On 15/11/2017 12:18, Nick Hilliard wrote:
> - regarding IXPs specifically, there is little to no basis for
> categorising them the vast majority of them as "critical" on the basis
> that if you turn an IXP off, or if it fails due to technical or
> administrative reasons, traffic will generally re-route somewhere else
> within BGP dead-time seconds and most people will probably not even
> notice.
Noted.
> - once organisations gain political protection status of one form or
> another, they also attract legal / regulatory obligations. So the
> question for e.g. IXPs should be reframed as: given that most IXPs are
> not in fact critical to the operation of the Internet in any meaningful
> sense of the word (i.e. the world can continue on without them), is the
> attraction of gaining a mention on a UN declaration worth the cost of
> the regulatory obligations that will inevitably ensue?
While Bill has given some strong replies on this thread to
understandable/predictable scepticism (I particularly liked his reply to
Mark Blackman 15/11 @ 12:51), Nick hasn't really had an answer to this
question, and I think it deserves one.
For many years, IXPs escaped government notice. Indeed in some regions
IXPs were viewed with scepticism or opposition from governments and
regulators too wedded to archaic monopolistic (or quasi-monopolistic)
models: they seemed too "bottom-up", and worryingly unlicensed and Not
Part of Our Plan.
While that was the case, it made sense for IXPs to keep under the radar,
essentially in line with the (non-) engagement strategy Nick is
suggesting above.
For better or for worse, those days are well and truly over.
Pontificating on IXPs is very much in fashion these days in
intergovernmental soft-policy declarations, and there is already
awareness of IXPs in hard law (the EU NIS Directive). So the "regulatory
obligations" Nick refers to are coming, indeed here, already.
The only choice available to the IXP community is whether to engage with
governments making those pronouncements, and also the hard law, in the
hope of shaping them in a manner amenable to our community, or standing
aside and letting governments do what they will unguided.
Nick, if you want governments to recognise that IXPs are often not
"critical", and to persuade them that they should assess criticality
before imposing regulatory burdens instead of assuming criticality and
the regulation that goes with it, then I would suggest that engagement
with these kinds of international declarations could be an important
complement to local lobbying. These declarations are - well,
declaratory, in a way (British and Irish) legislation is not (EU
legislation has declaratory recitals of a form alien to British and
Irish statute writing). That's an opportunity.
If staying "under the radar" were still a viable option, it might be a
difficult call. But I don't believe we have that option any more.
Now, as for the specific initiative Bill is engaged with, I can see that
on the policy substance the idea "IXPs are so important States should
refrain from attacking them" could be seen as in opposition to the idea
"IXPs are commonly not critical do not justify burdensome regulation
aimed at nationally critical infrastructure". Although I can certainly
construct counter-arguments, so I'm not too worried. To set against
that, I can also see that Bill's engagement and leadership here could
buy influence for our community that might make it easier to persuade
governments to accept, in future declarations, text supportive of the
line Nick is advancing.
The mere fact that governments have accepted text promoted by the IXP
community, at WTPF, at Plenipot-15, at WTDC-17, and now in Bill's group,
makes it easier to push more text, perhaps at Plenipot-18.
I'm not going to judge the specific work Bill's Working Group is doing,
as I'm not sufficiently sighted. But on the broader issue of whether
this /type/ of engagement is advisable, and Nick's challenge to it, I
would give a qualified "Yes": of course I recognise the risks, but
nonetheless it is in our community's long term interests to engage. Even
if Bill's Working Group should come up with text we find unhelpful
(which is a worst case - after all, none of us actually want IXPs to be
subject to nation state cyberattack!), I am hopeful we can still find
ways to get some benefit nonetheless.
Malcolm.
--
Malcolm Hutty | tel: +44 20 7645 3523
Head of Public Affairs | Read the LINX Public Affairs blog
London Internet Exchange | http://publicaffairs.linx.net/
London Internet Exchange Ltd
Monument Place, 24 Monument Street London EC3R 8AJ
Company Registered in England No. 3137929
Trinity Court, Trinity Street, Peterborough PE1 1DA
