From 140be416cbc17bed349697c205af07d2f3070089 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Wed, 29 Aug 2012 15:51:08 +0200 Subject: Iinitial draft: wget -m -nH http://islandsofresilience.eu/report/ --- report/1.html | 543 +++++++++++++++++++++++++++ report/Greens-IslandsofResilience-1.orig.png | Bin 0 -> 417260 bytes report/Greens-IslandsofResilience-1.png | Bin 0 -> 225618 bytes report/Greens-IslandsofResilience-10.png | Bin 0 -> 314452 bytes report/Greens-IslandsofResilience-14.png | Bin 0 -> 268589 bytes report/Greens-IslandsofResilience-16.png | Bin 0 -> 753233 bytes report/Greens-IslandsofResilience-17.png | Bin 0 -> 253540 bytes report/Greens-IslandsofResilience-2.png | Bin 0 -> 106308 bytes report/Greens-IslandsofResilience-23.png | Bin 0 -> 7455 bytes report/Greens-IslandsofResilience-3.png | Bin 0 -> 15428 bytes report/Greens-IslandsofResilience-9.png | Bin 0 -> 118211 bytes report/Greens-IslandsofResilience.html | 14 + report/Greens-IslandsofResilience.pdf | Bin 0 -> 3236589 bytes report/Greens-IslandsofResilience.txt | 343 +++++++++++++++++ report/Greens-IslandsofResilience_ind.html | 37 ++ report/Greens-IslandsofResiliences.html | 475 +++++++++++++++++++++++ report/index.html | 52 +++ 17 files changed, 1464 insertions(+) create mode 100644 report/1.html create mode 100644 report/Greens-IslandsofResilience-1.orig.png create mode 100644 report/Greens-IslandsofResilience-1.png create mode 100644 report/Greens-IslandsofResilience-10.png create mode 100644 report/Greens-IslandsofResilience-14.png create mode 100644 report/Greens-IslandsofResilience-16.png create mode 100644 report/Greens-IslandsofResilience-17.png create mode 100644 report/Greens-IslandsofResilience-2.png create mode 100644 report/Greens-IslandsofResilience-23.png create mode 100644 report/Greens-IslandsofResilience-3.png create mode 100644 report/Greens-IslandsofResilience-9.png create mode 100644 report/Greens-IslandsofResilience.html create mode 100644 report/Greens-IslandsofResilience.pdf create mode 100644 report/Greens-IslandsofResilience.txt create mode 100644 report/Greens-IslandsofResilience_ind.html create mode 100644 report/Greens-IslandsofResiliences.html create mode 100644 report/index.html (limited to 'report') diff --git a/report/1.html b/report/1.html new file mode 100644 index 0000000..067d5a3 --- /dev/null +++ b/report/1.html @@ -0,0 +1,543 @@ + + + + + + + + + +
+
+
+
+
+
+
+
+

 


+Islands of Resilience
+Comparative Model for Energy, Connectivity and Jurisdiction
+Realizing European ICT possibilities through a case study of Iceland


 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
+Smári McCarthy and Eleanor Saitta

 
 
 
 
 
+1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

Prepared at the request of:
+on behalf of Members of the European Parliament 
Christian Engström, Indrek Tarand, Carl Schlyter, Sandrine Bélier, Karima Delli, Eva Lichtenberger, Raül 
Romeva i Rueda, Heide Rühle, Judith Sargentini, Bas Eickhout and Marije Cornelissen
 
 
 
 
Prepared at the request of The Greens / European Free Alliance
 
Authors:

+On behalf of Members of the European Parliament:
+   Smári McCarthy
+    Christian Engström
+   Eleanor Saitta
+    Indrek Tarand
    Carl Schlyter
+Contributing Researchers:
+    Sandrine Bélier
+   Guðjón Idir
+    Karmima Delli
+   Jason Scott
+    Eva Lichtenberger
    Paül Romeva i Rueda
    Heide Rühle
    Judith Sargentini
    Bas Eickhout
    Marije Cornelissen
+Produced by:
 

+ 
      

+    International Modern Media Institute
    Laugavegur 3
    101 Reykjavík
    Iceland

 
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
+2
+
+
+
+

 
 
 
+ Distributed under the terms of the 
+Creative Commons Attribution-Sharealike 3.0-unported License
+ 
+3
+
+Abstract
+Locale is rapidly becoming one of the most important competitive differentiators in the 
provision of cloud-based information technology services. Broadly speaking, three 
categories of issues define a locale's fitness for hosting the cloud: energy, connectivity, and 
jurisdiction.
+Energy is the largest cost center for most cloud hosts. Beyond price per kilowatt hour, 
hosting companies must consider redundant network availability, power grid resilience, 
environmental sustainability, climate, and equipment cooling requirements as core parts of 
their energy strategy.
+Connectivity is clearly essential for hosts, and differentiating factors here include total 
installed bandwidth, current utilized bandwidth, hub redundancy, international uplink 
redundancy, round trip latency, traffic shaping and network neutrality.
+Jurisdictional issues are an area of emerging concern and awareness for cloud hosts, where 
the landscape is shifting rapidly.  Hosting companies are deeply affected by intermediary 
liability, hosting liability, state and corporate surveillance, state and corporate censorship, the 
accessibility of and cost of interacting with courts, corruption, and socioeconomic stability.
+This report considers Iceland's relative competitive advantages and drawbacks as a hosting 
locale relating to these issues.
+4
+
+Table of Contents
+Abstract
+Introduction
Energy
+Energy Sources
Energy Utilization and Pricing
Grid Resilience and Redundancy
Climate and Cooling
+Connectivity
+Submarine Cables
Installed and Utilized Capacity
Domestic Network
Round Trip Latency
Network Security
Future Connectivity Developments

+Jurisdiction
+Commercial Issues
Overview of Icelandic Information Regulation
Compatibility with European Union Directives
Intermediary Liability Limitations
Surveillance
Censorship
Data Protection
Human Resources
Icelandic Modern Media Initiative
Source Protection
Freedom of Information Act
Network Neutrality
Communications Protection and Communications Data Retention
Intermediary Liability Limitations
Libel Tourism Protection
Libel Reform and Publishing Liability Limitations
Whistleblower Protection
Prior Restraint Limitations
Virtual Limited Liability Companies

+Selected Bibliography

+5
+
+Introduction
+This preliminary study is intended to give a birds-eye view of the primary factors pertaining 
to energy, connectivity and jurisdiction in Iceland, as applicable to ICT1 growth in general 
and cloud hosting in particular.. It is necessarily narrow in scope and largely based on 
aggregating publicly available information. As a result, some inaccuracies may exist, largely 
due to poor information made available by private actors. A more in-depth follow up study 
will  remedy this by seeking out more detailed expert insights, detailed statistics, and 
comparing against sourced cases.
+Regardless, this report clearly shows the advantages Iceland has in relation to ICTs, as well 
as showing some of its potential weaknesses and possible remedies.
+Iceland’s key strengths are:
+●
+Cheap and abundant energy generated from green, renewable, sustainable and 
resilient energy sources, distributed over a well designed and resilient power grid.
+●
+Increasingly good connectivity to the outside world with reasonable redundancy 
and a large amount of unused capacity available for expansion, and a very highly 
developed internal network with high resiliency.
+●
+An advanced and stable jurisdiction, with clear information rights and regulations, 
well structured administration, and well informed governing bodies.
+Iceland’s main weaknesses are:
+●
+Scale discrepancies both in energy generation and consumption which could 
potentially threaten grid resilience in extreme cases. This can be improved with 
further diversification of energy consumers, such as large-scale ICT deployments.
+●
+Iceland’s data connectivity is provided by a relatively small number of submarine 
cables connecting to the outside world, creating some network precarity.  This is 
currently being improved with the addition of new cables.
+●
+International data transport bandwidth through submarine cables is currently 
expensive. This could be mitigated by further investments, subsidies, or other 
methods to reduce the price for connection, with the intention of increasing the 
overall usage.
+●
+Iceland has similar issues with blanket communications surveillance as in the EU, 
which make it less attractive for hosting than countries where communications are 
not monitored. This is hard to fix without political will in the EU.
+●
+Wildcard properties exist in the implementation of the e-Commerce directive, 
connected to injunctive powers that district sheriffs still have. This can be solved by 
clarifying the instances under which injunctions can be made, and restricting the 
issuing authority to courts.
+Together Iceland’s key strengths form a very sound basis for the expansion of ICT in 
Iceland, especially cloud hosting.  Most of the weaknesses in Iceland’s position are either 
+1 Information and Communication Technologies
+6
+
+structural weaknesses common amongst all EU member states or are relatively trivial issues 
which can be resolved easily.

+Energy
+Energy is the largest cost center for most cloud hosting companies. Beyond price per 
kilowatt hour, hosting companies must consider redundant network availability, power grid 
resilience, environmental sustainability, climate, and equipment cooling requirements as 
core parts of their energy strategy. 
+In our analytical model for energy, we asked the following questions:
+How prevalent are renewable energy sources in current electrical production?
+1. Less than 3% of all energy production based on renewable energy sources.
2. Between 4 and 40% of all energy production based on renewable energy sources.
3. Between 40 and 60% of all energy production based on renewable energy sources.
4. Between 60 and 97% of all energy production based on renewable energy sources.
5. More than 97% of all energy production based on renewable energy sources.
+How much can current electrical production be increased without the construction of 
new (not currently planned) power plants?

+1. By less than 5% of current average power use.
2. By less than 25% of current average power use.
3. By less than 50% of current average power use.
4. By more than 75% of current average power use
5. By more than 100% of current average power use.
+What is the annual average price per kiloWatt hour for a commercial customer using 
less than 2 GWh/year, including generation and distribution?

