Dynamic coalition on the Internet of Things Meeting
at the Seventh Annual IGF Forum, held in Baku, Azerbaijan
8 NOVEMBER 2012, 11:00 CET
WORKSHOP 247: COMMUNICATION WITH AND AMONG OBJECTS – HOW CAN WE ENVISAGE THE GOVERNANCE OF AN INTERNET OF THINGS
This text is being provided in a rough draft format. Communication Access Realtime Translation (CART) is provided in order to facilitate communication accessibility and may not be a totally verbatim record of the proceedings.
The transcript for download can be found here.
>> Okay, ladies and —
>> WOLFGANG KLEINWACHTER: Hello? Hello? Okay.
I think we have people here. Everything is running late, but ladies and gentlemen let’s start the session now on the Internet of Things.
Welcome. And I’m very thankful that, you know, we have now a very excellent panel here of high level experts. We have some last-minute changes and also substitutes. You know, I have to apologize that Fiona Alexander is not able to come because she left today. And we missed Robert Kahn because he could not travel to Azerbaijan. And we are still waiting for Hong Xue.
We have Geoff Houston from APNIC. Megan Richards from the European Commission. Matif Baderman, he joined, and he is a board member of the Public Internet Registry from the University of Syria. He was also a member of the EU Internet of Things task force. Also, also, we have Avri Dorie who prefers to sit in the background and he will give us a bit of an introduction because he is also deeply involved — was deeply involved into one of the research projects of the European Commission on the Internet work of the future, where we had the special research project on the governance dimension of things.
We did a similar workshop one year ago in Nairobi and we decided that the subject still needs more clarification, more discussion. Internet of Things was a project which is not really defined, what does it mean? It started around ten years ago, when it became clear that there is an opportunity to link objects to the Internet. And there was a combination of two different things. On the one hand, you know, we know the barcode which has a lot of information on a lot of objects, but the barcode was, you know, not yet linked to the Internet. But with the emergence of RFID chips and then the location of IP addresses to objects, this changed the situation. Around seven or eight years ago, people said this is a new dimension of the Internet and they called it the Internet of Things, contrasted to the Internet of computers or experts of people. Since then we tried to find out what really the Internet of Things is, whether it’s only a new application, like you see other applications, search engines, social networks or whatever comes out, on top services, or whether this is really something new.
The French Government a couple of years ago had the idea that the ONS, the Object Numbering System, looks rather similar like the DNS, the Domain Name System, and we have a system for that. So the idea was that we need something for the ONS, the Object Naming System. And we had a long discussion about whether we need one route like in the DNS or whether there should be a federated route. And the European Commission was helpful in promoting research to get more information about this. And Commissioner Kroes created a task force 12 years ago to find out what are the dimensions.
So this is a great opportunity and you have a lot of other opportunities where you can introduce new services, new applications, which bring more opportunities and more choices to users and create new options for all kinds of small-, medium-sized and other big corporations. So it’s a wonderful opportunity for the future.
But it has also some implication, particularly for privacy and security. So the question was then also is there a need for a special governance structure? And within the various projects of the European Commission, there were — they came out with two different approaches. One group said yes, there is a need for IoT governance and we have to create a new mechanism to govern the Internet of Things. The group was called (inaudible) and just recently in a meeting in Venice, in June this year, they proposed the establishment of a new International organisation or even an intergovernmental organisation for the management of the Internet of Things. And there was another research group, and I was involved in it, and they said no, the Internet of Things governance is just not different from the Internet governance we have. There is no need for a special mechanism. It’s too premature so it makes no sense to start with a governance mechanism when it’s still unclear what the Internet of Things is indeed, and we have no accepted definition. And we also argued that the privacy issue raised in the Internet of Things, which is a serious issue, are not so fundamentally different from privacy issues in social networks and in search engines, so we don’t see that it’s so different from the Internet that it needs a different mechanism.
So the conclusion was that the existing Internet Governance ecosystem can accommodate all elements which are raised by the Internet of Things and there is no need, at least at this stage, to move forward towards the establishment of a new mechanism or a new organisation.
So this is more or less where we are here today. So we have not yet a clear consensus, a clear understanding of, A, what the Internet of Things is and what the Governance dimension of an Internet of Things could be.
And that’s why I want to turn this workshop more into a brainstorming so that we will not present already fixed results, but we will discuss this from various issues. And I think all the people here on the podium have enough knowledge, and my understanding is that Megan Richards has to leave already in a couple of minutes and so I would just ask her to start and to give us a little bit the background what the European Commission has done and what the plans are. Because after the restructuring, the Internet of Things disappeared a bit as a priority and now Cloud computing is more important. So it would be certainly of interest for the community here to understand what the midterm plans of the European Union are. Thank you.
>> MEGAN RICHARDS: Thank you very much. First of all, it’s a pleasure to be here. And, Wolfgang, thank you for inviting me. Thank you for promoting me. I see that I was Deputy Director General. I was acting for most of the year, but I’m not actually Deputy.
If you have an interest in the Internet of Things, it’s still very much something that we are very much interested in, in the European Commission. And we have a proposal to write a European Commission communication on the governance of the Internet of Things, which I think I spoke to you about at the last — last year’s IGF to tell you a bit about where we were and what was going on.
We have an expert Working Group on the Internet of Things, which is divided into a number of subgroups, looking at issues such as personal data, ethic, standardization, et cetera.
And these are of course very important aspects to look at how the Internet of Things works, what are the implications, et cetera. It was never intended — and I think Wolfgang said quite clearly that this was the case — it was never intended to develop a new and separate or parallel Internet of Things governance group or structure.
The question is that because of the nature of the interconnection of things, and the interconnection between people and things, there are a certain number of issues, as I mentioned, personal data, standardization, ethics, et cetera, that should be looked at perhaps in a little bit more depth and the particular aspects that are identified and attached to those issues.
