The second workshop I attended dealt with the protection of online consumers and the discussion was focused on the challenges for keeping the users safe online.
What I particularly enjoyed about this workshop was the very strong and well defined position of an UK MP. Here’s one illustrative quote: “Legislation does not always work. Law rarely prevents what it prohibits.” When addressing the issue of whose job is it to protect users, he outlined the fact that what is needed is the sort of processes that IGF is providing – collaboration among all stakeholders.
Another good point raised during the workshop was that users should have the right to require the removal of online personal data, even if the data were collected with the approval of the data subject.
In the traditional model, we define our own data sets and processes and try to protect them only. But protecting your own data will only delay the inevitable in the online world. There is a need for preemptive actions to be taken at the level of the entire network, instead of mitigating actions.
The discussion also tacked the so-called clash between security and privacy: is there a zero sum game between security and privacy? The speakers tended to agree that this is not the case, and that both of them can be accomplished in the benefit of the end users.
A somehow controversial measure taken by some states in their attempt to tackle cybersecurity threats is the registration of all SIM pre-paid cards users. To give my opinion on this, frankly speaking, I am not convinced that such a measure will really have a positive impact in terms of preventing/reducing cyber threats.
Some examples of business community involvement in promoting awareness and making users understand security risks were presented. One of them was the upcoming Nominet launch of a portal trying to help people find the inform they need and improve their understanding on the things they can do to keep themselves safe while online.
The sensitive issue of protecting children online was also addressed, and it was mentioned that more and more parents choose security/blocking software as tools of protecting their children, while, in many cases, children are more digitally savvy that they are.
One concluding remark of the workshop was that governments, law agencies and the private sector must all be involved in the online protection of users, and that, in addition, there is a need for awareness raising and education among end users about online threats. Also, privacy by design was outlined as one proper answer to the concerns related to the protection of privacy. With regard to legislation, the conclusion was that it shall be enabling and it shall be minimal, while being based on principles which recognize the need of people to work in these principles.