Tag Archive for: internet

The battle for the internet

Democracies and authoritarian states are battling over the future of the internet in a little-known UN process.

The United Nations is conducting a 20-year review of its World Summit on the Information Society (WSIS), a landmark series of meetings that, among other achievements, formally established today’s multistakeholder model of internet governance. This model ensures the internet remains open, global and not controlled by any single entity.

This model is now at the centre of a fierce geopolitical struggle. Authoritarian countries are pushing for a multilateral governance approach—one that shifts control of the internet firmly into the hands of governments. This shift would legitimise crackdowns on dissent, expand online surveillance, enable internet shutdowns, weaken human rights, and accelerate the global spread of digital authoritarianism.

Unfortunately, the WSIS+20 review comes as this approach to internet and digital governance is increasingly popular. In recent years China and Russia have made significant inroads in the UN in advancing their interests for greater state control over the internet and digital governance. In 2024, the UN Cybercrime Treaty granted governments new powers over online activity, sparking concerns it could facilitate digital surveillance and legitimise restrictions on human rights and freedoms, while the UN Global Digital Compact also shifted toward a larger state role in digital governance issues.

These developments set a troubling precedent as WSIS+20 unfolds, raising the question of whether the internet remains free and open, or whether the UN will legitimise digital authoritarianism on a global scale.

What is WSIS?

WSIS, held in two phases in 2003 and 2005, was a landmark UN summit that brought the international community together to ‘build a people-centred, inclusive and development-oriented Information Society.’ It established 11 action lines to use information communication technologies for global development and tasked various UN agencies with overseeing their implementation.

In 2005, WSIS’s Tunis Agenda formally established the multistakeholder model of internet governance that had emerged since the internet was created, emphasising the inclusion of governments, civil society, technical experts, academia and the private sector. This recognised that the internet is a network of networks, with multiple stakeholders facilitating its operation. This model—by design—also prevented any single entity, particularly states, exerting undue control or influence over the internet’s architecture. Among WSIS’s achievements was the creation of the UN’s Internet Governance Forum (IGF), a platform where governments, civil society, the private sector, technical experts and academia could engage and collaborate on internet governance issues.

Two decades later, the 2025 WSIS+20 review will revisit established principles and assess progress against the WSIS action lines. The review will consider the extension of WSIS’s mandate, the future of the IGF (whose mandate also expires in 2025) and, potentially, the expansion of WSIS’s mandate to cover emerging technologies such as AI.

The review process has multiple components. UN agencies are conducting reviews of their respective WSIS action lines. The UN Commission on Science and Technology for Development is coordinating input from stakeholders and preparing a report to be released in April. This report will inform negotiations at the UN General Assembly, culminating in a resolution to be presented for adoption by the UN in December. Throughout the year, events such as June’s IGF in Norway (the last before the forum’s mandate expires) and July’s WSIS+20 High-Level Event in Geneva will also provide important opportunities for the multistakeholder community to provide input into the review process before intergovernmental negotiations ramp up.

WSIS and geopolitical competition

With digital technologies playing an ever-growing role in the modern world, the WSIS+20 review is an opportunity to shape the future of the internet and ensure it remains open, inclusive and development-oriented. The aims and ideals of WSIS have never been so important. However, WSIS has become a complicated geopolitical battleground because of its central role in the multistakeholder model of internet governance.

For years, countries such as China and Russia have pushed for a multilateral approach, arguing that internet and broader digital governance should be controlled by states rather than through the multistakeholder model.

Some criticism of the multistakeholder system is warranted. While the model has fostered an open and innovative internet for decades, it has been dominated by Western governments and major corporations, leaving many countries—particularly in the Global South—feeling sidelined in discussions. Its fragmented and complex processes can be difficult and expensive to navigate, limiting meaningful participation. As digital challenges such as AI governance grow more urgent, many countries also see a need for stronger state engagement to protect national sovereignty and counter the unchecked power of Big Tech. Even democracies, historically the strongest proponents of the multistakeholder model, are increasingly drawn to multilateral approaches to rein in tech giants and address digital challenges more effectively.

China and Russia have skilfully and strategically used these criticisms to advance their own agendas, framing multilateralism as a more inclusive and equitable alternative to the multistakeholder model.

