3. A few thoughts on the Internet management
As the Internet has become the information infrastructure of the whole world, it is the shared goal of both the UK and China to maintain the network security and promote the development of the Internet. Network security is not an isolated issue, but must be considered in the context of the Internet development and governance. I would like to take this opportunity to share with you my thoughts on a few issues, including network security.
(1) Intensifying the research of legislation system of the Internet. Laws and regulations are effective means of the Internet governance. In response to the need of the Internet governance, China has stipulated tens of laws and regulations related to the Internet over the years. The legal framework of the Internet has been formed and much progress made. But we must admit that the legal system for the Internet is not complete as the laws at the state level are fewer and these at the departmental level are more. Some laws lack operability and some overlap. In addition, laws naturally lag behind. The reality requests us to research the issues of legislation from a broader view, considering both the targeted areas and the operability of the laws, and the systematic design of the Internet legislation, in order to be adaptive to the development.
(2) Improving the awareness of network security of the whole society. Improving the security awareness of enterprises and users is the key to network security. As present, there is a general indifference to the network security. The main cause of many security incidents is that not much attention has been attached, and the awareness of prevention lacks. With a blunt sense of self-protection, many websites of enterprises and personal computers have no proper security measures and their security thus is in danger. What's even worse is that some enterprises and users are indifferent even if their systems are controlled by Trojan horse and Botnet, and as a result, the public environment on the Internet and the security of other users are threatened. It is thus highly necessary to educate and improve the security awareness of the society. This heavy responsibility needs joint and long-standing efforts.
(3) Building a trustworthy Internet. Currently on the Internet, illegal actions such as cheating, defamation, attack, pilferage, are very hard to stop, a trustworthy Internet is to be built. Self-regulation is far from enough, and the strength of the whole society needs to be draw upon to look into both the causes and symptoms of problems, to both control and combat infringement. Since 2006, a series of campaigns known as “Sunny and Green Network Project” have been conducted nationwide, themed as “strengthening governmental supervision, regulating market order, publicizing and educating, guiding for industrial self-regulation”. Focused campaigns such as mobile information service governance, text message governance, the Internet access service governance, spam control, have been initiated. Other activities such as World Telecommunication and Information Society Day, Greener Network Culture, Green Mailbox Recommendation, No Barrier Information Forum, Internet Sweep Day, Anti-virus Regulation, are also organized, which are well received by the public. Building a trustworthy Internet has made some progress. Similar activities will be sponsored in the future.
(4) Intensifying the governance of the fundamental resources and the typical application of the Internet. New businesses and applications of the Internet are ever emerging, thus there must be some key points in the governance of the Internet in order to have a systematic and orderly management of the industry. Years of experiences have proven that the governance of the fundamental resources and of the typical application of the Internet business are two keys. The Ministry has sponsored the filing system of websites, domain names and IP addresses in the country, specified the responsibilities of online business providers. The system plays significant role in regulating the industrial management. Typical applications and problems such as spam, Trojan horse and Botnet have been controlled and remarkable results achieved, through ways such as governmental supervision, self-regulation of the industry, and technological standards.
(5) Promoting the development and regulated management of network security industry. Though the overall scale of network security industry is small, it is predictable that with the change of the Internet security situation and the improving awareness of the Internet security, the need for network security service keeps growing, and there is great potential for network security service industry. In particular, with the transformation of traditional telecommunication operators to integrated information providers, many security services, with a character of telecommunication, for corporate and private customers have emerged, which is beneficial to the growth of telecommunication companies, and to the improvement of the standard of network security prevention of the users. While strengthening the network security governance, the government will encourage the development of network security service industry, and the growing need for network security of the society will be met through the market mechanism. The Ministry vigorously supports the industrial development of network security, and is stipulating policies and standard measures regulating network security service.
(6) Intensifying and expanding international cooperation of network security. As many security incidents are across borders, international cooperation is highly needed. Over the years, the Ministry has participated WSIS and IGF, taken part in the network security research group of ITU-T, and actively conducted international exchanges and collaboration in the framework of APEC. China also attended the anti-terrorism meeting organized by ASEAN. As China's authoritative organization for the Internet security emergency response, CNCERT became an official member of FIRST as early as in 2002. However, international cooperation has not been in much depth, as there are usually meetings and trainings. More physical collaboration needs to be strengthened in terms of shared information of network security, coordinated handling of cross-border security threats and incidents. I hope that China and the UK, China and Europe, will strengthen cooperation at governmental and corporate levels as well as at the level of NGOs, in order to face up to the complex situation of the Internet security.
It is our shared wish to maintain a safer Internet and promote the development of the Internet. I sincerely hope that there will be more opportunities to discuss extensive issues related to the Internet, including network security, with friends from the UK. Let us join hands and work together to embrace a better tomorrow of the Internet.
Thank you!
Speech delivered by Xiong Sihao, Deputy Director-general, Bureau of Communications Security, Ministry of Industry and Information Technology on 22 July 2009, Beijing
(China.org.cn July 22, 2009)