The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.
***
>> WIM DEGEZELLE: Hi, all. Welcome to this main session of the Best Practice Forum this year. This year we have a long title, it's Best Practice Forum on securing access to the Internet and protecting core Internet resources in contexts and conflict and crises.
Briefly introduce myself, I'm Wim Degezelle, I work as a consultant with the IGF secretariat supporting this Best Practice Forum.
Why am I consultant with the secretariat? Why is the secretariat supporting this work? Well, the Best Practice Forum is one of the modalities of the intercessional activities. It means there are a couple of topics, and this year there are four topics that the MAG, the Multi-Stakeholder Advisory Committee, selects. And say it is important that we can work on this and we can have discussions on this, but in a broader context not only at the IGF, but also in the weeks before ahead after IGF.
Typically, that means Best Practice Forum starts to work with online discussions ahead of the meeting to be able to present some outputs of the discussions at the IGF meeting.
Of course, this year everything is different. And the fact is that IGF is way earlier. That means the Best Practice Forum is really at the beginning. We have one or two online meetings and continue to work after the IGF. I think it's a great opportunity this year because usually what happens is we have the discussions with the team, with the core team, with people involved. At the IGF we come to talk about it on stage and afterwards a lot of people are interested to join, interested to participate.
And then we usually have to say sorry, but this is the end of the cycle.
Well this year, it is different. This year we can start off and we can involve everybody that's still interested in the coming months.
Because our final output we only intend to -- or we only will present if the first of November.
A couple words about the topic and the title.
The objectives of the session, this session needily comes and follows main session that was organized last year at the IGF in Riyadh where panel discussed what's happened, what's important with Internet access, what happens if there are conflicts and crises. What it means to Internet access for civilians, what it also means to disability of the Internet itself.
One of the findings or outcomes of that session was exactly that there is a lot of talk, but not much is clearly defined about the topic. It is really important to have the discussion, pick up the discussion, identify roles, responsibilities, look at norms, existing norms, norms frameworks that might be applicable.
And that's exactly where this Best Practice Forum takes off and really wants to finalize.
We published a problem statement, I will come back on later after the -- after the introductions where we invite feedback to the problem and then the panel will further discussion on this.
This is also the objective of the -- of the session is really have that input to continue to work on during the next months, so clarify the problem statement, look -- get pointers, get feedback, get input, and also part of the discussion is to discuss what can we, as a Best Practice Forum, what can we as IGF community do in this field. What role can we play.
Before I continue the introduction and go to the problem statement, I would like to invite you to listen to a video message from Mr. Ebo, director and deputy representative of the Office of Disarmament Affairs of UN. Can't be here, but at least we provide a message via video. So please let us listen.
>> EDEDEJI EBO: Distinguished co-facilitators, dear participants, I'm honoured to deliver this message on behalf of the Undersecretary General and Higher Representative for Office of Disarmament Affairs.
For 20 years, the Internet Governance Forum has served as an essential platform for multi-stakeholder discussions on digital public policy.
As we approach the 80th anniversary of the United Nations, we are reminded that our successes are underpinned by inclusive and coordinated efforts.
The IGF Best Practice Forums work precisely in that spirit, open, bottom-up collective approaches to Internet policy matters.
Allow me to now turn to the specific topic at hand. The importance of securing Internet access and protecting core Internet resources in contexts of conflict and crises situations.
Safeguarding Internet resources is essential for our shared digital future. These resources include what has become known as the public call of the Internet, which constitutes the critical digital competence that ensure the general availability and integrity of the Internet across borders.
Assets like fiberoptic cables, data centers, and satellite constellations.
In peace time, this critical infrastructure underpins digital transformation and enables sustainable development. We also see the vulnerability of these assets in conflict situations.
Recent conflicts demonstrates the serious dangers posed to civilians by attacks including through digital means. Against infrastructure essential for public services and the functioning of society.
We must ask ourselves how can we mitigate the risks posed to critical infrastructure, including core Internet resources in light of rising threats.
First, international law provide clear guidance on targeting of civilian infrastructure in the context of armed conflict. Deliberate attacks on civilian infrastructure are forbidden under international humanitarian law, including telecommunications and other infrastructure that help people to be informed and protected during times of war.
We must always uphold these obligations and be guided by international law, including the UN charter in the use of digital technologies.
Second, states have agreed to be guided in their use of information and communications technologies by a set of norms, including three pertaining specifically to the protection of critical infrastructure.
Fundamentally, states have committed not to conduct or knowingly support ICT activities that intentionally damages critical infrastructure or otherwise impairs the use and operation of such infrastructure providing services to the public.
This includes the technical infrastructure essential to the general availability or integrity of the Internet.
But responsibility rest not only with states. We must work collectively as states, international organizations, Civil Society, and the private sector. Efforts such as joint norm implementation and exchanges of good practice could go a long way. We must ensure that our digital future is not only peaceful, but inclusive for the benefit of all.
I thank you for your attention.
>> WIM DEGEZELLE: Thank you. I think that was a statement that already has a lot of content which the panel will definitely comment.
But before handing over to the panel, we're also going to listen to some case studies first. I already mentioned the -- that the Best Practice Forum developed at its first call a problem statement that we sent out for public comment or input.
Maybe if I can have the slide on the screen. Thank you.
Most important part of the slides is, of course, the QR Code where you can still provide input on the statement.
So this draft problem statement, which you can see behind me, is really the starting point for the discussions of the Best Practice Forum. It says that there is a clear and pressing need to clarify roles and responsibilities of the multi-stakeholder community, and of institutions that are active within it, in securing core Internet resources and ensuring civilian access to the Internet during conflicts and crises.