However, their push for multilateral governance ultimately serves to entrench authoritarian control over the internet. Both nations promote ‘cyber sovereignty’ or ‘internet sovereignty’ concepts, arguing that states should have absolute control over their domestic internet governance and effectively justifying their digital authoritarian practices.

While their push for increased multilateral cooperation may appear constructive on the surface—multilateral cooperation is normally a good thing—it aims to concentrate power in forums where only nation-states have voting authority, effectively sidelining civil society and other stakeholders. This has serious implications for global human rights and freedoms.

Over the past year, authoritarian states have made significant strides in advancing this multilateral vision within the UN system through processes such as the Global Digital Compact and the Cybercrime Treaty. WSIS+20 is an opportunity for them to consolidate these gains and fundamentally reshape global digital governance in their interests.

What authoritarians want

Authoritarians’ approach to WSIS will likely focus on four broad strategic areas.

First, they will likely push for new initiatives or for inclusion of language that strengthens multilateral cooperation and action, aiming to concentrate power in forums where only nation-states have voting authority, effectively sidelining other stakeholders. This could include attempts to position WSIS as implementing the Global Digital Compact (GDC)—a nation-state negotiated framework—or trying to subordinate WSIS under this framework, despite WSIS’s independent mandate. This could also include attempts to strengthen the newly established UN Office of Emerging and Digital Technologies, an outcome of the GDC. The office has faced controversy over a lack of transparency about its mandate and its potential to not only further centralise internet governance within the UN in New York, but to centre it within the UN secretariat.

Second, they will likely target the IGF. While preventing its extension seems unlikely, authoritarian governments may work to shift its functions to other UN bodies where only states have voting power—a move China has long advocated for. Alternatively, they may seek to weaken the IGF’s effectiveness by maintaining voluntary funding or creating competing multilateral mechanisms that duplicate its functions.

Third, they will likely push to extend WSIS’s mandate to include emerging technologies, particularly through initiatives that emphasise multilateral involvement. This would create opportunities to shape the governance of AI, data, biotechnology and other emerging fields across multiple disparate forums, making it difficult to track developments and coordinate responses.

Fourth, authoritarian states, particularly China, will likely capitalise on WSIS+20’s development-focused agenda. China has promoted the right to development to justify its prioritisation of state-led economic growth over other universal human rights and freedoms, serving as a strategic tool to strengthen China’s domestic authoritarian model in the name of economic progress. WSIS+20’s emphasis on development, and the urgent need to close the global digital divide, creates a risk that this concept could spread to global digital governance. This would provide a framework for other governments to adopt digital authoritarian practices under the guise of national development priorities.

The central role of the Global South in the review process makes this more concerning. China wields considerable influence through this group, including via the G77+China group, which represents 134 of the 193 UN member states—a majority of UN votes if they negotiate or vote as a bloc, as they did in last year’s GDC negotiations.

The structural elements of the WSIS+20 review further tilt the process in favour of authoritarian interests. The outcome document will be presented for adoption by the UN General Assembly’s Second Committee. Beijing has historically wielded significant influence in this forum, increasing the risk that WSIS+20 shifts toward a state-centric model at the expense of the multistakeholder model.

WSIS isn’t happening in a vacuum

While the WSIS+20 review may seem like an abstract UN process, it’s unfolding in a rapidly changing internet and digital landscape.

The internet is becoming less open and less global as national governments—including democracies—assert greater control over digital spaces. Global internet freedom is in decline, with China and Russia advancing their state-centric visions for digital governance—not only within the UN but also through influential groups like BRICS and the Shanghai Cooperation Organisation. Meanwhile, China is exporting its digital authoritarian model worldwide via the Digital Silk Road, embedding rules and technologies that entrench state control.

This shift isn’t just happening at a normative or policy level. Technical standards—long an area of geopolitical competition—are beginning to split. The technical foundations of the global internet are also beginning to fracture. For instance, China’s proposed IPv6+ initiative introduces protocols that enable greater state control over internet traffic, raising concerns about its potential global adoption through the spread of Chinese technology.

The internet’s physical infrastructure is also splintering. Subsea cables, telecommunications networks and satellite systems are increasingly fragmented along geopolitical divides. Efforts to decouple technology supply chains—including critical minerals, semiconductors, and advanced chips—are further deepening these divisions.