So that’s what the expert group has been looking at and has been working for at least a year, perhaps a bit more. Wolfgang probably remembers the exact dates. And I used to be responsible for the directorate that was looking after this expert group.
And as I said, it’s continuing to work, with a view, as I said, to developing communication of the European Commission on governance of the Internet of Things in the European context.
With the reorganisation of our Directorate General, and you don’t want to know all the gory details of how, why, where, the Internet of Things continues to be a priority. We continue to work on the expert group. The problem that is perhaps perceived by some of you in terms of its prominence or its identity or the awareness of Internet of Things is perhaps because the activity on Internet of Things is now in the unit that is looking after Internet security. And that group of people has been very much occupied over the last few months, and particularly since the reorganisation came into effect, which was the first of July, that group has been very much occupied with developing a Commission communication on Internet security. And this is why, perhaps, some of you haven’t seen so much activity or have perceived that there is not so much activity in Internet of Things or that it doesn’t seem to be as important.
It continues to be important. We continue to do the work, but I think some of these other issues like the Internet security communication and of course the cloud computing strategy have been perceived as taking over perhaps a little bit of the work. That doesn’t mean that we have lost interest or we’re not continuing to work as much as possible on it. But these other issues are certainly politically very active and perhaps taking a bit more interest.
So that’s where we are. The Working Group continues to — it’s very active. And we originally hoped that this communication on the governance of Internet of Things would be ready by the end of — I think our original planning was the first quarter of 2013 and that planning is still on. We hoped that we might even be able to advance to the end of this year. But I think we keep still early 2013, let’s put it that way. The first half of 2013 is where we plan to have a communication.
>> WOLFGANG KLEINWACHTER: Okay. Thank you very much. This brings more light into the process.
Professor Rolf Weber from the University of Zurich is a member of this task force, and so he is also in the subgroup for IoT governance. And probably, Rolf, you can a little bit summarize what has been done so far and what are your prospects for the future.
>> ROLF WEBER: Well, thank you very much, Wolfgang. I appreciate, in fact, that Megan has given some kind of commitment to the work related to IoT, because as it has been said, the relatively large group met maybe four times a year, was correctly split into I think five groups at the beginning, and afterwards even six subgroups have been established on ethics and subgroups are looking at privacy and security and standardization, as has been said, and also at governance.
And, in fact, in early spring of this year, some kind of special questionnaire has been submitted to the public and a couple of answers have been collected. However, probably as a member of this group, I should also say that in the recent past, we not too much have the impression that we would be back, so the last meeting has been cancelled, which was called for September. The next meeting scheduled for next week has been shortened. And in so far as it might have been caused by a coincidence of incidence, like the restructure, like the emphasis on Internet security, but nevertheless we understood as a critical mark, just as a perception on the side of the Members of the Working Groups somehow, the drive was not anymore as strong as it has been. And members of the group still do not know, for example, the outcome of the responses to the questionnaire. And probably next week we are going to see how that various elements are to be taken up.
As far as governance in particular is a concern, I think I should say to be fair that not a specific scheme of governance is envisaged to be proposed by the experts, as Wolfgang already mentioned at the very beginning. Probably the skepticism amongst the members of the expert group being involved in law, as myself, or political media science, as Wolfgang, is at least not weak to say in reluctant terms. And we rather think that specific topics should be tackled, that privacy standards need to be strengthened, and of course standardization is very important. And I do not want somehow to monopolize the discussion, but I think we should also look much closer at competition law which has not yet been done.
I think I’ll leave it at that for the time being.
>> WOLFGANG KLEINWACHTER: Thank you very much. And I think Rolf’s statement reflects a bit that we are still struggling with the basic understanding what is exactly the Internet of Things and what are the needed actions and the postponement of the communication of the European Commission indicates also — sorry? Can you speak to the microphone?
>> MEGAN RICHARDS: The communication has not been postponed. It was always foreseen for early 2013. That was always our target. I think the first quarter of 2013. And as I said, it’s still for early 2013, whether it’s still in the first quarter or closer to the second quarter, it’s still always 2013. That was always the initial target. It was never planned for 2012. At one point we hoped we would advance it to make it 2012, but that was never the official plan. Not at all.
And as I said, the only reason now that perhaps it seems that — and this is a perception, it’s not the fact, but it seems perhaps it’s perceived as not being the very top priority is because the cybersecurity and Internet security communication is taking so much time and effort and the same people are working on these two aspects. Because the other one is urgent and has to be done right away, perhaps you haven’t seen so much visibility.
>> WOLFGANG KLEINWACHTER: This is very helpful. This clears a bit the air. However, at least my understanding is that we still are struggling with the basics. And last year in the workshop, Fiona Alexander was here, we discovered that the U.S. Government and the European Commission don’t have the same approach to the understanding of the Internet of Things. And Geoff Houston was also in the workshop last year, and he also, you know, from a perspective of the Asia Pacific arm, he argued that it’s just a technical service and not, you know, something which is so new and different.
Geoff, probably you could reflect a bit about how you see from Australia, from the Australian perspective, the activities of the European Union.
>> GEOFF HOUSTON: Thanks. I’m Geoff Houston and I work with APNIC. I’m not a citizen of an EU country. I don’t enjoy EU funding for any of the work I do. So I can look at this and express by bemusement that I find the entire thing strange. It seems that you invented it backwards. You create a statement, Internet of Things, and then you try to get a problem statement and then work hard to generate a solution for your so-called problem statement. It’s all computers. It’s always been computers. It always will be computers. Some of them are big with lots of buttons. I have one here. You probably have one, too, some have fewer buttons. Is there any difference between the two? Not really.
What if I embedded all the way so that you never actually see that there is a computer inside there, is it still a computer? Of course it is. Any difference? None what whatsoever. The same stuff.
Why do we use the same set of Protocols? Because it’s cheap. They are openly available and I put it on the same chip. Done.
