Thank you Julf, I was hoping to hear (see) you chime in.:) I will be sure to share your message with the At-Large (Capacity Building Working Group), thank you very much for the links and details. With the help of the At-Large staff we believe to have been quite efficient in running webinars on current issues so I would be inclined to stand by the offer, should this be useful for fuelling policy discussions. The webinars are open to the whole ICANN community and all input is always most welcome. Happy to hear what you and others think. All best wishes, Joanna W dniu 15.11.2020 o 13:00, ccwg-internet-governance-request@icann.org pisze:

Send ccwg-internet-governance mailing list submissions to ccwg-internet-governance@icann.org

To subscribe or unsubscribe via the World Wide Web, visit https://mm.icann.org/mailman/listinfo/ccwg-internet-governance or, via email, send a message with subject or body 'help' to ccwg-internet-governance-request@icann.org

You can reach the person managing the list at ccwg-internet-governance-owner@icann.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of ccwg-internet-governance digest..."

Today's Topics:

1. Re: Digital Sovereignty in Russia (Johan Helsingius)

----------------------------------------------------------------------

Message: 1 Date: Sat, 14 Nov 2020 13:17:57 +0100 From: Johan Helsingius <julf@julf.com> To: ccwg-internet-governance@icann.org Subject: Re: [ccwg-internet-governance] Digital Sovereignty in Russia Message-ID: <c5e43a72-5e95-05df-71cf-608811c43763@julf.com> Content-Type: text/plain; charset=windows-1252

Joanna,

Not only do we have RIPE co-op WG members here, but at least one of the co-chairs. :)

Maxim actually spoke about this in the Co-op WG session at RIPE81 a couple of weeks ago - the talk is still on-line at https://ripe81.ripe.net/archives/video/441 (slides at https://ripe81.ripe.net/presentations/46-RIPE-Meeting-Coop-WG-Sovereignty-as...)

We are of course very open to co-operation (as it is even in our name :)), but actually organizing a webinar might be more the task of RIPE NCC.

Julf

On 12-11-2020 13:26, Joanna Kulesza wrote:

...

Dear all,

following up on the discussions we've had around regional regulatory trends and their impact on IG this latest insight from RIPE's Maxim Burtikov might useful. It includes references to local plans on banning DoH/DoT which might be of particular interest: https://labs.ripe.net/Members/maxim_burtikov/russia-regulatory-update (I'm also inserting the text herein below for your direct reference).

I realize we have RIPE Cooperation Working Group members on this list - curious if it might be useful to join forces and explore the impact this legislative initiative might have on global IG (if any). Should we be looking for a venue for such discussion, let me note that the At-Large always welcomes IG related discussions, be it just in the form of a capacity building webinar as a starting point for further policy discussion.

Many thanks and all best wishes, Joanna Kulesza ----------------------------------- Russia Regulatory Update Maxim Burtikov ? 11 Nov 2020

This is the first in a series of updates on Russian Internet regulation where we?ll be bringing you a brief overview of the most pertinent digital policies currently being proposed, debated and implemented in Russia. While we?re not aiming to give a complete overview of all of the existing legislation, we?ll be covering those provisions and trends most likely to impact, and so be of interest to, the RIPE Community.

If there?s an overarching trend in recent Russian regulatory developments, it?s the focus on digital sovereignty and the demand for more local knowledge and control over the Internet infrastructure and data. Legislative proposal on banning ?masking web-protocols? (TLS 1.3, DoT, DoH...)

On 21 September 2020, the Ministry of Digital Development, Telecom and Mass Communications introduced a new legislative proposal to ban the use of encryption protocols that effectively secure and mask DNS queries ? such as DNS Over TLS (DoT) and DNS Over HTTPS (DoH). Motivating this proposal is the concern that users may be able to access content that is blocked in Russia by using these protocols.

According to the proposal, there would be a requirement to block any Internet resource using such protocols within one working day of finding out that these protocols were in use. How exactly this blocking might be done has not been specified, but other existing legislation for illegal content blocking allows for a broad spectrum of methods ranging from blocking specific URLs all the way to blocking the entire IP address ranges that host the service. It is also unclear from the text of the proposal what is included under ?Internet resource?. The term itself is usually used to describe websites, but listed protocols can be used, for example, by a browser.

The Minister commented on the proposal, saying that while it is obvious that DNS encryption protocols have certain advantages, it is also clear that they can be used to bypass the established content-blocking and parental control mechanisms. He also called for a compromise to be found between public and private interests.

