European Capability for Situational Awareness A study to evaluate the feasibility of an ECSA in relation to internet censorship and attacks which threaten human rights

FINAL REPORT

A study prepared for the European Commission DG Communications Networks, Content & Technology by:

Digital Agenda for Europe

This study was carried out for the European Commission by

Free Press Unlimited Ecorys NL Weesperstraat 3 Watermanweg 44 1018 DN Amsterdam 3067 GG Rotterdam The Netherlands The Netherlands

and subcontractors:

Internal identification

Contract number: 30-CE-0606300/00-14 SMART 2013/N004

DISCLAIMER

By the European Commission, Directorate-General of Communications Networks, Content & Technology.

The information and views set out in this publication are those of the author(s) and do not necessarily reflect the official opinion of the Commission. The Commission does not guarantee the accuracy of the data included in this study. Neither the Commission nor any person acting on the Commission’s behalf may be held responsible for the use which may be made of the information contained therein.

ISBN 978-92-79-50396-2 DOI: 10.2759/338748

© European Union, 2015. All rights reserved. Certain parts are licensed under conditions to the EU.

Reproduction is authorised provided the source is acknowledged.

European Capability for Situational Awareness – Final Report

Table of contents

Glossary ...... 4

Abstract ...... 8

Executive Summary ...... 9

1. Introduction ...... 15

2. Methodology of the study ...... 19

3. Results of task 1: Consultation and workshop ...... 21

4. Results of task 1: Federation models ...... 24

5. Results of Use-case research ...... 26

6. Results of task 2: Data sources catalogue ...... 29

7. Results of task 3: Data governance framework ...... 33

8. Results of task 4: Technical and infrastructure specifications, features and functionalities ...... 38

9. Proof-of-concept use case: demo ...... 42

10. Conclusions ...... 45

11. Recommendations ...... 48

12. Roadmap ...... 58

ANNEXES

Annex I. List of organisations - survey ...... 67

Annex II. Summary results of the workshop ...... 73

Annex III. Data sources list ...... 76

Annex IV. List of participants IMON ...... 129

Annex V. Budget ...... 131

Annex VI. List of additional interviews task 5 ...... 140

Annex VII. Bibliography ...... 141

3

European Capability for Situational Awareness – Final Report

Glossary

Types of organisations

Internet and Human Rights sector: refers to the disciplines, initiatives and stakeholders involved in researching, developing technical solutions, enabling civil society and contributing to policy making in domains which are related to the role that internet technologies play in enabling or restricting human rights. Here is a list of the stakeholders we have identified and which are taking part to a burgeoning Internet and Human Rights sector. Academia: Universities, research organisations and independent researchers Technology Providers: Organisation or individuals developing or operating technology solutions directly related to the Internet and Human Rights sector. For instance, the development of dedicated monitoring infrastructure, data analytics or circumvention software. This doesn't include technology providers that do not directly target Internet and Human Rights such as telecommunication companies, or more generic internet platform providers. Technical Professional Communities: Professionals and professional organisations focused on monitoring and supporting the integrity of global communication networks including computer security, network measurement, software engineering which are not directly related to Human Rights. EC Services: DG or service within or directly supporting the European Commission. Institution: Governmental organisations or organisations directly supporting government services, UN agencies, intergovernmental bodies, European institutions and other institutions ICT Industry: Commercial stakeholders providing Internet infrastructure and services not directly aim at providing solutions for the Internet and Human Rights sector, such as Telecommunication providers or social networking platform or email providers. International Civil Society Organisation: International NGO or other organisation working globally in the Internet and Human rights sector. Local Civil Society Organisation (CSO): National Organisation working in the Internet and Human Rights sector in countries potentially impacted by information controls.

Data and information types

Data/information on the “state of the Internet infrastructure, connectivity and access”: blocking; filtering; connectivity blackouts or slowdowns; power outages; cyber-attacks and security events including attacks on activists´ networks via Distributed Denial of Service attacks, spyware or malware; countries passing laws or applying measures with a negative impact on Internet infrastructure and on its resilience, security and stability; cyber censorship and surveillance technological developments; state led cyber-attacks, etc. Data/information related to “what is happening on the ground”: Laws and policies affecting the use of ICT for the exercise and protection of human rights; media freedom and pluralism constrains; relevant political events affecting digital freedoms; arrest of activists and journalists in connection to ICT blocked sites; different types of restrictions to freedom of expression; court rulings; illegal

4

European Capability for Situational Awareness – Final Report

detentions; unrest in time of elections; crack-downs on protesters and a wide array of other human rights violations. Technical data: Internet infrastructure measurement; connection speed; Internet routing data; correlation of routing data with other intelligence; jitter; traffic latencies; packed loss; packet interception; wrong query resolving; network connectivity shutdowns and slowdowns; state of “health” of the DNS and BGP systems; impact of implementation of DNS-level filtering and blocking measures; surveillance technology producers and trade operations; IP traffic restrictions; proxy censorship; Internet backbone performance; Denial of Service attacks; politically-motivated attacks; malware activity; attacks to activists or media networks; domain de-registration; server takedowns; URLs intervened; targeted redirections; network outages; or power grid failures; domains seized. Internet tools data: restrictions on websites that provide e-mail or other applications like social networks; web hosting; search engines; translation services; VoIP services; circumvention tools; security software; anonymizers; security and privacy training materials; P2P file-sharing, chat or IMS. Political data: unlawful restrictions applied to websites expressing views contrary to the government and government opposition groups; human rights related content such as advocacy, abuses, women liberties; freedom of expression; minority rights; religious movements; foreign policy; political transformations and elections; ethnic groups; history; economics; international organizations; NGOs, activists and human rights defenders; political parties and opposition parties; quality of governmental organizations and judicial system; elections data. Conflict/Security data: armed conflicts; border disputes; extremist and separatist movements; government militias; military operations; cyber capabilities; cyberwar; data loss; hosting disruptions; malware; spyware. Legal and Policy data: legislative developments related to censorship and surveillance; laws to restrict of freedom of expression; court rulings; possibilities to appeal; Internet rights; possibilities to report blocked content like whistle-blowing services; judicial system monitoring; IPR enforcement; Law Enforcement Agencies; arrests; Internet policy, abusive application and/or criminal defamation laws and disproportionate civil sanctions, including laws related to the criticism of politicians, abusive invocation of public morality or national security (including protection of the nation or national values or incorrect application of hate speech laws) Business data: Internet and ICT industry practices affecting human rights; Business and Human Rights initiatives and guidelines; private censorship; or dual use export controls. Social/Human Rights data: sexual content; minorities and women´s rights; gaming; gambling; dating sites; drugs and alcohol; public health; sensitive or controversial history, art and literature; environmental issues; hate speech; LGBTI; sex education and family planning; pornography; activism; freedom of association; hacking or topics perceived as sensitive or offensive. Media data: media intelligence; social networks; local and foreign press; media outlets; news and video platforms; freedom of expression and media freedom and pluralism; blogging domains; platforms and services; web hosting sites; satellite blocking or jamming; multimedia sharing platforms or restrictions on allocation of spectrum, harassment, intimidation and fostering of self-censorship, impunity for crimes against media actors, media ownership and/or concentration endangering the possibility of independent media.

5

European Capability for Situational Awareness – Final Report

Situational awareness

Internet (cyber) censorship: is the control and suppression of what can be accessed, published, or viewed on the internet. For this study the focus will be on such censorship actions that are direct human rights violations. Internet (cyber) surveillance: is the monitoring of the online behaviour, activities, or other changing information, usually of people and often in a surreptitious manner. It most refers to the observation of individuals or groups by governmental organisations. Internet (cyber) security: is a catch-all term for a very broad issue covering security for transactions made over the Internet. Cyber-security commonly refers to the safeguards and actions that can be used to protect the online domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure. Cyber- security strives to preserve the availability and integrity of the networks and infrastructure and the confidentiality of the information contained therein. Internet freedom: is the notion and acceptance that universal human rights to freedom of information and expression are fully applicable to the internet. Internet access: The possibility for computers and devices and their users to connect to the global networks which support services such as email or the World Wide Web, comprising A) access to content and B) access to the physical and technical infrastructure that is required to access the internet.

Other

Use Case: is used in this context to refer to High-Level Use cases (not detailed use cases as used in software modelling techniques) or Use Cases describing Goals (rather than interactions). The use case methodology has been used in service design to describe the most critical instances and occurrences in a scenario. Data Life Cycle: The flow of an information system's data throughout its life cycle: from creation and initial storage to the time when it becomes obsolete and is deleted. In the case of ECSA, organizational and Data Source meta-data are also following a life cycle, while the Data itself goes through 3 major states Monitor / Analysis / Present described in more detail in this report. Data Source: The collector, producer, author, owner of a data set. A potential Data Provider for ECSA. Data Set: A set of data collected by a given Data Source with the same methodology and intent. Data sets could be the results of one-off experiments or collection efforts, or data series. Data Resource: The file or API entry point to access a data set. Several data resources (for instance in different formats) might be available for a data set. Data Governance: Using standards, policies, and guidelines at the intersection of people, process, and technology to manage an organization's data, while bringing value to this organization. Data Subjects: The organisations, groups or individuals that are referred to or described in data sets. Data Providers: The organisations that provide data for analysis to the ECSA platform or are identified and listed in the ECSA directory and data catalogue.

6

European Capability for Situational Awareness – Final Report

Data Consumers: The organisations that use data from the ECSA platform. These might include simple users of the platform that perform analysis and generate reports, as well as other platforms or software which uses the data published on ECSA for other downstream purposes. Data Stakeholders: Data subjects, providers and consumers involved in the ECSA federation and platform. Data Stewards: In relation to organisations, the people who have authority and responsibility for the quality of datasets. They are responsible for the quality of data sets on a day to day basis and the implementation of Data Governance, which affects all Data Stakeholders. Data Stewards include both “processors” and “controllers”, as defined in the EU Data Protection Directive, who determine the purposes for which and the manner in which any personal data are, or are to be, processed. Data Custodians: In relation to organisations2, the people responsible for the safe custody, transport, storage of the data and implementation of policies. This is a technical function which doesn't relate directly to the management of content. Do note that in ECSA's case, given that technical data (monitoring the internet infrastructure) is part of the content of the data, there are different types of technology expertises supporting both content and the custody of this content. Minimum viable product (MVP): is that version of a new product that allows a team to collect the maximum amount of validated learning about customers with the least effort. Data: Information presented in a machine readable structured format. Information: Unstructured freeform Collaborative network: A broad group of different organizations, with different capabilities – some of whom might be partners or former co-operators – who decide to partner specifically with ECSA. Technical platform: Monitoring system (accessed via a dashboard and supported with online live-map visualisations) that reports and alarms on a near real-time basis the location and intensity and context of cyber-censorship and surveillance in non-democratic countries or countries where human rights are most at risk.

7

European Capability for Situational Awareness – Final Report

Abstract

This study examines the field of Internet and Human Rights and more specifically, Internet Censorship measurement. The European Commission DG-Connect commissioned this study to assess the potential for a European Capability for Situational Awareness that continuously monitors and analyses the existence of Internet interference in combination with Human Rights Violations and recommend on potential implementation of such an ECSA.

The researchers studied the possibility of creating a federative effort of multiple stakeholders to create this capability aimed to improve incident detection and incident mitigation for human rights violations on the Internet. The study lasted 20 months and focused on the Internet and Human Rights Field, the Business and Human Rights field as well as the Academia and Government domain.

The final report integrates the results of the tasks that were undertaken by the IMON consortium that conducted the study. It presents result on potential federation models, data sources, data governance and the feasibility of a technical platform of an ECSA.

The study was carried out by a consortium led by Free Press Unlimited and Ecorys, in cooperation with Global Partners Digital, Greenhost, GFMD, iilab and The Chokepoint Project.

Abstract (FR)

Cette étude examine le secteur Internet et Droits Humains et plus précisément à comment mesurer la censure sur internet. La Commission Européenne DG CONNECT a commandité ladite étude afin d’évaluer le potentiel d’une Capacité Européenne pour une Sensibilisation Situationnelle1 (ECSA) grâce à laquelle celle-ci pourrait donc suivre en temps réel et analyser l’existence des interférences sur Internet ainsi que la violation des Droits Humains et recommander une possible implémentation d’une ECSA.

Les chercheurs ont étudié la possibilité de créer un effort fédératif, impliquant plusieurs parties prenantes, pour que ladite capacité soit mise en place afin d’améliorer la détection et la mitigation des incidents liés aux violations des droits humains sur Internet. L’étude a duré 20 mois et a ciblé le secteur Internet et Droits Humains, le secteur des entreprises et des Droits Humains ainsi que les domaines de la recherche académique et du gouvernement.

Ce rapport final rassemble les travaux réalisés par le consortium IMON. Il présente les résultats concernant les possibles modèles de fédération les sources de données, la gouvernance des données et la faisabilité d’une plateforme technique d’une ECSA.

L’étude a été conduite par Free Press Unlimited et Ecorys en coopération avec Global Partners Digital, Greenhost, GFMD, iilab et The Chokepoint Project.

1 dénommée par son abréviation anglaise ECSA

8

European Capability for Situational Awareness – Final Report

Executive Summary

“By acting as a catalyst for individuals to exercise their right to freedom of opinion and expression, the Internet also facilitates the realization of a range of other human rights.” Frank La Rue2 An urgent problem

The importance of information and communication technologies (ICTs) is growing at a very fast pace. It offers great promises for global society but also enables new threats to human rights. Global civil society is increasingly depending on ICTs to support its mission but is also increasingly targeted via these new technologies and networks. The means to restrict freedom of expression, freedom of access to information, freedom of assembly or the right to privacy are growing increasingly sophisticated, change rapidly and vary greatly from country to country. There is growing evidence that the use of network interference, surveillance or online attacks are threatening activists, journalists, human rights defenders, other civil society stakeholders and citizens.

The internet and human right sector is moving to address this. In Europe, the No Disconnect Strategy (NDS) created an impulse towards enabling civil society at large to adapt their efforts and perceptions of opportunities and threats based on this fast evolving technology landscape. On the global stage, the Freedom Online Coalition groups 27 nations which coordinate their diplomatic efforts and engage with civil society and the private sector on these issues.

Every day, restrictions on online content deprive citizens of vital information, while large-scale data collection and surveillance techniques infringe on the right to privacy and freedom of expression. Online mass surveillance and targeted attacks constitute forms of online interference which prevent or limit citizens in the exercise of their fundamental human rights and undermine the global internet infrastructure. Yet, the scale and urgency of the problem does not match the efforts and resources engaged to address them.

European Capability for Situational Awareness

Our consortium - led by Free Press Unlimited (FPU) and Ecorys and in partnership with The Chokepoint Project, Greenhost, Global Partners Digital (GPD), iilab, and Global Forum for Media Development (GFMD) - has been commissioned by DG CONNECT to undertake a study to evaluate the feasibility of a European Capability for Situational Awareness (ECSA) in relation to internet censorship, surveillance and attacks which threaten human rights. The goal was twofold 1) to study the feasibility and implementation of a federation, and 2) to study the feasibility and implementation of a technical platform. In addition to this there was a request for an online demo using live data and maps. We have 1) surveyed and consulted a large and diverse field of activity with the aim to evaluate the feasibility of

2 La Rue, F. (2011). Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, UN General Assembly Human Rights Council, June. Retrieved from http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf

9

European Capability for Situational Awareness – Final Report

federating efforts of stakeholders and 2) researched the feasibility to develop an underlying technical infrastructure, in order to improve the detection, analysis and response to online threats to human rights.

A capability for situational awareness needs to be composed of several key components. In order to identify online interference, sustained, targeted and methodical monitoring of potential anomalies of the internet infrastructure needs to take place. In addition, the situation of human rights on the ground needs to be collected as well as its legal, social and economic context or background.

Determining the nature and impact of online interference requires expert analysis across technical, societal, cultural, political and legal dimensions. In addition these analyses need to be sustained in order to provide trends and comparisons. Such expert analyses can be disseminated to affected populations and decision makers in various sectors in order to inform their situational awareness and support their response or mitigation efforts.

Study Results

Despite the enthusiasm to create a European Capability for Situational Awareness, the consultation revealed a wide variety of practices in the field (for instance, the data collection is at times manual and not machine-readable in a quite a number of cases). The organizations surveyed underlined the necessity of a ‘do not harm’ data policy and of ECSA’s political independence. The informants expressed their preferences to commit to a gradual federative effort, supported and endorsed by EC services such as the EU diplomacy and its institutions.

The scope of ECSA is covering four criteria: incident detection, incident analysis, trend analysis and support of incident mitigation. Because a lot of actors are already following and concerned by ethical guidelines for data management, the study has identified a way to develop joint standards which would contribute to the creation of a self-assessment tool. The latter could be used for and will contribute step by step to precision the model if the federation grows.

10

European Capability for Situational Awareness – Final Report

The technical report and the demo – in sync with previous findings – conclude the building of a platform is entirely manageable based on a Minimum Viable Product (MVP). It will be done either in parallel of the ECSA organizational structure or independently. The MVP will rely on existing data publishers (with open or closed licenses, free or paid-for).

IMON network recommends DG Connect and the EU institutions to implement an incremental building process for an ECSA federation and platform, starting with the two following steps:

− Establish an ECSA coordination office to increase coordination between stakeholders. − Engage with users/stakeholders with the creation of a Minimum Viable Technical Platform. In order to detail and elaborate on these major findings the Task 5 lead interviewed all relevant stakeholders engaged in the study to provide a more detailed set of recommendations for the Internet and Human Rights sector. Those interviews reinforced our main findings:

Create a common ground for a vast and atomized field The federation is not immediately feasible at this stage because there is a lack of consensus inside what constitutes a broad interdisciplinary and fragmented domain. However as it is an urgent necessity to obtain concrete outcomes to inform policy and consolidate better this sector, we recommend to develop the foundations of an internet and human rights sector by encouraging existing collaborations and specific initiatives in order to create new transversal opportunities to discuss, share learnings, and identify common objectives between the different stakeholders. Such foundation could then develop into an organisational structure such as a federation.

Fill the gaps to feed dialogues between policymakers and practitioners Because a wide range of EU institutions are concerned with human rights and technology issues, there is a gap to fill in order to inform policy and share expertise with EU decisions makers (such as DG CONNECT, EEAS, DEVCO, DG HOME for instance). We assessed that a coordination office will be the strategic move to increase interactions between policy makers and identified communities of practice. We therefore recommend to invest existing discussion spaces (Rightscon, Cyber Dialogue and SIF) and create new ones.

Deploy interdisciplinary networks to build a platform of evidence-based knowledge It is certainly too early to implement a federation based on an automated data analysis platform as the process of data collection by potential stakeholders is mostly manual and grounded in a wide range of disciplines. We have assessed that the automation of the analysis is not the immediate solution to create impact. What is needed is to encourage interdisciplinary research to enable the exchange of specific methodology and expertise at a cross-sector level.

Pillars of European Capability

We have found that there are a number of important ongoing initiatives in Europe that constitute what could be important pillars of a European Capability for Situational awareness. 3 The existing efforts are

3 These organisations are listed as part of the data catalogue as direct stakeholders (see section 11.1 below), or are organisations that are local CSOs involved in monitoring human rights.

11

European Capability for Situational Awareness – Final Report

focused on monitoring, analysis and supporting decision with regards to Internet and Human Rights incidents. These originate from academia, NGOs, civil society in affected countries as well as the private ICT sectors, supported by a range of instruments and programmes. Despite the importance of these projects they struggle to contribute to a reactive, sustained and resilient European capability, because of a number of gaps identified during the study and detailed in this report.

Our first set of recommendations underscores the importance of improving the support to these existing initiatives, in order to provide a strong foundation for a European Capability for Situational Awareness.

Recommendation Set #1: Sustaining Ongoing Situational Awareness Initiatives in Europe We recommend that ongoing European projects4, potential pillars of the Internet and Human Rights field and necessary components of a European Situational Awareness, be urgently supported in order to allow Europe to establish its position as a leading global force in the race against the increasing online restrictions and attacks that undermine human rights.  Internet censorship monitoring: Ooni (Tor Project) (US, Berlin + Rome offices), The ChokePoint Project (NL), Alkasir (SE), Open Rights Group (UK)  Internet surveillance monitoring: Privacy International (UK)  Internet attacks monitoring: Radically Open Security (NL)  On-the-ground human rights monitoring: Intermediary organisations5 such as Amnesty International (UK), Small Media (Iran-UK), Frontline Defenders (IE), Hivos (NL), IWPR (UK), Tactical Technology Collective (DE), Bytes 4 All (Pak.), Skeyes Foundation (Leb.), Institute For Development of Freedom of Information (Georgia) to name a few.  On-the-ground media monitoring: Local civil society partners & intermediary organisations6 such as Reporter without Borders (FR), Free Press Unlimited (NL), Internews (EU), Index on Censorship (UK), Bureau of Investigative Journalism (UK), Media Legal Defense Initiative (UK)  Methodologies: Oxford Internet Inst. (UK), CIHR (DE), European University Institute (IT), Hermes Center for Transparency and Digital Human Rights (IT)  Circumvention: Alkasir (SE), Your Freedom (DE)  Secure hosting Virtual Roads (Qurium UK), Greenhost (NL)  Digital Security: Tactical Technology Collective (DE), Frontline Defenders (IR), Globaleaks (IT), Cyber Arabs – IWPR (UK)  Policy/Legal: GIPO (SP), Global Partners (UK), Tilburg University (NL), La Quadrature du Net (FR) We recommend to implement these recommendations using existing funding mechanisms in the Human Rights and Democracy domain inside the EU (EiDHR – Democracy Action Plan – Neighborhood Policy Instrument – Instrument for Pre-Accession IPA) to issue specific calls on a regular basis designated to benefit all organisations in the Internet Censorship Domain and the Internet and Human Rights domain more broadly, as discussed by the study.

Sectors of European Capability

There are also significant capacity and funding gaps within each of the stakeholder sectors that can support the main functions (monitoring, analysis and support mitigation) of the Internet and Human

4 A number of civil society organisations in countries affected by internet and human rights incidents are likely to require support. Given the risks involved, such organisations could be supported through trusted intermediaries. 5 Idem 6 Idem.

12

European Capability for Situational Awareness – Final Report

Rights sector's Situational Awareness.

Within the EU, it is the role of the EEAS to promote and defend human rights internationally, DG- CONNECT has the expertise in ICT and its role is to ensure the integrity of the global internet, DG- DEVCO is the main ERU stakeholder in support to local civil society and Democracy and Human Rights development, DG HOME/JUSTICE is responsible for the defence of European citizens' rights, DG RESEARCH for the support to interdisciplinary research on Internet and Human Rights.

Recommendation Set #2 Supporting the Sectors Participating in European Situational Awareness

Academia: DG JRC / DG RTD: Support interdisciplinary research, fellowships and Support interdisciplinary research, fellowships and conferences to establish the scientific and methodological conferences to establish the scientific and foundations of the space and enable evidence backed methodological foundations of the space and enable policy making. evidence backed policy making. Initiate international academic partnerships. Mitigate for the important gaps in global coverage related to data collection and analysis resulting Initiate more collaborations with local organisations and from gaps in funding. international NGOs.

Local Organisations: DG EEAS / DG DEVCO: Support stakeholders working in countries and regions Improve the safety of communications with local where human rights online are at risk, support the civil society providing information about the development of capacity of local organisations to take part situation on the ground. in the monitoring, analysis and mitigation of incidents. HOME/JUSTICE (defend organisations against internet restrictions and attacks in Europe).

Technical Professional Communities: (including DG CONNECT / EEAS: computer security, network measurement, software Strengthen the connection between the technical engineering, etc) professional communities and the human rights Enable more collaboration with other sectors. dimension. Establish a Civil Society CERT7. Support innovation, piloting and deployment of measurement and mitigation tools and Publish more open data usable by civil society about infrastructure playing a role in identifying and infrastructures (including on mobile apps and social supporting mitigation of human rights violations. networking sites).

International NGOs: DG DEVCO / DG CONNECT: Develop capacity and collaborations on analysis of Facilitate the interoperability of existing monitoring incidents and develop technical capacity to design and platforms with the Internet and Human Rights implement data driven initiatives. sector efforts. Collaborate more with academia on methodologies.

ICT Industry Sector: DG TRADE / DG CONNECT: Collaborate on Human Rights impact assessments. Support the identification and control of sales of surveillance and attack technology. Support partnerships around research. Enable partnerships around responsible disclosure about civil society targeting.

We recommend DG Connect to stimulate interdisciplinary research through Horizon 2020. We also recommend DG Connect to lead the establishment of an internal permanent EU task force to improve the coordination of DGs and services involved in Internet and Human Rights, particularly to provide a focal point for external stakeholders.

7 The idea of a Computer Emergency Response Team for Civil Society is a currently emerging project within the community of digital security experts responding to civil society computer emergencies.

13

European Capability for Situational Awareness – Final Report

Enabling the Internet and Human Rights Ecosystem

Currently, European and global efforts are deeply fragmented creating significant hurdles to collaboration. That weakens the capability to support Internet and Human Rights situational awareness. We have found that there is interest in a federation, but there are deep differences in the approaches and objectives from the stakeholders. Trust is a key issue, with stakeholders willing to share but not necessarily with everybody.

In addition, the process of detection and analysis by experts in the field is a mix of manual and technology supported tasks, with data generally not in formats that are easy to analyse, not always publicly available or not part of a sustained and methodical collection effort. There is interest in a technology platform, but also concern regarding one size fits all technology approaches with a lack of clearly defined use cases and priorities. Thirdly, there is a lack of coordination and continuity of the No Disconnect (NDS) strategy within the European Commission, with the issue being addressed by different services without a clearly defined mechanism to provide an integrated response.

Recommendation Set #3 Cross-Sector Coordination and ECSA

We recommend a progressive and iterative approach towards federating the efforts across sectors:

 Support integrators which coordinate and bring together the various strands of the Internet and Human Rights practices by: o Organise regular diplomatic coordination meetings with EEAS and member states' foreign diplomacy services in order to communicate findings from the Internet and Human Rights sectors and gather requests for analysis and areas of concern. o Organise regular civil society meetings with local civil society, international NGOs and academia in order to communicate findings from the Internet and Human Rights sectors, to share lessons, collaborate on analysis and investigate concerns. o Organise regular private sector meetings with ICT companies in order to communicate findings from the other Internet and Human Rights sectors and gather requests for analysis and areas of concern.

 Integrate cross-cutting initiatives and technical infrastructure components based on priorities established through consultations and requirement gathering and focused on specific and well identified use cases that are of priority for stakeholders.

Recognising that the organisations in the field that are already coordinating, collaborating and sharing to varying degrees of success, do so with a global focus, and acknowledging the risks of duplication, fragmentation and narrow vision of systemic issues related to the nature of existing internet infrastructure, we would recommend against an exclusively European scope. We believe that European leadership in promoting and defending human rights through a global vision supported by collaborations and infrastructure and informed by expertise, evidence and science will have better chances of a sustainable solution for such an initiative.

We recommend the creation of an independent ECSA secretariat that will serve as the nucleus for an ECSA federation and that organizes and coordinates the field.

We also recommend to build an ECSA technical platform based on a Minimum Viable Product strategy based on currently available public data sources, either connected to this secretariat or as a stand-alone option, to integrate existing information and step by step build towards the desired automated data analysis platform that helps constitute and supports ECSA.

14

European Capability for Situational Awareness – Final Report

1. Introduction

Freedom of opinion and expression, freedom of assembly, the right to privacy are fundamental rights of every human being both in the physical or digital realms. Indispensable for individual dignity and fulfilment, they also constitute essential foundations for democracy, rule of law, peace, stability, sustainable inclusive development and participation in public affairs. States have an obligation to respect, protect and promote these rights, as Democracy cannot exist without them.

In addition to outright violence and attacks on the physical security of citizens, journalists and media actors, freedom of expression is often curtailed by laws or practices that impose censorship, encourage self-censorship or provide legal penalties, including criminal sanctions, on the exercise of freedom of opinion and expression, in violation of international human rights law.

In this context, one of the main pillars of the No-Disconnect Strategy8 put in place in December 2011 by the Vice-President of the European Commission and Commissioner for the Digital Agenda Neelie Kroes is the gathering of high quality intelligence about what is happening "on the ground" and "in the Net" in order to monitor the level of surveillance and censorship at a given time, in a given place.

As part of the No-Disconnect strategy, DG Connect has commissioned a feasibility study on a ‘European Capability for Situational Awareness’ (ECSA). The objective is to help EU decision-makers to obtain high- quality and trustworthy information and also gather early-warning capabilities necessary to better perform their functions, particularly in cases which may require EU integrated and multi-level intervention.

ECSA feasibility study

Through the European Capability for Situational Awareness (ECSA) the European Commission aims at developing a broad federation of organisations with expertise in the field of Internet censorship and human rights monitoring. ECSA will provide intelligence and early warning capabilities to better understand the state of the Internet connectivity in close relation with legal, political, media and human rights related events happening on the ground, with a special focus on non-democratic countries.

The feasibility study on the European Capability for Situational Awareness (ECSA) is aimed at providing the European Commission recommendations on the creation of a wider “European Federation for cyber- censorship and human rights monitoring, and the underlying system infrastructure required to that end.“ The duration of this feasibility study was 20 months (December 2013 until August 2015).

8 set up by DG Connect, in close cooperation with other services (DG development and Cooperation; DG Enterprise) and the European External Action Service (EEAS).

15

European Capability for Situational Awareness – Final Report

Research objectives

The objectives of this assignment are to provide recommendation on the feasibility of: (1) The creation of an institutional infrastructure (a federation or organisation) consisting of existing groups with monitoring capacities; and (2) The creation of a technical platform that aggregates a variety of well- defined sets of data that measures and contextualises cyber-censorship, surveillance and threats in countries. The federation or organisation is expected to contribute to and manage the technical platform.

Figure 1.1: Two-fold objective of the ECSA feasibility study

Organisation Technical platform

The overall objective of the study is to provide recommendations on an institutional infrastructure (a federation), a technical platform and to provide a demonstration of such a technical tool (a demo) for situational awareness. The actual creation of an ECSA federation or ECSA technical platform were outside the scope of this study.

These objectives should be achieved by the fulfilment of five consecutive tasks:  Task 1: A list of Internet censorship monitoring organisations capable to constitute a federation and a proposal for the structure of such federation;  Task 2: A catalogue of data sources and categories;  Task 3: A proposal of a data governance framework, establishing the protocols that will govern the management of the data collected;  Task 4: A list of necessary infrastructure, features and functionalities;  Task 5: A set of recommendations on the implementation of the aforementioned four tasks. In fulfilling these tasks the nature of the core activities gradually changed in the course of the study. We started with a more broad – institutional – perspective and increasingly focussed on more specific and technical elements of the assignment.

16

European Capability for Situational Awareness – Final Report

A consortium by Free Press Unlimited (FPU) and Ecorys and in partnership with The Chokepoint Project, Greenhost, Global Partners Digital (GPD), iilab, and Global Forum for Media Development (GFMD). A group of external experts has advised the consortium at crucial stages of the research process. An advisory group was formed from interested stakeholders; the members from different fields provided their expertise and perspectives. A full list of participants of the ECSA study is presented in Annex IV. For each task, specific expertise of one or more of the consortium members has been brought in. Each task has been led by one of the consortium partners, supported by another partner, who has been leading the next task. This has given consistency throughout the process while optimising the specific inputs, expertise and knowledge from our respective consortium organisations.

Table 1.1 Organisation of tasks

Lead partner Support partner

Task 1 Internet monitoring federation GPD, Ecorys Greenhost, iilab

Task 2 Data source catalogue Greenhost GFMD, iilab

Task 3 Data governance framework iilab Chokepoint

Task 4 Technical and infrastructural specifications Chokepoint Greenhost

Task 5 Recommendations FPU Ecorys

Definitions

Situational Awareness is being defined as having access and knowledge about the context in which and how internet freedom inhibitions take place, both digitally and physically, within a timeframe as to make this knowledge actionable. Therefore a key issue of the study is how a federation and platform could or should help to create and provide situational awareness (coupled with early warning capabilities) about such inhibitions and disruptions. Situational Awareness in the context of this study relates specifically to the following three elements:

 Internet infrastructure, connectivity and access (events on the internet);  Legal and policy context (events on the ground as well as on the internet);  Human rights violations (events on the ground).

In the debate on the rights of individuals related to the use of internet, several terms are being used, sometimes interchangeably, such as internet censorship, internet surveillance, internet freedom, internet security and internet access. The following definitions have been used:

 Internet (cyber) censorship is the control and suppression of what can be accessed, published, or viewed on the internet. For this study the focus will be on such censorship actions that are likely to be direct human rights violations.

17

European Capability for Situational Awareness – Final Report

 Internet (cyber) surveillance is the monitoring of the online behaviour, activities, or other changing information, usually of people and often in a surreptitious manner. It mostly refers to the observation of individuals or groups by governmental organisations.  Internet (cyber) security is a catch-all term for a very broad issue covering security for transactions made over the Internet.9 Cyber-security commonly refers to the safeguards and actions that can be used to protect the online domain, both in the civilian and military fields, from those threats that are associated with or that may harm its interdependent networks and information infrastructure and or individuals of such networks and infrastructure. Cyber-security strives to preserve the availability and integrity of the networks and infrastructure and the confidentiality of the information contained therein.10  Internet freedom is the notion and acceptance that universal human rights to freedom of information and expression are fully applicable to the internet.11  Internet access: the possibility for computers, devices and their users to connect to the global networks which support services such as email or the World Wide Web, comprising “A) access to content and B) access to the physical and technical infrastructure that is required to access the internet”12

The report holds a glossary with definitions of these and other concepts.

9 http://www.techopedia.com/definition/23548/internet-security

10 OIN(2013) 1 final. EC High Representative of the European Union for Foreign Affairs and Security policy: Cybersecurity Strategy of the European Union: An Open Safe and Secure Cyberspace. http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1667

11 See Human Rights Council, Twentieth session, Agenda item 3, the promotion, protection and enjoyment of human rights on the Internet, A/HRC/20/L.13.

12 Human Rights Council, Seventeenth session, Agenda item 3, Promotion and protection of all human rights, civil, political, economic, social and cultural rights, including the right to development Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue (16 May 2011) - Page 1.

18

European Capability for Situational Awareness – Final Report

2. Methodology of the study

The methodologies for this study are interviews (task 1, 2, 3 and 5), distribution and analysis of questionnaires to a wide range of potential stakeholders (task 1), surveys to a group of potential suppliers of data (task 2 and 3) and desk research (all tasks). We also consulted our external experts and have organised a workshop (on June 5, 2014) that was attended by our experts plus several stakeholders from the field. Under task 4, the creation of a demo and delivery of detailed technical report, we conducted wherever needed additional desk research, interviews and consultations with experts and stakeholders.

Our initial ambition to pilot the findings in a selected set of pilot countries did not turn out to be feasible. We have consulted NGOs and other experts in these countries and discovered that a full pilot in a selection of countries is only valuable once the ECSA is in a more mature stage.

An addition to the study was the analysis of use-case scenarios which we conducted under task 2. The use-case analysis was centred around the four broad categories of usage that the federation should enable and the platform should support: incident detection, incident analysis, trend analysis and support incident mitigation.

Outputs and research methodologies

An overview of the main outputs and activities and methodologies adopted per task is presented in Table 2.1. We have conducted interviews as part of tasks 1, 2 and 3. Our external advisory board is consulted in crucial stages throughout the process, in particular at the end of task 1, task 2 and 3, and task 4. The details of our approach pet task are presented in the following chapters.

Table 2.1 Overview of outputs and methodologies

Outputs Activities and methodologies

Task 1 Internet monitoring federation Desk research

Survey with stakeholders  Overview of relevant stakeholders and their types of monitoring Interviews with stakeholders activities (internet events, human rights events, journalistic events, Workshop legal events) Feedback from external experts  Overview of willingness to cooperate, possibilities and limitations 1rst interim report

19

European Capability for Situational Awareness – Final Report

Outputs Activities and methodologies

Task 2 Desk research Data source catalogue  A list of possible datasets and their Survey of potential suppliers and users shortcomings (in terms of quality,

license, structure) using a structured Interviews with key information suppliers and sound agreed upon by and sample of users stakeholders typology, based on the tender specs original structure; Use-case research  An updated preliminary country and sources list for the task 4 Demo Feedback from external experts & advisory datasets. group 2nd interim report

Task 3 Data governance framework Desk research

Inclusion of data governance question set in  Data governance framework online survey (analysis of restricted use data, analysis of privacy issues, initial data Dedicated interviews with relevant potential governance requirements) federation members and EC  Protocol repository system (data Documentation and capture in knowledge policies, data standards / validators, management systems roles, workflows)

 Permissions Feedback from external experts & advisory group 2nd interim report

Task 4 Technical and infrastructural specifications Desk research

Demo 0.0 and 1.0: Server installation,  Demo version 0.0 Server Configuration, Domain registration,  Public Repository SSL certificate, Software configuration,

 Technical report Code fork, UI modifications, Code clean-up

 Demo version 1.0 Public repository: creation & configuration Technical report Feedback from external experts & advisory group

Task 5 Desk research Recommendations  Institutional infrastructure Integration of results previous tasks  Technical tool (platform)  Roadmap & budget Interviews with key stakeholders Final report Feedback from external experts & advisory group

20

European Capability for Situational Awareness – Final Report

3. Results of task 1: Consultation and workshop

Task 1 of the study was designed to reply to the following questions: (A) What censorship monitoring organisations, facilities and networks exist with an emphasis on Europe (28 EU Member States?; (B) What are the main monitoring capabilities of those existing initiatives?; and (C) What sort of federated monitoring model can be applied and what is the best way to implement them? Question C will be answered in the next chapter.

For the purpose of this task, the consortium developed a consultation, organised a workshop to showcase the results and gather additional input from attendees (5 June 2014), and produced a first interim study report. A summary of the workshop results is presented in Annex II.

Monitoring organisations, facilities and networks

Key partners for the federation and platform fall into four major categories: non-governmental organisations (in particular, human rights organisations specifically active in the field of press- and internet freedom), government actors, the private sector, and academic experts.

In answering this question we have compiled a long-list of organisations, facilities and networks. This list consisted of a total of 145 relevant organisations, facilities and networks, of which 71 NGOs, 40 corporate organisations, 22 academic institutions, 5 government representatives and 7 from the IMON consortium (table 3.1).

Table 3.1 Survey: total number sent and received Sent Received Response

NGOs 71 32 45%

Commercial 40 5 13%

Academia 22 5 23%

Government 5 0 0%

IMON 7 5 71%

Total 145 47 32%

Including 9 face-to-face interviews

21

European Capability for Situational Awareness – Final Report

Potential stakeholders are based in Europe and in third countries. At the workshop on June 5th several experts raised doubts on the ability of developing a stand- alone exclusively European capability. They felt it might be difficult to achieve such, based on the currently available data sources identified. The current Demo, presented at the workshop for example, uses M-lab datasets. According to the experts, it would be sensible not to limit available data sets to European based organisations.

The survey, as conducted in the March, April and May 2014 among those 165 organisations (see Annex I for a full list of organisations that were approached), was aimed at getting an initial overview of monitoring capabilities of the existing initiatives, and willingness to share information and eventually participate in a joint platform and federation. We received 47 replies (including the interviews), which is response rate of 32%. The highest response rate was from NGOs (45%), followed by the academic experts (23%) and commercial organisations (13%). In terms of responses it is clear that there is greater enthusiasm and interest in this from civil society groups than from the commercial or telecom sector. The responses from the academic groups sit somewhere in between. Given the nature of the project this is unsurprising.

Monitoring capabilities of the existing initiatives

The main results from the survey are the following. The majority of the organisations do collect data and information – both on what is happening in the internet (infrastructure data) and on the ground (context data). In particular NGOs are willing to share (in principle) their data and information. There is less enthusiasm from the commercial or telecom sector. The responses from the academic groups sit somewhere in between. An overview of the availability of data and willingness to share by the individual organisations is presented in the consultation report.

Few organisations collect data on the extent of censorship in a format that is easily downloadable. While information and data is being collected by a variety of organisations, the majority of them have indicated that data collection is not systematic, or available in an easily readable format. The opportunity to standardise information systems was widely welcomed and many groups said that they would have much to learn from more systematic information and data housing and handling.

