Re: [irsg] IETF and European Commission

Niels ten Oever <mail@nielstenoever.net> Tue, 16 May 2023 18:42 UTC

Return-Path: <mail@nielstenoever.net>
X-Original-To: wgchairs@ietfa.amsl.com
Delivered-To: wgchairs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 077AFC14CE4C for <wgchairs@ietfa.amsl.com>; Tue, 16 May 2023 11:42:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nielstenoever.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tVfm1UJsJo7n for <wgchairs@ietfa.amsl.com>; Tue, 16 May 2023 11:42:02 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.88]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56936C14CE4F for <wgchairs@ietf.org>; Tue, 16 May 2023 11:42:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=nielstenoever.net; s=mail; h=Content-Type:In-Reply-To:From:References:Cc:To :Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=0MEMEYPVqj3tzAfLsH6lLol8w6mofHfUrO9CJF7NJi0=; b=Ylgvb7Vvd9l1sk1Ox67FUlcEk 9dGlMr6o8sw5F0ap66wG4DdCTxIbN//HduWY62C7lmZvtehf3uWZo0eA3529S7K9v+CC1/IbcqnYf ExcCgHpb96Z2YajzNaVP6i1ffEYBIX7NKVY5bxVWYAiiq79d+CpeXWm7m+VtfMqoNsZt0=;
Message-ID: <9a9ba038-4384-dfe2-72f0-6d1f5c7f5fa4@nielstenoever.net>
Date: Tue, 16 May 2023 20:41:55 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0
Subject: Re: [irsg] IETF and European Commission
Content-Language: en-US
To: Jane Coffin <jane@connecthumanity.fund>
Cc: Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org>, Working Chairs <wgchairs@ietf.org>, Internet Research Steering Group <irsg@irtf.org>
References: <CADNypP_534rHN8CgZfx6DfR=vrLC8uHzzWKStmdCWSVtuujqZQ@mail.gmail.com> <372d7a6d-0a6d-7f92-a10e-fb52bacde80d@cdt.org> <CAAk_8j0O1yzKo7wPdKadMccDsY2optYXOkTeJjgpm0s=FuDZCg@mail.gmail.com> <8c19c1a2-a20a-4901-cddd-48e33998396c@nielstenoever.net> <CAAk_8j02Ytz4wfb2SHRMbqMX=-mtim_wuWnGBbXhKPSHibquvA@mail.gmail.com>
From: Niels ten Oever <mail@nielstenoever.net>
In-Reply-To: <CAAk_8j02Ytz4wfb2SHRMbqMX=-mtim_wuWnGBbXhKPSHibquvA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------4xc8XtujOQZPwFPwVSb4ljZr"
X-Authenticated-As-Hash: f1842a279235a42f6aa2a2a81130733515c5a4ec
X-Virus-Scanned: by clamav at smarthost1.greenhost.nl
X-Scan-Signature: eb6b931bae02616ff037e25ce51c77b6
Archived-At: <https://mailarchive.ietf.org/arch/msg/wgchairs/uGuIdp-SkxtXwR9e7LYghjYLmqQ>
X-BeenThere: wgchairs@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Working Group Chairs <wgchairs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wgchairs/>
List-Post: <mailto:wgchairs@ietf.org>
List-Help: <mailto:wgchairs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 May 2023 18:42:07 -0000

Hi Jane,

I checked with the excellent Olia Kanevskaia and she confirmed what I said: EU can only refer to harmonized standards because it presumes compliance with EU directives and regulations.

This is also why CEN/CENELEC is now playing a role in the new draft AI regulation (even though some academics argue this will not hold up because of inherent democratic deficits [0]).

Best,

Niels


[0] See for instance para 52-57 https://deliverypdf.ssrn.com/delivery.php?ID=526026122121112015065079030079002004021019084010061003029097008119085101094126103098117019034042056022028000080068074000030123105078049036082098020111006082021085011024058017110080086095027094117113097001118001069071065103108101124116068023026122020020&EXT=pdf&INDEX=TRUE

Veale, Michael, and Frederik Zuiderveen Borgesius. 2021. “Demystifying the Draft EU Artificial Intelligence Act—Analysing the Good, the Bad, and the Unclear Elements of the Proposed Approach.” Computer Law Review International 22 (4): 97–112.