Conclusion

WSIS+20 is not just another review.  It is a crossroads for the future of the internet.

For democracies, WSIS represents the last major opportunity to defend the multistakeholder model of internet governance. Democracies must lead efforts to improve the multistakeholder model, making it more inclusive and responsive to the needs and interests of the Global South with clear ideas about how to harness digital technologies for development. WSIS is an opportunity to genuinely collaborate with these nations to evolve the system and address developmental challenges, all while countering the narratives promoted by authoritarian regimes.

Multistakeholder bodies, such as ICANN, as well as the technical community and civil society, mobilised ahead of the GDC negotiations last year to push back on attempts to erode the open and global internet and shape discussions on how the multistakeholder model could evolve. They are likewise approaching WSIS with the gravity it deserves. Democracies must do the same.

If democracies fail to approach WSIS with the magnitude it deserves, 2025 may well mark the end of the open global internet. The battle for the internet is not just about digital governance- it’s the frontline of the broader struggle over the global order.

Authoritarian states recognise this. It’s time democracies did too.

Let’s take a close look at how we protect our undersea cables

The number of subsea cables landing in Australia has more than doubled since the legislation to create protection zones for these vital pieces of infrastructure was passed in 2005.

We rely ever more heavily on the connectivity that cables provide and, with capacity-hungry 6G on the horizon, the need will only grow.

And yet, aside from some tinkering five years in—and that happened only because of a mandatory review—the legislation has not been updated in the nearly two decades that have passed since it came into effect. That needs to change, given the risks of sabotage or accident have only increased as more cables are connected, and our way of life becomes more reliant on these data pathways. We are well overdue for a proper review and update.

The changes in 2005 to the Telecommunications Act 1997 established protection zones for submarine cables of national significance. The new Schedule 3A prohibited activities in these zones that would likely result in damage to the cables, such as fishing using gear that rests on or near the seabed, and also introduced criminal penalties for damaging cables.

Australia’s framework has been considered a ‘gold standard’—probably in part because it criminalised damage to cables, fulfilling an obligation under the UN Convention on the Law of the Sea.

There is some redundancy and resilience in the industry thanks to the number of subsea cables, with landing stations as far flung as the Sunshine Coast, Port Headland and Darwin—with more proposed. And of course, providers don’t want their cables cut or damaged given it means unhappy customers and reputational harm to their business. Companies therefore tend to have business continuity plans in the event of a disruption.

Yet it is a telling indicator that no new protection zones have been established since the original three were declared in 2007, with two in Sydney and one in Perth. But that only covers about two thirds of Australia’s cable landing sites, counting spurs and mainland connections to nearby islands – including Tasmania. It would be an obvious worry if providers don’t feel the zones are worth the effort to register.

Under the 2005 law, the Australian Communications and Media Authority can declare zones of its own initiative or accept applications from a carrier for a new zone. An application comes with a price tag of $161,251.

Considering the cost to repair a cable and the inevitable disruption to services, this a paltry sum. When Vocus’s Australian Singapore Cable in the Perth protection zone was cut in 2021—the only known cut to a cable in an Australian protection zone—the cost to repair was $1.5 million.

It’s hard to explain why more applications have not been made. One suggestion from a cable company was the ‘free rider’ issue—whereby other companies can take advantage of a safety zone funded by competitors. But that doesn’t seem enough of a blocker.

Part of the problem is there are no metrics by which to judge the efficacy of the protection zones. There is no requirement for ACMA to report disruptions, nor for companies to report them to ACMA in the first place, though there are other organisations who track this, such as the International Cable Protection Committee.

To judge if the current regime is working, we need metrics such as the number of cables disrupted by human activity in a zone compared to the number outside zones. This way, there are numbers to crunch to determine if a zone is, say, 5 percent or 50 percent safer than unprotected areas.

These numbers would also help ACMA justify the creation of new zones. Cable owners have said that ACMA should be unilaterally declaring and funding these new zones as needed.

But ACMA also has to consider the impact of imposing new regulations in an area given it would encroach on members of the public’s activities. There needs to be a demonstrable benefit to justify legislative or regulatory change.

