2. SCOPE OF THE PRESENTATION
• WHAT IS INTERNET GOVERNANCE, POLICY &
LAW?
• HOW ARE THESE THINGS LOOKED AT
INTERNATIONALLY?
• WHAT IS THE SITUATION IN PAKISTAN?
3. CYBERSPACE IS CHAOTIC
• CYBERSPACE HAS NO BOUNDARIES, NO
INTERNATIONAL TREATIES TO REGULATE &
CONTROL DIGITAL ACTIVITY
• STATE ACTORS, NON-STATE ACTORS AND
CRIMINALS OPERATE WITH IMPUNITY TO MAKE
IT A CHAOTIC PLACE
• CYBER ATTACKS HAVE BECOME A NORM RATHER
THAN AN EXCEPTION
• SUCH ATTACKS BESIDES CAUSING MONETARY
LOSSES THREATEN INTERNATIONAL PEACE &
STABILITY
4. LATEST INTERNATIONAL CYBER
ATTACK
• A HUGE ATTACK ON GLOBAL INTERNET ACCESS BLOCKED SOME OF
THE WORLD’S MOST POPULAR WEBSITES ON 21 OCTOBER 2016.
• IT WAS CAUSED BY HACKERS USING COMMON DEVICES LIKE
WEBCAMS AND DIGITAL RECORDERS.
• THE SITES TARGETED INCLUDED TWITTER, PAYPAL AND SPOTIFY -
ALL CUSTOMERS OF DYN, AN INFRASTRUCTURE COMPANY IN NEW
HAMPSHIRE, US THAT ACTS AS A SWITCHBOARD FOR INTERNET
TRAFFIC.
• OUTAGES WERE INTERMITTENT AND VARIED BY GEOGRAPHY, BUT
REPORTEDLY BEGAN IN EASTERN US BEFORE SPREADING TO OTHER
PARTS OF THE COUNTRY AND EUROPE.
• USERS COMPLAINED THAT THEY COULD NOT REACH DOZENS OF
INTERNET DESTINATIONS, INCLUDING MASHABLE, CNN, THE NEW
YORK TIMES, THE WALL STREET JOURNAL, YELP AND SOME
BUSINESSES HOSTED BY AMAZON.
5. WHO OWNS THE INTERNET?
• NO ONE PERSON, COMPANY, ORGANIZATION OR
GOVERNMENT RUNS THE INTERNET
• INTERNET IS A GLOBALLY DISTRIBUTED
NETWORK COMPRISING MANY VOLUNTARILY
INTERCONNECTED AUTONOMOUS NETWORKS
• DIGITALLY ADVANCED COUNTRIES WIELD INFLUENCE
THROUGH ORGANIZATIONS SUCH AS:
– INTERNET ENGINEERING TASK FORCE (IETF)
– INTERNET CORPORATION FOR ASSIGNED NAMES AND
NUMBERS (ICANN)
– NATIONAL TELECOMMUNICATIONS AND INFORMATION
ADMINISTRATION (NTIA
– WORLD WIDE WEB CONSORTIUM (W3C)
– SOCIETY FOR WORLDWIDE INTERBANK FINANCIAL
TELECOMMUNICATION (SWIFT)
6. • IETF DEVELOPS AND PROMOTES VOLUNTARY INTERNET
STANDARDS SUCH AS INTERNET PROTOCOL SUITE (TCP/IP).
TILL 1993 ITS ACTIVITIES WERE SUPPORTED BY US FEDERAL
GOVT
• ICANN ADMINISTERS PRINCIPAL NAMESPACES ON THE NET
AND IS HEADQUARTERED IN LOS ANGELES, CALIFORNIA
• NTIA IS AN AGENCY OF THE US DEPARTMENT OF COMMERCE
THAT GIVES FINAL APPROVAL FOR CHANGES TO THE DOMAIN
NAME SYSTEM (DNS) ROOT ZONE
• W3C IS THE MAIN INTERNATIONAL STANDARDS
ORGANIZATION FOR THE WORLD WIDE WEB. FOUNDED
BY TIM BERNERS-LEE AFTER HE LEFT THE EUROPEAN
ORGANIZATION FOR NUCLEAR RESEARCH (CERN) IN OCTOBER,
1994.