On 16-05-2023 18:32, Jane Coffin wrote:
> Hi Niels -
> 
> I had an inkling it was something like this as a UK colleague was quite clear that the UK carefully went out of its way to include IETF vis-a-vis standards.
> Let me find out more re that.
> 
> It would be great if you could ask your legal colleagues re this.
> 
> Best,
> Jane
> 
> On Tue, May 16, 2023 at 12:28 PM Niels ten Oever <mail@nielstenoever.net <mailto:mail@nielstenoever.net>> wrote:
> 
>     Hi Jane,
> 
>     As far as I know, in its legislation the European Union (EU) can only refer to 'harmonised standards'. A harmonised standard is a European standard developed by a recognised European Standards Organisation: CEN, CENELEC, or ETSI. This is why, for instance, CEN adopts ISO standards in Europe, through the prefix “EN ISO” (see also Vienna Agreement). So it are just CEN, CENELEC and ETSI standards that are commonly referred to in European legislation and policies.
> 
>     Through CEN, CENELEC, and ETSI international standards also often get translated to national standards bodies (NSBs)(but sometimes they also get translated directly from ISO/IEC to NSBs). Then countries can refer to it in national legislation as well in my understanding.
> 
>     But I can ask my law colleagues to verify.
> 
>     Best,
> 
>     Niels
> 
> 
> 
>     On 16-05-2023 17:39, Jane Coffin wrote:
>      > All -
>      >
>      > Some countries - like Armenia (or at least in 2006) -- indicated in the Telecoms Law that ITU standards were part of their national standards fabric.  Whether they actually put this into practice is a separate issue (they definitely did on spectrum - Radio Regs - Treaty).
>      > I think the UK (when part of the EC) had to amend some of its laws (or codes, procedures, you get the point) to include standards other than ISO, ITU, and specifically include IETF protocols/standards.
>      >
>      > Does the EC officially accept IETF standards in their roster of standards?
>      > Did some EC countries have to specifically change laws/codes/other/other to include IETF standards outside of any EC processes?
>      >
>      > I ask this Q as it might be helpful to know at least whether the EC officially accepts IETF standards, and this flows down to all EC members?  I use the word "accept" as a placeholder for "include by reference in leg, incorporate by ref, other, other appropriate term".
>      >
>      > Jane
>      >
>      >
>      >
>      >
>      >
>      > On Tue, May 16, 2023 at 11:05 AM Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org> <mailto:40cdt.org@dmarc.ietf.org <mailto:40cdt.org@dmarc.ietf.org>>> wrote:
>      >
>      >     Others will have more context, likely, but I've engaged with this content rather extensively and it largely focusses on national/regional standards efforts, not international bodies like the IETF, though it does make mention and understand rather well, in my view, the relationship between different actors.
>      >
>      >     -Mallory
>      >
>      >     On 5/16/23 8:59 AM, Rifaat Shekh-Yusef wrote:
>      >>     Hi,
>      >>
>      >>     Anyone aware of any relationship between the IETF and the European Commission ICT initiative?
>      >>     European Multi-Stakeholder Platform on ICT Standardisation | Shaping Europe’s digital future (europa.eu <http://europa.eu>) <https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation <https://digital-strategy.ec.europa.eu/en/policies/multi-stakeholder-platform-ict-standardisation>>
>      >>
>      >>     Regards,
>      >>      Rifaat
>      >>
>      >     --
>      >     Mallory Knodel
>      >     CTO, Center for Democracy and Technology
>      >     gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>      >
> 
>     -- 
>     Niels ten Oever, PhD
>     Co-Principal Investigator - critical infrastructure lab - University of Amsterdam
>     Assistant Professor - Department of European Studies - University of Amsterdam
> 
>     W: https://criticalinfralab.net <https://criticalinfralab.net>
>     W: https://nielstenoever.net <https://nielstenoever.net>
>     PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C
> 

-- 
Niels ten Oever, PhD
Co-Principal Investigator - critical infrastructure lab - University of Amsterdam
Assistant Professor - Department of European Studies - University of Amsterdam

W: https://criticalinfralab.net
W: https://nielstenoever.net
PGP: 4254 ECD5 D4CF F6AF 8B91 0D9F EFAD 2E49 CC90 C10C