Infrastructure data. Out of 27 organisations that replied that they collect data about the state of the Internet infrastructure, connectivity and access, 23 respondents said that they were willing to share data. Out of 21 who detailed which type of infrastructure data they were monitoring, after analysis, 9 have data relevant to censorship, surveillance or online attacks in structured or unstructured form. Of these 9 potential data providers related to internet infrastructure most are already publishing data: 6 respondents currently share their data openly and one said they weren’t yet but would “submit to (the Open Observatory of Network Interference (OONI) and other relevant projects” which are open; One indicated they weren’t publishing their data currently.

22

European Capability for Situational Awareness – Final Report

Context data. Out of 24 who replied that they collect data about what is happening on the ground, 20 said they were willing to share data. 18 provided specifics about the type of data they collected which covers human rights violations, press, security, legal and other on the ground issues in countries which are known to conduct censorship, online attacks or surveillance. 15 already publish data, and 6 are reporting that they will soon publish data or are willing to publish but do not currently.

Civil society organisations realise that benefit of participation in ECSA will be that it brings them of scaling up their data collection, making it more reliable and accessible, and strengthening the evidence base for their own advocacy. However they also mentioned the following collaboration incentives and requirements:  The data should not be used for profit generating purposes;  No one should be put at risk in publishing the data;  The information should be openly available rather than restricted;  Some groups dislike the association of the platform with governments;  Many groups will have a need for financial and human resources support;

Academic organisations’ will in particular depend on the research interest of individual researchers and the availability of funding.

The telecom industry will be challenging to engage given: the sensitivity of their operations in different countries, the perceived vulnerability of local staff to harassment, and concerns with maintaining their competitive position.

For commercial businesses the platform will need to develop a proposition that answers the question “what is in it for me if we collaborate?” Most companies in this field already have corporate social responsibility programmes of various kinds (including the Telecom Industry Dialogue) so this would need to add something distinctive that would offer them positive benefits. The biggest advantage of the project would be the creation of a solid evidence base, which can be used by policymakers and diplomats.

A deeper ‘analysis of the different data sources and types of data collected by each organisation or project, the methods employed, the tools or technological developments alderman in place, the type of expertise and target groups’ of the organisations that do have data and expressed willingness or at least interest to cooperate with an ECSA platform was conducted as part of task 2 and task 3.

23

European Capability for Situational Awareness – Final Report

4. Results of task 1: Federation models

One part of task 1 was designed based on desk research and interviews to answer research question C of task 1: What sort of federated monitoring model can be applied and what is the best way to implement them?

In building a successful collaboration a number of different models have been considered. We have examined the experience of the climate change field where many different models of collaboration have been considered and have drawn some lessons from them on which we can reflect. The findings there are not dissimilar to some of the reflections from the surveys conducted.

The roadmap for potential federation models

Potential collaborators for ECSA are likely to fall into two groups – those willing to commit to an open ended process from an early stage and those who want to wait until there is a definitive offer before they decide whether to be involved. For some this will depend upon whether money is made available, for others, the perceived value of the project outputs. This suggests the project should set out two phases – early adopters who shape the protocols and modalities and later entrants who accept the basic proposition.

1. Building a coalition will be a gradual process that should start with trust building measures. From the beginning there needs to be complete internal transparency and flexibility with the collaboration being built from the bottom up.

2. The platform should look at the experience of other sectors building platforms, the main lessons are – while there is a lot of support for ‘sharing knowledge’, in practice there are many barriers to sharing one’s work. There is a need to understand users and participants needs. Technology is secondary to trust and buy-in and this means focusing on outreach (getting high quality in country data involves outreach on the ground). Financial sustainability will be an on-going challenge.

3. In terms of management and oversight, in other fields approaches to content management varied from tight gatekeeper model to a more distributed management model involving various partners. Most of the platforms studied in the climate change field (our chosen point of comparison) preferred a gatekeeper model for content management but the more decentralised method of management for the governance could engender more trust. For this reason creating a small management/oversight structure led by a single organisation and separating the oversight function from content management and creation may be the most effective way forward.

4. Our provisional conclusion is to keep an open mind about governance structures and whether to keep separate, the various functions. By dividing the governance from editorial oversight it will be possible to have a broader range of stakeholders for editorial oversight while retaining tight quality control over content. There should always an element of editorial oversight for quality control purposes.

24

European Capability for Situational Awareness – Final Report

5. One final reflection - most comparable sites required free member sign-up to view and use data/content and there is considerable variation in how open sites are to external contributions.

Conclusions

Going forward the following conclusions 1 were drawn after completion of task:

 At this stage the goal should be to develop communications and outreach to those that have expressed interest and buy inn with the development of ECSA and an internet censorship monitoring tool. In the scope of this study there is an opportunity for limited engagement with potential stakeholders, which could positively impact a potential future federation and platform. The goal here would be to achieve a measure of visibility of project transparency about its development and to build trust in the wider community.

 We recommend that the consortium establishes a periodic outreach to potential stakeholders defined. No early decisions should be taken on the shape and composition of the federation – this should emerge from the desired functionality of the platform and the roadmap to the realisation of such functionality. In the first phase the aim should be to include the widest number of participants as possible to ensure the richest source of data for an initial platform. Successful platforms have taken several years to develop and have often undergone several transformations – the evidence is that being too prescriptive at an early stage will be unnecessarily restrictive.

 As researching the feasibility of a European federation is a main objective of the study, it influences every part of it. During the workshop it was voiced that a federation might have to be broader than just European organisations. This provisional outcome is a deviation from the tender specifications; however the question what is to be gained from a European federation is a valid one that requires more research. Incentives may include: growth of available data sets in Europe, ensuring interoperability and commensurability between European and International data sets.

 Successful platforms have often developed in response to user demand and in response to clear user needs. During task 1 the user dimension is relatively unexplored and it was further researched in task 2 by researching the potential user demand and building in potential user feedback. In considering potential structures we recommend that the management structure of a platform be separated out from the function of content management. The platform management should be concerned with representing the various contributors to the platform and ensuring responsiveness to user needs. The content management function is narrower and should be focused on ensuring that the quality of data available on the platform is maintained.

Finally it must be noted that successful platforms have taken several years to develop and have often undergone several transformations – the evidence is that being too prescriptive at an early stage will be unnecessarily restrictive.

25

European Capability for Situational Awareness – Final Report

5. Results of Use-case research

Successful platforms have often developed in response to user demand and in response to clear user needs. It was recommended during the consultation round of task 1 and accepted that potential user demand should be researched in the context of this feasibility study. Additionally during the ECSA workshop, it was requested by the participants to provide clarity into what the ECSA use cases would be.

The definition of the use cases for ECSA helps determine the best synergy between organisational processes and roles and technology platform in order to achieve the objectives of a Federation. As such this research feeds into the Task 4 technical report and is supporting the Task 5 objective to produce a roadmap for an ECSA technical platform and federation.

Activities

The following activities, or high level use cases were identified through the analysis of platform goals, as well as with the analysis of concrete use cases which were collected through interviews and expert input. These activities correspond to broad categories of usage that the federation should enable and the platform should support:

1. Incident detection, to identify potential candidates for incidents of network interference, attacks or surveillance that impinge on human rights. This capability should augment existing efforts and be based on the collection and monitoring (possibly in near real-time) of a range of relevant and necessary sources, supported by the coordination of human verification.

2. Incident analysis, to contextualise, investigate and report additional facts related to an incident. Requiring valid candidate incidents as inputs, the coordination of inter-disciplinary expertise feeding into a verification and data enrichment process in order

3. Trend analysis, to enable longitudinal research and macro-analysis. This requires the identification and categorization of verified incidents, the availability of the data provenance and information about methodologies. Such macro-analysis might also require the existence of models which allows to answer "what if" questions.

4. Support incident mitigation, to provide data in support of response or mitigation of incidents and enable the coordination of expertise around data analysis that can feed into technical mitigation approaches. This would require the evaluation of threats, risks and capabilities based on the analysis of verified incidents, possibly providing incident feeds to potential affected populations.

The figure below gives a graphical representation of how ECSA activities relate to specific and overall objectives with a logical framework approach.

26

European Capability for Situational Awareness – Final Report

Figure 5.1: ECSA activities and objectives

Summary interview results

When discussing the existing means with which ECSA stakeholders achieve their current ECSA related goals, the following observations about current practices were made:

 Researchers use a number of data sources that are only accessible to research institutions or have paid-only access.

 Allowing more interactions and supporting the creation of spaces for exchanging across disciplines and sectors is regarded as critical in order to build the foundation for data collaboration.

 Importance of trust building between organisations when looking at increasing data sharing.

 Importance of including local human expertise in the process of providing contextual analysis for events

 The ECSA Federation is seen as a potential enabler in identifying civil society organisations for Private sector actors that are in the process of adopting Human Rights and Business Guiding Principles and must conduct human rights impact assessments.

27

European Capability for Situational Awareness – Final Report

The following obstacles to achieving impact or gaps surfaced:

 Gaps in common methodologies for data collection. (i.e. lack of common url categorization).

 Lack of local research capacity: Academia is sometimes not in the best position to support such efforts because of its ties with the state, while local civil society organisations frequently do not have the capacity to conduct research (both technical and non-technical).

 Large geographical gaps (sub-Saharan Africa).

 Gap in response capacity for supporting activists targeted by sophisticated online attacks. Lack of civil society organisations with the skill-set, currently performed by independent researchers in partnership with academia (Citizen Lab in particular).

These obstacles should be taken into account and gaps should be addressed to amplify the perceived usefulness of an ECSA platform and support adoption, as such it is recommended that this is prioritized in an implementation roadmap.

Summary survey result

The majority of the respondents agree that the following activities would benefit from being federated:

 Contextual Analysis

 Technical Analysis

 Publication of Incident feeds

 Awareness raising and support for citizens and local civil society

 Collaboration and learning

A majority agrees that ECSA should not aim to federate the following activities:

 the development of tools to mitigate incidents.

 the management of a data collection infrastructure.

28

European Capability for Situational Awareness – Final Report

6. Results of task 2: Data sources catalogue

Task 2, building on the consultation and workshop in task 1, was designed to answer the following three questions:

- What data sources and categories are necessary, whether they are all accessible and to whom are they available?

- What are the data sources and categories, which the Federation proposed in Task 1, can provide and what are the gaps as compared to this analysis?

- How will the gathering of such data be organized?

For the purpose of this task desk research was conducted, expanded with Use case research to further refine the necessity question (see previous chapter). Furthermore an analysis of current data catalogue software systems was conducted to assess what would be most suited for a consortium. The data sources list is enclosed in Annex III of this report; it is divided into 4 sections: metadata, list of organisations, list of projects and data sets.

What data sources and categories are necessary, whether they are all accessible and to whom are they available?

Based on the tender specifications proposition for categories and our analysis of the potential use cases for the ECSA platform and federation, we have identified the following categories of data sources (with examples) as necessary to perform the detection, analysis and mitigation of network interference, attacks and surveillance impinging on human rights:

In the list below, Sensor data is defined as data about an incident where the information has been collected by a hardware or software agent. User documented data is defined as data about an incident that has been documented by a person. Context data is data which helps detect, verify or analyse an incident.

1. Network Interference 1a. Sensor data

 i) Probe data: reports from automatic testing infrastructure (e.g. OOni, Atlas)

 ii) Client application side data: reports or log data from client applications (e.g. Application logs, NDT)

 iii) Network path data: routing, DNS, Blocking lists changes (e.g. BGP, OpenDNS)

 iv) Server side data: Metrics from circumvention tools (Tor metrics, Psiphon)

1b. User documented data: reports posted by people (Herdict, Social media)

1c. Context data: Infrastructure baseline and control data. Situation on Human rights, Media (e.g.

29

European Capability for Situational Awareness – Final Report

media watch reports), Legal (Internet Jurisdiction Project, GIPO, etc.), Business.

2. Network attacks 2a. Sensor data

 i) Infrastructure integrity data: Binary signature/Antivirus data (VirusTotal), Common Vulnerabilities and Exposure.

 ii) Adversary activity data: DOS/DDOS data (DigitalAttackMap), Botnet activity (ShadowServers), Honeypot data (Honeycloud.net)

 iii) Forensics data: detailed traces, images, samples.

2b. User documented data: reports posted by people (e.g. on social media)

2c. Context data: Infrastructure baseline and control data. Situation on Human rights, Media (e.g. media watch reports), Legal (Internet Jurisdiction Project, GIPO, etc.), Business, Conflict

3. Network Surveillance 3a. Sensor data: Service fingerprinting data, infrastructure data.

3b. User documented data

 i) Adversary activity data: Reports from the ground (GlobalCause), Dual-Use Technology trade information (Spyfiles), Transparency reports.

 ii) Forensics data: e.g. Malware samples

3c. Context data: Infrastructure baseline and control data. Situation on Human rights, Media (e.g. media watch reports), Legal (Internet Jurisdiction Project, GIPO, etc.), Business, Conflict

4. Human Rights 4a. Sensor data: Remote Sensing.

4b. User documented data: Reports of violations (victims and witnesses, civil society organisations, social and traditional media, and bureaucratic and administrative records)

4c. Context data: Technology context (regarding devices, networks, practices). Situation on Human rights, Media (e.g. media watch reports), Legal (Internet Jurisdiction Project, GIPO, etc.), Business, Conflict

See Annex III Data source list for the full current list of organizations and sources candidates. Below is a short summary with some of the findings. A data catalogue must be regularly updated, new sources added, and obsolete or incomplete sources removed. As such the data summary below is a snapshot.

Table 6.1 Summary of sources in the data source list

Total sources 330

European sources 124

US sources 206

Organisations with a project 167

30

European Capability for Situational Awareness – Final Report

What are the data sources and categories which the Federation proposed in Task 1 can provide and what are the gaps when compared with this analysis?

The extensive list of European resources show that there is a European field and emerging capacity. However most of the resources are reports or web pages, in a format that is not too usable for machine interpretation. When researching some of this situations there seems to be a relatively simple path to enriching existing information to be more suitable. We suggest that a federation would provide tools, research and incentives to help various actors, but most importantly local NGOs to open up data in a more structured way while making sure no harm is done in this process.

Other findings:  Circumvention tool data is mainly from US, Canada, such tools are mostly funded and produced there while the tool producers are also the data providers as such this is to be expected.

 Sources from academia, such as datasets from EU funded research are mostly published alongside their papers. Most are one-off, spanning a period of a few years at most (one funding/research round).

 At this point there is a broad interest in methods like scraping, social network analysis, sentiment analysis and other methods, at this point there is no data source that provides solid enough quantifiable data based on these techniques.

 While there are a few leaks and investigative reports that have helped identify Dual-Use Technology sales, this is also a gap that needs further analysis.

 While there are many sources of infrastructure measurement data there are some systemic gaps:

◦ In most cases there is a lack of collection infrastructure capable of performing a wide range of measurements from sufficient vantage points.

◦ A number of infrastructure measurement data sources are private and require the procurement of paid licenses (for instance for real-time information about ongoing DDOS attacks and potential sources) or only allow access to researchers.

How will the gathering of such data be organized?

We suggest that a catalogue be made available as part of the ECSA federation effort.

If a catalogue is to be managed by a federation and the observations about the maintenance of a data sources catalogue are taken into account, we suggest that the means, tools and incentives are in place to support the ongoing on-boarding, improving, updating and assessment of data sources.

A data sources catalogue management system would allow for different levels of user access depending on a structure for a federation. Some sources’ metadata could be automatically imported from other

31

European Capability for Situational Awareness – Final Report

CKAN or compatible instances, while the platform would allow smaller organizations to curate their own metadata or parts of it. A further elaboration on curation of data in relation to federation models was part of the task 3 data governance discussion.

Collecting Data

 Anonymisation and removal of not-to-be-used data must happen at the data source provider, before entering the ECSA system. The ECSA system must not ingest data that does not already fulfill minimum requirements

 Data storage of original sources is not seen as a federation task by respondents. This does not mean that ECSA will not store data, it just means that the data provider is responsible for their own storage and only federated when needed for the platform.

 Further research in how to collect data was done in task 4.

Meta data structures

The ECSA proposed ontologies are based on the default CKAN13 ontologies, practices in the field, emerging standards like DCAT14 and specific requirements for an ECSA platform (for instance as related to the categories used). To get a list that is a minimum fit to be descriptive enough for all current platform goals

13 A popular data catalogue management platform (used by the EU open data portal and others) 14 DCAT is a data catalogue vocabulary (RDF/XML) http://www.w3.org/TR/vocab-dcat/

32

European Capability for Situational Awareness – Final Report

7. Results of task 3: Data governance framework

The ECSA Federation needs to be equipped with a Data Governance framework that can provide clear criteria and guidance for members to contribute data sets that are useable and useful for members and users of the platform. It also needs to define how members will interact with data in order to support the objectives of ECSA. This will directly support the first summary objective to improve the quality and availability of data driven evidence of online interference, surveillance and attacks infringing on human rights. Task 3 of the study was designed to reply to 5 questions.

What main elements should be taken into account in an optimal data governance model?

The key objectives for data governance in different contexts are similar: improving data management practice, aimed at improving decision making and guaranteeing compliance.

The following aspects were found to be relevant data governance principles that apply to ECSA:

 Compliance: Ensuring that relevant laws, such as the Data Protection Law and the Intellectual Property Law are respected.

 Ethics: Safeguarding ethical management of the data, the protection of individuals and their fundamental rights. Ensuring that only necessary data is collected to answer specific use cases.

 Quality: Guaranteeing the quality and availability of the data and/or the documentation of quality approaches. This includes issues of verification, errors, bias, as well as transparency in the provenance of the data, the context in which it was collected, transformed or produced.

 Impact: Ensuring that the data best supports decision making, and is best suited for the use cases adopted by ECSA.

 Accessibility: Ensuring that the principles, processes and tools of data governance are accessible to ECSA stakeholders. For instance by supporting progressive enhancement of the data, facilitating learning and providing incentives for participation.

 Interoperability: Ensuring that different data providers follow the standards that enable comparison, aggregation and other manipulation and analysis of data sets.

Are there data governance standards that can be used for this particular case?

With regards to existing practices in the sectors covered by ECSA, there are data protection and ethical guidelines developed in the Human Rights sector and internet measurement field that are directly relevant to any data managed by ECSA.

There are interesting insights that are highly relevant to ECSA in the area of information management in the humanitarian sector. They provide insights that can apply to a wide range of actors, a diversity of

33

European Capability for Situational Awareness – Final Report

data sets, and that relate to the identification and verification of incidents providing information to support response, mitigation or resilience efforts.

The open data sector also provides practices and tools that are relevant to ECSA, given the alignment of the Open data principles with the accessibility data governance principle mentioned above and the fact that a number of ECSA stakeholders are supportive of open data principles. The range of actors in the Open data sector is even broader and its diversity matches that of ECSA. It is also a relatively new sector which has an overall financial capacity that is closer to that of the ECSA sector than the humanitarian sector. In addition, there are innovative approaches that can also be applied to ECSA such as the Open Data Certificates, a framework and tool which allows data providers to evaluate their practices in comparison to different levels of existing practice.

The environmental sector provides examples such as ambitious European effort to create an Integrated Sustainability Assessment Platform which has the aim of reducing the environmental impacts of EU production and consumption and provides an approach based on international standards for Life Cycle Assessment (a scientific, structured and comprehensive method standardised in ISO 14040/14044). This project provides guidance on how to implement the Life Cycle Assessment standard in practice and how to develop application specific or sector specific standards that are applicable to data sets from various expertise domains. This overall approach inspires the proposal for an ECSA data governance framework, which aims to provide high level principles and guidance, through an initial structure that should be further refined by each sector and application as the ECSA federation and platform progresses in its development.

Do all data sets and sources need the same level of protection?

In summary, the data published by the ECSA platform should be Open Data following the highest ethical standards with regards the protection of data subjects.

When considering data subjects from a legal standpoint, all data sets that contain personally identifiable information must be given the same level of protection.

From an ethical standpoint, when data is related to affected or vulnerable populations, the efforts made to protect data subjects or users must follow the highest possible existing standards and practices. For instance guidelines exist for the anonymisation of data sets, the collection of internet measurement data, the collection of human rights documentation, for data pertaining to humanitarian crises or data gathered from vulnerable sources in journalism. Some data governance policy decisions must be made regarding the management of data related to politically exposed persons (PEP) and where compliance with the right to be forgotten is relevant.

When information is only available through a limited number of public sources, there is a risk that this information could be removed and rendered unavailable to the public or researchers. Ensuring that the content is mirrored in a reliable and verifiable way may become an important safeguard.

34

European Capability for Situational Awareness – Final Report

In general it is recommended that the ECSA platform doesn't collect, analyse or publish sensitive or restricted use information, and that such information should be managed by ECSA stakeholder themselves with the appropriate security measures required as further detailed in the next answer.

What kind of security measures need to be established?

A deeper holistic analysis of the security of ECSA must be undertaken as part of Task 4. It should align ECSA security objectives with its overall objectives, and consider political, technical, legal and ethical risks.

Regarding the security of data managed by the platform (integrity of data sets, integrity of the meta- data). Additional definition and analysis of key security requirements should be formalized using threat modeling methodologies. However, at the data governance level the following non-exhaustive list of principles should be considered:

 Confidentiality (access control, ability to audit, data minimisation etc)

 Availability (resistance to denial of service, allowing anonymous access, access through circumvention tools)

 Integrity (of the data, meta-data)

We recommend that the ECSA platform doesn't store sensitive or confidential data (apart from the necessary user account information that such platform would necessitate). It is however recommended that, when relevant and if agreed to by the data provider, the ECSA Platform catalogues existing sensitive or restricted use datasets in order to support the discovery of interesting data sets and collaboration between ECSA stakeholders which would require specific security measures that an Open Data platform wouldn't provide. In addition it is recommended that the ECSA software is made available under an open source license, in order to allow for the deployment of private instances (behind the firewall) managed by federation members requiring the inclusion of private data in their analysis, in addition to the public ECSA platform (managed by the ECSA federation and containing only open data).

ECSA members and other organisations are then free to deploy private or public instances on their own system infrastructure, with their own data sources and their own access control rules and other security measures. If such a private instance is deployed, the organisation responsible would implements the security measures appropriate to the level of sensitivity for the data they manage, and to the management and enforcement of access controls they require.

How will the data governance model be implemented among members of the Federation and what is the necessary infrastructure to make it operative?

Given that ECSA is essentially a data focused undertaking, the importance of a pro-active, collaborative and supportive data governance implementation plan must not be underestimated. The capability of ECSA stakeholders to formalise and optimise the processes used to manage data, is a key driver in the

35

European Capability for Situational Awareness – Final Report

overall development of a European capability for situational awareness. The ECSA Federation governance structures should therefore play a role in driving Data Governance adoption through capacity building and stakeholder engagement.

The overall approach suggested is iterative and collaborative, implying that this initial proposal will be reviewed, discussed and aligned with the overall progress of the federation, including the resources available to support its various component.

Taking this into account, the following table (7.1) proposes a possible approach to identify areas of potentially higher gains and lower costs in an initial stage, while generally aiming at taking into account the most comprehensive or impactful principles present in the later stages.

Table 7.1 Phases for ECSA Data Governance Framework

Phase Planning and Control Function Support and Education Coordination Function Function

Initial Start a discussion about Reuse (or modify) the Create a data governance using Open Data Certificates business/programmatic (This could be pre- the initial proposal as a self-assessment tool to case for ECSA and data federation) basis. create metadata for the governance. data catalogue that will Continue reviewing help evaluate compliance. potential members' practices and build the ECSA data catalogue.

Managed An initial data governance A group of ECSA members Documentation of framework is adopted. are chosen to act as data compliance rules. (This would require a stewards for the ECSA federation structure and Decision making authority platform. support the launch of the about data governance is technical platform) assigned to overall ECSA Create terms of service to governance structures. clarify the responsibility.

Defined Dedicated decision There are Data Stewards Guidelines for different making authority is in each of the thematic sectors and thematic assigned to data areas covered by ECSA. areas covered by ECSA. governance.

Quantitatively Managed Data governance Data governance projects Data governance projects objectives and progress and services are include a support and are measured. implemented. education component.

Optimizing TBD TBD TBD

The data governance framework would be iteratively improved within and across each phase:

 An Initial phase, during which additional consultations must take place within the pre- federation governance structures, in order to gather potential members’ inputs on the Data Governance framework and proposal for implementation, validate and gather agreements or endorsement for the principles of the data governance framework. When possible existing tools or resources should be reused and adapted to support learning and improved practices in the sector.

36

European Capability for Situational Awareness – Final Report

 A second (Managed) phase, where agreed upon initial data governance structures would be put in place and roles assigned. More research and more in-depth documentation would be also be done. And initial protocol, including terms of services and minimum compliance rules would be adopted to allow the launch of the technical platform.

 Follow up phases (Defined, Quantitatively Managed, Optimising), conditioned on the availability of resources and the participation of members, would see further improvements in the overall management of the Data Governance, including dedicated roles, new tools and methods, detailed performance indicators and extended support and education functions. Each domain of expertise within ECSA, should review the data governance framework and apply its principles to adapt policies and standards to each domain.

37

European Capability for Situational Awareness – Final Report

8. Results of task 4: Technical and infrastructure specifications, features and functionalities

In balancing the outputs of the preceding tasks with the requested goals and requirements, we determined it to be beneficial to assume a development approach towards a minimum viable product. Considering the prior study results and the technical requirements for an ECSA platform, this study finds that the establishment of an ECSA federation and the development of an ECSA monitoring platform can be approached as independent efforts.

Scope

The ECSA tender specifies a number of requirements and goals that are to be met by an implementation. To estimate the necessary effort and resources to meet these objectives, these requirements and goals have been translated into work units.

A work unit is a package of activities and resources which yields some operational capability that enables or fulfils the stated requirements and goals.

Dividing the work units in this manner also allows the technical feasibility assessment to be performed in a manner that avoids a strong dependence on potential use cases and federation models. The results from the previous study elements (tasks 1, 2 and 3) strongly indicated that the most effective approach to accommodate the wide variety of expectations with regards to the requirements for an ECSA platform, from an equally wide variety of stakeholders, is to validate theoretical conceptualizations against practical results. This is particularly important considering that an ECSA platform will provide a decidedly innovative capability for monitoring and detecting infringements of human rights, such that ex ante deliberations may prove of limited value in defining and achieving the intended outcomes as specified in the tender specifications. The technical report (which is annexed as a separate Supplementary Technical Report to this Final Study Report) did not prescribe or explore user interface or visual design aspects, nor should it have been expected to do so. Such aspects are fraught with identity issues and do not fall within the scope of a technical feasibility study. It is nevertheless recognized that usability and user interaction play a vital role in the success of any technical implementation.

Work Units – COLLECT

Feasibility impacts in regards to collection of data can roughly be identified as: 1) availability of data and 2) methods of acquisition.

Four required source data types are identified: 1) network data, 2) contextual information, 3) policy information, and 4) incident reports. For each of the required source data types, there appear to be sufficiently large data publishers to feed into a phase 1 minimum viable product (MVP). In regards to feasibility of methods, using ’pull’ acquisition of data (see the sections of chapter 4 COLLECT.* of the

38

European Capability for Situational Awareness – Final Report

technical report in the annexed Supplementary Technical Report) can start immediately, as such collection requires little to no organisational preparation. For data acquisition using ’push’ or ’probe’ methods, much more preparatory work would be required, much of which would venture outside of the technical realm and into the organisational, as such methods require extensive coordination with third parties before data can be collected. Additionally, these methods will introduce barriers in the form of security and safety consideration for data suppliers.

While the wide variety of data sources, data elements and data publishers might suggest that an ECSA platform would be a big data platform, the authors would rather consider it a ’many data’ or ’much data’ platform. In particular because the combination of High Volume, High Velocity and High Variety, while applicable in aggregate, are not applicable in unison. The data sources for an ECSA platform in aggregate are Highly Variable, but most of the data sets looked at are not Highly Variable, sometimes High Velocity and rarely High Volume. ’Big Data’ is very much a consequence of very large user groups modifying and creating data constantly, such as is the case for Youtube, where 1 billion people watch 4 billion videos a day, uploading 300 hours’ worth of video every minute. The footprint for an ECSA platform’s data would not be remotely similar. As a consequence the resources required for a first iteration minimally viable ECSA platform are significantly more modest than might have been expected.

Concerning geographic scope of data sources in relation to where to focus effort in cyber censorship monitoring, interestingly enough the very basic statistics offered by the World Bank about internet penetration are illustrative here. If a country has 1% internet penetration, cyber-censorship is probably not a very relevant indicator of possible human-rights infringement.

Work Units – ANALYSE

Deriving meaningful information from the wide variety of data sources that will feed an ECSA platform requires a powerful set of analytical tools. The ANALYSE.* chapter of the technical report (chapter 5 of the annexed Supplementary Technical Report) examines a number of techniques and applications based on a four-layer categorization of analytical methods: 1) Frequency Analysis, 2) Quantitative Analysis, 3) Semantic Analysis and 4) Human Analysis.

These four categories of analytical methods provide a framework for data analysis that maps directly onto the four required source data types, accommodating the analysis of a wide variety of data sources from basic statistical measurements on machine-generated network data to the automatic recognition of objects in images published via social media.

Human Analysis is identified as a crucial aspect of the data analysis process. The importance of the human factor cannot be overstated. An ECSA platform, in order to fulfil the commitment to “facilitate the role of activists, political dissidents, bloggers, journalists, and citizens” and “uphold human rights and fundamental freedoms” must not only establish technical infrastructure, but also foster a culture of trust and responsibility through active and ongoing engagement with the platform. Not only is this

39

European Capability for Situational Awareness – Final Report

essential for maintaining the platform’s effectiveness and integrity, but also to ensure every platform user’s fundamental rights to privacy and security.

Work Units – MANAGE

These work units describe aspects of system monitoring, including interference mitigation and job scheduling management, high availability, including DDOS protection and automatic failover, and disaster recovery, including backup and recovery. The technical system administration of an ECSA platform can mostly leverage existing tools and processes, although custom knowledge and/or development will be required to monitor and maintain the bespoke data collection pipelines. The potentially high profile of an ECSA platform requires that special consideration is given to high availability and disaster recovery. Since some concerns in relation to these topics can be mitigated through the design of the system architecture, they are also referenced in the Architecture section of the technical report (chapter 20 in the annexed Supplementary Technical Report).

Work Units - APP

The APP sections are represented by in the technical report by APP 1-9 chapters of the technical report (chapters 6-14 in the annexed Supplementary Technical Report), covering application design, interaction and user interface. More specifically: 1) Mapping, 2) Alerting, 3) Reporting, 4) Repository, 5) Dashboard, 6) Mobile, 7) User preferences, 8) Secure communications and 9) Data access API.

When considering the lifespan of data (in a very non-specific sense) suitable for use in an ECSA platform, the systems described in APP.* would sit on top of the work done in COLLECT.* (to acquire data) and ANALYSE.* (to perform analysis and enrichment). Once those two steps have been completed, the multiple APP.* systems can provide means to show the data, make it available for consumption, generate events that are related to it, and more. The development of systems in APP.* are understood to work with data which has already been acquired and at a minimum, indexed, but most likely processed and analysed. Many different APP.* chapters describe functionalities and interfaces that will be presented to the end user directly. While these sections do not explicitly deal with user interface design, they delineate expected interactions to be made possible for users of the platform.

Architecture & Work units – INFRA.*

A possible implementation of a minimum viable ECSA platform to be completed within 15 months as well as a roadmap for subsequent implementation phases to move beyond a minimum viable product are provided. The roadmap towards a minimum viable product is based on a determination that sufficient data sources exist to feasibly deliver the minimum viable product using a ’pull only’ data collection methodology. This approach mitigates some of the complex issues regarding access levels and federation membership, significantly reducing the risk of unanticipated complexities. With regards to

40

European Capability for Situational Awareness – Final Report

budget considerations, the authors would be inclined to start with modest infrastructural requirements and allocate the bulk of resources to the development of data analysis and presentation, in line with the MVP approach described earlier.

Software and hardware requirements

The presented MVP architecture can be achieved with modest hardware requirements. Where possible, software requirements are given based on functional criteria instead of specific, prescriptive recommendations. This is done in part because in many cases, such a prescriptive recommendation would be based on the subjective preferences of the authors rather than objective criteria, which would unnecessarily constrain the available selection. Furthermore, in so far as objective criteria do apply, they depend on (practical) considerations that are best decided by the development team to engage in the development effort. Finally, and related to the last point, software evolves at such a rapid pace, particularly in areas such as geographical mapping and semantic analysis, that it is prudent to postpone specific decisions until development actually starts. The INFRA.* and MANAGE.* sections provide software suggestions with the express understanding that their implementation is dependent on the combination of such practical considerations, especially given that there is a wide selection of existing software solutions in these realms. Software choices for the APP.* cluster of work units rely – in addition to the above – also on the outcomes of a visual design track.

Security and safety

While security is a recurring theme in most chapters of this study, and an important consideration in the context of an ECSA platform, the authors feel that many concerns in this regard can be mitigated by 1) adopting processes and tools that have already been proven to be secure and 2) avoiding the development of high-risk features, where failure might potentially compromise the users of the system. Against this background, the authors recommend against the development of a mobile component (see APP.6) and a secure communications channel (see APP.8) during at least the first four implementation phases.

41

European Capability for Situational Awareness – Final Report

9. Proof-of-concept use case: demo

The Demo, is available online at https://ecsa.chokepointproject.net

The demo was coded based on a fork of The Chokepoint Project’s web front-end, this fork was previously known as "ECSA demo V.0" and presented during the ECSA workshop.

As articulated earlier in this study, the perfect is the enemy of the good, any improvement to the current state of affairs will be better than doing nothing. Situational Awareness requires access to and understanding of information from a wide range of disciplines both in its context over time as well as in its most recent form. (Near real-time).

The demo represents an access point to automatically digested and analysed data from disparate sources which would otherwise not only require laborious and costly manual action, but also a high level of in depth understanding from various fields of expertise. The assumption is that an ECSA platform should improve understanding for in particular generalists, such as political professionals or journalists, in a timely fashion so as to make this understanding actionable.

While there are many types of users which could be aided by an ECSA platform, a ‘user story’ of one such user, that of the “Political professional”, might illustrate some situations in which an ECSA type system as demonstrated by the demo could be of great value. Irrespective of the type of user, or use case, the common denominator and primary goal of an ECSA platform would be to improve access to and usability of factual information, to improve the ability to differentiate fact from fiction, causality from correlation and incident from trend. To foster “an immunity from misleading anecdote.” – Prof. David Spiegelhalter.15

Evidence based policy: The political professional An elected official, a policy officer or any other ‘political professional’, would like to have information about a topic or a location to inform their decision making process. Such a political professional might want this information once for a specific location over a longer period of time, or at regular intervals for multiple locations and topics. An ECSA platform will be an aid in:  The determination of policy goals, and the consequent synchronization of funding objectives. Given the harsh reality that resources for the defence and promotion of basic human rights are limited and that the defence and promotion of one human right is likely to compete with defence and promotion of another, difficult choices always have to be made. Evidence based policy then, should assure that such, at times unpalatable, choices are informed by fact, with the intent to maximize the results of consequent support of basic human rights. We interpret maximization here as the highest possible number of people being able to exercise their basic human rights, who previously did not have this ability or were in danger of losing this ability. To achieve the policy goal of promoting and improving basic human rights in Ethiopia, an unfortunate

15 http://www.southampton.ac.uk/~ccu2015/presentations/spiegelhalter.pdf

42

European Capability for Situational Awareness – Final Report

choice might then have to be made between funding 1) digital training of journalists 2) improving access to the internet or 3) increasing the rate of literacy. All three of these approaches will have an impact on free speech and the access to information, in 2013 only 1.9% of the population had access to the internet and in 2015 in had a literacy rate of 49.1%, amongst the lowest in the world. Although journalists in Ethiopia might be in dire need of digital training, this approach would only have potential benefit to 1.9% of the population. Whereas improving basic access would be beneficial to 89.1%, of which 53% might benefit even more from learning how to read and write. Ethiopia: https://ecsa.chokepointproject.net/country?country=ET&date=2015-07-14

 Verification of claims by states, companies, media, funding beneficiaries, lobby organizations and others. - Autocratic country X has recently undergone a change in government, is claiming to now be (more) democratic, to respect human and civil rights and is requesting development aid. It receives this aid for two years and then requests additional funding to strengthen the advances it has made. Network measurements over that period show that previous existing interference has decreased. Reports from Reporters without Borders show a decrease of journalists killed, but an increase of imprisoned journalists. Such measurements would show that although there have been improvements to the previous situation, these are not as great as claimed. This current information will then assist in a determination of which policy would best assure the intended goal of said policy during the subsequent period. - A factual example, in part similar to the previous hypothetical case, was the blocking of the Sri Lankan news website www.colombotelegraph.com. This news site had been blocked regularly in the past16, and when a new president took office on January 9th 2015 an order to lift the ban was issued. However, despite the order, there were reports the site was still inaccessible and it appeared that the technical implementation of the ban remained in place, certainly in part. Much confusion and debate about the accuracy of these reports quickly ensued as some people could access the website. Subsequent continuous public measurements determined that the block might not have been uniformly implemented, or perhaps already removed in some places. At least in one network in Sri Lanka no interference with the connection to this news site was detected. The same continuous measurements detected the removal of technical interference with access to this website on February 5th 2015 between 03:46 and 11:32 UTC17, 11 days after measurements began on January 28th 2015. A policy officer with access to an ECSA platform will have been able to identify and report on the current status of such issues, their progression and severity over time. With complementary information directly available, such as the presence or absence of a legal framework within which such interference takes place and, equally important, reports on the general human rights practices in a location, such a policy officer will be better able to asses priority, viability and efficacy of policy interventions such as regulation, public pressure or the application or institution of funding programmes.

ECSA demo v1, web-page by web-page

The Demo demonstrates user interface elements mapped from the tender specifications. The requirements which are demonstrated are: 1) The implementation of a dashboard to seamlessly aggregate and contextualise data. 2) The implementation of a repository of 'processed information' (reports). 3) The generation of easy-to-read material and snapshot reports. 4) The generation of alarms, and 5) The implementation of online interactive visualisations by means of Live-Maps.

16https://www.colombotelegraph.com/index.php/colombo-telegraph-blocked-how-to-reach-us-now-sri-lanka- telecom-and-mobitel-joins-the-dpi-club/

17 https://chokepointproject.net/the-disappearance-of-flight-www-colombotelegraph-com/

43

European Capability for Situational Awareness – Final Report

The demo uses live data sourced from the following organizations: Measurement Lab, The World Bank, Citizen Lab, Maxmind, the Asia Pacific Network Information Centre, Tor Project, The Chokepoint Project and The University of Oregon. Analytic data is generated by The Chokepoint Project using methodologies developed by The Chokepoint Project and the Oxford Internet Institute. Many explanatory tool-tips have been spread throughout the demo to illustrate the functioning of each button and as such, these will, generally, not be discussed here.

Dashboard - The ’Dashboard’ page displays movable widgets with live data collected from a variety of sources, and a selection of user interface elements to illustrate features such a dashboard might require.

Repository - The ’Repository’ page is where report collections, either generated using the ECSA platform, or as collected by the ECSA platform, would be searchable, viewable, shareable and downloadable. Some possible ’collection’ groupings are illustrated as being grouped by: 1) source (UN, EU, Private sector, Media and such), 2) By research topic (Technical, Policy, Law and such) and 3) region (Eastern Africa, Central America, Northern Europe and such.)

Reports - The ’reports’ page is where a user would be able to create and schedule creation of custom reports using analytics available on the ECSA platform. The listed reports are a suggestion of potential reports which could be created.

Alerts - The ’alerts’ page is where system configured alerts and user configured alerts based on conditions of one or more processed datasets can be browsed and configured. This is the default ’destination’ of an alert. Additional alert destinations would be configurable, such as email, SMS, and such. Such external destinations however, would require a verification mechanism to prevent becoming a spamming service.

Feeds - The ’feeds’ page would be where more and less processed (examples are all unprocessed) information feeds would be displayed. Not dissimilar to RSS, these would be filterable by external source, topic and tag, which in turn would be generated by the platform. A user defined filter selection could then be added to the dashboard. Although not presented as a user interface element, there is no reason why a user defined text could not also be used to filter such feeds.