So to my mind, this is like saying the consumer electronics needs governance, that there is deep issues about my refrigerator in terms of identity and privacy, that my washing machine somehow needs new regulation about how it should operate its on and off button. This is insane. It’s just computers.
And, realistically, all we’re trying to do is put forward a decent infrastructure to allow them to do a bit more than they currently do. So I do have this refrigerator and it’s cool. It has a motor. It stores my perishable food and that’s really good and I like its function. What if I put a computer in there, well, it has one, so what the hell. What if I put IP on there and did WiFi, what could it do? Actually, it could do a lot. If I was in New York two weeks ago, and it knew that there was a storm coming and there was likely to be a power surge, and if it was good it would fill up a few tanks of water in the refrigerator and freeze them. So when the power went out it would stay cooler two days. I would say thank you, fridge, I’d pay a bit more, not a lot, but it’s just a fridge but I’d do that.
Does it need governance? Does it need an existing DNS? Why for God’s sake? Does the existing one work? Of course it does. If you look where the DNS is today you find it in all kinds of devices already, and we will continue to go there. It’s available. It’s open source. And it’s the cheapest way of doing it. Why reinvent the wheel? This is the exercise of bureaucracy to a nonproblem. I don’t understand why there is any need to separate out computers you can see from computers you can’t see, and somehow claim that this is an entirely separate universe that needs some distinct governance mechanism. Sorry, but maybe it’s just my Australian sense of perspective, but I just can’t see it. Terribly sorry.
>> WOLFGANG KLEINWACHTER: Thank you, Geoff. And Megan wants to reply immediately and clarify some of the issue, probably.
>> MEGAN RICHARDS: First of all, as I said, the European Commission communication is foreseen. I never said anything about legislation. There is no intention whatsoever to legislate on Internet of Things. That has never been our intention. The issues that are identified or the issues that were identified by the expert group is not a parallel universe. But how Internet of Things and communication, things to things and people to things, has implications for issues like standardization, like personal data protection, et cetera.
It’s not to develop or create an alternative universe or to do anything else. It’s to look at issues and identify where problems or issues might potentially be there. What needs to be looked at in the European context in the future. It’s not to regulate or legislate it. It’s a policy review and identification of issues. Let’s put it that way. I think that’s the best way of identifying it.
And to come back to your intelligent fridge, I’m sure that you have a fridge that tells you that there is a storm coming. But my fridge would probably tell me to stop eating so much chocolate and you’re putting on weight and maybe you should think about having fewer carbohydrates in your diet. Your fridge is probably more friendly with you than mine might be. But there is an important Consumer Protection element in this as well. So it’s not really anything more dramatic or exotic than that. Perhaps the word “Governance” is what makes people a bit concerned or upset.
And I know in the other workshop where I’m supposed to be in parallel, they are talking about governance of eIdentity, and we say we shouldn’t talk about governance of eIdentity. We should talk about sharing and interchange. So perhaps the word “Governance” is an unfortunate word, and I’m willing to accept that perhaps that is not everyone’s cup of tea.
>> WOLFGANG KLEINWACHTER: I think that’s very wise words. But what we have identified as issues, not probably for governance, I think are privacy issues involved and data protection. For instance, you know we identified the critical moment is if the object meets the subject, and then you have a new dimension for tracking and tracing. So that means if you buy shoes and there is an RFID chip and the RFID chip is not disabled when you pay with for them, then somebody can follow where your shoes are if the chip is not disabled. So you have to look for safeguards. Not that you’re an expert in privacy, but you know the man who says with this IP version 6 we can do more and more and more things. How you relate from your perspectives and experience in the last ten years, this debate is to the future.
>> LATIF LADID: Thank you. Well, the experiences is not only from the last ten years, but from the last 30 years. When we don’t know the experience that we have or we have not understood the lessons that we learned from the first Internets from before, we repeat the same mistakes with the new one, too.
In the past we had just networks and IP came as an open standard and glued them and we have got the Internet. In the Internet of Things, we don’t really yet have an Internet of Things. We have networks of thing. If you look at the man who defined the word IoT who is Kevin Ashton in his work that he did at MIT back in 1998, where he worked on the EPC Protocol, and coined the “Internet of Things” although nothing was connected to the Internet, at least he had the vision that it should become part of the Internet. But an soon as it becomes part of the Internet, basically anything that we do with the Internet applies to these things as well.
I agree with Geoff, although not in those harsh terms, because I know he puts things so bluntly. So the lessons that we have learned from v4 we have to apply them to v6 as well as to Internet of Things. And it’s a huge educational process that we have to go through. If it is very obvious to Geoff, it’s not obvious to the rest of the world.
So we have something which is important, which is that we have seen reluctance of most of these RFID and Zigby to be reluctant to move to IP. It’s only recently that they started to adopt IP. And IPv6 was harder to accept. So they see it from an immediate adoption perspective.
Now, the ETSI started a new initiative called 1 M to M, so it will create a kind of thing like the standardization effort at least to get the Asias to work together with Europe and the U.S. in a similar fashion, because the fragmentation in the Internet of Things is quite huge. China will have its own Internet of Things protocols and you have to adopt them as well if you want to be in their markets. In China, you have Eqinet, which is totally different than what we are doing in other places.
The Internet of Things is not new. We have a propriety of things today that exists. So one of the things we have to do is how to make it easy for them to keep their legacy solutions today, and then show them a smooth transition to IP, and in the research we have to look at the next Internet of Things, which is you know how it can be IP directly connected. Because this is what Geoff said, I can do a lot more with it than if it is just kind of an intranet of things, this is what we have today. Today they are not totally connected.
I still have the option to make it available to anybody and still I would like to have my privacy and so on. And I think these are the issues that need to be addressed. And the solutions we have in the market so far are really mediocre, if not that much — you know, promoting the Internet of Things idea as it should be.
