REPORT OF THE CHAIRPERSON
At the invitation of the Secretary-General of the International
Telecommunication Union (ITU), a High-Level Experts Meeting on
Electronic Signatures and Certification Authorities: Issues for
Telecommunications was held in Geneva, December 9-10, 1999. Thirty-four
experts, drawn from industry, government, and academia in 14 countries,
participated as individuals. A list of participants (Doc. No. 5) is
attached.
At the conclusion of
their meeting, the experts agreed to a document including a summary of
their discussions and their recommendations. That document (Doc. No.
4(Final)) is attached. This report, prepared by the Chairman of the
meeting, provides additional information about the experts'
recommendations and discussion, particularly regarding those topics that
were the subject of considerable attention, but about which there was
too little time in a two-day meeting to reach broad consensus. This
report also contains the conclusions of the Chairman, and he alone is
responsible for its contents.
Introduction to Electronic Signatures and Certification
Authorities
The technologies for providing electronic signatures and
certification are many and complex, exceeded perhaps only by the variety
of terms used to describe the operations they perform. The concepts,
however, are comparatively straightforward, and a brief introduction
will help clarify both the subject of the meeting and the material in
both the consensus document and this report.
- Encryption
"Encryption" is a way of encoding a message to hide its
content. Early military codes are examples of encryption. In the context
of computers, encryption is the process of applying a mathematical
algorithm to a readable message to generate an unreadable, encoded
message. The encoded or encrypted message will appear as gibberish to
anyone who should intercept it, but it can be reconverted back to a
readable message by anyone who has the appropriate mathematical
algorithm. That algorithm is known as the "key" and is usually
measured by its length in bits. A longer key (e.g., a 64-bit key)
generates a more secure message than a shorter key (e.g., a
40-bit key).
a.
Private Key Encryption
There are two primary forms of encryption systems in use today.
"Private key encryption," also known as "symmetric"
or "single key" encryption, relies on a single key to both
encode and decode the message. Therefore, anyone with the key can both
create encrypted messages and read encrypted messages created with that
key.
b.
Public Key Encryption
"Public
key encryption," also known as "symmetric" encryption,
uses two different keys: one (the "public key") to encrypt the
message, the other (the "private key") to decrypt it. The two
keys are mathematically linked, but the public key cannot be used to
discover the private key (much like two numbers can be multiplied to
determine a third number, but knowing that third number does not
necessarily make it possible to derive the original two numbers). In a
public key system, if A wants to send B an encrypted
message, A first obtains B's public key from B or a
directory of public keys. A then uses B's public key to
encrypt the message, which he sends to B. B uses her
private key to decrypt the message.
- Electronic
Signatures
An "electronic signature" or "digital
signature" (those terms are often used interchangeably) is a way to
authenticate the source and in many cases the text of an electronic
message. One of the most common ways to do this today uses the public
key encryption system ("public key infrastructure"), but in
reverse order. If A wants to digitally sign a message that he is
sending to B, A first runs the message through a
"one-way hash function"¾a
mathematical algorithm that creates a unique "message digest"
for the message. Every time that algorithm is applied to that message it
will generate the same message digest. If, however, the message is
altered, then when the algorithm is applied it will generate a different
message digest. As described above with public key encryption, however,
knowing the message digest will not allow one to recreate either the
message or the algorithm.
Having created the message digest, A then encrypts it with
his private key, attaches the original message (which can be unencrypted
or encrypted using B's public key), and sends both to B. A
has now digitally signed his message to B. B uses A's
public key to decrypt the message digest. The fact that A's
public key decrypts the message digest shows B that A's
private key was used to encrypt the message digest: this helps B
verify that A is in fact the sender of the message
("identity authentication"). B can perform the same
one-way hash function on A's message to verify that it generates
the same message digest. If it does, then the text of the message has
not been altered ("content authentication").
Other forms of electronic signatures are also in use and under
development, such as the use of biometric identifiers (retinal scans,
fingerprints, etc.). These can be used to authenticate the source of the
message, but generally not the content.
- Certification
Authorities and Digital Certificates
One critical issue with all current forms of electronic signature
systems is establishing a physical connection between the sender (or the
signor) and the signature. In the public key example above, the fact
that B can use A's public key to decrypt the message
digest encrypted with A's private key, tells B that the
two keys are linked, but it doesn't actually tell B who A
is (just as when a consumer countersigns a traveler's cheque, the fact
that the signatures match only tells the merchant that the signor is the
same person who signed originally, not who the signor is). This is where
a "certification authority" comes in. A "certification
authority" is a trusted third party that issues a "digital
certificate" attesting to the fact that A is who he claims
to be and verifying A's public key does in fact belong to A.