Additionally, Schedule 3A doesn’t cater for the monitoring of the zones. Penalties only act as a deterrent if there is a perception that criminals will be caught and punished—yet this hasn’t happened. The Australian Federal Police told the 2010 review of schedule 3A that their legislative requirements didn’t extend to monitoring the zones and that, at any rate, they were not equipped to do so.

Presumably, actual patrolling of the zones is conducted by Maritime Border Command, and threats to cables are one of the many types of threats to security within its remit. Otherwise, prevention measures in the zones include cable monitoring by industry and awareness-raising activities.

ACMA recommended in 2010 to determine if monitoring is necessary in the zones. This didn’t eventuate, but it should happen. Reviewing and updating the legislation would clarify who has responsibility for monitoring the zones and strengthen the deterrent effect of the penalties.

Finally, a review would offer a chance to clarify how the 3A regime identifies a cable as one of ‘national significance’. This is the term that determines whether or not a protection zone applies, but it is a vague definition. One way to bring clarity would be to align the definition with that in the Security of Critical Infrastructure Act 2018, and other relevant legislation.

So, there is a clear case for a review. It could consider a scheme to capture metrics, determine the value and feasibility of a monitoring and enforcement regime, and look at aligning the 3A definitions and concepts to other critical infrastructure legislation.

Above all, this would make it clear to Australian carriers, international carriers contemplating an Australian landing—and indeed other countries looking to implement their own legislative regime—that Australia remains the ‘gold standard’ for cable regimes and that we are constantly looking at how best to keep undersea cables safe.

UN’s Global Digital Compact is looking like an authoritarian dream

This week, global representatives to the United Nations in New York will review the latest draft of the UN Global Digital Compact (GDC). An initiative proposed by UN Secretary-General Antonio Guterres to establish a framework for global digital cooperation, the GDC aims to set out shared principles for an open, free and secure digital future and accelerate progress on the UN’s Sustainable Development Goals.

Yet, as negotiations near completion ahead of its expected adoption at the UN Summit of the Future in September, the latest draft of the GDC is concerning. It would consolidate power within the UN, expand the reach of both the UN and national governments over digital matters and ultimately threaten the openness of the global internet.

Since Guterres first proposed the GDC, it’s been met with concerns. The secretary-general and the his envoy on technology seemed to emphasise the role of nation-states over the existing multi-stakeholder model. Critics feared the GDC would undermine established multi-stakeholder mechanisms, such as the World Summit on the Information Society and the Internet Governance Forum, or be commandeered by authoritarian regimes such as Russia and China as part of their efforts to shift internet and digital issues into the multilateral system.

UN consultations on the GDC and early drafts aimed to alleviate those concerns by emphasising the multi-stakeholder model of internet governance—which involves civil society, the private sector and the tech community on equal footing—and the need for the GDC to complement and not duplicate existing mechanisms.

Negotiations among member states on the GDC have been taking place over the past few months. The latest draft, released last week after June negotiations, includes several promising elements, notably, stronger support for the multi-stakeholder approach and language on upholding international law and human rights in the digital sphere.

However, it also contains several problematic proposals.

One is for the creation of a new office within the UN Secretariat to oversee digital and emerging technologies, facilitate system-wide collaboration and implement the GDC. That might sound wise, but, given the plethora of existing bodies already coordinating those issues, it’s unclear why a new office is needed. Moreover, the UN’s resources are stretched thin, and the funds allocated for the new office could arguably be better used elsewhere.

The draft also calls for the establishment of an international scientific panel on digital technologies but fails to specify its composition, its mandate or how it will interact with existing multi-stakeholder bodies. Similarly, the proposed Policy Dialogue on AI Governance focuses solely on UN member states, sidelining civil society, the private sector and the technical community. It’s also unnecessary: the International Telecommunication Union (ITU) has long convened the AI for Good Global Summit, while the ITU and the United Nations Educational, Scientific and Cultural Organization also convene the Inter-Agency Working Group on AI, which includes UN member states and UN agencies.