+1. > €0.20/kWh
2. > €0.14/kWh
3. <= €0.14/kWh
4. < €0.09/kWh
5. < €0.07/kWh


+Iceland's national energy plan was last updated in November of 2011.
+Energy Sources
+7
+
+In 2009, Iceland’s total energy utilization was roughly 240 PJ2 of primary energy sources, 
which equates to roughly 67 TWh3. The primary energy sources were, in order of magnitude: 
geothermal, hydroelectric, oil, and coal. Geothermal energy use was greater than all other 
energy sources combined, while coal use was relatively minuscule. Energy use in Iceland 
has risen substantially since the 1940’s with the industrialization of the country, which up 
until roughly 1960 was almost entirely rural.
+A vast amount of geothermal energy is used for house-heating (45%), followed by electricity 
production (39%). In addition, it is used for snow-melting, swimming pools, fish farming, 
greenhouses and for industrial purposes. In 2009 a total of 22.3 PJ of geothermal energy 
was used for electricity production.
+Only 18% of Iceland’s primary energy utilization comes from petrochemicals, of which 
90% is oil and 10% coal. The majority of the coal is used by the iron smelting plant at 
Grundartangi, with other industrial processes consuming the remainder. Almost no natural 
gas is used in Iceland. Roughly 660 thousand tonnes of oil were used in Iceland in 2009, 
of which 41% went to powering cars, 18% for aircraft, and 29% for fishing. Petroleum use 
for cars has increased by 64% since 1990 in Iceland, contributing to the overall increase in 
use. Oil is not used for electricity production except for some emergency backup generators. 
Some towns have backup generators capable of sustaining basic operations throughout the 
town temporarily, but the redundancy of the electricity grid renders this use minimal.
+As a result, the electricity production in Iceland is almost exclusively from geothermal and 
hydroelectric primary energy sources. The theoretical maximum energy production in Iceland 
is 64 TWh per year from hydroelectric sources and between 10 and 30 TWh per year from 
geothermal sources. However, for natural protection purposes substantial regions of Iceland 
have been classified as natural reserves, parks, or other protected areas. In addition, certain 
areas have been classified as energy reserves that will not be used in coming years, in part 
for sustainability reasons. This lowers the effective energy available for production.
+The current installed production capacity is 12.3 TWh per year for hydroelectric power, 
and 4.6 TWh per year for geothermal power. After subtracting the protected and reserve 
production categories, the total available hydroelectric and geothermal energy available for 
future expansion is 11.91 TWh per year.
+Variability of energy pricing and availability is a critical issue for data centers.  As Iceland has 
little or no hydrocarbon-based electricity production, electricity prices are largely unaffected 
by fluctuations in the oil, gas, and coal markets, and will not be affected by supply chain 
interruptions in these markets.  This provides a critical level of energy resilience for the 
Icelandic electrical system at the supply end.  Cheap, reliable, resilience, and predictably 
priced energy sources are, in combination, a significant advantage for potential hosting 
companies.
+2 Petajoules. 1 PJ = 1015 J
3 Terawatt hours. 1 TWh = 1012 W·h
+8
+
+
+
+
+
+
+
+
+
+
+
+(Primary energy sources in Iceland 1940-2009. Inset: Proportional use. Top to bottom: Coal, 
+oil, geothermal and hydroelectric. Source: Orkuáætlun 2011)
+Energy Utilization and Pricing
+In 2009, 74% of produced electricity in Iceland went to the aluminum industry, with roughly 
4.9 TWh/year to Alcoa Fjarðarál, 4.0 TWh/year to Rio Tinto Alcan, and 4.0 TWh/year to 
Norðurál. 6% of produced electricity was used in the services industry, 5% for iron smelting 
plants, 5% for household appliances, 4% for utilities, 4% for general industries, and 1% in 
agriculture.
+9
+
+
+
+
+
+
+
+(Electricity use 2009. From top to bottom: Fisheries, agriculture, general industries, district 
+heating, home use, steel mills, services and aluminum industry. Source: Orkuátælun 2011)
+Energy use for household appliances accounted for 627 GWh in 2009, accounting for 7.1 
B ISK (€44.3 million)  in consumer use, including VAT. Average household electricity costs 
in Reykjavík are 11.30 ISK/kWh, or €0.07/kWh. This rate is substantially higher than the 
price for industry.  In the case of the aluminum smelters, these rates are 30% lower than 
the European average4, although the energy prices for aluminum smelting have been 
confidential. Alcoa Fjarðarál reportedly paid between 28-35 USD/MWh in 2006, or roughly 
€0.044/kWh at 2006 exchange rates.
+(Main power lines and power plants. Source: Landsnet. For realtime energy distribution 
+figures, see http://landsnet.is/raforkukerfid/kerfisstjornun/aflflutningurnuna/ )
+Grid Resilience and Redundancy
+Power grid resilience in Iceland is fairly high. The 61 power stations in Iceland are connected 
with a circular grid which goes around the country, providing basic redundancy. In addition, 
most power stations on the southwest corner have further grid redundancy simply due to the 
higher population density and related network effects.
+There are 50 hydroelectric power stations in Iceland, mostly small. There are 7 geothermal 
power plants, and 4 fueled power plants—one that generates power through garbage 
incineration, two diesel powered, and one methane plant.
+4 http://www.mbl.is/greinasafn/grein/1026890/
+10
+
+Some parts of the country, most notably the western fjords, are very poorly connected into 
the grid and frequently get disconnected during the winter months due to poor weather 
conditions. Power availability is maintained primarily with diesel generators when this 
happens. Similarly, Flatey and Grímsey, two populated islands off the Icelandic west 
and north coasts, respectively, are not connected to the main power grid, but are instead 
powered by diesel generators.
+Resilience is quite high on the southwest corner, where most economic activity is situated, 
but the east coast has also improved substantially in recent years due to developments in 
relation to the Kárahnjúkar dam project and the Alcoa Fjarðarál aluminum smelter.
+The overall infrastructural elasticity on the power grid is high enough to handle most types of 
outages due to line failures, power station shutdowns and disasters, but some very extreme 
edge cases exist where grid resilience is threatened, notably sudden outages in production 
units such as Kárahnjúkavirkjun, which could potentially lead to chain reactions of failures, 
similar to the power outage at Itaipu power station in Brazil on 21 January, 2002. In general, 
larger plants require larger transmission lines and inevitably cause more widespread 
damage when they do fail. Similarly, larger consumption units may threaten grid resilience.  
For instance, almost one third of Iceland’s total electricity consumption is used by a single 
aluminum smelter, meaning that the unlikely edge case of an abrupt total disconnect would 
momentarily increase the available electricity substantially. This kind of pathological outage 
may however be mitigated by various means, not least the further diversification of power 
production and consumption.
+Climate and Cooling
+Estimates for data center energy utilization from IBM5 suggest that roughly half of all energy 
is used on cooling, and an additional fourth on heat waste, mostly due to internal electrical 
resistance in system components. Therefore, a priori energy waste in typical data centers 
is roughly 75% before any actual computation occurs. Mitigating this waste is clearly crucial 
to the efficiency, cost-effectiveness and sustainability of any data center. The proportional 
cost of cooling for data centers has risen dramatically over the past few years, relative to the 
cost of hardware.  Reduction in hardware deployments due to virtualization and increases 
in system density have dramatically reduced equipment purchase costs as a proportion 
of operating costs.  As a result of this, component-level heat waste mitigation is a primary 
industry research goal.
+Increasingly, large data center operators have started to look to areas with relatively cold 
climates.  Cooling costs are significantly lower in cold areas, and most energy use in data 
centers in those areas that goes to cooling is attributable to airflow management and de-
humidification rather than direct refrigeration. An example of this is the planned data center 
that Facebook, Inc., is building near Luleå, Sweden6.
+5 https://www-950.ibm.com/events/wwe/grp/grp030.nsf/vLookupPDFs/IBM%20BladeCenter%20 
Product_Tikiri/$file/IBM%20BladeCenter%20Product_Tikiri.pdf
6 http://online.wsj.com/article/BT-CO-20111215-712478.html
+11
+
+In this respect, Iceland's climate is clear benefit for cloud hosting providers even though 
it’s not nearly as cold as some more northerly locales. The oceanic climate contributes to 
relatively stable temperatures over the year. Apart from insolation, there is relatively little 
seasonal variation in the factors that contribute to data center cooling. On the negative 
side, Iceland’s climate is generally rather humid, with an annual average of roughly 70.75%.  
In order for outside air to be used for cooling purposes some dehumidification would be 
needed.
+Variable
+Jan
+Feb
+Mar
+Apr
+May
+Jun
+Jul
+Aug
+Sep
+Oct
+Nov
+Dec
+Average temp. °C
+-2.60
+-2.59
+-1.59
+1.37
+5.24
+8.49
+10.31
+9.58
+6.29
+2.75
+-0.04
+-1.91
+Insolation, kWh/m²/day
+0.11
+0.53
+1.31
+2.77
+4.11
+4.71
+4.16
+3.27
+2.17
+0.97
+0.25
+0.03
+Wind speed, m/s
+10.20
+10.27
+9.63
+8.42
+7.18
+6.51
+6.40
+6.63
+7.62
+8.85
+8.76
+10.41
+Humidity, %
+80
+78
+71
+69
+66
+66
+63
+61
+67
+72
+77
+79.0
+(Reykjavík average temperature, insolation and windspeed, source: Gaisma.com)
+Connectivity
+Iceland’s connectivity to the outside world has improved substantially over the last two 
decades. Since 1994, submarine fiber optics connections have existed to the Europe 
and North America. Since 2004, domestic Internet connectivity has gone up from 81% of 
households to 90%, compared to EU growth from 41% to 65%. Of the 10% of Icelandic 
households not connected to the Internet, 40% (4% of the total) claim not to want an Internet 
connection, whereas 25% (2.5% of the total) say it is due to price of connectivity.
+Submarine Cables
+As of November 2011, there are four fiber optics cable links to Iceland: DanIce, Greenland 
Connect, FarIce, and CANTAT-3, in order of decreasing capacity. Several projects have 
been proposed to increase the number of fiber optics links to Iceland; of them, Emerald 
Express is the furthest towards completion.
+Fiber optic cable
+Owner
+Total capacity
+Installed capacity
+Utilized capacity
+CANTAT-3
+Síminn
+7.5 Gb/s
+None
+Decommissioned
+FarIce
+Farice ehf
+720 Gb/s
+Unknown

+Danice
+Farice ehf
+5.2 Tb/s
+~20 Gb/s

+Greenland connect
+TELE Greenland
+1.9 Tb/s
+Unknown

+Emerald Express
+Emerald Networks
+58.6 Tb/s (planned)
+N/A
+Under construction

The CANTAT-3 was the first fiber optics cable connection to Iceland, greatly increasing the 
country’s telecommunications capacity. Installed in 1994, it was disrupted in late 2006 and 
was not returned to full capacity until mid-year 2007. The CANTAT-3 cable was retired in 
+12
+
+late 2010, due to age, operational costs, and low capacity.
+Farice ehf operates two fiber-optic submarine systems as of late 2011. It is partially owned 
by the Icelandic state and Arion bank, but a 20% stake is held by Faroese shareholders.
+Their first system, FarIce, lies between Seyðisfjörður, Iceland and Dunnet Bay, Scotland with 
a layover in Funningsfjørður in the Faroe Islands. From these locations it is backhauled to 
Reykjavík, Edinburgh and Tórshavn respectively. It traverses a roughly 1,400 km route using 
Dense Wavelength Division Multiplexing (DWDM) transmission technology. It has been in 
use since 2004 and is currently Iceland’s main communications line. Currently only roughly 
3% of FarIce’s total potential capacity is installed, according to available sources.
+Farice ehf’s second system, Danice, was laid in 2008 and connects Landeyjarsandur in 
Iceland to Blaabjerg, Denmark, with a planned expansion to Eemshaven, Netherlands. 
Despite having significantly greater capacity than FarIce, it is much less utilized and mostly 
used as a redundancy cable for FarIce.
+The most recent fiber optic connection to Iceland is through Greenland Connect, installed 
in 2009 and owned and operated by TELE Greenland. It connects Milton, Trinity Bay, 
Newfoundland and Labrador, Canada, to Nuuk, Greenland, Qaqortoq, Greenland, and 
Landeyjarsandur, Iceland. It contains two fiber pairs specified for 128 wavelengths carrying 
10 Gb/s each. As its landing point in Iceland is co-located with the Danice cable, direct 
bridging between them is possible.
+The Emerald Express is a planned 6x100x100 Gb/s fiber optics cable from the United States 
to Ireland with an offshoot to the Reykjanes peninsula in Iceland. Being constructed by 
Emerald Atlantis, Ltd. and TE SubCom, Ltd., it is scheduled to enter service in late 2012 and 
intends to facilitate ultra-low-latency connections to Europe and North America. Its Iceland 
branch will presumably carry two pairs, one for connection to Ireland, the other to the United 
States; the last pair connecting the US to Ireland directly.
+Installed and Utilized Capacity
+Total capacity of installed fiber optic cables is currently around 7.8 Tb/s, not counting the 
CANTAT-3 cable. However, endpoint equipment has only been installed for a fraction of this 
capacity. The installed capacity is not known, but conservative estimates put it close to 200 
Gb/s, or around 2.5% of the total capacity.
+Current utilized capacity is also unknown, but various estimates can be used to arrive at a 
figure. The combined foreign connectivity of universities and secondary colleges in Iceland is 
currently 16.5 Gb/s through RHNet. As RHNet typically accounts for between 14.2%-14.9% 
of total traffic through the Reykjavík Internet Exchange, it can be estimated that total foreign 
bandwidth consumption is close to 120 Gb/s. This number may turn out to be severely 
understated, but more detailed data is not available. 
+13
+
+
+
+(Map of proposed Emerald Express cable. Source: Emerald Networks)

