Re: [irsg] IETF and European Commission

Toerless Eckert <tte@cs.fau.de> Wed, 17 May 2023 00:11 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: wgchairs@ietfa.amsl.com
Delivered-To: wgchairs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 474F8C14E515 for <wgchairs@ietfa.amsl.com>; Tue, 16 May 2023 17:11:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.646
X-Spam-Level:
X-Spam-Status: No, score=-1.646 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4W0GG1Ppv7Ni for <wgchairs@ietfa.amsl.com>; Tue, 16 May 2023 17:11:09 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFDF9C15E406 for <wgchairs@ietf.org>; Tue, 16 May 2023 17:10:24 -0700 (PDT)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:51]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTPS id 4QLYQg11Z3znkTF; Wed, 17 May 2023 02:10:19 +0200 (CEST)
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 4QLYQg0HV6zkvth; Wed, 17 May 2023 02:10:19 +0200 (CEST)
Date: Wed, 17 May 2023 02:10:19 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Jane Coffin <jane@connecthumanity.fund>
Cc: Niels ten Oever <mail@nielstenoever.net>, Working Chairs <wgchairs@ietf.org>, Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org>
Subject: Re: [irsg] IETF and European Commission
Message-ID: <ZGQbaxoZ5XEJy8G3@faui48e.informatik.uni-erlangen.de>
References: <CADNypP_534rHN8CgZfx6DfR=vrLC8uHzzWKStmdCWSVtuujqZQ@mail.gmail.com> <372d7a6d-0a6d-7f92-a10e-fb52bacde80d@cdt.org> <CAAk_8j0O1yzKo7wPdKadMccDsY2optYXOkTeJjgpm0s=FuDZCg@mail.gmail.com> <8c19c1a2-a20a-4901-cddd-48e33998396c@nielstenoever.net> <CAAk_8j02Ytz4wfb2SHRMbqMX=-mtim_wuWnGBbXhKPSHibquvA@mail.gmail.com> <9a9ba038-4384-dfe2-72f0-6d1f5c7f5fa4@nielstenoever.net> <CAAk_8j3bX4x8N546XbqcSCz0st4C7pg+H_zwHPRs4Q3HurS3sw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAAk_8j3bX4x8N546XbqcSCz0st4C7pg+H_zwHPRs4Q3HurS3sw@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wgchairs/9Ni3hlPTjr2zm7GaFwFXsVxzA1M>
X-BeenThere: wgchairs@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Working Group Chairs <wgchairs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wgchairs/>
List-Post: <mailto:wgchairs@ietf.org>
List-Help: <mailto:wgchairs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2023 00:11:13 -0000

Should one start to wonder how it can be that the EU relies likely almost solely on
IETF/TCP protocols for their own networks, if not for all the users and
industries in the EU ? How does that with with harmonization requirements ?