In terms of the DNS, I agree, we have DNS. It’s working. Anything which is open source is the best thing that can happen to us. But Kahn created what is called the handle system. And the handle system has something that DNS doesn’t have, which is authentication, and a better mobile authentication. So if the device moves around, we can still find it. And the price is almost zero.
So with the billions of things coming onboard, I think we should add to the DNS something like the handle system, which is now used in most of the big libraries where you can find the books and that kind of stuff.
Obviously the DNS world is not going to like it, because it will take away money from their pockets, but most probably for the research world it’s a good thing to look into.
That will change just a bit. I think the security and privacy in that area, it could enhance it, because the DNS still need to be fixed, because it’s not fully secure as such. And probably too expensive for — once you give DNS to each device. So I think we should do a bit of research.
>> WOLFGANG KLEINWACHTER: Okay. You consulted on the Netherlands, but you’re on the board of the registry. In the discussion, this was, okay, if we at the moment, everything is happening on top of a dot com domain. Massimilliano Minisci could also not come because he is busy in Brussels. And when we had a number of initiatives, Martin, a lot of these registries, we are planning to do something. But then they realized there is no market for it. So that means the only ccTLD that achieved this was from France, but nobody used it. I think that it appears that no, we have no interest.
But at the same time you are a consultant. That means how is your perspective from this, from the practical point of view of the registry and from your practical experience as a consultant about this situation where we are now.
>> MARTIN: Thank you. First, I’m on the board of the public registry, but this is not the position of the public registry on this. We are part of the DNS and ready to serve.
From the perspective of the overall picture, I see that the Internet as we know it today is not the same as it will be in a couple years from now. And there are several drivers of that. The impact of search engines and how they develop is one.
The things are going to communicate with us and I believe increasingly so, also in connection with the Internet. It will greatly influence how the Internet will develop. Data will become accessible. It will allow services to become available that were never possible before.
And I think it’s important that we realise that. And even today there is a lot of talk Internet of Things yes or no. Things are going to communicate with us. Things are going to provide data on the Internet, whether we want it or not. And we better think about how this works in our infrastructures.
We have governance structures and these governance structures evolve as the Internet changes and should continue to do so. Today we are very much involved with talking in the ICANN circles about how Government finds its place where it hasn’t really stepped up before; that’s one of the changes. That’s because it affects society. Well, the future changes, like social Internet, like objects on the Internet, they will affect that as well. So that is just going to happen.
Who is going to provide emphasis for that? I don’t think they need a domain name, but they will need to have a unique identifier, so much is clear. I would just plead next to what we do, go and spend some real time in realising what it means that objects are becoming part of our ecosystem. That’s the first thing.
The second thing is that yes, privacy issues, there is a lot to be said about it. Some people say as soon as there is a privacy issue, stop everything, drop it, don’t use that data or protect it or prevent that. I think it’s too simple. I do think masses of data more and more will become available via the Internet and I do think society can benefit from that.
It does mean, however, that on privacy issues, we start to get a different debate. We start to make people aware of what becomes possible, and how these things evolve. And there I can see that the sooner we get clear on where we would be happy for that future to go, as a human population, the sooner we can make sure that the architecture reflects that and built in possibility to deal with that is there.
Allowing us to benefit as much as possible from the blessing that the availability of all this new data brings, and making sure that we are aware of the dangers that it brings, and build in the appropriate mechanisms to prevent abuse from this thing that is going to happen, more and more data are becoming available on the Internet.
>> WOLFGANG KLEINWACHTER: Thank you, Martin. Maybe I also invite the audience, you know, to ask questions or to make statements, and you know I would like to start with Avri, because he was an observer in this process and an actor for many, many years. And we need a microphone for him. And could you also probably reflect a little bit — you cannot hear me. Okay?
>> AVRI DORIA: I can still hear you.
>> WOLFGANG KLEINWACHTER: Go ahead.
>> AVRI DORIA: Thank you for not having me sit up on the panel or not making me sit up on the panel. I actually have an advantage similar to Geoff’s, but sort of the opposite, in that I managed never to get paid by the U.S. or EU to think about the Internet of Things. Ever since I encountered the Internet of Things I always was oh, I like that. Ever since I encountered the Internet of Things, I have always been totally upset about the name of it. Because I think the name of it has mislead us into thinking that it should be something other than the Internet, that it should be something other than another overlay of an application over the Internet.
But when we look at it that way, we actually see that we have got a couple problems in that as I think it was Lafif was saying, various people used different mechanisms, they started out in different ways, they formed themselves in different ways. We have seen that the scope of authority that people apply over these separate networks varies and bridges the various networks. So we build.
But by calling it an Internet of Things, we have sort of taken it away from problems that we have in the Internet with other applications. And so I do think that there are complexities. I think that these complexities would actually help us if they were mainstreamed, as it were, into the actual Internet discussions, Internet discussions on complexity, Internet discussions on scaling factors of, you know, the users, the instruments that have addresses.
On problems with scope of authority, being both — I mean, being largely American and spending a lot of time being funded by other work in Europe, I’ve sort of taken two perspectives, although I’ve been admonished that there isn’t a European perspective on the Internet of Things. Whenever I tried to say oh, I was going to work for a while on trying to figure out how to compare the perspectives between the U.S. and Europe on Internet of Things, I would get a: “There is no European perspective on the Internet of Things,” from various people. And so — but the fact is one group looks at it as this is another overlay over the network. And until we find something that makes it different than it really is just a problem that we should look at. We should look at it as privacy with perhaps a larger scope. We should look at it as addressing and how we deal with multiple addressing formats. We should look at it as authority scopes, when they cross other boundaries.
So how do we deal with that transnational? How do we deal with the privacy? How do we deal with that?
But it seems to me very important that we actually keep it as just one more aspect of the problems we’re dealing with in the Internet generally.