Like I said, we discussed that already at the first online webinar we had of the Best Practice Forum. Then we published it for input and feedback on the statement itself, but also some additional questions on the framework, who should be involved, et cetera.
Some of the initial feedback we received on the statement was the topic or the concept of core Internet resources. It is not clear for everyone, there are different opinions, different views on what it is, what it is not.
It is really important to probably not define, but be clear what it meant with it. To have discussions, it is important that you know what you talk about.
Also, it was mentioned by -- by one contribution that if there is ambiguity on what core Internet resources is, it is very difficult when you want to [?] norms that mention core Internet or Internet infrastructure.
Second comment we received was that stakeholders, it's clear or a term we're very familiar with within the IGF community, stakeholder, multi-stakeholders, who they are. It's important to name them, to be very clear. Also to understand that we might have a very clear idea of who stakeholders are if you come to an IGF.
But if we move outside of the IGF, other organizations that are relevant for this topic, they might have a completely different idea on who the stakeholders are.
With regard to roles and responsibilities, a comment came in we should not only look at roles and responsibilities during crises, during a conflict, but there is also an important role and important responsibilities on what happens before preparation for crises, prevention, and also what happens after crises. If you talk about access, securing resources, if there has been a crisis, something has to be fixed, whose responsibility is it.
And the last point that I want to mention is that it's very easy to say it's important to have access for civilians, but if you want to really have what discussion, it's crucial that you agree on what scope you want for civilian access.
Like I said, there is a QR Code. Please continue to provide input for this work. I mention it again, this Best Practice Forum now has its main session at the IGF, but we continue to work and we expect to publish a report by the 1st of November.
Thank you. I now would like to hand it over to Anriette who is the co-facilitator for the Best Practice Forum and will lead the panel.
We will listen first to a couple concrete case studies and then we'll get to the panelists.
>> ANRIETTE ESTERHUYSEN: Thanks everyone for being here.
Before I introduce my panel, I want to stress that everyone should know this session is fundamentally different from -- from many other sessions you've been to in that best practice forums like national and regional IGFs and Dynamic Coalitions are part of the IGF's intersessional work.
So in fact what this session gives us is an opportunity to set an agenda for the work of this Best Practice Forum for the rest of this year. And potentially should the MAG renew it, even for a further year or two.
So don't think just about what we can discuss today, think also about what we can discuss, develop, and address going forward.
So to take us down to sort of the more nitty-gritty of this, so we can begin to look at this problem statement, look at the work, we have with us really -- every moderator says that their panels are exceptional. But to my left we have Dr. Dennis Broeders from Leiden University who first developed this notion of the public call of the Internet. He'll tell you more about that.
I don't think he knew when he did that that it would actually become an ongoing process and debate and that we're not leaving him alone as a result.
Next is Madeline Carr, University college of London and also an academic, but these are not just your everyday academics. They're academics that are actively engaged in practice and in this space. Cybersecurity expert, I would say.
And then Chantal Joris from Article 19, who comes from national human rights law, national humanitarian law who is vital as we heard in the address earlier.
And next to Chantal is Marwa Fatafta. She leads access now's work in the Middle East and she'll talk to some of the on-the-ground experiences and what the impact is when these resources and when access is not protected.
Next to her, Pablo Hinojosa, a leader in the Internet tech community for the last 20 years who will talk to us about the part that we often don't think about, which is the institutional infrastructure that looks after the core Internet resources and what happens when they are in crisis.
Online to us from Palestine is Jalal. And Jalal Abukhater who is from an organization working in Palestine, Israel, who does I think probably the most -- most detailed and validated research on how social media operates and how people use and abuse social media and how the institutions that provide social media and platforms operate in context of conflict.
So to start us first, we're going to first look at the experience. So Jalal, really it's good to welcome you. I'm so sorry that because of conflict that you're not able to be with us. Please tell us a little bit more about how this destruction, description, nonavailability of access has operated and impacted in the context of Gaza.
>> JALAL ABUKHATER: Thank you, Anriette, very happy to be part of this panel and thank you for organizing the Best Practice Forum. I'm hoping for a discussion. I'll be presenting mainly on the experience that we've been documenting in terms of what's happening in Gaza.
We have been witnessing the collapse of the entire telecommunications system in real time since the start of the campaign back in 2023, the Gaza strip has experienced repeated and deliberate blackouts, including right now. But what makes this current moment particularly alarming is that it's near total destruction of the fixed land line infrastructure. As of this week in June of 2025, we're reporting daily on complete and partial fixed line blackouts across the entire Gaza strip.
The last remaining fibre route was completely targeted and destroyed by Israeli forces over the past few weeks. All redundancy has been lost, mobile networks are barely holding on and it may collapse entirely due to lack of fuel, infrastructure, and spare parts. No repair missions are being permitted by Israeli authorities. 80% of Gaza is classified as active combat zone, making technical intervention and repairs impossible. Blackouts do have catastrophic consequence.
Medical agencies cannot coordinate aid, emergency services are unreachable during this, and unable to report and civilians are left in the dark without ability to communicate or receive warnings.
More than 2.2 million Palestinians in the Gaza strip remain digitally isolated. It's not a technical failure only. This is the use of connectivity as a weapon of war, what we refer to as digital erasure. From a norms perspective, the destruction and obstruction of telecommunications infrastructure violates the principles of both international humanitarian law and human rights law.
The Geneva convention protects civilian infrastructure, access to information is a recognized human right yet there's no continuity when core services are dismantled as we see in Gaza.
We of course ask for this forum to consider how existing normative frameworks fail to protect lifelines in occupied or besieged territory.
