Media - Freedom of expression and information

 Committee of experts on protection of journalism and safety of journalists (MSI-JO)

Activities
STANDARD-SETTING
  Steering Committee (CDMSI)
  Bureau of the Committee (CDMSI-BU)
  Former Steering Committee (CDMC)
  Former Bureau of the Committee (CDMC-BU)
  Committee of Experts on Protection of Journalism and Safety of Journalists (MSI-JO)
  Committee of Experts on cross-border flow of Internet traffic and Internet freedom (MSI-INT)  
CONVENTIONS
  Transfrontier Television
  Conditional Access
COOPERATION
  Legal and Human Rights Capacity Building
FORMER GROUPS OF SPECIALISTS
  Rights of Internet Users
  Information Society
  New Media
  Public Service Media Governance
  Cross-border Internet
  Protection Neighbouring Rights of Broadcasting Organisations
  Media Diversity
  Public service Media
 
Events
  Conference Freedom of Expression and Democracy in the Digital Age - Opportunities, Rights, Responsibilities, Belgrade, 7-8/11/2013
  Conference "The Hate factor in political speech - Where do responsibilities lie?", Warsaw18-19 September 2013
  Conference of Ministers, Reykjavik - Iceland, 28-29 May 2009
  European Dialogue on Internet Governance (EuroDIG)
 
Documentation
  Conventions
  Committee of Ministers texts
  Parliamentary Assembly texts
  Ministerial Conferences
  Publications
  Translations
 
Useful links

Steering Committee on
Media and Information Society
(CDMSI)

                    CDMSI(2012)015

Preliminary report on scenarios of interference with Internet traffic which may have an impact on access to information across borders

Background

1. The CDMSI’s Terms of Reference refer to an “instrument on cross-border flow of Internet traffic (2013)”.

2. The CDMSI at its first plenary meeting (27-30 March 2012) agreed to consider output in respect of cross-border flow of Internet traffic in light of a preliminary report identifying concrete problems/scenarios to be prepared on the basis of submissions by members and observers or participants.

3. A preliminary report was discussed by the Bureau at its second meeting (10-11 October 2012). The Bureau instructed the Secretariat to continue working in this area, in particular in a dedicated workshop at the Internet Governance Forum (IGF) and also by inviting experts to a hearing during the second plenary meeting of the CDMSI (27-30 November).

Key concepts

Internet traffic

4. The Internet is built on the Transmission Control Protocol (TCP) and the Internet Protocol (IP) which enable the exchange of data between two or more machines connected to the network. The system separates the data into packets, indicates on each packet the address from which it is sent and the address where it is to be sent and sends the packets across the Internet in order to reach their intended destination. The addressing information does not indicate the content of the packets. Machines (routers) look at the destination address of each packet and decide to which machine the packet should be sent.

5. Internet traffic is the volume of data packets flowing on TCP/IP. Content is an attribute associated with data packets sent across the network. For purposes of this preliminary report Internet traffic is understood as the content and information carried by data packets which travel across the network.

The cross-border dimension

6. The open nature of the TCP/IP enables interconnection among independent computers and information systems. Internet user requests for any particular content or information can be routed via different servers, which may be located in different countries. This can change at various points in time. Thus, Internet traffic is distributed across borders.
7. In this connection, Internet traffic in one country may be exposed to undue interference by other countries or to actions taking place within their jurisdictions– e.g. country A or action taking place within that country may have an impact on the Internet traffic in country B. This may result in cross-border implications for access to content and information carried by that traffic.
Table indicating types of content affected by Internet traffic interferences

Content affected

Interferences

Political

Culture

Social

Sensitive

Advertising

Gambling

Other

Technical errors

           

Filtering and blocking

         

Scanning and monitoring

             

Network Neutrality

             


Role of states

8. Under the European Convention on Human Rights (ECHR) states have the obligation to secure to everyone under their jurisdiction the protection of the right to freedom of expression, including the freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers (Article 10 of the ECHR).
9. The Recommendation CM/Rec(2011)8 of the Committee of Ministers to member states on the protection and promotion of the universality, integrity and openness of the Internet addresses the issue of Internet traffic in its general principles:
“1.1. No harm

    1.1.1. States have the responsibility to ensure, in compliance with the standards recognised in international human rights law and with the principles of international law, that their actions do not have an adverse transboundary impact on access to and use of the Internet.
    1.1.2. This should include, in particular, the responsibility to ensure that their actions within their jurisdictions do not illegitimately interfere with access to content outside their territorial boundaries or negatively impact the transboundary flow of Internet traffic.”

10. States do not have a role in the day-to-day technical and operational matters of the Internet. The Committee of Ministers Declaration on Internet Governance Principles states that:
“ 7. Decentralised management

    The decentralised nature of the responsibility for the day-to-day management of the Internet should be preserved. The bodies responsible for the technical and management aspects of the Internet, as well as the private sector should retain their leading role in technical and operational matters while ensuring transparency and being accountable to the global community for those actions which have an impact on public policy.”

11. In respect of Internet traffic management the role of states is also not direct and limited.

12. Some scenarios/cases illustrating interferences with Internet traffic across borders are given below. They highlight two key elements (1) the potential or actual impact on access to online information and (2) the cross-border impact.