Uplink redundancy to Europe is good due to the FarIce and DanIce cables going separate 
routes. However, redundancy to the US is poor, since the only reliable connection is through 
Greenland. Currently, in the case of an outage, rerouting would have to be through Europe—
presumably London. US redundancy will improve substantially when the Emerald Express is 
completed. 
 
Overall uplink redundancy is becoming better, providing more infrastructural elasticity 
and greater resilience. The older emergency satellite redundancy is slowly becoming less 
relevant and is probably not realistically needed.
 
+Domestic Network
+The main domestic telecommunications hub is RIX (Reykjavík Internet Exchange), which is 
operated by ISNIC. This hub connects the main Internet service providers and data centers 
together.
+In general, domestic fiber optics and copper networks are operated by Míla, Fjarski and 
Gagnaveita Reykjavíkur. Míla is a subsidiary of the formerly state-run phone company (since 
privatized, currently known as Síminn). It operates a fiber optics ring around the country 
which were installed by NATO, but has expanded it substantially and introduced additional 
redundancy. It also operates fiber and copper networks in most settlements.
+Fjarki is a subsidiary of Landsvirkjun, the (mostly) state owned power company.
+14
+
+Gagnaveita Reykjavíkur is a subsidiary of Orkuveita Reykjavíkur, the Reykjavík city 
power company. It provides mostly fiber to the home connections but also operates some 
communications backbones within the Reykjavík metropolitan area.
+Round Trip Latency
+Round-trip latency to Europe is generally low, but varies widely depending on destination city 
and provider, origin location and provider, and various other variables. Generally speaking 
the network latency has low stochasticity (“jitter”), averaging around 4ms (milliseconds), 
suggesting natural latency rather than network congestion.
+We did informal testing of multiple origin and endpoints on known locations to arrive at 
some idea of latency trends. Typical round-trip times to London are close to 55ms; 31ms to 
Copenhagen. Connections to Oslo trend around 70ms, Berlin around 71ms, and to Madrid 
74ms. On connections closer to the uplinks, slightly better times were observed, while 
household Internet connections showed slightly worse round-trip times. As such, none of this 
was particularly unexpected.
+The theoretical roundtrip time for a photon traveling over the big circle route from Reykjavík 
to London is 12.64ms; to Copenhagen it is 14.02ms. Therefore the Copenhagen connection 
is as close to reasonable expectations as is possible, while the London connection could 
possibly be improved. The FarIce endpoint is in Edinburgh, so packets bound for London 
must traverse potentially congested and slow UK networks after their initial arrival.
+Network Security
+No major network security incidents have occurred in Iceland. Denial of Service attacks 
happen on a relatively small scale on a fairly regular basis, but are easily mitigated with 
standard techniques. No large scale online attacks have occurred in recent years, although 
in some cases competent attackers have been able to disable individual service providers 
for a number of hours. This is not considered to be more frequent in Iceland than in the EU, 
based on anecdotal evidence.
+Individual servers and home computers are moderately well protected from security threats 
compared to other countries, owing to a fair degree of awareness, a comparatively low 
incidence of pirated operating system software, and generally well configured routers on 
home connections. That said, many computers run outdated operating systems with severe 
security vulnerabilities, and many websites operate outdated web platforms, in particular 
Wordpress and Joomla, which are common staging grounds for attack.
+The Icelandic government is acutely aware of the threats posed to the security of networks, 
and in recently proposed amendments to the telecommunications act, provisions are made 
for the establishment of a CERT (Computer Emergency Response Team). This should 
increase multi-party coordination and responsiveness in the case of online attacks or other 
ICT-related emergency, and thus overall communications resilience.
+Future Connectivity Developments
+A number of proposals have been made for future developments in connectivity in Iceland. 
+15
+
+
+
+
+
+
+

One example which has frequently been brought up is that Iceland’s geographical situation 
makes it ideal for connecting the American east coast, Europe, and East Asia, due to 
the receding polar ice cover. Such a connection could land in Longyearbyen in Svalbard, 
and have connections to Murmansk, some settlements along northern Siberia, and either 
connect to Yakutsk via the Lena river or go through the Bering strait and connect to Alaska 
on the one hand and Kamchatka and Japan on the other hand.
 
This would shorten round-trip latency to East Asia substantially, as most current connections 
go through the Mediterranean, down past India, and through the South China Sea. The 
Longyearbyen connection would allow for redundancy to Norway through an existing 
connection.  Connections in Russia would help in Russia’s developing ICTs, as currently it is 
estimated that 70% of Russian communications go through Sweden. However, it would be 
vital to Europe’s communications security interests that such a connection have direct routes 
to East Asia rather than an intermittent landing in Russia. There are numerous ways in 
which such a proposal could be made beneficial to all parties, and it would open possibilities 
for diverse applications from cross-continental high speed trading and currency arbitrage 
to online gaming. For telephony applications, this connection would push the latency on 
communications between Europe and East Asia down below the threshold of human 
perception, itself a revolution in global telecommunications.
 
Less ambitious potential developments that have been proposed include construction of 
large data centers on the Reykjanes peninsula, construction of further fiber optics links to 
Europe and America, and the establishment of data caches and mediation centers in Iceland 
for high availability applications.
 
+(Example routes for a “polar express” cable; also shows autumn arctic ice cover)

+16
+
+
+
+
+
+
+
+
+
+
+
+The Russian Optical Trans-Arctic Submarine Cable System (ROTACS) project aims to do 
just that. According to an article 
+(ROTACS telecommunication project outline; source: http://barentsnova.com/node/1737)

+(ROTACS and Arctic Fibre; source: Laser Focus World7)
+TODO: http://barentsnova.com/node/1737
+7 http://www.laserfocusworld.com/articles/print/volume-48/issue-04/world-news/fiber-cables-to-span-the-arctic-
ocean.html

+17
+
+Jurisdiction
+Iceland is a parliamentary republic which gained independence from Denmark in 1944. It 
is a member of the United Nations, the Council of Europe (CoE), the European Economic 
Area (EEA), the European Free Trade Association (EFTA) and the North Atlantic Treaty 
Organization (NATO), amongst others. It is party to numerous international agreements 
including Schengen.
+Iceland’s membership in the EEA means that outside of a few limited areas, all EU 
commercial directives take effect in Iceland. In addition, both for conformity and utility, 
Iceland has adopted various non-EEA relevant directives. This tendency has been 
increasing as part of the preparations and negotiations for EU membership. As of 12 
December, 2011, eight out of 33 chapters have been closed in Iceland’s EU accession 
negotiations. Of particular interest to this report, the chapter on information society and 
media is considered to generally already conform to the EU acquis.
+Commercial Issues
+After the collapse of the Icelandic banking sector in 2008, the Icelandic Central Bank 
(Seðlabanki Íslands) was authorized to put limitations on the flow of capital, in particular 
those with no relevance to goods or services. The Central Bank is also authorized to require 
domestic companies to deposit and exchange foreign currency. As of November 2009 all 
restrictions have been lifted on new investments, and in practice trade from Iceland is not 
hindered substantially by the capital restrictions.
+VAT in Iceland is generally quite high, with most goods and services falling in the 25.5% 
VAT category. However, law 163/2010 introduced new exceptions to the VAT law (law 50/
1988) which makes data processing and information provision, as well as “electronically 
provided services” exempt from taxed capital flows.
+Further, this law allowed an exemption from VAT for the importation of servers and related 
equipment (i.e., equipment which is necessary for the functioning of the servers and is 
only of direct benefit to the owners of the servers) in cases where the owners have official 
residence in other member states in the EEA, EFTA, or the Faroe Islands, and do not 
have fixed operations in Iceland in accordance with Icelandic tax law. This exception puts 
more specific requirements, for example that the owners of the servers pay VAT in their 
home country, that the purpose of the operations be of such a nature that it would require 
commercial registration if it were domestic, that the servers were imported specifically for 
the purpose of operation in a data center which their owner is in business with, that the 
servers and other equipment are used only by the owners, but not for other purposes within 
the data center, and that the servers be used from outside of Iceland. This exception is due 
for reconsideration in late 2013, but as it stands is exceptionally beneficial for cloud hosting 
providers.
+Overview of Icelandic Information Regulation
+18
+
+Icelandic law conforms broadly to the European acquis regarding a number of different 
information regulations.
 
Telecommunications are in general governed by law 81/2003 (telecommunications act), 
which implements EU directive 999/5/EC, regulation 2887/2000/EC, the Telecoms Package 
(directives 2002/19/EC, 2002/20/EC, 2002/21/EC and 2002/22/EC), and directives 2002/58/
EC and 2002/77/EC.
 
Electronic commerce and other electronic services are generally governed by law 30/
2002, which implements the e-Commerce directive (2000/31/EC), thereby establishing 
intermediary liability limitations which are crucial to the functioning of Internet service 
providers, hosting providers and data centers. The only practical failing of the Icelandic 
implementation of the e-commerce directive is that allowance is made for injunctions 
which, for historical reasons, can be issued by a regional sheriff (sýslumaður) without court 
supervision. This has not caused problems in the context of intermediary liability limitations, 
but has been used to stifle media on one occasion, and could potentially be abused further.
+Media is regulated under the media law, 38/2011, which implements Audiovisual 
Media Services Directive (2007/65/EC). Broadcast media is also regulated by the 
telecommunications act (81/2003).
 
Personal and private data is protected under law 77/2000, which implements the Data 
Protection Directive (95/46/EC). Electronic signatures are allowed as a valid form of 
signature under law 28/2001, and to this end a national authentication card scheme has 
been developed and is being distributed as a feature of banking cards.
 