Now, if people in the Internet of Things go and say, you know, before, v4 not enough addresses for us and we can’t use it, V6, who knows when that is going to happen, another 20 years perhaps before v6 is globally usable, so we can’t solve it there, if we have people that say listen, we came up with our own addressing, Internet of Things had its own addressing before v6 was created, before whatever, we want to keep using it, then it does bring up an interesting problem of Interneting the V4 network, the v6 network, which is already something that we do, and whatever network they’re using.
Now, that is a problem that has been with us on the Internet since the early days of the Internet, when we would have various protocols and we would find ways to connect those networks to each other to make things work. To allow things to cross various borders.
So I think it’s an interesting topic, but the more we try to put it in a box called “Internet of Things,” the more we confuse ourselves. The more we sort of — and in this I guess I almost agree with Geoff, but not with his panache — but I do agree with the fact that it’s bemusing on calling it something different, calling it something special as opposed to just another aspect of the complexity of the network that is evolving.
>> WOLFGANG KLEINWACHTER: Thank you very much, Avri. And my understanding of what Megan said with the plan to have communication, is that the communication should contribute to clarification. And it’s like raising awareness that we understand the issue a bit better. But I would ask Geoff what he thinks about Robert Kahn’s handle system and this plan to have this digital object numbering authority, you know, is this the right reaction to this and, you know, how this is related? Latif said this will take away something from the DNS. You know how far this will go.
Unfortunately, Bob is not here so he cannot tell us about it. And I want to thank Megan for coming to us and I hope to see you next year again on the IoT workshop here with the IGF in Indonesia. Thank you very much, Geoff.
What is your comment on the Robert Kahn system and the DONT?
>> GEOFF HOUSTON: The DNS has been perdigious. It generates billions of dollars a year to all kinds of folk who have no idea how the system works or what they use it for. Most of the money inside the DNS system goes to names that have no functionality on the net. They are just ghosts. The DNS is truly prodigious. A huge amount of money.
So what do you do if you want money? Well, one way is you go and invent an entirely new family of application for the DNS. And then you have a captive market for a whole bunch of new domain names. So you can argue that the ENUM exercise in telephony had nothing to do with telephony, it had nothing to do with the bypass mechanism, and it was just selling domain names. And it’s a lot of money. You can argue that IDNs in another cynical view was just a way of just making money. One could argue that the Internet of Things was an attempt to try to connect a captive market for names. And there were so many things and they all need a new name. So one way is to put things into the DNS and capture the new market and get one dollar per domain name per year, because the DNS is perdigious. Or you can create something like the DNS. It looks and smells like the DNS but you don’t have to pay ICANN.
In some ways the DNS is able to do anything. If you clue NAPTAS and SNAPTAS, you have an expression language. You can do what handles do. You can do relocation, what did Latif say, authentication and replication in the DNS. Authentication you can do DNSSEC. There is a lot of that out there already. It’s growing every day. So the DNS is truly capable.
But sometimes folks just want to go off to one side and create their own perdigious field and handles is one of it. You can do handles in the DNS if you want to or you can invent your own name system. But every time that we tried to do a new identity system, God knows we tried 20 times over the last decade, every time it’s new technology we need a new identification system. You think about the properties and you work through it again and again and again, and ultimately every single identity system looks a lot like the DNS in the end, and you start asking yourself why don’t we just put it in the DNS?
So almost everything that we have been able to do lately oddly enough has been put in the DNS and the last has been the effort of DANe, which is now putting domain certificates into the DNS. It’s now coming to a sunset and now you can self sign into the DNS and allow DNSSEC and security in the DNS to do all of that. So I don’t think that handles are not encompassed in the DNS. The DNS works and it’s amazing. And the DNS works everywhere.
Now we are seeing devices in the DNS. A few years ago we saw that the loads of the route key, the route of all the DNS jumped from 4 thousand a month to September, where it reached 353 million in one month.
What could possibly have caused 353 downloads of the route key of the DNS in September? It started on September 19th. All the phish fetches were signed by Apple and it was the time IOS 6 came out. Now we are seeing hundreds of millions of devices with their own DNS with their own security, that are now autonomous from their environment. Welcome to the Internet of Things. It’s the Internet we are in now. I don’t understand the distinction. Thank you.
>> WOLFGANG KLEINWACHTER: Thank you very much. Latif, I expect that you want to say something.
>> LATIF LADID: It’s about money. The handle system will cost per country $50 a year, period. You’ve got billions and billions of DNSs. Well, that’s the difference.
And it depends who is going to promote it. It’s a question of marketing. Does Robert Kahn — and I hope he is going to maybe at least send us a message about what he wants to do with DONT, which is co-promoted by the ITU, which will create another issue for sure. But the ITU is not involved directly. But I think it’s for — I expect for developing countries, and so on, this could help in the education sector, in the libraries, in the Governments. So not to be prey to DNS outfits, I think it’s a very good thing. We have it running with v4 and v6. So it’s — it’s not the ultimate solution, but I think it can do the work the same way like DNS is doing it. But as Geoff said, we had 20 of them in the past and the only one that made it is DNS. Because to a certain extent it’s open standard. And open standard is something that nobody can fight. You can resist for a decade, but at the end open standards win.
So this is — most probably the question is how open the handle system is going to be and then how the trust mechanism per country, who is going to delegate the trust in each country? And I doubt that the Government should be the trust entity for the trust, because you have to — you know, to double secure the key between them. That could take a bit of time to deploy. So most probably deployment is going to be a factor of either success or failure.
>> WOLFGANG KLEINWACHTER: Are there more questions from the audience? Please introduce yourself. Is there a microphone here for the gentleman in the… in the second row?
Thank you. Can you introduce yourself?
>> AUDIENCE: Hello. May name is — I’m — am I heard? My name is Ian Fish. I’m here on behalf of BCS, the Institute of IT from the UK. After last year’s IGF, I went to and I thought to myself, why is there nothing in BCS dealing with the Internet of Things? Because it’s such a big coming thing. So I set up a Working Group in BCS, which is an institute in the UK. And we discussed all sorts of things in the last year. And we never discussed governance for the reasons that were described this morning, because we saw it as an integral part of the development of governance on the Internet as a whole.
