Internet Governance in Ecuador: Infrastructure and Access First National Summit on Internet Governance in Ecuador by J. Andrés Delgado1 1 Gualberto Arcos N28-64, Postcode: EC170102. Quito – Ecuador. Email: andres@delgado.ec Internet Governance in Ecuador by J. Andrés Delgado is licensed Creative Commons Attribution Non-Commercial Share Alike 4.0 International Contents Preface Introduction Infrastructure and standardization Telecommunications infrastructure Liberalizing the telecommunications market The last mile The radio spectrum TCP/IP DNS Net neutrality Cloud computing Cyber-security Encryption Legal Copyright References Preface When the decision of organizing the First National Summit on Internet Governance in Ecuador was made, the need to have a base document that would enable any person to understand the development of the governance processes that had occurred so far in the country was established. This was the original intention for the presentation of this text, and so it was to be divided into sections that would have mirrored those used by the Diplo Foundation: infrastructure and standardization, legal framework, economy, development, society and culture. However, as time grew short to prepare this document, the spectrum of subject matters it would cover was reduced to preserve the quality of the document. Drawing from supplemental research documents, such as the most recent Freedom of the Net report, became indispensable to carry out a serious discussion of the topic of internet governance in Ecuador. This preliminary study includes the following sections: ● ● ● ● ● ● ● ● Telecommunication infrastructure TCP/IP DNS Net neutrality The cloud Cyber-security Encryption Intellectual property The study of these areas was carried out by a review of available academic literature, from international as well as national sources. The study also includes news coverage originating in government publications. Where relevant, further documentation from specific government working groups was sought. This was important as the current state of some of the study topics is under constant evolution, as is common in any study of the internet. Most of the sources are available online and are cited with an URL that will be accessible to any reader. This study will also be made available to the public online, as a part of one or of many different websites. It is the hope that any future work on the topic of Internet Governance in Ecuador considers a similar method so that those who take part in decision-making processes can have easy access to all available informational tools. Introduction At its genesis, no one could have foreseen the global impact the Internet would have. During the early years, governmental or corporate intervention in the governance of the Internet was difficult to perceive. The creators of the internet designed it so, and enshrined in their design openness, neutrality, and decentralization. As time went on, the network attracted the attention of a variety of sectors. Today the private sector and the public one are keenly interested in how the internet is to be managed. As the web came to play an ever more important role in global geopolitics, particular interest developed around the points where telecommunications, content management,2 and the internet converged. The increasing intervention from these actors has grown gradually. There has been no move to establish a government for the internet, operating under the guidance of any governments. We talk about multi-stakeholder governance instead. Though ultimately the resolutions, accords, policies, laws and regulations adopted by countries create the governance structure, the wording for new policies or laws is often drafted months before, at the international multistakeholder meetings. Several important precedents led to the adoption of the multi-stakeholder model. In 1994 the National Science Foundation created controversy when it sought a private subcontractor to manage the domain name system. The controversy didn't come to an end until 1998. States and international non-governmental organizations finally intervened to establish the Internet Corporation for Assigned Names and Numbers (ICANN). The 2003 and 2005 World Summit on the Information Society (WSIS) conferences, sponsored by the United Nations, included 19,000 participants from 174 countries. The main objective of the summit was to reduce the digital divide separating rich and poor countries' access to information technologies, especially the internet. WSIS defined internet governance as follows: Internet governance is the development and application by Governments, the private sector, and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet.3 The Secretary-General of the United Nations announced the First Internet Governance Forum (IGF) in July 2006 which has since become an annual event. Still, developing countries must overcome economic and human resource limitations to equally participate in the discussions about Internet governance. It has been difficult for many to assist In addition to the Web and the original protocols for file transfer and messaging, Internet allows transmission of multimedia content and communication, telephony (VoIP), television (IPTV), the use of online games, among others. 3 Definition published by the World Summit on the Information Society (WSIS) and approved via Resolution l56/183 of the General Assembly of the United Nations. 2 the forums and equally influence the decentralized and multi-institutional proceedings with positions that are considerate of multiple variables. In a quest to deconstruct the hegemonic entrenched powers of the internet, which includes private companies often based in the United States, countries such as Russia and China have advocated for an inter-governmental model that would allow governments to take control of their part of the network more directly. The 2009 IGF took steps to anchor the IGF within the United Nations framework more directly. In August 2010, the Association for Progressive Communications (APC), the NUPEF Institute, and the Latin America and Caribbean Network Information Center (LACNIC) organized the 3rd regional preparatory meeting for that year's Internet Governance Forum in Quito, which helped arouse the interest of local actors in the thematic content of the event. In October 2013, during the 24th session of the UN Human Rights Council, Pakistan proposed on behalf of Ecuador and nine other countries the creation of a new intergovernmental internet governance mechanism. That same month Fadi Chehadi, the president of ICANN, and Dilma Rousseff, President of Brazil, inaugurated the NETmundial initiative, a multi-stakeholder process for internet governance which included a significant delegation from Ecuador's public and private sectors, as well as its civil society. It is convenient to advance in the definition of an Internet governance agenda for Ecuador. Infrastructure and standardization At its most fundamental level, the internet is a collection of standards, protocols, cables and structures. Without this technical infrastructure, the internet as we know it could not exist. The cyber-security of this infrastructure is becoming an increasingly pressing concern. It would be difficult to confine the development of cyber-security protocols at exclusively local levels, due to the global nature of the internet. Telecommunications infrastructure The regulation of telecommunications must include the consideration of all the mediums by which telecommunications occurs: the cellular networks, radio frequencies, fiber optics, and more. Each of these modes of access follows a different set of regulatory principles. Internationally, regulation is carried out by the International Telecommunication Union (ITU). In Ecuador, the entity empowered with regulating this sector is the Telecommunication Superintendency (SUPERTEL). However, this body's regulations are crafted by a separate entity: the National Council of Communications. This relationship is currently under debate, as part of the drafting of a new Telecommunications law. 4 Liberalizing the telecommunications market Many countries have liberalized their telecommunications markets, hoping to boost the development of new communication services by permitting access to the often governmentowned infrastructures. In Ecuador, however, this type of practice is discouraged by current laws. Article 316 of the 2008 Constitution says that “the government can delegate participation in strategic sectors,” including telecommunications, “and public services to companies of mixed public/private holdings in which the government controls a majority of the shares,” which limits the participation of the private sector in this market. In Ecuadorian law, even if free trade agreements are signed that would seem to weaken this protectionist principle, telecommunications must still be treated as a “strategic sector” (Estévez, 2012). A 2014 study conducted by CEPAL showed that the central importance of the National Telecommunications Company (CNT) was taken into consideration in the trade deal signed that year with the European Union. This is important because telecommunication is one of the European continent’s most powerful economic sectors (Maldonado & Torres, 2013:148). Recently Ecuador's Constitutional Court approved the wording for a possible constitutional amendment to say: “communication as a public service5 [that] will be carried out by private, public and community media,” and there is a high probability this amendment will be approved When this document was published, the National Assembly had approved the committee report to give way to the first public debate on a new Telecommunications Law. According to this draft law, the SUPERTEL is to be absorbed by the Ministry of Telecommunication and the Information Society (MINTEL). MINTEL will become, via its Regulation and Control branch, the organism responsible for control, regulation and enforcement in the telecommunications sector (“El control total a las telecomunicaciones”, 2014). This state of affairs would contravene the current Constitution and article 143 of the 2014 trade deal signed with the European Union, making it unlikely for the bill to remain unchanged after first debate in the plenary of the Assembly. 