Certification authorities must authenticate the identity of their
customers (much like a notary must verify the identity of the person
whose signature he is notarizing), and must themselves be perceived as
reliable.
- Repositories
For both public key encryption and
electronic signatures to work in their current form, there must be one
or more "repositories" where digital certificates and public
keys can be found. Today, repositories are generally maintained by
certification authorities. In addition to providing information about
valid digital certificates, repositories also need to include
information about revoked certificates to prevent the continued use of
stolen public keys.
5.
Summary
The various functions described above may
sound cumbersome, but they take place electronically, usually
automatically, in real-time, and without any direct action by, or even
knowledge of, the user. When used together, electronic signatures and
certification authorities greatly facilitate e-commerce by making it
possible to authenticate both the identity of the sender of a message
and the content of that message. The ability to do both is critical to
conducting high-value transactions via digital networks, especially
between parties who have no pre-existing or face-to-face relationship.
Electronic signatures and certification authorities have other potential
uses, for example, in facilitating electronic voting, or providing
authentication of identity and/or message content in many other
contexts. The methods described above are not the only ways available
for authenticating identity and content. As a result, rather than focus
on specific applications of electronic signatures and certification
authorities, it is more accurate to speak of "authentication"
measures generally and that is how the participants in the expert's
meeting generally conceived of their topic.
6. Additional
Informatio
There are many excellent sources of further information about
encryption, electronic signature, and certification measures. Two
particularly readable and timely sources, on which the above discussion
is largely based, are David L. Gripman, "Electronic Document
Certification: A Primer on the Technology Behind Digital
Signatures," 17 John Marshall Journal of Computer and
Information Law 769 (1999), and Sanu K. Thomas, "The Protection
and Protection of E-Commerce: Should There be a Global Regulatory Scheme
for Digital Signatures?," 22 Fordham International Law Journal
1002 (1999).
Summary of Discussion
Mr. Y. Utsumi,
Secretary-General of the ITU, opened the meeting. The Secretary-General
asked the experts participating to address three questions:
- What
new technical standards are needed in the area of electronic
signatures and digital certificates?
-
What approaches can be taken at the ITU and at the
international level to respond to the growing trend toward divergent
national approaches on the policy and legal aspects of electronic
signatures and certificate authorities and to facilitate the use of
authentication across borders?
3.
What steps need to be taken by the ITU to address the needs and
responsibilities of the telecommunications community in the area of
authentication?
Following
the recommendation of the Secretary-General, the participants selected
Professor Fred H. Cate to chair the meeting. Professor Cate is Professor
of Law, Harry T. Ice Faculty Fellow, and Director of the Information Law
and Commerce Institute at the Indiana University School of
Law-Bloomington, and Senior Counsel for Information Law in the law firm
of Ice Miller Donadio & Ryan in the United States.
After
introductory remarks by the Chairman and the approval of the agenda (a
copy of which (Doc. No. 1) is attached) and the organization of the work
of the meeting, the participants heard six presentations on key issues
concerning electronic authentication:
1.
Brian Moore, formerly responsible for company-wide standards
coordination at British Telecom and currently on contract to Lucent
Technologies, and the Chairman of ITU-T Study Group 13, spoke about
"The Need for Further Standards and Technical Developments."
2.
Jurgen Schwemmer, Head of Section for Digital Signatures at the
German Regulatory Authority for Telecommunications and Post, gave
"A National Perspective," focusing on Germany's recent
Signature Act, which he is responsible for implementing.
3.
Professor Cate outlined international authentication issues under
the heading "The Global Dimension: Cross-Border Recognition of
Electronic Signatures, Digital Certificates and Certification
Authorities."
4.
Naoshi Shima, Vice President, Multimedia Services and Business
Promotion, NEC Corporation, addressed "The Needs of the Business
Community," with particular attention to the recommendations of the
Authentication and Security Issue Group of the Global Business Dialogue,
whose Chairman, Eiichi Yoshikawa, Mr. Shima supports.
5.
Michael Peeters, a Partner and Head of the Technology Law team in
the Leeds office of Pinsent Curtis in the United Kingdom, spoke about
legal issues and instruments affecting the telecommunications industry
under the heading "The View from the Telecommunications Community:
Obligations, Liabilities and Responsibilities."