Freedom of access to government information is defined in law 50/1996. This law has been 
under review, and a broad-reaching proposal for a new freedom of information law was 
submitted to the Parliament during its 139th term (ending in October 2011), but did not 
pass. A small subset of the changes proposed in that law by the relevant parliamentary 
committee were adopted into a new version of the bill which was submitted to parliament 
at the beginning of the 140th term. This new version did not include provisions proposed 
by the review committee regarding public registration of government documents and public 
advertisement of confidentiality terms, reasons and durations for secret documents.
 
With regard to intellectual monopoly rights, patents are defined in law 17/1991, biopatents 
in law 58/2000, descriptions of electronic components are protected under law 78/1993, 
trademarks under law 45/1997, and in particular corporate logos are protected under law 
155/2002. Finally, copyrights are defined in law 73/1972, which implements EU directives 
89/552/EEC,  2003/4/EC, 2001/29/EC, 2001/84/EC, 91/250/EEC, 92/100/EEC, 93/83/
EEC, 93/98/EEC, 2004/48/EC (IPRED) and 2006/123/EC. Law 53/2006 defines specific 
permissions regarding the collection of evidence pertaining to violations of intellectual 
monopoly rights.
 
+Compatibility with European Union Directives
+As previously stated, Iceland’s laws regarding information technology and media are largely 
in accordance with European acquis. However, in the European Commission’s Opinion on 
+19
+
+Iceland's application for membership of the European Union (COM(2010) 62)8, a few minor 
issues are laid out.
+The most salient issue is that the EU Data Retention Directive (2006/24/EC) has not 
been transposed. This is however a trivial issue——the telecommunications act contains 
provisions for data retention which originate from early drafts of the data retention, and is in 
all regards equivalent to the Data Retention Directive. Therefore, transposition is a formality. 
Data retention will be discussed further in the later section on electronic surveillance.
+Also according to the opinion, while “the legislative and administrative structure is similar to 
most EU Member States” the appointment procedures for the national regulatory authority 
(the post and telecoms administration, póst- og fjarskiptastofnun) have to be revisited to 
ensure  transparency, objectivity, and high standards regarding security of tenure.
+It goes on to say that “in the field of information society services, the main directives have 
been transposed into the Icelandic legal order, i.e. the Directives on electronic signatures, e-
commerce and conditional access.” 
+Intermediary Liability Limitations
+Law 30/2002 on e-commerce and electronic services implements the e-commerce directive 
(2000/31/EC), which provides indemnity for "mere conduits", such as telecommunications 
networks and Internet hosting providers.
+There are few and mostly well defined exceptions to this indemnity: 
+●
+an injunction from a sheriff or court order
+●
+an notice-and-takedown procedure regarding copyright infringement
+●
+knowledge of child pornography

The exception for general court orders without further definition is worrying, due to the 
remnants of an magistrate system mostly abolished in 1991. Prior to this, the district “sheriff” 
(sýslumaður) also served as magistrate and had the ability to, amongst other things, enact 
injunctions. When their magisterial rights were revoked with the 1991 law, they retained 
their ability to enact injunctions. Although this has not caused problems in terms of Internet 
hosting, a sheriff’s injunction was used in 2009 to prevent the state broadcaster, RÚV, 
from airing a story pertaining to a leaked large loan book from the bank Kaupþing. As the 
injunction was revoked when the injunction had failed, it was never taken to court, so its 
veracity under the constitution was not tested.
 
The exceptions should probably be improved by clarifying which exact circumstances can 
trigger such exceptions, as well as restricting the injunction measures to actual courts.
+Surveillance
+The Telecommunications Act (Law 81/2003) was amended in 2005 to include provisions 
for data retention. It applies to telecommunication providers and its current implementation 
mandates the retention of records of all connection data for 6 months. It states that 
communications companies may only deliver information on telecommunications in criminal 
+8 http://ec.europa.eu/enlargement/pdf/key_documents/2010/is_opinion_analytical-report.pdf
+20
+
+cases or on matters of public safety. It also states that such information may not be given to 
others than police and public prosecution.
+According to COM(2010) 62, an analytical report accompanying the communication from 
the Commission to the European Parliament and the Council containing the Commission 
Opinion on Iceland’s application for membership to the European Union, Iceland has 
not currently implemented the Data Retention Directive. This directive is currently being 
discussed (December 2011) in the Icelandic Parliament, however there are complications 
owing to the fact that the Data Retention Directive, 2006/24/EC, came into effect one year 
after the Icelandic Data Retention provisions, which have not since been overturned or 
amended. However, the 2005 law which established data retention in Iceland was made 
at the request of the Icelandic police chief (Ríkislögreglustjóri), making use of the current 
discussions that were then ongoing in the European Commission about the issue. Therefore, 
the implementation of data retention is structurally equivalent to the data retention directive, 
although formally the EU directive has not been implemented. 
 
During discussions in the Icelandic parliament about the (formal) implementation of 
the data retention directive, some parliamentarians were surprised to find that such a 
broad surveillance law already existed in the telecommunications act. There have been 
discussions, both public and within the parliament, about the potential abolition of data 
retention.  However, this would impede the EU membership process and is therefore unlikely 
to gain traction without any political support from within the EU.
 
There is an ongoing discussion about granting police enhanced surveillance rights, in 
the form of proactive investigative measures aimed at counteracting organized crime and 
terrorism. Although these measures have not yet been implemented, there is currently a 
resolution proposal being processed in the parliament.  The interior minister, Ögmundur 
Jónasson, has independently stated that he is preparing proposals for such a law. The 
scope of such a law is unknown, but it is clear that proactive investigation measures would 
necessarily have to include expanded rights for telecommunications surveillance.
 
Wiretapping and other electronic surveillance is regulated under the Telecommunications  
Act (81/2003) and further defined in Rules no. 837/2006 on Electronic Surveillance9.
 
Both data retention and surveillance support add to operating costs and jurisdictional 
uncertainty for cloud hosting providers, especially given the complexity of unsettled 
international cross-jurisdictional issues.
 
A new bill has been proposed in the Parliament, by the Interior Minister, for the 
establishment of a CERT team. The proposal as it stands contains provisions for allowing 
the CERT team to perform limited surveillance of a computer network, having been granted 
permission to do so by the network operator. It also gives the CERT team the right to report 
illegal activities on the network to the police. This combination could potentially be abused 
as a gateway to blanket surveillance, as has been noted in a memo issued by the Icelandic 
+9 http://www.personuvernd.is/information-in-english/greinar//nr/610
+21
+
+Digital Freedoms Society10, but with greater restrictions (such as a ban on deep packet 
inspection and identification of individual users or network analysis that could compromise a 
user’s identity), it could serve to improve network security.
+Censorship
+No state censorship is currently practiced in Iceland. 
+Corporate censorship has been employed by telecoms providers in a few cases, at request 
of police and child protection authorities. Most notable was the anonymous forum site 
Ringulreið, which was accused of being a center for cyber-bullying. After the major telecoms 
providers, Síminn and Vodafone, voluntarily censored access to the site from its users, the 
site was shut down by its operators. 
+Some ISPs, most notably Síminn, the largest ISP in Iceland (formerly the state telecoms 
company) offer parental filtering services to their customers on an opt-in basis. Such 
blocking software is largely controlled by end-users, although it is somewhat unclear by 
which criteria websites are added to these filter lists. However, no anti-competitive, political 
or religious censorship has been noticed in these systems.
+Over the last year, it can be argued that abuse of libel law has been on the rise. Journalists 
and commentators have been increasingly found guilty of libel for comments made on online 
media. In particular, one journalist has been found guilty for directly quoting an interviewee, 
whose statement was considered to be libelous by the court. In another case, an elderly 
woman was found guilty of libel for a Facebook comment wherein she made a value 
judgement on the characters of the claimants. Of course, in each of these cases there are 
competing interests and some uncertainty left to the courts, but many have commented on 
the potential chilling effects associated with such lawsuits and have called for reform.
+Data Protection
+Data protection is regulated under law 77/2000, which implements EU Directive 95/46/EC 
(Data Protection Directive) and parts of EU Directive 97/7/EC (Equal Treatment in Social 
Security Directive). The day-to-day management of compliance is managed by the Data 
Protection Authority.
+Various rules and regulations apply with regards to data protection that might have 
relevance to data centers and information hosting, specifically:
+●
+Rules no. 837/2006 on Electronic Surveillance.
+●
+Rules no. 698/2004 on The Obligation to Notify and Processing which requires a 
Permit.

+●
+Rules no. 299/2001 on security of personal data
+●
+Regulation no. 322/2001 on Management of Personal Information by the Police
+10 Full disclosure: one of the authors of this report, Smári McCarthy, co-signed the memo 
in question and is a board member of the Icelandic Digital Freedoms Society at the time of 
writing.
+22
+
+
+
+
+
+
+
+Human Resources
+Iceland is a highly educated country. Out of a workforce of 181,000 people, 33.3% have 
primary education, 38.2% have vocational education, and 28.1% have university education.
+After the financial crisis started in 2008, unemployment rose from 1.01% in 2007 to 8.13% 
in 2010. Recent reports suggest that the unemployment rate is going down, but that has not 
been confirmed by publicly available statistics.
+A 2006 OECD report showed that the number of scientific and engineering publications 
in internationally recognised journals had increased at an average annual growth rate of 
5.7% since 1998 and that between 1991 and 2001, the number of publications per million 
population increased by 50%, from 403 to 610, compared to averages of 416 and 556 in 
those same years in the EU15. At that time, Iceland ranked eighth in the number of 
citations per paper (worldwide). The financial crisis caused some reductions in innovation 
and research & development funding, but this primarily had the effect of shifting researchers 
further into private sector research operations and startup companies. On the other hand, 
the Icelandic Innovation Center has started a number of seed labs where startup companies 
and small proprietors can rent inexpensive office space.
 
+Bala Kamallakharan has noted11 that 2011 was a record year for insolvencies in Iceland, 
while the number of new company registrations has dropped significantly. This could 
perhaps be attributed to unavailability of capital available to startups, or perhaps deflation 
of the last decade’s bubble. Without suitable employment for its highly skilled labor force to 
absorb, Icelanders will either resort to leaving for better opportunities abroad or remain idle 
domestically letting their considerable talent go to waste.  
+11 http://www.startupiceland.com/2012/01/2011-has-been-record-year-in-iceland.html
+23
+
+ 
Either way, the combination of experienced researchers, high unemployment rate, low rate 
of startup and high insolvency rate suggests that unless Iceland continues to experience an 
increase in “brain drain”, where well educated people seek employment outside the country, 
a significant underemployed or unemployed workforce will exist in Iceland.
 
+Icelandic Modern Media Initiative
On July 16th 2010, the Icelandic Parliament, Alþingi, unanimously adopted a parliamentary 
resolution  to  develop  in  Iceland  advanced  legislation  for  the  protection  of  the  rights  to 
information and free speech. Since then, the Icelandic Modern Media Initiative, or IMMI, as it 
was called, has been in development, both inside the government ministries and institutions, 
and within Icelandic civil society. The originators of the IMMI initiative founded, in 2011, the 
International  Modern  Media  Institute,  a  synacronymous  civil  society  organization  working 
towards ensuring that the goals and spirit of IMMI are met in Iceland, and sharing the ideas 
and developments with the world at large.
 