---
Toerless

On Tue, May 16, 2023 at 03:18:42PM -0400, Jane Coffin wrote:
> Many thanks, Niels.
> 
> On Tue, May 16, 2023 at 2:42 PM Niels ten Oever <mail@nielstenoever.net>
> wrote:
> 
> > Hi Jane,
> >
> > I checked with the excellent Olia Kanevskaia and she confirmed what I
> > said: EU can only refer to harmonized standards because it presumes
> > compliance with EU directives and regulations.
> >
> > This is also why CEN/CENELEC is now playing a role in the new draft AI
> > regulation (even though some academics argue this will not hold up because
> > of inherent democratic deficits [0]).
> >
> > Best,
> >
> > Niels
> >
> >
> > [0] See for instance para 52-57
> > https://deliverypdf.ssrn.com/delivery.php?ID=526026122121112015065079030079002004021019084010061003029097008119085101094126103098117019034042056022028000080068074000030123105078049036082098020111006082021085011024058017110080086095027094117113097001118001069071065103108101124116068023026122020020&EXT=pdf&INDEX=TRUE
> >
> > Veale, Michael, and Frederik Zuiderveen Borgesius. 2021. “Demystifying the
> > Draft EU Artificial Intelligence Act—Analysing the Good, the Bad, and the
> > Unclear Elements of the Proposed Approach.” Computer Law Review
> > International 22 (4): 97–112.
> >
> > On 16-05-2023 18:32, Jane Coffin wrote:
> > > Hi Niels -
> > >
> > > I had an inkling it was something like this as a UK colleague was quite
> > clear that the UK carefully went out of its way to include IETF vis-a-vis
> > standards.
> > > Let me find out more re that.
> > >
> > > It would be great if you could ask your legal colleagues re this.
> > >
> > > Best,
> > > Jane
> > >
> > > On Tue, May 16, 2023 at 12:28 PM Niels ten Oever <mail@nielstenoever.net
> > <mailto:mail@nielstenoever.net>> wrote:
> > >
> > >     Hi Jane,
> > >
> > >     As far as I know, in its legislation the European Union (EU) can
> > only refer to 'harmonised standards'. A harmonised standard is a European
> > standard developed by a recognised European Standards Organisation: CEN,
> > CENELEC, or ETSI. This is why, for instance, CEN adopts ISO standards in
> > Europe, through the prefix “EN ISO” (see also Vienna Agreement). So it are
> > just CEN, CENELEC and ETSI standards that are commonly referred to in
> > European legislation and policies.
> > >
> > >     Through CEN, CENELEC, and ETSI international standards also often
> > get translated to national standards bodies (NSBs)(but sometimes they also
> > get translated directly from ISO/IEC to NSBs). Then countries can refer to
> > it in national legislation as well in my understanding.
> > >
> > >     But I can ask my law colleagues to verify.
> > >
> > >     Best,
> > >
> > >     Niels
> > >
> > >
> > >
> > >     On 16-05-2023 17:39, Jane Coffin wrote:
> > >      > All -
> > >      >
> > >      > Some countries - like Armenia (or at least in 2006) -- indicated
> > in the Telecoms Law that ITU standards were part of their national
> > standards fabric.  Whether they actually put this into practice is a
> > separate issue (they definitely did on spectrum - Radio Regs - Treaty).
> > >      > I think the UK (when part of the EC) had to amend some of its
> > laws (or codes, procedures, you get the point) to include standards other
> > than ISO, ITU, and specifically include IETF protocols/standards.
> > >      >
> > >      > Does the EC officially accept IETF standards in their roster of
> > standards?
> > >      > Did some EC countries have to specifically change
> > laws/codes/other/other to include IETF standards outside of any EC
> > processes?
> > >      >
> > >      > I ask this Q as it might be helpful to know at least whether the
> > EC officially accepts IETF standards, and this flows down to all EC
> > members?  I use the word "accept" as a placeholder for "include by
> > reference in leg, incorporate by ref, other, other appropriate term".
> > >      >
> > >      > Jane
> > >      >
> > >      >
> > >      >
> > >      >
> > >      >
> > >      > On Tue, May 16, 2023 at 11:05 AM Mallory Knodel <mknodel=
> > 40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org> <mailto:
> > 40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org>>> wrote:
> > >      >
> > >      >     Others will have more context, likely, but I've engaged with
> > this content rather extensively and it largely focusses on
> > national/regional standards efforts, not international bodies like the
> > IETF, though it does make mention and understand rather well, in my view,
> > the relationship between different actors.
> > >      >
> > >      >     -Mallory
> > >      >
> > >      >     On 5/16/23 8:59 AM, Rifaat Shekh-Yusef wrote:
> > >      >>     Hi,
> > >      >>
> > >      >>     Anyone aware of any relationship between the IETF and
> > the European Commission ICT initiative?
> > >      >>     European Multi-Stakeholder Platform on ICT Standardisation |
> > Shaping Europe’s digital future (europa.eu <http://europa.eu>) <
> > https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation
> > <
> > https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation
> > >>
> > >      >>
> > >      >>     Regards,
> > >      >>      Rifaat
> > >      >>
> > >      >     --
> > >      >     Mallory Knodel
> > >      >     CTO, Center for Democracy and Technology
> > >      >     gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271
> > BD3C C780
> > >      >
> > >
> > >     --
> > >     Niels ten Oever, PhD
> > >     Co-Principal Investigator - critical infrastructure lab - University
> > of Amsterdam
> > >     Assistant Professor - Department of European Studies - University of
> > Amsterdam
> > >
> > >     W: https://criticalinfralab.net <https://criticalinfralab.net>
> > >     W: https://nielstenoever.net <https://nielstenoever.net>
> > >     PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C
> > >
> >
> > --
> > Niels ten Oever, PhD
> > Co-Principal Investigator - critical infrastructure lab - University of
> > Amsterdam
> > Assistant Professor - Department of European Studies - University of
> > Amsterdam
> >
> > W: https://criticalinfralab.net
> > W: https://nielstenoever.net
> > PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C
> >

-- 
---
tte@cs.fau.de