1004-Towards a Global Framework
advertisement
The Needs of The Business Community: Towards a Global Framework for Authentication and Security December 9-10, 1999 Naoshi Shima Vice President, NEC Corporation E-mail : shima@mesh.ad.jp ( Authentication and Security Issue Group Home Page: http://www.nec.co.jp/gbde-auth/ ) Technological Issues are Just Visible Peaks No More Titanic! Technological Issues Other Issues Copyright (c) 1999 NEC Corp. Four Ways to Make it Happen! (I) Under The Gun ( II ) Cult or Boom ( III ) Convenient ( IV ) Money Making Copyright (c) 1999 NEC Corp. Force Comes From the Balance Copyright (c) 1999 NEC Corp. Principle of Private Sector Leadership (OECD: October, 1998) Copyright (c) 1999 NEC Corp. Global Policy Discussions Japan-U.S. Summit Joint-Statement Japan Meeting between Japanese Government and the European Commission (Apr. ‘98) (May. ‘98) Japan-U.S. Business Conference (Jul. ‘98, Jul. ‘99) GBDe Plenary (Sept. ’99) J.-EU Industrialist RT (Oct.. ‘98) GIIC Annual meeting (Dec. ‘99) USA EU US-EU Summit (Dec. ‘97) TABD (Jan. ‘98) Copyright (c) 1999 NEC Corp. Steering Committee Members Asia, Oceania Americas Europe, Africa Fujitsu Time Warner Bertelsmann Mitsui AOL ABN AMRO Bank NEC BCE SIC Toshiba Bank of Tokyo-Mitsubishi Cisneros Group Vivendi Hewlett Packard France Telecom NTT IBM Nokia Korea Telecom MCI Worldcom Marks & Spencer Malaysia Telecom Nortel Networks MIH EDS The Walt Disney Company Daimler Chrysler Deutsche Bank Telefonica Copyright (c) 1999 NEC Corp. Nine Issue Groups Issue Asia, Oceania Americas Europe, Africa IPR Fujitsu Microsoft Reed Elsevier Toshiba Telus Corp. Siemens NEC CCIA Brokat Benesse AOL Daimler Chrysler Nifty ITAA Telefonica Burrell USCIB Deutsch Bank NTT Nortel Deutsch Telekom Jurisdiction Mitsui EDS Vivendi Contents and Commercial Communications NTT Data Walt Disney MIH Protection of Personal Data Authentication and Security Consumer Confidence Liability Taxation and Tariffs Information Infrastructure Copyright (c) 1999 NEC Corp. Major Points of Discussion in Each Issue Group Issue Group IPR Protection of Personal Data Authentication and Security Major Discussion Points • • • • • • • Enforcement of Copyright Laws Prompt and Faithful Ratification of WIPO Treaties Promotion of Technological Innovation Workable Liability Rules Respect of WIPO TRIPS Agreement Fair Allocation of Domain Names Global Harmonization • Establishment of Minimum Principles • Self-Regulatory Enforcement - Promotion of Development and Use of Self-Regulatory Mechanisms • Cooperation of Governmental and Private Sectors • Giving Legal Effect to Electronic Authentication • Private Sector Development of Authentication Services • Free Development and Trade of Cryptography • Global Harmonization Copyright (c) 1999 NEC Corp. (Continued) Major Points of Discussion in Each Issue Group Issue Group • • Consumer Confidence • • • • Liability • • Major Discussion Points Transparency, Information and Education to create Consumer Confidence Protection of Personal Data, Secureness in E-Commerce Services and Avoidance of Unsolicited Commercial Communication to assure User Security and Privacy. Clearness in Applicable Law and Choice of Forum, and introduction of ADR to get Consumer Confidence Other Conveniences for Users Balance of Responsibility among Content Providers, Service Providers and End Users Freedom of Contract to avoid the Risk of Illegal Online Activities The Principle of "Immediate Offender Pays" "Notice and Takedown "Procedure to remove Allegedly Unlawful Materials including The Concept of Safe Harbour Provision Copyright (c) 1999 NEC Corp. (Continued) Major Points of Discussion in Each Issue Group Issue Group • Taxation and Tariffs • • Information Infrastructure • • • • • Jurisdiction • • Major Discussion Points Same Taxation in Traditional Commerce and E-Commerce Continuation of WTO's current practice of not imposing Custom Duties Establishment of Competitive Environment to drive Infrastructure Development Respect of WTO Agreements Necessity of Minimum Regulation Fostering of Interoperability and, Open and Market-driven Standards Effective Development of ADR (Alternate Dispute Resolution Arrangement) Mechanism Self-Regulation, Codes of Conduct, Trust Mark and Seal Programs Principle of Freedom of Law/Forum Choice and Freedom of Contract Principle of Country of Origin in case of No Choice in Contract Copyright (c) 1999 NEC Corp. (Continued) Major Points of Discussion in Each Issue Group Issue Group Major Discussion Points • Protection of Minors from Harmful Content • Principle of "Opt-out" in Commercial Content and Communications Commercial • Right of Protection and Promotion of National Communications Cultural Heritage and Identity but Fear of its Growth into Trade Barriers Copyright (c) 1999 NEC Corp. Most Important General Proposal of the First Round GBDe Trustmark as an Selfregulated ADRA (Alternate Dispute Resolution Arrangement) Mechanism to Achieve Consumer Conference Copyright (c) 1999 NEC Corp. Promotion and Protection as Two Driving Wheels Governmental Procurement Hurray! Hurray! Authentication and Security Issue Group Suspicion of Consumer Illicit Conduct Expectations International framework mismatch Just an Inch Remained! Well Done! Over regulation Customers GOAL Governmental and Industrial Sectors Copyright (c) 1999 NEC Corp. Nineteen Identified Issues in Authentication and Security 1. Authentication 2. Security / Encryption A. Promotion 1A1 Development of Authentication Systems/Services (Priv.) 1A2 International Cooperation in Authentication Methods (Govt.