4 by the National Assembly and become constitutional law. Some have interpreted this constitutional reform as additional regulation of the communications sector, (“La comunicación, ¿un derecho constitucional o servicio público?”, 2014) which may be seen as a disincentive by investors. The current state of relations between the government and the private telecommunications companies are indeed poor (“Claro: 'Negociaciones para espectro 4G están estancadas'”, 2014). The last mile Ninety percent of Ecuador's internet traffic travels via two submarine fiber optic links: the PanAmerican or Pan-Am cable, and the Emergia or Sam-1 (Cabrera et Col, 2014:3). For both6 cables, Ecuador solicited “delivery of a determined capacity for international internet access, for the social development and educational use of the submarine cable end-points,” to be administered by the FODETEL. Ecuador's capacity is equal to 1% and 2% of those cables’ traffic, respectively. In March 2015 a third cable will initiate operation: the Pacific Caribbean Cable System or PCCS, which will give Ecuador access to bandwidths of 100 Gbps (“Ancho de banda de Ecuador será igual que países desarrollados”, 2014). In Ecuadorian territory, the main distribution network consists of 20,000 kilometers of fiber optic trunk lines. There are an additional 15,000 kilometers of cable in what is known as “the last mile”, the fibre that connects individual consumers to the network. This resource is available in 67% of the national territories. The number of homes connected to broadband internet in 2013 was 891,000 (7.7 %),7 and the percentage of homes connected to high speed internet was 0.89%. Article 79, Ecuador's Communication Law says: “Social communication carried out by communication outlets is a public service that must be carried out with responsibility and quality, respecting the rights established in the Constitution, international treaties, and contributing to the good living of the people.” 6 See Resolutions 392-21-CONATEL-2007 and 067-04-CONATEL-2010. 7 According to MINTEL reports, Internet price is affordable only for wealthier four deciles of the population. If access to the Internet in general is counted, the figure rises to 28.3%, according to figures from INEC (2013). 5 Figure 1. National network of fiber optic trunk lines. Source: MINTEL On the other hand, the number of active mobile telephone subscribers8 in Ecuador is 17 million, equal to 109% of the national population (Armijos, 2013). Only 337 parishes in the Ecuadorian territory don't have mobile data coverage (3G or 3.5G). That equals 32% of Ecuador's parishes, but only includes 6.43% of the population (674,246 people). The advantages of mobile internet in this scenario are obvious: low implementation costs, and an existing infrastructure. It is possible that mobile technology could be assembled in-country in the near future, due to a growing interest in developing new industries to contribute to a radical transformation of what is called the “productive matrix”. If not assembly, import taxes on mobile phones could be reduced as part of the new trade deal with Europe, which could lead to wider adoption of mobile internet (Valarezo et al., 2014). In the scenario where mobile telephony prevails,9 we must consider how reliance on this type of infrastructure could affect governance of the internet, especially where privacy protection is concerned. Mobile technology employs closed standards. Much of its firmware is not accessible and closed-source (Bini, 2014), and in Ecuador there is a mandatory registry of mobile devices. In this scenario surveillance has the potential to cause harm not only to personal privacy and freedom of expression, but could lead to remote attacks, legal sanctions, vulnerability to thirdparty attacks, and in general harm the exercise of human rights (Torres 2014). These dangers are by no means exclusive to Ecuador (Tejada et al., 2014). The dominant cell operator is Claro, with 68% of the market, and Movistar, with 30%. The government telecom CNT only controls 2% of the market. 9 According to 2013 MINTEL projections, by 2017 the number of land connections to the internet will have increased by 16%, while the number of mobile internet connections will have increased by 43%. 8 Community networking, a right guaranteed by the Constitution (Alvear, 2011) would be an additional option in rural places where the penetration of mobile networks is low. Although it has been suggested that rural community networks become a government priority (Torres, 2014), there are no known systematic efforts to implement them as such. The radio spectrum Article 408 of the Ecuadorian Constitution (2008) reads: Nonrenewable natural resources and, in general, products coming from the ground, mineral and petroleum deposits, substances whose nature is different from that of the soil, including those that are located in areas covered by territorial sea waters and maritime zones, as well as biodiversity and its genetic assets and the radio spectrum, are the unalienable property of the government, immune from seizure and not subject to a statute of limitations. These assets can only be produced in strict compliance with the environmental principles set forth in the Constitution. The government shall participate in profits earned from the tapping of these resources, in an amount that is no less than the profits earned by the company producing them. After a complaint filed by radio and television broadcast stations and telecommunications companies, and by request of the now-defunct National Council of Radio and Television, the Constitutional Court determined that the radio spectrum “is not to be considered one of Ecuador's non-renewable resources. Nevertheless with an eye to avoid congestion in the use of telecommunications (...) it must be treated as a limited resource,” as well as a strategic sector10 (“Espectro no es recurso no renovable, interpreta la Corte Constitucional”, 2009). Thenpresident of the National Assembly, Fernando Cordero, said in anticipation of this court decision that by their interpretation users of the radio spectrum “do not have to surrender 50% of their profits” (“En video, asambleístas constituyentes de PAIS hablan sobre espectro radioeléctrico”, 2014). Despite this, public displeasure erupted after a government announcement in 2014 that it would reassign the profit-shared marginal utilities generated by the telecommunications companies to itself. This announcement affected the 80% share of utilities that so far was distributed to telecommunications companies' employees. The change would affect about 4,500 families, according to the government's estimate (“Utilidades de las empresas de telefónia [SIC] celular se reinvertirán [SIC] en proyectos de inversión social”, 2014). The discrepancy between the two ways of interpreting the telecommunications spectrum will apparently be resolved when new regulations falling under the Communications Law pass. The draft regulations restore the employee profit shares of telecommunication companies' marginal utilities (“Concluyó el primer debate en proyecto de ley de telecomunicaciones”, 2014). MINTEL meanwhile is implementing11 a master plan for the shift to digital television. It's hoped that migrating television signals to digital landlines will free up the radio spectrum. A black-out of This implies the Ecuadorian government reserves the right to administer, regulate, control and manage use of this resource. 11 CONATEL issued the plan via resolution RTV- 681-24-CONATEL-2012. On Dec. 23, 2013 a set of technical regulations (Reglamento Técnico RTE 83 para Televisores) was issued, after which date all televisions manufactured, imported, assembled or sold in Ecuador must meet ISDB-Tb standards. 10 TV signals is expected to happen in 201612 (“Ecuatorianos deben adquirir televisores con estándar ISDBT-TB”, 2014). Another consequence of this migration is that television will no longer be a one-way medium. A “return” channel must be implemented by December 2018 that will enable interaction with TV programming (Martínez, 2014). TCP/IP Once the physical layer of the Internet was established, a set of standards had to be developed to assure robust global interconnectivity. Thus the Transmission Control Protocol (TCP) became a core component of the Internet Protocol (IP) suite. TCP/IP is based on three principles which we will explore briefly: packet-switching. This refers to the subdivision of data into smaller packets to ease their transmission. The packets are reassembled upon arrival at their destination. 