Following the 3-hour Data & Signal Sharing workshop at the Global Anti-Scam Summit (GASS), Emily Taylor of DNS Research Federation reported back on the successes, failures, and changes needed to get the anti-scam community unstuck when it comes to data.
🌍 Local and Global Initiatives: the importance of local engagement in governmental phases and how these local initiatives impact global data sharing efforts. She emphasized the role of local knowledge in developing effective data sharing frameworks.
🌎 Challenges in International Data Flows: particularly between the EU and the US, noting the asymmetry in data requests which disproportionately affect big platforms.
🔨 Signs of Regulatory Progress: changes in international data sharing policies, citing the OECD - OCDE's agreed principles, the Budapest Convention’s second additional protocol with nearly 70 signatories, and the European Union's E-Evidence Act. These developments aim to balance the legal frameworks surrounding data sharing with privacy concerns like GDPR.
🗺 Legal and Governance Strategies: pushing back against overly cautious legal advice to explore lawful data sharing pathways. The emphasis was on governance and transparency in these processes.
💳 Successful Case Studies: successful data sharing initiatives were discussed, such as Cifas' support for UK’s authorized push payments regulation, BT Group's Share and Defend initiative, and Cifas' 35-year track record in data sharing.
💻 Industry Perspectives: Google's Murat Mutlu Ozturk and Timo Wagenblatt talked of limitations in seeing the full scope of online scams, suggesting that even large platforms can benefit from broader data collaboration to understand and combat scams more effectively.
🤝 Future Collaborative Efforts: Finally, Emily expressed pride in DNS Research Federation’s collaborative efforts with the Global Anti-Scam Alliance (GASA) through projects like DAP.Live and the proposed Cybercrime.Exchange (CCX), aiming to create a global environment for sharing data and signals to fight cybercrime.
The workshop on Data & Signal Sharing also featured speakers, such as Bert Hubert of PowerDNS.COM BV, Emilio Sanchez Ulled - the permanent representative of Spain to the European Union, Lorelien Hoet of Microsoft, Eleonor Duhs of Bates Wells, Helena Wood & Sandra Peaston of Cifas, Brian Webb of BT Group, Esther Mieremet of ECP Platform voor de InformatieSamenleving, Lucien Taylor, Mark Robertshaw & Nathan Alan of DNS Research Federation.
#Collaboration#InternationalRelations#Governance#Legal#DataSharing#GDPR#DataFlows#Initiatives#Cybercrime#Exchange
So it's not just online crime and scams that have a digital element. Even if you have your bicycle stolen in the Netherlands, there's likely to be an international data element to solving that crime. And the legal and regulatory landscape is daunting, It's complex, and we unpacked a lot of the detail of that with a an expert legal panel. The the big platforms and the are disproportionately affected by the requests for data. So if you think about flows of data across the Atlantic from the EU to the US primary, it's extremely asymmetrical. The requests go to the big platforms and the the requests in the opposite direction are less, let's say so. It's difficult. But there are signs of change, there are signs of hope. And the OCD Member states agreed a set of principles a couple of years ago to for data sharing the Budapest Convention, which has I think, nearly 70 signatories. Member States signatories agreed a second additional protocol and in the EU the E Evidence Act has passed, which gives a sort of balancing. Legal duty to go with and alongside the GDPR. So there are green shoots of hope, according to the panel. And the the final hopeful message from the law, the legal panel is push back on your lawyers if they're telling you no because there are lawful pathways through to data sharing. And we heard just a with the next sort of strain in our panel, if you like, the next themes in our panel was to hear from successful examples of data sharing at the national level. And we heard examples this morning in the plenary. So first we heard from Cifas about their new system to to support the UK authorised push payments regulation. We're then had case studies in a in another panel from BT with the share and defend initiative ECP in the Netherlands, the platform for the Information Society and Cifas itself celebrating 35 years of successful data sharing and you know and the the strong. But the strong messages from those presentations were it's possible you do the governance and legal analysis alongside the technical solution. You're transparent, you work with many stakeholders, including, where possible, your privacy regulators. Next up, we heard from Google on how they perceive the fight against scams. And you know, one of the things that struck me listening to their presentation is even a platform as huge as Google, they are saying they do not see the whole picture. And no matter. And you know, if you if according to them, if you, if you think about scams as like pollution, we can have our beautiful islands where we all sort of sort each it's ourselves out and we are hearing. Lots and lots of these initiatives here today, but until we join up those islands in some way, we're still only going to be seeing part of the picture. And finally, my colleagues at the DNS Research Federation showed a short film and discussed the elements of DAP dot Live and how proud we are to be working with you, Jorij, with the Global Anti-Scam Alliance to try to create a global data sharing or signals sharing environment with DAP dot Live and the Global Anti-Scam Alliance in the cybercrime exchange. So that's it from us. Thank you very much to all the people who attended and ask questions and to our panelists. Thank you very much, Emily.
CEO/NED
3w👏👏👏