-Priv.) 1A3 Mechanisms to Evaluate and Compare Service Providers (Govt.-Priv.) 1A4 Equal Business Opportunities for Authentication Services (Govt.-Priv.) 1A5 Cooperation with Related Organizations (Govt.-Priv.) 1A6 Promotion of Government Procurement (Govt.) 2A1 Development of Security Technology (Priv.) 2A2 Promote Use of Strong Encryption (Govt.-Priv.) 2A3 International Agreement on Encryption Regulations (Govt.) 2A4 Fairness in Cryptography Technology Exportation (Govt.) 2A5 Equal Business Opportunities for Fair Competition (Govt.-Priv.) 2A6 Cooperation with Related Organizations (Govt.-Priv.) B. Protection 1B1 Establishment of the Legal Effect of Electronic Signatures (Govt.) 1B2 Operation Guidelines - Ensuring Reliability (Priv.) 1B3 Cooperation with Related Organizations (Govt.-Priv.) 2B1 Promotion of use of Strong Cryptography vs. RegulationProtection Against Crime (Govt.-Priv.) 2B2 Key Management and Legal Access (Govt.-Priv.) 2B3 Support System for Emergency Situations (Govt.-Priv.) 2B4 Education (Govt.-Priv.) Govt. : To be Handled by Governmental Sector Priv. : To be Handled by Private Sector Copyright (c) 1999 NEC Corp. Recommendations from The Authentication and Security Issue Group Rec.1 To Governments on Electronic Authentication on Cooperation Between Governments for an International Framework: - Harmonization of Existing Rules and Minimum Adoption of New Rules - Freedom of Contract between Related Parties - User Choice of Appropriate Technology or Authentication Mechanisms - Neutrality of Technology and Implementation - Non Discrimination - Evidence of Authenticity Copyright (c) 1999 NEC Corp. Recommendations from The Authentication and Security Issue Group (Continued) Rec.2 To Governments on Electronic Authentication on Legal Effect of Electronic Signature: - Technology Neutrality in order not to hinder the new technology development - Free Development of Authentication Services in Competitive Market without Trade Barriers - Freedom of User Choice in Selecting an Appropriate Service - Transparency in the Level of Authentication Offered - Cross-border Legal Validity of Services - Freedom of Contract between Parties regarding the Use of Authentication that they trust Copyright (c) 1999 NEC Corp. Recommendations from The Authentication and Security Issue Group (Continued) Rec.3 To Private Sector on Electronic Authentication on Development of Authentication Systems and Services - Voluntary Accreditation Schemes to help Ensuring User Confidence - Industry-based Operational Guidelines and Standards - Both International and Domestic Considerations Copyright (c) 1999 NEC Corp. Recommendations from The Authentication and Security Issue Group (Continued) Rec.4 To Governments on Cryptography on it's Free Development and Use - Removal of Cross-border Distribution Restriction - Users’ Free Choice of type and strength of Encryption - No Mandates by Governments on Key Recovery and Escrow except for Consent of Owner or Court Order - Respect of OECD Guidelines on Free User Choice, Free Development and Users-trusted International Standard Copyright (c) 1999 NEC Corp. Recommendations from The Authentication and Security Issue Group (Continued) Additional Measures to Enhance Confidence in the Security of E-Commerce - Use of Governmental Procurement Power to Further Growth of Authentication Services - Establishment of a Global Support System for Emergency - Educational Effort giving Highlight to Merits rather than Risks of E-Commerce Copyright (c) 1999 NEC Corp. Basic Consideration for Japanese Legislation 1. Legal Effect of "Signature" in Japanese Civil Law System 2. International Implication (Cross Border recognition) 3. Freedom of choice by Users (Voluntary Accreditation, Technology Neutrality) (Opened on Nov. 19, '99, Copyright: Japanese Government) Proposed Activities for The Second Round WGs Asia, Oceania Americas Europe, Africa Privacy Chair Co-Chair Co-Chair Consumer Confidence / ADR Co-Chair Co-Chair Chair Consumer Confidence / GBDe Trustmark Chair Co-Chair Co-Chair Trade / Taxation Co-Chair Chair Co-Chair IPR Co-Chair Chair Co-Chair Advocacy Co-Chair Co-Chair Chair Outreach Co-Chair Chair Co-Chair Copyright (c) 1999 NEC Corp. On GBDe, http://www.gbd.org/ On Authentication and Security Issue Group, http://www.nec.co.jp/gbde-auth/ Please visit the above! Copyright (c) 1999 NEC Corp. Return Copyright (c) 1999 NEC Corp.