2. robustness or static discipline. In the words of Jon Postel this means “being conservative in what you do and liberal in what you accept from others”. This apparently contradictory principle attempts to explain standards that are strict and functional but at the same time open to modifications that serve the needs of users. 3. End-to-end networking. End-to-end refers to data networks where two nodes can talk to each other across the net without the need of an intermediary analysis point. 1. There are two governance aspects to TCP/IP: the introduction of new standards, and the transition from IPv4 to IPv6, as IPv4 exhausts its capacity. Because any modification of the existing standards carries with it risks to the existing internet, the body responsible for setting standards, the IETF, does not do so lightly (Kurbalija, 2014). In 1981, when the fourth version of the IP, and the first to be implemented at a mass scale, was planned, it did not consider the exponential multiplication of the number of devices that would later become connected to the internet. At that point, 4.3 billion unique identifiers seemed sufficient. Today, with every device connecting to the network needing a unique IP address, the 4.3 billion available are running out. In Ecuador by mid-2012, only 5% of their remaining identifiers were available (“El congreso de Internet se inauguró hoy en Quito”, 2012). On June 10, 2014, LACNIC released a statement saying “the region is at the final stage of exhausting the internet's old technology (IPv4)”. Although many local ISPs are ready to roll out IPv6, and some government and academic institutions are already operating on both protocols (Pérez, 2014), as of today the majority of Ecuadorians connect to the internet via secondary networks administered by our service providers, via “patch” solutions like NAT or CIDR mechanisms. This means that while my device has access to the public internet, the internet does not have direct access to my device. This infringes on the end-to-end principle and could compromise the integrity of the information. Although they are not ideal, these patchwork solutions are easy and cost-effective to apply. They might even cause indirect profits, as they can work within the existing infrastructure. By In 2016 this process will begin in Quito, Guayaquil, Cuenca. Later, in 2017, the analogue signals will be switched off in other provincial capitals, and eventually, by 2018, the entire country will have migrated to digital television. 12 capitalizing on the use of information (Kleiner, 2014) and the speculation on the remaining available IPv4 addresses. However, a permanent solution exists in the form of the sixth version of Internet Protocol, or IPv6 (Coellar & Cedeño, 2013). IPv6 has a near infinite capacity for the generation of identifiers, re-establishing a symmetric network that abides by end-to-end principles. This new protocol is not, in principle, compatible with the old one, so they must co-exist until IPv4 is definitely shut down. The migration to IPv6 touches on public policy, economics, operations, and technical and engineering aspects. All sectors involved in the transition must be committed to the process and cooperate with each other and the government, industry and academic sectors (Tejada et al., 2014). Faced with this enormous task of facilitacion, MINTEL led that way by implementing IPv6 protocol as a prerequisite on public contracts related to Information and Communication Technology, and set out general guidelines for the implementation of a Transition Master Plan (“Se agotan dominios IPV4 , pero en Ecuador se fortalece protocolo IPV6”, 2014). In parallel to MINTEL, representatives from related industries (Internet providers, software developers), the education sector (universities and research institutes), and Internet users have formed an open and participatory group to assist the transition. Ecuador's IPv6 Task Force has been active since 1999 coordinating activities related to the migration. Despite these efforts, there is not widespread consensus about the importance of implementing IPv6 (Tejada et al., 2014; LACNIC, 2014), and besides the public telecom CNT only about 0.08% of usage13 on all providers is via IPv6 (Aizprua, 2014). DNS The Domain Name System (DNS) is that which enables a web page to be rendered via an IP number to simplify routing across the network. The DNS consists of root servers14, top-level domain (TLD) servers, and a large number of DNS servers located around the world (Kurbalija, 2014). The international system is standardized, making a discussion about its local application not pertinent in this paper.15 Nevertheless, one type of top-level domain is geographic: by country code (ccTLD), reserved for use by a country. Ecuador's ccTLD is .ec16, its management was initially delegated to Intercom-Ecuanex, the first Ecuadorian ISP, at the beginning of the 1990s by IANA. However, because of its limited technical capacity and because it did not have a dedicated Internet connection, this administration was assumed by EcuaNet - Corporación Ecuatoriana de Información, owned This statistic only represents traffic to Google, but it's a useful indicator because Google is the most used search engine in the country. 14 Ecuador has two root servers. Server F was installed in 2007 and is administered by the Ecuadorian Association of Internet Providers (AEPROVI). This implies that the first domain search theoretically does not leave the country, but this has never been independently verified. The infrastructure was installed by a private company mentioned in the Snowden documents as an NSA partner. 15 Ecuador has only participated in one major incident related to generic top level domains (gTLD). Ecuador supported a Brazil/Peru initiative to protect the .amazon gTLD from registry by the U.S. company of the same name. 16 The code is assigned in accordance with ISO 3166-1 13 at the time by the Pacific Bank group (Roggiero, 2008). After the banking crisis in the late 90s, NIC.ec (NICEC S. A.) is created and has since become the administrator (IANA, 2014). Ecuanet was a private non-profit entity17 that created the first internet connections in Ecuador. Its first nodes were in Guayaquil, Quito, Cuenca, Ambato, Machala, Manta and the Galapagos (Corporación Ecuatoriana de Información, 198?). Ecuanex, on the other hand, was the first email node to operate in the country. Because the 2008 Constitution (known as the Montecristi constitution) designates telecommunications as a strategic sector, it could allow the domain system to be nationalized in the future. This would not make Ecuador a unique case. ICANN's Governmental Advisory Council18 adopted principles for the delegation and distribution of ccTLD (2000a) and established best practices for ccTLD administration (2000b) to prepare for such eventualities. To resolve disputes originated by third persons, NIC.EC has implemented ICANN's Uniform Dispute Resolution Policy (UDRP), an administrative arbitration process to resolve disputes over domains occurring between domain registries and third parties. Nevertheless, there are cases like Chile where a multisectoral committee is responsible for the administration of its ccTLD policy. Net Neutrality Net neutrality is isonomic treatment of any and all data packets traveling on the network, without distinctions based on content, origin, destination, server, terminal or application. In simpler terms, it means “cables are only cable, they have no ability for decision-making about what travels on them” (Dans, 2010). At the beginning, the flow of content on the internet was free of discrimination, whether it was generated by emerging enterprises or multinational conglomerates. One did not need permission or market power to innovate online. This quality has been recognized as one of the internet's great strengths (Kurbalija, 2014). The United Nation's Human Rights Council (2014) recognized the open and global nature of the internet as a force that propels development in its various forms. In Ecuador, net neutrality became a topic for public discussion in the mid 2000s, but there was scant description or analysis of the subject. Academics suggested the creation of legislation that would protect net neutrality in 2006 (Richero & Cerbino, 2006). Perhaps the most important civil society action in Ecuador was the “Campaign for the inclusion of the net neutrality principle in the Communication Law” initiated on July 30, 2011, by the online news site GkillCity.com. As a multiplicity of services converge on the internet (voice, audio, multimedia, video, live broadcasting, etc), economic interests want to have differential treatment on the network, as for EcuaNet was registered as a company in 1990, a Banco del Pacifico (bank) initiative. It was founded with additional financial and infrastructure support from Almacenera del Agro, IBM Ecuador, L.E.A.S.I.N.G. del Pacífico, MasterCard, Pacific National Bank and Sucre Insurance 18 Ecuador is not listed as a member of this committee (“GAC Members”, 2014), but there is a record of the participation (Acuerdo Ministerial N° 017-2012) of Mario Ortega at the 2012 meeting. Ortega is a ministerial attaché of MINTEL. 