enforcement by the private sector. This philosophy of DENIC is, by the way, also reflected by the unanimous opinion of the German courts."
Domain Pulse on the Internet
The full Domain Pulse program and all information about the protagonists involved can be found on the event website. All slides and video footage will be available for download in the course of next week.
The next Domain Pulse conference, organised by SWITCH, will be held on 18 and 19 February 2018 in the Swiss capital Bern.