What's happened when a state actor with control over the spectrum and infrastructure uses that power to impose violence on a civilian population. We of course urge stakeholders in this space, governments, regulators, companies, multilateral bodies to treat telecom infrastructure the same way we treat water and electricity during humanitarian crisis. We need to enforceable protections for core infrastructure under armed conflict as well as emergency mechanisms for Civil Society humanitarian actors to deploy alternatives whether it's by satellite, eSim, or portable cell networks.
Lastly, I'd like to highlight that the campaign reconnect over 16 national organizations including some present on this panel. Of course we are reporting on this repeatedly and of course we are trying to urge international action through institutions like the ITU to ensure Gaza strip connection and future sovereignty is guaranteed.
Last thing I want to say just a couple of facts and figures. According to the World Bank, the damage to Gaza's ICT sector is estimated $164 million with $736 million in losses. Short-term reconstruction are estimated at $114 million with totals reaching $460 million. Without addressing these figures seriously, no humanitarian or recovery plan may succeed.
Thank you for the opportunity to speak.
>> ANRIETTE ESTERHUYSEN: Thank you so much, Jalal. By the way, let's not keep too quickly. I know time's limited but we have to keep the captioners in mind for what you're saying.
Marwa, you've been working in access now in other parts of the Middle East, including I would like to highlight Sudan which has been deferred Internet access for years and years.
What is the experience and impact there in the context?
>> MARWA FATAFTA: Absolutely. So I want to follow up on what Jalal said and start by emphasizing on the fact that securing Internet access or depriving civilian population of that is extremely different from the familiar kill switches that we know of, you know, where an authoritarian state would simply shut down the Internet in times of unrest.
We're talking about extremely complex situations which makes our job as Civil Society trying to secure alternative connectivity more difficult.
So the connectivity disruptions that we see time and time again, and that is, unfortunately, a trend on the rise, we -- Access Now runs the global coalition of keep it on, you know, 300 Civil Society organizations working to document and stop Internet shutdowns around the world. And unfortunately armed conflict has become the leading trigger of Internet shutdowns worldwide.
What we see is that in times of conflict, warring parties see civilian Internet structure as a military target. We see cell towers, fiberoptic cables, ISB offices, headquarters, and even their ownership maintenance crews and repair crews become a target.
Gaza offers sadly a devastating example of that in action as Jalal outlined. So that's another example.
For instance, the rapid support force is one of the warring parties in Sudan. They have attacked data centers in the opposite controlled -- or territories that are controlled by the opposite warring party as a way to inflict collective punishment of civilians.
For example last year in February, the RSF took over Internet service providers or data centers in [?] which led to a compete blackout in the entire country.
And we've seen the same pattern happening time and time again. Every time they attack data centers or seize data centers or telecommunications offices, they plunge the entire country into the dark.
Another complicating factor which I think is important for us to highlight is we're not only talking about the destruction and the damage of the infrastructure itself, but also the warring parties weaponize access such as banning or restricting access to repair parts, spare parts, or critical components of the infrastructure that is needed to repair it. Or sometimes things as basic as fuel as we also see again in the context of the Gaza.
And therefore simply if you don't have electricity, you're not able to provide Internet to civilians. So the basic infrastructure maintenance becomes another political and logistical battlefield between the warring parties.
And these challenges are magnified even further in sanctioned contexts. Here I want to take Syria as a case study or as an example to mention. Now the Syrian regime has thankfully fallen, but after 14 years of war. That's left half of Syria's infrastructure in shambles. Every territory has become reliant on ISP providers and either provided by -- by one of the controlling warring parties, for example in northern Syria people rely for a long time on telecommunications and Internet services provided by the Turkish authorities. Which meant that during the earth -- the devastating earthquake that had hit Turkiye and northern Syria, the Turkish authorities shut down the Internet because they wanted to control the opposition. And the critical voice is saying, where's the government, what is it doing to help rescue people.
But it meant that people who were relying on these networks also were disconnected. And we're talking about extreme -- a moment of extreme humanitarian needs for populations.
And the question here is that, okay, you have a -- so Syria's been one of the most sanctioned countries on earth by the U.S., by the EU, that also included getting in repair equipment. It's difficult for a private companies, telecommunication companies to bring in and import equipment that they need to repair and to maintain the running of this will infrastructure, raising, again, questions about how can we secure Internet access, the very topic of our discussion today, in such -- in such contexts?
I want to also say that -- or actually let me stop here and I do want to raise a question of what can we do as Civil Society, but also as part of the IGF multi-stakeholder fora in order to calm these very pressing challenges when it comes to Internet challenges in conflict zones.
>> ANRIETTE ESTERHUYSEN: Thanks for that. We do have limited time, but we will come back to you.
Pablo, you have a very different type of disruption to discuss.
>> PABLO HINOJOSA: Yes. But first I would lake to advocate for the continuation of the work of the Best Practice Forum next year. Regardless if the IGF mandate is renewed or not, I think it's important work that needs to continue.
And apart from the premise that all of us here, and I really hope it is true, if not you are in the wrong forum, we're all in full agreement that we want to protect the public core of the Internet.
If not, you are really in the wrong forum. So I depart from that premise.
My argument here today is that protecting the core of the Internet also includes a protection of the institutions that make it work. And I will come from the angle of resilience, because Internet resilience is not about networks and cables, infrastructure. Because it's also about people. People and organizations.
And let me talk about a concrete example. It's a striking example and this is the case, the regional Internet industry for Africa. For more than two years they endured prolonged period of uncertainty, legal proceedings, governance deadlock, leadership gaps, they all have prevented it to function as intended.
And yet through this adversity, basically services have continued. The absence of a CEO, the absence of a decision-making board has presented big, big challenges. And it is only thanks to the commitment of the staff and its people that the organization has continued to provide these basic services.