17 example exists in the differentiation between network television and cable (Betancourt, 2011). Because of the power of these economic interests, the principle of net neutrality has become a controversial topic in recent years, along with privacy, free expression and the right to copy (Regattieri et al., 2014). The power play is such that although President Dilma Rousseff mentioned the importance of net neutrality in Brazil's own law, Marco Civil, at NETMundial the gathering in Brazil hosted by Brazil's Internet Management Committee (CGI.br) with the international multi-stakeholder /1Net, the summit did not produce a final resolution that mentioned the net neutrality principle (La República, 2014). Also, Ecuador's delegation to NETMundial failed to mention net neutrality (Correa, 2014). In 2012 the organism CONATEL emitted its regulatory framework, which in article 15.6 says: Service providers should not distinguish nor prioritize for arbitrary reasons content, services, applications or anything else on the basis of brand, ownership, origin or preference. Service providers can implement technical actions which they consider necessary for the operation of their network of services, this includes the management of traffic exclusively for the purpose for which they were contracted or authorized to operate in order to guarantee their services. Thus, Conatel's regulation in principle protects net neutrality, but simultaneously imperils it by allowing Internet Service Providers to manage their networks according to their own criteria (Kelly et al., 2013; Correa, 2014). We have already seen practices by ISPs that attack the principle of net neutrality19, where for example clients cannot reach the transfer speeds they contracted and cannot access the content they desire (Andrade, 2011). There is also a lack of information and transparency about how services are managed and guaranteed technically (Merchán & Carrillo, 2009). These incidents, and other instances of two-tiered provision that give advantageous access to the network to certain services over others, have resulted in user complaints to stop the commercialization of the internet in this way. Users have asked the Telecommunications Superintendency to seriously commit to enforcing quality control in the internet service provider sector (La Revista, 2014). Meanwhile, the National Secretariat of Higher Education, Science and Technology (SENESCYT) has put forward a proposal as a part of the draft law Organic Code of the Social Knowledge Economy (COESCI). Article 36 reads:20 An internet service provider configures its servers to host a certain number of its users. Users share the allotted server connection. This is cost effective for the ISP as it maximizes the number of users it can have, and also helps prevent congestion by compartmentalizing usage. For example, if an ISP decides it will have rates of 10:1, 10 users will be automatically grouped together and share the same data connection to the network. Once ten users have been assigned to one server line, that one is full and the system automatically opens a new server connection to group ten more users. 19 20 Full text at: http://coesc.educacionsuperior.gob.ec/ The government will create the necessary conditions to progressively guarantee the universalization of access to information and communication technologies. The government will prioritize the use of free libre open source technologies that comply with the following principles: technological sovereignty, security, net neutrality, free access, without censorship of the information and prioritizing user privacy. These conditions will be respected without distinction by service providers. The relevant regulatory organisms will ensure these conditions are met. It's estimated that this draft law will be reviewed by the National Assembly at the end of 2014. Whether it be approved or not, there have been no proposals for a regulatory framework that would enable the SENESCYT to penalize ISPs which contravene it. Procedures for the evaluation of ISPs must be more proactive and applied more evenly, according to short term and long term goals, to encourage ISPs to improve competitively (Merchán & Carrillo, 2009). Ecuador's government, in the form of foreign minister Ricardo Patiño, has stated the importance of “an international binding set of norms that should accompany the internet governance processes and guide its decision-making on sensitive matters like the protection of privacy, the promotion of cyber-peace and the eradication of cyber warfare, the neutrality of the net and the unequivocal protection of its open and distributed qualities” ("Ecuador debe proteger a Assange y a quienes sacrifican su libertad para informar", 2014). Civil society has also signalized the need for a new international treaty of cyber-peace (Burch, 2014a). Cloud computing Cloud computing is the shift of data from hard discs on our computers to centralized servers our computers access via a network. The cloud allows a user to be physically anywhere and yet, by accessing the internet, to be able to get to their set of informational resources (including networks, servers, data storage, applications and other services) with minimal effort and minimal interaction with the service provider. There are three models of service a cloud computing provider can offer (Morocho, 2013): Software as a service (Saas), enabling usage of a previously installed application Platform as a Service (PaaS), permitting the creation of applications with tools and languages previously defined by the provider. 3. Infrastructure as service (IaaS), permitting the installation of any type of software on remote hardware, known as a virtual machine. 1. 2. Software as a service cloud computing has emerged as a worldwide force because it's considered a flexible, scalable, low cost and easy solution to many different needs (Jara, 2012; Zuñiga, 2014:62). Ecuador is no exception. Within the small and medium business categories, about 40% of the cloud computing done falls in this category. Users' most visited web pages, such as Facebook, are also software as a service websites (Armijos, 2013). This business model presents a challenge for citizen organizations concerned with the erosion of privacy. Cloud applications can take advantage of users' private information in ways misunderstood by their clients, without consent (Kurbalija, 2014). In addition, a hostile attacker doesn't need to infiltrate many different machines to obtain information on a group of people. The threat model is different when information is centralized in cloud software services (Ramos, 2014). As this market has monopolistic tendencies (Burch, 2014b), the number of possible victims increases, and we have seen this in recent cases. According to the Free Software Foundation, SaaS is “equal to running software that surveils you and has a universal backdoor. It gives the service administrator an unfair power over the users” (Stallman, 2010). Nevertheless it's the second most popular business model in the free software sector in Ecuador (Delgado, 2014). This despite free software developers traditionally having a deeper understanding of privacy issues (Appelbaum, 2014a). Massive adoption of cloud computing services could compromise access to essential computer functionality, like word processing or even simple math, if a connection to the internet is lost (Kurbalija, 2014). The problem of compatibility between various clouds will become critical, and a new standard may have to be developed to maintain proper functionality and security (Kurbalija, 2014; Fox et al., 2009). Snowden's revelations somewhat stalled the mass migration to cloud services by businesses (NTT Communications, 2014). There is an idea that there is no longer sufficient user trust in the privacy and the security of their information stored online. To Ecuador, this is a major concern (Infantino, 2014). The former NSA analyst has suggested that services could regain user trust by offering a way, via end-to-end encryption, that the service-provider does not ever have access to user data (Meyer, 2014). Private clouds will result (which fall under IaaS rather than SaaS). For the sake of security, data that is stored and transmitted via the cloud should be encrypted (Ramos, 2014; Morocho, 2013). Server location is an important consideration, for users. Less than 5% of those surveyed in the telecommunications private sector think that server location is unimportant. In fact 92 – 97% of them would prefer their cloud servers to be located in their own region (NTT Communications, 2014) This is also a concern for governments, as the majority of server farms are now located in the United States (Kurbalija, 2014). In November 2013, the then-national secretary of Ecuador's Public Administration Cristian Castillo (the third most powerful person in the government, after the president and vicepresident), said that “the guiding principle behind Ecuadorian public policy has always been to guarantee technological sovereignty” (“Una Minga por la Libertad Tecnológica”, 2013). Regulations of that secretariat forbid public sector employees to use cloud services that have servers located outside Ecuador.21 It is expressly forbidden that entities of the public sector should contract, access or use cloud email services whose servers, networks (excluding the internet), equipment, basic software and mail management means are outside of the National territory, for institutional or bureaucratic purposes. Additionally it is forbidden to contract any companies if their terms of service do not comply with the Ecuadorian constitution and law. 21 Although information security is the top concern, one must also consider how widespread cloud usage can affect identity management, access control, forensic security, virtualization and distributed computing, and more (Salazar, 2013). In 2010, a