The US internet policy document for us

Who calls it Cyberspace anymore? Apparently the US Government does, and aside from the title their new International Strategy for Cyberspace paper is very well written.

Three quick take-aways for me:

1: A refreshing commitment to a right to access

Reliable Access: States should not arbitrarily deprive or disrupt individuals’ access to the Internet or other networked technologies

This is a departure from the three-strikes approach to copyright infringement, with the fine print reading:

Focus cybercrime laws on combating illegal activities, not restricting access to the Internet. Criminal behavior in cyberspace should be met with effective law enforcement, not policies that restrict legitimate access to or content on the Internet To advance this goal, the United States Government works on a bilateral and multilateral basis to ensure that countries recognize that online crimes should be approached by focusing on preventing crime and catch- ing and punishing offenders, rather than by broadly limiting access to the Internet, as a broad limitation of access would affect innocent Internet users as well As the United States and our partners engage in dialogue and help build capacity among law enforcement organizations worldwide, we will integrate this approach, uniting protection of privacy, fundamental freedoms, and innovation with collaboration to combat crimes in cyberspace

(I hope I didn’t breach copyright by reproducing that)

2: A continuing concern that Governments want to get involved in managing the DNS

Multi-stakeholder Governance:

Internet NZ is a not for profit organisation that receives a mandate from ICAAN to round the DNS and distribute the .nz domain. There is no Government involvement. This is one of many models from around the world, with some other country domains being managed by Governments. The US state is correct that the Governments should not be exclusive owners of a top level domain, but they are not necessarily necessary either.

3: Defense and attack

Cybersecurity Due Diligence: States should recognize and act on their responsibility to protect information infrastructures and secure national systems from damage or misuse

There is a strong tone of the US signalling that they will not tolerate data breaches, such as Wikileaks, and that they are reserving the right to go after the perpetrators, be they individuals or state backed.

When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country All states possess an inherent right to self-defense, and we recognize that certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners We reserve the right to use all necessary means—diplomatic, informational, military, and economic—as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests In so doing, we will exhaust all options before military force whenever we can; will carefully weigh the costs and risks of action against the costs of inaction; and will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support whenever possible

Overall the document is strong on collaboration and on an open internet. It feels like a significant improvement to me, though others will have much more informed opinions.