6.
Professor Kazunori Ishiguro, Professor of Law and holder of the
Chair of Economic Law: Conflict of Laws at The University of Tokyo, made
a brief presentation on standardization issues, particularly in light of
the Japanese Ministry of Posts and Telecommunications' document,
"Legal Provisions Relating to Electronic Signatures and
Certification: Promoting Electronic Commerce and Otherwise Laying the
Foundation for Network-Based Social and Economic Activities," which
he distributed.
Copies
of the written notes and outlines for the presentations were distributed
and are attached to this report.
Arthur Levin of the Secretariat then made some general comments
and Stewart Baker then presented the key elements of a briefing paper on
Background and Issues Concerning Authentication and the ITU, which he
and Matthew Yeo from the law firm of Steptoe & Johnson in
Washington, D.C., had prepared for the meeting in collaboration with the
ITU Secretariat (a copy of which (Doc. No. 2) is attached). A former
General Counsel of the U.S. National Security Agency, Mr. Baker is
acting Chairman of the U.S. President's Export Council Subcommittee on
Encryption, a member of the Free Trade Area of the Americas Experts
Committee on Electronic Commerce, and a member of the UNCITRAL Group of
Experts on Electronic Signatures. The participants' discussions were
greatly aided by Mr. Baker and Mr. Yeo's briefing paper, which the ITU
Secretariat had circulated in advance of the meeting.
The balance of the two-day meeting was spent discussing the
substantive issues concerning electronic signatures and certification
authorities. This report highlights nine themes that emerged during that
discussion.
1.
Features of the Technology and Rapid Pace of Change
Many participants noted the distinctive features of the Internet
and World Wide Web¾especially
the inherently global nature of these media (they are accessed in 205
countries), the absence of centralized control over their use, and the
power and convenience they provide people who have access to them. Much
discussion focused on the speed with which these technologies have
proliferated: First made
available to the public in 1992, the Web is used today by more than 171
million people, making it the fastest-growing medium in human history.
From 1998 to 1999 the number of Web users world‑wide increased by
55 percent, the number of Web servers increased by 128 percent, and the
number of new Web address registrations rose by 137 percent.
On-line commerce has demonstrated a similar phenomenal expansion.
Three years ago, e-commerce was virtually nonexistent. Last year,
according to a University of Texas study, the Internet generated US$301
billion in revenue in the United States alone, including US$102 billion
in online sales. In July 1999, Nature magazine reported that 83
percent of all World Wide Web sites were commercial.
While
many nations, or the states or provinces within a nation, have either
taken inconsistent legal actions, or have taken no legal action, to
facilitate electronic commerce (see below), both the Internet and
e-commerce have nevertheless proliferated. Many participants noted,
therefore, that while international action regarding electronic
signatures and certification authorities might be beneficial, e-commerce
and other online activities are not at a standstill waiting for that
action; in fact, any such action will always be directed towards a
fast-moving target.
This
is not to suggest that international legal action is irrelevant. On the
contrary, as participants noted, it is precisely because of
international standards that the Internet and World Wide Web have
proliferated globally. Without standard formatting and communications
protocols, it would be impossible to interconnect disparate computer
systems and networks to create the Internet, and information would not
flow seamlessly from one system to another as it does today. Rather,
participants were mindful that any such action must occur with a real
awareness of its technological context.
2.
Features of the ITU and its Current Standard-Setting Activities
The participants noted a number of unique features of the ITU
that are relevant to its future activities relating to authentication
measures:
a. Make-up of
the ITU
The ITU works extensively with both national government and
private industry. Its large and inclusive membership includes 189 Member
States and nearly 600 Sector Members, making the ITU the most truly
global of all international organizations.
b. Experience
of the ITU
The ITU has 134 years of experience in standard-setting and
ensuring interoperability; facilitating continued development of the
telecommunication infrastructure—an essential conduit for access to
the Internet and the World Wide Web—around the world and especially
within developing countries; educating industry leaders and regulators
alike, often using advanced technologies to deliver that education at
great distance; facilitating exchanges of information among and between
telecommunications companies and regulators; and dealing with new,
rapidly developing technological issues. In fact, the online systems for
ensuring that Internet communications are secure¾the
essential foundation for electronic commerce¾are
based on ITU-T Recommendation X.509.
c. Tools of the
ITU
The ITU wields an unusual array of tools, including its
standard-setting bodies, policy fora, workshops, international
agreements and memoranda of understanding (MoU). These tools can involve
global participation from industry and national governments, and a high
degree of flexibility in using the appropriate tool to address a wide
range of fast-moving issues.