But one of the things that came up, and I’d like like the panel’s view on it if possible, there were statistics that show that the majority, the vast majority, probably, of interactions of the Internet of Things, when it comes into full operation, it’s not just an intranet of things as described at the moment, will actually be machine to machine. And it seemed to us that in some ways that might affect some of the big issues that you were talking about earlier on. I just wondered if you had views on that.
>> WOLFGANG KLEINWACHTER: Somebody wants to — Martin?
>> MARTIN: Exactly. This is one of the things that we don’t get to talk about, because we usually limit ourselves to governance and privacy. And it’s these elements that will affect also the work of the IGF and other bodies that have to do with the development of the Internet.
It means thinking ahead of where we’re going, and it’s so obvious that it’s going to happen. And as you said, whereas even maybe the vast majority will be with communication between things, it still means that it has requirements for how the Internet is set up, the load balancing and whatsoever.
So let’s start recognizing that. Let’s start to look okay, in the governance field, and Governments, what they need to do with this new world that is emerging, but also in ITF and IB and other civilizations and industrial development platforms, what is going to happen. I don’t think the Government is going to develop the future Internet. I think we’re going to continue to do it bottom-up, because it’s the best way, whatever other people say.
And we need to think of all these aspects. And then it’s very useful to just accept the fact that this is going to happen and then from that point start checking your own domains, what is in there and how you can contribute to that.
So I very much agree with you on that.
>> WOLFGANG KLEINWACHTER: Okay. Geoff?
>> GEOFF HOUSTON: You have a laptop there right in front of you. How many processes are running right now? About 250. How many did you start? You know, you’re not using it so you probably started none. Almost all of those processes are machine to machine. You have no knowledge about what they’re doing. If you watch your machine boot, it’s truly wonderful if you look at packets. Because all of a sudden you’re talking to the DNS, you bring in all of the peripherals, a whole bunch of things are phoning home, pulling up new updates and conflicts. Machine to machine is already what we do. It’s why we manage to make these rich environments where what you see on the screen is actually the amalgam of a massive amount of machine to machine communication. There is no difference between that and my iPhone and between that and what is probably embedded in this if it got a clue and did WiFi.
So trying to create some artificial distinction between a device that doesn’t have a screen and keyboard and one that does, or a device that for some reason is not humanly by all of the time, because I occasionally look at my laptop. But I must admit the amount of things it does in response to me versus the amount of stuff it does because it’s just sitting here, there is a lot more that it does because the power is on.
So this is already a machine. It’s a thing. And it’s thing to thing communication like crazy. So I find it hard to actually think that the future at that level is any different to what we hear now. It’s the same stuff. And that’s why it’s so inevitable sooner or later that instead of having a keyboard and screen, you cut down on the buttons and you go this is designed for humans, it’s just plug and play, I’ll just embed it here. How many computers are in your car? At least 10 or 20 now. And it will probably be 100 in a year’s time. So live with it. It’s just here. It’s nothing special. And your machinery, everything that we’re doing right now is full of machine to machine communication. It’s just what these chips do naturally.
>> LATIF LADID: I want to add, if you don’t mind. We have different standardization bodies and they invent new names for things that exist, machine to machine, developed by ETSI, although that’s what the ITF has done. But ETSI doesn’t do Internet Protocols, that is left to the IFT. So now you have unusual things that are created and invented.
As I mentioned, there is one M to M initiative, which is basically what we have. And I don’t know there what Geoff is saying is the authenticity of computing, which is wonderful. These things just work. So it’s like the routing around the world. It just functions. Nobody has to push the button and I see how the packet went from A to Z, from Japan to — that’s autonomic. And this is the beauty to enable these things.
About the future, this is not a misnomer that we have. We have the Internet. What is the future Internet? Is this just like saying that the Internet we have now is not working, so let’s create something new? It’s nonsense. The future Internet, if you take out the word “Internet” and say “Future network,” I would agree, that’s something new. But future Internet, what could that be if it’s not the Internet that we have now, it’s just bigger? Just maybe faster, no more than that? But still it’s the Internet.
>> WOLFGANG KLEINWACHTER: Thank you. By the way, I remember a meeting of the European Commission on the Internet of Things in Prague where the main session discussed the Internet is broken. And so with our four or five years later, and we see it still works and do both. So you wanted to react to the comments? Okay. Go ahead.
>> ROLF WEBER: I don’t actually disagree with Geoff. But I just wanted to explain the context in which my remarks came. And it’s actually that these aren’t really Internet problems. They are actually functionality problems. And where it came from was because one of the major drivers of our thinking in our Working Group were around issues like privacy and ethics.
And we foresaw that when functionality increased, with lots of oh sorry I used the word machine to machine. I realise it causes — it’s just a way of describing it. But when functionality increases, and a lot of it is done machine to machine, in things like eCare and eHealth and things like that, you start to get ethical and privacy issues thrown up which were not there before. So it’s really a functionality driven thing, which happens to be underlaid by the Internet, by all the devices going on to the Internet. That’s how we saw it.
>> WOLFGANG KLEINWACHTER: I’m also concerned partly about this so-called side effect of this machine-to-machine communication. So that means always — sometimes you are crazy if you have your computer, you open it and you start a programme and then the computer does what the computer wants and not what you want. And then you feel partly occupied by the computer. That means you are not the Master of the machine anymore. So the machine Masters you.
And therefore, you know, this is —
>> You should run the scanner, you know?
>> WOLFGANG KLEINWACHTER: So I’m thankful that you introduced the ethical dimension in it. So it’s the question, what is the relationship in a machine-to-machine communicated world of the individual? Is it just, you know, it becomes integrated into machine-to-machine communication or remains the master of the processes and the machines work for him? Or do they develop their own life?
