By Katie Watson, Policy Advisor, North America, Internet Society
On April 4, 2018, the Canadian Multistakeholder Process: Enhancing Internet of Things (IoT) Security held its first convening in partnership with the Canadian Internet Registration Authority (CIRA); CANARIE; Innovation, Science and Economic Development (ISED) Canada; and the Canadian Internet Policy and Public Interest Clinic (CIPIC). Over 80 participants from government, academia, public interest, industry, and other organizations attended the first meeting and many have continued to engage at in-person and virtual meetings ever since. Over the past eight months, this group has experienced significant success in the areas of consumer education, labeling, and network resiliency. And these achievements have been well-noted on a global scale.
A delegation from Senegal came to Canada in July to meet with members of the Enhancing IoT Security oversight committee. The group was comprised of government officials, Senegal Chapter members, and staff from the Internet Society’s African Bureau. The delegation met with Canadian government officials, technologists, public interest groups, and North American Bureau staff to learn more about how and why the IoT security project was initiated, and what the group had accomplished to date. The group discussed the significant successes the Canadian multistakeholder group had already achieved, the challenges it faced, and goals for the project.
These conversations ultimately aided the delegation in its decision to replicate the Canadian process to enhance IoT security in Senegal.
On November 28-29, the Internet Society and its Senegal Chapter, in partnership with the Ministry of Communications, Telecommunications, Postal Services, and Digital Economy (MCTPEN) and the Telecommunications and Postal Regulatory Authority (ARTP) hosted the inaugural Senegalese Multistakeholder Process: Enhancing Internet of Things (IoT) Security. The Internet Society’s President and CEO, Andrew Sullivan, and I were grateful for the chance to attend and share some of the lessons learned from the Canadian process and the Internet Society’s involvement in IoT security globally. We were both highly impressed by the participation and engagement of this group, and encouraged by the motivation by all involved to work together to make a secure network of IoT devices a reality in Senegal.
On the first day of the meeting, Dawit Bekele, Regional Bureau Director of the Internet Society’s African Bureau, introduced participants to IoT, its potential positive impacts, and the security risks it poses to both consumers and networks. The group then heard from Hu Xianhong, the UNESCO representative on the Internet Universality Index project in Senegal, and Professor Ahmath Bamba Mbacke, from Cheikh Anta Diop University (ESP), about the state of IoT in Senegal.
Participants were also introduced to the idea of the multistakeholder process, its key characteristics, and some best practices the Canadian multistakeholder group has learned. These included utilizing the members of the multistakeholder group to continuously identify and reach out to new stakeholders, maintaining momentum through continuous engagement between full-group meetings, and ensuring that meetings are facilitated by an invested moderator – preferably someone who is both a subject-matter expert and familiar with the multistakeholder process.
The Senegalese participants were also interested to hear about the work that the Canadian multistakeholder group has already accomplished through its working groups on consumer education, labeling, and network resiliency. They plan to utilize the groups’ outputs, and the experts involved in their creation, as they move forward in this process.
On the second day of meetings, Andrew Sullivan; M. Abdoulaye Blade, Ministre de la Communication et de l’Économie Numérique; Ndeye Maimouna Diop, Chair of the Senegal Chapter; Alpha Abdoulaye Thiam, Director of Information Systems at ARTP (Regulator); and Souleymane Diallo, Chief of Staff of the Minister of ICTs (MCTPEN), kicked off the sessions with a conversation on the risks and opportunities IoT poses. The participants then split themselves into three groups for further discussion regarding what they consider to be the most important factors impacting the following in Senegal:
- Security impacts on critical infrastructure
- Security by design
- Consumer protection
Each of the self-selected groups reported their priorities for these issue areas back to the full group, which will use the conversations as the foundation for future workshops.
Importantly, throughout the second day participants reiterated many times the importance of collaboration – both on a national and global scale – to improve IoT security, prevent consumer harm, and encourage technological innovation. This is a theme that we have consistently heard during the Canadian IoT security meetings, showing that the multistakeholder model is an important and valued approach to solving complex Internet issues around the world.
We hope that these meetings will lead to future, fruitful discussion between Canadian, Senegalese, and other global states dedicated to securing the Internet of Things.
Read Why the Multistakeholder Approach Works and demand that your voice is counted for a secure IoT!
This article first appeared at the Internet Society’s website.