draft law “to protect intimacy and personal data” was archived. Legislators at the time thought that the draft law was redundant because many of its protections were already included in the constitution or in existing laws (Organic Law of Judicial Guarantees and Constitutional Control, Transparency and Access to Information Law), despite the constitution signaling the need for a law to protect personal data stored in public registries (“Asamblea Nacional archiva el proyecto de Ley de Protección a la Intimidad y a los Datos Personales”, 2010). Lacking a specific set of rules to regulate the use of cloud computing, service contracts are the only binding documents that govern the practice. Salazar (2013:108) proposes a series of principles to include in an Ecuadorian regulatory framework to protect data stored in the cloud: Consent: Consider whether data use needs the approval of the party responsible for the data, interested in the data, etc. Establish responsibilities: Make clear what shall be the responsibilities of each party engaged in the contract for cloud computing. Goals: Establish what the purpose for using a cloud computing platform should be and whether other purposes should be included. Security: What technical and structural measures should be incorporated for data management in a cloud environment. If necessary, makes such measures a requirement for cloud providers. International transfers: How should the flow of personal information across borders be carried out and what protections should those involved have. Third party intervention affecting the data: What requirements must third parties comply with to intervene in a cloud environment. Communication: How changes to practice and policy on the cloud platform that affect service are communicated to clients, with clarity and transparency. Sanctions, guarantees and insurance: How do providers insure their users against irreparable damage to their data. Intellectual property: What intellectual property rights should apply to data in the cloud. What sanctions could exist for abuse or violation of intellectual property-protected content. Within Ecuador's current structure, the Regulation, Integration and Control Directorate in the National Secretariat of Public Administration informatics subdivision is tasked with defining this sort of regulatory framework.22 Cybersecurity Cybersecurity is a collection of technologies, processes and best practices designed to protect one’s network, processors, programs and data from cyber-attack, damage or unauthorized access. General objectives include maintaining the integrity, availability and confidentiality of 22 Ministerial accord 119, published in the official registry Aug. 1 2007 says its responsibilities include to “prepare draft laws and regulations to control, evaluate, and do follow-up on computer processing projects and access to information”. information. In this document our principal concern is the cybersecurity of the country. Future papers may wish to deal with cybercrime, the protection of citizen data and privacy. Ecuador is a developing country and had not been concerned with developing a secure telecommunications infrastructure, outside of its military communications infrastructure. In 2011, security researcher Dmitry Bestuzhev said: Although they have made some efforts, [Ecuador] doesn’t yet have a systematic security apparatus with defined processes. The government doesn’t have an action plan for the country’s entities. It’s often not the website’s owner or administrator who can make the decision that would make it secure, so Ecuador is an easy target for attackers (“Ecuador es un blanco fácil para ataques de hackers”, 2011). Years later, Bestuzhev denounced that there was a cyber-espionage effort in Latin America that was targeting military, diplomatic and government intelligence that started in 2010 and affected at least 280 people (“Denuncian ciberespionaje en Ecuador”, 2014). In 2013, the leaks from the U.S. National Security Agency revealed widespread vulnerabilities in all communications that led to the violation of the privacy of citizens, public and private companies, think tanks and diplomatic missions (Greenwald, 2014; Reyes 2014). Foreign embassies are often hubs for intelligence gathering operations. In early 2014, a researcher uncovered the possible presence of cell-signal capturing equipment at the U.S. embassy in Quito (Appelbaum, 2014b). Ecuador’s president denounced attempts to infiltrate his account and military information, saying later the country needed to prepare for acts of “cyberwar” (“Ecuador denuncia ataques cibernéticos desde Colombia para extraer datos”, 2014). In the last three years, we have seen an increased effort to adapt to the new threats inherent in the government’s digital landscape. Ecuador’s Ministry of Defense has said it considers cyberspace “vital” to the security of the government and its citizens, and announced it would invest in developing relevant operations and policies (“Agenda Política de la Defensa”, 2014). In May 2014, cyberdefense became a curriculum subject in military training (“Formación militar prevé ciberdefensa”, 2014) and in September it was announced that Ecuador would put $8 million towards the creation of a Cyberdefense Operations Command to open in 2015 (“Comando de Operaciones de Ciberdefensa para el 2015, anuncian Fuerzas Armadas de Ecuador”, 2014). Ecuador’s joint chief of military staff said: There are countries with a great economic and military potential that have been affected by cyberattacks, cyberwarfare, and espionage. This makes them susceptible to attack from anywhere in the world and affects systems as important as air traffic control (Garzón, 2014). Members of the president’s cabinet have made similar remarks. Then-national secretary of Ecuador's Public Administration (SNAP) Cristian Castillo said that “the guiding principle behind Ecuadorian public policy has always been to guarantee technological sovereignty” (“Una Minga por la Libertad Tecnológica”, 2013). SNAP’s Technological Architecture directorate supervises information security management in the government via the creation of binding decrees and ministerial accords. In 2011, SNAP along with MINTEL and the National Intelligence Secretariat (SENAIN) formed a commission for cybersecurity. This commission is in charge of “establishing information security strategies, the protection of computational and all related infrastructure, as well as the information held by the the central public and institutional administration”. To accomplish this task, the commission create a Government Information Security Schematic to be enacted by February 2015 by all public institutions (Ministerial Accord N° 166). In July 2013, in a perceived response to the Snowden revelation, then-Coordinating Minister of Security Homero Arellano announced that high-ranking government officials would start implementing cybersecurity processes to protect the integrity of their data. Arellano said the military already used encryption to communicate during war time, but that their experience would be carried over to the public sector (“Estado inicia planes reservados para asegurar comunicaciones entre altos funcionarios y evitar espionaje”, 2013). In addition, private and public institutions have begun to incorporate information incident response teams (Hidalgo, 2011). SUPERTEL created EcuCERT (OAS, 2014), a central server for any use but especially for the public sector. Ricardo Patiño, Ecuador’s foreign minister, has said that Ecuador is interested in “an international binding set of norms that should accompany the internet governance processes and guide [ …] the promotion of cyberpeace and the eradication of cyber warfare” ("Ecuador debe proteger a Assange y a quienes sacrifican su libertad para informar", 2014). Ecuador is also considering adhering to the Budapest convention (Stel, 2014), the first international treaty to harmonize national legal structures, research practices, and intergovernmental cooperation on matters of cybercrime. The government’s intentions include regional expansion. After receiving recommendations from several civil society organizations (Burch, 2014c), the Minister of Defense announced it would invest in the Strategic Defense Center at the UNASUR South American Defense School, and would help develop a regional agenda for cyberdefense projects (“Agenda Política de la Defensa”, 2014). Although the Global South has an interest in preventing cyberspace from becoming a tool of war, these notions were not included in the final recommendations of NETMundial (Burch, 2014b). One must consider many aspects to talk about the security of a government. In 1946 the United Nations general assembly agreed that “freedom of information is a fundamental human right and [...] the cornerstone of all human rights consecrated by the United Nations”. Nevertheless nations can restrict access to information under certain circumstances, such as protecting the rights or reputations of others protecting national security and protecting public health. But when these exceptions are applied, governments must weigh it against damage to the public interest (Aaronson, 2014), as some civil rights and freedoms are affected when governments engage in practices to, for example, combat cyberterrorism (although no known cases of cyber terrorism have been detected to date) (Reyes, 2014). It’s important to consider, when protecting the communications of public servants from foreign