Another controversial aspect is the proposed high-level review mechanism of the GDC, which suspiciously resembles the previously slammed Digital Cooperation Forum (DCF). The DCF, put forward by Guterres in a policy brief in 2023, was widely criticised as an attempt to centralise power within the UN, sidelining existing multi-stakeholder governance structures such as the Internet Governance Forum. Although the DCF was dropped from the GDC, the high-level review mechanism is effectively its replacement in all but name. This shift in power towards the UN would disproportionately benefit states, especially authoritarian regimes, potentially leading to increased control and censorship.

The draft’s proposal for an annual report by the UN secretary-general on GDC implementation appears redundant and potentially counterproductive. Considering the numerous existing forums and mechanisms, including member states’ reporting on the GDC and the proposed new UN office, which would also oversee implementation, such a report seems unnecessary and duplicative. Also, it risks centralising power over digital issues within the UN Secretariat in New York, further disproportionately empowering member states at the expense of other stakeholders.

The latest draft of the GDC also introduces a surprising new and controversial proposal to explore a UN mechanism for international data governance, which wasn’t in earlier drafts. While the need for global cooperation on data governance is undeniable, establishing a UN body to oversee data governance raises significant concerns. Centralising UN and state control over data could empower governments, particularly authoritarian regimes, to increase surveillance and censorship, thereby legitimising their restrictive practices and potentially eroding privacy rights, freedom of expression and individual data autonomy.

The motivations behind the UN’s push for power over the digital realm are perplexing. Why is it so focused on centralising control? Why does it pay lip service to the multi-stakeholder model, and then do the opposite?

It could be interpreted as the outgoing secretary-general’s attempt to cement his legacy, given his personal proposal of the GDC and his subsequent investment in the process. Alternatively, it might be a power grab by the UN bureaucracy to expand its influence over the increasingly significant realm of technology and digital governance. However, the most concerning possibility is that the GDC is a response to the growing influence of authoritarian regimes within the UN system. China, in particular, has been strongly advocating for increased multilateral control within the GDC, aligning with its broader strategy to consolidate internet and digital governance under the auspices of the UN.

Ultimately, this makes the battle over the GDC’s final form not just a UN procedural matter or bureaucratic power grab, but a critical fight for the future of a free and open internet.

Children’s eSafety Commissioner steps up to safeguard children online

Protecting children online

ASPI’s recent report, Gen Y Jihadists: Preventing Radicalisation in Australia, recommends engaging schools in a practical discussion about Middle Eastern politics, terrorism and counter-radicalisation. This follows news that the federal government is considering a deradicalisation strategy in schools, where teachers receive training to recognise behaviour amongst students that could potentially indicate a propensity towards extremism.

So it’s timely that the former director of the Australian Federal Police’s High Tech Crime Centre, Alastair MacGibbon, has stepped into the newly-created role of Children’s eSafety Commissioner. This Commissioner’s independent statutory Office will sit within the Australian Media and Communications Authority and answer to the Minister for Communications.

As Anthony Bergin and I explained in The Financial Review, this role is the first of its kind worldwide. The Office will administer complaints based on a two-tiered system of social media services. Tier one status is dependent on application by a service and the Commissioner being satisfied that it meets basic online safety requirements. Tier two status is determined by the Minister for Communications after the Commissioner has deemed the service to meet the criteria of a large social media service.

The Commissioner can take enforceable action against a tier two service, but not a tier one; here he can only request removal of material. So the Commissioner has powers to compel certain social media services to take down material that’s deemed to be harassing an Australian child. If the service doesn’t comply within 48 hours, they risk fines of $17,000 per day.

But another important task is intervening in cases of young people being targeted by online extremists. That’s a significant challenge, given an estimated 90% of Australians aged 12 to 17 use some form of social media. What’s worrying is that teachers often don’t know how best to intervene when they identify students demonstrating extremist views.

The Office aims to change the culture surrounding online behaviour. Failing to acknowledge the role of social media in the lives of young Australians is potentially dangerous and MacGibbon wants 21st century kids to become ‘resilient digital citizens’. While it might be difficult to protect every student, ‘herd inoculation’ might be a way to encourage young people to behave safely and responsibly online.

The government’s community resilience to violent extremism initiative, Living Safe Together, outlines the four tiers of the government’s strategy to counter violent extremism (CVE), one of which is challenging extremist propaganda. However Living Safe Together doesn’t refer to the Office of the Children’s eSafety Commissioner, despite having its own Report Online Extremism Material mechanism. CVE measures could be maximised by drawing various government resources together.