The bill was published for public comments (deadline was 5 October 2020). The RIPE NCC took part in an industry consultation meeting which presented a document with comments from the industry. The industry has voiced concerns, for instance that direct implementation of the initiative might effectively lead to a ban on encrypted traffic.

The initiative follows the planned Internet security drills, which took place earlier in 2020, which were used to train to block DoT and DoH traffic. Such drills are conducted regularly with major ISPs participation (see more on this below). Sovereign Internet Bill

Federal Law #90 (1 May 2019) aims to expand knowledge and increase control over local Internet infrastructure, including establishing new means for blocking illegal content.

According to the law, all ISPs, owners of technical networks, AS holders, IXPs and owners of communication lines crossing the national border must install special equipment on their networks to be provided by the regulator. That equipment will be used to block illegal and forbidden content.

In case of an emerging threat to integrity, security, resilience of local segment of Internet, the regulator is authorised to manage traffic routing directly or to provide obligatory routing policies to ISPs, AS holders, etc.

Operators, ISPs, owners of technical networks, AS holders, IXPs, and owners of communication lines crossing the national border must report their ASNs and respective IP addresses, routing policies, local and foreign network infrastructure, and so on, to the regulator.

IXPs are required to register with the regulator and follow regulatory rules, including rules regarding their resiliency and the stability of their operations. ISPs need to peer only via officially registered IXPs or via direct peering, which has to be reported. IXPs must not let clients connect to their network if they are not fulfilling the provisions of the law

Additionally, the National Domain Name System - characterised as a ?complex/combination of interconnected software and technical means used to store and provide information about network addresses and domain names? ? has been established. The aim of the system is to ensure that local connectivity and reachability of web resources remain intact if foreign DNS infrastructure becomes unavailable. It must be updated no less than once every 24 hours to ensure that it contains up-to-date information about domain names and respective IP addresses.

The law also formalises Internet security drills, which will be hosted regularly with participation being obligatory for ISPs and operators. One of the drills scheduled for early 2020 was intended to train systems to block DoT and DoH traffic, as mentioned above. There were four drills planned for 2020 in total, but because of COVID-19 none have yet taken place.

The local database of all Internet resources is currently being compiled, with all ASN holders receiving requests from the regulator to report the above-mentioned data about their resources and infrastructure. It has been officially noted by Russian government officials that the law is aimed at establishing more security and resilience of a ?Russian segment of Internet?. Anti-Terrorism Bill

Federal Law #374 (6 June 2016), part of the so-called 'Anti-Terrorism Bill', included new regulation on legal interception and Internet data collection. It has expanded what data needs to be stored and how. The law is not new, but part of its implementation is being postponed due to COVID-19 and its economic impact on the industry.

According to the law, all metadata about packets being sent, received, delivered, or processed, as well as respective information about users, must be stored for one year by Internet companies or for three years by licensed telecommunications operators.

Internet companies and operators must store content - all voice, images, texts, audio, video and any other type of information for six months from when they were sent, received, delivered, processed.

Since traffic volumes are growing rapidly, operators must increase their storage capacity by 15% annually in the next five years after data storage equipment has been installed. If packets are encrypted, then decryption methods and information must be provided to law enforcement agencies (the blocking of Telegram was based on that provision).

All of the mentioned data needs to be stored using locally certified data storage equipment, and law enforcement must be granted direct access to that information.

The Russian government has made several postponements to the date of when the collection and storage of data needs to begin, and to the deadline for storage capacity increase - the industry is asking for a deadline postponement because of the economic impacts of COVID-19, and considering the size of investment needed to deploy data storage equipment in full accordance with the law. _______________________________________________ ccwg-internet-governance mailing list ccwg-internet-governance@icann.org https://mm.icann.org/mailman/listinfo/ccwg-internet-governance

_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

------------------------------

Subject: Digest Footer

_______________________________________________ ccwg-internet-governance mailing list ccwg-internet-governance@icann.org https://mm.icann.org/mailman/listinfo/ccwg-internet-governance

_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

------------------------------

End of ccwg-internet-governance Digest, Vol 83, Issue 9 *******************************************************

-- Kind regards, Joanna Kulesza ------------------- Joanna Kulesza, PhD University of Lodz, Poland ICANN ALAC Vice Chair SOI: https://community.icann.org/display/atlarge/Joanna+Kulesza+SOI TT: @KuleszaJ