For that commitment which is usually not recognized or not recognized enough, we should all be and the Internet should be very grateful.
A functional IOR is needed for functional stability, because when institutions like them struggle, it's not a local issue on a single jurisdiction. If a registry cannot operate properly, it's harder to trust routing information. It's easier for cyberattacks to happen. That not only affects Africa, that affects the global Internet.
So what we've seen in this example is that witnesses doesn't always come from infrastructure, it can also come from weak governance, legal pressures in specific jurisdictions or the lack of multi-stakeholder community support. Or enough support and pressure from the community.
And I say that when this happens, the multi-stakeholder model, the model that we have built for more than 20 years not only at the IGF, but also so protect the Internet may not be strong enough on its own. That's the premise that I would like to put forward.
And this should be a wakeup call, not just for Africa, but for all of us who care about the resilience of the Internet. If -- it challenges the long-held view that the best way to protect the Internet is through noninterference. Sometimes noninterference is not enough. And inaction too can cause harm.
So it's definitely time to think about positive protective measures, and I will hope that the next part of the debate will talk about it.
And to help these institutions stay strong when they're under pressure.
So my point is, we want the Internet to stay open, stable, and secure. If we want Internet resilience, we have to support the people and the institutions that make that possible.
>> ANRIETTE ESTERHUYSEN: Thanks very much for that, Pablo.
Now we are at the Internet Governance Forum and we do talk a lot here about norms and governance frameworks. So I'm now turning to our norms and governance expert. Just listening to this and listening to these different types of cases and of them some of them a little bit different dimensions, what is your view on -- on existing normative frameworks, soft norms, hard norms? Are they sufficient? Is it clear who they apply to or how compliance is measured and assist? And maybe you don't all have to comment on this, but those of you that have looked at the public called norm and work around that, does it apply to this context?
Dennis, let's start with you, then we'll go to Madeline and then we'll go to you, Chantal.
>> DENNIS BROEDERS: Thank you very much. So the cases are very different and the normative framework is very different. I will focus on the most global ones. There's three major ones I would lake to flag. Some really short because others will speak to it.
So there's the law of conflict, human rights law and the protection of critical information infrastructure in a global sense that gets us to the public core.
So international humanitarian law, it always surprises me how little protection there is for critical infrastructure when you really look at it. Proportionality is extremely stretchy, that's one. Human rights law would be extremely relevant for the Gaza case and extremely relevant for the Syria case. Both of these will be addressed by Chantal, so I'll leave those to the side.
Third is the protection of critical Internet resources and infrastructure. That's the public core. And you're right, when I wrote this more than ten years ago under the beams in a think tank I did not think I would be ten years later here still doing this.
But fair enough.
There has been a debate since 2015 on the idea of the public core of the Internet, right. So the protection of core Internet resources and infrastructure that should be exempted from intervention by states.
So in my original conception, I saw the core Internet protocols of infrastructure are a global public good and should be treated as such.
It's important to stretch and Pablo did that, the public core number is a negative norm. It's a thou shall not norm. That means it's a political implement, right? Implementation is hard when it comes to political norms. And the framework of norms is not necessarily helpful to the debate whether it comes to negative norms.
The focus is on large scale and transnational disruption of the Internet, like Pablo highlighted in that case.
So for example, if you see how the debate developed, Gaza, for example, would not necessarily be the best fit. Human rights law would perhaps be a better way to look at it.
The debate stated in the Netherlands, it went to the Internet society, to the global commission on stability of service, which you were a commissioner. Multi-stakeholder instruments like the Paris, EU, UN, a lot got translated, adapted, some things got lost in translation, that's how it works.
But the central idea still is how do we protect the integrity and the availability of the global Internet, right? That's how it's formulated at the UN. Also in the draft report of the [?] which came out last week. Sometimes it's policy in the EU, for example, but mostly it's a framework.
For this community, in the 2020 GGE report was the first recognition by diplomats and states that there is such a thing at transnational critical infrastructure.
>> ANRIETTE ESTERHUYSEN: GGE is the group of governmental experts of the first committee of the UN. So it's a fairly strong instrument.
>> DENNIS BROEDERS: Yeah, it's the first committee, the security diplomats are doing that. But for diplomats, this was a big thing because critical infrastructure is a national prerogative. You decide what it is, right?
When I look at the protection of the core of the Internet, I always look at three layers. So the technical, physical infrastructure. Then logical infrastructure and the organizational level which is where I want to end up.
If we look at the technical level, the physical infrastructure is being connected to the core of the debate. When we talk about the Internet infrastructure, physical infrastructure, that's coming to the. Some of that is hype. We had a discussion on Day 0 where they said intentional harm is fairly rare when it comes to cables, hasn't changed that much. It's real, it would have devastating consequences, it happens, but there's a lot of hype.
The other thing is for politics, for diplomacy, also to a certain extent for academia, there's Bate of Columbus fallacy. There's a lot of policy in place. They did not start yesterday because the rest of the world discovered this is a critical resource. There's a lot in place.
At the logical level you heard ad nauseam how the protocols of the Internet are not designed with people in mind. That's something we say to each other a lot. That makes it vulnerable but a lot of work have been done in the Internet community to fix these things.
Lastly the organizational level, I think it's an interesting one and then I'll stop.
If we look at Ukraine, for example, right, there's a lot of pressure on Internet Governance organizations to take sides. And we all know the Ukrainian request to ICAIN and UCC. They rejected that on the basis of we are caretakers of network continuity, basically. But it is outed as a possibility, right.
The positive one on this front is that states in the case of Ukraine have said, okay, so-called Internet carveout, the U.S. said that, the G7 has said that, to not sanction these organizations in order to create continuity, but as other speakers here have already said, that there's not for example apply to Syria has happened.