espionage, these same public servants must strive for transparency and public accountability of the State, by being forthright about the reach of their anti-surveillance laws, regulations, powers and authorities (Necessary and Proportionate, 2014). In Dec. 2012 a Russian company, Speech Technology Center, revealed that it had signed a contract with the government of Ecuador to provide biometric identification technology that could recognize faces and voices (Kelly et col, 2013). There is also some evidence that the Ecuadorian government has acquired GSM interception technologies (Grey, 2013). Although the government claims that this technology is only used for law enforcement purposes, there are documented cases of police spying on civil society organizations and non-profits that has never been disproved (Ser Publicos Agencia de Comunicacion, 2013). On Aug. 10 2014 a new penal code came into effect that criminalizes the publication of information considered “reserved” (punishable with 5 to 7 years of prison). Espionage and the destruction of registries is now punishable by 7 to 10 years in prison. The new penal code also establishes legal guidelines for the interception of communications. There are currently two draft laws being debated that could influence the state of cybersecurity in Ecuador: the “Organic Code of the social knowledge economy and innovation,” which includes articles forcing free software use on the public sector, and draft new Telecommunications law. Encryption Encryption is the encoding of documents and communications to make them unreadable to any third person and only legible to the concerned parties who must have access to the encryption keys and deciphering software. There are two important aspects to this topic. The first the international nature of encryption policies. Regulation of encryption needs to happen on a global level or at least involve the main countries capable of exporting encryption tools (Kurbalija, 2014). Ecuador has not signed the Wassenaar treaty which places limits on the use of cryptography. The second aspect is that legal obligations with regards to cryptography must be implemented at local levels, as we have seen in recent years with legislation emerging in Europe, the United States, Asia and Australia (Room, 2014). Ecuador’s new Penal Code penalizes the decryption or discovery of secret keys or encrypted files and the violation of electronic security measures (Art. 190), punishable with three years in prison. In Art. 145, though, it creates exceptions for law enforcement to gain access to decryption keys with a court order approved by a judge. Legal Every facet of the internet has a different legal dimension. In recent years we’ve seen the constant need of legislation to adapt to new technologies, whether it be with new laws (cyber legislation) or by adapting the principles of existing laws to new realities made possible by the internet. The predominant approach has been the latter (Kurbalija, 2014). Too many of these legal facets could be analyzed. We will only focus on intellectual property rights in this document. Copyright Intellectual property legal instruments have two main objectives: first protect the author’s copyrights of a given work, and secondly ensure the dissemination of a work for public benefit. The struggle to find a balance between these two objectives is key to understanding current issues about intellectual property on the internet. Developing countries can benefit from the limits and exceptions included in international agreements on intellectual property,23 if the internet can be understood as a medium for academic exchange, economic development and cultural expansion. Under this interpretation, Ecuador has promoted, even in international forums, the usage of knowledge for the public good (Ramírez, 2012). Nevertheless Ecuador’s current legal framework includes copyright protections that exceed those demanded by international law, and has been called “hyperprotectionist” (Golinelli et al., 2014). Art. 292 of Ecuador’s current intellectual property law says that the violation of an author’s copyrights are the responsibility not only of the unlawful copier but of the “operator, natural person or legal person who controls the computational system connected to the network (...) as long as they have knowledge or have been warned of the possible infraction, or it was impossible for them to ignore it without committing gross negligence”. Although the law indicates that copyright violation notices need to be well-documented, the current system has been proven to be dangerous and ineffective, and not just in Ecuador. Many unfounded copyright takedown notices have been used to censor, have given the entertainment industry unfair powers to abuse individuals, and are enforced without due process (Freedom of the Net, 2013). Two recent developments will modify Ecuador’s current framework for moderating intellectual property uses on the internet: (1) the signed free trade agreement with the European Union, which has not yet been ratified by the National Assembly thus has not yet been enacted and (2) the proposals contained in the Organic Code of the Social Knowledge Economy (COESCI). International treaties generally place additional limits on access to knowledge (Aaronson, 2014). In the Ecuador-EU trade deal, Articles 251, 252 y 253 open the door for content blocking that does not comply with a judicial process. By including the “administrative authority” as a legitimate mediator, those supposedly affected by copyright violations could appeal directly to 23 The term “Fair use” is used often in this context. internet service providers to takedown content without a court order. The providers, to avoid the trouble and responsibility of notifying the supposed infractor, takedown the content without consulting with the alleged violator. Additionally, the treaty specifies that ISPs must not be liable as long as they do not interfere in the legal use of technology broadly defined and used by industry to obtain data about the use of information. This legalizes data retention and enables mass surveillance that citizens are already victims of (Greenwald, 2014). Although this rule is not negative per se, it could supercede agreements between users and ISPs where users opt for greater privacy protections. Another consequence of the EU treaty are obligatory reforms to Ecuador’s recent Penal Code.24 The amendments impose fines of $500 to $500,000 to those who falsify brands and fines of $500 to $200,000 to commercial pirating operations. Although the office of the president has said these new rules respond to WTO agreements signed years ago (“Alexis Mera dice que reforma al COIP responde a tratados”, 2014) the timing of the introduction of these amendments and others which would modify even Ecuador’s constitution is interpreted to be related to the negotiations for the EU treaty (Profitas, 2014 & “Reforma al COIP pretende cumplir con la OMC”, 2014). As this process unfolds, restrictions on access to content and punitive treatment of infractions to an author’s copyright are developed which conflict with Art. 36 in the COESCI draft law that declares “universal free and secure access to knowledge in digital environments are a citizen’s right.” Unfortunately the COESCI does not establish any clear mechanisms to guarantee this right. See memo PAN-GR-2014-0247 iof the National Assembly issued by Assembly President Gabriela Rivadeneira and addressed to Libia Rivas, General Secretary. 24 References Aaronson, S. A. (2014). Why Trade Agreements are not Setting Information Free: The Lost History and Reinvigorated Debate over Cross-Border Data Flows, Human Rights and National Security. Human Rights and National Security. Work in progress, cited with the author’s permission. Acs, A. (2014). Reshaping the Organizing Vision of Cloud Computing. The Information Systems Student Journal, 18. Retrieved from http://www.lse.ac.uk/management/documents/ISCHANNEL--9.1.pdf#page=19 Aizprua, J. (2014). [Foro-IPv6] Resumen de Foro, Vol 30, Envío 2. [email] Sent to foro@ipv6tf.ec on August 13, 2014. Albornoz, M. B. (2008). Cibercultura y las nuevas nociones de privacidad.Nómadas, 28, 44-50. Albornoz, M. B., & Agüero, A. (2011). El estado de la banda ancha en el Ecuador. Retrieved from http://dirsi.net/sites/default/files/El%20estado%20de%20la%20Banda%20Ancha%20en%20Ecuador.pdf Alvear, M. N. (2011). Espectro abierto para el desarrollo Estudio de caso: Ecuador. Retrieved from http://www5.apc.org/es/system/files/countries/Espectro_Ecuador.pdf ANDES. (2012, October 4). Asamblea Nacional archiva el proyecto de Ley de Protección a la Intimidad y a los Datos Personales”. Retrieved from http://www.andes.info.ec/ Andrade Aguilar, D. A. (2011). La neutralidad en la red y su marco legal en Ecuador (Doctoral dissertation, Universidad Internacional SEK). Retrieved from http://repositorio.uisek.edu.ec/jspui/bitstream/123456789/491/1/La%20neutralidad%20en%20la%20red %20y%20su%20marco%20legal%20en%20Ecuador Appelbaum, J. (2014a, March). Free software for freedom. Surveillance and you. Keynote presented at LibrePlanet 2014. Cambridge, MA. Retrieved from http://media.libreplanet.org/u/zakkai/m/free-softwarefor-freedom-surveillance-and-you/ Appelbaum, J. (2014b, January 30). Art as evidence. Keynote presented at Transmediale. Berlín, Germany. Retrieved from https://www.youtube.com/watch?v=ndx0eox0Lkg Armijos, A. (2013, November). Tecnologías de la Información y de la Comunicación y el Desarrollo Productivo. Conferencia presentada en el 3er. Foro Estrategia Ecuador Digital 2.0. Inclusión Digital. Retrieved from http://infocentros.gob.ec/infocentros/images/Alistamiento/Exposiciones/alvaroarmijos.pdf Asamblea Constituyente, A. (2008). Constitución de la República del Ecuador. Ciudad Alfaro. Asamblea Nacional. (2013). Código Orgánico Integral Penal. Asamblea Nacional. (2014, October 29). Se aprueba informe para primer debate de la ley orgánica de telecomunicaciones. Retrieved from http://www.asambleanacional.gob.ec/ Asamblea Nacional. (2014, November 11). Concluyó el primer debate en proyecto de ley de telecomunicaciones. Retrieved from http://www.asambleanacional.gob.ec/ Asamblea Nacional. (2014, July 17). Memorando PAN-GR-2014-0247. Retrieved from http://www.araujoasociados.net/blog/wp-content/uploads/2014/07/Proyecto-de-Ley-Reformatoria-del-C %C3%B3digo-Org%C3%A1nico-Integral-Penal-1.pdf Betancourt, V. (2011). Ciberactivismo: ¿Utopía o posibilidad de resistencia y transformación en la era de la sociedad desinformada de la información?. Chasqui 116. 