The Office isn’t the only organisation promoting cyber safety in schools. I recently met with Oscar Yildiz who is the Executive Director of BullyZero, a program which conducts information sessions for students and teachers on online hazards, including extremist propaganda.

He explained that while he initially met some resistance from parts of the community, demand from schools is increasing as word spreads. He explained that younger students were more forthcoming in telling adults if they’ve been targeted by extremists online, whereas older students are often more reticent due to embarrassment. Perhaps this highlights the need to provide older students with trusted individuals to approach. However, the program receives no government funding and instead relies on fundraising and volunteers.

BullyZero is one of several community organisations educating students about online harms. There’s merit in using non-government organisations here as it’s better to have more than one message for students to choose from. So community organisations who are working on cyber safety might be worthy recipients of some of the $22 million the government has allocated to CVE in the recent federal budget.

The Office of the eSafety Commissioner presents an opportunity for positive change in online safety, and it’s promising to see the government countering online extremism more effectively. But it’s important that these efforts take whole-of-government and societal approaches on board. Collaboration across federal and state governmental departments would maximise resources, and this new eSafety function presents an opportunity for oversight of online safety initiatives. At the same time, community engagement to leverage community capabilities may ensure that all relevant players across state and society are equipped to keep young Australians safe online.

Governing the Net: wake me up when September ends

2369206818_6750973839_z2015 is set to be a historic year for Internet governance. If all goes to plan in nine months a fresh, accountable, and independent ICANN will be born. On 30 September 2015, what should be the last contract between the US Department of Commerce (DoC) and the Internet Corporation for Assigned Names and Numbers (ICANN) is set to expire and the symbolic vestiges, or what some countries call the hegemony, of US government oversight over the Internet Assigned Numbers Authority (IANA) functions is set to end. But there’s a caveat—the international multistakeholder community must first collectively agree to a transition plan that not only enhances ICANN accountability, but also adheres to four core DoC principles and tiptoes around Washington politics. With time running short the question is whether the international community can be a successful midwife to the IANA transition.

Today, 15 January, the domain names, number resources, and protocol parameters operational communities are set to submit their proposals to the IANA Stewardship Transition Coordination Group (ICG). The ICG will then be responsible for assembling the component parts into a single proposal to present to the DoC National Telecommunications and Information Administration (NTIA), with a submission target of July 2015. In September the transition will be completed and in October ICANN will celebrate the success in Dublin. Sweet. IANA transition done and dusted.

Of course, things won’t be that simple. Read more

Governing the Net: .wine makes France aggressive

Wine, anyone?

‘Wine is serious … we all like wine’, explained ICANN CEO Fadi Chehade in response to a French complaint ahead of last week’s ICANN50 meeting in London. Heralded as the largest-ever ICANN meeting, ICANN50 was charged with no less a task than addressing the multistakeholder organisation’s global accountability and the US proposal to relinquish its stewardship of the domain name system. What caused the French to chuck a wobbly is the recent decision by ICANN to authorise the .vin and .wine generic top-level domain (gTLDs) names. They fear that move could undermine international agreements to restrict labelling for products such as champagne and other geographically-specific goods. Calling ICANN’s decision-making process ‘totally opaque’ and threatening negotiations around the Transatlantic Trade and Investment Partnership, France broke from its European partners to propose a ‘one country, one vote’ General Assembly system to govern ICANN’s strategy and budget, and address politically sensitive issues. While the future of the .wine domain might not keep many awake at night, France is providing ammunition to those who question the legitimacy of ICANN and the multistakeholder model as a whole.

To be fair, there are legitimate accountability concerns within ICANN. While France’s attempt to transpose gTLD geographic protections to second level domains (such as ‘champagne.wine’ or ‘porto.vin’) and transparency concerns are suspect, the demonstrated lack of redress to challenge ICANN board decisions is of concern. In fact on 26 June ICANN’s own Generic Names Supporting Organization (GNSO) made an unprecedented unanimous decision (PDF) to such effect, calling for the ‘creation of an independent accountability mechanism’. That need for accountability and oversight is made even more pressing given the expected removal of the perceived US Department of Commerce ‘backstop’ authority. Read more