So that's different.
The case Pablo mentioned is also interesting, because one potential logical conclusion from what happened there is that why don't you move it from Mauritius to say Kenya for example, right? That would make sense to a certain extent. But that would also mean that for the first time you would indicate to the world that the organizations responsible for the key resources of the Internet are a moveable feast. You can put them here, it doesn't matter. That would open a debate that we haven't seen yet. That's also an interesting one.
The last one, sort of connected to, the fact that these organizations have so far been relative unsanctioned is based on a Tassett scenario. If anyone tells Donald Trump that can he turn off the Internet because of ICAIN, I'm not sure what he would do. I'll leave it at that.
>> ANRIETTE ESTERHUYSEN: Thanks. Madeline.
>> MADELINE CARR: Over the course of the last year or so, we've been studying these cases, in particular the Russia/Ukraine case where the Russia request that the Ukraine Internet be shut down. The Gaza infrastructure has been destroyed and there's been no -- they have not been allowed to repair it.
And the AFRINIC case we could say that interference, organization of the public core.
And we've been looking at how does the multi-stakeholder community cope with these situations of conflict and crisis. And I thought it was a very good point that Pablo paid about considering these things not just simply in kind of technical or global institutional capacity, but thinking about the people in organizations that make up the maintenance of the public core.
Because in fact, the reason that resonated with me is because that is the debate that happened in cybersecurity maybe ten years ago when we used to think of cybersecurity as a technical problem with technological solutions and then we now realize that's just simply not the case.
So I think that's a very good point to keep in mind when we consider these, because norms, of course, and international relations generally are social processes.
They're about human beings and organizations. Of those three cases that we looked at, it was -- it was clear that there is a risk of interference to the public core from both state and non-state actors. And even private individuals as demonstrated in the case of AFRINIC.
But it became clear to us that there are circumstances in which these relevant, non-state actors, the multi-stakeholder community, really needs to be quite significantly more proactive in protecting the public core, if the multi-stakeholder Internet Governance model that we have worked to develop over the last 20, 30 years is to function as intended.
And if it can't function as intended, then we need to be honest about that and we need to talk about what can change. You know, and really through these three cases, there were two big things that became apparent to us. Well, three really, but in the Ukraine/Russia case and the Israel/Palestine case, they both confronting this very concrete scenario that the norm to protect the public core in many ways emerged from, and that was this concern of states taking steps to interfere with essential Internet infrastructure to the detriment of another state or to, you know, undermine wider Internet functionality.
In those two cases we saw different outcomes. So in the context of the Ukraine/Russia case where the challenge to the public core was predominantly focused on the software protocols and services, we could say that the multi-stakeholder community really performed quite well. There was a very -- there was a public conversation about the request, the responses from ICAIN and NCC were very articulate and they were publicly available.
And I suppose we might say that they functioned as we would expect them to in such a situation.
However, in the context of Gaza, when -- in a way the threat to the public core comes through the hardware, we haven't seen any -- any real response from the multi-stakeholder community.
A sense that community seems kind of unable to respond to such a situation, and it -- it appears to be completely unprepared to promote the protection of the public core in a context like that.
Now, there's another element to that, I think that sometimes gets missed here, which is that prior to the destruction of the hardware in Gaza, the public core was already wholly dependent or significantly dependent on Israeli infrastructure. And despite agreements to the contrary, that had never been remedied by the multi-stakeholder community.
So they were left in a very precarious position when this happened.
And then secondly, Israel has been able to exert this kind of military force to destroy the physical telecommunications infrastructure to prevent the repair of it, and to prevent even the private sector when Star Link made an offer as they had done in Ukraine to prevent that alternative solution from being implemented.
So this leaves us, then where are this pretty central question that we really do need to discuss in this context of crisis and conflict. Is the multi-stakeholder community either willing and/or able to respond to crises like this. If it is and if it can, then how?
What should happen that hasn't happened in such a context?
And if it isn't able to, then who is responsible in such a situation? Because this -- these examples have really highlighted that there is quite a significant gap here in situations like this.
>> ANRIETTE ESTERHUYSEN: Thanks very much, Madeline.
Chantal, from the perspective of international law, human rights law, humanitarian law, what is your view?
>> CHANTAL JORIS: Yeah. Thank you.
Perhaps thought by the fact I always when we talk about these, you know, conflict situations coming in as an international lawyer, I do find it challenging these days because international law is in a massive crisis that, okay, I can tell you about the rules but compliance is totally inexistent.
So maybe also by starting by protecting those institutions that protect international law, the International Criminal Court, United Nations, this is like the prerequirement for being able to protect what we're talking about today as well. And obviously, you know, the questions around double standards also come up.
I want to talk a bit first with international human rights law and then humanitarian law and where I see a bit of a gap. I will not go too much into questions around extraterritorial application of international human rights, which obviously international armed conflicts can become a topic.
Also we've heard for example in Sudan the question of non-state actors and also again their human rights obligations can be a bit of a tricky one. So I will just try to make a couple of concise points but legally speaking, it's always very complex when you have these overlapping frameworks and then you apply them to different type of actors.
So on the international human rights law, I would say it's -- it's reasonably straightforward in principle any -- any restriction on freedom of expression and the right to share and receive information, including Internet-based restriction need to be based on the test of legality, legitimacy, proportionality. And others have been quite clear when we look at blanket shutdowns, the indiscriminate and widespread effect on the population is such that they're basically can never be justified under international human rights law.
And this has been also explicitly confirmed, for example, by the freedom of expression mandate orders also in context of armed conflict.