Maps - Similar to the ’reports’ page, the ’maps’ page would be where existing maps could be selected, and custom maps would be configured using data present in an ECSA platform. Such maps would then be addable to a user’s dashboard, saved for use in a report or shared with others.

Notifications - The ’Notifications’ page is where system wide ’important’ messages would be shown. These are identified as either 1) ’Alert Notifications’, being notifications of significant anomalies detected by the ECSA platform of which all users should be notified, and 2) ’System Notifications’, state anomalies either detected by the system or by its operators which are of relevance to its users. The latter would be of particular significance to avoid misinterpretation of false-positives due to issues with an aspect of the platform.

Account - The ’accounts’ page, meant to illustrate the necessity for a form of user management to support many other the other demonstrated features, it also is the place holder for user configurable settings.

44

European Capability for Situational Awareness – Final Report

10. Conclusions

As indicated by stakeholders during the workshop that was held half way the ECSA study and also appears the results from the consultations, there is a widespread enthusiasm to create a European Capability for Situational Awareness. But we also see that ECSA means many different things to many different stakeholders.

The survey and consultation rounds highlighted that out of 165 organisations questioned, only 9 gather data in a structured (machine readable) format and are publishing those already18. In addition the survey showed that respondents voice concerns about how to ensure 'do no harm' principles to the data shared and submitted to the technical platform of an ECSA and insist on the (political) independence of an ECSA.

Most organisations who expressed a readiness to commit to an ECSA prefer an incremental growth model for a federative effort to govern an ECSA. A number of organisations who expressed interested in ECSA adopted “a wait and see” approach. Diplomacy of the EU and its institutions will be required to endorse the project and ensure buy in of the private sector.

The study identified the scope of ECSA as incident detection, incident analysis, trend analysis and the support of incident mitigation. Building on this, the Data Governance model for an ECSA should be strongly founded in ethical principles, policies and standards which should ensure that the data is usable and purposeful. The study has found that a maturity model whereby the first willing and able partners set joint standards would inform a self-assessment tool for potential federation members and contribute to gradually refine the model as the federation grows.

Despite the identified challenges associated with the establishment of a multi-domain, multi-disciplinary and multi-stakeholder organizational structure, the technical report and the demo – in sync with previous findings – conclude that irrespective of these preconditions it is entirely feasible to build an ECSA monitoring platform based on the notion of a Minimum Viable Product either in parallel or separate from such an organizational structure. Such a Minimum Viable Product would be largely based on the collection of data from existing data publishers. Such data would include data with open as well as closed licenses, both free to use and fee-to-service (possibly with some of the earlier mentioned organisations as data sources as well as a wealth of existing available public information resources – news agencies – social media - legal databases and so on.

18 The submitted version of the data catalogue contains 11 data sets published by European organisations and marked as structured (i.e. machine readable) that are publicly available and specifically about Internet and Human Rights. It also contains an additional 15 data sets which are marked as semi-structured and could be potentially analysed.

45

European Capability for Situational Awareness – Final Report

Based on these findings IMON network recommends DG Connect and the EU institutions to follow a path of incremental growth when building an ECSA starting from the two following stepping stones:  Establish an ECSA coordination secretariat to increase coordination between stakeholders  Engage with the potential users of a technical platform to identify core features of a Minimum Viable Product.

In order to detail and elaborate on these major findings the Task 5 lead conducted interviews with all relevant stakeholders engaged in the study to provide a more detailed set of recommendations for the Internet and Human Rights sector. The interviews were held with representatives of EEAS, DG Connect, DG Devco, Experts of the consortium, members of the Advisory Group that was created during the study and some stakeholders present at the ECSA-workshop (Annex VI). The interviews asked respondents about the main findings of the tasks and asked for advice regarding the way forward for ECSA given those results. These interviews reinforced our main findings:  Recognising the current lack of coordination and consensus in this broad interdisciplinary domain, alongside the urgency for better outcomes in this sector we have assessed that a federation is not currently feasible and recommend to take measures to develop the necessary foundations for more collaboration within the field of the Internet and Human Rights sector. The diversity of stakeholders involved does not have the opportunity to discuss, share learnings, identify common objectives and define consensual approaches to achieve objectives. We therefore recommend that the foundation for the federation of efforts be strengthened, taking into account the current state of affairs in collaborations and discussions across civil society, academia and business.

 Given the broad set of EC institutions which are concerned with human rights and technology, recognising the necessity of sharing expertises with EU decision makers (such as DG Connect but also EEAS, or DG DEVCO or DG Justice for instance), it is important to create spaces (and better integrate existing ones) to help define the interaction between policy makers and "practitioners". In this proposal we believe that creating an ECSA organizational structure as a trustworthy space with policy makers, where reports from the implementer group are discussed and analysed, is a good first step before attempting to create broader spaces where EC and member states exchange. We recommend to engage within existing spaces (such as Rightscon, Cyber Dialogue and SIF) but also build new ones. This particular aspect is drawn from the lessons of the freedom online coalition and freedom online conferences, which has difficulty making progress because of the gaps between stakeholders and the lack of consensus within practitioners.

 An overall data analysis platform is feasible but premature given the way in which relevant data are mostly gathered manually and grounded in a wide range of disciplines. Automating part of this process is feasible but risks introducing a selection bias by focusing on existing available

46

European Capability for Situational Awareness – Final Report

data only when it would be more beneficial to continue supporting the overall ecosystem that is able to provide analysis currently and focusing on improving their methodologies and tools. It is premature to try to automate overall analysis and better to focus on research, and pilot deployment of existing approaches to evaluate their impact. This is the reason why we recommend the creation of interdisciplinary spaces inside existing sectors of expertise to foster successful initiatives. The Citizen Lab’s Great Cannon study (https://citizenlab.org/2015/04/chinas-great-cannon/) appears to be a leading example to follow.

 A special focus is needed to rally support for the entire ecosystem of funding and funding sources for Internet Freedom, Internet Censorship monitoring and Internet & Human Rights more broadly in the European Union. The No Disconnect Strategy has not been adequately funded to support the pillars of Internet and Human Rights field in Europe. Compared to the United States minimal funding is available and it seems like an urgent priority for DG Connect to cater more support with the funding instruments that are available in the European Commission (EiDHR, FP7, DAP, NIF and other existing networks) to increase support to the ecosystem of organisations, both Civil Society, Private and Academia active in the field of Internet and Human Rights. It seems vital to also foster ties with the EU Member States to increase their available budgets for fostering the Pillars of Internet and Human Rights Field by engaging more with the Freedom Online Coalition and Swedish Internet Forum for example. It is unlikely at this stage that funding from the private sector is likely for ECSA. This is why we believe that the creation of an ECSA Secretariat could leverage more support by engaging continuously all European actors around this field.

The following set of recommendations will allow the EC institutions to get a 360 degrees vision of the field and keep track of worldwide developments in Internet restrictions and violations of human rights. With this approach, it will promote Human Rights via European leadership and through a truly global vision supported by collaborations and future infrastructure, informed by expertise, evidence and science.

Finally, we believe that an ambitious project such as the European Capacity of Situational Awareness will only become sustainable if it raises interest of European citizens. This step is necessary to turn the myriad of the Internet and Human Rights sector’s initiatives into political actions. Intermediaries (organizations, journalists or activists) are crucial links and advocates among civil society, but there is an absolute necessity to involve European citizens to achieve concrete outcomes and to make this project a true European concern and priority.

47

European Capability for Situational Awareness – Final Report

11. Recommendations

The recommendations have been formulated in three main areas:

1. Sustaining ongoing European Situational Awareness

2. Supporting the sectors participating in European Situational Awareness

3. Cross sector coordination through ECSA Secretariat and ECSA Technical Platform

1. Sustaining Ongoing European Situational Awareness

Because the field is fragmented between different actors and evolving very fast, as is the internet. And because we need to act now to foster trustworthy exchanges and build the conditions and foundations for collaboration, we propose to focus in the first place on 1) the building of a Minimum Viable ECSA platform, 2) a lean ECSA organizational structure but also to 3) foster existing high-potential projects by supporting ongoing initiatives which have the potential to feed an ECSA platform in the future. This approach will allow the Internet and Human Rights sector to capitalize on the present dynamism of the field by supporting ongoing European projects which need support and are leading their own respecting expertise, whilst building the required foundational infrastructure to provide evidence based situational awareness. It will also contribute to structure the heterogeneous scene of Internet and Human Rights’ expertise as a sector.

This recommendation should be implemented by stimulating existing funding mechanisms in the Human Rights and Democracy domain inside the EU (EiDHR – Democracy Action Plan – Neighborhood Funds - IPA) to issue specific calls on a regular basis designated to benefit organisations in the domains discussed by the study.

Following Task 2 of the report, we have identified active projects and potential partners which cover aspects of the scope of the European Capability for Situational Awareness. This will enable an ECSA to structure close ties with experts in a variety of both intertwined and disparate fields. We have identified two types of stakeholders: direct and indirect stakeholders. We defined the criteria of selection in the following way.

Direct Stakeholders

These stakeholders implement projects which support the European Capability for Situational Awareness regarding internet interference, attacks and surveillance infringing on Human Rights These stakeholders implement projects which support the European Capability for Situational Awareness regarding internet interference, attacks and surveillance infringing on Human Rights and provide capabilities for Incident Detection , Analysis, Trend Analysis or Support to Mitigation for instance:

48

European Capability for Situational Awareness – Final Report

 Provide evidence to the occurrence of internet interference, attack or surveillance impinging on Human rights

 Support collection of evidence from on-the-ground sources (in particular supporting safe engagement with at risk groups)

 Analyse occurrences of internet interference, attack or surveillance impinging on human rights.

 Develop methodologies which support the detection, analysis or mitigation of internet interference, attack or surveillance impinging on human rights.

These stakeholders should also fulfil the following criteria:

 Dedicated efforts: These organizations should have shown sustained and dedicated efforts to achieve the goals defined above.

 Independence: The organisation is not directly or indirectly controlled by inter-governmental agencies, governmental agencies, internet industry or telecom industry.

 European: The organization is based in Europe.

Example of sectors and projects that could be considered as direct stakeholders in the Internet and Human Rights sector and potential federation member (see table of reference below)

 International CSOs: Human Rights sector (Amnesty International, Tactical Tech, Frontline Defenders, etc.), Media development sector (see GFMD international and local membership), with network in affected countries.

 Technology Providers developing dedicated tools for the Internet and Human Rights field (Network interference detection, Circumvention tool development, Secure communication tool development, etc.).

 Research (computer science, computer security research, political sciences, etc.) researching and developing methodologies for the collection and analysis in the field of Internet and Human Rights.

Indirect Stakeholders

Indirect stakeholders are actors whose involvement can assist in having an integrated discussions about a component of the European Capability for Situational Awareness.

 Civil society partners: Local CSOs (in countries affected by Internet and Human Rights infringements), Humanitarian activists, Media organisations, Data journalists, Open Data institutions and networks,

 Monitoring partners collecting data of internet interference, attacks or surveillance without an explicit focus on human rights (such as RIPE),

49

European Capability for Situational Awareness – Final Report

 Research partners researching in fields which can provide additional context to Internet and Human Rights issues,

 Industry partners managing services or infrastructure which are corrupted in the case of internet interference, attacks or surveillance.

 Institutional partners (Parliament, Commission services, CoE, etc.). Government agencies (EU Member states foreign offices).

Table 11.1: Map of ongoing direct stakeholder projects

Areas of expertise Organizations ECSA component

OONI Internet censorship The Chokepoint Project Incident detection monitoring Alkasir

The Chokepoint Project Trend Analysis

Internet surveillance CAUSE Privacy International Incident detection

The Chokepoint Project Trend analysis

Network attacks Radically Open Security Incident detection

The Chokepoint Project Trend analysis

Oxford Internet Institute Methodologies Center for Internet and Human Rights The Engine Room Trend analysis The Chokepoint Project

Local analysis and Local partnerships and local organizations with civil Incident detection & monitoring society objectives for example: Incident analysis Bytes for ALL (Pak) – SKEYES (Leb) – Institute for Development of Freedom of Expression (Geo)

Social effects of censorship Small Media Trend analysis

The Chokepoint Project

Mitigation support Alkasir Circumvention

GIS Watch Trend analysis The Chokepoint Project

Secure hosting Virtual Roads Greenhost Mitigation support

Digital security Tactical Technology Collective Trend analysis & Frontline Defenders Globaleaks Mitigation support

Policy/Legal GIPO Trend analysis The Chokepoint Project La Quadrature du Net

50

European Capability for Situational Awareness – Final Report

2. Supporting the Sectors Participating in European Situational Awareness

The second aspect of our recommendations touches upon a need of structural support for sectors participating in the Internet and Human Rights field in Europe. This support should help anchor sustainably research, capacity building and technology initiatives and strengthen the foundations of monitoring human rights online.

Within the EU, it is the role of the European External Action Service (EEAS) to promote and defend human rights internationally, DG-CONNECT has the expertise in ICT and its role is to ensure the integrity of the global internet, DG-DEVCO is the main ERU stakeholder in support to local civil society and Democracy and Human Rights development, DG HOME/JUSTICE is responsible for the defence of European citizens' rights, DG RESEARCH for the support to interdisciplinary research on Internet and Human Rights.

Given the complexity of the Internet an d the many issues surrounding the defense of Human Rights and the Internet we strongly recommend that DG Connect leads the establishment of an internal permanent EU task force to improve the coordination of DGs and services involved in Internet and Human Rights, particularly to provide a focal point for external stakeholders.

We have summarized here the different needs and gaps within different sectors and the role that specific EC services could play to support these needs and address these gaps.

Academia Support interdisciplinary research tracks, fellowships, journals, and conferences to establish the methodological and scientific foundations of the space and enable evidence backed policy making. Initiate international academic partnerships. Initiate more collaborations with local organisations and international NGOs.

European interdisciplinary academic networks within the scope of the Internet and Human Rights sector are lacking. We could solely identify the Network of Excellence in Internet and Science network (supported by DG Connect) which enhances academic cooperation on a wide range of topics related to the European digital agenda, and which would support the kind of work the European Capacity Situational Awareness aims at doing. However as this initiative will not continue within the framework of Horizon 2020, there is a missing gap that could be filled.

Supported by the following DGs JRC / RTD: Support interdisciplinary research tracks, fellowships, journals, and conferences to establish the methodological and scientific foundations of the space and enable evidence backed policy making. Mitigate for the important gaps in global coverage related to data collection and analysis resulting from gaps in funding.

Supported by DG Connect: Extend the mandate of the existing Network of Excellence in Internet and Science and transform it to fit in the research agenda of an interdisciplinary network working specifically

51

European Capability for Situational Awareness – Final Report

on Internet and Human rights matters. The platform (or a new one) will also support the deployment of internet monitoring infrastructure within member states on one hand and on other hand spread the methodology and the technology to non-member states.

It would be meaningful for DG Connect to see whether Horizon 2020 and the funding mechanism related to that could be used to stimulate interdisciplinary research work.

Local Civil Society

Support stakeholders working in countries and regions where human rights online are at risk, support the development of capacity of local organisations to take part in the monitoring, analysis and mitigation of incidents to allow information from these publishers to flow into an ECSA as it develops.

Technical Professional Communities

It would be advisable to enable more collaboration with other sectors; to establish a Civil Society CERT19; and publish more open data usable by civil society about infrastructures (including on mobile apps and social networking sites). CONNECT / EEAS: Support and promote the Human Rights dimension of the work of technical professional communities. Support innovation, piloting and deployment of measurement and mitigation tools and infrastructure playing a role in identifying and supporting mitigation of human rights violations.

International CSOs

Assist in the implementation of sound information publishing processes and methodologies. DEVCO / DG CONNECT: Facilitate the interoperability with the Internet and Human Rights sector efforts.

ICT Industry Sector

Collaborate on Human Rights impact assessments. Support partnerships around research. Enable partnerships around advocacy and responsible disclosure about civil society targeting. TRADE/CONNECT: Support the identification and control of sales of surveillance and attack technology.

The table below holds a schematic overview of recommendation set 2, Supporting the Sectors Participating in European Situational Awareness.

19 The idea of a Computer Emergency Response Team for Civil Society is a currently emerging project within the community of digital security experts responding to civil society computer emergencies.

52

European Capability for Situational Awareness – Final Report

Table 11.2: Schematic overview of Recommendation set 2

Stakeholder EC Service

Academia: DG JRC / DG RTD: Support interdisciplinary research, fellowships and Support interdisciplinary research, fellowships and conferences to establish the scientific and conferences to establish the scientific and methodological foundations of the space and enable methodological foundations of the space and enable evidence backed policy making. evidence backed policy making. Initiate international academic partnerships. Mitigate for the important gaps in global coverage related to data collection and analysis resulting from Initiate more collaborations with local organisations gaps in funding. and international NGOs.

Local Organisations: DG EEAS / DG DEVCO: Support stakeholders working in countries and Improve the safety of communications with local civil regions where human rights online are at risk, society providing information about the situation on support the development of capacity of local the ground. organisations to take part in the monitoring, analysis HOME/JUSTICE (defend organisations against and mitigation of incidents. internet restrictions and attacks in Europe).

Technical Professional Communities: (including DG CONNECT / EEAS: computer security, network measurement, software Strengthen the connection between the technical engineering, etc) professional communities and the human rights Enable more collaboration with other sectors. dimension. Establish a Civil Society CERT. Support innovation, piloting and deployment of measurement and mitigation tools and infrastructure Publish more open data usable by civil society about playing a role in identifying and supporting mitigation infrastructures (including on mobile apps and social of human rights violations. networking sites).

International NGOs: DG DEVCO / DG CONNECT: Develop capacity and collaborations on analysis of Facilitate the interoperability of existing monitoring incidents and develop technical capacity to design platforms with the Internet and Human Rights sector and implement data driven initiatives. efforts. Collaborate more with academia on methodologies.

ICT Industry Sector: DG TRADE / DG CONNECT: Collaborate on Human Rights impact assessments. Support the identification and control of sales of surveillance and attack technology. Support partnerships around research. Enable partnerships around responsible disclosure about civil society targeting.

* We recommend DG Connect to stimulate interdisciplinary research through Horizon 2020. * We also recommend DG Connect to lead the establishment of an internal permanent EU task force to improve the coordination of DGs and services involved in Internet and Human Rights, particularly to provide a focal point for external stakeholders.

53

European Capability for Situational Awareness – Final Report

3. Cross-Sector Coordination through ECSA Secretariat & ECSA Technical Platform

Recognising that the organisations in the field that are already coordinating, collaborating and sharing do so on a global scale, and acknowledging the risks of duplication, fragmentation and narrow vision of systemic issues related to the nature of existing internet infrastructure, we strongly recommend against an European Capacity of Situational Awareness, which focuses exclusively on the European scope. Instead, we believe that the sustainable solution for such initiative will be to promote European values through a truly global vision supported by collaborations and infrastructure, designed to protect and promote human rights informed by expertise, evidence and science. These initiatives will also constitute appropriate platforms for the EU to develop a consistent and policy- oriented strategy regarding human rights application in Europe and at an international scale. Indeed, there is a huge potential to foster capacity and address gaps within each of the stakeholder sectors, which are essential in supporting monitoring, analysis and mitigation of Internet and Human Rights. A dedicated space - such as an ECSA Secretariat could prove invaluable in this pursuit.

ECSA Secretariat

We recommend the creation of an independent ECSA secretariat that will serve as the nucleus for an ECSA federation that organizes and coordinates the field. The ECSA secretariat will be tasked to convene the field at a regular basis (preferably twice but at least once per year) gathering all academic, civil society, corporate and institutional stakeholders mentioned in this chapter.

Such an independent secretariat is needed because of the lack of focused attention on Internet Censorship monitoring in relation to Human Rights in existing fora. Other fora serve a wider array of themes. For example the Freedom Online Coalition claims to foster the development of a free, safe and open Internet but has no focus nor intention to focus on Censorship monitoring). The Net Mundial initiative focuses on governance not on censorship measurement.

So the envisaged ECSA Secretariat should be linked and work in close coordination with the Net Mundial initiative and the Freedom Online Coalition where important stakeholders gather around questions of Human Rights and Internet and where ECSA efforts can be integrated and shared.

The ECSA secretariat could be hosted by one of the identified centers of internet censorship monitoring or created as a stand-alone option. Based on the current European efforts, the base of such a secretariat could then be in Berlin, London/Oxford or Amsterdam. If the choice is for a stand alone option, Brussels, near the EU institutions is also an option. To avoid additional exposure to risks and attack, co-location with an existing center where data security and safe operations are already guaranteed, is the preferred choice. It is absolutely vital that this ECSA Secretariat is created as soon as possible and we recommend that DG Connect issues a tender to fund and materialise the progress towards the ECSA federation as envisaged by DG Connect.

54

European Capability for Situational Awareness – Final Report

ECSA Technical Platform

In conjunction with the ECSA Secretariat and parallel to efforts towards the development of an ECSA federation, we recommend the development of an ECSA Technical Platform on the basis of a Minimum Viable Product, as a first step towards the long term effort of building both platform and federation. Such an effort can materialize quickly at modest cost. This would:

 Provide a focal point for all stakeholders in their efforts towards Situational Awareness and the protection of Human Rights.  Allow for uptake by stakeholders and engender a sense of ownership by the same.  Allow for improvement of use-cases and identification of the most relevant amongst these use- cases.  Provide for feedback and improvements of usability for the improved use-cases.

We suggest that DG connect issues a service contract to this end.

The Strategy forward to establish ECSA A progressive and iterative strategy should be implemented as follows:  Support integrators which coordinate and bring together various actors of the Internet and Human Rights practices such as the following organizations or academic institutions:

o Responders Coalition (NL) o CIHR (DE) o Oxford Internet Institute (UK) o The Engine Room (UK) o Freedom Online Coalition (UK) o The Chokepoint Project (NL) These integrators are some hubs we have identified - out of many more - that are able to connect with different stakeholders directly and indirectly involved in the European Capacity Situational Awareness. They are beneficial to an effort to sustain federated and integrated efforts of such a project as different actors with different agendas will join the conversation.

A. Develop the foundations for collaboration and enable communities of practice, cross-sector coordination and feedback loops with policy makers.

o Support the creation and animation of discussion spaces across civil society, academia and business in order to identify common objectives and build consensus around approaches to collaboration.

o Support the creation and animation of existing or new discussion spaces within EC institutions and member states to define how the policy space should structure

55

European Capability for Situational Awareness – Final Report

its interaction with civil society, academia and business in the long term and during crisis. This could be done by investing existing discussions spaces by fostering synergies and integration between different European projects through webinars and conferences.

o Contribute to the development of a "global digital rights agenda" including a roadmap and priorities for the field, steering the implementation of cross-cutting initiatives and collaboration and learning initiatives.

B. Support cross-cutting initiatives and technical infrastructure components for inclusion into an ECSA platform, focused on specific and well identified use cases that are of priority for stakeholders. Examples of such initiatives include:

o Support an ongoing mapping of the stakeholders, expertises and data sets available. (i.e. Data Catalogue).

o Educate and promote the development and adoption of compliance, ethical, quality, interoperability standards among stakeholders collecting or publishing data by developing a common framework of Data Governance.

o Benefit from the transversal expertise of the EU special representative on Human Rights. As “integrators” from civil society will be coordinating the main efforts to foster cross-cutting initiatives, the special representative, whose agenda is to enhance effectiveness and visibility of EU human rights policy, will endorse and support these tasks by facilitating the information coordination between sectors and by engaging with a wide variety of interlocutors.

Recognising that the organisations in the field that are already coordinating, collaborating and sharing to varying degrees of success, do so with a global focus, and acknowledging the risks of duplication, fragmentation and narrow vision of systemic issues related to the nature of existing internet infrastructure, we would recommend against an exclusively European scope. We believe that European leadership in promoting and defending human rights through a global vision supported by collaborations and infrastructure and informed by expertise, evidence and science will have better chances of a sustainable solution for such an initiative.

56

European Capability for Situational Awareness – Final Report

Summary: Recommendation Set #3 Cross-Sector Coordination and ECSA

We recommend a progressive and iterative approach towards federating the efforts across sectors:

 Support integrators which coordinate and bring together the various strands of the Internet and Human Rights practices by:

o Organise regular diplomatic coordination meetings with EEAS and member states' foreign diplomacy services in order to communicate findings from the Internet and Human Rights sectors and gather requests for analysis and areas of concern.

o Organise regular civil society meetings with local civil society, international NGOs and academia in order to communicate findings from the Internet and Human Rights sectors, to share lessons, collaborate on analysis and investigate concerns.

o Organise regular private sector meetings with ICT companies in order to communicate findings from the other Internet and Human Rights sectors and gather requests for analysis and areas of concern.

 Integrate cross-cutting initiatives and technical infrastructure components based on priorities established through consultations and requirement gathering and focused on specific and well identified use cases that are of priority for stakeholders.

We recommend the creation of an independent ECSA secretariat that will serve as the nucleus for an ECSA federation and that organizes and coordinates the field.

We also recommend to build an ECSA technical platform based on a Minimum Viable Product strategy based on currently available public data sources, either connected to this secretariat or as a stand-alone option, to integrate existing information and step by step build towards the desired automated data analysis platform that helps constitute and supports ECSA.

57

European Capability for Situational Awareness – Final Report

12. Roadmap

Outline

In this roadmap, we envisioned that only a minimal set of additional resources are available to support the coordination or integration of existing initiatives. We also consider that the social-political context is mostly following current trends.

More specifically with regards to the set of recommendations #1, the support to the existing European pillars of the Internet and Human Rights sector would happen through existing instruments.

Existing mechanisms to support interdisciplinary research which affect the Internet and Human Rights sector should also be encouraged to open multi-stakeholder collaboration spaces, in particular with civil society organisations working in this field. An example of such work was done with a workshop organised by the EC in 2012. This approach is also used successfully by Citizen Lab in Canada with the 3rd year of their Summer Institute which is playing a key role in connecting the global Internet and Human Rights ecosystem centered around interdisciplinary research on internet censorship, attacks and transparency.

International NGOs and academia should aim to establish partnerships around methodologies, detection and analysis of incidents. Local Civil Society should attempt to develop partnerships which allows to grow its capacity in monitoring methodologies and tools, information security and other mitigation techniques.

With regards to the recommendations set #2, EC services should aim to develop an integrated agenda for Internet and Human Rights including a research and monitoring component which supports situational awareness of decision makers and affected or vulnerable populations. This agenda should be published and help academia, NGOs, private Sector and other stakeholders to identify which EC DGs and Services have mandates that are connected to the internet and human rights sector, which focal points can be contacted about specific issues and which instruments and sources of funding are available. The set-up of a permanent internal EU task force to improve the coordination of DGs and services involved in Internet and Human Rights is recommended also to provide a focal point for external stakeholders. Within the EC, the EU Special Representative on Human Rights could be using its convening power and global mandate to support the coordination of diplomatic meetings, and the Industry Dialogue or GNI could help convene the ICT private sector.

58

European Capability for Situational Awareness – Final Report

With regards to the recommendations set #3: These efforts could be supported by a mix of existing EC instruments, private foundations and other sources. An ECSA coordination Secretariat should be set up by stakeholders which have been identified as integrators in the ecosystem. Its mandate should be to convene, bridge gaps and coordinate the circulation of information between different groups of stakeholders which are involved or affected by Internet and Human Rights incidents. With limited means it might focus on one country and draw on existing coordination mechanisms to access stakeholders (such as the Freedom Online Coalition, GFMD coordination, etc…). It could be led by a partnership of stakeholders which have demonstrated track record in building coalitions and existing trust relationships with different parts of the ecosystem. A Budget for such a Secretariat has been detailed by the consortium on an annual basis (ANNEX V). It is envisioned for the development of an ECSA Secretariat to be offered through an EC tendering process.

The development of an ECSA technical platform that is needed to visualize and inform on Censorship monitoring, the Study has concluded that it is feasible and should follow the route of incremental growth, based on the strategy of building a Minimum Viable Product (15 months). Based on currently available public data sources, it is feasible to develop a functioning technical platform that monitors different aspects of online interference and provides relevant legal and journalistic context. The development of a technical platform will also help mitigate obstacles and focus collaboration in the context of an ECSA federation. The Technical Platform can be a catalyst in the process of collaborative discovery and refinement between multiple stakeholders with un-precise or conflicting goals and objectives and stimulate interest and help shape discussion into concrete requirements. This way the technical platform can help structure goals and manage expectations in the fragmented, multi-stakeholder space that an ECSA must navigate.

A roadmap for the development of a technical platform is elaborated upon in detail in chapter 20 of the Supplementary Technical Report and is graphically presented in Annex V of this final report (budget for the MVP development period). As such an engineering effort is inherently a focused effort, it is envisioned for the design and development of a technical platform to be offered through an EC tendering process.

The strength of the Minimum Viable Product development strategy is that it understands development as a means to generate, evaluate and structure stakeholder participation. Based on this roadmap a detailed budget for a Technical Platform as a Minimum Viable Product is developed (ANNEX V).

Financing ECSA

In an ideal world the development of ta European Capability for Situational Awareness would go hand in hand with plenty resources from the EU, the Private Sector and EU member states. At the request of DG Connect the consortium assessed the likelihood of finding additional funders and resource contributions from other stakeholders. The consortium found that the likelihood of private

59

European Capability for Situational Awareness – Final Report

donations beyond 'data' amongst those consulted by the consortium is unlikely. EU member states should be asked about their willingness but this is beyond the scope of this study. As the consortium already concluded in task 1 of the study, more EU diplomacy is needed to help establish ECSA as many stakeholders need to be convinced about the crucial importance of Internet Censorship Monitoring.

A special policy effort is needed inside the EU institutions and beyond to encourage more support for the entire ecosystem of funding and funding sources for Internet Freedom, Internet Censorship monitoring and Internet & Human Rights broadly in Europe. The No Disconnect Strategy at this stage cannot support the pillars of Internet and Human Rights field in Europe and many of the other individual funding mechanisms have a broader scope and interest than Internet & Human Rights only. It would be advisable that DG Connect uses the task force mentioned earlier to revitalize the digital agenda inside the EU to create and cater more support for the ecosystem of organisations, both Civil Society, Private and Academia active in the field of Internet and Human Rights. It seems vital to also foster ties with the EU Member States to increase their available budgets for fostering the Pillars of Internet and Human Rights Field by engaging more with the Freedom Online Coalition and Swedish Internet Forum for example.

In the roadmap presented below the consortium therefore assumes that funding for the establishment of ECSA at this point can only come from the EU. Given the fact that the field is also fragmented and needs to be convened and developed in order to create a federation, there are two potential scenarios towards the establishment of ECSA. One 'urgent' scenario in which the EU takes the lead and funds both the Secretariat and the Technical Platform from day one and one 'incremental' scenario in which the Secretariat is established and one of its tasks is to work on resource development for the ECSA Platform and Federation.

Urgent Scenario

In Scenario 1 (‘urgent’) DG Connect sees ECSA as a key priority to lead the field of Internet Censorship Monitoring & Human Rights, funds the Secretariat and technical Platform, shapes diplomatic, legal, scientific and material efforts inside and outside the EU to support a large ecosystem for Internet and Human Rights by (amongst other things) establishing a broad basket fund for Internet and Human Rights:

Year 1 milestones:  EU Internal task force is established under the leadership of DG Connect to steer and coordinate efforts inside the EC towards Internet Censorship Monitoring & Human Rights  ECSA Secretariat established through a tendering process. First consultative meeting provide additional input and user needs for technical platform.  ECSA Technical Platform established through a tendering process, starts building, 6 months after the ECSA secretariat is established.  EU funding mechanisms (EiDHR, IPA, DAP, Horizon 2020 and others) issue calls for proposals for the support of vital actors in incident detection, incident analysis, incident mitigation and trend analysis

60

European Capability for Situational Awareness – Final Report

in the field of internet and Human Rights.

Year 2 Milestones  EU Internal task force leads diplomatic action to engage ICT industry and Governmental institutions in the EU and its member states in the field of Internet Censorship Monitoring.  ECSA Secretariat builds the foundation of an ECSA federation in a consultative process defining building blocks, procedures and  ECSA Technical Platform is operational from Q3 I year two  Internet & Human Rights Organisations, Research Institutes and other key integrators in the field are supported.

Year 3 Milestones  ECSA Federation established and connected with Academia and ICT Industry  ECSA Technical Platform includes technical data from all key integrators in the field.  Local Organisations empowered to contribute to Internet Censorship Monitoring & ECSA

Year 4 Milestones  EU has created and fostered a wider field of Civil Society, Industry and Government Institutions and is seen as leader in the field of Internet & Human Rights.  The ECSA Federation has a global outreach and leads the field of Internet Censorship Monitoring, contributing to global improvements of Human Rights on the Internet.  The ECSA Technical Platform is the source of reference for all stakeholders in the field and a 'sine qua non' for research and global watchdogs on Internet & Human Rights.

Incremental Scenario

In Scenario 2 ('incremental') DG Connect funds the start of an ECSA secretariat and mobilizes EC institutions through the creation of an EC Internal Task Force for support to Internet and Human Rights. As resources and coordination are lacking, these efforts take time to establish the desired ECSA federation and technical platform. Over time additional funders can be persuaded to fund the efforts on Internet Censorship Monitoring and gradually ECSA becomes a reality when and if diplomacy efforts and consequent priorities take root.

Year 1 Milestones  EU internal Task Force in support of Internet & Human Rights created and advocates internally for resource creation for Internet Censorship Monitoring.  ECSA Secretariat established and cooperates with stakeholders in the field and advocates for resource creation for Internet Censorship & Human Rights Monitoring

61

European Capability for Situational Awareness – Final Report

Year 2 Milestones  EU task force develops additional funding sources for ECSA.  ECSA Secretariat leads coordination meetings in the field and fosters sharing of information.  ECSA Platform in development as Minimum Viable Product.

Year 3 Milestones  ECSA Secretariat defines building blocks of an ECSA Federation  ECSA technical platform operational  Targeted funding available for federative efforts by additional donors

Year 4 Milestones  EU internal Task Force coordinates the EU Internet & Human Rights agenda  ECSA Federation established  Internet & Human Rights Funding available for Key Integrators

Year 5 Milestones  EU seen as relevant in the field of Internet & Human Rights  ECSA Federation grows and coordinates efforts on Internet Censorship Monitoring  ECSA technical platform expanded and one of the data sources in the fie

62

Timeline and planning in schedule

 Scenario 1: 'Urgent' Scenario: EC takes lead in integrated approach to Internet Censorship Monitoring & Human Rights

Year 1 Year 2 Year 3 Year 4 Year 5 * EU internal task force * EU internal task force * ECSA Federation * EU leader in the field of Scenario 1 mandated to coordinate reaches out to ICT Industry established and connected Internet Censorship 'Urgent' integrated support to and Institutions with Monitoring Internet & Human Rights * ECSA Secretariat defines Academia & ICT Industry * ECSA Federation * ECSA Secretariat starts building blocks of an ECSA * ECSA Technical Platform connections includes local operations and gathers Federation expanded to include data stakeholders & leads needs and user inputs * ECSA Technical Platform sets of key integrators Internet Censorship * ECSA Platform in operational * Local organisations Monitoring development as MVP * Internet & Human Rights empowered to contribute to * ECSA technical platform * EU calls for proposals to Funding available for Key Internet Censorship source of reference for all support vital actors Integrators Monitoring and ECSA stakeholders in the field

63

Timeline and planning in schedule

 Scenario 2: 'Incremental' Scenario: the EC provides assistance to coordination on Internet Censorship Monitoring & Human Rights

Year 1 Year 2 Year 3 Year 4 Year 5 * EU internal * EU task force develops * ECSA Secretariat defines * EU internal Task Force * EU seen as relevant in the Scenario 2 Task Force in support of additional funding sources building blocks of an ECSA coordinates the EU Internet field of Internet & Human 'Incremental' Internet & Human for ECSA Federation & Human Rights agenda Rights Rights created * ECSA Secretariat leads * ECSA technical platform * ECSA Federation * ECSA Federation coordinates * ECSA Secretariat begins to coordination meetings in the operational established efforts on Internet Censorship cooperate with stakeholders field and fosters sharing of * Targeted funding available * Internet & Human Rights Monitoring in the field and advocate for information. for federative efforts by Funding available for Key * ECSA technical platform resource creation * ECSA Platform in additional donors Integrators expanded and one of the development as MVP sources in the field

64

European Capability for Situational Awareness – Final Report

Measuring progress

As part of the roadmap we propose the following set of indicators to measure progress:  Capability of Pillars o Number of team members o Number of users of the produced data.  Capability of Sectors o EC Services . Number of staff working on Internet and Human Rights monitoring . Instruments supporting Internet and Human Rights monitoring . Perception from other sectors about the accessibility of EC services dealing with Internet and Human Rights monitoring o Academia . Number of interdisciplinary conferences, post-doc, journal articles o Local CSOs . Number of local CSOs participating in Internet and Human Rights monitoring . Gaps in geographic coverage. o Technical Professional Communities . o International NGOs . Number of data sets available about Internet and Human Rights monitoring o ICT Private Sector . Number of data sets available about Internet and Human Rights monitoring o Technology Solution Providers . Number of open data sets . Number of data consumers  Coordination o Cross-sector collaboration . Number of meetings with each sector . Number of requests and answers provided between sectors. . Number of cross-sector partnerships on specific projects o Technical platform . Number of potential user communities involved in requirement gathering . Number of users and use case definitions of technical platform

65

European Capability for Situational Awareness – Final Report

ANNEXES

66

European Capability for Situational Awareness – Final Report

Annex I. List of organisations - survey

The organisations that were contacted to fill out the survey during task 1 consultation round are presented in this Annex.

