The 2018 CENTR Jamboree - scouting for networks and new ideas

Ah, a European centric domain name conference.  What to make of it when you’re not part of the European Union and a guy from Opunake?

On the one hand you have the potential to learn a lot, make industry connections and meet other ccTLD employees. On the other hand, you have absolutely zero clue if you will take home anything valuable for the time, commitment and resources you’ve set aside to attend an event halfway round the world in Russia.

Seb and BrentThankfully, when it comes to attending an event like CENTR Jamboree it’s a safe bet that you are going to be challenged about how you look at things. Bonus –  I also arrived in Moscow alongside my colleague, InternetNZ's Chief Scientist Sebastian Castro. Seb also happens to be internationally recognised as a world leader in DNS science and is a CENTR veteran, as well as being a talented photographer so it was great to have him along for the ride.

If there was only one thing I could say about the Jamboree, it is that the sessions are heavily focused on real life projects and approaches that are being taken by ccTLDs to improve legal compliance, ensure a healthy global domain name market and be innovative in the tech research space. For example, there were sessions on reducing online fraud using ID control, pseudonymisation and anonymization. One of these sessions was delivered by Sebastian who spoke about tools for anonymization and techniques to make data capture GDPR compliant but still useful for research purposes.

A consistent theme that ran through all the sessions was how to improve our trust, security and reputation while taking risks with new technologies, entering new markets or creating new products. 

I got a lot out of the sessions on fake registration details, how to spot them and handle their removal.  The usual ‘slippery slope’ discussions and issues of grey areas came up. It was pleasing to see the discussion around a targeted, intelligence-led approach to stop a small number of unlawful activities from significantly damaging the online community’s sense of trust and security.

The legal and regulatory one day session was hot on the heels of GDPR implementation. I gave a short contribution about .nz’s experience with GDPR and had follow-up requests for materials from .jp and .ru to share the New Zealand approach. I was also interested in the Swiss approach to GDPR implementation.  Switzerland shares the most similarity with New Zealand’s current status of its legal privacy compliance framework. It has EU adequacy and their local privacy laws are being reformed. However, unlike Switzerland, here in New Zealand we have brought forward our New Zealand domain name GDPR compliance program ahead of local privacy law reform.

Brent Carey and Leonid Todorov, GM, Asia Pacific Top Level Domain Name Association (APTLD)

Being in a room full of lawyers also meant identifying other hot button legal compliance areas. In the foreseeable future, expect to hear a lot  about the EU e-privacy directive, which takes effect later in 2018, and the NIS Cyber Security Directive, which is being incorporated into many local laws across Europe.

Cybersecurity is the new frontier in the domain name industry. Timely, given here in New Zealand our own Cybersecurity Strategy is under review.

The EU Cybersecurity Directive emphasises themes around authenticity, confidentiality and reliability of data. Many ccTLDs who run domain name server systems for their countries have been made the focus of the Directive by having their own local laws define their domain name servers as an essential digital service or critical infrastructure. This raised many questions from the floor about whether the domain name server system is an essential service, and how it should be defined. Many participants were against defining the DNS as an essential service based on volume of transactions. Many felt the focus should be on what would happen to services if the DNS didn’t work or the DNS published incorrect data.

One of the best parts of the Jamboree was the half-day World Café Series. This involves taking three questions, and in small groups having a brief discussion with many industry professionals from around the world over the span of four hours. I made the rookie mistake of picking up the pen in my group and being scribe as we worked through the question ‘How can the relationship between the registry and registrars be improved?’ Check out my scrappy notes.

Scrappy notes

This activity was invaluable because it gave you an insight into what others were trying in different parts of the world. For example, communities of practice, digital seals and certificates, outreach, wikis, joint projects, and prototyping to name a few. 

On a final note, I loved hearing about the Dutch Crime Buster Bot, which was the winner of the 2018 Dutch Hackathon. I wondered if we might be able to do something similar here in New Zealand? Perhaps, a challenge to lay down for the next Tech Week event!

So, thank you to CENTR and our host country Russia for setting the bar high and for being so welcoming. I walked away with a pocketful of business cards and heaps of new ideas that I’ve added to the Domain Name Commission’s Kanban Board. I certainly feel more connected around the world.