Now of course in armed conflict we also need to consider international humanitarian law, which does not provide any explicit protection of Internet access and it also does not provide any -- contain any explicit prohibition on attacking Internet infrastructure or restricting Internet access.
There are certain rules that are relevant depending on the situation, for example, common Article 1 of the Geneva conventions which says parties need to respect international humanitarian law. For example, Internet shutdown specifically implemented to conceal violations of humanitarian law could be a violation of that provision.
The protection of humanitarian organizations and hospitals which is also explicit under international humanitarian law is contingent on them being able to access ICT infrastructure properly and operate properly. In those aspects we have certain protections.
I want to go and then from this a little bit and it has been mentioned around these questions of the rules on attack. Humanitarian law says there's a prohibition on attacking civilian objects, the principle of distinction and also where military objects are attacked, the proportionate needs to be considered. There can't be excessive incidental harm to civilians and civilian objects as opposed to the direct military objects.
Here's the challenges that ICT infrastructure is often considered as so-called dual use. I think Marwa, you mentioned it often considered military objectives.
And so if it's used by both civilians and military, technically speaking, it does mean that attacking it can provide a military advantage. So under the principle of distinction it could be allowed.
What I see sometimes particularly under humanitarian law is that it's often considered late at the end of the discussion. We forget this that there's the proportionality requirement. And we have two challenges. On the one hand, as has been mentioned, the human rights lawyer will do a very different proportionality assessment and consider civilian injury as opposed to military advantage than maybe someone working as a military adviser.
It's a stretch -- a concept that can be stretched. It's in the eye of the beholder in a sense. So we have different assessment of that.
The second challenge is of course really being able to assess the knock on effect. What is really the impact of an Internet shutdown. Who can't call the hospital? What is the psychological impact? What are all the knock-on effects. The banking services not operating. So that takes that assessment a little more challenging.
Here I think as well we need to work more to -- so the problem is in the end you might have a situation where under human rights law, which is recognized in armed conflicts as basically quite clear assessment, you can impose such a shutdown. And at the same time under the humanitarian law you're, well, maybe. We have very little to limit these -- those attacks in a specific setting.
So I think we need to be more conscious of that and work more towards really a systemic integration of these two legal frameworks and consider the human rights impact as well in a proportionality analysis and within also a proper humanitarian law.
I think that's also something that the BPF could highlight, there is a gap to understanding how these frameworks begin to relate.
>> ANRIETTE ESTERHUYSEN: Thanks very much, Chantal. And in fact, I mean, it's so interesting to hear this, because amongst all of you you've outlined the potential and the limitations of on the one hand the multi-stakeholder commitment to an interoperable, available, free and open Internet, and also international law.
And maybe, maybe this is, you know, where the IGF and this Best Practice Forum comes in, is to explore whether, in fact, by being looking at both and working with both together, you could perhaps fill some of the gaps and strengthen some of the weaknesses that exist in each of these dimension with the goal of ensuring availability, accessibility, and protection.
We didn't have a lot of time left. We're going to come back and I'm going to ask all of you, and you to, Jalal, who you would like the BPF to do about the problem statement.
But now first time opening to participants. And is there anyone online who has a question and wants to make a comment? We have some people in the room. Please do participate. We really need your participation. Not just today, but also remember this is an open and inclusive process. Every one of you online and in the room can join this work and participate in it.
Shall we start over there. Please introduce yourself.
>> MILTON MUELLER: I'm Milton Mueller, I'm a professor at Georgia Tech and Director of the Internet Governance Project. I want to take up something that Pablo said and something that Madeline said. I think part of the problem I have with the direction they went goes to Dennis's bad definition of the public core, right?
So I think he got some things right and if you're talking about the IANA registries, the protocol level, layer 3 and above, then you're talking about a global, public core of Internet resources.
When you talk about physical layer, it is neither -- most of time it's neither public nor core in the sense that all physical facilities, all cables are local in some sense, territorial, and do not -- you can knock a cable out over here, it does not affect the global Internet.
So that is, to my mind, the answer to Madeline's question, which is why did the multi-stakeholder community not deal with the destruction of physical infrastructure as opposed to the Ukraine situation?
Well, it's because the multi-stakeholder community by which we I hope mean the Internet institutions, the non-state actor, they have no authority over the physical infrastructure. They have no authority over the ability of the Israeli military to destroy things, right?
And I wish we did. But we ain't gonna get that authority any time soon.
Whereas, we do, this is one of the reasons why I'm a big supporter of the Internet institutions, we have removed the IANA registries from the control of nation states. And so that gets me to Pablo, which is like Pablo, be careful what you wish for. You asked for positive protection for the Internet institutions kind of like where is that going to come from?
I can see just to use a particular nation state example, I can see the United States saying, you know, we're going to protect the Internet institutions by taking them over and incorporating them into our jurisdiction. Because otherwise they might be threatened. In fact, that was the argument that was made against the IANA transition, if you recall the Congressional debates of 2016.
So we got it out, we got it free, noninterference --
>> ANRIETTE ESTERHUYSEN: Time.
>> MILTON MUELLER: -- is what you want. Noninterference. Please stick to that principle.
>> ANRIETTE ESTERHUYSEN: When we talk about the Internet multi-stakeholder community, we're using the IGF definition, which is everyone private sector actors, local authorities, Civil Society organizations. We're not talking about the institutions that are established as institutions.
Next, please. Anyone online yet? No.
>> EDMONG CHUNG: Edmond Chung from DOT Asia. Little bit picking up what Milton said, but slightly different. I guess of course the -- the global multi-stakeholder community wouldn't be dealing with those issues, but the question posed earlier was whether the multi-stakeholder governance institutions can respond to some of those challenges.
