1

To: Participants and interested parties in the Clean IT project NOT FOR PUBLICATION / LIMITED DISTRIBUTION This document is not for publication. The recipient may share this document with others within their organization on a need-to-know basis.

Clean IT Project Return adress: Ministry of Security and Justice / NCTV Oranjebuitensingel 25 2511 VE The Hague PO box 16950 2500 BZ The Hague www.nctv.nl Email: info@cleanITproject.eu URL: www.cleanITproject.eu

Date Concerning

May 2012 Progress Report Clean IT project

With the financial support from the Prevention of and

Third Draft document published The Clean IT team recently published the third draft document on their website. This draft is based on discussions from participants from the three workshops that have been organized so far (Amsterdam, Madrid, Brussels). The number of participants and interested people is growing. Every week new contacts are added to our mailing list, and we are able to invite new participants to our workshops. The draft document starts with a preamble by governments. After the second workshop it became clear that private sector participants needed more clarification on what exactly the terrorist use of the Internet is, and how they can recognize it. The participants appreciated the constructive discussions they experienced in the `open dialogue within a trusted environment that the Clean IT project created. They called for a continuation of this type of dialogue in a permanent platform, which will be discussed in future workshops. The main text of the draft document consists of a set of general principles to be adopted by the Internet industry and governments, and a list of best practices to be implemented on a voluntary basis. In the discussions until now, the participants also identified some `bad practices. In the views of participants some practices are not efficient, could affect our internet freedom, and should be discouraged. This also, is seen as useful outcome from the project. Questionnaire A separate track of the Clean IT project aims to identify practices to limit the terrorist use of the Internet in all European Union Member States. For this inventarisation the Clean IT Team developed a short questionnaire and distributed it to private and public organizations in Europe. We received answers from only 11 Member States. But the input itself is useful and will be presented to the participants in the next workshop.

Fight against Crime Programme of the European Union European Commission Directorate-General Justice, Freedom and Security

Page 1 of 2

Presentation at RIPE_NCC and TF_CSIRT The Clean IT project was invited to give a presentation for the anti abuse working group at the RIPE NCC1 meeting in Ljubiljana where Internet Service Providers, network operators and other interested parties from Europe and the surrounding regions get together. The project manager stated that the terrorist use of the Internet also could be seen as a specific form of abuse. The same presentation was given to the TF CSIRT community2 a few weeks later. Both presentations were well received and resulted in interesting discussions with the audience. EuroDIG The European Dialogue on Internet Governance (EuroDIG) will take place on 14-15 june in Sweden. The Clean IT workshop proposal for this conference was granted, and together with other workshop proposal upgraded into the (fifth) plenary session about cyber security. One of the topics is: Advantages of PPPs in fighting extremism and terrorism. Following up the presentation about the start of the Clean IT project last year in Belgrade, the project manager will now have the opportunity to highlight the interim results of the Clean IT project. The Clean IT team insisted to have an important representative from the internet freedom perspective in the discussion, and is proud to announce that Ms Marietje Schaake from the European Parliament will take place in the panel. More countries to join the project At this moment there are several informal contacts with the internet industry, also in other countries than the ones that took the initiative for this project (Belgium, Germany, Netherlands, United Kingdom and Spain). These businesses would like to see that their government is aware of this project, and if possible participates. Therefore, Minister Ivo Opstelten from the Dutch Ministry of Security and Justice wrote a letter to his European colleagues and asked for support. The idea is that supporting government partners underline the project goals and actively participate by giving input and advice on the work done by the project. Also they will evaluate the project result (i.e. the general principles) to determine if they can formally adopt the end result, which is planned to be presented beginning 2013. Next steps The next workshop is on June 4-5 in Berlin. The logistical preparations for the following workshop in London (September 14th) have already started.

Clean IT project Date may 2012

RIPE NCC is the Network Coordination Centre from one of the five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally. CSIRT are the Computer Security Incident Response Teams, responsible for receiving, reviewing and responding to computer security incident reports and activity. TF-CSIRT is a task force that promotes collaboration between CSIRTs at the European level, and liaises with similar groups in other regions. 2

NOT FOR PUBLICATION / LIMITED DISTRIBUTION

Page 2 of 2