Table: Online survey and interviews

Project or organisation Category

NGOs

Centre for Democracy and Technology NGO

Groundviews NGO

Berkeley Institute for Free Speech Online NGO

Censorship in America NGO

Association for Progressive Communication NGO

Centre for Law and Democracy NGO

Crisis Mappers NGO

Digital humanitarian network NGO

Article19 (Tom Hughes) NGO

Pharos Observatory NGO

Centre for Internet Society NGO

WAN-IFRA (world association of newspapers and news publishers) NGO

Web Index (by the World Wide Web Foundation) NGO

Free Expression Policy Project NGO

Freedom House NGO

Frontline Defenders NGO

Global Internet Freedom Consortium NGO

Global Voices Advocacy (Threatened Voices project) (advox) NGO

Human Rights first (CSR – Surveillance – Privacy) NGO

Human Rights Watch NGO

ICT4Peace NGO

Icelandic Modern Media Institute = digital rights watch NGO

IFEX NGO

Index on Censorship (Kirtsy Hughes) NGO

Institute for Human Rights and Business (IHRB) NGO

International Federation for Human Rights (FIDH) NGO

67

European Capability for Situational Awareness – Final Report

Project or organisation Category

Internet & Jurisdiction Project NGO

Interrights NGO

IP Justice NGO

Privacy International (Carly Nyst) NGO

Great Fire (China) NGO

Journalism ++ (commercial) NGO

Media Legal Defence Initiative NGO

New America Foundation NGO

Telecoms sans frontieres NGO open knowledge Foundation NGO

Global Journalist Security (commercial) NGO

Open Society Foundations NGO

NLNet Foundation NGO

Human Rights NGOs (classic)

American Civil Liberties Union NGO

Amnesty International NGO

Internews Europe NGO

Media development NGOs

BBC Media Action NGO

International Media Support (IMS) NGO

Reporters Without Borders / Reporters sans Frontieres NGO

World Press Freedom Committee NGO

Committee to Protect Journalists NGO

Digital rights NGOs

Access Now NGO

Digital Rights Watch = Icelandic media NGO

Electronic Frontier Foundation NGO

Electronic Frontiers Australia NGO

European Digital Rights (EDRI) (Joe McNamee, Kirtsen Fiedler) NGO

Julia Group NGO

Quadrature du Net NGO

68

European Capability for Situational Awareness – Final Report

Project or organisation Category

Tool/Tech Related NGOs

Shadowserver Foundation NGO

Tactical Technology Collective (Stephanie Hankey) NGO

Tech Freedom NGO

Telecomix NGO

The Crypto Project NGO

The Guardian Project NGO

Tor project NGO

Ushahidi (non-profit tech company) NGO

Open Observatory of Network Interference NGO

Hermes Center NGO

Open Internet Tools Project NGO

CGIProxy NGO

SBC4D (commercial) NGO

Project Byzantium (commercial) NGO

Psiphon Inc (commercial) NGO

IT46 = external expert NGO

M-Lab NGO

NGOs pilot countries

Media Institute of Southern Africa NGO Angola

African Media Initiative NGO Angola

CIPESA: Collaboration on International ICT Policy in East and Southern Africa NGO Angola

Belarussian Association of Journalists NGO Belarus

Counterpart international NGO Belarus

International Media Support NGO Belarus

ASL19 NGO Iran

Small Media (Mahmood Enayat) NGO Iran

Reporters sans Frontieres NGO Iran

Freedom Network NGO Pakistan

Bytes for All NGO Pakistan

South East Asia Press Alliance NGO Pakistan

Bolo BHI NGO Pakistan

69

European Capability for Situational Awareness – Final Report

Project or organisation Category

Pakistan Press Foundation NGO Pakistan

Syrian Journalists Association NGO Syria

IWPR NGO Syria

Ana New Media Association NGO Syria

Syrian Network for Human Rights NGO Syria

Cyber-arabs.com NGO Syria

Tunisian Internet Agency NGO Tunisia

Reporters sans Frontières-Tunis NGO Tunisia

Liberty NGO UK

Open Rights Group NGO UK

Corporate

Renesys Corp

SIDN Corp

Industry Associations

Cable Europe Corp

AMS-IX Corp

European Competitive Telecommunications Association (ECTA) Corp

European Telecommunications Networker Operators’ Association (ETNO) Corp

RIPE NCC Corp

CIRCLE Corp

Telecommunications Industry Dialogue Corp

Networks Operators

AT&T Corp

British Telecom (BT) Corp

Deutsche Telecom Corp

KPN Corp

Mobistar Corp

NTT Group Corp

Orange Corp

Tele2 Corp

Telefonica Corp

TeliaSonera Corp

70

European Capability for Situational Awareness – Final Report

Project or organisation Category

Verizon Corp

Vodafone Corp

XS4ALL Corp

Online (OTT) Service Providers

Apple Corp

Bing Corp

Facebook Corp

Google Corp

Microsoft Corp

Mozilla Corp

Twitter Corp

Yahoo Corp

Network Equipment Vendors / Devices

Alcatel Corp

Cisco Corp

Ericsson Corp

Huawei Corp

Nokia Corp

Technicolor Corp

Security and Emergency Response Organisations

Arbor Networks (ATLAS system) Corp

Team Cymru Corp

Recorded Future Corp

Circl.lu Corp

SECDEV CORP/NGO

Academia

Alexander von Humboldt Institute for Internet and Society Academic

Berkman Center for Internet and Society (Harvard) Academic

Cambridge Computer Labatory Academic

Central European University - Center for Media and Communication Studies Academic

Citizen Lab (Univ of Toronto) Academic

Annenberg (Ben Wagner)

71

European Capability for Situational Awareness – Final Report

Project or organisation Category

European University Institute (Alexandro Calderaro) Academic

International Commission of Jurists Academic

Nexa Center for Internet & Society Academic

Oxford Internet Institute (Helen Margetts / Mark Graham) Academic

Ranking Digital Rights Academic

Research ICT Africa (for Angola) Academic

Universite Pantheon - Assas (Sorbonne) Academic

University of Amsterdam – System and network engineering Academic

University of Oslo - Centre for Research on Media Innovations Academic

University of Savoie Academic

Stockholm International Peace Institue Academic

Citizen Media Law Project NGO

Centre for Internet Society (Stanford) NGO govcom.org NGO

OpenNet Initiative NGO

Lund University Internet Institute Academic

Government

UNESCO Govment

Dutch Ministry of Foreign Affairs (Simone Halink) Govment

Swedish Ministery of foreign affairs Govment

DG – HOME Govment

EuropeAid Govment

IMON network iilab

Greenhost

GPD

GFMD

FPU

Ecorys

The Chokepoint Project

72

European Capability for Situational Awareness – Final Report

Annex II. Summary results of the workshop

A summary of the main results from the workshop that was organized in Brussels in June 5, 2015 is presented in this Annex.

Beneficiaries. The data and information generated by platform should in principle be open to everyone. Intended groups who will benefit from an ECSA platform will be:  The European Commission  National governments  Civil society organisations and activists and journalists  Academic users  General public

EC policy makers in particular expect that ECSA could help them to get access to (near) real-time information for rapid response, evidence based policy making, but also to support activists on the ground.

Ambitions. The perfect is the enemy of the good. The federation should be flexible and incremental. The EC believes that a platform generating more information than is currently available is better than to do nothing and have no additional information.

Private sector engagement. Private sector engagement is essential but difficult. The private sector has a wealth of relevant data by virtue of the systems they operate; but this information is not made freely available, for a variety of reasons. As there was no private sector present at the workshop, there is no first-hand account of these reasons. They are assumed to be primarily commercial and legal in nature.

Stakeholder engagement. It was widely felt that early and continuous engagement of stakeholders would be beneficial for an eventual swift take-off after the completion of the feasibility study. This could be an integrated part of the activities in the next phases of the study.

Elephant in the room. Open Net Initiative is the elephant in the room. ECSA could fill the gap left by ONI, but should aim to do so with much higher update rates.

Data and information. Data can be defined as structured machine-readable information.

Data availability and constraints. Task 2 and 3 will further elaborate on data availability and constraints. One of the next steps in the feasibility study concerns data governance to determine technical requirements that should be applied as a consequence of non-technical constraints in regards to prerequisites to the applicable processing, availability and accessibility methodologies of data flows.

Objectivity and clear semantics. The platform should be as neutral and objective as possible. Full objectivity can never be reached, since presentations of data almost always are – by definition – an

73

European Capability for Situational Awareness – Final Report

element of vision on interpretation of reality. Some data are more objective than others. This is in particular relevant for the non-technical data and information (related to legislation, events on the ground) and data that needs to be analysed and constructed out of information (the further you move along a chain of analysis, the less objective consequently presented data are). Representation of data will also incur subjective interpretations and decisions. To support objectivity concepts should be clearly defined, in the workshop cyber-censorship was mentioned as one such term.

Transparency. Due to the inherently normative nature of the ECSA exercise, and the unavoidable normative interpretation of data and information, transparency is essential. Transparency in sources, analysis and presentation in data is the best available alternative to absolute objectivity. ECSA should be as transparent as possible in how it arrives at its results and how it is structured.

Near real time availability. The platform should provide (near) real-time data and information. Updates should be made as frequent as the data or information changes. This will differ per type of data. Real time is not a relevant concept to apply to all data types. The barometer of RSF is a good example. Within its context, it publishes qualitative data very fast (within weeks or months) and does this in a structured format. Data presentation should allow such transformations to be followed over time to make a presentation data more insightful

Future evolution of the federation and platform. The feasibility study should look for flexible and extensible designs for collaboration that could evolve over time. Growth of a platform and collaboration is unlikely to succeed without trust. The organisation that runs a platform is likely to be primarily responsible for the creation of such trust.

Costs. Most potential stakeholders have highlighted the need for technical assistance and additional funding for engagement in the platform. In addition, ECSA should not underestimate the costs for platform development and maintenance. Storing and processing large data sets should also be supported by building capacity.

Stand-alone European facility. At the workshop on June 5th several experts raised doubts on the ability of developing a stand- alone exclusively European capability. They felt it might be difficult to achieve such, based on the currently available data sources identified. The current Demo, presented at the workshop for example, uses M-lab datasets. According to the experts, it would be sensible not to limit available data sets to European based organisations. Based on the discussion at the workshop the question whether European datasets suffice for ECSA, or which alternative globally available datasets could be used, will be further researched in task 2. A European effort should develop capabilities that do not exist yet. Benefits should also be reciprocal for data providers and data users.

Long term perspective. One of the central objectives of the feasibility study is to develop a broad data catalogue of required data and information, available to the platform – and analyse under which conditions

74

European Capability for Situational Awareness – Final Report

these are available. However the building of a platform and federation is a long term effort (cf. climate change domain took +10 years). This long term perspective should be safeguarded. Data that are not yet available, might be available and highly relevant in the future. Methods of blocking and filtering will change over time, technologies change, judicial constraints change, etc. This long term perspective and ambition should remain at the core of an ECSA.

User needs. Participants said it is hard to have 3 types of end-user and felt that the end-user will co- determine which organisations would be able to support a platform. Other participants do not see the potentially wide user-base as an obstacle; they feel that this effort should have an inherently data-centric approach and defined user groups as those represented at the workshop. Use cases for the ECSA platform need to be further researched. For this purpose interviews with EEC officials as well as potential users in pilot countries are advisable

75

European Capability for Situational Awareness – Final Report

Annex III. Data sources list

This data set is licensed under the Open Database License v1.0 http://opendatacommons.org/licenses/odbl/1.0/

The data sources list is divided into 4 sections: metadata, list of organisations, list of projects and a list of data sets.

76

Annex Data Sources List Metadata

This data set is licensed under the Open Database License v1.0 (http://opendatacommons.org/licenses/odbl/1.0/) Catalog Description Title European Capability for Situational Awareness - Data Catalogue Homepage https://imonetwork.eu/ Issued August 20th 2015 Publisher IMON Consortium Keyword Internet, Human Rights, Censorship, Cyber Attack, Surveillance Contact [email protected] Notes The ECSA Data Catalogue consolidates the data collection efforts conducted during the ECSA feasibility study. It aims to survey the Technical Notes The following sheets are organised in a way that will facilitate the export of the data catalogue in a data cataloguing system such as

Catalog Classes Definition Notes Organisations Stakeholders in the field of Internet and Human Rights. Potentially data sources, publishers of data This includes organisations contacted during the ECSA study, sets or project implementers. as well as from EC contact lists. The sheet is sorted by the following columns: EU / Direct / Indirect / Type / Name. The 3 last columns in light gray are calculated from the Projects and Data Sets sheets. Projects Research projects, data collection/analysis/publication projects, mitigation tools (such as The sheet is sorted by the following columns: EU / Direct / circumvention software) and other continuous activities implemented by organisations which might Indirect / Internet & Human Rights / Incident Detection / Incident represent capabilities for situational awareness in the field of Internet and Human Rights Analysis / Trend Analysis / Support Mitigation. The columns, Organisation, Country, EU, Direct and Indirect Stakeholders in dark gray are linked to the Organisation sheet. The last column in light gray is calculated from the Data Sets sheets. Projects implemented by multiple organisations might appear several times.

Data Sets Sets of data collected by a given Data Source with the same methodology and intent. Data sets The sheet is sorted by the following columns: EU / Direct / could be the results of one-off experiments or collection efforts, or data series. Articles that analyse Indirect / Internet & Human Rights / Interference / Attack / specific events related to Internet and Human Rights are also included. Surveillance / Human Rights / Background. The columns, Organisation, EU, Direct and Indirect Stakeholders in dark gray are linked to the Organisation sheet. Annex Data Sources List Metadata

Organisations Metadata Name Name of the organisation (including initials when relevant) EU Is the organisation based in Europe? Type See below Stakeholder Type URL Home page of the organisations Description Organisation description, including mission Direct Stakeholder These stakeholders implement projects which support the European Capability for Situational Calculated field : ORG.EU == True && ORG.PROJ.Type == Awareness regarding internet interference, attacks and surveillance infringing on Human Rights Detect || Analyse || Trend || Mitigate && ORG.PROJ.DATA.Category == ( Interference || Attacks || Surveillance ) && Human Rights Indirect Stakeholder Stakeholders which are essential players to have efficient and integrated discussions to ensure a Calculated field : MONITORING: ORG.PROJ.DATA.Category European Capability for Situational Awareness. == ( Background || Interference || Attacks || Surveillance || Human Rights ) && NOT INDUSTRY && NOT INSTITUTIONAL / INDUSTRY: ORG.Type == Private Sector (incl Network Operators / Online Service Providers / Network Equipment Vendors / INSTITUTIONAL : ORG.Type == Institutions / CIVIL SOCIETY: ORG.Type == International NGO || Local CSO || Media / RESEARCH: ORG.Type == Research

Stakeholder Type Definition Notes Research Universities, research organisations, think tanks and independent researchers Technology Provider Organisation or individuals developing or operating technology solutions directly related to the Internet and Human Rights sector. For instance, the development of dedicated monitoring infrastructure, data analytics or circumvention software. This doesn't include technology providers that do not directly target Internet and Human Rights such as telecommunication companies, or more generic internet platform providers. Local CSO Organisation operating within countries potentially impacted by information controls and involved in the Internet and Human Rights sector. International CSO International NGOs or other organisations working on a global scale in the Internet and Human rights sector Technical Professional CommunityProfessionals and professional organisations focused on monitoring and supporting the integrity of global communication networks including computer security, network measurement, software engineering which are not directly related to Human Rights. ICT Industry Commercial stakeholders providing Internet infrastructure and services. Institution Governmental organisations or organisations directly supporting government services, UN agencies, intergovernmental bodies, European institutions and other institutions Annex Data Sources List Metadata

Media organisations News organisation Only a small number of media organisations are listed given that there are a number of network organisations (such as the GFMD) or news data collection and analysis projects (such as GDELT or Phoenix) which provide a large number of media sources that could be relevant for background information.

Legal Organisations Law firms, policy advocacy organisations Note that law firms or organisations looking into legal and policy aspects of Internet and Human Rights were not a specific focus onf the ECSA feasibility study. However when such stakeholders have been identified they have been mapped. Other Other organisations involved in activities which can support or provide data that can help the detection, analysis or mitigation of interference, attacks or surveillence impinging on human rights

Countries Description Notes International Membership based organisations with an international membership, or international inter- governmental organisations. European Membership based organisations with a European membership or european inter-governamental organisations.

Projects Metadata Name Name of the project Organisation, Country Organisation implementing the project (Country from Organisation Data) ECSA Capability The project implements activities or produces data which provides specific capabilities. See ECSA Capability below. Internet & Human Rights (Calculated from Project Data Sets) The project produces data which addresses both Internet (Interference, Attacks or Surveillance) and Human Rights issues. Direct / Indirect Stakeholder (From Organisation Data)

ECSA Capability Definition Incident Detection Identify potential candidates for incidents of network interference, attacks or surveillance that impinge on human rights. This capability should augment existing efforts and be based on the collection and monitoring (possibly in near real-time) of a range of relevant and necessary sources, supported by the coordination of human verification. Incident Analysis Contextualise, investigate and report additional facts related to an incident. Requiring valid candidate incidents as inputs, the coordination of inter-disciplinary expertise feeding into a verification and data enrichment process in order Trend Analysis Enable longitudinal research and macro-analysis. This requires the identification and categorization of verified incidents, the availability of the data provenance and information about methodologies. Such macro-analysis might also require the existence of models which allows to answer "what if" questions. Support Mitigation Provide data in support of response or mitigation of incidents and enable the coordination of expertise around data analysis that can feed into technical mitigation approaches. This would require the evaluation of threats, risks and capabilities based on the analysis of verified incidents, possibly providing incident feeds to potential affected populations. Annex Data Sources List Metadata

Data Sets Metadata Notes Name Name of the dataset Project, Organisation, Organisation collecting, analysing or publishing the data set (Organisation, Country from Project Country Data) Internet & Human Rights The project implements activities or produces data which addresses both Internet (Interference, Attacks or Surveillance) and Human Rights issues. ECSA Data Category The project collects, analyses or publishes data about specific data categories. In the case of tools or educational resources, the category corresponds to the type of usage that the tool enables or that is described in the educational resource. In the case of research, the category corresponds to the type of methodologies that the research describes. See ECSA Data Category below.

Structured The type of structure that the data implements. See Data Structure below. A few data sets allow reproducible analysis, but given that it's such a minority this category hasn't been included.

Publicly Available The data set is publicly available for download. No datasets focused on Internet and Human Rights that we identified used open data licenses. Restricted Access The data set can be accessed on request, after payment, or by satisfying specific license terms. Note: Some data sets have publicly available data as well as restricted access data.

ECSA Data Category Definition Background The project is providing data which can be useful to contextualise events in the Internet and Human Rights sector, but do not directly relate to Network measurement or Human Rights violation monitoring. Network interference The project is directly providing information about the network infrastructure that are relevant to the Internet and Human Rights sector Network attacks The project is directly providing information about attacks on, or vehicled by the network infrastructure that are relevant to the Internet and Human Rights sector Network surveillance The project is directly providing information about surveillance of the network infrastructure that are relevant to the Internet and Human Rights sector Human Rights The project is directly providing information about human rights that are relevant to the Internet and Note: In some cases (for instance OONI) the human rights Human Rights sector category has also been selected given a track record of the organisation of implementing or partnering with other organisations implementing human rights projects.

Data Structure Definition Unstructured Information presented in a format that cannot be directly or easily processed by a computer. Such information includes for instance studies or analytical reports. Semi-Structured Information presented in a format which has consistent categories or metadata which helps the classification of content by a computer. This also includes: PDFs or web pages with relatively consistent headings (which can therefore be scraped), as well as maps which don't expose a public API. Structured Information available in a format directly readable by a computer, in particular such content should provide metadata that can be used to consistently interpret the nature of the data. Annex Data Sources List: Organisations

This data set is licensed under the Open Database License v1.0 (http://opendatacommons.org/licenses/odbl/1.0/) Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Bureau of Investigative journalism United International http://www.theburea We pursue research, investigations, reporting and analysis which is of public benefit by Yes Direct Kingdom CSO uinvestigates.com/ undertaking in depth research into the governance of public, private and third sector organisations and their influence. Free Press Unlimited Netherlands International https://www.freepres Helps local journalists in war zones and conflict areas to provide their audience with Yes Direct CSO sunlimited.org trustworthy news and information. Frontline Defenders Ireland International http://www.frontlined protecting human rights defenders at risk, people who work, non-violently, for any or all Yes Direct CSO efenders.org/ of the rights enshrined in the Universal Declaration of Human Rights (UDHR) Hermes Center for Transparency Italy International http://logioshermes. Supports and develops free software including whistleblowing free-software solution Yes Direct and Digital Human Rights CSO org/ named “GlobaLeaks”, with the purpose of increasing the Freedom of Speech online. The lead developer of OONI is a founding member. HIVOS Netherlands International https://www.hivos.or International development organisation guided by humanist values. Together with local Yes Direct CSO g/ civil society organisations in developing countries, Hivos wants to contribute to a free, fair and sustainable world Index on Censorship United International http://www.indexonc Index combines reporting and monitoring from around the world to expose and raise Yes Direct Kingdom CSO ensorship.org/ awareness of attacks on free speech Institute for War and Peace United International https://iwpr.net/ IWPR supports citizen and professional journalists, human rights and peace activists, Yes Direct Reporting IWPR Kingdom CSO policymakers, educators, researchers, businesses, and women’s, youth and other civil society organisations and partners. Privacy International United International https://www.privacyi investigates the secret world of government surveillance and expose the companies Yes Direct Kingdom CSO nternational.org/abo enabling it. We litigate to ensure that surveillance is consistent with the rule of law. ut-us/who-we-are

Qurium United International https://www.qurium. Provides hosting and security services for civil society organisations. Yes Direct Kingdom CSO org/ Reporters Without Borders France International http://en.rsf.org/ NGO promotes and defends freedom of press, freedom of information and fights cyber Yes Direct CSO censorship. Creates annual Press Freedom Index Small Media United International http://smallmedia.co Action lab, aiming to promote free flow of information in closed societies, especially Iran. Yes Direct Kingdom CSO / Analyses the flow of information and provide solutions to improve it, through training and technology. Monthly Internet and Policy report on Iran. Internet filtering

Tactical Technology Collective Germany International https://www.tacticalt Focusses on the use of data, design and technology in campaigning through Yes Direct CSO ech.org/ our Evidence & Action programme, and on helping activists understand and manage their digital security and privacy risks through our Privacy & Expression programme. the engine room United International https://www.theengi The Engine Room helps to develop and improve useable resources for activists, to Yes Direct Kingdom CSO neroom.org/ effectively collect and use data for advocacy. TER provides access to technical resources, strategic guidance, information about comparable projects, and project mentorship. La Quadrature du Net France Local CSO http://www.laquadrat Advocates for the adaptation of French and European legislation to the founding Yes Direct ure.net/ principles of the Internet, most notably the free circulation of knowledge. Encourages citizen participation in public debates on rights and freedom in the digital age.

The Julia Group Sweden Research http://www.juliagrup Julia Group is a non-profit organization working for a free and open internet. Yes Direct pen.se/ Tilburg University Netherlands Research https://www.tilburgu Tilburg Institute for Law, Technology and Society - TILT Yes Direct niversity.edu/resear ch/institutes-and- research-groups/tilt/ Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder CAUSE United Technical http://globalcause.n Call for action from national governments and regional institutions, as well as raising Yes Direct Kingdom Professional et/ wider awareness of the privatised surveillance industry and the damaging impact the Community technologies have on human rights. Chokepoint Project Netherlands Technical https://chokepointpr Chokepoint is a non-profit organisation that collects, analyzes and reports on data Yes Direct Professional oject.net/about-2/ relating to network neutrality and civil rights in the digital domain. Community Global Partners United Technical http://www.gp- Global Partners Digital is a social purpose company working to build an internet Yes Direct Kingdom Professional digital.org/ environment based on and governed by human rights principles. Community Open Rights Group United Technical https://www.openrig Scrutinise and critique the policies and actions of governments, companies, and other Yes Direct Kingdom Professional htsgroup.org/ groups as they relate to the Internet. Community Your Freedom Germany Technology http://your- Provides VPN-tunneling, firewall & proxy bypassing, anonymization and anti-censorship Yes Direct Provider freedom.net/ solutions. School of Information Sciences Finland Research http://www.uta.fi/sis/ (Päivikki Karhula and Reijo Savolainen research project 2012) Yes Research University Tampere en/index.html Buggedplanet Germany International http://buggedplanet.i Wiki vendors on Sigint Comint/ LI and supporting technologies and systems Yes Monitoring CSO nfo/index.php?title= Main_Page International Commission of Switzerland International http://www.icj.org/ Protects human rights through the rule of law by using its expertise to develop and Yes Monitoring Jurists CSO strengthen national and international justice systems. AMS-IX Netherlands Technical https://ams-ix.net/ Independent Internet Exchange based in Amsterdam. Interconnecting hundreds of Yes Monitoring Professional networks by offering professional IP exchange services, also called peering services. It Community aims at maintaining strong, well set-up exchanges attributed to the resilience and stability of the Internet as a whole. Andy Muller-Maguhn Germany Technical http://berlin.ccc.de/~ Yes Monitoring Professional andy/ Community European Internet Exchange European Technical https://www.euro- Founded in 2001 with the intention to further develop, strengthen and improve the Yes Monitoring Points Association (Euro-IX) Professional ix.net/ Internet Exchange Point (IXP) community. Euro IX coordinates technical standards, Community develops common procedures, and share and publish statistics and other information.

Netcraft United Technical http://www.netcraft.c Yes Monitoring Kingdom Professional om/ Community Netnod Sweden Technical http://www.netnod.s Neutral and independent Internet infrastructure organisation based in Sweden. Yes Monitoring Professional e/about Community RIPE NCC Netherlands Technical https://www.ripe.net/ The RIPE NCC is an independent, not-for-profit membership organisation, one of five Yes Monitoring Professional Regional Internet Registries (RIRs) providing Internet resource allocations, registration Community services and coordination activities that support the operation of the Internet globally.

Security Research Labs Germany Technology https://srlabs.de/ Collective of like-minded individuals that gather to work on research topics where the Yes Monitoring Provider faintest hint of evolutionary qualities can be found. Computer Incident Reponse Luxembourg Institution http://www.circl.lu/ Government-driven initiative designed to provide a systematic response facility to Yes Institutional Center Luxembourg CIRCL computer security threats and incidents. Council of Europe France Institution http://www.coe.int/e Yes Institutional n/ European Commission - DG European Institution Yes Institutional CONNECT Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder European Commission - Joint European Institution Yes Institutional Research Centre (JRC) European Court of Human Rights European Institution Yes Institutional

European Union Agency for European Institution http://fra.europa.eu/ Provides expert advice to the institutions of the EU and the Member States on a range Yes Institutional Fundamental Rights FRA en of issues. FRA helps to ensure that the fundamental rights of people living in the EU are protected. European Union Agency for European Institution https://www.enisa.e ENISA is helping the European Commission, the Member States and the business Yes Institutional Network and Information Security uropa.eu/ community to address, respond and especially to prevent Network and Information Security problems. European Union External Action European Institution http://www.eeas.eur Yes Institutional EUEA opa.eu/index_en.ht m Eurostat European Institution http://ec.europa.eu/ Provide the European Union with statistics at European level that enable comparisons Yes Institutional Yes eurostat between countries and regions. RSOE EDIS Hungary Institution http://hisz.rsoe.hu/ Monitors and documents all the events on the Earth which may cause disaster or Yes Institutional emergency. RSOE EDIS are monitoring and processing several foreign organisation's data to get quick and certified information. The Greens European Institution http://www.greens- European coalition of Green political parties Yes Institutional efa.eu/ Cyber Ghost Germany ICT Industry CyberGhost VPN allows you to surf the Internet freely Yes Industry Deutsche Telekom Germany ICT Industry Yes Industry iilab United ICT Industry https://iilab.org Yes Industry Kingdom Open Data Institute ODI United ICT Industry http://opendatainstit We enable anyone to learn and engage with open data, and empower our teams to help Yes Industry Kingdom ute.org/ others through professional coaching and mentoring. Posteo Germany ICT Industry Yes Industry TeliaSonera Sweden ICT Industry Yes Industry Vodafone United ICT Industry http://www.vodafone one of the first communications operators in the world to provide a country-by-country Yes Industry Kingdom .com/content/index. analysis of law enforcement demands received based on data gathered from local html licensed communications operators. BBC United International http://www.bbc.co.u RSS feeds from the BBCMA blog and newsletter show highlight policy papers on media Yes Civil Society Kingdom CSO k/mediaaction/# assistance several times per year and BBC MA projects. geographical desks and offices will have regular internal progress reports on projects and country situation.

Canal France International CFI France International http://en.cfi.fr/ Ministry of Foreign Affairs and International Development's media cooperation agency. Yes Civil Society CSO Coordinatesand leads France's media development assistence in developing countries

Gov uk United Government https://www.gov.uk/ Portal distributes governement services and information on policies, announcements, Yes Kingdom Agency publications, statistics and consultations Aulofee France ICT Industry http://www.aulofee.c Yes om/fr DLA Piper United ICT Industry http://blogs.dlapiper. DLA Piper is a multi national law firm with one of the largest global Data Privacy and Yes Kingdom com/privacymatters/ Protection teams,data protection and privacy legal services, advice and solutions to clients locally and worldwide. Internet Watch Foundation IWF United ICT Industry https://www.iwf.org. We help internet service providers and hosting companies to combat the abuse of their Yes Kingdom uk/about-iwf networks through our ‘notice and takedown’ service which alerts them to criminal (child abuse and criminally obscene adult) content so they can remove it from their networks. Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder opencorporates United ICT Industry https://opencorporat The Open Database of the corporate world. Paid version or open data Yes Kingdom es.com/ Tele2 Sweden ICT Industry Yes Telenor Norway ICT Industry Yes XS4ALL, Access for All Netherlands ICT Industry Yes European Internet Foundation European Institution https://www.eifonlin EIF’s mission is to support Members of the European Parliament from all political Yes e.org/ groups in their efforts to shape policy and regulation responsive to the growing potential of the internet and new technologies. European Union European Institution http://europa.eu/ind Yes ex_en.htm European Union Institute for European Institution http://www.iss.europ Dealing with the analysis of foreign security and defense policy issues. Aims to start Yes Security Studies a.eu/home/ discussions European Union Joint Situation European Institution Integrated with European External Action Service Yes Center (SITCEN) Amnesty International United International http://www.amnesty. Human right advocacy Yes Kingdom CSO org/ Article 19 United International http://www.article19. ARTICLE 19 is campaigning with people around the world for the right to exercise the Yes Kingdom CSO org/index.php rights to freedom of expression and freedom of information Bits of Freedom Netherlands International Yes CSO Deutsche Welle Akademie Germany International http://www.dw.de/dw-Support the development of free and transparent media systems, quality journalism and Yes CSO akademie/media- advanced media skills. development/s- 12120 FOJO Institute Sweden International http://www.fojo.se/re internal reports and some public on media situation in closed countries and exile media Yes CSO search- publications/in- english GFMD Belgium International www.gfmd.info The Global Forum for Media Development (GFMD) is an international membership Yes CSO network of media assistance groups that highlights the importance of independent, pluralistic and sustainable media in social and economic development.\

Global Information Society Watch - Netherlands International http://www.giswatch. The long term goal of the project is to build policy analysis skills and ‘habits’ into the Yes GISwatch CSO org/ work of civil society organisations that work in the areas of ICT for development, democracy and social justice International Media Support Denmark International http://www.mediasu internal reports and regular feeds, assessment and studies on media in closed or post Yes CSO pport.org/publication conflict countries (Syria, Myanmar, Nepal etc) s/ Map Action United International http://www.mapactio MapAction delivers this vital information in mapped form, from data gathered at the Yes Kingdom CSO n.org/ disaster scene. Creating a 'shared operational picture' is crucial for making informed decisions and delivering aid to the right place, quickly. MICT International Germany International http://www.mict- audience research on conflict areas (Syria, Afghanistan) Yes CSO international.org/ Telecoms Sans Frontières France International http://www.tsfi.org/in Specialized in reliable emergency telecommunications services Yes CSO dex.php The Observatory for the Protection France International https://www.fidh.org/ daily reports of incidents related to Human rights defenders harassment, enabling Yes of Human Rights Defenders (FIDH CSO Appels- environment and legislation (direct data source structured hacked link: and OMCT) Urgents?lang=en https://www.fidh.org/spip.php?page=backend&lang=en&id_mot=27) Association Electronique Libre Belgium Local CSO ? Yes (BE) Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Confederation of European Belgium Local CSO http://www.cecua.or Yes Computer User Associations g/ OWNI France Media http://owni.eu/ Web site on digital culture Yes Radio Netherlands World Wide Netherlands Media Yes Radio Zamaneh Netherlands Media Yes Alexander von Humboldt - Institute Germany Research www.hiig.de/en/ The Institute for Internet and Society serves as a platform for academics and strives to Yes for Internet and Society encourage the co-operative development of projects, applications and research networks. Centre d’Excellence en Belgium Research https://www.cetic.be Yes Technologies de l’Information et / de la Communication Centre for European Policy Belgium Research http://www.ceps.eu/ Yes Studies Centre Nationale de la Recherche France Research Yes Scientifique (CNRS) Chalmers University of Sweden Research Yes Technology Consorzio Nazionale Italy Research Yes Interuniversitario per le Telecomunicazioni Delft Technical University Netherlands Research Yes Digital Methods Netherlands Research https://www.digitalm The Digital Methods Initiative is a contribution to doing research into the "natively Yes ethods.net/Digitalm digital". (university course) ethods/WebHome

Digitale Gesellschaft Germany Research Yes Ecole Polytechnique Federale de Switzerland Research Yes Lausanne (EPFL), Switzerland

European University Institute Italy Research Yes European University Institute Italy Research Yes Free University of Brussels (ULB) Belgium Research Yes

Institute of Computer Science Greece Research Yes (ICS) Kobenhavns Universitet (KU) Denmark Research Yes Law faculty of the University of Netherlands Research Yes Groningen Moment Project European Research http://webcache.goo last document 2008 Yes gleusercontent.com/ search?q=cache:hG hLqFXUNsIJ:ftp://ftp .cordis.europa.eu/pu b/fp7/ict/docs/future- networks/projects- moment- factsheet_en.pdf+& cd=1&hl=en&ct=cln k&gl=de Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Oxford Internet Institute United Research http://www.oii.ox.ac. Research on internet surveillance and Chinese filtering. Josh Wright Yes Kingdom uk/ Politecnico di Torino, Italy (NEXA Italy Research Yes Center for Internet & Society)

Raoul Wallenberg Institute of Sweden Research http://rwi.lu.se/ The Raoul Wallenberg Institute of Human Rights and Humanitarian Law is an Yes Human Rights and Humanitarian independent academic institution, founded in 1984 at the Law Faculty at Lund University Law in Sweden RWTH Aachen University Germany Research http://www.rwth- Yes aachen.de/ Salzburg Research Austria Research Yes Forschungsgesellschaft, Austria Swedish Institute of Computer Sweden Research Yes Science (SICS), Sweden Swedish University of Computer Sweden Research Yes Networks (SUNET), Sweden Technical University of Crete Greece Research Yes (TUC), Greece The European Traffic Observatory European Research http://www.etomic.or project has ended Yes Measurement Infrastructure g/ (ETOMIC) Universidad Autonoma de Madrid, Spain Research Yes Spain Universidad Pública de Navarra Spain Research Yes (UPN), Spain Universite Catholique de Louvain Belgium Research Yes (UCL), Belgium University of Aarhus Denmark Research Yes University of Oslo – Centre for Norway Research Yes Research on Media Innovations University of Oxford (UOXF.DR), United Research Yes UK (Oxford Internet Institute) Kingdom University of Zurich Switzerland Research Yes Nurpa (Net Users Rights Belgium Technical http://nurpa.be/actu Net Users' Rights Protection Association · Citizen advocay group promoting and Yes Protection Association) Professional alites/ protecting human rights online. Works with or against politics Communities Council of European National Top European Technical https://centr.org/ Forum of exchange of information, reporting, news service, worshops. Statistics on Yes Level Domain Registries (CENTR) Professional demand for members. Community European Digital Rights (EDRI) Belgium Technical http://edri.org/ developments that have the attention of European Digital Rights are data retention Yes Professional requirements, copyright and fair use restrictions, cybercrime, filtering and blocking of Community internet content and notice-and-takedown procedures of websites. FAIFE Netherlands Technical http://www.ifla.org/a FAIFE monitors the state of intellectual freedom within the library community world-wide, Yes Professional bout-faife supports IFLA policy development and co-operation with other international human Community rights organisations, and responds to violations of free access to information and freedom of expression. Floss Manuals Netherlands Technical Yes Professional Community Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Foundation for Information Policy United Technical http://www.fipr.org/ Think tank for Internet policy in Britain. Yes Research Kingdom Professional Community Fox IT Netherlands Technical https://www.fox- Cyber security for government, defense, law, banking, critical infrastructure and Yes Professional it.com/en/ comercial enterprise worldwide Community Global Cyber Security Centre Italy Technical http://www.gcsec.or A hub of cooperation and innovation aimed at developing and disseminating knowledge Yes Professional g/ and awareness on Cyber Security. Policy and training Community Icelandic Modern Media Institute Iceland Technical https://en.immi.is/ IMMI seeks ways that will enhance and empower freedom of expression, freedom of Yes Professional speech, dissemination of information and publication within Iceland as well as ensuring Community source protection and whistleblower protection. iRights.info Germany Technical http://irights.info/ Information platform and online magazine. Information on copyrights and other digital Yes Professional rights Community Journalism++ France Technical http://www.jplusplus. agency fo data-driven storytelling Yes Professional org/en/#what-we-do Community Middle East Monitor United Technical https://www.middlee information gathering, analysis and dissemination of the conflict in the Middle-East Yes Kingdom Professional astmonitor.com/ Community Open Knowledge Foundation United Technical https://okfn.org/ Open Knowledge is a worldwide Open Data oriented non-profit network, using Yes Kingdom Professional advocacy, technology and training to unlock information and enable people to work with Community it to create and share knowledge Open Spending United Technical http://community.op OpenSpending is community driven and exists to “map the money worldwide” – that is, Yes Kingdom Professional enspending.org/ to track and analyse public financial information globally Community Radically Open Security Netherlands Technical https://radicallyopen Yes Professional security.com/ Community Responsible Data Forum United Technical https://responsibled The Responsible Data Forum is a series of collaborative events, to develop useful tools Yes Kingdom Professional ata.io/ and strategies for dealing with the ethical, security and privacy challenges facing data- Community driven advocacy. SBC4D France Technical http://www.sbc4d.co specializes in research & development, program management and execution in the Yes Professional m/ ICTD sector. Community Telecomix France Technical http://telecomix.org/ chaotic conception of technological societies, a way of life for the encrypted future, and Yes Professional a plan to redistribute the distributed networks that make up the world siphonophore Community IT46 Sweden Technology http://www.it46.se/in Convinced that information technology can play an important role in making Yes Provider dex.php development sustainable. (last update website in 2012) JonDos Germany Technology https://anonymous- ip changer proxy tool You may use JonDonym for anonymous surfing, anonymous e- Yes Provider proxy- mail, chats and other purposes. servers.net/en/jondo s.html Boum France Technology https://boum.org/ The Amnesic Incognito Live System is a security-focused Debian-based Linux Yes Provider distribution aimed at preserving privacy and anonymity Georgetown University United States Research http://www.georgeto Research wn.edu/ Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Tel Aviv University Israel Research http://www.netdimes project has ended Research .org/new/ Telex United States Research https://telex.cc/ Telex is a next generation Internet freedom technology. It's designed to help citizens of Research repressive governments freely access the online services and information of their choice. Access now United States International https://www.accessn Access defends and extends the digital rights of users at risk around the world. Monitoring CSO ow.org/ Counterpart International United States International http://counterpart.or Monitoring CSO g/ Electronic Frontier Foundation United States International https://www.eff.org/ EFF champions user privacy, free expression, and innovation through impact litigation, Monitoring EFF CSO policy analysis, grassroots activism, and technology development. We work to ensure that ights and freedoms are enhanced and protected as our use of technology grows.

Freedom House United States International http://www.freedom Freedom House is an American independent organization that supports the Monitoring CSO house.org/ expansion of freedom around the world, freedom of expression, freedom of the press and freedom on the net. Global Voices Advocacy United States International http://advocacy.glob We seek to build a global anti-censorship network of bloggers and online activists Monitoring CSO alvoicesonline.org/ dedicated to protecting freedom of expression online. (Blogs and news)

International Freedom of Canada International http://www.ifex.org/ website and RSS feeds that aggregate press freedom incidents and appeals from Monitoring Expression exchange IFEX CSO dozens of NGOs by region and types of incidents : access to information, censorship, attacks, digital rights, freedom of assembly, free expression and the law, impunity

Internews United States International http://www.internew International development organisation specialising in supporting independent media, Monitoring CSO s.eu/ freedom of information and free expression around the globe. StopBadware United States International https://www.stopbad Monitoring CSO ware.org/ Tor Project United States International https://www.torproje Tor network is the largest deployed anonymity network to date. Tor is free software and Monitoring CSO ct.org/index.html.en an open network that helps to defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Morrison Foerster United States Legal http://www.mofo.co Lawfirm managing the Privacy Library Monitoring Yes m/ Antivigilancia Brazil Local CSO http://antivigilancia.o Monitoring rg/tecnologias/ Centre for Democracy and United States Local CSO https://cdt.org/ Monitoring Technology Wikileaks United States Media https://www.wikileak International, non-profit, journalistic organisation, that publishes secret information, Monitoring s.org/About.html news leaks, and classified media from anonymous sources. Berkman Centre for Internet and United States Research http://cyber.law.harv The Berkman Center engages with a wide spectrum of Net issues, including Monitoring Society ard.edu/ governance, privacy, intellectual property, antitrust, content control, and electronic commerce. Research interests cohere in a common understanding of the Internet as a social and political space. The center builds, uses and freely shares open software platforms. Carleton Computer Security Lab Canada Research https://www.ccsl.carl Research on intrusion detection, network monitoring, cryptography, web security and Monitoring eton.ca/research/ privacy (site is not fully up to date)

Center for Internet and Society, United States Research http://cyberlaw.stanf The Center for Internet and Society at Stanford Law School is a leader in the study of Monitoring Stanford Law School ord.edu/ the law and policy around the Internet and other emerging technologies. Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Center for Systemic Peace United States Research http://www.systemic It is engaged in innovative research on the problem of political violence within the Monitoring peace.org/ structural context of the dynamic global system, that is, global systems analysis. Collin Anderson United States Research http://cda.io/ independent researcher. Internet filtering. Iran Monitoring David L. Cingranelli, David L. United States Research Monitoring Richards, and K. Chad Clay Transparency Report United States Research visualizes how Google is available, known malware, unsafe sites and offer requests for Monitoring removal. Honeynet Project United States Research www.honeynet.org Monitoring ICLab United States Research https://iclab.org/ ICLab is a research platform to enable repeatable and representative studies of a broad Monitoring class of online information controls (e.g., traffic differentiation, censorship, content modification). Iran Media Program – University of United States Research http://iranmediarese A collaborative network aimed at providing an understanding of the role of media and Monitoring Pennsylvania arch.org/en/about the flow of information in Iran. Performs inquiries and analysis on systems of communication in Iran, from blogging, SMS text messaging to radio and television programming and the Internet (including filtering). Jeffrey Knockel United States Research http://cs.unm.edu/~j J.K. aims to bring transparency to Internet censorship and surveillance through the use Monitoring effk/ of novel network measurement techniques and the reverse engineering of censorware. As a computer science graduate student J.K. cracked the encryption of TOM-Skype (China) Open Net Initiative Canada Research https://opennet.net/ ONI investigates, expose and analyses Internet filtering and surveillance practices in a Monitoring credible and non-partisan fashion. ONI develops tools and conducts capacity building among networks of local advocates and researchers. Seems like project has ended.