I think it is, yes. If you look at the Ukraine situation, I think ICAIN responded well. If you look at the AFRINIC situation, the same threat was posed to IPNIC, and the stakeholder model responded well. When it was posed to AFRINIC, it was before this wave of challenges and, you know, we are still stuck in that particular situation.
The bigger question I think should be asked is how we, you know, build up the multi-stakeholder model to respond to these challenges. Of course we're not talking about bombs and stuff.
But the Internet continuing to operate, that's what we're talking about. And I think we can. The question is, how we strengthen it and build it further up. Both the governance component and the operations.
>> ANRIETTE ESTERHUYSEN: Yeah. Thanks, Edmond. No other responses.
Yes, let's hear your responses to that. I think also Milton's question, even assuming one agrees with Milton's definition, is that good enough? Do we want to keep it that way? Is that status quo, the status quo, we want to maintain or do we think to need to think about adjusting it.
We have about 15 minutes left. Let's have a quick round of responses, and then please let's hear more from you as well. Pablo, you go and then Dennis.
>> PABLO HINOJOSA: We have practiced this before, so as always, Milton, your provocation is welcome and necessary. And I think you caught the gist of the problem or the conundrum that we're facing.
I was very careful not to suggest state actor interference. Something that's very clear in this discussion is that there are times that some things need to be -- someone needs to come to the rescue, right?
And I'm very much against the solution that I single state. Very much against multilateral or intergovernmental solution. We agree on that. And I think we agree on that in the work that Madeline, Dennis, and Anriette have been thinking.
But I'm very much in agreement with better leadership and assertiveness. And imagining solutions. And I think that is exactly the purpose of the discussion of positive measures.
The solution, I don't know, but I think we have the intellectual capital -- we should have intellectual capital to say, in these cases things have gone wrong. And what is it that we're going to do as a multi-stakeholder community and when institutions fail.
Of course, we can say do not open the Pandora box. And we have talked a lot about should we open the Pandora box, should we not open the Pandora. Is this dangerous or not dangerous.
You're right to say keep it closed. I'm suggesting, let's discuss.
>> ANRIETTE ESTERHUYSEN: Dennis.
>> DENNIS BROEDERS: Maybe a few points. Milton is right in the sense that the protocols are the pure public good. They're not territorial in any sense. You wrote it in 2019, I wrote the same, that's where we agree.
The other thing is, when you look at infrastructure, you're right, all infrastructure in the end is somewhere within territorial sovereignty, right? That is absolutely a given. That is also why it's a norm restraint. That's the reason white formulators in a sense, that infrastructure may be on the territory of a certain state, that does not necessarily mean that in a legal sense, yes, they have jurisdiction over all that infrastructure. But we have to take into consideration that because it is a joined up system, because it's a system of systems, if you do certain things, it will have trans boundary effects, right?
Is it within every country's legal remit to have -- do things that have trans boundary effects? Strictly speaking, yes. But there's also due diligence obligations. I know Americans are not fond of due diligence obligation because they're there. There's also trans boundary harm. Do no harm principles.
For example, I use the example more often, if you look at rivers, right, nobody disputes that the river rind goes you there Germany and Netherlands, et cetera. There is territorial jurisdiction. However, if you dump something in Germany, it's going to end up in the Netherlands. So there's an idea maybe it's not territorial sovereignty. There's trans boundary effects. And that's one of the reasons why we talk about norm restraint.
The last thing is, okay, if you move these things to a multilateral institution, you get a different governance. I totally agree. But they are already in a jurisdiction now, right?
AFRINIC is in a jurisdiction of Mauritius, that has consequences. So it's not like they're outside of jurisdiction at the organizational level. The protocols, yes. They're not territorial in any sense. But the organizations in the end of also within jurisdiction. There's no way around it. There will always be jurisdiction.
>> ANRIETTE ESTERHUYSEN: Any other questions from the -- from the floor or...
I think then let's now go back to our panel and if anybody in the room wants to make a suggestion -- oh, there is someone there. Please, we have voice from Norway, I'm very happy to hear that. Go ahead. Introduce yourself.
>> JUN: Hi, I'm Jun, Norwegian guy. I'm cross-sector and also hand radio operator and software engineer. So this is more of a technical thing than a policy thing.
But I think what should happen a lot in emergency situations like active [?] areas is if there was more policy towards enforcing, like, technologies [?] like having folks be able to talk to each other, it's one of them has access to the Internet, some low boundary transmit information, because you don't really need in an emergency situation unless you want to text, like you need to be able to say to one person, hey, I'm out there, I'm not.
But just for emergency usage.
>> ANRIETTE ESTERHUYSEN: Thanks very, very much for that.
So the panel, to everyone, and maybe we can start with Pablo and then we'll go on to -- and end with you, Jalal.
Listening to this and based on the problem statement, the feedback that we've had on the problem statement, what would you like to see? What do you think will be useful work for this Best Practice Forum to do? To explore, to develop, to research, to bring people together around going forward. Pablo.
>> PABLO HINOJOSA: I think the current report triggered this discussion, and this discussion has a lot of questions to answer. So I'm -- I'm in favour to continue to work on these questions.
I'm also conscious about what Milton says. I mean, opening the Pandora's box, particularly in an environment that, as our colleague said, is not very much in their favour of [?] or international cooperation or things like that.
And is. Right time? It's not the right time. I'm conscious about it. But that doesn't mean that we shouldn't be worried. And that's, I guess, the work that is happening, whether we can have some more imagination.
>> ANRIETTE ESTERHUYSEN: Pablo, a quick follow-up question. You've been working with the Marconi society on exploring Internet resilience as a concept and as a process. Do you see this work as being relevant to overlapping in some way with the notion of Internet resilience?