 
 
 
+Subject area
+Status
+Notes
+Source Protection
+Complete
+Media law + constitution
+Freedom of Information Act
+Pending 
+New law replacing older law + 
+ratification
+constitution
+Communications Protection
+Pending 
+Changes to law + constitution
+ratification
+Intermediary Liability 
+In development
+Changes to law + constitution
+Limitations
+Publishing Liability Limitations
+In development
+Changes to law
+Whistleblower Protection
+In development
+Changes to law + constitution
+Prior Restraint Limitations
+Pending 
+Constitution + regulatory changes
+ratification +
In Development

+Judicial Process Protections
+On hiatus

+Network Neutrality
+Pending 
+Constitution
+ratification
+Virtual Limited Liability 
+On hiatus

+Companies
+Freedom of Expression Prize
+On hiatus


+24
+
+Source Protection
The  protection  of  sources  refers  to  measures  which  forbid  journalists  from  exposing  the 
identity of their sources without the source’s permission. The purpose of such measures is 
to  increase  the  willingness  and  security  of  sources  who  consider  themselves  to  be  at  risk, 
when  providing  information  of  criminal  wrongdoing,  corruption,  negligence  or  other  socially 
unacceptable behavior to journalists.
 
Journalistic  source  protection  was  implemented  in  Icelandic  law  38/2011  (the  media  act). 
The source protection clause is defined in article 25., which states:
 
+Employees  of  media  organizations  which  have  been  licensed  or  registered  with  the  media  committee 
are  forbidden  to  expose  the  identity  of  source  for  articles,  books,  retellings,  announcements  or  other 
material, regardless of whether it has been published, if the source or the author requested anonymity. 
Employees  of  the  media  organization  are  also  forbidden  to  release  data  which  contain  information 
regarding the source or author in such circumstances.
The rule in the 1st paragraph also applies to those who, due to connections to the media organization 
or  the  production  of  the  material  has  gained  knowledge  of  the  identity  of  the  source  or  author,  or  has 
attained data to that effect.
Source protection under paragraphs 1 and 2 can only be relieved with the permission of the source or 
the author, or on the basis of article 119 of the law on the prosecution of criminal cases, no. 88/2008.12

 
In  addition  to  the  stipulation  in  the  new  media  law,  the  proposed  constitution  for  Iceland 
contains, in article 16, the statement:
 
+The protection of journalists, their sources of information and whistle-blowers shall be ensured by law. 
It  is  not  permitted  to  breach  confidentiality  without  the  consent  of  the  person  providing  the  information 
except in the process of criminal proceedings and pursuant to a court order.

This provides equivalent protection under the constitution, if ratified, ensuring that the source 
protection clause would not be removed from law without referendum.
 
Status: Complete.
 

+Freedom of Information Act
Access to government documents and records is mandated in Iceland by law 50/1996, (the 
information act). The current Icelandic FOI law does not conform to CoE convention, and it 
does not match the standards set in the Aarhus convention for environmental information.13
 
An updated information act was proposed at Alþingi in 2011, however, due to end of term 
in late September 2011, the bill did not complete the third reading in parliament and was 
therefore dropped. It has since been reintroduced with many of the changes merged in and 
multiple improvements made, however, the newly proposed version does not meet the high 
standard the bill had previously achieved.
 
IMMI submitted an 8 page report and a 84 page change comparison of the two bills to 
the constitutional and regulatory committee of Alþingi in February 2012#, criticizing the 
government’s backpedaling against the changes that had previously been proposed in 
+12 The exception in article 119 of law 88/2008 applies to the case where criminal proceedings for serious offences cannot be 
resolved without the identity of the source or author being exposed. In such cases, it has been recommended although it is not 
stipulated in statutes, that the identity first be exposed to the judge in camera, so that the judge can appropriately measure the 
potential risk to the source against the benefit of the source’s exposure. This is generally considered an acceptable limitation to 
the otherwise absolute source protection clause.
13 The Aarhus convention was ratified by law 131/2011.
+25
+
+parliamentary committee. At the moment, the committee work is proceeding.
 
Cautious optimism suggests that the committee will once again restore the bill to its former 
state and that it will be accepted. If this is the case, the norm for access to information 
in Iceland will be altered from being a ‘publish on request’ regime to ‘publish by default’ 
regime.14 Then, any documents which are not published can be at least listed along with 
information about why it has been held back and FOI requests can be made for those 
documents specifically. This change is the most important alteration of many.
 
In the meantime, the new proposed constitution of Iceland has guaranteed a substantial 
improvement of information rights.15
 
Status: Pending ratification
+Network Neutrality
Network  neutrality  is  a  very  broad  concept,  but  generally  refers  to  the  idea  that  each  node 
operating  on  the  network  should  be  considered  equal  to  all  others  in  terms  of  access. 
Numerous governments and corporations have instantiated various forms of censorship and 
containerization#.  Due  to  technical  limitations  of  the  IPv4  space,  almost  every  end-user  of 
the  Internet  can  be  considered  in  an  aberration  of  the  end-to-end  principle  often  from  NAT 
(Network Address Translation), this makes their nodes second class citizens of the Internet. 
There is a lot to be done in terms of network neutrality.
 
This  is  going  to  be  a  topic  for  many  years,  but  for  now  IMMI  has  decided  to  take  the  first 
steps.  Article  14  of  the  proposed  constitution  creates  an  obligation  for  the  government  to 
protect the Internet, with the same constraints as those on free speech in general. Although 
those  limitations  should  definitely  be  questioned,  this  must  be  considered  a  substantial 
victory,  as  no  country  currently  even  mentions  the  Internet  in  its  constitution,  let  alone 
defends it:
 
+The government shall guarantee conditions that are conducive to open and informed public  discussion. 
Access to the Internet and information technology shall not be curtailed except by a decision of a court 
of law and on the same substantive conditions that apply to restrictions on the freedom of expression.

Status: Pending Ratification
+Communications Protection and Communications Data Retention
In the interests of protecting privacy and source confidentiality, protection of communications 
is a vital ingredient to any coherent information regulation strategy.
 
The protection of communications is a wide project that can be roughly split into two tasks. 
On the one hand, removing existing threats to communications protection from law, and on 
the other hand establishing new protections for communications.
 
In  January  2012,  as  Alþingi  was  debating  the  adoption  of  the  European  Union’s  Data 
Retention Directive, IMMI produced a report outlining the dangers of blanket data retention. 
In  committee,  IMMI’s  views  got  the  support  of  the  Privacy  Directorate,  and  this  led  to  the 
parliamentary  committee  requesting  that  the  directive  be  postponed  indefinitely  and  that 
the foreign minister inform the European Union that Iceland would not be implementing the 
+14 meaning that instead of FOI requests having to be made for each document individually in order to obtain a private copy for 
dissemination, which is a slow and complicated process, the rule will become that government publishes all documents publicly 
by default, for instance in an online database.
15 http://www.stjornlagarad.is/english/ Articile 15 (English PDF available from the website)
+26
+
+directive.
 
This  however  was  not  enough,  as  Iceland  has  in  law  a  data  retention  clause  (paragraph 
3,  article  42,  of  the  telecommunications  act,  81/2003,  amended  in  2005),  which  predates 
the  EU’s  Data  Retention  Directive  by  a  year.  IMMI  has  argued  against  this  clause,  both  in 
newspapers and in opinions to parliament, and has drafted a bill for the removal of the act.
 
More  recently,  IMMI  was  asked  to  submit  proposals  for  improvement  of  certain  articles  of 
the  telecommunications  act  being  added  to  introduce  a  Computer  Emergency  Response 
Team  (CERT)  in  Icelandic  law,  so  as  to  better  balance  against  privacy  concerns.  In  these 
proposals, IMMI included the following proposal:
 
+Paragraph 3 of article 42, requiring the retention of telecommunication data, is dropped.
+Appended to article 42 is a new paragraph:
Parties  other  than  the  sender  and  the  receiver  of  electronic  packet-switched  communications  are 
forbidden  to  inspect  or  electronically  process  the  payload  of  the  packets.  Headers  and  metadata  of 
packet-switched communications shall only be stored for the period needed to resolve the routing of the 
communications and security measures as per article 47. a.
 
+This  would  effectively  remove  the  data  retention  provisions  from  law,  if  adopted,  and 
simultaneously  improve  the  communications  protection  by  making  it  a  criminal  offense  to 
intercept and inspect communications, by methods such as Deep Packet Inspection. It is our 
hope that this provision be adopted in law.
 
In  addition  to  this  development,  the  proposed  constitution  of  Iceland  contains  a  clause  in 
article  11  expressly  forbidding  the  search  of  communications,  except  with  a  valid  court 
order.16
 
 
Status: Pending ratification & in further development
+Intermediary Liability Limitations
The  original  idea  for  limited  liability  for  telecommunications  intermediaries  comes  from  the 
development of the Communications Decency Act in the United States around 1996. Since 
then, the European Union has adopted the e-Commerce Directive, which implements similar 
limitations.  The  directive  is  implemented  in  Iceland  as  the  electronic  commerce  and  other 
electronic services act (30/2002), and has equivalent measures.
 
Immediately  on  exploring  the  intermediary  liability  limitations  (ILLs)  in  the  Icelandic  law,  a 
striking flaw presents itself in the form of “general court orders”. This phrasing is very vague 
and  more  importantly  lends  itself  to  being  understood  that  district  sheriffs,  who  in  Iceland 
have  injunctive  powers,  can  issue  takedown  orders.  IMMI  has  an  interest  in  tightening  this 
language, and intends to make proposals to do so in the coming months.
 
More importantly though, ILLs have been under attack globally in recent years. A great many 
changes  in  strategies  relating  to  intellectual  monopoly  enforcement,  protection  of  official 
secrets and political attempts at opening doors for corruption have revolved around eroding 
ILLs.  In  order  to  counteract  this  trend,  IMMI  has  partnered  with  several  organizations  to 
explore what can be done to define a legal and technical defense of both Internet endpoints 
and  intermediaries  that  can  better  withstand  political  attempts  at  erosion.  This  work  is  in 
early stages, but some results are scheduled for July 2012.
 
Status: In development
+16 http://www.stjornlagarad.is/english/ Articile 11
+27
+
+Libel Tourism Protection
Libel tourism is the act of a company or individual choosing to pursue lawsuits against 
individuals or companies in a country with a low threshold for libel lawsuits. Legal extortion 
schemes have been perpetuated with companies being tried in countries such as England 
and Wales even if the defendant resides elsewhere in the world. This is a form of forum 
shopping. Implementing laws that prevent or diminish the effects of libel tourism in Iceland 
will protect Icelandic citizens and residents from this kind of forum shopping. It’s fairly 
important that people can predict with some certainty where, if anywhere, they will be 
taken to court. This also applies to companies, who base a lot of their operational security 
on knowing the legal environment. In this way, ending libel tourism will encourage foreign 
investment and provide financial security for companies operating here already.
 