The Cooperative Association for United States Research http://www.caida.org Center for Applied Internet Data Analysis - CAIDA As a part of CAIDA's mission to Monitoring Internet Data Analysis (CAIDA) /home/about/ improve the integrity of operational Internet measurement and management, CAIDA collects, curates, and distributes active Internet measurement data to researchers worldwide. The University of New Mexico United States Research http://www.unm.edu/ university (Computer science department is interesting, Jared Saia and Jedidiah Monitoring Crandall) University of Oregon -Advanced United States Research http://antc.uoregon. Founded to develop and implement state-of-the-art networking technologies, both in the Monitoring Network Technology Center ANTC edu/ Northwest region and around the world.

Afrinic Mauritius Technical Monitoring Professional Community Arabic Network for Human Rights Egypt Technical http://anhri.net/?lang Arabic Network for Human Rights Information (ANHRI) is a central repository for human Monitoring Information Professional =en rights information and websites in Arabic throughout the Middle East and North Africa. Community ASL19 Canada Technical https://asl19.org/en/ ASL19 is an interdisciplinary research and technology lab that connects Iranians to tools Monitoring Professional that help them bypass Internet censorship and access information Community Calyx Institute United States Technical https://calyx.net/ Monitoring Professional Community Centre for Law and Democracy Canada Technical http://www.law- works to promote, protect and develop those human rights which serve as the Monitoring Professional democracy.org/live/ foundation for or underpin democracy, including the rights to freedom of expression, to Community vote and participate in governance, to access information and to freedom of assembly and association. Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder China Digital Times United States Technical http://chinadigitaltim China Digital Times (CDT) is an independent, bilingual media organization that brings Monitoring Professional es.net/china- uncensored news and online voices from China to the world. Community news/focus/informat ion-revolution/ Citizen Lab Canada Technical https://citizenlab.org Interdisciplinary laboratory focusing on advanced research and development at the Monitoring Professional / intersection of digital media, global security, freedom of expression and human rights. Community ICANN United States Technical https://www.icann.or Monitoring Professional g/ Community International Center for Not-for- United States Technical http://www.icnl.org/ ICNL is the leading source for information on the legal environment for civil society, Monitoring Profit Law -ICNL Professional philanthropy, and public participation Community Measurement Lab United States Technical http://www.measure M-Lab is an open, distributed server platform on which researchers can deploy open Monitoring Professional mentlab.net/ source Internet measurement tools. The data collected by those tools is released in the Community public domain. The goal of M-Lab is to advance network research and empower the public with useful information about their broadband and mobile connections. By enhancing Internet transparency, M-Lab helps sustain a healthy, innovative Internet.

Open Internet Tools Project United States Technical https://openitp.org/o OpenITP supports the software creators and communities behind open source anti- Monitoring Professional penitp/about-the- surveillance and anti-censorship tools that enable citizens to communicate directly and Community open-internet-tools- freely with each other, on their own terms. project.html Psiphon Inc Canada Technical https://psiphon.ca/e circumvention tools for Android Monitoring Professional n/about.html Community Crypto Cat United States Technology https://crypto.cat/ Cryptocat is open source, free software, developed by encryption professionals to make Monitoring Provider privacy accessible to everyone. Global Disaster Alert and International Institution http://www.gdacs.or Aims at filling the information and coordination gap in the first phase after major Institutional Coordination System GDACS g/ humanitarian disasters. Media information, Field data, satelite imagery International Telecommunication International Institution http://www.itu.int/en/ Specialized agency for ICTs. allocate global radio spectrum and satellite orbits, develop Institutional Union ITU Pages/default.aspx the technical standards that ensure networks and technologies seamlessly interconnect, and strive to improve access to ICTs to underserved communities worldwide.

Open Technology Fund United States Institution https://www.opentec Institutional hfund.org/ United Nation Office for the International Institution http://www.unocha.o responsible for bringing together humanitarian actors to ensure a coherent response to Institutional Coordination of Humanitarian rg/ emergencies. Affairs OCHA United Nations Statistics Division United States Institution http://unstats.un.org/ Institutional (UNSD) unsd/default.htm Wassenaar Arrangement (WA) International Institution http://www.wassena Institutional ar.org/secretariat/in dex.html World Bank International Institution http://data.worldban World Bank Open Data: free and open access to data about development in countries Institutional k.org/ around the globe. indicators, country information Akamai United States ICT Industry Industry AOL United States ICT Industry http://corp.aol.com/a AOL Inc. (NYSE: AOL) is a brand company that helps marketers connect with Industry bout-/overview audiences through effective and engaging digital advertising solutions. AOL United States ICT Industry Industry Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Apple United States ICT Industry Industry Apple United States ICT Industry http://www.apple.co Apple Industry m/about/ Arbor Networks ATLAS threat United States ICT Industry http://www.arbornet Arbor has focused exclusively on researching, detecting and mitigating network-based Industry analysis works.com/resource threats. The company is best known for its pervasive footprint in service provider s/research/atlas-aif- networks. feed AT&T United States ICT Industry Industry Blue Coat United States ICT Industry https://www.bluecoa Digital security, URL categorisation, tools for Internet monitoring, filtering and to restrict Industry t.com/ internet access. Customers: governments, banks, comunication & media etc.

Cloudflare United States ICT Industry Industry Cloudflare United States ICT Industry Industry Cloudflare United States ICT Industry https://www.cloudfla CloudFlare created Project Galileo to protect politically and artistically important Industry re.com/galileo organizations and journalists against attacks that would otherwise censor their work.

Comcast United States ICT Industry Industry Credo United States ICT Industry Industry Dropbox United States ICT Industry Industry United States ICT Industry Industry Farsight Security United States ICT Industry https://www.farsight Farsight offers real-time Passive DNS solutions that provide critical context (the Industry security.com/ information documenting the network configuration of the threat and of the Internet surrounding the threat) to significantly increase the value of prepackaged reputation and threat feeds and other threat intelligence. GDELT United States ICT Industry http://gdeltproject.or GDELT is a large, comprehensive, and high resolution open database of human Industry g/ society. GDELT uses natural language and data mining algorithms to extract more than 300 categories of "events" and the networks of people, organizations, locations, themes, and emotions that tie them together (social media monitoring). Google United States ICT Industry Industry Google United states ICT Industry Industry Internet Archive United States ICT Industry Industry Lease Web United States ICT Industry Industry LinkedIn United States ICT Industry Industry Lookout United States ICT Industry Industry Microsoft United States ICT Industry Industry MITRE United States ICT Industry http://www.mitre.org The MITRE Corporation is a not-for-profit company that operates multiple federally Industry / funded research and development centers (FFRDCs). Ookla United States ICT Industry http://www.ookla.co Industry m/ Open DNS United States ICT Industry https://www.opendn Network security, Web filtering, Predictive Intelligence Industry s.com/ Pinterest United States ICT Industry Industry Rogers Communications United States ICT Industry Industry Sonic.net United States ICT Industry Industry Team Cymru monitoring United States ICT Industry http://www.team- Team Cymru Research NFP is a specialized Internet security research firm and 501(c)3 Industry capabilities cymru.org/Monitorin non-profit dedicated to making the Internet more secure. Team Cymru helps g/ organizations identify and eradicate problems in their networks, providing insight that improves lives. TekSavvy United States ICT Industry Industry Telstra United States ICT Industry Industry Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Telus Canada ICT Industry Industry The SecDev Group Canada ICT Industry Industry Time Warner Cable United States ICT Industry Industry Tumblr United States ICT Industry Industry Twitter United States ICT Industry Industry Verizon United States ICT Industry Industry Vodafone United States ICT Industry Industry Wikimedia United States ICT Industry Industry Word Press United States ICT Industry Industry Yahoo United States ICT Industry Industry Association for Progressive United States International http://www.apc.org/e APC’s mission is to empower and support organisations, social movements and Civil Society Communications APC CSO n individuals in and through the use of ICTs to build strategic communities and initiatives for the purpose of making meaningful contributions to equitable human development, social justice, participatory political processes and environmental sustainability.

Humanitarian Outcomes United States International http://www.humanita Humanitarian Outcomes is a team of specialist consultants providing research and Civil Society CSO rianoutcomes.org/ policy advice for humanitarian aid agencies and donor governments. Our search covers the institutional,financial, and operational mechanics of the international humanitarian system, and considers the broader political and strategic environment in which aid policy takes shape Pakistan Humanitarian Forum Pakistan International http://pakhumanitari Coordination forum to increased partnership working and information sharing between Civil Society CSO anforum.org/ NGOs in Pakistan. Bytes for All Pakistan Local CSO https://content.bytes Bytes for All (B4A), Pakistan is a human rights organization and a research think tank Civil Society forall.pk/ with a focus on Information and Communication Technologies (ICTs). Gaza NGO Safety Office Palestinian Local CSO http://www.gaza- project with the aim of providing the information and analysis the NGO community Civil Society Territory nso.org/ needs in order to implement humanitarian projects in Gaza safely NGO Safety Program NSP Somalia Local CSO http://www.nspsoma Created by NGOs, Provides information and anlysis to International and National NGOs Civil Society lia.org/joomla/index. in order to operate safely and securely in Somalia / Somaliland. NSP is a program, not php/information-and- an NGO, and has no legal entity. analysis Australian Governement Australia Institution http://dfat.gov.au/ Australian Governement Departement of Foreign Affairs and Trade Departement of Foreign Affairs and Trade Central Intelligence Agency (CIA) United States Institution https://www.cia.gov/ (world fact book) about-cia/ Government of Canada Canada Institution http://www.canada.c Government of Canada a/en/index.html Cheezburger United States ICT Industry Cisco United States ICT Industry CyberGhost United States ICT Industry Daum Kakao United States ICT Industry Dream Host United States ICT Industry Evernote United States ICT Industry GitHub United States ICT Industry Global Stats United States ICT Industry http://statcounter.co Website analytics m/ HotSpot Shield United States ICT Industry http://www.hotspots VPN hield.com/ Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Internet Research Institute Japan ICT Industry http://www.iri.co.jp/e Internet Research Institute, Inc. (“IRI”) is a research and development (R&D) company ng/ to create an ideal network society by widely applying technologies for construction and operation of IP (Internet protocol) networks Kaspersky Russian ICT Industry https://cybermap.ka Kaspersky lab, Internet security. (example of real time interactive world map cyber Federation spersky.com/ attacks) Kickstarter United States ICT Industry Mapbox United States ICT Industry Medium United States ICT Industry Narus United States ICT Industry http://www.narus.co (Surveillance) Cyber security for government and defense, etc. m/ Netsweeper Canada ICT Industry http://www.netswee Canadian net-filtering company per.com/ Parus Analytics United States ICT Industry http://parusanalytics Consulting firm specializing in the development of data and software for the analysis .com/ and forecasting of political conflict. Examples: phoenix data sets, Pertrarch coders,these are follow ups of event data. Founded by former researcher who previously worked at University of Kansas and Pensylvania State University. Hosts Eventdata.org

Reddit United States ICT Industry SaskTel United States ICT Industry Silent Circle United States ICT Industry Snapchat United States ICT Industry SpiderOak United States ICT Industry Symantec United States ICT Industry http://www.symante Internet security, threat reports. c.com/security_resp onse/publications/th reatreport.jsp Wickr United States ICT Industry WIND Mobile United States ICT Industry IATI International Institution http://www.aidtransp International Aid Transparency Initiative: multi-stakeholder initiative that seeks to arency.net/ improve the transparency of aid, development and humanitarian resources in order to increase their effectiveness in tackling poverty. Gathers raw data. NSA United States Institution CIMA-NED United States International http://cima.ned.org/t great compilation of media indexes per country from RSF, Freedom House, CPJ, IREX CSO ools-and- resources/country- profiles Global Internet Freedom United States International http://internetfreedo Inform, connect, and empower the people in closed societies with information on a free Consortium CSO m.org/ Internet. Global Investigative network United States International http://impact.gijn.org regular news about investigative journalism worldwide, may include incidents in pilot CSO /feed/ countries Human Rights Data Analysis United States International https://hrdag.org/ The Human Rights Data Analysis Group is a non-profit, non-partisan organization that Group CSO applies rigorous science to the analysis of human rights violations around the world.

Human Rights First United States International http://www.humanrig American ideals Universal values CSO htsfirst.org/ Human Rights Watch United States International http://www.hrw.org/ Human Rights Watch defends the rights of people worldwide. Investigate abuses, CSO expose the facts widely, and pressures those with power to respect rights and secure justice International Center for Journalists United States International http://www.icfj.org/ ICFJ CSO Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Open Society Foundations United States International http://www.opensoci We seek to strengthen the rule of law; respect for human rights, minorities, and a CSO etyfoundations.org/ diversity of opinions; democratically elected governments; and a civil society that helps keep government power in check. Founded by George Soros Standby Taskforce United States International http://blog.standbyta Standby Task Force provides humanitarian organisations with real-time Crisis Mapping CSO skforce.com/ and situational awareness support. The Communication Initiatives United States International http://www.comminit agregation of publications on media in fragile states CSO .com/ Collaboration on International ICT Uganda Local CSO Policy in East and Southern Africa (CIPESA) Syrian Network for Human Rights Syria Local CSO http://sn4hr.org/abo aims to document human rights violations, issues reports and studies in order to expose SNHR ut-us/ perptrators and hold them accountable. Tech Freedom United States Local CSO http://techfreedom.o TechFreedom is technology think tank focusing on issues of Internet freedom and rg/ technological progress. The Intercept United States Media https://firstlook.org/t heintercept/ LexisNexis United States Other http://www.lexisnexi s.com/en- us/gateway.page American Civil Liberties Union United States Research https://www.aclu.org / Berkeley Counter-Power Lab United States Research http://www.ischool.b an interdisciplinary faculty-student research group focusing on the intersection of social erkeley.edu/people/f media, digital activism, and Internet freedom, based in the School of Information, UC aculty/qiangxiao Berkeley. Berkeley Institute for Free Speech United States Research http://bifso.org/ Anti-censorship software. differs from other censorship-fighting organizations in its Online (BIFSO) specific focus on software, rather than on legal, political, journalistic, or other aspects of censorship. Digital Media Law Project United States Research http://www.dmlp.org/ Legal Resources for Digital Media. Legal assistance to independent journalism through various methods. (Citizen Media Law Project) Free Expression Policy Project United States Research Herdict United States Research http://www.herdict.or User-driven platform for identifying web blockages as they happen, including denial of g/ service attacks, censorship, and other filtering Kungliga Tekniska Högskolan Sweden Research (KTH), = the Royal Institute of Technology, Sweden School of Information Sciences United States Research http://www.internetg University. Research center 'Internet Governance Project' performs research and Syracuse University -Research overnance.org/ analysis of global Internet policy and Internet resource management. Project ' The center 'Internet Governance Network is Aware' Research on Deep packet Inspection in collaboration with TU Delft. Project' Stony Brook University Computer United States Research http://nrg.cs.stonybr Research on Interceptions and Online Information Controls Science ook.edu/research/

ANA New Media Association - Egypt Technical https://www.faceboo seeks to enhance today's free media platform, the association depends highly on citizen ANA Press - ANA Professional k.com/ananewmedi journalism which has proven its ability to become a main source for news agencies and Community a/info?tab=page_inf outlets on an international level. (FB-page in English) o Belarusian Association of Belarus Technical http://baj.by/en/abou The Belarusian Association of Journalists is a non-governmental, non-partisan and non- Journalists Professional tbaj profit professional union of media workers, united on the platform of free expression and Community independent journalism ideas Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Diplo Foundation United States Technical http://www.diplomac Diplomacy and capacity development Professional y.edu/ Community Dyn Research (Renesys) United States Technical http://research.dyn.c Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, Professional om/ control, and optimize online infrastructure. Follow-up from Renesys Community Edward Snowden United States Technical Professional Community Free Software Foundation United States Technical http://www.fsf.org/ promotes computer user freedom and defends the rights of all free software users Professional Community Global Journalist Security United States Technical http://www.journalist Journalists consulting and safety training organization comprised of veteran journalists, Professional security.net/ press freedom advocates and security training professionals. Community Global Network Initiative United States Technical https://www.globaln Protecting and advancing freedom of expression and privacy in Information and Professional etworkinitiative.org/ Communication Technologies. GNI is a multi-stakeholder group of companies, civil Community society organizations (including human rights and press freedom groups), investors and academics. Great Fire United States Technical https://en.greatfire.o Great Fire collects data about the Great Firewall of China and shares real-time and Professional rg/ historical information about blocked websites and searches, with a particular focus on Community Google and Baidu. Great Fire's aim is to bring transparency to online censorship in China. Groundviews Sri Lanka Technical http://groundviews.o a citizens journalism website based in Sri Lanka Professional rg/about/ Community Information Warfare Monitor United States Technical http://www.infowar- Last activity seen on december 2011. independent research activity tracking the Professional monitor.net/blog/ emergence of cyberspace as a strategic domain Community International NGO Safety United States Technical http://www.ngosafet Offers high quality, real-time information and analysis of the local safety conditions. Organisation INSO Professional y.org/#!about/cjg9 Community Internet Rights and Principles International Technical http://internetrightsa The Internet Rights and Principles Dynamic Coalition is working to uphold human rights Coalition Professional ndprinciples.org/site on the internet and to root internet governance processes and systems in human rights Community / standards. Internet Society (ISOC) International Technical http://www.internets To promote the open development, evolution, and use of the Internet for the benefit of Professional ociety.org/ all people throughout the world. Community IP Justice United States Technical http://ipjustice.org/w International civil liberties organisation that promotes balanced Intellectual property law Professional p/ Community Open Event Data Alliance United States Technical http://openeventdata The prime objective of the OEDA is to provide reliable, open access, multi-sourced Professional .org/#about political event datasets that are updated at least weekly, are transparent and have Community documented source texts, and use open coding ontologies supported by the organization. (More or less a follow-up of eventdata.org, under construction) Pakistan Press Foundation (PPF) Pakistan Technical http://www.pakistan Pakistan Press Foundation (PPF) is an independent media documentation and training Professional pressfoundation.org/ centre, non-governmental organisation committed to promoting and defending freedom Community of expression Annex Data Sources List: Organisations

Name Country Type URL Description EU Direct Indirect Project Stakeholder Stakeholder Project Byzantium United States Technical http://project- The goal of Project Byzantium is to develop a communication system by which users Professional byzantium.org/about can connect to each other and share information in the absence of convenient access to Community / the Internet Social Hotspot Database United States Technical http://socialhotspot. improving social conditions worldwide by providing the data and tools necessary for Professional org/ improved visibility of social hotspots in product supply chains Community Syrian journalistes association Syria Technical http://www.syja.org/ Professional Community Telecommunications Industry United States Technical https://telecomindus The Telecommunications Industry Dialogue is a group of telecommunications operators Dialogue Professional trydialogue.org/abou and vendors who jointly address freedom of expression and privacy rights in the Community t telecommunications sector in the context of the UN Guiding Principles on Business and Human Rights. Stimulates reporting on Law Enforcement Demands and filtering.

The World Press Freedom International Technical http://www.wpfc.org/ International umbrella organization that includes 45 united in the defense and promotion Committee Professional of press freedom in all media. Community US Open Data Institute United States Technical https://usodi.org/ creates sustainable data ecosystems. Helps governments to release data and creates, Professional supports and promotes software essential to the open data ecosystem Community The crypto project United States Technology https://crypto.is/ Provider Ushahidi Kenya Technology http://www.ushahidi. tools Provider com/ Annex Data Sources List: Projects

This data set is licensed under the Open Database License v1.0 (http://opendatacommons.org/licenses/odbl/1.0/) ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Chokepoint Project Beta Internet and human rights monitoring platform Chokepoint Project Netherlands Yes Direct Yes Yes Yes Yes Yes

CyberArabs Digital Security for the Arab World Institute for War and United Yes Direct Yes Yes Yes Yes Yes Peace Reporting IWPR Kingdom Digital Defenders Partnership Digital Emergency Response Frontline Defenders Ireland Yes Direct Yes Yes Yes Yes Yes

Digital Defenders Partnership Digital Emergency Response HIVOS Netherlands Yes Direct Yes Yes Yes Yes Yes

Digital Defenders Partnership Digital Emergency Response Institute for War and United Yes Direct Yes Yes Yes Yes Yes Peace Reporting IWPR Kingdom Digital Defenders Partnership Digital Emergency Response Qurium United Yes Direct Yes Yes Yes Yes Yes Kingdom OONI Global observation network for detecting Hermes Center for Italy Yes Direct Yes Yes Yes censorship, surveillance and traffic manipulation Transparency and Digital on the internet Human Rights Alkasir Censorship Map This map is automatically plotted based on the The Julia Group Sweden Yes Direct Yes Yes Yes data collected from the database that is updated through usage patterns of alkasir software. BLOCKED! Campaign against website blocking in the UK. Open Rights Group United Yes Direct Yes Yes Kingdom Reports, interactive map, also Violations, threats and limitations of European Index on Censorship United Yes Direct Yes Yes available as list media professionals, bloggers and citizen Kingdom journalists. Cyber-censorship in 2012 Key events in Internet censorship and Reporters Without Borders France Yes Direct Yes Yes Yes overview surveillance in 2012 and first two months of 2013 Global Partners Digital - Reports on journalists' safety, internet Global Partners United Yes Direct Yes Yes Yes Reports governance, cyber security etc. Kingdom Iranian Infrastructure and policy and infrastructure developments, Small Media United Yes Direct Yes Yes Yes Policy Report overview of filtering and censorship example: Kingdom juli '14 The enemies of the internet Statistics and surveillance, filtering, monitoring Reporters Without Borders France Yes Direct Yes Yes Yes

Internet Protection Lab The Internet Protection Lab works closely with Free Press Unlimited Netherlands Yes Direct Yes Yes Yes international organisations that work to promote a safe and accessible Internet for people everywhere. News on Surveillance news on Surveillance technologies CAUSE United Yes Direct Yes Yes Technologies Kingdom News on Surveillance news on Surveillance technologies Privacy International United Yes Direct Yes Yes Technologies Kingdom Satellite Jamming in Iran report on sattelite jamming, tv Small Media United Yes Direct Yes Yes Kingdom Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Surveillance state Governement ramps up controls on Finspy Bureau of Investigative United Yes Direct Yes Yes surveilance software Journalism Kingdom Me and My Shadow Me & My Shadow is a project which helps you Tactical Technology Germany Yes Direct Yes Yes Yes explore your digital shadows, learn how to Collective minimise them, and find out how your data is feeding the data industry. Crypto Law Cryptolaw maintained by prof. dr. E.J. Koops. Tilburg University Netherlands Yes Direct Yes Yes Website seems outdated Exporting Censorship and Exporting Censorship and Surveillance HIVOS Netherlands Yes Direct Yes Yes Surveillance Technology Technology LGBT in Iran Report on how lgbt communities in iran use Small Media United Yes Direct Yes Yes global communictions technology in their Kingdom everyday lives Tools - NSA-observer comprehensible easy to use database on NSA La Quadrature du Net France Yes Direct Yes Yes global survaillance. Globaleaks Allows to set up and maintain an anonymous Hermes Center for Italy Yes Direct Yes Yes whistleblowing platform. Transparency and Digital Human Rights Responsible Data Program Tools and resources dealing with the ethical, the engine room United Yes Direct Yes Yes security and privacy challenges facing data- Kingdom driven advocacy. Virtual Roads Secure hosting Qurium United Yes Direct Yes Yes Kingdom Your Freedom Provides VPN-tunneling, firewall & proxy Your Freedom Germany Yes Direct Yes Yes bypassing, anonymization and anti-censorship solutions. Tools - political memory Toolbox designed to track voting record of La Quadrature du Net France Yes Direct Yes Members of European Parliament on iternet freedom related subject NetAidKit The NetAidKit is a pocket size, USB powered Free Press Unlimited Netherlands Yes Direct Yes Yes Yes router that connects everything to everything, designed specifically for non-technical users.

Domains and IP Intelligence Network analysis result replication persistent Chokepoint Project Netherlands Yes Direct Yes Database DIID measurement Press Freedom Barometer Indicators of media professionals and citizen Reporters Without Borders France Yes Direct Yes journalists killed or imprisoned Front line news archive arrested human rights defenders - country can Frontline Defenders Ireland Yes Direct Yes be selected Tools - Wiki Subjects: Privacy, Tafta, Ceta, Net Neutrality, La Quadrature du Net France Yes Direct Ipred, Acta Data driven futures - The main goal of the project is to research the School of Information Finland Yes Research Yes censorship takes new forms status of censorship during the internet era. Sciences University Tampere Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

GSMMap The GSM Security Map compares the Security Research Labs Germany Yes Monitoring Yes Yes protection capabilities of mobile networks. Connected partners dataset available in TSV, Perl source, ascii, AMS-IX Netherlands Yes Monitoring Yes euroix Netnod connected networkd Netnod Sweden Yes Monitoring Yes IX members RIPE Atlas Overview of visualisations concerning DNS, RIPE NCC Netherlands Yes Monitoring Yes RTT, probes and network RIPE Data Repository The RIPE Data Repository is a collection of RIPE NCC Netherlands Yes Monitoring Yes datasets that are useful for scientific and operational Internet research. Syrian Internet Monitor Ripe stats, monitoring Syrian IP space RIPE NCC Netherlands Yes Monitoring Yes RIPEstat registration and routing data, DNS data, RIPE NCC Netherlands Yes Monitoring Yes Yes geographical information, from the RIPE NCC's internal data and external sources RIPE Database Query RIPE Database RIPE NCC Netherlands Yes Monitoring Yes Buggedplanet.info BUGGEDPLANET.INFO is a wiki about Signals Andy Muller-Maguhn Germany Yes Monitoring Yes Intelligence (SIGINT), Communication Intelligence (COMINT), Tactical and Strategical Measures used to intercept Communications and the Vendors and Governmental and Private Operators of this Technology.

Netcraft Monitoring Services Response times of leading hosting providers' Netcraft United Yes Monitoring Yes sites. Kingdom Statistics traffic analysis monitor updated every five minutes, monthly AMS-IX Netherlands Yes Monitoring Yes overview available Region and country archives overview items on Belarus International Commission Switzerland Yes Monitoring of Jurists Hudoc Provides access to the case-law of the European Court of Human European Yes Institutional Yes Yes Yes European Court of Human Rights Rights EU Situation Room The EU Situation Room is a permanent stand- European Union External European Yes Institutional Yes Yes by body that provides worldwide monitoring and Action EUEA current situation awareness 24 hours a day, 7 days a week, all year round.

Collective Awareness Collective Awareness Platforms, or how to use European Commission - European Yes Institutional Yes Platforms networks to connect citizens and ideas for DG CONNECT social innovation, leveraging on collective intelligence and action to address sustainability challenges Europe Media Monitor Europe Media Monitor European Commission - European Yes Institutional Yes Joint Research Centre (JRC) Global Alert Map Monitoring of emergencies and disasters RSOE EDIS Hungary Yes Institutional Yes Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Safeguarding Human Rights The Council of Europe works with its 47 Council of Europe France Yes Institutional Yes Yes Online member states, the private sector, civil society and other actors to shape an Internet based on human rights, democracy and the rule of law.

Access to Data Protection Overview per country, EU members European Union Agency European Yes Institutional Yes Remedies in EU Member for Fundamental Rights States FRA ECHR - Factsheets and European Court of Human Rights Factsheets European Court of Human European Yes Institutional Yes Country Profiles and Country Profiles Rights ECHR - Statistics Statistics by month, by year, by article, by state European Court of Human European Yes Institutional Rights Transparency report - Deutsche Telekom Germany Yes Industry Yes Yes Deutsche Telekom Transparency report - Posteo Posteo Germany Yes Industry Yes Yes

Transparency report - TeliaSonera Sweden Yes Industry Yes Yes TeliaSonera Vodafone Sustainability - Law -Legal Annexe- a country-by-country analysis of Vodafone United Yes Industry Yes Yes Enforcement Disclosure law enforcement demands received based on Kingdom Report data gathered from local licensed communications operators. Open Integrity Index Index comparing adoption of best practices for iilab United Yes Industry Yes software developers (beta) Kingdom Open data barometer visualises readiness and impact of open data Open Data Institute ODI United Yes Industry Yes per country Kingdom Transparency report Cyber 2011-2014 (link via Access now) Cyber Ghost Germany Yes Industry Yes Ghost 2011 - 2014 Guides - Save the Titanic hands-on anonymisation and risk control of Open Data Institute ODI United Yes Industry Yes publishing open data Kingdom CFI - Newsletter newsletter in english and french, and internal Canal France International France Yes Civil Society Yes regular reports CFI Country wiki page Intel environment, vendors, legal background, Buggedplanet Germany Yes Civil Society Yes events etc. Vendors of Wiki List of vendors, country knowledge base, Buggedplanet Germany Yes Civil Society Yes SIGINT/COMINT/Legal Transnational issues and installations, Others Interception and supporting recourses Technologies and Systems BBC Media Action BBC Media Action is the BBC's international BBC United Yes Civil Society Yes development charity. Kingdom BBC Monitoring BBC Monitoring provides news and information BBC United Yes Civil Society Yes from freely available media sources around the Kingdom world. Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Detekt A tool that enables journalists and human rights Amnesty international United Yes Yes Yes Yes Yes defenders to scna their computers for kown Kingdom surveillance spyware. Collaboration between Digitale Gesellschaft, EFF, Privacy International

NetAidKit The NetAidKit is a pocket size, USB powered Radically Open Security Netherlands Yes Yes Yes Yes router that connects everything to everything, designed specifically for non-technical users. The easy to use web interface will allow you to connect the NetAidKit to a wireless or wired network and share that connection with your other devices, such as a phone, laptop or tablet. Middle East Monitor News daily updates events in the Middle East or Middle East Monitor United Yes Yes effecting ME. Focused and comprehensive Kingdom coverage of Palestine, and its regional neighbours Tails The Amnesic Incognito Live System is a Boum France Yes Yes security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity JonDonym Software for anonymous surfing JonDos Germany Yes Yes digital safety - all posts at a digital safety for journalists, overview of posts Deutsche Welle Akademie Germany Yes glance digital safety - know your security tips from Tunisian cyberactivist Slim Deutsche Welle Akademie Germany Yes enemy Amamou Euro-IX - IXP Service Matrix with live statistics European Internet European Yes Exchange Points Association (Euro-IX) Euro-IX - Peering Matrix ASNs peering IXP and reverse. Overview European Internet European Yes Exchange Points Association (Euro-IX) Foreign affairs - travel advice Travel advice Gov uk United Yes Kingdom GISWatch - reports Global Information Society Netherlands Yes Watch - GISwatch

Media freedom indices, what Report analysis of media freedom rankings, Deutsche Welle Akademie Germany Yes they tell us and what they how objective are press freedom rankings? don't Open Corporates open data or paid versions. Company info opencorporates United Yes around the world Kingdom Open Spending - Datasets Overview of datasets on geovernment Open Spending United Yes spendings Kingdom Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Digital Defenders Partnership Digital Emergency Response Computer Incident Luxembourg Yes Institutional Yes Yes Yes Yes Yes Reponse Center Luxembourg CIRCL Common Vulnerabilities Contextual feed containing all software Computer Incident Luxembourg Yes Institutional Yes Exposure vulnerabilities including visibility ranking in Reponse Center Luxembourg. Luxembourg CIRCL Eurostat Database Contains the full range of data publically Eurostat European Yes Institutional available at Eurostat No Spyware for Dictators Interactive map revealing European companies The Greens European Yes Institutional selling surveillance technology ONI - Filtering Data Summarized global Internet filtering data as a Open Net Initiative Canada Research Yes Yes Yes Yes downloadable CSV file under a Creative Commons license. The data provides an overview of the most recent ONI ratings of the breadth and depth of Internet filtering in seventy- four countries across four content categories (political, social, Internet tools and conflict/security). ICLab (no data sets found) ICLab United States Research Yes Yes Yes ONI - Country Profiles Country analysis of filtering of the Internet, as Open Net Initiative Canada Research Yes Yes Yes well as the impact, relevance, and efficacy of technical filtering Citation Filtered Analysis of Wikipedia filtering in Iran Collin Anderson United States Research Yes Yes FATA Internet Café FATA Internet Café Regulation Iran Media Program – United States Research Yes Yes Regulation University of Pennsylvania

ONI - Reports Reports and articles on larger research projects Open Net Initiative Canada Research Yes Yes undertaken by ONI, including bulletins and advisories highlighting notable events related to Internet filtering and research into Internet filtering performed before the formation of ONI.

Android Observatory Metadata on Android Apps Carleton Computer Canada Research Yes Security Lab Dimes Project DIMES is a distributed scientific research Tel Aviv University Israel Research Yes project, aimed to study the structure and topology of the Internet, with the help of a volunteer community (similar in spirit to projects such as SETI@Home). Google Malware Dashboard Google Malware Dashboard Google Transparency United States Research Yes Report Google Traffic Disruptions Disruptions of traffic to Google products Google Transparency United States Research Yes Report Tom-Skype Censorship Tom-Skype Censorship research Jeffrey Knockel United States Research Yes research Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

World Intermediary Liability online resource informing the public about Center for Internet and United States Research Yes Map evolving Internet regulation affecting freedom of Society, Stanford Law expression and user rights worldwide. School Digital Defenders Partnership Digital Emergency Response Access now United States Monitoring Yes Yes Yes Yes Yes

Digital Defenders Partnership Digital Emergency Response Freedom House United States Monitoring Yes Yes Yes Yes Yes

Digital Defenders Partnership Digital Emergency Response Internews United States Monitoring Yes Yes Yes Yes Yes

Filbaan Filbaan monitors and editorialises censorship in Internews United States Monitoring Yes Yes Yes Yes Iran OONI Global observation network for detecting Tor Project United States Monitoring Yes Yes Yes censorship, surveillance and traffic manipulation on the internet Herdict Censorship reports Berkman Centre for United States Monitoring Yes Yes Internet and Society Netizen Report A project of Global Voices Online, we seek to Global Voices Advocacy United States Monitoring Yes Yes build a global anti-censorship network of bloggers and online activists dedicated to protecting freedom of expression online. Tecnologias de vigilância e News about surveillance and privacy, focus in Antivigilancia Brazil Monitoring Yes Yes Yes antivigilância Latin America. Wikileaks Cables U.S. State department diplomatic "cables" Wikileaks United States Monitoring Yes Yes Wikileaks Spyfiles Details of which companies are selling Wikileaks United States Monitoring Yes Yes sophisticated tracking tools to government buyers 2010 Circumvention Tool report on usage of circumvention tools in 40 Berkman Centre for United States Monitoring Yes Yes Yes Usage Report countries worldwide (where Internet filtering by Internet and Society national govenrments is documented by ONI)

Access now - Transparency Transparency Reporting Index Access now United States Monitoring Yes Yes Reporting Index Internet Monitor Collect and share data about how people all Berkman Centre for United States Monitoring Yes Yes over the world access and use the Internet. Internet and Society Survey of State Location Privacy protections for location records Centre for Democracy and United States Monitoring Yes Yes Privacy Legislation generated by cell phones and other electronic Technology devices. Tool metrics using metrics to identify user pain points in open-Open Internet Tools United States Monitoring Yes Yes source security tools Project Legal Threats Database The database contains lawsuits, cease & desist Berkman Centre for United States Monitoring Yes Yes letters, subpoenas, and other legal threats Internet and Society directed at those who engage in online speech.

Tor Metrics Tor Project United States Monitoring Yes Yes Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Afrinic Internet Measurement The initiative includes two main activities: Afrinic Mauritius Monitoring Yes Partnership Building a large measurement network, Analyzing interconnectivity and networking in Africa Archipelago Measurement Internet Measurement probes The Cooperative United States Monitoring Yes Infrastructure (ark) Association for Internet Data Analysis (CAIDA) Canary Watch Canarywatch tracks and documents statements Calyx Institute United States Monitoring Yes that a service provider has not received legal process that it would be prohibited from saying it had received, such as a national security letter. Chilling Effects Chilling Effects is an independent 3rd party Berkman Centre for United States Monitoring Yes research project studying cease and desist Internet and Society letters concerning online content. Integrated Network for Coordinate and integrate information resources Center for Systemic Peace United States Monitoring Yes Societal Conflict Research about political violence (INSCR) Measurement lab - Network diagnostic tool Measurement Lab United States Monitoring Yes Performance Measurement lab - State Detects load balancing, noting when a Measurement Lab United States Monitoring Yes transmission is split between two pathes, next to existing route and topology data provided by regular traceroute. Paris Traceroute runs when another M-Lab tool makes a TCP connection with the platform. Measurement lab - DPI / Throttling detection Measurement Lab United States Monitoring Yes Transparency Routeviews real-time information about the global routing University of Oregon - United States Monitoring Yes system from the perspectives of several Advanced Network different backbones and locations around the Technology Center ANTC Internet Data Sharing Program The program's goal is to help security StopBadware United States Monitoring Yes Yes researchers and practitioners more effectively measure and address Web malware by providing access to a wide range of high-quality malware data. CAIDA data overview of datasets between 2004 and 2014 The Cooperative United States Monitoring Yes Association for Internet Data Analysis (CAIDA) ClearingHouse The data in StopBadware's Clearinghouse StopBadware United States Monitoring Yes comes from three data providers: Google, ThreatTrack Security, and NSFocus. Concept Doppler Blacklisting Great Chinese Firewall The University of New United States Monitoring Yes Mexico Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Honeynet Project To learn the tools, tactics and motives involved Honeynet Project United States Monitoring Yes in computer and network attacks, and share the lessons learned. CIRI Human Rights Dataset The CIRI Human Rights Dataset contains David L. Cingranelli, David United States Monitoring Yes standards-based quantitative information on L. Richards, and K. Chad government respect for 15 internationally Clay recognized human rights for 202 countries, annually from 1981-2011. Freedom in the World annual global report on political rights and civil Freedom House United States Monitoring Yes liberties, composed of numerical ratings and descriptive texts for each country and a selectgroup of related and disputed territories.