3.
Divergence of National
Approaches to Authentication
Many participants noted the wide variety of approaches to
electronic signatures and certification authorities reflected in
national and state and provincial law, including recent enactments by
Argentina, Chile, Denmark, the European Union, Germany, Italy, Malaysia,
and many U.S. states. These enactments often differ on a number of
important points:
Ø
Definition of Digital Signature. Some legislation defines
digital signatures by technology; some legislation defines digital
signatures by attribute or functional criteria (such as "is unique
to the person using it" or "is capable of verification").
Ø
Effect of Meeting a Statutory Definition. Some legislation
requires that a digital signature conform to a specific definition to be
valid; authentication measures not within that definition are invalid
under such laws. Other legislation creates a presumption of validity if
a digital signature meets the legislative definition, but recognizes
that other authentication measures may also be valid.
Ø
Purpose of Digital Signatures. Legislation reflects many
different purposes for digital signatures: verifying identity,
authenticating the text of a document, ensuring the integrity of the
text of a document, indicating consent, establish the legal
effectiveness of a document, etc.
Ø
Scope of Application. Some legislation explicitly limits
the scope of digital signatures to transactions with the government or
to exclude wills and testamentary dispositions.
Ø
Digital Certificates. Some legislation provides specific
requirements for digital certificates, including who can issue them, to
whom can they be issued, for what purpose, etc.
Ø
Certification Authorities. Some legislation regulates
certification authorities: who can be one; how does one become one; what
specific activities are required of, or prohibited by, a certification
authority; what is the role of the government, if any, in registering,
auditing, bonding, and otherwise monitoring certification authorities;
and what is the liability (or limit on the liability) of a certification
authority.
Ø
Cross-Border Recognition. Some statutes specifically
address cross-border recognition of digital signatures and certificates;
others are silent on this key issue,
Ø
Beyond Digital Signatures and Certification Authorities.
Some legislation amends existing law to provide that
"signature" and "writing" requirements can be met
electronically. These enactments protect against inconsistency between
digital signature legislation and other laws that would appear to
require manual signatures or writings.
There are many other points of disagreement; these points provide
only some of the broad categories of divergence among national, state,
and provincial authentication laws. And it should be remembered that the
majority of nations have taken no action to facilitate the use of
electronic authentication measures.
4.
Importance of Harmonization, Not Unification
There was widespread agreement among the participants that
harmonization among these widely divergent national, state, and
provincial authentication laws is essential. While the two-day meeting
did not provide sufficient time to reach consensus on precisely what
form if harmonization was desirable or achievable, many participants
suggested that, at minimum, harmonization must include facilitating the
use and recognition of authentication measures across borders. At the
same time, many of the participants recognized that harmonization could
not and should not entail efforts to achieve uniformity among
authentication measures.
5.
Key Role of Private Action
Many participants stressed that harmonization efforts should
facilitate the use of different levels and types of authentication
measures each appropriate for different uses, the development of new
measures, and the use of private agreements, contracts, policies, and
other non-technological measures. In sum, government action should
facilitate a vigorous, competitive private market for authentication
measures.
Many
participants also highlighted the importance of ensuring that legal
actions on the national and international level not interfere with
global Internet communication or with the development of new, effective
authentication measures. Thus, laws that require the use of a specific
technological measure are highly disfavored, both because of their
likely incompatibility with other nation's laws and because of their
tendency to slow development of improved authentication measures.
6.
Proliferation of
International Activity
The participants noted the extensive regional and international
activity¾involving
national governments, intergovernmental organizations, the private
sector, and consumer and other not-for-profit organizations¾addressing
authentication measures and already attempting to harmonize divergent
national approaches. There was widespread agreement among the
participants that ITU activities concerning authentication measures
should not duplicate those of other organizations, but rather should
complement or expand upon those activities.
7.
Broad Range of Issues
As noted above, there are many legal and other issues associated
with authentication measures, but there was widespread agreement that
the ITU should focus its future efforts on the tools used for
authentication, not on the application of those tools. Whether a digital
signature can be used to sign a will or what evidentiary presumption
attaches to a legal signature are maters for national law. International
efforts are better focused on facilitating the cross-border recognition
and interoperability (or, at minimum, compatibility) of the tools
necessary for electronic authentication, whatever their legal effect.