For now, Iceland has a mechanism. As a signatory of the Lugano treaty, Icelandic courts 
can decide not to uphold foreign court verdicts which go against the rule of law in Iceland. 
This means that a libel verdict from a foreign country can be challenged in an Icelandic court 
on the basis of article 34 of the Lugano treaty if it comes from a country with a substantially 
different burden of proof for libel than Iceland does. This has not been tested, but is currently 
our best bet.
 
In the meantime, British libel reform efforts are going well, and coupled with a well written 
libel law in Iceland, may be sufficient to put an end to libel tourism - at least in Iceland. When 
that is finished, the bigger issue of International Forum Shopping remains.
 
Status: Complete / Untested solution
+Libel Reform and Publishing Liability Limitations
The media law from 2011 introduced new rules regarding media liability. However, since its 
adoption,  a  number  of  court  cases  have  been  heard  in  Reykjavík  which  cast  a  shadow  on 
the reform and point at a deeper structural fault in the current libel regime.
 
Although  media  liability  is  defined  in  the  print  law  and  superseded  by  the  media  law,  the 
terms  of  libel  itself  are  defined  in  chapter  XXV  of  the  criminal  act,  which  treats  violations 
of  privacy  and  libel  as  equal  criminal  offenses.  Under  the  criminal  act,  it  is  illegal  to  make 
truthful  accusations,  to  offend  somebody  publicly  or  privately,  or  to  make  unfavorable 
comments  about  deceased  persons.  As  these  are  criminal  offenses,  they  have  assigned 
imprisonment penalties from 1 to 4 years, as well as fines, although imprisonment is rarely 
used in practice.
 
The  global  trend  in  libel  law  is  to  move  it  away  from  criminal  sanctions  and  into  tort  law, 
making it a civil offense, punishable only by fines. Alongside this, the scope of libel is to be 
narrowed,  making  the  truth  a  valid  defense  and  ensuring  that  people  cannot  be  brought  to 
charge for making value judgements against another’s character. It should be legal to call a 
person a jerk, although it is questionable whether you can call somebody a murderous jerk 
without backing it up with evidence.
 
IMMI  has  completed  the  basic  research  needed  to  implement  these  changes  and  drafted 
a  bill  which  aim  to  alleviate  at  least  most  of  the  existing  concerns.  Due  to  parliamentary 
scheduling rules, it cannot be introduced until the autumn of 2012.
 
Status: Pending
+28
+
+Whistleblower Protection
A whistleblower is a person that tries to disclose or report information on situations affecting 
the  public  that  may  evidence  of  criminal  activity.  Protection  for  individuals  reporting 
institutionalized    corruption  is  paramount.  They  may  be  providing  relevant  information 
to  the  public  record,  such  as  data  or  testimony  about  relevant  matters  like  public  health, 
passed incidents, crime, government biases, democracy undermining practices, violations of 
constitutional rights, corruption and bribery.
 
Threats to whistleblowers come from corporate interests, governmental interests, criminal 
activities, biases inherent in legal and judicial officials and systems. Whistleblower 
protections must include a right to anonymity, physical, financial and social security.
 
As the threat models, institutional settings and personal complexities of whistleblowing vary 
widely,  this  is  perhaps  the  most  complicated  of  IMMI’s  tasks.  While  a  lot  of  development 
work  has  been  put  into  this  issue  already,  we  feel  that  the  adequate  protection  of 
whistleblowers cannot be completed without deep investigation.
 
As  one  core  issue,  the  idea  of  corporate  personhood  must  be  challenged.  Disregarding 
other arguments for doing so, it is very important that it not be decided that companies and 
other corporate vehicles have a right to privacy, as this would pit whistleblower activities up 
against  privacy  and  data  protection  law,  the  sanctity  of  which  is  of  equal  importance.  It’s  a 
fight nobody should have to fight. That said, there has been no such ruling in Iceland and it 
is not foreseeable that that will change; it’s merely one issue of many that must be monitored 
and pro-actively taken action on.17
 
Status: In development
+Prior Restraint Limitations
Prior  restraint  is  banned  under  article  73  of  the  Icelandic  constitution.  A  slightly  stronger 
implementation  of  prior  restraint  limitations  are  introduced  in  the  new  constitution,  which  is 
pending ratification.
 
Outside of constitutional guarantees, IMMI also has an interest in protecting against abuse 
of  injunctions  by  sheriffs,  who  still  have  injunctive  authorities  as  a  holdover  from  their  now 
abolished  tribunal  role.  This  fits  in  with  the  discussion  of  Intermediary  Liability  Limitations 
stated above, and IMMI expects to be able to address these two concerns jointly.
 
Status: Pending ratification
 

+Virtual Limited Liability Companies
Icelandic corporate law is currently somewhat hostile to foreign ownership from outside the 
European Economic Area (EEA). The idea of Virtual Limited Liability Companies is to allow 
for  virtually  defined  corporate  entities,  whereby  the  ownership  is  somewhat  ephemeral,  as 
long  as  the  owners  adhere  to  certain  Icelandic  transparency  requirements.  In  that  way,  a 
virtually operated commpany would have tax obligations and operational safe harbor rights 
in  Iceland  like  any  other  company,  but  gets  to  operate  virtually  in  exchange  for  some  strict 
guarantees of transparency and such.
 
+17 For more detail see:: http://immi.is/Press_Release:_IMMI_Status_Update,_April_2012 
+29
+
+This  issue  has  more  to  do  with  creating  a  pleasant  investment  environment  than  explicitly 
improving the information regime in Iceland. For that reason, it has been relegated to the set 
of the last things we aim to accomplish in this set, and is therefore on hiatus for now.
 
Status: On hiatus.
 
 
+Selected Bibliography
+●
+Orkustefna fyrir Ísland; Stýrihópur um mótun heildstæðrar orkustefnu; http://
www.nea.is/media/gagnasofn/Orkustefna-fyrir-Island.pdf
 
+●
+Iceland. What a Great Place to Put a Data Center; Verne Global / Martin Hannigan; 
http://www.uknof.org.uk/uknof12/Hanningan-Undersea.pdf

+●
+Orkuspá fyrir Ísland 2010-2050; Orkustofnun; http://www.os.is/gogn/Skyrslur/OS-
2010/OS-2010-07.pdf
 
+●
+Benchmarking Study on Iceland as a Location for Data Centre Activity; Invest in 
Iceland Agency; http://www.invest.is/resources/files/invest.is/BDC%20Report.pdf
 
+●
+Mikil arðsemi af raforkusölu til stóriðju; Vísir; http://www.visir.is/mikil-ardsemi-af-
raforkusolu-til-storidju/article/2011712209851
 
+●
+Policy Mix for Innovation in Iceland; OECD; http://www.oecd.org/dataoecd/15/62/
36648108.pdf