Freedom of the press Survey ratings and narrative reports on 195 Freedom House United States Monitoring Yes countries and 14 related and disputed territories 2014 -example- previous reports availble online

Freedom on the Net report monitors: obstacle to access, limits on Freedom House United States Monitoring Yes content, violation of users rights. Global Data Protection Overview of the key privacy and data protection DLA Piper United States Monitoring Yes Handbook laws and regulations across 77 different jurisdictions Global Trends in NGO Law Global Trends in NGO Law synthesizes key International Center for Not-United States Monitoring Yes developments relating to the legal and for-Profit Law -ICNL regulatory issues that affect non-governmental organizations (NGOs) Integrated Network for Center for Systemic Peace United States Monitoring Yes Societal Conflict Research Leaping over the Firewall, a Report: comparison among different Freedom House United States Monitoring Yes review of censorship circumvention tools, both in terms of their circumvention tools technical merits, as well as how users of these tools describe their experience with them

NGO law monitor up-to-date information on legal issues affecting International Center for Not-United States Monitoring Yes not-for-profit and NGOs around the world. for-Profit Law -ICNL

Privacy Library Online resource, providing links to privacy laws, Morrison Foerster United States Monitoring Yes regulations, reports, multilateral agreements, and government authorities for more than 90 countries around the world, including the United States. Public Discourse in the Berkman Centre for United States Monitoring Yes Russian Blogosphere Internet and Society Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Root Servers The authoritative name servers that serve the ICANN United States Monitoring Yes DNS root zone, commonly known as the “root servers”, are a network of hundreds of servers in many countries around the world. telex Telex creates what is essentially a proxy server Telex United States Monitoring Yes without an IP address to circumvent blocked sites Intrusion and Surveillance Wassenaar Arrangement 2013 Plenary Wassenaar Arrangement International Institutional Yes Yes Items - Wassenaar Agreements Implementation: Intrusion and (WA) Arrangement 2013 Plenary Surveillance Items Agreements Implementation GDACS - Alerts Map, overview of Earthquakes, Floods, Tropical Global Disaster Alert and International Institutional Yes Cyclones, Coordination System GDACS GDACS - Data, maps and overview sources and methods to compile Global Disaster Alert and International Institutional Yes information event-based data and information Coordination System GDACS Humanitarian Data Exchange a place where users can easily find United Nation Office for the International Institutional Yes humanitarian data and understand the data's Coordination of source, collection methodology, and license for Humanitarian Affairs reuse OCHA Humanitarian Response OCHA Cluster Coordination and Information United Nation Office for the International Institutional Yes portal Coordination of Humanitarian Affairs OCHA Relief web ReliefWeb has been the leading source for United Nation Office for the International Institutional Yes reliable and timely humanitarian information on Coordination of global crises and disasters since 1996 Humanitarian Affairs OCHA Financial Tracking Service Global, real-time database which records all United Nation Office for the International Institutional Yes FTS - Financial tracking of reported international humanitarian aid(including Coordination of global aid flows that for NGOs and the Red Cross / Red Humanitarian Affairs Crescent Movement, bilateral aid, in-kind aid, OCHA and private donations) Global Cybersecurity Index The Global Cybersecurity Index (GCI) is an ITU- International International Institutional Yes (GCI)​ ABIresearch joint project to measure the Telecommunication Union commitment of countries to cybersecurity. ITU ITU - Measuring the Key ICT data and benchmarking tools to International International Institutional Yes Information Society Report measure the information society, including the Telecommunication Union ICT Development Index (IDI) ITU UNData Data access system to UN databases United Nations Statistics United States Institutional Yes Division (UNSD) World Bank Data - Countries development indicators, Global economic World Bank International Institutional Yes and Economies prospects - forecasts, projects & operations, finances, surveys, climate Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Blackwatch The Internet Weather Forecast The SecDev Group Canada Industry Yes Yes Yes Transparency report - AOL AOL United States Industry Yes Yes Transparency report - Apple Apple United States Industry Yes Yes Transparency report - AT&T AT&T United States Industry Yes Yes Transparency report - Comcast United States Industry Yes Yes Comcast Transparency report - CREDO Credo United States Industry Yes Yes

Transparency report - Dropbox United States Industry Yes Yes Dropbox Transparency report - Facebook United States Industry Yes Yes Facebook Transparency report - Internet Internet Archive United States Industry Yes Yes Archive Transparency report - Lease Web United States Industry Yes Yes leaseweb Transparency report - LinkedIn United States Industry Yes Yes Linkedin Transparency report - Lookout Lookout United States Industry Yes Yes

Transparency report - Microsoft United States Industry Yes Yes Microsoft Transparency report - Pinterest United States Industry Yes Yes Pinterest Transparency report - Rogers Rogers Communications United States Industry Yes Yes

Transparency report - Sonic.net United States Industry Yes Yes Sonic.net Transparency report - TekSavvy United States Industry Yes Yes Teksavvy Transparency report - telstra Telstra United States Industry Yes Yes Transparency report - Telus Telus Canada Industry Yes Yes Transparency report - Tumblr Tumblr United States Industry Yes Yes Transparency report - Twitter Twitter United States Industry Yes Yes Transparency report - Verizon Verizon United States Industry Yes Yes

Transparency report - Wikimedia United States Industry Yes Yes Wikimedia foundation Transparency report - Word Press United States Industry Yes Yes Wordpress Transparency report - Yahoo! Yahoo United States Industry Yes Yes Transparency report - Time Warner Cable United States Industry Yes Yes TimeWarnerCable Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

State of the Internet Internet trends including broadband adoption, Akamai United States Industry Yes Yes Yes mobile connectivity, IPv4 and IPv6 adoption, website performance & Internet disruptions Cloudflare Blog Cloudflare blog Cloudflare United States Industry Yes Yes CVE database CVE is a publicly available and free to use list MITRE United States Industry Yes Yes or dictionary of standardized identifiers for common computer vulnerabilities and exposures. Digital attack map Digital Attack Map is a live data visualization of Arbor Networks ATLAS United States Industry Yes Yes DDoS attacks around the globe. The tool threat analysis surfaces anonymous attack traffic data to let users explore historic trends and put infosec breaking news events into context. DNSDB historical and real-time global DNS Farsight Security United States Industry Yes configuration and content data GDELT Event Database quarter-billion records organized into a set of GDELT United States Industry Yes tab-delimited files by date since 2013 GDELT Real time analysis Example of Big Query possibility, can be done GDELT United States Industry Yes by country/ subject Speedtest Intelligence Database of crowdsourced connection test Ookla United States Industry Yes results Team Cymru monitoring Prefix Route Statistics are all up to date Team Cymru monitoring United States Industry Yes capabilities capabilities Virus Total Binary signature database Google United States Industry Yes Blue Coat Webpulse Site URL Categorisation service, 'tool to check the Blue Coat United States Industry Yes Review - Request current categorization of WebPulse URL ratings and to report sites that are incorrectly categorized' GDELT Global Knowledge Two parallel data streams, one encoding the GDELT United States Industry Yes Graph entire knowledge graph with all of its fields, and the other encoding only the subset of the graph that records "counts" of a set of predefined categories like number of protesters, number killed, or number displaced or sickened.

URL Categories URL Categorisation service Open DNS United States Industry Yes GDELT Daily trend report Daily Trend Reports GDELT United States Industry Yes Transparency report - Cloudflare United States Industry Yes Cloudflare - first half 2014 Aid Worker Security Database Incident data is collected both from public Humanitarian Outcomes United States Civil Society Yes sources, through systematic media filtering, and from information provided directly to the project by aid organisations and operational security entities. Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

Gaza NGO Safety Office - web page showing latest SMS alerts Gaza NGO Safety Office Palestinian Civil Society Yes Incident Alerts Territory Global Censorship tracking internet censorship proposals Electronic Frontier United States Civil Society Yes Chokepoints worldwide Foundation EFF NGO Safety Program NSP daily/weekly reports and advisories NGO Safety Program NSP Somalia Civil Society Yes Reports Pakistan Humanitarian Forum PHF safety includes the collection and sharing Pakistan Humanitarian Pakistan Civil Society Yes of information on the operational environment to Forum alert and advise members who operate in complex environments. Pakistan's Internet Report deals with lwaas, governance, Bytes for All Pakistan Civil Society Yes Landscape. Report interference, surveillance Report: 'Pakistan's Internet Partnership with Citizen Lab. Paksitan's Internet Bytes for All Pakistan Civil Society Yes Firewall' Firewall: ' O Pakistan, We Stand on Guard for Thee'. Analysis of Canada -based Netsweeper's role in Pakistan's censorchip regime.

Takedown Hall of Shame Bogus copyright and trademark complaints Electronic Frontier United States Civil Society Yes have threatened all kinds of creative expression Foundation EFF on the Internet. EFF's Hall Of Shame collects the worst of the worst IFEX Country Reports County reports based sources from partners. International Freedom of Canada Civil Society Yes Focus on journalism Expression exchange IFEX

Digital Security First Aid Kit short guides for human rights defenders who Association for United States Civil Society Yes find themselves in emergencies related to Progressive communication and digital security. Infographic Communications APC with links to guides Secure Messaging Scorecard secure & usable crypto - which apss keep your Electronic Frontier United States Civil Society Yes messaging safe? (work in progress) Foundation EFF Surveillance self-defense Tips, Tools and How-tos for Safer Online Electronic Frontier United States Civil Society Yes Communications Foundation EFF ASL 19 Blog Blog posts on surveillance, circumvention tools ASL19 Canada Yes Yes Yes Yes etc. China Digital Times China Digital Times United States Yes Yes Yes Targeted Threat Analysis of malware attacks according to social Citizen Lab Canada Yes Yes engineering sophistication and technical sophistication Psiphon Circumvention Data Psiphon Inc Canada Yes Yes ANHRI - Reports Overview of topics, all in detail divided in Arabic Network for Human Egypt Yes Yes 'ANHRI Statements' 'Breaking News' and ' Rights Information Focus' Outages Dyn was formarly known as Renesys Dyn Research (Renesys) United States Yes Yes Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

"the network is aware" social using network data to detect DPI School of Information United States Yes science research on deep Sciences Syracuse packet inspection University -Research center 'Internet Governance Project' Phoenix under construction, follow up of Open Event Open Event Data Alliance United States Yes Data World Alert live alerts and reports from high-risk countries International NGO Safety United States Yes for senior security personnel only, mailing list Organisation INSO

Accessibility Top Sites in blocked or restricted the last 30+ days Great Fire United States Yes Yes China Keywords keywords blocked 90+ days Great Fire United States Yes Yes Transparency Public and Corporate Transparency Citizen Lab Canada Yes Yes VPNs & Proxies blocked 90+ days Great Fire United States Yes Yes Network Interference Measuring Censorship and Network Citizen Lab Canada Yes Interference CIA The World Factbook Overview country reports Central Intelligence United States Yes Agency (CIA) ISOC - Internet Measurement Determine the impact of technical, policy, and Internet Society (ISOC) International Yes Project development efforts on the Internet, and the broader impact of the Internet on the economy.

Majlis Monitor Decisions of local politicians around a topic, ASL19 Canada Yes written in Farsi Country travel advice and Travel Advice Government of Canada Canada advisories Global Right to Information Rating results on all 93 countries with national Centre for Law and Canada Rating right to information laws Democracy IATI datasets overview 3806 datasets by NGOs and funders. IATI International

Meidoon Watch Uncovers and analyses the trends in the top ASL19 Canada 100 shared stories of meidoon.com Rouhani meter The Rouhani Meter is an attempt to monitor the ASL19 Canada performance of Iranian President Hassan Rouhani by documenting what has been achieved as opposed to his promises. Smartraveller Travel advice - Overview countries, info on Australian Governement Australia health, laws, lgbti, safety and security and Departement of Foreign more. Affairs and Trade Country Data incident tracking, analysis reports members only International NGO Safety United States Yes Organisation INSO Digital Defenders Partnership Digital Emergency Response Open Technology Fund United States Yes Yes Yes Yes Yes Annex Data Sources List: Projects

ECSA Capabilities Name Description Organisation Country EU Direct Indirect Incident Incident Trend Support Internet & Stakeholder Stakeholder Detection Analysis Analysis Mitigation Human Rights

ISC Country Reports These reports are private and written by the Counterpart International United States Yes Yes Yes ISC experts in collaboration with local civil society and other experts. Crypto Cat Monitor Cryptocat Network Monitor - network activity Crypto Cat United States Yes Yes heat map European Court of Human Extensive data on judicial dissents, biographical Georgetown University United States Yes Rights Data characteristics of judges, and information on cases. Global Stats Cryptocat Network Monitor - network activity Crypto Cat United States Yes heat map Annex Data Sources List: Data Sets

This data set is licensed under the Open Database License v1.0 (http://opendatacommons.org/licenses/odbl/1.0/) ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Tools - political memory Tools - political La Quadrature du Yes 0 Direct https://wiki.laquadrature.net/Politica Yes Yes Yes Yes Yes Yes Semi-Structured Yes memory Net l_Memory Yes 26 Chokepoint Project Beta Chokepoint Project Chokepoint Yes 0 Direct https://beta.chokepointproject.net/ Yes Yes Yes Yes Yes Structured Yes Beta Project Yes Virtual Roads Virtual Roads Qurium Yes 0 Direct https://www.qurium.org/services/ Yes Yes Yes Yes Structured Yes Cyber-censorship in 2012 overview Cyber-censorship in Reporters Yes 0 Direct http://surveillance.rsf.org/en/things- Yes Yes Yes Yes Unstructured Yes 2012 overview Without Borders to-be-noted/ The enemies of the internet - The enemies of the Reporters Yes 0 Direct http://surveillance.rsf.org/en/syria/ Yes Yes Yes Yes Unstructured Yes Surveillance - Syria internet Without Borders Lgbt republic, an online reality? LGBT in Iran Small Media Yes 0 Direct http://smallmedia.org.uk/lgbtrepubli Yes Yes Yes Yes Unstructured Yes c.pdf Iranian Infrastructure and Policy Iranian Infrastructure Small Media Yes 0 Direct http://www.smallmedia.org.uk/cont Yes Yes Yes Unstructured Yes Report and Policy Report ent/120 Global Partners Digital - reports Global Partners Digital Global Partners Yes 0 Direct http://www.gp- Yes Yes Yes Unstructured Yes - Reports digital.org/publications/gpd- publications/ Global Partners Digital - reports - Global Partners Digital Global Partners Yes 0 Direct http://www.gp-digital.org/wp- Yes Yes Yes Unstructured Yes Reports,Deciphering interactive Russia map, also Reports,- Reports interactive Index on Yes 0 Direct http://mediafreedom.ushahidi.com/content/uploads/pubs/FINAL%20- Yes Yes Yes Semi-Structured Yes available as list map, also available as Censorship main list Yes Satellite Jamming in Iran Satellite Jamming in Small Media Yes 0 Direct http://smallmedia.org.uk/sites/defau Yes Yes Yes Unstructured Yes Iran lt/files/Satellite%20Jamming.pdf

Your Freedom Server Usage Your Freedom Your Freedom Yes 0 Direct http://your-freedom.net/142/ Yes Yes Yes Semi-Structured Yes Yes Alkasir Censorship Map Alkasir Censorship The Julia Group Yes 0 Direct https://alkasir.com/map Yes Yes Yes Structured Yes Map Yes OONI OONI Hermes Center Yes 0 Direct https://ooni.torproject.org/reports/ Yes Yes Yes Structured Yes for Transparency and Digital Human Rights Yes OONI - Great Brittain OONI Hermes Center Yes 0 Direct https://ooni.torproject.org/reports/0. Yes Yes Yes Structured Yes for Transparency 1/GB/ and Digital Human Rights Yes OONI - Pakistan OONI Hermes Center Yes 0 Direct https://ooni.torproject.org/reports/0. Yes Yes Yes Structured Yes for Transparency 1/PK/ and Digital Human Rights Yes OONI - Tunisia OONI Hermes Center Yes 0 Direct https://ooni.torproject.org/reports/0. Yes Yes Yes Structured Yes for Transparency 1/TN/ and Digital Human Rights Yes OONI - Turkey OONI Hermes Center Yes 0 Direct https://ooni.torproject.org/reports/0. Yes Yes Yes Structured Yes for Transparency 1/TR/ and Digital Human Rights Yes BLOCKED! BLOCKED! Open Rights Yes 0 Direct https://www.blocked.org.uk/isp- Yes Yes Yes Structured Yes Group results Yes Responsible Data Resources Responsible Data the engine room Yes 0 Direct https://responsibledata.io/category/r Yes Yes Yes Yes Semi-Structured Yes Program esources/ Yes Ways to practise responsible Responsible Data the engine room Yes 0 Direct https://responsibledata.io/wp- Yes Yes Yes Yes Unstructured Yes development data Program content/uploads/2014/10/responsib le-development-data-book.pdf Crypto Law Crypto Law Tilburg University Yes 0 Direct http://www.cryptolaw.org/ Yes Yes Yes Semi-Structured Yes Yes Cyber Arabs CyberArabs Institute for War Yes 0 Direct https://www.cyber- Yes Yes Yes Unstructured Yes and Peace arabs.com/?cat=20 Reporting IWPR Data Risk checker Responsible Data the engine room Yes 0 Direct https://responsibledata.io/forums/d Yes Yes Yes Semi-Structured Yes Program ata-risk-checker/ Yes Digital Defenders Partnership Digital Defenders HIVOS Yes 0 Direct https://digitaldefenders.org/ Yes Yes Yes Structured Yes Partnership Yes Surveillance state - Finspy Surveillance state Bureau of Yes 0 Direct http://www.thebureauinvestigates.c Yes Yes Yes Unstructured Yes Investigative om/2012/09/11/government-ramps- journalism up-controls-on-finspy-surveillance- software/ Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Surveillance state - Mass Surveillance state Bureau of Yes 0 Direct http://www.thebureauinvestigates.c Yes Yes Yes Unstructured Yes surveillance regime does not breach Investigative om/2014/12/05/mass-surveillance- human rights law, tribunal rules journalism regime-does-not-breach-human- rights-law-tribunal-rules/

Surveillance state - QC: RIPA codes Surveillance state Bureau of Yes 0 Direct http://www.thebureauinvestigates.c Yes Yes Yes Unstructured Yes of practice will not protect journalists Investigative om/2014/12/09/qc-ripa-codes-of- from police surveillance journalism practice-will-not-protect-journalists- from-police-surveillance/

Map News on Surveillance CAUSE Yes 0 Direct http://globalcause.net/#problem Yes Yes Yes Semi-Structured Yes Technologies Yes Recourses Archive News on Surveillance CAUSE Yes 0 Direct http://globalcause.net/resources/ar Yes Yes Yes Semi-Structured Yes Technologies chive Yes Barhain FinFisher Logs Internet Protection Lab Free Press Yes 0 Direct http://internetprotectionlab.net/2014 Yes Yes Yes Semi-Structured Yes Unlimited /08/09/finfisher-hack-the-bahrain- logs/ Yes Exporting Censorship and Exporting Censorship HIVOS Yes 0 Direct https://hivos.org/sites/default/files/e Yes Yes Yes Unstructured Yes Surveillance Technology and Surveillance xporting_censorship_and_surveilla Technology nce_technology_by_ben_wagner.p df Tools - NSA-observer Tools - NSA-observer La Quadrature du Yes 0 Direct https://www.nsa-observer.net/ Yes Yes Yes Unstructured Yes Net Trackography Me and My Shadow Tactical Yes 0 Direct https://trackography.org/ Yes Yes Yes Semi-Structured Yes Technology Collective Yes Globaleaks Globaleaks Hermes Center Yes 0 Direct https://github.com/globaleaks/Glob Yes Yes Yes Structured Yes for Transparency aLeaks/wiki and Digital Human Rights Yes Domains and IP Intelligence Domains and IP Chokepoint Yes 0 Direct http://api.diid.co/ Yes Structured Yes Database DIID (Currently down) Intelligence Database Project DIID Tools - Wiki Tools - Wiki La Quadrature du Yes 0 Direct https://wiki.laquadrature.net/Main_P Yes Yes Unstructured Yes Net age Press Freedom Barometer Press Freedom Reporters Yes 0 Direct http://en.rsf.org/press-freedom- Yes Yes Semi-Structured Yes Barometer Without Borders barometer-netizens-and-citizen- journalists.html?annee=2014 Front line news archive Front line news Frontline Yes 0 Direct http://www.frontlinedefenders.org/n Yes Semi-Structured Yes archive Defenders ews Syria overview Front line news Frontline Yes 0 Direct http://www.frontlinedefenders.org/s Yes Semi-Structured Yes archive Defenders yria Tunisia overview Front line news Frontline Yes 0 Direct http://www.frontlinedefenders.org/tu Yes Semi-Structured Yes archive Defenders nisia GSMMap GSMMap Security Yes 0 Monitoring http://gsmmap.org/ Yes Yes Yes Structured Yes Research Labs Netcraft Hosting Provider Netcraft Monitoring Netcraft Yes 0 Monitoring http://uptime.netcraft.com/perf/repo Yes Yes Structured Yes Performance Monitoring Services rts/Hosters Connected partners Connected partners AMS-IX Yes 0 Monitoring https://ams- Yes Structured Yes ix.net/connected_parties Statistics traffic analysis Statistics traffic AMS-IX Yes 0 Monitoring https://ams- Yes Structured Yes analysis ix.net/technical/statistics/sflow-stats

Netnod connected networkd IX Netnod connected Netnod Yes 0 Monitoring https://www.netnod.se/ix/members Yes Structured Yes members networkd IX members Netnod ntp-servers Netnod connected Netnod Yes 0 Monitoring http://tempus.sp.se/netnod/ Yes Structured Yes networkd IX members Netnod statistics Netnod connected Netnod Yes 0 Monitoring https://www.netnod.se/ix/statistics Yes Structured Yes networkd IX members RIPE Atlas - Anchor locations RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/anchors/map/ Yes Structured Yes

RIPE Atlas - Comparative DNS root RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/results/maps/c Yes Structured Yes RTT omparative-dns-root-rtt/ RIPE Atlas - Comparative DNS root RIPE Atlas RIPE NCC Yes 0 Monitoring https://stat.ripe.net/AS15696#tabId Yes Structured Yes RTT - example Iran - probe =at-a-glance RIPE Atlas - DNS monitoring RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/dnsmon/ Yes Structured Yes RIPE Atlas - DNS Root Instances RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/contrib/root_an Yes Structured Yes ycast.html?msm_id=1 RIPE atlas - DNS Root server RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/contrib/udp_tcp Yes Structured Yes TCP/UDP performances _root_rtt.html?root_id=1 Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU RIPE Atlas - Global Ripe atlas RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/results/maps/n Yes Structured Yes network coverage etwork-coverage/ RIPE Atlas - map visualisations RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/results/maps/ Yes Structured Yes

Ripe Atlas - NLNOG RING nodes RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/targets/ringnod Yes Structured Yes used as targets es/map/ RIPE Atlas - Percentage of RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/contrib/density. Yes Structured Yes connected probes per country html RIPE Atlas - Reachability of fixed RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/results/maps/re Yes Structured Yes destinations achability/ RIPE Atlas -RTT measurements to RIPE Atlas RIPE NCC Yes 0 Monitoring https://atlas.ripe.net/results/maps/rtt- Yes Structured Yes fixed destinations fixed/ RIPE Database Query RIPE Database Query RIPE NCC Yes 0 Monitoring https://apps.db.ripe.net/search/quer Yes Structured Yes y.html Ripe stats Country Routing Statistics - RIPEstat RIPE NCC Yes 0 Monitoring https://stat.ripe.net/widget/country- Yes Structured Yes Belarus routing- stats#w.resource=by&w.zoom_start =1417276800000&w.zoom_end=1 417612500000&w.comparison=no

Ripe stats Country Routing Statistics - RIPEstat RIPE NCC Yes 0 Monitoring https://stat.ripe.net/widget/country- Yes Structured Yes Iran routing- stats#w.resource=ir&w.zoom_start =1417276800000&w.zoom_end=1 417612500000&w.comparison=no

Ripe stats Country Routing Statistics - RIPEstat RIPE NCC Yes 0 Monitoring https://stat.ripe.net/widget/country- Yes Structured Yes Angola routing-stats#w.resource=ao RIPEstat RIPEstat RIPE NCC Yes 0 Monitoring https://stat.ripe.net/ Yes Structured Yes Syrian Internet Monitor RIPEstat RIPE NCC Yes 0 Monitoring https://stat.ripe.net/widget/syria- Yes Structured Yes monitor Netcraft OCSP Responder Netcraft Monitoring Netcraft Yes 0 Monitoring http://uptime.netcraft.com/perf/repo Yes Yes Structured Yes Services rts/performance/OCSP Netcraft SSL Survey Netcraft Monitoring Netcraft Yes 0 Monitoring http://www.netcraft.com/internet- Yes Yes Structured Yes Services data-mining/ssl-survey/ Andy Muller- Yes 0 Monitoring http://buggedplanet.info/index.php? Yes Semi-Structured Yes Buggedplanet.info Buggedplanet.info Maguhn title=Main_Page Region and country archives - Region and country International Yes 0 Monitoring http://www.icj.org/country/africa/ang Yes Semi-Structured Yes Angola archives Commission of ola/ Jurists Region and country archives - Region and country International Yes 0 Monitoring http://www.icj.org/country/europe/b Yes Semi-Structured Yes Belarus archives Commission of elarus/ Jurists Region and country archives - United Region and country International Yes 0 Monitoring http://www.icj.org/country/europe/u Yes Semi-Structured Yes Kingdom archives Commission of nited-kingdom/ Jurists ECHR - Factsheets and Country ECHR - Factsheets European Court Yes 0 Institutional http://www.echr.coe.int/Pages/hom Yes Semi-Structured Yes Profiles and Country Profiles of Human Rights e.aspx?p=press/factsheets&c= ECHR - Statistics by articles and by ECHR - Statistics European Court Yes 0 Institutional http://www.echr.coe.int/Pages/hom Yes Semi-Structured Yes states of Human Rights e.aspx?p=reports&c= ECHR - Statistics by month 2015 ECHR - Statistics European Court Yes 0 Institutional http://www.echr.coe.int/Pages/hom Yes Semi-Structured Yes of Human Rights e.aspx?p=reports&c= ECHR - Statistics by year 2014 ECHR - Statistics European Court Yes 0 Institutional http://www.echr.coe.int/Pages/hom Yes Semi-Structured Yes of Human Rights e.aspx?p=reports&c= HUDOC Hudoc European Court Yes 0 Institutional http://hudoc.echr.coe.int/sites/eng/ Yes Structured Yes of Human Rights Europe Media Monitor - Sources List Europe Media Monitor European Yes 0 Institutional http://emm.newsbrief.eu/NewsBrief/ Yes Structured Yes Commission - sourceslist/en/list.html Joint Research Centre (JRC) Eurostat Database Eurostat Database Eurostat Yes Institutional http://ec.europa.eu/eurostat/data/d Yes Structured Yes atabase Access to Data Protection Remedies Access to Data European Union Yes 0 Institutional http://fra.europa.eu/en/country- Yes Semi-Structured Yes in EU Member States Protection Remedies Agency for data/2014/ad-hoc-information- in EU Member States Fundamental reports-access-data-protection- Rights FRA remedies EU Situation Room EU Situation Room European Union Yes 0 Institutional http://eeas.europa.eu/crisis- Yes Structured Yes External Action response/what-we-do/eu-situation- EUEA room/index_en.htm Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Global Alert Map Global Alert Map RSOE EDIS Yes 0 Institutional http://hisz.rsoe.hu/alertmap/index2. Yes Semi-Structured Yes php Transparency report - Deutsche Transparency report - Deutsche Yes 0 Industry http://www.telekom.com/corporate- Yes Yes Yes Yes Yes Semi-Structured Yes Telekom - corporate responsibility - Deutsche Telekom Telekom responsibility/data- data protection protection/239498 Yes Transparency report - Deutsche Transparency report - Deutsche Yes 0 Industry http://www.telekom.com/corporate- Yes Yes Yes Yes Yes Semi-Structured Yes Telekom - Status report on data Deutsche Telekom Telekom responsibility/data-protection/24582 privacy Yes Transparency report - Posteo 2013 Transparency report - Posteo Yes 0 Industry https://posteo.de/en/site/transparen Yes Yes Yes Yes Yes Semi-Structured Yes Posteo cy_report_2013#tbtabellen Yes Tranparency report - TeliaSonera Transparency report - TeliaSonera Yes 0 Industry http://www.teliasonera.com/en/sust Yes Yes Yes Yes Yes Semi-Structured Yes 2013, 2014 TeliaSonera ainability/transparency-report/ Yes Vodafone Sustainability - Law Vodafone Vodafone Yes 0 Industry http://www.vodafone.com/content/d Yes Yes Yes Yes Yes Semi-Structured Yes Enforcement Disclosure Report Sustainability - Law am/sustainability/2014/pdf/operatin Enforcement g- Disclosure Report responsibly/vodafone_law_enforce ment_disclosure_report.pdf Yes Transparency report Cyber Ghost Transparency report Cyber Ghost Yes 0 Industry http://www.cyberghostvpn.com/en_ Yes Yes Unstructured Yes 2011 - 2014 Cyber Ghost 2011 - us/transparency-report 2014 Guides - Save the Titanic Guides - Save the Open Data Yes 0 Industry http://theodi.org/guides/save-the- Yes Unstructured Yes Titanic Institute ODI titanic-handson-anonymisation-and- risk-control-of-publishing-open- data Open data barometer Open data barometer Open Data Yes 0 Industry http://theodi.github.io/open-data- Yes Structured Yes Country wiki pages Country wiki page Buggedplanet Yes 0 Civil Society http://buggedplanet.info/index.php? Yes Semi-Structured Yes Vendors of SIGINT/COMINT/Legal Vendors of Buggedplanet Yes 0 Civil Society http://buggedplanet.info/index.php? Yes Semi-Structured Yes Interception and supporting SIGINT/COMINT/Lega title=Main_Page#Vendors_of_SIGI Technologies and Systems l Interception and NT.2FCOMINT.2FLI_and_supporti supporting ng_Technologies_and_Systems Technologies and Systems BBC Blogs - Tunisia BBC Media Action BBC Yes 0 Civil Society http://www.bbc.co.uk/blogs/bbcmed Yes Unstructured Yes iaaction/tags/Tunisia Publication and Resources - BBC Media Action BBC Yes 0 Civil Society http://www.bbc.co.uk/mediaaction/p Yes Unstructured Yes Governance and media in Angola ublications-and- resources/research/summaries/afri ca/angola/governance-and-media Publication and Resources - Pakistan BBC Media Action BBC Yes 0 Civil Society http://www.bbc.co.uk/mediaaction/p Yes Unstructured Yes ublications-and- resources/search?region=asia&cou ntry=Pakistan&genre=all- publications-and- resources&type=all-documents Publication and Resources -Tunisia BBC Media Action BBC Yes 0 Civil Society http://www.bbc.co.uk/mediaaction/p Yes Unstructured Yes ublications-and- resources/search?region=middle- east-and-north- africa&country=Tunisia&genre=all- publications-and- resources&type=all-documents BBC Monitoring BBC Monitoring BBC Yes 0 Civil Society http://www.bbc.co.uk/monitoring Yes Unstructured Yes Yes CFI - Newsletter CFI - Newsletter Canal France Yes 0 Civil Society http://en.cfi.fr/newsletter/subscribe Yes Unstructured Yes International CFI Detekt - Resist Surveillance Detekt Amnesty Yes 0 https://resistsurveillance.org/index.h Yes Yes Yes Structured Yes international tml Yes Euro-IX - IXP Service Matrix Euro-IX - IXP Service European Internet Yes 0 https://www.euro-ix.net/tools/ixp- Yes Structured Yes Matrix Exchange Points service-matrix/ Association (Euro- IX)

Euro-IX - Peering Matrix Euro-IX - Peering European Internet Yes 0 https://www.euro- Yes Structured Yes Matrix Exchange Points ix.net/tools/peering_matrix Association (Euro- IX)

No Spyware for Dictators No Spyware for The Greens Yes 0 https://no-spyware-for-dictators.eu/ Yes Unstructured Yes Dictators digital safety - all posts at a glance digital safety - all posts Deutsche Welle Yes 0 http://akademie.dw.de/digitalsafety/ Yes Unstructured Yes at a glance Akademie all-posts-at-a-glance/ Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU digital safety - know your enemy digital safety - know Deutsche Welle Yes 0 http://akademie.dw.de/digitalsafety/ Yes Unstructured Yes your enemy Akademie know-your-enemy-security-tips- from-tunisian-cyberactivist-slim- amamou/ Media freedom indices, what they tell Media freedom Deutsche Welle Yes 0 http://www.dw.de/popups/pdf/3715 Yes Unstructured Yes us and what they don't indices, what they tell Akademie 7168/edition-dw-akademie-01-2014- us and what they don't pdf.pdf

GISwatch - report - Circumventing GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes surveillance of internet Information t/files/circumventing_surveillance_o communications - Syria Society Watch - f_internet_communications.pdf GISwatch GISWatch - report - Failures of GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes Governance - Pakistan Information t/files/gisw_12_cr_pakistan.pdf Society Watch - GISwatch GISwatch - report - GCHQ: The GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes NSA's little brother... not so little Information t/files/gchq_the_nsas_little_brother. anymore - UK Society Watch - pdf GISwatch GISWatch - report - Pakistan GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes Dominates the surveillance hall of Information t/files/pakistan_dominates_the_sur shame Society Watch - veillance_hall_of_shame.pdf GISwatch GISwatch - report - Pushing for GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes corporate accountability in the UK Information t/files/gisw_12_cr_united_kingdom. Society Watch - pdf GISwatch GISWatch - report - Shaping ICTs in GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes Pakistan using women’s Information t/files/pakistan_gisw13.pdf empowerment principles Society Watch - GISwatch GISWatch - report - The Internet and GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes civil resistance: freedoms and state Information t/files/gisw_-_iran.pdf repression - Iran Society Watch - GISwatch GISWatch - report - Women's rights, GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes gender and ICT - Iran Information t/files/iran_gisw13.pdf Society Watch - GISwatch GISwatch - report - Women's rights, GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes gender and ICTs in Syria Information t/files/syria_gisw13.pdf Society Watch - GISwatch GISWatch - report- Communications GISWatch - reports Global Yes 0 http://giswatch.org/communication- Yes Unstructured Yes rights ten years after the World Information rights-ten-years-after-world-summit- Summit on the Information Society Society Watch - information-society-wsis-civil- (WSIS): Civil society perceptions GISwatch society-perceptions

GISwatch - report- New Big Brother, GISWatch - reports Global Yes 0 http://www.giswatch.org/en/country- Yes Unstructured Yes non-existent reforms - Tunisia Information report/communications- Society Watch - surveillance/tunisia GISwatch GISwatch - report- Young Syrians GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes tackle corruption using the internet Information t/files/gisw_12_cr_syria.pdf Society Watch - GISwatch GISwatch- report - So you want a GISWatch - reports Global Yes 0 http://www.giswatch.org/sites/defaul Yes Unstructured Yes surveillance state? - Turkey Information t/files/so_you_want_a_surveillance Society Watch - _state.pdf GISwatch Foreign affairs - travel advice Foreign affairs - travel Gov uk Yes 0 https://www.gov.uk/foreign-travel- Yes Unstructured Yes advice advice Foreign affairs - travel advice - Foreign affairs - travel Gov uk Yes 0 https://www.gov.uk/foreign-travel- Yes Unstructured Yes Angola advice advice/angola Foreign affairs - travel advice - Foreign affairs - travel Gov uk Yes 0 https://www.gov.uk/foreign-travel- Yes Unstructured Yes Belarus advice advice/belarus Middle East Monitor News Middle East Monitor Middle East Yes 0 https://middleeastmonitor.com/new Yes Unstructured Yes News Monitor s Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Open Spending - Datasets Open Spending - Open Spending Yes 0 https://openspending.org/datasets Yes Structured Yes Yes Datasets database Open Corporates opencorporates Yes 0 https://opencorporates.com/ Yes Structured Yes database - example Open Corporates opencorporates Yes 0 https://opencorporates.com/compa Yes Structured Yes nies/gb/06343869 Common Vulnerabilities Exposure, Common Computer Yes 0 Institutional http://cve.circl.lu/browse/ Yes Structured Yes by vendor Vulnerabilities Incident Reponse Exposure Center Luxembourg CIRCL FATA Internet Café Regulation FATA Internet Café Iran Media Yes Research http://iranmediaresearch.org/en/blo Yes Yes Yes Unstructured Yes Regulation Program – g/218/13/04/08/1322/ University of Pennsylvania ONI Filtering Data ONI - Filtering Data Open Net 0 Research http://opennet.net/sites/opennet.net Yes Yes Yes Structured Yes Initiative /files/ONI_data-20130920.zip Open Net Initiative - Iran report - ONI - Reports Open Net 0 Research https://opennet.net/sites/opennet.ne Yes Yes Yes Structured Yes internet controls int Iran 2009 -2012 Initiative t/files/iranreport.pdf Open Net Initiative Country Profiles - ONI - Country Profiles Open Net 0 Research https://opennet.net/research/profile Yes Yes Yes Structured Yes Aghanistan Initiative s/afghanistan Open Net Initiative Country Profiles - ONI - Country Profiles Open Net 0 Research https://opennet.net/research/profile Yes Yes Yes Structured Yes OpenBelarus Net Initiative Country Profiles - ONI - Country Profiles OpenInitiative Net 0 Research https://opennet.net/research/profiles/belarus Yes Yes Yes Structured Yes Iran Initiative s/iran Open Net Initiative Country Profiles ONI - Country Profiles Open Net 0 Research http://opennet.net/sites/opennet.net Yes Yes Yes Structured Yes Aghanistan Initiative /files/afghanistan.pdf Citation Filtered Citation Filtered Collin Anderson Yes Research https://github.com/collina/citationref Yes Yes Yes Structured Yes erence/tree/master/data/ir Citation Filtered Citation Filtered Collin Anderson Yes Research http://www.global.asc.upenn.edu/fil Yes Yes Yes Structured Yes eLibrary/PDFs/CItation_Filtered_Wi kipedia_Report_11_5_2013-2.pdf

ICLab ICLab ICLab Yes Research https://iclab.org/ Yes Yes Yes Structured Yes Traffic Disruptions Google Traffic Google Yes Research http://www.google.com/transparenc Yes Structured Yes Disruptions Transparency yreport/traffic/data/ Report Traffic Disruptions - Iran Google Traffic Google Yes Research http://www.google.com/transparenc Yes Structured Yes Disruptions Transparency yreport/traffic/disruptions/#region=I Report R Traffic Disruptions - Pakistan Google Traffic Google Yes Research http://www.google.com/transparenc Yes Structured Yes Disruptions Transparency yreport/traffic/disruptions/#region=P Report K Traffic Disruptions - Syria Google Traffic Google Yes Research http://www.google.com/transparenc Yes Structured Yes Disruptions Transparency yreport/traffic/disruptions/#region=S Report Y Traffic Disruptions - Turkey Google Traffic Google Yes Research http://www.google.com/transparenc Yes Structured Yes Disruptions Transparency yreport/traffic/disruptions/#region=T Report R Tom-Skype Censorship research Tom-Skype Jeffrey Knockel Yes Research http://cs.unm.edu/~jeffk/tom-skype/ Yes Structured Yes Yes Censorship research Tom-Skype Censorship research Tom-Skype Jeffrey Knockel Yes Research http://cs.unm.edu/~jeffk/tom- Yes Structured Yes Yes Censorship research skype/dlist-3.6/LATEST.plain Android Observatory Android Observatory Carleton 0 Research https://androidobservatory.org/ Yes Structured Yes Computer Security Lab Google Malware Dashboard Google Malware Google Yes Research http://www.google.com/transparenc Yes Structured Yes Dashboard Transparency yreport/safebrowsing/?hl=en Report World Intermediary Liability Map World Intermediary Center for Yes Research http://cyberlaw.stanford.edu/our- Yes Semi-Structured Yes Liability Map Internet and work/projects/world-intermediary- Society, Stanford liability-map-wilmap Law School Access now - Transparency Access now - Access now Yes Monitoring https://www.accessnow.org/pages/t Yes Yes Yes Yes Yes Semi-Structured Yes Reporting Index Transparency ransparency-reporting-index Reporting Index What microsoft transparency report Access now - Access now Yes Monitoring https://www.accessnow.org/blog/20 Yes Yes Yes Yes Yes Unstructured Yes does not tell us about Skype Transparency 13/04/03/what-the-microsoft- Reporting Index transparency-report-does-and-does- not-tell-us-about-skyp Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU 2010 Circumvention Tool Usage 2010 Circumvention Berkman Centre Yes Monitoring http://cyber.law.harvard.edu/sites/cy Yes Yes Yes Yes Semi-Structured Yes Report Tool Usage Report for Internet and ber.law.harvard.edu/files/2010_Circ Society umvention_Tool_Usage_Report.pd f Herdict Herdict Berkman Centre Yes Monitoring http://www.herdict.org/api/query Yes Yes Yes Yes Structured Yes for Internet and Society Filbaan Filbaan Internews Yes Monitoring https://www.filbaan.net/ Yes Yes Yes Semi-Structured Yes Netizen Report Netizen Report Global Voices Yes Monitoring http://advocacy.globalvoicesonline. Yes Yes Yes Unstructured Yes Advocacy org/categories/special/netizen- report/#_=_ Internet Monitor Access Index Internet Monitor Berkman Centre Yes Monitoring https://thenetmonitor.org/sources Yes Yes Yes Structured Yes for Internet and Society Cables Wikileaks Cables Wikileaks Yes Monitoring Yes Yes Yes Yes Semi-Structured Yes Tool metrics Tool metrics Open Internet Yes Monitoring https://openitp.org/best- Yes Yes Yes Unstructured Yes Tools Project practices/using-metrics-in-floss- security-tools.html Survey of State Location Privacy Survey of State Centre for Yes Monitoring https://cdt.org/insight/survey-of- Yes Yes Yes Yes Structured Yes Legislation Location Privacy Democracy and state-location-privacy-legislation/ Legislation Technology Tecnologias de vigilância e Tecnologias de Antivigilancia 0 Monitoring https://antivigilancia.org/pt/tecnologi Yes Yes Yes Unstructured Yes antivigilância vigilância e as/ antivigilância Spyfiles Wikileaks Spyfiles Wikileaks Yes Monitoring https://www.wikileaks.org/The- Yes Yes Yes Semi-Structured Yes Spyfiles-The-Map.html Spyfiles 1 Wikileaks Spyfiles Wikileaks Yes Monitoring https://www.wikileaks.org/spyfiles/lis Yes Yes Yes Semi-Structured Yes t/releasedate/2011-12-01.html Spyfiles 2 Wikileaks Spyfiles Wikileaks Yes Monitoring https://www.wikileaks.org/spyfiles/lis Yes Yes Yes Semi-Structured Yes t/releasedate/2011-12-08.html Spyfiles 3 Wikileaks Spyfiles Wikileaks Yes Monitoring https://wikileaks.org/spyfiles3 Yes Yes Yes Semi-Structured Yes Spyfiles 4 Wikileaks Spyfiles Wikileaks Yes Monitoring https://wikileaks.org/spyfiles4/ Yes Yes Yes Semi-Structured Yes Root Server Archives Root Servers ICANN Yes Monitoring http://root-servers.org/archives/ Yes Yes Yes Structured Yes Afrinic Internet Measurement Afrinic Internet Afrinic 0 Monitoring http://www.afrinic.net/en/initiatives/a Yes Structured Yes Partnership Measurement frinicripe-atlas Partnership Measurement lab - Performance - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (NDT) Performance Lab om/storage/m-lab/ndt/ Measurement lab - State - (Paris Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes Traceroute) State Lab om/storage/m-lab/paris-traceroute/