8.
Importance of
Telecommunications Industry
Many participants highlighted the importance of the
telecommunications industry to authentication issues generally.
Telecommunications companies provide the key link (i.e. the conduit)
that most people use to access the Internet and the World Wide Web. In
addition, the telecommunications industry was one of the earliest
providers of authentication measures, including serving as certification
authorities. Finally, the telecommunications industry itself relies on
authentication measures in its dealings with suppliers and customers.
All of the participants recognized the ITU's established
expertise in dealing with telecommunications issues and with the
telecommunications industry. The ITU provides the global legal framework
through which all international telecommunications traffic occurs, and
it has contributed in many ways to the development of the
telecommunications infrastructure throughout the world. Similarly, the
ITU is a significant contributor to the capabilities of national
telecommunications regulatory authorities and to global discussion of
new and critical telecommunications policy, regulations standards, and
technology issues. There was widespread agreement that the ITU should
focus special attention on the diverse needs and responsibilities of the
telecommunications industry with regard to authentication measures, from
both a technical and regulatory perspective.
9.
Development and Developing
Countries
Many participants noted the vital issues presented by
authentications measures, and by the growth of the Internet and
e-commerce generally, for developing countries. The migration of
essential activities to digital networks that authentication measures
facilitate poses special issues for countries with lower Internet
penetration rates. The importance of those issues¾the
potential for creating a digital divide between more and less developed
countries¾could
hardly be overstated. As noted, the ITU has a long history and extensive
work currently underway concerning telecommunications infrastructure and
issues in developing countries.
Chairman's
Recommendations on the Future Activities of the ITU Concerning
Authentication
The Chairman wholly supports the consensus recommendations
reached during the two-day meeting. The fact that there was such broad
consensus on so many important issues in only two days is noteworthy.
However, those recommendations are necessarily broad and general, given
the press of time and the compromises that are an inevitable part of
reaching consensus. The Chairman therefore offers five additional
recommendations that flow from the two days of discussion and expand on
the consensus recommendations.
1.
Activities with Regard to the Telecommunications Industry
Given the particular importance of the telecommunications
industry to the development and use of authentication measures, and the
ITU's vast experience with, and special responsibility for,
international telecommunications, the ITU should vigorously pursue
activities with regard to authentication in the context of
telecommunications. These activities should include not only providing
the educational and information-sharing opportunities included in the
consensus recommendations and discussed below, but also:
Ø
special attention to electronic authentication issues in
the development of ITU telecommunication recommendations;
Ø
efforts to better understand and facilitate the
telecommunication industry’s own use of authentication measures, not
just in the context of the Internet but also related to other
telecommunications services, such as authenticating the identity of a
user of a mobile network;
Ø
policy and regulatory fora on issues raised by the
telecommunications industry's provision of authentication and Internet
access services;
Ø
ensuring that the interests of the telecommunications
industry are fully represented in other international discussions
concerning authentication; and
Ø
the negotiation of flexible legal instruments, such as
memoranda of understanding, to address pressing issues that threaten to
restrict the development, provision, and use of authentication measures,
as well as other digital information services, within the
telecommunications industry.
Although
this meeting addressed authentication issues, it is important to note
(as many participants did), that the telecommunications industry
provides many people's essential link to the Internet. Regulations and
unresolved issues that threaten the viability of providing that link,
such as the potential threat of liability for carriers for digital
content of which they are not aware and over which they exercise no
control, impose costs on service providers and users and threaten the
availability of both authentication measures and information services
more generally.
The
ITU's activities concerning authentication in the context of the
telecommunications industry should focus not only on the private sector,
but also on national regulatory authorities responsible for
telecommunications issues. As noted above and in the consensus
recommendations, the ITU has vast experience in working cooperatively
with, educating, and providing fora for information-sharing among
national regulatory authorities, and those activities will be more
important than ever in the context of issues posed by digital
information.
2.