+30
+
+ + + diff --git a/report/Greens-IslandsofResilience-1.orig.png b/report/Greens-IslandsofResilience-1.orig.png new file mode 100644 index 0000000..b32e94b Binary files /dev/null and b/report/Greens-IslandsofResilience-1.orig.png differ diff --git a/report/Greens-IslandsofResilience-1.png b/report/Greens-IslandsofResilience-1.png new file mode 100644 index 0000000..642dca3 Binary files /dev/null and b/report/Greens-IslandsofResilience-1.png differ diff --git a/report/Greens-IslandsofResilience-10.png b/report/Greens-IslandsofResilience-10.png new file mode 100644 index 0000000..5ee1b52 Binary files /dev/null and b/report/Greens-IslandsofResilience-10.png differ diff --git a/report/Greens-IslandsofResilience-14.png b/report/Greens-IslandsofResilience-14.png new file mode 100644 index 0000000..bef26c7 Binary files /dev/null and b/report/Greens-IslandsofResilience-14.png differ diff --git a/report/Greens-IslandsofResilience-16.png b/report/Greens-IslandsofResilience-16.png new file mode 100644 index 0000000..3e71718 Binary files /dev/null and b/report/Greens-IslandsofResilience-16.png differ diff --git a/report/Greens-IslandsofResilience-17.png b/report/Greens-IslandsofResilience-17.png new file mode 100644 index 0000000..c8d3d99 Binary files /dev/null and b/report/Greens-IslandsofResilience-17.png differ diff --git a/report/Greens-IslandsofResilience-2.png b/report/Greens-IslandsofResilience-2.png new file mode 100644 index 0000000..5d47d89 Binary files /dev/null and b/report/Greens-IslandsofResilience-2.png differ diff --git a/report/Greens-IslandsofResilience-23.png b/report/Greens-IslandsofResilience-23.png new file mode 100644 index 0000000..b975706 Binary files /dev/null and b/report/Greens-IslandsofResilience-23.png differ diff --git a/report/Greens-IslandsofResilience-3.png b/report/Greens-IslandsofResilience-3.png new file mode 100644 index 0000000..a5e188b Binary files /dev/null and b/report/Greens-IslandsofResilience-3.png differ diff --git a/report/Greens-IslandsofResilience-9.png b/report/Greens-IslandsofResilience-9.png new file mode 100644 index 0000000..a00e4ec Binary files /dev/null and b/report/Greens-IslandsofResilience-9.png differ diff --git a/report/Greens-IslandsofResilience.html b/report/Greens-IslandsofResilience.html new file mode 100644 index 0000000..26a0f2e --- /dev/null +++ b/report/Greens-IslandsofResilience.html @@ -0,0 +1,14 @@ + + + +Greens-IslandsofResilience + + + + + + + + + diff --git a/report/Greens-IslandsofResilience.pdf b/report/Greens-IslandsofResilience.pdf new file mode 100644 index 0000000..be307d7 Binary files /dev/null and b/report/Greens-IslandsofResilience.pdf differ diff --git a/report/Greens-IslandsofResilience.txt b/report/Greens-IslandsofResilience.txt new file mode 100644 index 0000000..6c59f7b --- /dev/null +++ b/report/Greens-IslandsofResilience.txt @@ -0,0 +1,343 @@ +Islands of Resilience +Comparative Model for Energy, Connectivity and Jurisdiction +Realizing European ICT possibilities through a case study of Iceland + +Smári McCarthy and Eleanor Saitta + +1 + + Prepared at the request of: + +on behalf of Members of the European Parliament Christian Engström, Indrek Tarand, Carl Schlyter, Sandrine Bélier, Karima Delli, Eva Lichtenberger, Raül Romeva i Rueda, Heide Rühle, Judith Sargentini, Bas Eickhout and Marije Cornelissen + +Prepared at the request of The Greens / European Free Alliance Authors: Smári McCarthy Eleanor Saitta Contributing Researchers: Guðjón Idir Jason Scott On behalf of Members of the European Parliament: Christian Engström Indrek Tarand Carl Schlyter Sandrine Bélier Karmima Delli Eva Lichtenberger Paül Romeva i Rueda Heide Rühle Judith Sargentini Bas Eickhout Marije Cornelissen + +Produced by: + +International Modern Media Institute Laugavegur 3 101 Reykjavík Iceland + +2 + + Distributed under the terms of the Creative Commons Attribution-Sharealike 3.0-unported License + +3 + + Abstract +Locale is rapidly becoming one of the most important competitive differentiators in the provision of cloud-based information technology services. Broadly speaking, three categories of issues define a locale's fitness for hosting the cloud: energy, connectivity, and jurisdiction. Energy is the largest cost center for most cloud hosts. Beyond price per kilowatt hour, hosting companies must consider redundant network availability, power grid resilience, environmental sustainability, climate, and equipment cooling requirements as core parts of their energy strategy. Connectivity is clearly essential for hosts, and differentiating factors here include total installed bandwidth, current utilized bandwidth, hub redundancy, international uplink redundancy, round trip latency, traffic shaping and network neutrality. Jurisdictional issues are an area of emerging concern and awareness for cloud hosts, where the landscape is shifting rapidly. Hosting companies are deeply affected by intermediary liability, hosting liability, state and corporate surveillance, state and corporate censorship, the accessibility of and cost of interacting with courts, corruption, and socioeconomic stability. This report considers Iceland's relative competitive advantages and drawbacks as a hosting locale relating to these issues. + +4 + + Table of Contents +Abstract Introduction Energy Energy Sources Energy Utilization and Pricing Grid Resilience and Redundancy Climate and Cooling Connectivity Submarine Cables Installed and Utilized Capacity Domestic Network Round Trip Latency Network Security Future Connectivity Developments Jurisdiction Commercial Issues Overview of Icelandic Information Regulation Compatibility with European Union Directives Intermediary Liability Limitations Surveillance Censorship Data Protection Human Resources Icelandic Modern Media Initiative Source Protection Freedom of Information Act Network Neutrality Communications Protection and Communications Data Retention Intermediary Liability Limitations Libel Tourism Protection Libel Reform and Publishing Liability Limitations Whistleblower Protection Prior Restraint Limitations Virtual Limited Liability Companies Selected Bibliography + +5 + + Introduction +This preliminary study is intended to give a birds-eye view of the primary factors pertaining to energy, connectivity and jurisdiction in Iceland, as applicable to ICT1 growth in general and cloud hosting in particular.. It is necessarily narrow in scope and largely based on aggregating publicly available information. As a result, some inaccuracies may exist, largely due to poor information made available by private actors. A more in-depth follow up study will remedy this by seeking out more detailed expert insights, detailed statistics, and comparing against sourced cases. Regardless, this report clearly shows the advantages Iceland has in relation to ICTs, as well as showing some of its potential weaknesses and possible remedies. Iceland’s key strengths are: ● ● Cheap and abundant energy generated from green, renewable, sustainable and resilient energy sources, distributed over a well designed and resilient power grid. Increasingly good connectivity to the outside world with reasonable redundancy and a large amount of unused capacity available for expansion, and a very highly developed internal network with high resiliency. An advanced and stable jurisdiction, with clear information rights and regulations, well structured administration, and well informed governing bodies. + +● + +Iceland’s main weaknesses are: ● Scale discrepancies both in energy generation and consumption which could potentially threaten grid resilience in extreme cases. This can be improved with further diversification of energy consumers, such as large-scale ICT deployments. Iceland’s data connectivity is provided by a relatively small number of submarine cables connecting to the outside world, creating some network precarity. This is currently being improved with the addition of new cables. International data transport bandwidth through submarine cables is currently expensive. This could be mitigated by further investments, subsidies, or other methods to reduce the price for connection, with the intention of increasing the overall usage. Iceland has similar issues with blanket communications surveillance as in the EU, which make it less attractive for hosting than countries where communications are not monitored. This is hard to fix without political will in the EU. Wildcard properties exist in the implementation of the e-Commerce directive, connected to injunctive powers that district sheriffs still have. This can be solved by clarifying the instances under which injunctions can be made, and restricting the issuing authority to courts. + +● + +● + +● + +● + +Together Iceland’s key strengths form a very sound basis for the expansion of ICT in Iceland, especially cloud hosting. Most of the weaknesses in Iceland’s position are either + +1 + +Information and Communication Technologies + +6 + + structural weaknesses common amongst all EU member states or are relatively trivial issues which can be resolved easily. + +Energy +Energy is the largest cost center for most cloud hosting companies. Beyond price per kilowatt hour, hosting companies must consider redundant network availability, power grid resilience, environmental sustainability, climate, and equipment cooling requirements as core parts of their energy strategy. In our analytical model for energy, we asked the following questions: How prevalent are renewable energy sources in current electrical production? 1. 2. 3. 4. 5. Less than 3% of all energy production based on renewable energy sources. Between 4 and 40% of all energy production based on renewable energy sources. Between 40 and 60% of all energy production based on renewable energy sources. Between 60 and 97% of all energy production based on renewable energy sources. More than 97% of all energy production based on renewable energy sources. + +How much can current electrical production be increased without the construction of new (not currently planned) power plants? 1. 2. 3. 4. 5. By less than 5% of current average power use. By less than 25% of current average power use. By less than 50% of current average power use. By more than 75% of current average power use By more than 100% of current average power use. + +What is the annual average price per kiloWatt hour for a commercial customer using less than 2 GWh/year, including generation and distribution? 1. 2. 3. 4. 5. > €0.20/kWh > €0.14/kWh <= €0.14/kWh < €0.09/kWh < €0.07/kWh + +Iceland's national energy plan was last updated in November of 2011. + +Energy Sources + +7 + + In 2009, Iceland’s total energy utilization was roughly 240 PJ2 of primary energy sources, which equates to roughly 67 TWh3. The primary energy sources were, in order of magnitude: geothermal, hydroelectric, oil, and coal. Geothermal energy use was greater than all other energy sources combined, while coal use was relatively minuscule. Energy use in Iceland has risen substantially since the 1940’s with the industrialization of the country, which up until roughly 1960 was almost entirely rural. A vast amount of geothermal energy is used for house-heating (45%), followed by electricity production (39%). In addition, it is used for snow-melting, swimming pools, fish farming, greenhouses and for industrial purposes. In 2009 a total of 22.3 PJ of geothermal energy was used for electricity production. Only 18% of Iceland’s primary energy utilization comes from petrochemicals, of which 90% is oil and 10% coal. The majority of the coal is used by the iron smelting plant at Grundartangi, with other industrial processes consuming the remainder. Almost no natural gas is used in Iceland. Roughly 660 thousand tonnes of oil were used in Iceland in 2009, of which 41% went to powering cars, 18% for aircraft, and 29% for fishing. Petroleum use for cars has increased by 64% since 1990 in Iceland, contributing to the overall increase in use. Oil is not used for electricity production except for some emergency backup generators. Some towns have backup generators capable of sustaining basic operations throughout the town temporarily, but the redundancy of the electricity grid renders this use minimal. As a result, the electricity production in Iceland is almost exclusively from geothermal and hydroelectric primary energy sources. The theoretical maximum energy production in Iceland is 64 TWh per year from hydroelectric sources and between 10 and 30 TWh per year from geothermal sources. However, for natural protection purposes substantial regions of Iceland have been classified as natural reserves, parks, or other protected areas. In addition, certain areas have been classified as energy reserves that will not be used in coming years, in part for sustainability reasons. This lowers the effective energy available for production. The current installed production capacity is 12.3 TWh per year for hydroelectric power, and 4.6 TWh per year for geothermal power. After subtracting the protected and reserve production categories, the total available hydroelectric and geothermal energy available for future expansion is 11.91 TWh per year. Variability of energy pricing and availability is a critical issue for data centers. As Iceland has little or no hydrocarbon-based electricity production, electricity prices are largely unaffected by fluctuations in the oil, gas, and coal markets, and will not be affected by supply chain interruptions in these markets. This provides a critical level of energy resilience for the Icelandic electrical system at the supply end. Cheap, reliable, resilience, and predictably priced energy sources are, in combination, a significant advantage for potential hosting companies. + +2 3 + +Petajoules. 1 PJ = 1015 J Terawatt hours. 1 TWh = 1012 W·h + +8 + + (Primary energy sources in Iceland 1940-2009. Inset: Proportional use. Top to bottom: Coal, oil, geothermal and hydroelectric. Source: Orkuáætlun 2011) + +Energy Utilization and Pricing +In 2009, 74% of produced electricity in Iceland went to the aluminum industry, with roughly 4.9 TWh/year to Alcoa Fjarðarál, 4.0 TWh/year to Rio Tinto Alcan, and 4.0 TWh/year to Norðurál. 