So I think this is partly a philosophical question.
And also a very real question, because it’s in the design. So that means software and all of these Protocols are made by men and so it means they should be aware about the implications and the probably intended and nonintended side effect.
>> I think we did not quickly, we did not answer correctly his question.
Basically, what he meant is that — so if I make it an Internet enabled censure or whatever machine it’s on, and it talks to another one using an IP Protocol, then yes, then this is what you want to say.
Currently we have just proprietary solutions that are functioning and you want to make them Internet enabled, this is where maybe machine-to-machine should be explained. In this case you will stake an IP address, private or public, whatever you want. We have, for instance, links, and it has a smart city project, a massive one. And we have 60,000 power meters, and they give them global IPv 4 addresses. And that’s how they want it. They want everyone to access these devices. They found out that the customers at the beginning, they were looking at the iPhones to see the power that they consume.
But after one week nobody was interested anymore. So there is a bit of cultural thing to moving in that direction.
And, you know, they still say well, we have v4 addresses. We don’t naed to have v6, which is another nightmare we have in front of us.
>> WOLFGANG KLEINWACHTER: May I ask the law professor here, in this machine-to-machine communication world, is there still a role for law or is this just let it go, it’s only protocols? And you know I would not say that it’s the end of the law, but you know what is the role and function of law and public law in this coming world?
>> ROLF WEBER: Well, as a law professor, I think I need to defend law, otherwise I would become unemployed, which would perhaps not be too much of a tragedy because I would have many other ideas for the rest of my life.
But I think I would like to step back a little bit and you most likely heard from my first intervention that I’m not a promoter of a narrow network of legal rules. But when listening to Geoff and maybe a little bit accelerating, I got the impression that some engineers are of the opinion that law is not needed at all. And if this is the statement, then I would in fact object.
And I’m really glad that you mentioned eHealth, because as soon as we come into the field of eHealth, then even if it is a machine-to-machine communication, even if at first instance a person doesn’t seem to be involved in the — you know, I’ve been confronted with privacy problem, and then we do have a legal issue.
Furthermore, at the end of my first intervention, I very shortly mentioned that we are on or we might run into problems with a competition law. Should it be the case that terms of service of a market dominant infrastructure provider ought to be accepted without discussion? And is it in the public interest that we do have an equal amount of rights and obligations and perhaps to be a little bit sarcastic, would it be a good idea that Geoff gets an intelligent refrigerator, but I get a really dumb refrigerator, not really knowing anything? That is not an example that works.
But in fact we have something like justice, like equity, and if we look at these issues, then I think even if I would withdraw from a narrow network of legislation, we need to have some basic principles of law applied, even after my retirement.
>> WOLFGANG KLEINWACHTER: Geoff, could you accept this?
>> GEOFF HOUSTON: Well, so far what we have had is a system where the area of telecommunications inherited I think its legal perspectives, actually, from the older world of messaging and postal services. And we developed the rich surrounders of that service with something called the common carrier. That the carrier is not liable for what they carry, the individual sender and recipient are liable for that material and the carrier can move those goods without fear. The carrier is liable to do the transport.
>> GEOFF HOUSTON: Liable only to do the transport and not the content. Now we see in the new world a lot of folks trying to pull that apart, and the Intellectual Property people are basically saying the carrier is responsible for everything, as long as it concerns our content, which I find just incredible.
But beyond that, we find that what is on Web sites and what is in applications are not covered because it’s not the transition. I heard a presentation from a U.S. Trade commissioner about the behavior of the management of your data on a web site. And if I understood her correctly, it wasn’t a privacy issue, it was whether the web site accurately described what it was going to do with your data. And they said look, we’re going to sell it to the highest bidder and we couldn’t give a stuff about your privacy. If they did that, that’s okay, because they weren’t lying. If they said something else: We deeply respect your privacy and we respect your privacy and then they went and sell it, that would be bad.
So we don’t have something that puts the same respect for personal data inside other areas where data is collected and aggregated.
Book readers, all that stuff coming from Kindle and Barnes and Noble and so on, you buy the book, but they look at you reading them. They know every page you spend time on. And they know how long you spent reading the page and what they call the data exhaust. When you phone home back to the book shop, your reading habits are sent back to them. That’s in another country. If it happens to be under the U.S. it comes under the term to the US Patriot Act. But what if you’re a citizen of EU or about Australia, what is going on? Let’s say I buy the refrigerator and it has cameras? Who is the problem? The service provider that lets the data through or is it the manufacturer, or the application designer who is in Taiwan or the fridge product manager who was in Germany? Who knows?
So we find in this rather complicated world we would like protection for individuals, but we have no way of knowing how to apply it. So the best we do is this rather strange system where everyone is meant to say up front what they do and if you lie, that’s bad. But as long as you’re honest about the fact that we will sell your data to the highest bidder, that’s okay. You all use credit cards, they sell them. You use airline frequent flier points, they sell your data. So I wonder exactly who cares about this stuff. I’d like more protection and I find the whole legal process lagging about 50 years behind reality. Sad but true.
>> WOLFGANG KLEINWACHTER: Do we have an answer to this? You ask good questions, but you did not answer it.
>> GEOFF HOUSTON: I’m not a lawyer.
>> But I can say of course our legislation is lagging back. But at least in certain instances, privacy laws are now applicable. We do have a major problem that the level of protection is different in the different countries. But social networks were involved in privacy litigations more and more in the recent years. We gain now experiences with such kind of proceedings. Google and Facebook had to at least adapt their policies to a certain extent. Again, the development is very slow, but I would not say that the whole efforts are helpless.
And as you have heard, I have not mentioned as an example copyright, that is a completely different picture. And as soon as we are talking about copyright and patent rights, we are of course looking at property rules and other very difficult questions which need to be reflected from fresh in a virtual world.
