Two Italian law scholars, G. Sartor and M. Viola, have written up a nice description and analysis, in English, of the Judge's decision convicting Google executives of "processing health data without authorization," apparently a criminal offense. Based on their description, the decision seems like a technically incompetent one as well as having bad policy implications.   more »

This is a book that deserves to get much more attention in this country. Cyber-Security and Threat Politics: US efforts to secure the information age by Myriam Dunn Cavelty provides a valuable historical and analytical perspective on the debate over cyber-security in the U.S. Cavelty links the cyber debate to securitization theory in political science; in this approach, what matters is how the threat is defined, how and when did a particular understanding of the threat gain acceptance and prominence, who promoted it, and what are its implications for policy and actions? Cavelty offers some important insights into the political, legal and economic implications of the way we define or frame cyber-threats.   more »

The most recent episode of The Ask Mr. DNS Podcast offers up some disturbing corroborating evidence as to the extent of DNS filtering and outright blocking occurring in China. VeriSign's Matt Larson and InfoBlox's Cricket Liu, who co-host the geeky yet engaging and extremely informative show, held a roundtable discussion including technical experts from dynamic name service providers (better known as "managed DNS" services) DynDNS, TZO, No-IP, and DotQuad, as well as Google and Comcast.

After recalling the recent episode where queries to Net Nod's instance of the i root were intercepted and tampered with resulting in incorrect responses being returned inside and outside of China for facebook.com and other websites, Larson posed the question whether others were having similar experiences. (NB: Net Nod's i-root server instance in Beijing is still shut down, as their CEO has apparently stated it is not possible to offer authoritative root service in China) Unfortunately, several of the managed DNS services providers answered affirmatively.   more »

In a recent empirical study correlating botnet activity with ISPs, academic researchers (Michel van Eeten, Johannes Bauer and Hadi Asghari) used participation in the London Action Plan and adherence to the Cybercrime Convention as variables. The London Action Plan (LAP) is a loose transnational, multi-stakeholder network of public agencies responsible for enforcing laws concerning spam. It spans 27 countries and also includes a few industry and NGO members. In political science these are known as Trans-Governmental networks (TGNs). Could such a loose, nonbinding governance form have an appreciable impact?   more »

The US government has pushed back the date of DNSSEC implementation at the root zone by two weeks. The announcement, made at ICANN's "Root DNSSEC" web site, was vague about the reasons, saying only that it was "for further analysis" and to "finalize testing." In a more important move, which may or may not be related, ICANN said that:

"the U.S. Commerce Department will issue a public notice announcing the publication of the joint ICANN-VeriSign testing and evaluation report as well as the intent to proceed with the final stage of DNSSEC deployment. As part of this notice the DoC will include a public review and comment period prior to taking any action."

The existing plans for signing the root and deploying DNSSEC at the root zone were imposed on ICANN and its community by the U.S. government as a product of closed negotiations between the Commerce Department, VeriSign and ICANN.   more »

Late last month the Senate Commerce, Science and Transportation Committee, chaired by Sen. Jay Rockefeller who also serves on the Intelligence Committee, unanimously passed an amended Cybersecurity Act of 2010. With regard specifically to Internet governance issues, the bill has changed dramatically, but it still provides some interesting language around defining critical infrastructure and setting a future research agenda.   more »