>> PABLO HINOJOSA: Entirely. I really would love you to refer to the video of yesterday's conversation, because it has a huge intersection in terms of what could go wrong and how can we take preventive measures and risk mitigation issues and who is responsible to fund and invest on those preventive issues that allow us to have resilience mindset.
This is again not only in the infrastructure, which is privately owned and difficult to regulate, but still has a lot of interdependencies. And we have to cover for those interdependencies one way or another. And that's kind of the work that we're doing in the Marconi Society we triggering these discussion as we did yesterday. 139 is the keyword, just look for it and watch the video.
>> ANRIETTE ESTERHUYSEN: Thanks, Pablo.
Marwa, do you have suggestions?
>> MARWA FATAFTA: I do. And I want to bring the conversation back to the people. People on the ground who are impacted by shutdowns. And actually as we speak, Palestinian telecommunications companies has warned that they are going to face yet another complete blackout because they are simply running out of fuel.
So my question is here, and that's the question that also communities ask us as Civil Society, how can we get connected to the Internet. We need it. It's a lifeline. It's a lifesaving tool.
And here, unfortunately, of course we can advocate and we can issue public letters and statements that go into this wild universe we don't know even who's reading them saying this is a warning sign, we need to act together.
We can, again, time and time again highlight the detrimental impact of Internet shutdowns and how they violate IHL, how they violate human rights.
But we can in some cases provide eSim cards, foreign sim cards, cross-border connectivity. But those often are unsustainable solutions and they tend to come to small pockets of individuals such as generalist and human rights defenders. Engaging with the telecommunications cluster, they do vital important work but they are restricted to providing connectivity to humanitarian actors and not the wider population.
The question here, is, then again, some cases, communities are really finding themselves such as in the case of Sudan, having to rely on Star Link because they say, okay, we know it's creating a new private [?] dependencies which expose already vulnerable populations to further vulnerabilities because, again, we are dependent on the whims of a one tech billionaire who as in the case of Gaza said I'm not going to provide Star Link to the population in Gaza because the Israeli minister of communications tweeted, don't you dare.
And he also threatened to withdraw a Star Link from Sudan, even though it wasn't licensed then. And from Ukraine. So that's also not an alternative solution to us.
What I think we really need right now is a multi-stakeholder mechanism where we can go to states, technical community, private actors, private telecommunication companies and Civil Society to say there is a crisis in X country, we need funding, we need political leverage sometimes on legal -- or on warring parties to let repair equipment in.
And also finally I also totally agree with the point you raised, Pablo, that's what I've been thinking in context to Israel and Gaza, we need to think beyond this armed response. Armed conflicts are becoming increasingly retractable, thank you, and they're having an open-ended nature.
Which means when we're talking about the collapse and disintegration of telecommunications at such a level, how can we provide the resilient and independent infrastructure? In the context of Gaza, some telecommunications from previous rounds of war said, okay, we're going to run out of fuel so we'll have emergency batteries. They never expected that there would be an unfolding genocide for a year and a half.
These are some examples where we can think at a technical level how can we build resilient solutions to prevent and help communities get connected once Internet becomes a weapon of war.
>> ANRIETTE ESTERHUYSEN: Thank you. That's an excellent statement that we can look at.
>> DENNIS BROEDERS: They've been talking about it for a long time, I've never been on the same panel as you who look at that time from a different perspective. I think it's incomplete if we don't have this conversation. I think also the role of corporate power is an extremely important element in all of this, that should also be considered as we move forward. And I will pass on.
>> ANRIETTE ESTERHUYSEN: Madeline.
>> MADELINE CARR: I'll be quick because I want to leave time for Jalal. I would just say my -- my hopes for this in the future is that we can please, we can please continue to have difficult conversations. And not avoid things that make us uncomfortable. Because there's -- I think in the Internet Governance community there's been a lot of stuff off the table and somehow sacrosanct for too long and that's not helpful. We need to get together in places like this and talk about the things that are uncomfortable.
>> DENNIS BROEDERS: Be careful what you wish for, but that supposes that the world hasn't changed. But it has. It's a different world in terms of multi-stakeholder community. We have more cables and redundancy, but we have less companies that do the cables. If one of the companies, one of those is gaining in power, companies wading in the Ukraine conflict without being asked, companies doing certain things or not doing certain things because they're asked by government. It's a different world out there and that has impact on how we can look at these things and what we can and cannot do.
>> ANRIETTE ESTERHUYSEN: Thanks.
And Jalal, you're with us actually. Almost not with us as a result of what we are talking about. So what would you like us to do?
>> JALAL ABUKHATER: Indeed. Thanks for this conversation. I want to stress on my colleagues and on the panel the points made are points I support. Of course there are gaps when we're doing this protocol. Enforceable norms are looking. There's no protocols for protecting the infrastructure. And there has to be consideration for how can we empower other actors, local actors, Civil Society, technically and diplomatically to explore the blackouts to [?] see how they can be deployed. And that's to the point of my tele colleagues supporting them and thanks for the time.
>> ANRIETTE ESTERHUYSEN: Thanks very much, Jalal. Time is up and I'm sorry we couldn't give the floor to everyone. We will have an online webinar, I think it will be in the first half of July where we are going to continue this discussion. We'll invite other IGF workshops because actually some dealt with undersea cables, some dealt with resilience and some dealt with conflict and human rights. We'll bring them together and we will then consolidate all the feedback and input and develop the agenda.
So anyone who wants to join this BPF, just stand up so they can see you, she opened the session for us. I think Valeria is there from APC. Please do your email or find out how you can join. Thank you very much, everyone. I think it was extremely rich, I think we got a lot.
(Applause)