• SWIFT IS A BELGIUM BASED ORGANIZATION THAT PROVIDES A
NETWORK THAT ENABLES FINANCIAL INSTITUTIONS
WORLDWIDE TO SEND AND RECEIVE INFORMATION ABOUT
FINANCIAL TRANSACTIONS IN A SECURE, STANDARDIZED AND
RELIABLE ENVIRONMENT
7. DEFINITION OF INTERNET
GOVERNANCE
• A UN-INITIATED WORLD SUMMIT ON THE
INFORMATION SOCIETY (WSIS) PROPOSED THE
FOLLOWING DEFINITION OF INTERNET
GOVERNANCE AS PART OF ITS JUNE 2005
REPORT:
• “THE DEVELOPMENT AND APPLICATION BY
GOVERNMENTS, THE PRIVATE SECTOR AND CIVIL
SOCIETY, IN THEIR RESPECTIVE ROLES, OF SHARED
PRINCIPLES, NORMS, RULES, DECISION-MAKING
PROCEDURES, AND PROGRAMMES THAT SHAPE
THE EVOLUTION AND USE OF THE INTERNET”
8. INTERNATIONAL EFFORTS TO
REGULATE CYBERSPACE
• THE INTERNATIONAL TELECOMMUNICATION UNION
(ITU)
• INTERNET GOVERNANCE FORUM (IGF)
• WORLD SUMMIT ON THE INFORMATION SOCIETY
(WSIS)
• UN WORKING GROUP ON INTERNET
GOVERNANCE (WGIG)
• UN GROUP OF GOVERNMENTAL EXPERTS:
DEVELOPMENTS IN THE FIELD OF INFORMATION AND
TELECOMMUNICATIONS IN THE CONTEXT OF
INTERNATIONAL SECURITY
• THE BUDAPEST CONVENTION ON CYBERCRIME
9. INTERNATIONAL
TELECOMMUNUCATION UNION (ITU)
• TH ITU ISSUES POLICIES ON THE USE OF THE
INTERNET FROM TIME TO TIME
• ITU's INTERNET-RELATED ACTIVITIES,
RESULTING FROM ITS ROLE AS MANDATED BY
THE RELEVANT ITU RESOLUTIONS, WITH
REGARD TO INTERNATIONAL PUBLIC POLICY
MATTERS, STANDARDIZATION ASPECTS AND
CAPACITY BUILDING EFFORTS
10. STATE POLICIES ON INTERNET
• DIGITALLY ADVANCED COUNTRIES CRAFT POLICIES TO
– AGGRESIVELY USE THE MEDIUM OF THE NET TO SURVEIL &
SUCK OUT INFORMATION FROM BOTH FOES & FRIENDS
BOTH CITIZENS & STATE PARTIES
– THEY PREACH OPENNESS TO MAXIMIZE COMMERCIAL &
IDEOLOGICAL OPPORTUNITIES THROUGH THE UNLIMITED
REACH TO POTENTIAL BUYERS
• OTHER COUNTRIES E.G. CHINA AND RUSSIA FEEL THAT
THERE SHOULD BE MORE CONTROLS TO PREVENT
INDOCTRINATION
• ALL COUNTRIES WITHOUT EXCEPTION WANT TO
PREVENT DATA BREACHES
11. CYBER SECURITY POLICY OF INDIA
• INDIA’S NATIONAL CYBER SECURITY POLICY HAS BEEN PRODUCED
BY DEPARTMENT OF ELECTRONICS AND INFORMATION
TECHNOLOGY (DEITY)
• IT OFFERS A POLICY FRAMEWORK TO PROTECT THE PUBLIC AND PRIVATE
INFRASTRUCTURE FROM CYBER ATTACKS.
• THE POLICY ALSO INTENDS TO SAFEGUARD "INFORMATION, SUCH AS
PERSONAL INFORMATION (OF WEB USERS), FINANCIAL AND BANKING
INFORMATION AND SOVEREIGN DATA".
• THIS WAS PARTICULARLY RELEVANT IN THE WAKE OF US NATIONAL
SECURITY AGENCY (NSA) LEAKS THAT SUGGESTED THE US GOVERNMENT
AGENCIES ARE SPYING ON INDIAN USERS, WHO HAVE NO LEGAL OR
TECHNICAL SAFEGUARDS AGAINST IT.
• MINISTRY OF COMMUNICATIONS AND INFORMATION TECHNOLOGY
(INDIA) DEFINES CYBERSPACE IS A COMPLEX ENVIRONMENT CONSISTING
OF INTERACTIONS BETWEEN PEOPLE, SOFTWARE SERVICES SUPPORTED BY
WORLDWIDE DISTRIBUTION OF INFORMATION AND COMMUNICATION
TECHNOLOGY
12. WHAT IS THE STATE OF CYBER AFFAIRS
IN PAKISTAN?
• ABSENCE OF A CYBER CZAR, FEDERAL &
PROVINCIAL AUTHORITES TO LOOK AFTER
CYBER MATTERS
• NO CENTRAL CYBER POLICY
• NO BUDGETARY ALLOCATIONS FOR CYBER
SECURITY
• NO BILATERAL OR MULTILATERAL TREATIES
WITH ANY COUNTRY FOR CYBER
COOPERATION