18 Ensayos. Retrieved from http://186.5.95.155:8080/handle/123456789/383 Bini, Ola. (2014, September 20). Encrypt everything!. Keynote presented at Campus Party Quito 2014. Retrieved from http://new.livestream.com/Gamatv-Vivo/CampusPartyQuito4-MainStage/videos/62585971 Brasil. Marco Civil da Internet, Lei 12.965 (2014). Retrieved from http://www.planalto.gov.br/CCIVIL_03/_Ato2011-2014/2014/Lei/L12965.htm Burch, S., sburch@alainet.org (2014a). [Internetlibre] Apuntes sobre la necesidad de un tratado de ciberpaz. [email] Sent to internetlibre@listas.asle.ec on June 13, 2014. Burch, S. (2014b, August). Retos de la era digital para América Latina y el Caribe. Discurso presentado en el conversatorio: “Geopolítica de la Comunicación e Integración: retos y perspectivas”, organizado por CIESPAL, ALAI y el Foro de Comunicación para la Integración de NuestrAmérica. Quito. Retrieved from http://www.alainet.org/active/76641 Burch, S., sburch@alainet.org (2014c). [Internetlibre] Recomendaciones para Unasur. [email] Sent to internetlibre@listas.asle.ec.on May 25, 2014. Cabrera, J. J., Tello, D. A., & Villao, F. (2014). Estudio para determinar la necesidad del aterrizaje de un nuevo cable submarino de fibra óptica en el Ecuador. Retrieved from http://www.dspace.espol.edu.ec/bitstream/123456789/25445/1/Resumen%20de%20tesis%20JCabrera, %20Dtello,%20director%20de%20tesis%20Ph.D.%20Freddy%20Villao%20Q.%2020%20feb %202014.pdf Cavalli, O. (2009). Gobernanza de Internet: el debate en Latinoamérica. Telos: Cuadernos de comunicación e innovación, (80), 106-109. CEPAL. (2014). Evaluación de los posibles impactos de un acuerdo comercial entre el Ecuador y la Unión Europea. Santiago de Chile. Coellar Solórzano, J., & Cedeño Mendoza, J. (2013). Propuesta para la transición de IPv4 a IPv6 en el Ecuador a través de la Supertel (Doctoral dissertation). Retrieved from http://repositorio.ucsg.edu.ec:8080/bitstream/123456789/498/1/T-UCSG-POS-MTEL-5.pdf Consejo de Regulación y Desarrollo de la Información y Comunicación. (2014, September 17). Comunicado-Corte Constitucional del Ecuador ratifica la voluntad popular y refuerza la libertad de expresión y el respeto a los Derechos Humanos. Retrieved from http://www.cordicom.gob.ec/comunicado-corte-constitucional-del-ecuador-ratifica-la-voluntad-popular Corporación Ecuatoriana de Información. (198?). Ecuanet - Una red de comunicaciones e investigación científica para construir el futuro del país. Retrieved from https://www.flacso.org.ec/biblio/catalog/resGet.php?resId=18779 Correa, C. (2014). La Neutralidad de la red, principio indispensable. IT Ahora Nº5. Retrieved from http://calu.me/bitacora/files/2014/09/IT_Ahora_Neutralidad.pdf Dans, Enrique. (2010). El caso Comcast vs. FCC y la neutralidad de la red. Retrieved from http://www.enriquedans.com/2010/04/el-caso-comcast-vs-fcc-y-la-neutralidad-de-la-red.html Delgado, J. A. (2014). Modelos de Negocio de Software Libre en Ecuador, SENESCYT. Retrieved from http://repositorio.educacionsuperior.gob.ec//handle/28000/1267 Ecuador Inmediato. (2013, July 29). Estado inicia planes reservados para asegurar comunicaciones entre altos funcionarios y evitar espionaje. Retrieved from http://ecuadorinmediato.com/ Ecuavisa. (2014, September 5). Reforma al COIP pretende cumplir con la OMC. Retrieved from http://www.ecuavisa.com/articulo/noticias/actualidad/79004-reforma-al-coip-pretende-cumplir-omc El Comercio. (2012, May 7). El congreso de Internet se inauguró hoy en Quito. El Comercio. (2014, October 16). Ecuador denuncia ataques cibernéticos desde Colombia para extraer datos. Retrieved from http://www.elcomercio.com/ El Comercio. (2014, November 11). ‘Ancho de banda de Ecuador será igual que países desarrollados’. Retrieved from http://www.elcomercio.com/ El Comercio. (2014, November 5). Claro: 'Negociaciones para espectro 4G están estancadas'. Retrieved from http://www.elcomercio.com/ El Telégrafo. (2013, June 27). Ecuador gives up on ATPDEA exemptions, offers U.S. a $23 million grant to get some human rights education. Retrieved from http://www.telegrafo.com.ec/ El Telégrafo. (2014, September 9). FF.AA. analizan crear un Comando Operacional de Ciberdefensa. Retrieved from http://www.telegrafo.com.ec/ El Universo (2009, October 7). Espectro no es recurso no renovable, interpreta la Corte Constitucional. Retrieved from http://www.eluniverso.com/ El Universo (2014, May 21).Formación militar prevé ciberdefensa. Retrieved from http://www.eluniverso.com/ El Universo. (2014, September 4). Alexis Mera dice que reforma al COIP responde a tratados. Retrieved from http://www.eluniverso.com/ El Universo. (2014, September 9). Comando de Operaciones de Ciberdefensa para el 2015, anuncian Fuerzas Armadas de Ecuador. Retrieved from http://www.eluniverso.com El Universo. (2014, October 5). La comunicación, ¿un derecho constitucional o servicio público?. Retrieved from http://www.eluniverso.com/ El Universo. (2014, August 4). En video, asambleístas constituyentes de PAIS hablan sobre espectro radioeléctrico. Retrieved from http://www.eluniverso.com Erique, E. (2014). Necesidad de agregar un inciso en el art. 31 del reglamento de radiocomunicaciones ecuatoriano, para la implementación de equipos con tecnología digital, con el fin de proteger el uso de el espectro radioeléctrico (Doctoral dissertation). Retrieved from http://dspace.unl.edu.ec/jspui/bitstream/123456789/6548/1/Erika%20Estefan%C3%ADa%20Erique %20Camposano.pdf ESPE - Escuela Superior Politécnica del Ejército. (2014, June 2). Ciberdefensa: Un desafío emergente para Ecuador. Retrieved from http://blogs.espe.edu.ec/ Estévez, I. (2012). ¿Hacia dónde va la política comercial ecuatoriana? Nuevos elementos normativos en el ámbito comercial y sus implicaciones para el Acuerdo Comercial Multipartes con la Unión Europea. Cuadernos de política pública, (1). Retrieved from http://iaen.edu.ec/wpcontent/uploads/2012/08/PolicePaper_digital.pdf European Commision. (2014, September 23). EU and Ecuador publish text of trade agreement. Retrieved from http://trade.ec.europa.eu/doclib/press/index.cfm?id=1156 Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., ... & Stoica, I. (2009). Above the clouds: A Berkeley view of cloud computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley, Rep. UCB/EECS, 28, 13. Gagliardo G. (2011). [Carta a los organizadores del cuarto Foro Parlamentario sobre la Configuración de la Sociedad de la Información]. Archivo de The Global Centre for Information and Communication Technologies in Parliament. Retrieved from http://www.ictparliament.org/sites/default/files/pf2011_ecuador.pdf Garzón, L. (2014, September 9). Discurso de apertura. Keynote presented at Seminario Internacional de Ciberdefensa. Quito, Ecuador. Golinelli, S., Vega-Villa, K. & VillaRomero, J. F. (2014). Biodiversidad. Retrieved from http://es.wiki.floksociety.org/w/Biodiversidad Governmental Advisory Commit - ICANN. (2014). GAC Members. Obtenido el 19 de November de 2014 de https://gacweb.icann.org/display/gacweb/GAC+Members Gray, R. (2013, June 25). Exclusive: Documents Illuminate Ecuador’s Spying Practices. Retrieved from http://www.buzzfeed.com/ Greenwald, G. (2014). No Place to Hide: Edward Snowden, the NSA, and the US Surveillance State. Metropolitan Books. Herrera Tamariz, H. A. (2010). El impacto de la tecnología digital y los nuevos mecanismo de protección de fonogramas controversia y soluciones en la normativa nacional. Retrieved from http://dspace.udla.edu.ec/jspui/bitstream/33000/1314/1/UDLA-EC-TAB-2010-29.pdf Hidalgo, J. (2011). Implementación del CERT en Campus Party. Keynote presented at Campus Party Quito 2011. Retrieved from http://es.slideshare.net/juka1978/presentacin-csirt-campus-21-oct-2011 IANA - Internet Assigned Numbers Authority. (2014). Delegation Record for .EC. Retrieved from https://www.iana.org/domains/root/db/ec.html ICANN. (2000a, February 23). Principles for the Delegation and Administration of Country Code TopLevel Domains. Retrieved from http://archive.icann.org/en/committees/gac/gac-cctldprinciples23feb00.htm ICANN. (2000b, June 12). Lineamientos de Las Mejores Prácticas para Administradores de ccTLD. Retrieved from http://www.wwtld.org/ongoing/bestpractices/spanish/bp.12jun00.es.html Infantino, M. (2014). ¿Cómo está el mercado del Cloud Computing para el canal IT de Ecuador? [Infographic]. Retrieved from https://licenciasonline.com Instituto Nacional de Estadísticas y Censos. (2013). Tecnologías de la Información