Remarks of Diane Rinaldo
Acting Assistant Secretary of Commerce for Communications and Information
July 25, 2019
--As Prepared for Delivery--
Thank you to Melinda and Dustin for the introduction, and for all the work you’ve done to make IGF-USA a success.
I’d also like to take this opportunity to recognize Fiona Alexander, who recently left her role as head of NTIA’s international office. Fiona first joined NTIA as an intern in 1997 – that’s firmly in the Windows 95 era – and she spent nearly 20 years at our agency advocating for an open, global Internet. We will miss her contributions and wish her well as she enters the next stage of her career. Our team at NTIA will carry on this vision of an Internet that is free and open, with minimal barriers to the exchange of information and services around the world.
NTIA is the President’s top adviser on technology policy issues. For decades, we have advocated for the multistakeholder approach to Internet governance and policy development. When policy issues arise from advancements in technology, we believe the most effective way to address them is by bringing together a diverse array of perspectives and expertise.
We understand the power that bottom-up processes can have in creating sustainable, adaptable solutions. I like to talk about NTIA as a convening organization. We’ve worked hard to build relationships with key stakeholders and gain their trust, which allows us to lead complex, difficult discussions related to the Internet.
We have demonstrated our commitment to the multistakeholder model by running multiple multistakeholder processes in the U.S. These typically lead to the creation of best practices or codes of conduct that enable industry leadership in areas of emerging technology, where regulation would be ill-fitting or premature.
For example, over the past four years, NTIA has pioneered a novel form of public-private partnerships for cybersecurity.
- We were the first government agency to directly address the challenges around vulnerability disclosure by inviting security researchers – the good kind of hackers – into a discussion with software vendors and their customers, to focus on how collaboration could help everyone.
- We helped lead government efforts to address the risks from an insecure Internet of Things. Our focus was on a key point – let’s make sure that insecure devices can be fixed. So we fostered technical and policy discussions around “patchability.”
- Our current effort addresses the risks in our software supply chain by promoting transparency around third party components. We’re are helping industry understand and use what’s called a “software bill of materials,” also known as “SBOM.” As an aside, if you’re going to have these kinds of arcane technical discussions, I would suggest finding ways to create acronyms like SBOM, because it’s an easy way to liven up these talks.
With our processes, stakeholders always lead the way. We strive to make them transparent, open, and consensus-based. These processes at their core are designed to be a form of “agile” policymaking that provide guidance to stakeholders to achieve a common outcome.
When the White House directed us to help develop the Administration’s policy toward consumer data privacy, we began by talking with stakeholders to better understand what the problems are, what we can agree upon, and how we can move forward.
We put out a request for comment and a proposed privacy approach, and received more than 200 responses from a range of individuals, industries, companies and organizations. We’re grateful for the time and energy that these groups put into our process.
In the comments, we heard a sense of urgency, and a desire for American leadership on this issue. We also saw broad industry consensus that we can’t have a patchwork regulatory landscape within the U.S., and where there are differences internationally, we should take care not to harm the data flows that power the global digital economy.
Finally, we received many thoughtful, constructive comments on our proposed risk-and-outcomes-based approach. Our sister agency NIST, the National Institute of Standards and Technology, is leading that work and is gathering public input on a draft framework made public in April.
While we’re talking about privacy, I would like to briefly mention Europe’s GDPR and its impact on the ability to access domain name registration data. NTIA is committed to continuing to work within the ICANN multistakeholder process to develop policies, and ultimately a solution, that complies with GDPR and preserves the legitimate access to registration information. This information is critical for law enforcement, cybersecurity, and intellectual property enforcement. We have to get this done.
NTIA is also keeping an eye on emerging technologies that are just coming into focus, such as blockchain, quantum computing, autonomous vehicles, drones and AI. We are looking forward to participating in the ITU’s sixth World Telecommunication Policy Forum in 2021. The WTPF is an excellent opportunity to exchange views about these important emerging technologies. I encourage all of you to participation in the preparatory process.
In another venue, the OECD, NTIA was instrumental in getting the organization’s 42 member countries to approve a new international agreement for building trustworthy artificial intelligence. The OECD is unique in that its members share democratic values and a commitment to innovation.
The agreement includes five broad principles to guide the development and use of AI, such as promoting inclusive growth, transparency, and accountability. It also aligns with President Trump’s Executive Order on AI, which included a call to work with international partners to ensure continued innovation consistent with American values.
Finally, I want to share what NTIA is doing to expand access and adoption of broadband and other connected technologies.
Earlier this month, I spoke at a conference on smart cities and communities that we organized alongside NIST and the Department of Homeland Security. This is important area of work for us. At NTIA, we are working within the United States and around the globe on smart cities concepts. We bring practitioners together, help develop and share best practices, and use multistakeholder approaches to help remove barriers to deployment and access to smart technologies.
Separately, we’re continuing our work to update the national broadband availability map, as directed by Congress. An initial eight states will provide data and other inputs to the map so that policymakers around the country can make better decisions as they devise broadband expansion plans. Broadband availability maps let you know where coverage lags, where there may be natural, market or cultural barriers, and where policymakers need to step up efforts to improve digital inclusion.
The initial map will include available nationwide data for every state combined with state-level data from the eight states, but this is just a first step. We are open to any and all innovative proposals out in the public, and we expect to seek participation from additional states, territories and federally recognized tribes that have broadband programs or related data-collection efforts.
Before I go, I want to acknowledge that we face some real challenges in Internet policy. The Internet is impacting our daily lives more than ever before – from connecting people and families, to improving access to markets and education, to enhancing the way we shop, share and learn.
We are privileged to live in this age and you should all be proud of the role you have played in collectively shaping and governing this complex, wild environment that we call the Internet.
As we step into this new era of connected devices, smart services, and AI – we must also increase our collective vigilance. With great invention and progress comes an equally great demand for smart policy solutions to address the growing number of complex, unintended consequences that tech advancement introduces.
We must work harder than ever to confront these challenges, to quickly and effectively diagnose problems and to propose standards and solutions. Governance in this new era will require us to be smarter, more actionable, more accountable and more outcome focused. In a world where everything is connected, from our toasters to the global networks supporting finance, energy and transportation, there is much at stake. Collectively we must usher in an era of governance and accountability that meets the demands of the current environment.
Since the early days of the Internet, NTIA has not shied away from confronting hard problems facing the Internet. We do not plan to stop now as we take on issues like cyber and supply chain security, secure 5G competition, and protecting American values online.
We must define outcomes and solutions that will work for markets and permit innovation to prosper while protecting our citizens, our infrastructure and our values. And we must work with our partners and allies and all key stakeholders to get this done. I invite you all to work with us, our doors at NTIA are always open.