Measurement lab - State - (Reverse Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes Traceroute) State Lab om/storage/m-lab_revtr/ Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring http://uploads.projectbismark.net/ Yes Structured Yes (BISmark) Performance Lab Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (NDAP) Performance Lab om/storage/m-lab/npad/ Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring https://developers.google.com/bigq Yes Structured Yes (NDT) Performance Lab uery/docs/dataset-mlab Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (Neubot) Performance Lab om/storage/m-lab/neubot/ Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (Pathload 2) Performance Lab om/storage/m-lab/pathload2/ Measurement lab- Performance - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (Side Stream) Performance Lab om/storage/m-lab/sidestream/ Measurement lab- Performance Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes Mobile - (Mobi Perf) Performance Lab om/storage/openmobiledata_public / Measurement lab- Performance Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes Mobile - (NDT - Mobile Client) Performance Lab om/storage/m-lab/ndt/ Measurement lab- Transparency - Measurement lab - Measurement Yes Monitoring https://console.developers.google.c Yes Structured Yes (Glasnost) Transparency Lab om/storage/m-lab/glasnost/ Archipelago Measurement Archipelago The Cooperative Yes Monitoring http://www.caida.org/projects/ark/ Yes Structured Yes Infrastructure (ark) Measurement Association for Infrastructure (ark) Internet Data Analysis (CAIDA) Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU CAIDA AS Rank CAIDA data The Cooperative Yes Monitoring http://as-rank.caida.org/?mode0=as- Yes Structured Yes Association for ranking&n=20&ranksort=1 Internet Data Analysis (CAIDA)

CAIDA Data review prefix to AS CAIDA data The Cooperative Yes Monitoring http://data.caida.org/datasets/routin Yes Structured Yes mappings Dataset (pfx2as) for IPv Association for g/ 4and IPv6 Internet Data Analysis (CAIDA)

CAIDA data- Overview of datasets, CAIDA data The Cooperative Yes Monitoring http://www.caida.org/data/overview/ Yes Structured Yes monitors and reports Association for Internet Data Analysis (CAIDA)

CAIDA Trace Statistics for CAIDA CAIDA data The Cooperative Yes Monitoring http://www.caida.org/data/passive/tr Yes Structured Yes Passive OC48 and OC192 Traces Association for ace_stats/ Internet Data Analysis (CAIDA)

Concept Doppler Concept Doppler The University of Yes Monitoring http://www.conceptdoppler.org/ Yes Structured Yes New Mexico Tor Metrics - Bandwidth- Total relay Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/bandw Yes Structured Yes bandwidth in the network idth.html Tor Metrics - Bandwith - advertised Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/bandw Yes Structured Yes bandwith and bandwith history by idth-flags.html relay flags Tor Metrics - Bandwith - Advertised Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/advbw Yes Structured Yes bandwith distribution dist-perc.html Tor Metrics - Bandwith - advertised Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/advbw Yes Structured Yes bandwith of n-th fastest relays dist-relay.html Tor Metrics - Bandwith - Number of Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/dirbyte Yes Structured Yes bytes spent on answering directory s.html requests Tor Metrics - Bandwith - Relay Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/bwhist- Yes Structured Yes bandwith by Exit and/or Guard flags flags.html

Tor Metrics - Clients Data - Estimated Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/stats/cl Yes Structured Yes number of clients in the Tor networks ients.csv

Tor Metrics - Diversity- network Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/bubble Yes Structured Yes bubble graph s.html Tor metrics - Performance - Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/stats/t Yes Structured Yes Performance of downloading static orperf.csv files over Tor Tor Metrics - Servers Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/networ Yes Structured Yes k.html Tor Metrics - Servers - cloudbridges Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/cloudb Yes Structured Yes ridges.pdf Tor Metrics - Servers - Overview- Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/relayfl Yes Structured Yes Relays with exit, fast, guard, stable, ags.html hsdir flags Tor Metrics - Servers - Relays by Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/versio Yes Structured Yes Version ns.html Tor Metrics - Servers -Servers Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/networ Yes Structured Yes Network Size - relays and bridges in ksize.pdf the network Tor Metrics - Servers- Relays by Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/platfor Yes Structured Yes Platform ms.html Tor Metrics - Servers- Tor Cloud Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/cloudb Yes Structured Yes Bridges ridges.html Tor Metrics - stats -Fraction of Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/stats/c Yes Structured Yes connection used in uni-bidirectionally onnbidirect.csv

Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country ats-relay-country.html Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Angola ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=ao&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Belarus ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=by&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Iran ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=ir&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Pakistan ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=pk&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Tunisia ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=tn&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Turkey ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=tr&events=off Tor Metrics - Users - Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country- UK ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=gb&events=off Tor Metrics - Users - User stats relay Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - all countries ats-relay-country.pdf?start=2014- 09-02&events=off&end=2014-12- 01&country=all

Tor Metrics - Users- Direct users per Tor Metrics Tor Project Yes Monitoring https://metrics.torproject.org/userst Yes Structured Yes country - Syrian Arab Republic ats-relay- country.html?graph=userstats-relay- country&start=2014-09- 02&end=2014-12- 01&country=sy&events=off Routeviews Routeviews University of Yes Monitoring http://www.routeviews.org/ Yes Structured Yes Oregon - Advanced Network Technology Center ANTC Honeynet Project Map Honeynet Project Honeynet Project Yes Monitoring http://map.honeycloud.net/ Yes Structured Yes Data Sharing Program Data Sharing Program StopBadware Yes Monitoring https://www.stopbadware.org/data- Yes Structured Yes sharing Canary Watch List Canary Watch Calyx Institute Yes Monitoring https://www.canarywatch.org/ Yes Yes Semi-Structured Yes Major Episodes of Political Violence, Integrated Network for Center for Yes Monitoring http://www.systemicpeace.org/inscr Yes Yes Structured Yes 1946-2014 Societal Conflict Systemic Peace data.html Research (INSCR) Legal Threats Database Legal Threats Berkman Centre Yes Monitoring http://www.dmlp.org/database Yes Yes Structured Yes Database for Internet and Society Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Public Discourse in the Russian Public Discourse in Berkman Centre Yes Monitoring http://cyber.law.harvard.edu/publica Yes Yes Unstructured Yes Blogosphere the Russian for Internet and tions/2010/Public_Discourse_Russi Blogosphere Society an_Blogosphere 2014 Freedom in the World Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes types/freedom- world#.VHRfAoWP87x 2014 Freedom in the World - Freedom in the World Freedom House Yes Monitoring https://www.freedomhouse.org/rep Yes Yes Semi-Structured Yes aggregate and subcategory scores ort/freedom-world-aggregate-and- subcategory-scores#.VIBbxIWP87x

2014 Freedom in the World - Country Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes ratings and status by region, FIW ult/files/Country%20Status%20and 1973 - 2014 %20Ratings%20By%20Region%2 C%201973-2014.xls 2014 Freedom in the World - country Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes ratings and status, FIW 1973 - 2014 ult/files/Country%20Ratings%20an d%20Status%2C%201973- 2014%20%28FINAL%29.xls 2014 Freedom in the World - country Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes status and ratings overview, FIW ult/files/Country%20Status%20%26 1973 - 2014 %20Ratings%20Overview%2C%20 1973-2014.pdf 2014 Freedom in the World - Country Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes status by region, FIW 1973 - 2014 ult/files/Country%20Status%20By% 20Region%2C%20FIW%201973- 2014.xls 2014 Freedom in the World - Country Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes status by year, FIW 1973 - 2014 ult/files/Country%20Status%20By% 20Year%2C%20FIW%201973- 2014.xls 2014 Freedom in the World - territory Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes ratings and status, FIW 1973 - 2014 ult/files/Territory%20Ratings%20an d%20Status%2C%201973- 2014%20%28final%29.xls Freedom in the World Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/report/fre Yes Yes Semi-Structured Yes edom-world/freedom-world- 2014#.VHR7T4WP87z Freedom in the World Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes types/freedom-world#.VHR- SoWP87z Freedom in the World - Angola - Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/report/fre Yes Yes Semi-Structured Yes 2014 edom-world/2014/angola- 0#.VIBecYWP87w Freedom in the world - Belarus - Freedom in the World Freedom House Yes Monitoring https://freedomhouse.org/report/fre Yes Yes Semi-Structured Yes 2014 edom-world/2014/belarus- 0#.VIBf24WP87w Freedom of the press Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes types/freedom- press#.VHSANYWP87z Freedom of the Press 2014 Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes ult/files/FOTP_2014.pdf Freedom of the Press 2014 Data Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes types/freedom- press#.VHRiuYWP87x Freedom of the Press 2014 Data Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes catagort breakdown 1980-1989 ult/files/inline_images/FOTP%20Ca tegory%20Breakdown%201980- 1989.xls Freedom of the Press 2014 Data Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes catagort breakdown 1989 - 2014 types/freedom- press#.VIBU64WP87y Freedom of the press Detailed Data Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes and Sub-Scores 1980-2014 ult/files/FOTP2014%20Detailed%2 0Data%20and%20Subscores%201 980-2014.xls Freedom of the press scores and Freedom of the press Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes status data 1980 - 2014 ult/files/FOTP2014%20Scores%20 and%20Status%201980- 2014_0.xls Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Freedom on the Net Freedom on the Net Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes ult/files/resources/FOTN%202013_ Full%20Report_0.pdf Freedom on the net Freedom on the Net Freedom House Yes Monitoring https://freedomhouse.org/report- Yes Yes Semi-Structured Yes types/freedom- net#.VHSAzoWP87x Freedom on the net - Angola Freedom on the Net Freedom House Yes Monitoring https://freedomhouse.org/report/fre Yes Yes Semi-Structured Yes edom- net/2013/angola#.VIBHlIWP87w Freedom on the net - Belarus Freedom on the Net Freedom House Yes Monitoring https://freedomhouse.org/report/fre Yes Yes Semi-Structured Yes edom-net/2014/belarus Leaping over the Firewall, a review of Leaping over the Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes censorship circumvention tools Firewall, a review of ult/files/LOtF_Iran.pdf censorship circumvention tools Leaping over the Firewall, a review of Leaping over the Freedom House Yes Monitoring https://freedomhouse.org/sites/defa Yes Yes Semi-Structured Yes censorship circumvention tools -Iran Firewall, a review of ult/files/inline_images/Censorship.p censorship df circumvention tools Integrated Network for Societal Integrated Network for Center for Yes Monitoring http://www.systemicpeace.org/inscr Yes Structured Yes Conflict Research Societal Conflict Systemic Peace data.html Research CIRI Human Rights Dataset CIRI Human Rights David L. Yes Monitoring http://www.humanrightsdata.com/p/ Yes Structured Yes Dataset Cingranelli, David data-documentation.html L. Richards, and K. Chad Clay Privacy Library Privacy Library Morrisson Yes Monitoring http://www.mofo.com/privacylibrary/ Yes Semi-Structured Yes Foerster privacylibrarylanding Global Data Protection Handbook Global Data Protection DLA Piper Yes Monitoring http://dlapiperdataprotection.com/ Yes Semi-Structured Yes Handbook Regulations.gov Docket - Wassenaar Intrusion and Wassenaar 0 Institutional http://www.regulations.gov/#!docket Yes Yes Yes Yes Yes Semi-Structured Yes Arrangement 2013 Plenary Surveillance Items - Arrangement Detail;D=BIS-2015-0011 Agreements Implementation: Wassenaar (WA) Intrusion and Surveillance Items Arrangement 2013 Plenary Agreements Implementation Cyberwelness Profiles Global Cybersecurity International 0 Institutional http://www.itu.int/en/ITU- Yes Yes Semi-Structured Yes Index (GCI)​ Telecommunicati D/Cybersecurity/Pages/Country_Pr on Union ITU ofiles.aspx GDACS - Alerts GDACS - Alerts Global Disaster 0 Institutional http://www.gdacs.org/alerts/ Yes Structured Yes Alert and Coordination System GDACS GDACS - Data, maps and GDACS - Data, maps Global Disaster 0 Institutional http://portal.gdacs.org/data Yes Structured Yes information and information Alert and Coordination System GDACS Measuring the information society ITU - Measuring the International 0 Institutional http://www.itu.int/en/ITU- Yes Semi-Structured Yes report 2014 Information Society Telecommunicati D/Statistics/Pages/publications/mis Report on Union ITU 2014.aspx Financial Tracking Service FTS - Financial Tracking United Nation 0 Institutional http://fts.unocha.org/pageloader.as Yes Structured Yes Angola Service FTS - Office for the px?page=emerg- Financial tracking of Coordination of emergencyCountryDetails&cc=ago global aid flows Humanitarian &yr=2013 Affairs OCHA Financial Tracking Service FTS - Financial Tracking United Nation 0 Institutional http://fts.unocha.org/pageloader.as Yes Structured Yes Belarus Service FTS - Office for the px?page=emerg- Financial tracking of Coordination of emergencyCountryDetails&cc=blr global aid flows Humanitarian Affairs OCHA Financial Tracking Service FTS - Financial Tracking United Nation 0 Institutional http://fts.unocha.org/ Yes Structured Yes Financial tracking of global aid flows Service FTS - Office for the Financial tracking of Coordination of global aid flows Humanitarian Affairs OCHA Financial Tracking Service FTS - Iran Financial Tracking United Nation 0 Institutional http://fts.unocha.org/pageloader.as Yes Structured Yes Service FTS - Office for the px?page=emerg- Financial tracking of Coordination of emergencyCountryDetails&cc=irn global aid flows Humanitarian Affairs OCHA Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Humanitarian Data Exchange Humanitarian Data United Nation 0 Institutional https://data.hdx.rwlabs.org/ Yes Structured Yes Exchange Office for the Coordination of Humanitarian Affairs OCHA Humanitarian Data Exchange - Humanitarian Data United Nation 0 Institutional https://data.hdx.rwlabs.org/group/p Yes Structured Yes Pakistan Exchange Office for the ak?sort=metadata_modified+desc Coordination of Humanitarian Affairs OCHA Humanitarian Data Exchange - Syria Humanitarian Data United Nation 0 Institutional https://data.hdx.rwlabs.org/group/sy Yes Structured Yes Exchange Office for the r?sort=metadata_modified+desc Coordination of Humanitarian Affairs OCHA Humanitarian Response Humanitarian United Nation 0 Institutional http://www.humanitarianresponse.in Yes Structured Yes Response Office for the fo/search?search=human+rights Coordination of Humanitarian Affairs OCHA Relief web Relief web United Nation 0 Institutional http://reliefweb.int/ Yes Structured Yes Office for the Coordination of Humanitarian Affairs OCHA Relief web - Angola Relief web United Nation 0 Institutional http://reliefweb.int/country/ago Yes Structured Yes Office for the Coordination of Humanitarian Affairs OCHA Relief web - Belarus Relief web United Nation 0 Institutional http://reliefweb.int/country/blr Yes Structured Yes Office for the Coordination of Humanitarian Affairs OCHA Relief web - Belarus - maps and Relief web United Nation 0 Institutional http://reliefweb.int/country/blr/thum Yes Structured Yes visualisations Office for the b Coordination of Humanitarian Affairs OCHA Relief web Content Trends Relief web United Nation 0 Institutional http://trends.rwlabs.org/ Yes Structured Yes Office for the Coordination of Humanitarian Affairs OCHA World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/a Yes Structured Yes Economies - Angola Countries and ngola Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/b Yes Structured Yes Economies - Belarus Countries and elarus Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/ir Yes Structured Yes Economies - Iran Countries and an-islamic-republic Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/p Yes Structured Yes Economies - Pakistan Countries and akistan Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/tu Yes Structured Yes Economies - Syria Countries and rkey Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/tu Yes Structured Yes Economies - Tunisia Countries and nisia Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/tu Yes Structured Yes Economies - Turkey Countries and rkey Economies World Bank Data - Countries and World Bank Data - World Bank 0 Institutional http://data.worldbank.org/country/u Yes Structured Yes Economies - UK Countries and nited-kingdom Economies Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Transparency reports -AOL - 2011 - Transparency report - AOL Yes Industry http://blog.aol.com/2014/10/28/aol- Yes Yes Yes Yes Yes Semi-Structured Yes 2013 AOL releases-transparency-report-and- urges-passage-of-the-usa-free/

Transparency reports -AOL - 2011 - Transparency report - AOL Yes Industry http://blog.aol.com/2014/02/13/aol- Yes Yes Yes Yes Yes Semi-Structured Yes 2014 AOL transparency-report/ Transparency reports - Apple - Transparency report - Apple Yes Industry http://images.apple.com/privacy/do Yes Yes Yes Yes Yes Semi-Structured Yes Report - Update on National Security Apple cs/upd-nat-sec-and-law-enf-orders- and Law Enforcement Orders jan 20140127.pdf 2014 Transparency reports - Apple - Transparency report - Apple Yes Industry http://images.apple.com/privacy/do Yes Yes Yes Yes Yes Semi-Structured Yes Report history, first half 2013 Apple cs/government-information- requests-20131105.pdf Transparency reports - Apple - Transparency report - Apple Yes Industry http://images.apple.com/privacy/do Yes Yes Yes Yes Yes Semi-Structured Yes Report history, first half 2014 Apple cs/government-information- requests-20140630.pdf Transparency reports - Apple - Transparency report - Apple Yes Industry http://images.apple.com/privacy/do Yes Yes Yes Yes Yes Semi-Structured Yes Report history, second half 2013 Apple cs/government-information- requests-20131231.pdf Transparency reports - AT&T - 2013 Transparency report - AT&T Yes Industry http://about.att.com/content/csr/ho Yes Yes Yes Yes Yes Semi-Structured Yes AT&T me/frequently-requested- info/governance/transparencyreport .html Transparency report - Comcast - first Transparency report - Comcast Yes Industry http://corporate.comcast.com/imag Yes Yes Yes Yes Yes Semi-Structured Yes half 2014 Comcast es/Comcast-Transparency-Report- 10162014.pdf Transparency report - CREDO - first Transparency report - Credo Yes Industry http://www.credomobile.com/transp Yes Yes Yes Yes Yes Semi-Structured Yes half 2014 CREDO arency Transparency report - CREDO - past Transparency report - Credo Yes Industry http://www.credomobile.com/transp Yes Yes Yes Yes Yes Semi-Structured Yes reports CREDO arency-previous-reports#past1 Transparency report -Dropbox - 2014 Transparency report - Dropbox Yes Industry https://www.dropbox.com/transpare Yes Yes Yes Yes Yes Semi-Structured Yes first half. including 2013 -2012 Dropbox ncy Transparency reports -Facebook - Transparency report - Facebook Yes Industry https://govtrequests.facebook.com/ Yes Yes Yes Yes Yes Semi-Structured Yes 2013 - 2014 Facebook Transparency report - Internet Transparency report - Internet Archive Yes Industry http://archive.org/about/faqs.php#L Yes Yes Yes Yes Yes Semi-Structured Yes Archive - 2013 Summary of law Internet Archive aw_Enforcement_Requests enforcement requests for user data Transparency report - leaseweb - Transparency report - Lease Web Yes Industry http://blog.leaseweb.com/2013/04/ Yes Yes Yes Yes Yes Semi-Structured Yes 2012 leaseweb 11/leaseweb-first-hosting-provider- worldwide-to-launch-law- enforcement-transparency-report/ Transparency report - leaseweb - Transparency report - Lease Web Yes Industry http://blog.leaseweb.com/2013/08/ Yes Yes Yes Yes Yes Semi-Structured Yes first half 2013 leaseweb 28/law-enforcement-transparency- q1q2-2013/ Transparency report - leaseweb - Transparency report - Lease Web Yes Industry http://blog.leaseweb.com/2014/02/ Yes Yes Yes Yes Yes Semi-Structured Yes second half 2013 leaseweb 25/law-enforcement-transparency- report-2014-july-1-december-31/ Transparency report - Linkedin - first Transparency report - LinkedIn Yes Industry https://www.linkedin.com/legal/tran Yes Yes Yes Yes Yes Semi-Structured Yes half 2014 Linkedin sparency#government-requests Transparency report - Lookout - Transparency report - Lookout Yes Industry https://www.lookout.com/transpare Yes Yes Yes Yes Yes Semi-Structured Yes 2013 Lookout ncy/report-2013 Transparency report - Microsoft - Transparency report - Microsoft Yes Industry https://www.microsoft.com/about/co Yes Yes Yes Yes Yes Semi-Structured Yes overview 2014 1st half, 2013 2nd Microsoft rporatecitizenship/en- half, 2013 1st half us/reporting/transparency/ Transparency report - Pinterest - Transparency report - Pinterest Yes Industry https://help.pinterest.com/en/article Yes Yes Yes Yes Yes Semi-Structured Yes Quatrerly Report Archive Pinterest s/transparency-report-archive Transparency report - Rogers Transparency report - Rogers Yes Industry http://www.rogers.com/cms/images Yes Yes Yes Yes Yes Semi-Structured Yes Rogers Communications /en/S35635%20Rogers-2013- Transparency-Report-EN.pdf Transparency report - Sonic.net 2013 Transparency report - Yes Industry https://corp.sonic.net/ceo/2014/04/2 Yes Yes Yes Yes Yes Semi-Structured Yes Sonic.net Sonic.net 8/2013-transparency-report/ Transparency report - Teksavvy - Transparency report - TekSavvy Yes Industry http://teksavvy.com/Media/Default/ Yes Yes Yes Yes Yes Semi-Structured Yes Filled out Citizen lab form 2014 Teksavvy Citizen%20Lab/TekSavvy%20to%2 0Citizenlab%20-%202014-06- 04.pdf Transparency report - telstra 2013, Transparency report - Telstra Yes Industry https://www.telstra.com.au/privacy/t Yes Yes Yes Yes Yes Semi-Structured Yes first half 2014 telstra ransparency Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Transparency report - Telus -2013 Transparency report - Telus 0 Industry http://about.telus.com/servlet/JiveS Yes Yes Yes Yes Yes Semi-Structured Yes Telus ervlet/previewBody/5544-102-1- 6081/TELUS%20Transparency%2 0Report%202013%20-English.pdf Transparency report - Transparency report - Time Warner Yes Industry http://help.twcable.com/privacy- Yes Yes Yes Yes Yes Semi-Structured Yes TimeWarnerCable - 2013, first half TimeWarnerCable Cable safety.html 2014 Transparency report - Tumblr - first Transparency report - Tumblr Yes Industry https://secure.static.tumblr.com/aht Yes Yes Yes Yes Yes Semi-Structured Yes half 2014 Tumblr wo23/M0sn94n3q/transparencyrep ort2014jj_letter__5.pdf Transparency report - Verizon - US Transparency report - Verizon Yes Industry http://transparency.verizon.com/inte Yes Yes Yes Yes Yes Semi-Structured Yes first half 2014 and 2014 Verizon rnational-report Transparency report - Verizon - US Transparency report - Verizon Yes Industry http://transparency.verizon.com/us- Yes Yes Yes Yes Yes Semi-Structured Yes report first half 2014 and 2013 Verizon report Transparency report - Wikimedia Transparency report - Wikimedia Yes Industry https://transparency.wikimedia.org/ Yes Yes Yes Yes Yes Semi-Structured Yes foundation - request for content Wikimedia foundation content.html alteration and takedown 2012-2014 Transparency report - Wikimedia Transparency report - Wikimedia Yes Industry https://transparency.wikimedia.org/ Yes Yes Yes Yes Yes Semi-Structured Yes foundation - request for user data Wikimedia foundation privacy.html 2012-2014 Transparency report - Yahoo! - Transparency report - Yahoo Yes Industry https://transparency.yahoo.com/gov Yes Yes Yes Yes Yes Semi-Structured Yes Governement data request - first half Yahoo! ernment-data-requests/index.htm 2014, second half 2014 Transparency report - Yahoo! - Transparency report - Yahoo Yes Industry https://transparency.yahoo.com/gov Yes Yes Yes Yes Yes Semi-Structured Yes Governement removal request - first Yahoo! ernment-removal- half 2014 requests/index.htm Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/cop Yes Yes Yes Yes Yes Structured Yes Copyright notices - first half 2014 Twitter yright-notices/2014/jan-jun Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/info Yes Yes Yes Yes Yes Structured Yes Information requests - first half 2012 Twitter rmation-requests/2012/jan-jun

Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/info Yes Yes Yes Yes Yes Structured Yes Information requests - first half 2013 Twitter rmation-requests/2013/jan-jun

Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/info Yes Yes Yes Yes Yes Structured Yes Information requests - first half 2014 Twitter rmation-requests/2014/jan-jun

Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/info Yes Yes Yes Yes Yes Structured Yes Information requests - second half Twitter rmation-requests/2012/jul-dec 2012 Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/info Yes Yes Yes Yes Yes Structured Yes Information requests - second half Twitter rmation-requests/2013/jul-dec 2013 Transparency report - Twitter - Transparency report - Twitter Yes Industry https://transparency.twitter.com/re Yes Yes Yes Yes Yes Structured Yes Removal requests - first half 2014 Twitter moval-requests/2014/jan-jun Transparency report - Wordpress - Transparency report - Word Press Yes Industry http://transparency.automattic.com/ Yes Yes Yes Yes Yes Structured Yes Information requests first half 2014 Wordpress information-requests-2014-h1/ Transparency report - Wordpress - Transparency report - Word Press Yes Industry http://transparency.automattic.com/ Yes Yes Yes Yes Yes Structured Yes Intellectual property first half 2014 Wordpress intellectual-property-2014-h1/ Transparency report - Wordpress - Transparency report - Word Press Yes Industry http://transparency.automattic.com/ Yes Yes Yes Yes Yes Structured Yes Take down requests, first half 2014 Wordpress takedown-demands-2014-h1/ Blackwatch Blackwatch The SecDev 0 Industry http://blackwatch.secdev.com/ Yes Yes Yes Yes Structured Yes Group DNSDB DNSDB Farsight Security Yes Industry https://www.dnsdb.info/ Yes Yes Yes Yes Structured Yes State of the Internet - Reports State of the Internet Akamai Yes Industry https://www.stateoftheinternet.com/ Yes Yes Unstructured Yes resources-report-state-of-the- internet.html Transparency report - Cloudflare - Transparency report - Cloudflare Yes Industry https://www.cloudflare.com/transpa Yes Yes Unstructured Yes first half 2014 Cloudflare - first half rency 2014 Syrian Network Disconnections Cloudflare Blog Cloudflare Yes Industry https://blog.cloudflare.com/tag/syria Yes Yes Unstructured Yes Analysis / URL Categories URL Categories Open DNS Yes Industry https://community.opendns.com/do Yes Yes Structured Yes Yes maintagging/categories Blue Coat Webpulse Site Review - Blue Coat Webpulse Blue Coat Yes Industry https://sitereview.bluecoat.com/cate Yes Structured Yes categorie discriptions Site Review - Request gories.jsp

Speedtest Intelligence Speedtest Intelligence Ookla Yes Industry http://www.ookla.com/speedtest- Yes Structured Yes intelligence Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU State of the Internet - Security State of the Internet Akamai Yes Industry https://www.stateoftheinternet.com/ Yes Semi-Structured Yes Reports resources-state-of-the-internet- security-and-prolexic-global-ddos- attack-reports.html State of the Internet - Trends State of the Internet Akamai Yes Industry https://www.stateoftheinternet.com/t Yes Semi-Structured Yes rends.html State of the Internet - Threat State of the Internet Akamai Yes Industry https://www.stateoftheinternet.com/ Yes Unstructured Yes Advisories resources-cyber-security-ddos- threat-advisories.html Digital attack map Digital attack map Arbor Networks Yes Industry http://www.digitalattackmap.com/#a Yes Structured Yes ATLAS threat nim=1&color=0&country=ALL&list= analysis 0&time=16418&view=map Digital attack map Digital attack map Arbor Networks Yes Industry http://www.digitalattackmap.com/#a Yes Structured Yes ATLAS threat nim=1&color=0&country=ALL&list= analysis 0&time=16418&view=table Digital attack map Digital attack map Arbor Networks Yes Industry http://www.digitalattackmap.com/ga Yes Structured Yes ATLAS threat llery/ analysis Virus Total Virus Total Google Yes Industry https://www.virustotal.com/ Yes Structured Yes Yes CVE database CVE database MITRE Yes Industry https://cve.mitre.org/cve/ Yes Structured Yes GDELT daily trend report GDELT Daily trend GDELT Yes Industry http://gdeltproject.org/data/dailytren Yes Structured Yes report dreports/ GDELT Event Database GDELT Event GDELT Yes Industry http://data.gdeltproject.org/events/i Yes Structured Yes Database ndex.html GDELT Global Knowledge Graph GDELT Global GDELT Yes Industry http://data.gdeltproject.org/gkg/inde Yes Structured Yes Knowledge Graph x.html GDELT real time analysis GDELT Real time GDELT Yes Industry http://googlecloudplatform.blogspot Yes Structured Yes analysis .nl/2014/05/worlds-largest-event- dataset-now-publicly-available-in- google-bigquery.html GDELT reduced event dataset GDELT Event GDELT Yes Industry data.gdeltproject.org/events/GDEL Yes Structured Yes Database T.MASTERREDUCEDV2.1979- 2013.zip Pakistan's Internet Landscape. Pakistan's Internet Bytes for All 0 Civil Society http://content.bytesforall.pk/sites/de Yes Yes Yes Semi-Structured Yes Report Landscape. Report fault/files/MappingReportFinal%20- %20Published.pdf Report: 'Pakistan's Internet Firewall' Report: 'Pakistan's Bytes for All 0 Civil Society https://citizenlab.org/wp- Yes Yes Yes Semi-Structured Yes Internet Firewall' content/uploads/2013/07/18-2013- opakistan.pdf Takedown Hall of Shame Takedown Hall of Electronic Yes Civil Society https://www.eff.org/takedowns Yes Yes Semi-Structured Yes Shame Frontier Foundation EFF Global Censorship Chokepoints Global Censorship Electronic Yes Civil Society https://globalchokepoints.org/count Yes Semi-Structured Yes Chokepoints Frontier ries Foundation EFF Secure Messaging Scorecard Secure Messaging Electronic Yes Civil Society https://www.eff.org/secure- Yes Semi-Structured Yes Scorecard Frontier messaging-scorecard Foundation EFF IFEX Country Reports IFEX Country Reports International 0 Civil Society https://www.ifex.org/angola/ Yes Yes Unstructured Yes Freedom of Expression exchange IFEX Digital Security First Aid Kit Digital Security First Association for Yes Civil Society https://www.apc.org/en/irhr/digital- Yes Unstructured Yes Aid Kit Progressive security-first-aid-kit Communications APC Surveillance self-defense Surveillance self- Electronic Yes Civil Society https://ssd.eff.org/en/index Yes Unstructured Yes defense Frontier Foundation EFF GANSO Bi-Weekly Safety Report Gaza NGO Safety Gaza NGO Safety 0 Civil Society http://www.gaza- Yes Semi-Structured Yes Office - Incident Alerts Office nso.org/?p=reports&id=1

Gaza NGO Safety Office - Incident Gaza NGO Safety Gaza NGO Safety 0 Civil Society http://www.gaza- Yes Semi-Structured Yes Alerts Office - Incident Alerts Office nso.org/?p=incident-alerts

Special Reports Gaza NGO Safety Gaza NGO Safety 0 Civil Society http://www.gaza- Yes Semi-Structured Yes Office - Incident Alerts Office nso.org/?p=reports&id=2

Aid Worker Security Database Aid Worker Security Humanitarian Yes Civil Society https://aidworkersecurity.org/incide Yes Structured Yes Database Outcomes nts/search Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU Database NGO Safety Program NGO Safety 0 Civil Society http://www.nspsomalia.org/joomla/i Yes Structured Yes NSP Reports Program NSP ndex.php/information-and- analysis/services-description- information/103-database Maps NGO Safety Program NGO Safety 0 Civil Society http://www.nspsomalia.org/joomla/i Yes Structured Yes NSP Reports Program NSP ndex.php/information-and- analysis/nsp-resources-maps reports NGO Safety Program NGO Safety 0 Civil Society http://www.nspsomalia.org/joomla/i Yes Structured Yes NSP Reports Program NSP ndex.php/information-and- analysis/services-description- information PHF Safety Pakistan Humanitarian Pakistan 0 Civil Society http://pakhumanitarianforum.org/ph Yes Semi-Structured Yes Forum Humanitarian f-services/phf-safety/ Forum Iran Technology Blog ASL 19 Blog ASL19 0 https://asl19.org/en/category/techn Yes Yes Yes Yes Yes Yes Unstructured Yes ology/ ISC Country Reports ISC Country Reports Counterpart Yes Yes Yes Yes Yes Yes Unstructured Yes International China Digital Times China Digital Times China Digital Yes https://docs.google.com/a/chinadigi Yes Yes Yes Yes Structured Yes Times taltimes.net/spreadsheet/ccc?key= 0Aqe87wrWj9w_dFpJWjZoM19BN kFfV2JrWS1pMEtYcEE#gid=0

Casting a wider net Network Interference Citizen Lab 0 http://munkschool.utoronto.ca/dow Yes Yes Yes Unstructured Yes nloads/casting.pdf Psiphon Usage Data Psiphon Psiphon Inc 0 Yes Yes Yes Structured Yes Bahrain Finfisher Targeted Threat Citizen Lab 0 https://citizenlab.org/2012/07/from- Yes Yes Yes Yes Semi-Structured Yes bahrain-with-love-finfishers-spy-kit- exposed/ For their eyes only Targeted Threat Citizen Lab 0 https://citizenlab.org/storage/finfish Yes Yes Yes Yes Unstructured Yes er/final/fortheireyesonly.pdf Targeted Threat Index Targeted Threat Citizen Lab 0 https://targetedthreats.net/ Yes Yes Yes Yes Structured Yes Crypto Cat Monitor Crypto Cat Monitor Crypto Cat Yes https://crypto.cat/monitor/ Yes Yes Yes Yes Semi-Structured Yes "the network is aware" social science "the network is aware" School of Yes http://dpi.ischool.syr.edu/MLab- Yes Unstructured Yes research on deep packet inspection social science Information Data.html research on deep Sciences packet inspection Syracuse University - Research center 'Internet Governance Project' Global Right to Information Rating Global Right to Centre for Law 0 http://www.rti- Yes Yes Semi-Structured Yes Information Rating and Democracy rating.org/country_data.php Global Trends in NGO Law NGO law monitor International Yes http://www.icnl.org/research/trends/ Yes Yes Semi-Structured Yes Center for Not-for- Profit Law -ICNL library NGO law monitor International Yes http://www.icnl.org/research/library/ Yes Yes Semi-Structured Yes Center for Not-for- ol/online/search/en Profit Law -ICNL NGO law monitor by country NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/ Profit Law -ICNL NGO law monitor by country Belarus NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/belarus.html Profit Law -ICNL NGO law monitor by country Belarus NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/belarus.html#glance Profit Law -ICNL NGO law monitor by country Belarus NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/belarus.html#snapshot Profit Law -ICNL NGO law monitor by country Pakistan NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/pakistan.html Profit Law -ICNL NGO law monitor by country Pakistan NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes NGO law monitor by country pakistan NGO law monitor InternationalCenter for Not-for- Yes http://www.icnl.org/research/monitor/pakistan.html#glance Yes Yes Semi-Structured Yes Center for Not-for- r/pakistan.html#glance Profit Law -ICNL Annex Data Sources List: Data Sets

ECSA Data Category Data Set Project Organisation EU US? Direct Indirect URL Interference Security Surveillance Human Background Internet & Structured Publicly Restricted I&HR && Stakeholder Stakeholder Rights Human Available Access Structured Rights && EU NGO law monitor by country Turkey NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/turkey.html Profit Law -ICNL NGO law monitor by country Turkey NGO law monitor International Yes www.icnl.org/research/monitor/turk Yes Yes Semi-Structured Yes Center for Not-for- ey.html#glance Profit Law -ICNL NGO law monitor by country Turkey NGO law monitor International Yes www.icnl.org/research/monitor/turk Yes Yes Semi-Structured Yes Center for Not-for- ey.html#snapshot Profit Law -ICNL NGOlaw monitor by country pakistan NGO law monitor International Yes http://www.icnl.org/research/monito Yes Yes Semi-Structured Yes Center for Not-for- r/pakistan.html#snapshot Profit Law -ICNL ANHRI - Reports ANHRI - Reports Arabic Network 0 http://anhri.net/?p=135084&lang=e Yes Unstructured Yes for Human Rights n Information Majlis Monitor Majlis Monitor ASL19 0 majlismonitor.com Yes Unstructured Yes Meidoon Watch Meidoon Watch ASL19 0 http://meidoon.com/watch Yes Unstructured Yes Rouhani meter - UNGA report - Rouhani meter ASL19 0 https://rouhanimeter.com/UNGArep Yes Unstructured Yes President Rouhani's human rights ort/ monitor Smartraveller - Country based advice Smartraveller Australian 0 https://smartraveller.gov.au/zw- Yes Unstructured Yes Governement cgi/view/Advice/ Departement of Foreign Affairs and Trade Smartraveller - Travel Bulletins Smartraveller Australian 0 https://smartraveller.gov.au/zw- Yes Unstructured Yes Governement cgi/view/TravelBulletins/Kidnapping Departement of Foreign Affairs and Trade Country travel advice and advisories Country travel advice Government of 0 http://travel.gc.ca/travelling/advisori Yes Unstructured Yes and advisories Canada es CIA Factbook - Angola CIA The World Central Yes https://www.cia.gov/library/publicati Yes Semi-Structured Yes Factbook Intelligence ons/the-world- Agency (CIA) factbook/geos/ao.html CIA Factbook - Belarus CIA The World Central Yes https://www.cia.gov/library/publicati Yes Semi-Structured Yes Factbook Intelligence ons/the-world- Agency (CIA) factbook/geos/bo.html CIA Factbook - UK CIA The World Central Yes https://www.cia.gov/library/publicati Yes Semi-Structured Yes Factbook Intelligence ons/the-world- Agency (CIA) factbook/geos/uk.html CIA The World Factbook CIA The World Central Yes https://www.cia.gov/library/publicati Yes Semi-Structured Yes Factbook Intelligence ons/the-world- Agency (CIA) factbook/docs/refmaps.html CIA The World Factbook - Download CIA The World Central Yes https://www.cia.gov/library/publicati Yes Semi-Structured Yes Factbook Intelligence ons/download/ Agency (CIA) outages Outages Dyn Research Yes http://b2b.renesys.com/eventsbullet Yes Semi-Structured Yes (Renesys) in/ Accessibility Top Sites in China Accessibility Top Sites Great Fire Yes https://en.greatfire.org/top-sites- Yes Unstructured Yes in China china Keywords Keywords Great Fire Yes https://en.greatfire.org/search/keyw Yes Unstructured Yes ords VPNs & Proxies VPNs & Proxies Great Fire Yes https://en.greatfire.org/vpns-proxies Yes Unstructured Yes

IATI dataset IATI datasets IATI 0 http://www.iatiregistry.org/dataset Yes Structured Yes Country Data Country Data International NGO Yes http://www.ngosafety.org/#!country- Yes Semi-Structured Yes Safety data/ctnn Organisation INSO World Alert World Alert International NGO Yes http://www.ngosafety.org/#!world- Yes Semi-Structured Yes Safety alert/c1neq Organisation INSO Internet Measurement Project Data ISOC - Internet Internet Society 0 http://www.internetsociety.org/publi Yes Structured Yes Catalogue Measurement Project (ISOC) cations/internet-measurement- project Phoenix Data Phoenix Open Event Data Yes http://phoenixdata.org/data Yes Structured Yes Alliance Global Stats Global Stats Crypto Cat Yes http://gs.statcounter.com/ Yes Semi-Structured Yes European Capability for Situational Awareness – Final Report

Annex IV. List of participants IMON

IMON consortium

Organisation Name

Free Press Unlimited Leon Willems

Rianne Verbeek

Ecorys NL Brigitte Slot

Lorijn de Boer

Nicolai van Gorp

Jan Maarten de Vet

The Chokepoint Project Ruben Bloemgarten

Pascal Haakmat

Global Forum for Media Development Caroline Giraud

GP-digital Andrew Puddephatt

Rebecca Zausmer

Greenhost Sacha van Geffen

Mart van Santen iilab Jun Julien Matsushita

IMON external experts

Organisation Name

Oxford Internet Institute Joss Wright

Open Data Institute Jeni Tennison

IT46 / Gigamoya Alberto Escudero-Pascual

The Engine Room Christopher Wilson

Reporters sans Frontière Grégoire Pouget

Standby Task Force Anahi Ayala Iacucci

129

European Capability for Situational Awareness – Final Report

IMON Advisory Group

Organisation Name

European University Institute Ben Wagner

Hermes Center Fabio Pietrosanti

Small Media Mahmoud Enayat

Center for Technology and Society at the Luca Belli Getulio Vargas Fundation

Telecommunications Industry Dialogue Lisl Brunner

130

European Capability for Situational Awareness – Final Report

Annex V. Budget

The budget narrative for the ECSA Secretariat and ECSA Technical Platform are presented in the Excel- table, and are followed by a budget narrative.

