Internet Access : Finally A Fundamental Human Right according to UN Special Rapporteur Frank La Rue

Borrowing from the phrase of Armstrong: That’s one small step for the UN, one giant leap for the Internet!

Frank La Rue, the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression released his report (22 pages well worth reading) submitted to the 17th session of the Human Rights Council on the “key trends and challenges to the right of all individuals to seek, receive and impart information and ideas of all kinds through the Internet“.

His conclusions and recommendations are clear and call for no further argument. In a nutshell : Internet Access is a fundamental human right. Now maybe we can move on with the real discussions and issues on how to creatively address some of these global problems currently hampered by ridiculous territorially bound legislations that have been hijacked by lobbies and industry led pressure groups.

So long HADOPI, ACTA, Protect IP Act, etc. Long live the Internet ! and let’s get to work, we’ve got a responsible digital society to build… Time for Responsibility 2.0 : towards A new World Order ?


ISP Internet Filtering is Illegal : EU Court of Justice Opinion

Today, Advocate General’s Opinion in the case opposing Scarlet Extended to Société belge des auteurs compositeurs et éditeurs (Sabam) sounded like freedom and (public domain) music to my ears.

“According to Advocate General Cruz Villalón, a measure ordering an internet service provider to install a system for filtering and blocking electronic communications in order to protect intellectual property rights in principle infringes fundamental rights”.

If the verdict is confirmed, this is fantastic news and a step forward in the fight to preserve privacy and freedom of information.
It is also a major signal to the entertainment industry and their lobbies that they cannot carry on trying to force into law their obsolete business models. Maybe an opportunity for them to finally consider re-thinking a few things with respect to their industry and copyright. ISP will no longer be threatened and punished for refusing to spy on their customers. Let’s see how this evolves and the reactions it will trigger.

Information Security Management : A Wake Up Call !

A great article by Thomas Kendra (Symantec) posted in the Financial Times, Digital Business, Personal View (Dec. 5, 2007) urging for the need to adopt a “fresh approach” to information security management given the new challenges posed by our modern organizational structures. These now involve increasing interorganizational processes, insider threats and ubiquitous computing infrastructures. Obviously, this is “music to my ears” given my research interests in Enterprise DRM and Digital Policy Management (DPM).
Basically the whole point addresses the issue of how to go beyond current security approaches which are now insufficient and consequently fail given these new challenges. Or in other words, how do we address the current weakest link of information security basically boiling down to People and Mobility. And as we all know, security is only as good as its weakest link.

So, despite the “YouNameIt++ frenzy” (trend consisting of giving and incrementing version numbers to reflect the next generation of challenges in a topic, e.g., Web 2.0, Web 3, Identity 2.0, etc.) he calls for “Security 2.0” saying it builds on traditional security (Security 1.0) adding protection at the level of the information itself and the interactions.

Interestingly, Enterprise DRM is currently one of the possible technologies used in the corporate environment to address some of these issues trying to persistently protect and manage content no matter where it resides (i.e., including outside traditional corporate perimeters). As a result, this brings the granularity of the protection down to the individual information level by cryptographically associating governing rules to the content. Moreover, given the criticality of the managed content it is also possible to dynamically adapt those rules in real time thus allowing to basically “recall” content if needed.

Our environment cannot rely anymore only on perimeter based security, Access Control, and secure communication channels. We’ve passed the point of no return and need to address information security in a way that accommodates current and future business practices.

Two problems arise here : First Interoperability and the lack of standards in the field of Enterprise DRM. We cannot rely on vendor specific proprietary solutions. Second, most deployed solutions today address specific needs in siloed approaches (e.g., SOX, Based II, HIPPA, IP protection, etc.). As a result, the field needs to take a step back and rethink the whole problem at a higher abstraction level in terms of Policies and how they are managed. Some of which may be electronically instrumented through technical means (e.g., Enterprise DRM). This is Digital Policy Management, an emerging and very important research area I’m working on. I have setup a page for this in order to generate and stimulate discussion on these issues here: The Digital Policy Management (DPM) Page. Everyone is welcome to join the conversation (practitioners and researchers) on all aspects of the problem (engineering, management, legal, social, ethical, behavioral, etc.)

Source :, Dec. 5, 2007, New Threats call for a fresh approach, Personal View by Tom Kendra,