>> WOLFGANG KLEINWACHTER: Okay. Are there more questions from the audience? So that we move now to the end of the workshop.
You know, I see David Cross in the room now. And you know we missed Fiona Alexander here and we had no person from the U.S. Government or close to the U.S. Government because we discovered that there is a different approach between the European Commission and the U.S. Government to the issue of the Internet of Things. And I don’t know whether you feel to be in a position to say some words, you know, how — in the United States, the issue of the Internet of Things is seen and treated. Is it a special issue or is it part of the broader discussion?
Could you say some words or… okay.
Thank you. No need for it. Martin?
>> MARTIN: I just want to bring one thing back, and that is that the Internet as it’s been developing, the Internet of Things, however you feel about that name, how much more sensors and things are coming on the Internet, it’s all been blossoming up in different areas of the world. And there may be more value in us, in society, and it may emerge and we may be able to help it by talking about it, by aligning that more, by making sure that the fridges talk and they talk the same language and we can listen if we want to. And applications like that can develop in a way that identifiers are consciously there, either for the lifetime of the product or just for a phase. Just for a phase, if it’s — if you don’t want it to be there for a lifetime. And sometimes it may be better to have it for a lifetime in the right context.
So these opportunities arise from technology to society that I would like to benefit from in the best possible way, and that means that we need to discuss those as well.
>> WOLFGANG KLEINWACHTER: Thank you very much. You have more or less started the final round and the final reflections. So if you want a final comment and what we should do ahead: Should there be a continuation of the discussion? We just say okay, we close the books about this issue? What would be your recommendation, your advice? What also the Dynamic Coalition could do in the next year if we decide to continue with the Dynamic Coalition. Latif?
>> LATIF LADID: I think this is a very important initiative as its primarily an educational exercise to explain how the Internet functions and how the Internet of Things is going to function, especially to the nontechnical lawyers, and Commission officers, and what have you. It’s very important for them to understand how this thing functions, because we don’t have lawyers that studied the Internet so they cannot really fix these things. So we have to wait for another generation or two, until the guys, they have, you know, Internet Protocols as part of, next to the other languages, you know, French and English and so on. They will be able to be educated right from the beginning and they will be quite accustomed to that language.
And then we have most probably talented lawyers that will be addressing these issues. So in terms of educational exercise, it’s very important to continue this work.
>> WOLFGANG KLEINWACHTER: Thank you. Geoff, final word.
>> GEOFF HOUSTON: Not only is the DNS pro idiom but Moore’s law is also. We can double the amount of things that we put on a chip. Computers will become smaller and more powerful and cheaper. All of those things will happen and the rate is doubling. So we wander around with dedicated devices that are communicating devices that store notes and we think that somehow things are different. In a year’s time this stuff shrinks again. The iPhone becomes smaller and lighter. You find that embedded becomes everything. The Internet won’t be a lot of specialized devices for people. It’s just in the things you use today. So I don’t think it’s anything special, it’s just where we’re going, driven by this need to get smaller and more powerful computing that the industry wants to do, driven by a need to sell at least ten billion new processes next year.
Then our environment keeps on changing. And the devices we use become more and more aware of our needs, because frankly we’re moving from a command led economy to a consumer led economy. Whatever sells, sells. And, frankly, those devices that become more helpful, and understand where they are, understand the language they should use to interact with you, are all about being helpful.
We have also found from Google that knowledge about you as a consumer is worth a massive amount of money. So the devices will look at you just as much as you look at them. And they will beam information back home. That’s fine. Frankly, that’s how you pay for them.
So yes the world is changing, but I don’t think the Internet of Things is different from the rest of this large-scale computing environment. And it’s not the Internet, it’s the apps and machines that we connect into it. It’s always been apps and machines. The Internet was just a really dumb minimalistic protocol that glued them together. Internet was not the destination, it was just the means to get to any destination you want to get to. So I wouldn’t make any distinction whatsoever. This is just about us.
>> WOLFGANG KLEINWACHTER: And this could be the very last word, because who can add something, Martin defined the final word, but the final word should go to the lawyer because he was challenged by Latif and he said we have to wait until we have a new generation of lawyers who will understand us and then they will help us fix some of the ethical and political and social problems. Do you see this new generation coming?
>> ROLF WEBER: I agree with Latif in this sense. And I want to say as a final word, we need closer cooperation between engineers, on the one hand, lawyers, economists, social scientists on the other hand. And, in fact, this generation of lawyers has grown up without the Internet. I would just say in brackets, unfortunately, the term Internet of Things has been invented by an engineer and not by a lawyer. Bracket closed.
So I think it is really important that the exchange of knowledge, the exchange of information between the technical people and the social scientists people is improving, and somehow black box legislation of lawyers who think that they have found something in this model will certainly not survive.
I would assume that the newer, younger generation might know more about the Internet, but again the education is still different. In most countries, it’s very different. Whether you are going to a technical University or a social scientist University does make a huge difference, and therefore I do not think that universities or other kind of education as such is good enough. It remains to be an objective that the people in charge work together, as we try to do here on the panel.
>> WOLFGANG KLEINWACHTER: Thank you very much.
You know, I thank all the panelists here and I thank also to the speakers from the floor. And I give the speakers an applause.
I’ll close this session and we will just, you know, immediately go now to the meeting of the Dynamic Coalition. And, you know, people who are interested to, you know, to know more about what the Dynamic Coalition is and have an interest, you know, probably to continue with its work should remain in the room.
I think the meeting will be very short, not longer than 15 minutes. But you know for bureaucratical reasons we have to have this meeting and we have to make one decision, whether the Dynamic Coalition should continue or whether we should close this and say okay, we have discussed this issue for a couple of years, and now we end it. So it’s my — people who have an interest in the subject, if you could stay in the room, we will make just a three- or four-minute break and then continue with the meeting of the Dynamic Coalition. Thank you.
(End of session 12:30 CET)