The most troubling parts of leaked 'compromise text'

A leaked draft of a so-called "compromise text" to be introduced on the first day of the second week of the WCIT conference contains a number of proposed changes that will have some governments and most Internet organizations fuming.

Here are the most troublesome parts:

Article 3.3

MOD 3.3: A Member State has the right to know the international route of its traffic where technically feasible.

This was already a controversial proposal, with civil society groups claiming that it would allow for widespread online monitoring.

The addition of the word "international" is this text makes it plain that the intent is to track traffic not just within a country's own borders but outside as well.

Article 3A - The Internet

This new article was first proposed in the (late) submission by Russian - contribution 27 - and then revised four days later. The revised version still contains a number of significant concerns however, not least being the expansion of the ITRs, run by the ITU, to the issue of Internet governance.

Many governments, including the US and EC, don't feel the ITRs should have anything to do with Internet governance and have promised to fiercely oppose any such introduction.

Read: WCIT and the Internet? It all comes down to this document

See the full text on this page.

Articles 3B and 3C

Article 3B has appeared for the first time in this draft text and directly threatens the current Internet governance models.

ARTICLE 3B -- Numbering, naming, addressing, and identification resources

(Fundamental Right)
3B.1 Member states have the right to manage all naming, numbering, addressing and identification resources used for international telecommunications/ICT services within their territories.

(Preventing Misuse)
3B.2 Member States shall endeavour to ensure that international naming, numbering, addressing and identification resources are used only by the assignees and only for the purposes for which they were assigned and that unassigned resources shall not be used. Member States shall also endeavour to prevent misuse and misappropriation of these resources.

(Calling Line Identification)
3B.3 Member States shall endeavour, through various channels open to them, to ensure that operating agencies:

• implement Originating Identification (OI) features, where technically possible; including at least presentation of country code, national destination code or equivalent origination identifiers in accordance with the relevant Recommendations of ITU
• use appropriate standards when implementing OI features,
• maintain end to end the integrity and correctness of OI
• ensure that the requirements associated with data protection and data privacy are met;

Article 3C on the other hand pulls in wording around the issue of cybersecurity that was previously suggested as a new article 5A.

But moving the measures to Article 3 - International Network - from Article 5 - Safety of Life and Priority of Telecommunications - it is immediately clear that the text proposes handing significant cybersecurity issues to the ITU and would put cybersecurity issues under the jurisdiction of the ITRs. In other words, the UN would be giving itself oversight of security on the Internet.

ARTICLE 3C - Confidence and Security of Telecommunications/ICTs
 
(Appropriate  measures)  
3C.1   Member  States  shall  undertake  appropriate  measures,  individually  or  in  cooperation  with  other  Members  states,  to  ensure  Confidence  and  Security  of  Telecommunications/ICTs.  

(Scope)  
3C.2   Issues  related  to  security  include  physical  and  operational  security  of  networks;  denial  of  service  attacks;  countering  unsolicited  electronic  communication  (e.g  Spam);  and  protection  of  information  and  personal  data  (e.g.  phishing).  (personal  data)  

(International  Cooperation)  
3C.3   Member  States,  in  accordance  to  national  law,  should  cooperate  with  each  other  to  investigate,  prosecute,  correct  and  repair  security  breaches  and  incidents  as  appropriate  and  in  timely  manner.  

(Role  of  Operating  Agencies)  
3C.4   Member  States  should  endeavour  to  ensure  that  operating  agencies  and  other  concerned  entities  provide  and  maintain,  to  the  greatest  extent  practicable,  confidence  and  security  of  telecommunications/ICTs.  

(Cooperation  between  Operating  Agencies)  
3C.5   Member  States  shall  endeavour  to  ensure  that  operating  agencies  and  other  concerned  entities  cooperate  with  their  counter  parts  in  other  Member  states  in  ensuring  confidence  and  security  of  telecommunications/ICTs  as  appropriate  and  in  timely  manner.  

(Combating  Spam)  
3C.6   Member  States  shall  endeavour  to  ensure  that  operating  agencies  take  the  appropriate  measures  to  prevent  the  propagation  of  unsolicited  electronic  communication/spam.  Member  States  are  encouraged  to  cooperate  in  that  sense.    
 
(Combating  network  fraud)  
3C.8   Member  States  shall  endeavour  to  ensure  that  operating  agencies  take  the  appropriate  measures  to  combat  network  fraud.  

Article 4.2

A change to this article for the first time adds the words "of any type related to voice and broadband services" - making it explicit that the ITRs would extend beyond traditional telecoms and encompass the Internet.

MOD 4.2 Member States shall ensure that operating agencies cooperate within the framework of these Regulations to provide by mutual agreement, a wide range of international telecommunication/ICT services of any type related to voice and broadband services, which should conform, to the greatest extent practicable, to the relevant Recommendations of the ITU.