Standard-Setting Activities
The consensus report includes a recommendation that the ITU, in
close cooperation and consultation with other organizations with related
initiatives, should continue and expedite its standard-setting
activities relevant to authentication. The importance of this
recommendation is worth underscoring. The ITU has unparalleled
experience in international standard-setting and dealing with technical
issues. Moreover, the size and inclusiveness of its membership gives the
ITU an unusually broad perspective and makes it a truly global forum for
the consideration of authentication standards. Finally, as noted above,
the ITU's membership includes both national governments and private
companies, and the ITU has a demonstrated ability to work cooperatively
with other governmental and nongovernmental organizations. All of these
attributes highlight the importance of the ITU taking a leadership role
in crafting the voluntary standards that can serve as the technical
basis for national and regional enactments concerning the recognition of
foreign digital certificates. Those standards, typical of ITU
recommendations, would not address the legal effect of a digital
certificate, but instead would provide the essential technical
foundation for the operation of those national laws.
Of course, and as is stressed in the consensus recommendations,
the ITU should pursue this activity in close cooperation with other
organizations, but it is important to recognize that the wide variety of
international activities concerning authentication measures does not
create a disincentive for ITU involvement. Rather, the wide array of
disparate activities heightens the importance of active ITU
participation to provide leadership, a truly global and inclusive forum,
and its special competence in technical standard-setting. As noted
above, this is not a new area for the ITU. ITU-T Recommendation X.509 is
the foundation of international encryption exchanges on the Internet,
and other recommendations in this area are in the process of
development. That same expertise and process is urgently needed in the
context of electronic authentication.
3.
Cross-Recognition Activities
The consensus report included a recommendation that the ITU, in
close cooperation and consultation with other organizations with related
initiatives, should investigate and evaluate models for facilitating
authentication across borders. This recommendation, too, warrants
serious attention. Although many organizations are currently involved in
developing models for ensuring the cross-recognition of certification
authorities and digital certificates, none of these initiatives takes
place in a forum that is as global as the ITU. Clearly, the ITU should
not duplicate existing work, but ITU involvement in these activities
could provide them with a more universal basis, particularly involving
lesser developed countries, which are key participants in ITU organs and
processes. The ITU has much to contribute to those initiatives (e.g.
those underway at OECD and APEC), including providing a truly global
forum for development of frameworks, serving as a repository for model
agreements, MoUs and national laws (discussed in greater detail below),
and contributing its extensive experience and expertise in the
development of flexible, international agreements and consensus
instruments.
4.
Forum for Information Sharing, Educational Activities, and Data
Repository
In a number of their recommendations, the experts stressed the
critical role of the ITU in providing training, especially in developing
countries; a forum for information-sharing about the development and use
of authentication measures; and other coordination services, such as
maintaining a glossary of key terms and their accepted meanings or of
common provisions and formats for evaluating authentication measure’s
fitness for their intended purpose. One of the major obstacles to the
harmonization of authentication systems is the lack of centralized
information about technologies, national laws, international
initiatives, model agreements, private sector initiatives, and the like.
In addition, for current public key infrastructure systems to work,
there needs to be reliable access to accurate information about
certification authorities, digital certificates (valid and revoked), and
public keys. The ITU is well-placed to serve as a central repository of
such data, making them available through the World Wide Web and other
means, and incorporating them into the ITU's own educational efforts
concerning authentication and other digital information issues. Not only
does the ITU have experience in this function, but it also is known
throughout the world as the source of information about
international telecommunications issues. Expanding that role would
provide a great service to national governments, industry, other
organizations and initiatives involved in this area, academics, and
ultimately to the public
5.
Other Activities
The Secretary-General convened a High-Level Experts Meeting on
Electronic Signatures and Certification Authorities, and the
participants' discussion was generally limited to these issues.
Nevertheless, it is clear that the very attributes that argue for the
ITU to assume a more prominent role in relation to authentication
measures, also argue for the ITU to address a wider range of
international digital information issues. For example, the world is
increasingly divided by two starkly different approaches to information
privacy, while the Internet and the World Wide Web are vastly expanding
the opportunities for confrontation between those divergent approaches.
A truly global approach is necessary, and that will require not only an
inclusive forum, but also access to a range of flexible and innovative
instruments for achieving the necessary accommodation. The ITU is
ideally suited to take on this critical task.
There are many similarly pressing issues concerning access to,
and the use of, the Internet. While all of the participants are aware
that the ITU faces serious resource limitations and that the Council and
the Secretariat face many competing demands for limited resources,
expanding the ITU's activities with regard to digital information issues
generally not only provides a valuable service, but also highlights the
continuing critical need for the ITU's skills and experience in the next
century.
Respectfully submitted,
FRED
H. CATE
Chairperson