y Comunicación (TIC's) 2013. Retrieved from http://www.observatoriotic.mintel.gob.ec/images/varios/Noticias/Reportes/Resultados_principales_12_09 _2014.pdf Jara, J. (2012). Guía para el análisis de factibilidad en la implantación de tecnologías de Cloud Computing en empresas del Ecuador(Doctoral dissertation, QUITO/EPN/2012). Retrieved from http://bibdigital.epn.edu.ec/bitstream/15000/4649/1/CD-4281.pdf Katz, R., & Kallorda, F. (2013). Economic impact of broadband deployment in Ecuador. Lima: International Development Research Center. Retrieved from http://dirsi.net/web/web/en/publicaciones/detalle/economic-impact-of-broadband-deployment-in-ecuador Kelly, S., Truong, M., Earp, M., Reed, L., Shahbaz, A., Greco-Stoner, A.. (2013). Freedom of Net. Retrieved from http://www.freedomhouse.org/report/freedom-net/2013/ecuador Kleiner, D. (2014, July 30). Querida #NETMundial, la Gobernanza es genial y todo, pero necesitamos EXIGIR el IPv6 ¡AHORA! (J. A. Delgado, Trans.) Retrieved from http://www.aperturaradical.org/ (Oiriginally posted 2014, April 28). Kurbalija, J.. (2014). An Introduction to Internet Governance. Suiza: DiploFoundation. La Hora. (2011, August 22). ‘Ecuador es un blanco fácil para ataque de hackers’. Retrieved from http://www.lahora.com.ec La República. (2014, April 23). Brasil aprueba ley de privacidad en internet. Retrieved from http://www.larepublica.ec La República. (2014, August 19). Denuncian ciberespionaje en Ecuador. Retrieved from http://www.larepublica.ec La Revista, El Universo. (2014, July 6). 4G en Ecuador. Retrieved from http://www.larevista.ec/ LACNIC - La Casa de Internet de Latinoamérica y el Caribe. (2014, June 10). No hay más direcciones IPv4 en América Latina y Caribe. Retrieved from http://www.lacnic.net/ León, J. M. (2011, July 29). Inacción y Neutralidad en la Red. Retrieved from http://gkillcity.com/ Maldonado Olivo, M. G., & Torres Ramos, J. A. (2013). Análisis de los temas sensibles de negociación del acuerdo comercial de desarrollo entre el Ecuador y la Unión Europea, Caso Específico: Compras Públicas (Doctoral dissertation). Retrieved from http://dspace.internacional.edu.ec:8080/jspui/bitstream/123456789/42/1/AN%C3%81LISIS%20DE %20LOS%20TEMAS%20SENSIBLES%20DE%20NEGOCIACI%C3%93N%20%20DEL%20ACUERDO %20COMERCIAL%20%20DE%20DESARROLLO%20ENTRE%20EL%20ECUADOR%20Y%20LA %20UNI%C3%93N%20EUROPEA,%20CASO%20ESPEC%C3%8DFICO%20COMPRAS%20P %C3%9ABLICAS.pdf Martínez, E. (2014). Análisis del espectro radioeléctrico, modificación, asignación y optimización durante la transición de televisión analógica a digital terrestre en el Ecuador. Retrieved from http://dspace.espoch.edu.ec/bitstream/123456789/3239/1/98T00041.pdf Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. Retrieved from http://csrc.nist.gov/publications/PubsSPs.html#800-145. Merchán, V. R., & Carrillo, J. J. (2009). Regulación de Internet: una propuesta para el mercado ecuatoriano. Retrieved from http://repositorio.usfq.edu.ec/bitstream/23000/1063/1/95117.pdf Meyer, D. (2014, July 18). Edward Snowden thinks cloud providers still have a chance to win users’ trust. Retrieved from https://gigaom.com/ Ministerio Coordinador de Seguridad. (2014, May 13). Ciberseguridad: Escenarios y recomendaciones. Nuestra Seguridad. Retrieved from http://www.nuestraseguridad.gob.ec/ Ministerio de Justicia. (2013, April 9) Justicia participó en COMJIB realizado en Chile. Retrieved from http://www.justicia.gob.ec/justicia-participo-en-comjib-realizado-en-chile/ Ministerio de la Defensa Nacional. (2014). Agenda Política de la Defensa 2014 - 2017. Retrieved from http://www.defensa.gob.ec/wp-content/uploads/downloads/2014/06/Agenda-Politica-Defensa.pdf Ministerio de Telecomunicaciones y Sociedad de la Información. (2014, September 30). Ecuatorianos deben adquirir televisores con estándar ISDBT-TB. Retrieved from http://www.telecomunicaciones.gob.ec/ Ministerio de Telecomunicaciones y Sociedad de la Información. (2014, June 12). Se agotan dominios IPV4 , pero en Ecuador se fortalece protocolo IPV6. Retrieved from http://www.telecomunicaciones.gob.ec/ Morocho, G. O. (2013). Limitaciones a las Técnicas Tradicionales y Actuales de Encripción Inherentes a los Servicios de la Nube. ReDiFIS, Systems Engineering, National Polytechnic School, Ecuador, 2(1), 3134. Retrieved from http://redifis.epn.edu.ec/index.php/RediFis/article/download/28/25 Necessary and Proportionate. (2014). Principios Internacionales sobre la Aplicación de los Derechos Humanos a la Vigilancia de las Comunicaciones [aplicación digital]. Retrieved from https://es.necessaryandproportionate.org/text NIC.EC. (n.d.). Política de resolución de disputas. Retrieved on November 19, 2014 from http://nic.ec/info/resolucion.htm NTT Communications. (2014). NSA After-shocks. Retrieved from http://nsaaftershocks.com/wpcontent/themes/nsa/images/NTTC_Report_WEB.pdf Organización de Estados Americanos. (2014). Tendencias de Seguridad Cibernética en América Latina y el Caribe. Retrieved from http://www.symantec.com/content/es/mx/enterprise/other_resources/b-cybersecurity-trends-report-lamc.pdf Pérez, E., ernesto.perez@cedia.org.ec (2014). [Foro-IPv6] estado. [email] Sent to foro@ipv6tf.ec on August 13, 2014. Plan V. (2014, October 12). "Hay que mantener la neutralidad de la red": Juan Carlos Solines. Retrieved from http://www.planv.com.ec Plan V. (2014, October 31). El control total a las telecomunicaciones. Retrieved from http://www.planv.com.ec Profitas. (2014, August 15). Efectos Iniciales del Tratado Comercial con la Unión Europea. Retrieved from http://www.profitas.com/blog/?p=2846 Ramírez, R. (2012). La vida (buena) como riqueza de los pueblos. Hacia una socioecología política del tiempo. Retrieved from http://iaen.edu.ec/wp-content/uploads/2013/10/La_vida_buena.pdf Ramos, M. (2014, September 24). Acerca de la soberanía del Ecuador en el ciberespacio. Retrieved from http://tercerainformacion.es/spip.php?article74389 Regattieri, L. L., Herkenhoff, G., Malini, F., & Goveia, F. MarcoCivil: Visualizing the Civil Rights Framework for the Internet in Brazil. Retrieved from http://ceur-ws.org/Vol-1210/datawiz2014_10.pdf Reyes Benz, A. B. (2014). Alcances del "ciber-terrorismo" en la sociedad contemporánea (Doctoral dissertation, Universidad de Chile). Retrieved from http://tesis.uchile.cl/bitstream/handle/2250/116821/dereyes_a.pdf?sequence=1 Richero, A & Cerbino, M. (2006). Gobernanza, políticas públicas y aplicaciones de Internet. Flacso. Retrieved from https://www.flacso.org.ec/docs/gobernanza.pdf Room, S. (2014). The legal obligations for encryption of personal data. Retrieved from http://www.xnetworks.es/contents/Vormetric/2014-The-legal-obligations-for-encryption-of-personal-datain-Europe-Asia-and-Australia.pdf Russia Today. (2014, August 20). "Ecuador debe proteger a Assange y a quienes sacrifican su libertad para informar". Retrieved from http://actualidad.rt.com Salazar, C. (2013). Análisis de los riesgos técnicos y legales de la seguridad en Cloud Computing. Retrieved from http://repositorio.educacionsuperior.gob.ec/bitstream/28000/1202/1/T-SENESCYT000333.pdf Secretaría Nacional de Administración Pública. (2013, November 26). Una Minga por la Soberanía Tecnológica. Retrieved on October 27, 2014 from http://www.administracionpublica.gob.ec Secretaría Nacional de Administración Pública. (2013). Acuerdo ministerial N° 166. Registro Oficial Suplemento 88 de 25-sep-2013. Retrieved from http://www.planificacion.gob.ec/wpcontent/uploads/downloads/2013/12/Esquema-Gubernamental-de-Seguridades-de-la-Informaci %C3%B3n.pdf Secretaría Nacional de Administración Pública. Acuerdo ministerial N° 119. Retrieved from http://www.administracionpublica.gob.ec/wp-content/uploads/downloads/2014/06/siac119.pdf Ser Publicos Agencia de Comunicacion. (2013, December 23). Declaracion del Observatorio Ciudadano ante problemas en recoleccion de firmas. [archivo de video]. Retrieved from https://www.youtube.com/watch?v=-xCELWybBkc Stel, E. (2014). Seguridad y Defensa del Ciberespacio. Dunken Ed. Superintendencia de Telecomunicaciones. (2012). Ciberseguridad: Incremento del conocimiento acerca de atención de seguridad informática. Revista Institucional SUPERTEL. Ed. 13. Retrieved from http://www.supertel.gob.ec/pdf/publicaciones/supertel13_2012.pdf Superintendencia de Telecomunicaciones. (2014). Disminuye la tarifa de internet residencial. en promedio. Retrieved from http://www.supertel.gob.ec/index.php/noticias/item/113-disminuye-la-tarifa-deinternet-residencial Tejada, C. E., Rodriguez, X. D., & Villao, F. (2014). Elaborar un plan de acción para la implementación de IPv6 en el Ecuador y fomentar su uso. Retrieved from https://www.dspace.espol.edu.ec/bitstream/123456789/25473/1/Resumen%20de%20tesis%20CTejada %20y%20XRodr%C3%ADguez,%20director%20de%20tesis%20Ph.D.%20Freddy%20Villao%20Q. %2012%20marzo%202014.pdf Torres, J. (2014). Open Technical Infrastructures. Retrieved from http://floksociety.org/docs/Ingles/4/4.3.pdf United Nations. 26th General Session of UN Human Rights Council. (2014). The promotion, protection and enjoyment of human rights on the Internet. Retrieved from bit.ly/HRonINTERNET Valarezo, E. G., Zhunio, D. A., & Villao, F. (2014). Estructuración del entorno regulatorio adecuado del Ecuador para facilitar la implementación de la banda ancha móvil. Retrieved from https://www.dspace.espol.edu.ec/bitstream/123456789/25091/1/Resumen%20de%20Tesis%20corregida %20%20EValarezo%20-%20DZhunio,%20director%20de%20tesis%20Ph.D.%20FVillao%20%20Version %20Final%2022%20julio%202013.docx
© Copyright 2024