131

Annex Budget Secretariat

1.a Budget ECSA Secretariat Year 1 Year 2 Year 3 Year 4 Year 5 Total 5 years Unit # of units Unit value Total Cost # of units Unit value Total Cost # of units Unit value Total Cost # of units Unit value Total Cost # of units Unit value Total Cost Costs (in EUR) (in EUR) (in EUR) (in EUR) (in EUR) (in EUR) (in EUR) (in EUR) (in EUR) (in EUR)

1. Human Resources 1.1 Salaries 1.1.1 Project leader (contents, diplomacy, research facilitation) (100% LOE) Per month 12 7.500,00 90.000 12 7.725,00 92.700 12 7.956,75 95.481 12 8.195,45 98.345 12 8.441,32 101.296 1.1.2 Project officer (logistics, planning, organisation) (100% LOE) Per month 12 6.000,00 72.000 12 6.180,00 74.160 12 6.365,40 76.385 12 6.556,36 78.676 12 6.753,05 81.037 1.1.3 Project officer (logistics, planning, organisation) (100% LOE) Per month 12 6.365,40 76.385 12 6.556,36 78.676 12 6.753,05 81.037 1.2 Per diems for missions/travel of staff (round table + conferences) 1.2.1 Project leader Per diem 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 1.2.2 Project officer Per diem 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 20 232,00 4.640 1.3 Per diem Seminar/conference/meeting participants (20+) 1.3.1 Participants round table meetings Per diem 80 232,00 18.560 100 232,00 23.200 120 232,00 27.840 140 232,00 32.480 160 232,00 37.120 1.4 Per diem Board members (5) 1.4.1 Board members – 2 days remuneration Per diem 10 500,00 5.000 10 500,00 5.000 10 500,00 5.000 10 500,00 5.000 10 500,00 5.000 Subtotal Human Resources 194.840 204.340 290.371 302.458 314.769 2. Travel 2.1. International travel 2.1.1 International travel Project leader to conferences Per flight 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400 2.1.2 International travel Project officer to conferences Per flight 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400 4 600,00 2.400

2.1.3 International travel Participants round tables (twice per year, 20+ p) Per flight 40 600,00 24.000 50 600,00 30.000 60 600,00 36.000 70 600,00 42.000 80 600,00 48.000

2.1.4 Airport transfers / Visas / Medicine (for participants of round tables) Per item 40 10,00 400 50 10,00 500 60 10,00 600 70 10,00 700 80 10,00 800 2.2 Local transportation Local travel lump sum 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 Subtotal Travel 34.200 40.300 46.400 52.500 58.600

3. Equipment and supplies7 3.1 Office furniture Per unit 6 1.000,00 6.000 0 1.000,00 0 0 1.000,00 0 1 500,00 500 1 500,00 500 3.2 Laptops (including office software) Per item 2 850,00 1.700 0 850,00 0 0 850,00 0 0 850,00 0 2 850,00 1.700 3.3 Machines, tools (routers, copiers, scanners, plugs, cords, wires, regulators) Per unit 6 900,00 5.400 1 900,00 900 1 900,00 900 1 900,00 900 1 900,00 900 3.4 Round table material for participants Per unit 40 15,00 600 50 15,00 750 60 15,00 900 70 15,00 1.050 80 15,00 1.200 Subtotal Equipment and supplies 13.700 1.650 1.800 2.450 4.300 4. Local Office (Brussels) 4.1 Office rent Per month 12 1.500,00 18.000 12 1.500,00 18.000 12 1.500,00 18.000 12 1.600,00 19.200 12 1.600,00 19.200 4.2 Meeting space rent round table meetings Per event day 4 2.400,00 9.600 4 2.400,00 9.600 4 2.400,00 9.600 4 3.000,00 12.000 4 3.000,00 12.000 4.3 Stationary costs office Per month 12 40,00 480 12 40,00 480 12 40,00 480 12 40,00 480 12 40,00 480 4.4 Other services (electricity/heating, maintenance) Per month 12 300,00 3.600 12 300,00 3.600 12 300,00 3.600 12 300,00 3.600 12 300,00 3.600 4.5 Communication costs (Internet, phone) Per month 12 200,00 2.400 12 200,00 2.400 12 200,00 2.400 12 200,00 2.400 12 200,00 2.400 4.6 Registration Fees and related costs lump sum 1 400,00 400 1 200,00 200 1 200,00 200 1 200,00 200 1 200,00 200 4.7 Printing and postage lump sum 1 400,00 400 1 400,00 400 1 400,00 400 1 400,00 400 1 400,00 400 4.8 Digital communications platform lump sum 1 5.000,00 5.000 1 500,00 500 1 500,00 500 1 500,00 500 1 500,00 500 Subtotal Local office 39.880 35.180 35.180 38.780 38.780

5. Other costs, services8 5.1 Digital data visualization services for research publication Per day 2 500,00 1.000 2 500,00 1.000 2 500,00 1.000 2 500,00 1.000 2 500,00 1.000 5.2 Printing of research results/papers Per item 200 10,00 2.000 200 10,00 2.000 250 10,00 2.500 250 10,00 2.500 300 10,00 3.000 5.3 Audit Per audit 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 1 5.000,00 5.000 5.4 Facilitation costs round table meetings Per day 4 750,00 3.000 4 750,00 3.000 4 750,00 3.000 4 1.000,00 4.000 4 1.000,00 4.000 5.5 Alimentary supplies round table meetings Per day 4 700,00 2.800 4 1.050,00 4.200 4 1.400,00 5.600 4 1.750,00 7.000 4 2.100,00 8.400 Subtotal Other costs, services 13.800 15.200 17.100 19.500 21.400 6. Other - Subtotal Other 0 0 0 0 0 7. Subtotal direct eligible costs (1-6) 296.420 296.670 390.851 415.688 437.849 8. Indirect costs (7%) 20.749 20.767 27.360 29.098 30.649 9. Total eligible costs of the Action (7+ 8) 317.169 317.437 418.210 444.786 468.498 10. Provision for contingency reserve (5%) 14.821 14.834 19.543 20.784 21.892 11. Total costs (9+10) 331.990 332.270 437.753 465.571 490.391 2.057.975 European Capability for Situational Awareness – Final Report

ECSA Secretariat

In both scenarios, the budget for the independent ECSA Secretariat is applicable.

The budget is calculated based on the following assumptions:

Human resources

 2 staff members are required to run ECSA Secretariat: o 1 project leader who is responsible for contents, diplomacy, research facilitation, and coordination with technical platform development. o 1 project officer who assists project leader on operational, logistical, planning and administrative activities for the Secretariat. o In year 3 (growth model), we expect an additional team member is required to support the activities.  The ECSA Secretariat is supervised by a Board of five members. o We would propose to ask the members of the Advisory Group of our study to become the initial board members; they represent different sectors in the field of Internet Monitoring & Human Rights. o Board members will receive remuneration for 2 days per year (500 euro per day).  Participants of round tables will receive per diem for the days participating in round table meetings (see below).

Operational costs

 Costs for running a local office have been included. We calculated costs for an office based in Brussels (office furniture, rent, services, communication, printing, registration, etc).  A website – with link to technical platform – will be developed to coordinate with stakeholders and to promote activities.

Activities and related costs (A+B)

 The ECSA Secretariat will organise two 2-day round table meetings per year for interested stakeholders. o Incremental growth of number of participants to the round table: . Year 1: 20 participants . Year 2: 25 participants . Year 3: 30 participants . Year 4: 35 participants . Year 5: 40 participants

 The ECSA Secretariat advocates for resource creation for Internet Censorship & Human Rights Monitoring

133

European Capability for Situational Awareness – Final Report

 The ECSA Secretariat leads coordination meetings in the field and fosters sharing of information.  The ECSA Secretariat defines building blocks of an ECSA Federation  The ECSA Secretariat applies for funding to support federative efforts  The ECSA Secretariat supports establishment of ECSA Federation  ECSA Federation grows and coordinates efforts on Internet Censorship Monitoring

A. Travel & per diem

 Each ECSA Secretariat staff members will attend international conferences to advocate for an ECSA Federation

 2 ECSA Secretariat staff members will attend each round table meeting

 Participants will travel for round table meetings. If the number of participants is higher than anticipated in this budget the Secretariat can decide to only finance participants from the South instead of European participants.

B. Other

 Budget for round table and secretariat activities: materials, venue rent, venue facilitation, publications.

134

Annex Budget Techn.Platform

1.b Budget ECSA Technical platform YEAR 1 YEAR 2: Total MVP period (15 Year 1 Quarter 1 Year 1: Q2, 3, 4 Year 2: Q1 months) Unit # of units Unit value Total Cost # of units Unit value Total Cost Total Total Year # of units Unit value Total Cost - Total Cost - Total Cost Total Cost (in EUR) (in EUR) (in EUR) (in EUR) Year 1 1 (average (in EUR) Year 2 Q1 Year 2 Q1 100% Average Costs (100%) bandwidth) (100%) (average bandwidth (in EUR) bandwidth) scenario (90- (in EUR) 150%

1. Salaries 0,00 Senior System administrator Per month 3 8.000,00 24.000 9 8.000,00 72.000 96.000 3 8.000,00 24.000 120.000 Senior System administrator Per month 9 8.000,00 72.000 72.000 3 8.000,00 24.000 96.000 Senior Frontend developer Per month 9 6.500,00 58.500 58.500 3 6.500,00 19.500 78.000 Senior Frontend developer Per month 9 6.500,00 58.500 58.500 3 6.500,00 19.500 78.000 Senior developer/architect Per month 3 9.500,00 28.500 9 9.500,00 85.500 114.000 3 9.500,00 28.500 142.500 Senior developer/architect Per month 9 9.500,00 85.500 85.500 3 9.500,00 28.500 114.000 Legal/policy analyst Per month 9 8.500,00 76.500 76.500 3 8.500,00 25.500 102.000 Data analyst Per month 9 8.000,00 72.000 72.000 3 8.000,00 24.000 96.000 Project Manager Per month 3 6.500,00 19.500 9 6.500,00 58.500 78.000 3 6.500,00 19.500 97.500 Designer Per month 3 5.500,00 16.500 9 5.500,00 49.500 66.000 3 5.500,00 16.500 82.500 Full stack developer Per month 9 7.000,00 63.000 63.000 3 7.000,00 21.000 84.000 Tester Per month 9 4.500,00 40.500 40.500 3 4.500,00 13.500 54.000 Subtotal Human Resources* 88.500 792.000 880.500 264.000 1.144.500 * Cost bandwidth Human Resources -10%,+50% Minus 10% 90% 792.450 237.600 Plus 50% 150% 1.320.750 396.000 Average cost band with HR 1.056.600 316.800 1.373.400 2. Hardware Servernode Per unit 4 9.619,00 38.476 38.476 38.476 Servernode Per unit 2 9.619,00 19.238 19.238 19.238 Switches Per unit 4 1.600,00 6.400 6.400 6.400 Switches Per unit 1 1.600,00 1.600 1.600 1.600 Laptops Per unit 10 2.000,00 20.000 20.000 20.000 Internet connection Per unit 3 119,00 357 9 119,00 1.071 1.428 3 119,00 357 1.785 CDN Per unit 3 500,00 1.500 9 500,00 4.500 6.000 3 500,00 1.500 7.500 Hosting Location A Per unit 3 470,00 1.410 9 470,00 4.230 5.640 3 470,00 1.410 7.050 Hosting Location B Per unit 3 1.550,00 4.650 9 1.550,00 13.950 18.600 3 1.550,00 4.650 23.250 Software licenses Per unit 1 32.945,00 32.945 32.945 32.945 Subtotal Hardware 126.576 23.751 150.327 150.327 7.917 7.917 158.244 158.244 Subtotal direct technical platform costs 1.030.827 1.206.927 271.917 324.717 1.302.744 1.531.644 Indirect costs (7%) 72.158 84.485 19.034 22.730 91.192 107.215 Total eligible costs of the Action (7+ 8) 1.102.985 1.291.412 290.951 347.447 1.393.936 1.638.859 Provision for contingency reserve (5%) 51.541 60.346 13.596 16.236 65.137 76.582 Total costs Technical platform 1.154.526 1.351.758 304.547 363.683 1.459.073 1.715.441

Note: * Bandwidth 90% / 150%, and average. Experience dictates that costs of ICT developments can fluctuate significantly.The contingency of 5% is not sufficient to cover this fluctuation. This budget has processed this bandwidth as the average between the low and high band for human resources only, as these commonly fluctuate most. Other costs that are NOT included in this budget: - office related costs - travel expenses - public relations - financial administration Such additional costs are dependent on the chosen organisational strategy. European Capability for Situational Awareness – Final Report

ECSA Technical Platform

The costs for Technical Platform differ per scenario. In the ‘urgent’ scenario 1, the development of the Technical Platform starts in Year 1 – see budget. In the ‘incremental’ scenario 2, the development of the technical platform, starting with an MVP is slower, with lower costs in Year 1 and 2, and shifted to a later stage.

Activities

Activities for ‘Urgent’ Scenario 1 for Technical Platform

 Year 1: ECSA Technical Platform established through a tendering process, starts building, 6 months after the ECSA secretariat is established.  Year 2: ECSA Technical Platform is operational from Q3 I year two  Year 3: ECSA Technical Platform includes technical data from all key integrators in the field.  Year 4: ECSA Technical Platform is the source of reference for all stakeholders in the field and a 'sine qua non' for research and global watchdogs on Internet & Human Rights.

Activities for ‘Incremental’ Scenario 2 for Technical Platform

 Year 1: -  Year 2: ECSA Technical platform in development as Minimum Viable Product.  Year 3: ECSA Technical platform is established  Year 4: ECSA Technical platform operational  Year 5: ECSA Technical platform expanded

The budget for the minimum viable product is based on a 15 months development until Minimum Viable Product, according to the following roadmap:

MVP development period Q1Y1 Q2Y1 Q3Y1 Q4Y1 Q1Y2 Q2Y2 Q3Y2 Q4Y2 Q1Y3 Q2Y3 Q3Y3 Q4Y3 & beyond Phase 1 MVP: Pull Setup infrastructure Setup management systems Setup collection & analysis systems Develop alpha version of presentation layer Develop beta version of presentation layer Interaction and visual design Development of collection & analysis Phase 2: Pull User Preferences Alerting Phase 3: Pull Report generation Repository Browser Phase 4: Push Mobile & Secure Communications Other System maintenance & support MVP development period

136

European Capability for Situational Awareness – Final Report

Budget narrative for the budget of Technical Platform in Excel-table: MVP development period (15 months)

To implement a MVP, there are 2 main expenses presented in the budget: Salaries and Hardware.

Human resources

 Staff members (100% LOE) for developing the MVP Technical Platform:

o 2 Senior System Administrators o 2 Senior Frontend Developers o 2 Senior develops/architects o 1 Legal/policy analyst o 1 Data analyst o 1 Project manager o 1 Designer o 1 Full stack developer o 1 Teste All staff budgeting is performed based on full time employment units. However, for the building of an ECSA MVP it is highly probable that a significant amount of effort will have to be sourced from a variety of experts from different domains of expertise. This expertise will be required intermittently, not full time. As such, 'LOE' should be read as ‘LOE equivalent'.

Estimated staff cost are based on common market rates for senior staff and include additional employer's cost as common in The Netherlands. Such costs commonly amount to approximately 20% on top of the gross principle. There is great variance in remuneration of ICT related staff across the EU and job descriptions are often more indicative than definitively descriptive. Given that staff working on an ECSA will require in addition to their primary skillset a fairly broad generalist understanding, most staffing costs have been calculated based on the upper range of common market rates.

Hardware

The system hardware and network infrastructure is distributed over three locations, for purposes of security, performance and redundancy. This is visualized in the figure on the next page.

The Roadmap and technical architecture for Technical platform are explained in detail in the annexed Supplementary Technical Report.

137

European Capability for Situational Awareness – Final Report

Figure: Top level architecture

This budget for Hardware is to be understood as a cost estimation based on current public market prices, where available. In practice such prices are likely to vary greatly depending on procurement methods and market availability.

The following table lists hardware, services and licenses. Where services are recurring, costs estimated monthly (e.g. 15 months for MVP-period).

Table: Hardware, services & licenses

Item Price ex.VAT Units Type Location Servernode € 9619 4 hardware location A Servernode € 9619 2 hardware location C Switches € 1600 4 hardware Location A Switches €1600 1 hardware Location C Laptops € 2000 10 hardware - Internet connection € 119 15 service Location C CDN € 500 15 service Location CDN Hosting Location A € 470 15 service Location A Hosting Location B € 1550 15 service Location B Software licenses € 32945 1 license Location A & C

Some costs contained in this budget are entered as non-viable costs, where they are in fact variable. In particular this I related to the hosting costs of locations B and CDN; these are not likely to reach these levels until the end of the third quarter. However it is estimated that this monthly variance will even out over the course of the 15-month MVP development period. 138

European Capability for Situational Awareness – Final Report

Total budget MVP development period (15 months)

The salary and hardware costs brings the total estimated budget for the delivery of a Minimum Viable Product to approximately EUR 1.5 million for 15 months.

Experience dictates that costs of ICT developments can fluctuate significantly. The contingency of 5% is not sufficient to cover this fluctuation. This budget has processed this bandwidth as the average between the low (90%) and high band (150%) for human resources only, as these commonly fluctuate most. The average bandwidth approach brings the total to an estimated EUR 1.7 million for 15 months.

Other costs NOT included in this budget:

o office related costs o travel expenses o public relations o financial administration Such additional costs are dependent on the chosen organisational strategy and as such not included in these budget items, which assumes the platform will be built by a third party, based on a tender bid. Consequently the costs for setting up the MVP in 15 months will require a significant increase of budget to cover these expenses as well.

Beyond an MVP: year 2 Q2-4 & years 3-5

The MVP budget is calculated for a period a 15 months as cost projections beyond completion of the MVP would be highly speculative and contrary to an MVP approach. That having been said, some statements can be made given this caveat. Of three foreseeable post MVP scenarios: 1) Development continues at the same pace, 2) Development continues at a lower pace and 3) Development continues at a higher pace, only scenario 1 can be accompanied with a probable cost estimation.

 Post MVP scenario 1: Development continues at the same pace

◦ Year 2 & 3: Staffing and service cost are comparable to the preceding period. No additional hardware cost. Staffing: EUR 91,560 p/m + Service: EUR 2,111 p/m = EUR 1,967,000 for 21 months.

◦ Year 4 & 5: Staffing, service cost are comparable to the preceding period. Hardware is replaced. Staffing + Service costs = EUR 2,248,104 (24 months) + Hardware: EUR 85,714 = EUR 2,334,000 for 24 months.

The remaining scenarios then will respectively be less and more than the estimated figures given for post development.

139

European Capability for Situational Awareness – Final Report

Annex VI. List of additional interviews task 5

EEAS DG Connect Devco Citizen Lab OONI M-Lab GIPO All IMON experts All IMON Advisory Board Members IMON Task Leads

140

European Capability for Situational Awareness – Final Report

Annex VII. Bibliography

No Disconnect Strategy

No disconnect – ICT helping Human Rights across the world. Published by Neelie KROES on Monday, 12/12/2011, http://ec.europa.eu/commission_2010-2014/kroes/en/blog/no-disconnect

No Disconnect: European Commission to develop Human Rights guidance for ICT sector. Published by Neelie KROES on Tuesday, 14/02/2012, http://ec.europa.eu/commission_2010-2014/kroes/en/blog/ict- human-rights-guidance

The EU fighting cyber-censorship abroad: an update on our work. Published by Neelie KROES on Wednesday, 13/06/2012, http://ec.europa.eu/commission_2010-2014/kroes/en/blog/eu-fighting- cybercensorship

European Commission - Press release, Digital Agenda: Karl-Theodor zu Guttenberg invited by Kroes to promote internet freedom globally. IP/11/1525 12/12/2011, http://europa.eu/rapid/pressrelease_IP-11- 1525_en.htm

COM(2011) 200 of 8 March 2011 – A Partnership for Democracy and Shared Prosperity with the

Southern Mediterranean, http://eeas.europa.eu/euromed/docs/com2011_200_en.pdf

Neelie Kroes’ speech at the Dutch Ministerial Conference on Internet Freedom (9 December 2011) http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/11/866&format=HTML&aged=0&langu age=EN&guiLanguage=en

European Commission and media pluralism http://ec.europa.eu/information_society/media_taskforce/pluralism/index_en.htm

Future Internet Research and Experimentation http://cordis.europa.eu/fp7/ict/fire/

7th Framework Programme – “Trust and Security” objective http://cordis.europa.eu/fp7/ict/programme/challenge1_en.html

Competitiveness and Innovation Programme, http://ec.europa.eu/cip/

Charter of Fundamental Rights of the European Union, http://www.europarl.europa.eu/charter/pdf/text_en.pdf

COM(2010) 573 of 19 October 2010 – Strategy for the effective implementation of the Charter of Fundamental Rights by the European Union. http://ec.europa.eu/justice/news/intro/doc/com_2010_573_en.pdf

141

European Capability for Situational Awareness – Final Report

COM(2011) 886 of 12 December 2011 – Human rights and democracy at the heart of EU external action – towards a more effective approach http://eur- lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0886:FIN:EN:PDF

Other

Chadwick, A. (2009). Routledge handbook of Internet politics. Routledge international handbooks. Taylor and Francis. p. 332. ISBN 978-0-415-42914-6.

Dainotti, A., Squarcella, C., Aben, C., Claffy, K., Chiesa, M., Russo, M., and Pescapè, A., “Analysis of Country-wide Internet Outages Caused by Censorship'', in Internet Measurement Conference (IMC), Berlin, Germany, Nov 2011, pp. 1--18, ACM. Retrieved from: http://www.caida.org/publications/papers/2011/outages_censorship/outages_censorship.pdf

DeBeer, J., and Clemmer, C., (2010). Global Trends in Online Copyright Enforcement: A Non-Neutral Role for Network Intermediaries? Retrieved from http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1529722

Dutton, W. H., Dopatka, A., Law, G., Nash, V. (2011). Freedom of connection, freedom of expression: the changing legal and regulatory ecology shaping the Internet, Division for Freedom of Expression, Democracy and Peace, United Nations Educational, Scientific and Cultural Organization (UNESCO), Paris, 2011, 103 pp., ISBN 978-92-3-104188-4.

Edelman, B., (2003). Empirical Analysis of Google SafeSearch, Berkman Center for Internet & Society, Harvard Law School, April. Retrieved from http://cyber.law.harvard.edu/archived_content/people/edelman/google-safesearch

Erixon F, and Hosuk Lee-Makiyama, Digital Authorirarianism. Human Rights, Geopolitics and Commerce, ECIPE OCCASIONAL PAPER • No. 5/2011

Edwards, L., (2011). Role and Responsibility of Internet intermediaries in the field of Copyright and Related Rights, June. Retrieved from http://www.wipo.int/export/sites/www/copyright/en/doc/role_and_responsibility_of_the_internet_interme diaries_final.pdf

EFF (2010). Submission of the Electronic Frontier Foundation (EFF) on the consultation on the EU e- Commerce Directive (2000/31/EC) , November. Retrieved from https://www.eff.org/files/filenode/international/EFFEUeCommerceDirectiveConsultationResponse.pdf

EU Parliament, (2012). A digital freedom strategy in EU foreign policy. Retrieved from http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P7-TA-2012- 0470+0+DOC+XML+V0//EN&language=EN

142

European Capability for Situational Awareness – Final Report

Faris, R. and Villeneuve, N., (2008). Measuring Global Internet Filtering, Access Denied: The Practice and Policy of Global Internet Filtering, Deibert, R., Palfrey, J., Rohozinski, R. and Zittrain, J. eds., MIT Press, Cambridge. Retrieved from http://mitpress.mit.edu/books/access-denied

Freedom House (2013). Freedom on the Net 2013. A global assessment of internet and digital media.

Freedom House (2013). Freedom of the Press 2013. Middle East Volatility amid Global Decline. Selected data from Freedom House' Annual Press Freedom Index.

Google (2012), "Google Terms of Service", Policies & Principles, Google, Inc.. Retrieved from http://www.google.com/intl/en/policies/terms/

InternetSociety.org, (2011). Perspectives on Policy Responses to Online Copyright Infringement – An Evolving Policy Landscape, February, Internet Society, Discussion Paper, Retrieved from http://www.internetsociety.org/sites/default/files/bp-copyrightpolicy-20110220-en-1.pdf

Jondet, N., (2010) The French Copyright Authority (Hadopi): The Graduated Response and the Disconnection of Illegal File-Sharers, University of Edinburgh, Retrieved from http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1664509

La Rue, F. (2011). Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, UN General Assembly Human Rights Council, June. Retrieved from http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf

La Rue, F., Mijatoviæ, D., Botero Marino, C., Pansy Tlakula, F. (2011). Joint Declaration on Freedom of Expression and the Internet, United Nations (UN) Special Rapporteur on Freedom of Opinion and Expression, the Organization for Security and Co-operation in Europe (OSCE)

Noman, H. (2010). Sex, Social Mores, and Keyword Filtering: Microsoft Bing in the "Arabian Countries, OpenNet Initiative, March. Retrieved from https://opennet.net/sex-social-mores-andkeyword-filtering- microsoft-bing-arabian-countries

Noman, H. and York, J. C., (2011). West Censoring East: The Use of Western Technologies by Middle East Censors, 2010–2011, OpenNet Initiative, March. Retrieved from https://opennet.net/west-censoring-east- the-use-western-technologies-middle-east-censors-2010-2011

OECD (2010). Summary of OECD Experts Workshop on Internet Intermediaries, June 16, Paris, France. Retrieved from http://www.oecd.org/internet/ieconomy/45997042.pdf

OpenNet Initiative (2004), Google Search & Cache Filtering Behind China's Great Firewall,Bulletin 006, September. Retrieved from https://opennet.net/bulletins/006/

Reporters Without Borders (2011). "Countries under surveillance: Egypt", March. Retrieved from http://en.rsf.org/surveillance-egypt,39740.html

Reporters Without Borders. (2012). Enemies of the Internet - 2012 Report, Journee Mondiales Contre La Cybercensure, http://march12.rsf.org/i/Report_EnemiesoftheInternet_2012.pdf 143

European Capability for Situational Awareness – Final Report

Reporters without Borders (2013) World Press Freedom Index Report. http://issuu.com/rsf_webmaster/docs/2013index/1?e=0

Reporters Without Borders. (2013). Enemies of the Internet - 2013 Report - Special Edition: Surveillance. Retrieved from http://www.reporter- ohnegrenzen.de/fileadmin/docs/enemies_of_the_internet_2013_01.pdf

Seng, D., (2011). Comparative Analysis of the National Approaches to the Liability of Internet Intermediaries, June, National University of Singapore. Retrieved from http://www.wipo.int/export/sites/www/copyright/en/doc/liability_of_internet_intermediaries.pdf

United Nations Human Rights Council. (2013). Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression”. Retrieved from http://www.ohchr.org/Documents/HRBodies/HRCouncil/RegularSession/Session23/A.HRC.23.40_EN.pdf http://web.archive.org/web/20090227001212/http://www.astro.princeton.edu/~mjuric/universe/slashdott ing/

A brief history of the internet, ISOC http://www.internetsociety.org/internet/what-internet/history- internet/brief-history-internet

US Code Title 10 - Section 467: Definitions http://codes.lp.findlaw.com/uscode/10/A/I/22/IV/467

Wayne Eckerson, (2012) Location Intelligence Is More Than a Map, http://www.esri.com/news/arcuser/1012/files/morethanamap.pdf

Andrea Ballatore and Ali Tahir, (2011), A comparison of open source geospatial technologies for web mapping, School of Computer Science and Informatics, University College Dublin

Stefan Steiniger, Andrew J.S. Hunter (2012), The 2012 free and open source GIS software map – A guide to facilitate research, development, and adoption Department of Geomatics Engineering, University of Calgary

Steiniger, S., and Weibel, R. (2009), GIS software – a description in 1000 words, University of Calgary (CA), University of Zurich (CH) http://en.wikipedia.org/wiki/Comparison_of_geographic_information_systems_software, Accessed on April 5, 2015

Web Map Service, http://www.opengeospatial.org/standards/wms, Accessed on April 8, 2015

Benchmarking 2011, http://wiki.osgeo.org/wiki/Benchmarking_2011, Accessed on April 8, 2015

Google Maps JavaScript API V3 Reference, https://developers.google.com/maps/documentation/javascript/reference, Accessed on April 8, 2015

Release History for Bing Maps AJAX Control, Version 7.0, https://msdn.microsoft.com/en- us/library/dn606256.aspx, Accessed on April 8, 2015

144

European Capability for Situational Awareness – Final Report

Usage Limits and Billing, https://developers.google.com/maps/documentation/javascript/usage, Accessed on April 8, 2015

Microsoft Bing Maps Platform APIs’ Terms Of Use, http://www.microsoft.com/maps/product/terms.html, Accessed on April 8, 2015

Download Leaflet, http://leafletjs.com/download.html, Accessed on April 8, 2015

License, https://github.com/Leaflet/Leaflet/blob/master/LICENSE, Accessed on April 8, 2015

Open JavaScript Maps API v7.2 Developer’s Guide, http://developer.mapquest.com/web/documentation/open-sdk/javascript/v7.2, Accessed on April 8, 2015

MapQuest Platform Terms of Use, http://developer.mapquest.com/web/info/terms-of-use, Accessed on April 8, 2015

Start Mapping Now, https://www.mapbox.com/plans/, Accessed on April 8, 2015

Dayal, Umeshwar and Buchmann, AlejandroP. and McCarthy, DennisR., (1988), Rules are objects too: A knowledge model for an active, object-oriented database system, Advances in Object-Oriented Database Systems 334, p. 129–143

Jiawei Han, Yongjian Fu, Wei Wang, Krzysztof Koperski, Osmar Zaiane, (1996), DMQL: A Data Mining Query Language for Relational Databases, DMKD-96 (SIGMOD-96 Workshop on KDD), Montreal, Canada.

Tomasz Imieli ´ nski, Aashu Virmani, (1999), MSQL: a query language for database mining, Data Mining and Knowledge Discovery, p. 373–408

Yan-Nei Law and et al., (2011), Relational Languages and Data Models for Continuous Queries on Sequences and Data Streams

Chuck Cranor and Theodore Johnson and Oliver Spataschek, (2003), Gigascope: a stream database for network applications, In SIGMOD, p. 647–651

Hendrik Blockeel and Toon Calders and Élisa Fromont and Bart Goethals and Adriana Prado and CÃl’line Robardet, (2010), A Practical Comparative Study of Data Mining Query Languages

Hendrik Blockeel, Toon Calders, Élisa Fromont, Bart Goethals , Adriana Prado , Céline Robardet, (2010), Inductive Querying with Virtual Mining Views

Hetal Thakkar and Nikolay Laptev and Hamid Mousavi and Barzan Mozafari and Vincenzo Russo and Carlo Zaniolo, (2011), SMM: a data stream management system for knowledge discovery, In Proceedings of the 27th International Conference on Data Engineering (ICDE), p. 11–16

Douglas Adams, (1982), SMEFF: Sudden Massive Existence Failure, Life, the Universe and Everything, ISBN ISBN 0-345-39182-9

(2013), IoT , http://www.cisco.com/web/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf, p. 3 145

European Capability for Situational Awareness – Final Report

(2013), RFC1034 , https://tools.ietf.org/html/rfc1034

Internet Domain Name System Structure and Delegation (ccTLD Administration and Delegation), (May 1999), https://www.icann.org/resources/pages/delegation-2012-02-25-en

Andrew McAfee and Erik Brynjolfsson, (2012) Big data: the management revolution, Harvard business review; 90(10):60-6, 68, 128.

James Grimmelmann, (2015), The Virtues of Moderation, 17 Yale J.L. & Tech. 42

David Trafimow and Michael Marks, (2015), Editorial, Basic and Applied Social Psychology, 37:1â˘AS¸ 2

Regina Nuzzo, (2014), Statistical Errors: P values, the ’gold standard’ of statistical validity, are not as reliable as many scientists assume, Nature Vol 506

M. J. Bayarri and J. O. Berger, (2004), The Interplay of Bayesian and Frequentist Analysis, Statistical Science Vol 19 No. 1, p. 58–80

T.A Meyer and B Whateley, (2004), SpamBayes: Effective open-source, Bayesian based, email classification system, CEAS

Matt Sergeant, (2003), Internet Level Spam Detection and SpamAssassin 2.50, presentation at spam conference 2003

Ion Androutsopoulos and John Koutsias and Konstantinos Chandrinos and Georgios Paliouras and Constantine D. Spyropoulos, (2000), An evaluation of Naive Bayesian anti-spam filtering, CoRR Vol cs.CL/0006013

David Harel, (1987), Statecharts: A Visual Formalism for Complex Systems, Sci. Comput. Programming 8, p. 231–274

Arthur Gill, (1962), Introduction to the Theory of Finite-State Machines, McGraw Hill, USA

R. Alur, M. Benedikt, K. Etessami, P. Godefroid, T. Reps, M. Yannakakis, (2005), Analysis of Recursive State Machines, Microsoft Research

Werbos, P., (1974), Beyond Regression: New Tools for Prediction and Analysis in the Behavioral Sciences PhD thesis, Harvard University

Rumelhart, David E., Hinton, Geoffrey E., Williams, Ronald J., (1986), Learning representations by back- propagating errors, Nature, 1986 vol 323, p. 533–536

Alex Krizhevsky and Sutskever, Ilya and Geoffrey E. Hinton, (2012), ImageNet Classification with Deep Convolutional Neural Networks, Advances in Neural Information Processing Systems 25, p. 1097–1105

Wang, Dingding and Li, Tao and Zhu, Shenghuo and Ding, Chris, (2008), Multi-document Summarization via Sentence-level Semantic Analysis and Symmetric Matrix Factorization, Proceedings of the 31st Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, p. 307–314 146

European Capability for Situational Awareness – Final Report

Paul Buitelaar, Philipp Cimiano and Bernardo Magnini, (2003), Ontology Learning from Text: An Overview

David R. Hardoon, Sandor Szedmak, John Shawe-Taylor, (2004), Canonical Correlation Analysis: An Overview with Application to Learning Methods, Neural Computation Vol 16, p. 2639–2664

Susan T. Dumais, (2005), Latent Semantic Analysis, Annual Review of Information Science and Technology Volume 38, Issue 1, pages 188–230

Hinton, G. and Li Deng and Dong Yu and Dahl, G.E. and Mohamed, A. and Jaitly, N. and Senior, A. and Vanhoucke, V. and Nguyen, P. and Sainath, T.N. and Kingsbury, B., (2012), Deep Neural Networks for Acoustic Modeling in Speech Recognition: The Shared Views of Four Research Groups, Signal Processing Magazine, IEEE, Vol 29, p. 82–97

Dahl, G.E. and Dong Yu and Li Deng and Acero, A., (2012) Context-Dependent Pre-Trained Deep Neural Networks for Large-Vocabulary Speech Recognition, Audio, Speech, and Language Processing, IEEE Transactions on, Vol 20, p. 30–42

Maite Taboada, Julian Brooke, Milan Tofiloski, Kimberly Voll, Manfred Stede, (2011), Lexicon-Based Methods for Sentiment Analysis, Computational Linguistics Vol 37, p. 267–307

Ronen Feldman, (2013), Techniques and Applications for Sentiment Analysis, Communications of the ACM, Vol. 56 No. 4, p. 82–89

Cambria, E. and Schuller, B. and Yunqing Xia and Havasi, C., (2013), New Avenues in Opinion Mining and Sentiment Analysis, Intelligent Systems, IEEE Vol 28, p. 15–21

Gayo-Avello, Daniel, (2012), No, You Cannot Predict Elections with Twitter, Internet Computing, IEEE Vol 16, p. 91–94

James Surowiecki, (2004), The Wisdom of Crowds: Why the Many Are Smarter Than the Few and How Collective Wisdom Shapes Business, Economies, Societies and Nations, ISBN 978-0-385-50386-0

Jaron Lanier, (2010), You Are Not a Gadget, ISBN 978-1-84614-341-0 soft Xpansion GmbH & Co. KG, (2009), Metadata in Microsoft Office and in PDF Documents: Types, Export, Display and Removal, http://soft-xpansion.eu/files/cc/Metadata.pdf

Joaquim Lapa, Jorge Bernardino, and Ana Figueiredo, (2014), A comparative analysis of open source business intelligence platforms, In Proceedings of the International Conference on Information Systems and Design of Communication (ISDOC ’14). ACM, New York, NY, USA, p. 86–92.

Gartner Group, (2015), Magic Quadrant for Business Intelligence and Analytics Platforms, https://www.gartner.com/doc/2989518/magic-quadrant-business-intelligence-analytics

Noam Chomsky, (1956), Three models for the description of language, IRE Transactions on Information Theory (2): p. 113–124. doi:10.1109/TIT.1956.1056813.

147

European Capability for Situational Awareness – Final Report

Eric Ries, (2009), Minimum Viable Product: a guide, http://www.startuplessonslearned.com/2009/08/minimum-viable-product-guide.html

Eric Ries, (2011), The Lean Startup: How Today’s Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses

Trier et. al, (1995), Feature Extraction Methods for Character Recognition – A Survey

148

European Capability for Situational Awareness – Final Report

European Commission

European Capability for Situational Awareness Luxembourg, Publications Office of the European Union

2015 – 148 pages

ISBN 978-92-79-50396-2 DOI: 10.2759/338748

KK

-

02

-

15

-

595

-

EN

-

N

DOI: 10.2759/338748 ISBN 978-92-79-50396-2