Technical (routing) incidents

13. Internet Service Providers (ISPs) rely on information provided by other ISPs regarding the most efficient route for the data packets to reach their destination. ISPs usually trust the information provided by other ISPs to be correct. Erroneous or bogus announcement of information by ISPs can propagate in an international scale and affect access to specific content or services. One example is the 2007 incident with YouTube where a decision of Pakistani authorities to block this website resulted in routing errors which blocked access to this website worldwide.1 Another incident happened in April 2010 when China Telecom advertised erroneous traffic routes which reportedly resulted in 15% of the global traffic being routed through destinations in China although in this case there were no reports on access to any particular Internet content being denied. 2

Filtering and blocking

14. ISPs enter into peering agreements3 and transit arrangements with providers located in different jurisdictions. When ISPs apply filtering measures to connections provided to their peers, the capability of customers (users) of the latter to access to online content may be affected (upstream filtering). Thus, restrictions on content in one jurisdiction may have an impact in another. The Citizen Lab at the University of Toronto has documented one such case. 4

15. Blocking access to a particular website (either by means of IP address or URL blocking) can have an impact on the Internet traffic to that website on a global scale (web traffic blocking). Reportedly a recent blocking of a content storing and sharing website affected significant parts of web traffic in different countries.5 Content blocking via the Domain Name System (blacklisting websites and filtering IP traffic) also exists, for example by erecting national firewalls, which risks to balkanize the Internet 6

Scanning and monitoring Internet traffic

16. If the conditions of Articles 8 and 10 of the ECHR are not respected, Internet traffic scanning and monitoring raise questions regarding Internet users’ privacy protection and in turn their freedom online. There are reports on legislative initiatives in Council of Europe member states allowing for Internet traffic monitoring.7 The use of deep packet inspection (DPI) technologies also raises questions as regards the legitimacy and proportionality of such usages.8

Network neutrality

17. The Declaration of the Committee of Ministers on network neutrality states that “[u]sers should have the greatest possible access to Internet-based content, applications and services of their choice, whether or not they are offered free of charge, using suitable devices of their choice. Such a general principle, commonly referred to as network neutrality, should apply irrespective of the infrastructure or the network used for Internet connectivity.”9

18. The Body of European Regulators for Electronic Communications (BEREC) released the results of an investigation into traffic management and other practices in Europe.10 According to the BEREC report specific practices such as blocking peer-to-peer traffic or voice over IP could create concerns for end-users access to online information. BEREC’s findings provide analytical data on traffic management by country; they do not seem to cover actual or potential implications of such practices for access to content and services across borders.

Way forward

19. The Secretariat together with the European Association of Internet Service Providers will organise a workshop at the Internet Governance Forum (Baku, 6-9 November 2012) with a view to discussing challenges to the unimpeded cross-border flow of Internet traffic and taking stock of best practices.11 The results of the workshop will be reported to the second CDMSI plenary meeting.

20. The Bureau agreed to encourage active onsite and remote participation of CDMSI members in the IGF workshop and to invite experts to a hearing during the second meeting of CDMSI.

21. The Secretariat should also explore the possibility of preparing an expert report which analyses legal, policy and technical issues of cross-border flow of Internet traffic and examines policy options to be pursued.

1 See http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml, On the issue of routing vulnerabilities see also http://packetlife.net/blog/2008/aug/30/stealing-internet-missing-point/


2 See http://packetlife.net/blog/2011/mar/17/brief-history-notable-internet-disruptions/

3 Agreements between ISPs to exchange traffic freely and for mutual benefit without paying for transit.

4 See Routing Gone Wild: Documenting Upstream Filtering in Oman via India https://citizenlab.org/wp-content/uploads/2012/07/08-2012-routinggonewild.pdf

5 See data available at http://gigaom.com/2012/01/20/follow-the-traffic-what-megauploads-downfall-did-to-the-web/

6 See Advisory by the Stability and Security Advisory Committee of the Internet Corporation for Assigned Names and Numbers: Advisory on Impacts of Content Blocking via the Domain Name System http://www.icann.org/en/groups/ssac/documents/sac-056-en.pdf

7 See http://tvnz.co.nz/content/1858460/425827.xhtml

8 See Ralf Bendrath, Milton Mueller: ‘The end of the net as we know it: Deep Packet Inspection and Internet Governance’, available at papers.ssrn.com/sol3/papers.cfm?abstract_id=1653259&download=yes According to this report, DPI allows network operators to scan the address and the content of IP packets and in turn classify and control traffic based on the content, applications, and subscribers. DPI equipment is used to manage bandwidth, to carry out real-time government surveillance of Internet communications, to identify and block access to content deemed illegal or harmful, including detection and blocking unauthorised sharing of content protected by copyright.


9 Available at https://wcd.coe.int/ViewDoc.jsp?id=1678287&Site=CM&BackColorInternet=C3C3C3&BackColorIntranet=EDB021&BackColorLogged=F5D383

10 See report available at https://ec.europa.eu/digital-agenda/sites/digital-agenda/files/Traffic%20Management%20Investigation%20BEREC_2.pdf

11 See workshop description at http://wsms1.intgovforum.org/content/no136-free-cross-border-flow-internet-traffic .