6% of produced electricity was used in the services industry, 5% for iron smelting plants, 5% for household appliances, 4% for utilities, 4% for general industries, and 1% in agriculture. + +9 + + (Electricity use 2009. From top to bottom: Fisheries, agriculture, general industries, district heating, home use, steel mills, services and aluminum industry. Source: Orkuátælun 2011) Energy use for household appliances accounted for 627 GWh in 2009, accounting for 7.1 B ISK (€44.3 million) in consumer use, including VAT. Average household electricity costs in Reykjavík are 11.30 ISK/kWh, or €0.07/kWh. This rate is substantially higher than the price for industry. In the case of the aluminum smelters, these rates are 30% lower than the European average4, although the energy prices for aluminum smelting have been confidential. Alcoa Fjarðarál reportedly paid between 28-35 USD/MWh in 2006, or roughly €0.044/kWh at 2006 exchange rates. + +(Main power lines and power plants. Source: Landsnet. For realtime energy distribution figures, see http://landsnet.is/raforkukerfid/kerfisstjornun/aflflutningurnuna/ ) + +Grid Resilience and Redundancy +Power grid resilience in Iceland is fairly high. The 61 power stations in Iceland are connected with a circular grid which goes around the country, providing basic redundancy. In addition, most power stations on the southwest corner have further grid redundancy simply due to the higher population density and related network effects. There are 50 hydroelectric power stations in Iceland, mostly small. There are 7 geothermal power plants, and 4 fueled power plants—one that generates power through garbage incineration, two diesel powered, and one methane plant. + +4 + +http://www.mbl.is/greinasafn/grein/1026890/ + +10 + + Some parts of the country, most notably the western fjords, are very poorly connected into the grid and frequently get disconnected during the winter months due to poor weather conditions. Power availability is maintained primarily with diesel generators when this happens. Similarly, Flatey and Grímsey, two populated islands off the Icelandic west and north coasts, respectively, are not connected to the main power grid, but are instead powered by diesel generators. Resilience is quite high on the southwest corner, where most economic activity is situated, but the east coast has also improved substantially in recent years due to developments in relation to the Kárahnjúkar dam project and the Alcoa Fjarðarál aluminum smelter. The overall infrastructural elasticity on the power grid is high enough to handle most types of outages due to line failures, power station shutdowns and disasters, but some very extreme edge cases exist where grid resilience is threatened, notably sudden outages in production units such as Kárahnjúkavirkjun, which could potentially lead to chain reactions of failures, similar to the power outage at Itaipu power station in Brazil on 21 January, 2002. In general, larger plants require larger transmission lines and inevitably cause more widespread damage when they do fail. Similarly, larger consumption units may threaten grid resilience. For instance, almost one third of Iceland’s total electricity consumption is used by a single aluminum smelter, meaning that the unlikely edge case of an abrupt total disconnect would momentarily increase the available electricity substantially. This kind of pathological outage may however be mitigated by various means, not least the further diversification of power production and consumption. + +Climate and Cooling +Estimates for data center energy utilization from IBM5 suggest that roughly half of all energy is used on cooling, and an additional fourth on heat waste, mostly due to internal electrical resistance in system components. Therefore, a priori energy waste in typical data centers is roughly 75% before any actual computation occurs. Mitigating this waste is clearly crucial to the efficiency, cost-effectiveness and sustainability of any data center. The proportional cost of cooling for data centers has risen dramatically over the past few years, relative to the cost of hardware. Reduction in hardware deployments due to virtualization and increases in system density have dramatically reduced equipment purchase costs as a proportion of operating costs. As a result of this, component-level heat waste mitigation is a primary industry research goal. Increasingly, large data center operators have started to look to areas with relatively cold climates. Cooling costs are significantly lower in cold areas, and most energy use in data centers in those areas that goes to cooling is attributable to airflow management and dehumidification rather than direct refrigeration. An example of this is the planned data center that Facebook, Inc., is building near Luleå, Sweden6. + +5 + +https://www-950.ibm.com/events/wwe/grp/grp030.nsf/vLookupPDFs/IBM%20BladeCenter%20 Product_Tikiri/$file/IBM%20BladeCenter%20Product_Tikiri.pdf 6 http://online.wsj.com/article/BT-CO-20111215-712478.html 11 + + In this respect, Iceland's climate is clear benefit for cloud hosting providers even though it’s not nearly as cold as some more northerly locales. The oceanic climate contributes to relatively stable temperatures over the year. Apart from insolation, there is relatively little seasonal variation in the factors that contribute to data center cooling. On the negative side, Iceland’s climate is generally rather humid, with an annual average of roughly 70.75%. In order for outside air to be used for cooling purposes some dehumidification would be needed. +Variable Average temp. °C Insolation, kWh/m²/day Wind speed, m/s Humidity, % Jan -2.60 0.11 10.20 80 Feb -2.59 0.53 10.27 78 Mar -1.59 1.31 9.63 71 Apr 1.37 2.77 8.42 69 May 5.24 4.11 7.18 66 Jun 8.49 4.71 6.51 66 Jul 10.31 4.16 6.40 63 Aug 9.58 3.27 6.63 61 Sep 6.29 2.17 7.62 67 Oct 2.75 0.97 8.85 72 Nov -0.04 0.25 8.76 77 Dec -1.91 0.03 10.41 79.0 + +(Reykjavík average temperature, insolation and windspeed, source: Gaisma.com) + +Connectivity +Iceland’s connectivity to the outside world has improved substantially over the last two decades. Since 1994, submarine fiber optics connections have existed to the Europe and North America. Since 2004, domestic Internet connectivity has gone up from 81% of households to 90%, compared to EU growth from 41% to 65%. Of the 10% of Icelandic households not connected to the Internet, 40% (4% of the total) claim not to want an Internet connection, whereas 25% (2.5% of the total) say it is due to price of connectivity. + +Submarine Cables +As of November 2011, there are four fiber optics cable links to Iceland: DanIce, Greenland Connect, FarIce, and CANTAT-3, in order of decreasing capacity. Several projects have been proposed to increase the number of fiber optics links to Iceland; of them, Emerald Express is the furthest towards completion. +Fiber optic cable CANTAT-3 FarIce Danice Greenland connect Emerald Express Owner Síminn Farice ehf Farice ehf TELE Greenland Emerald Networks Total capacity 7.5 Gb/s 720 Gb/s 5.2 Tb/s 1.9 Tb/s 58.6 Tb/s (planned) Installed capacity None Unknown ~20 Gb/s Unknown N/A Under construction Utilized capacity Decommissioned + +The CANTAT-3 was the first fiber optics cable connection to Iceland, greatly increasing the country’s telecommunications capacity. Installed in 1994, it was disrupted in late 2006 and was not returned to full capacity until mid-year 2007. The CANTAT-3 cable was retired in + +12 + + late 2010, due to age, operational costs, and low capacity. Farice ehf operates two fiber-optic submarine systems as of late 2011. It is partially owned by the Icelandic state and Arion bank, but a 20% stake is held by Faroese shareholders. Their first system, FarIce, lies between Seyðisfjörður, Iceland and Dunnet Bay, Scotland with a layover in Funningsfjørður in the Faroe Islands. From these locations it is backhauled to Reykjavík, Edinburgh and Tórshavn respectively. It traverses a roughly 1,400 km route using Dense Wavelength Division Multiplexing (DWDM) transmission technology. It has been in use since 2004 and is currently Iceland’s main communications line. Currently only roughly 3% of FarIce’s total potential capacity is installed, according to available sources. Farice ehf’s second system, Danice, was laid in 2008 and connects Landeyjarsandur in Iceland to Blaabjerg, Denmark, with a planned expansion to Eemshaven, Netherlands. Despite having significantly greater capacity than FarIce, it is much less utilized and mostly used as a redundancy cable for FarIce. The most recent fiber optic connection to Iceland is through Greenland Connect, installed in 2009 and owned and operated by TELE Greenland. It connects Milton, Trinity Bay, Newfoundland and Labrador, Canada, to Nuuk, Greenland, Qaqortoq, Greenland, and Landeyjarsandur, Iceland. It contains two fiber pairs specified for 128 wavelengths carrying 10 Gb/s each. As its landing point in Iceland is co-located with the Danice cable, direct bridging between them is possible. The Emerald Express is a planned 6x100x100 Gb/s fiber optics cable from the United States to Ireland with an offshoot to the Reykjanes peninsula in Iceland. Being constructed by Emerald Atlantis, Ltd. and TE SubCom, Ltd., it is scheduled to enter service in late 2012 and intends to facilitate ultra-low-latency connections to Europe and North America. Its Iceland branch will presumably carry two pairs, one for connection to Ireland, the other to the United States; the last pair connecting the US to Ireland directly. + +Installed and Utilized Capacity +Total capacity of installed fiber optic cables is currently around 7.8 Tb/s, not counting the CANTAT-3 cable. However, endpoint equipment has only been installed for a fraction of this capacity. The installed capacity is not known, but conservative estimates put it close to 200 Gb/s, or around 2.5% of the total capacity. Current utilized capacity is also unknown, but various estimates can be used to arrive at a figure. The combined foreign connectivity of universities and secondary colleges in Iceland is currently 16.5 Gb/s through RHNet. As RHNet typically accounts for between 14.2%-14.9% of total traffic through the Reykjavík Internet Exchange, it can be estimated that total foreign bandwidth consumption is close to 120 Gb/s. This number may turn out to be severely understated, but more detailed data is not available. + +13 + + (Map of proposed Emerald Express cable. Source: Emerald Networks) Uplink redundancy to Europe is good due to the FarIce and DanIce cables going separate routes. However, redundancy to the US is poor, since the only reliable connection is through Greenland. Currently, in the case of an outage, rerouting would have to be through Europe— presumably London. US redundancy will improve substantially when the Emerald Express is completed. Overall uplink redundancy is becoming better, providing more infrastructural elasticity and greater resilience. The older emergency satellite redundancy is slowly becoming less relevant and is probably not realistically needed. + +Domestic Network +The main domestic telecommunications hub is RIX (Reykjavík Internet Exchange), which is operated by ISNIC. This hub connects the main Internet service providers and data centers together. In general, domestic fiber optics and copper networks are operated by Míla, Fjarski and Gagnaveita Reykjavíkur. Míla is a subsidiary of the formerly state-run phone company (since privatized, currently known as Síminn). It operates a fiber optics ring around the country which were installed by NATO, but has expanded it substantially and introduced additional redundancy. It also operates fiber and copper networks in most settlements. Fjarki is a subsidiary of Landsvirkjun, the (mostly) state owned power company. + +14 + + Gagnaveita Reykjavíkur is a subsidiary of Orkuveita Reykjavíkur, the Reykjavík city power company. It provides mostly fiber to the home connections but also operates some communications backbones within the Reykjavík metropolitan area. + +Round Trip Latency +Round-trip latency to Europe is generally low, but varies widely depending on destination city and provider, origin location and provider, and various other variables. Generally speaking the network latency has low stochasticity (“jitter”), averaging around 4ms (milliseconds), suggesting natural latency rather than network congestion. We did informal testing of multiple origin and endpoints on known locations to arrive at some idea of latency trends. Typical round-trip times to London are close to 55ms; 31ms to Copenhagen. Connections to Oslo trend around 70ms, Berlin around 71ms, and to Madrid 74ms. On connections closer to the uplinks, slightly better times were observed, while household Internet connections showed slightly worse round-trip times. As such, none of this was particularly unexpected. The theoretical roundtrip time for a photon traveling over the big circle route from Reykjavík to London is 12.64ms; to Copenhagen it is 14.02ms. Therefore the Copenhagen connection is as close to reasonable expectations as is possible, while the London connection could possibly be improved. The FarIce endpoint is in Edinburgh, so packets bound for London must traverse potentially congested and slow UK networks after their initial arrival. + +Network Security +No major network security incidents have occurred in Iceland. Denial of Service attacks happen on a relatively small scale on a fairly regular basis, but are easily mitigated with standard techniques. No large scale online attacks have occurred in recent years, although in some cases competent attackers have been able to disable individual service providers for a number of hours. This is not considered to be more frequent in Iceland than in the EU, based on anecdotal evidence. Individual servers and home computers are moderately well protected from security threats compared to other countries, owing to a fair degree of awareness, a comparatively low incidence of pirated operating system software, and generally well configured routers on home connections. That said, many computers run outdated operating systems with severe security vulnerabilities, and many websites operate outdated web platforms, in particular Wordpress and Joomla, which are common staging grounds for attack. The Icelandic government is acutely aware of the threats posed to the security of networks, and in recently proposed amendments to the telecommunications act, provisions are made for the establishment of a CERT (Computer Emergency Response Team). This should increase multi-party coordination and responsiveness in the case of online attacks or other ICT-related emergency, and thus overall communications resilience. + +Future Connectivity Developments +A number of proposals have been made for future developments in connectivity in Iceland. + +15 + + One example which has frequently been brought up is that Iceland’s geographical situation makes it ideal for connecting the American east coast, Europe, and East Asia, due to the receding polar ice cover. Such a connection could land in Longyearbyen in Svalbard, and have connections to Murmansk, some settlements along northern Siberia, and either connect to Yakutsk via the Lena river or go through the Bering strait and connect to Alaska on the one hand and Kamchatka and Japan on the other hand. This would shorten round-trip latency to East Asia substantially, as most current connections go through the Mediterranean, down past India, and through the South China Sea. The Longyearbyen connection would allow for redundancy to Norway through an existing connection. Connections in Russia would help in Russia’s developing ICTs, as currently it is estimated that 70% of Russian communications go through Sweden. However, it would be vital to Europe’s communications security interests that such a connection have direct routes to East Asia rather than an intermittent landing in Russia. There are numerous ways in which such a proposal could be made beneficial to all parties, and it would open possibilities for diverse applications from cross-continental high speed trading and currency arbitrage to online gaming. For telephony applications, this connection would push the latency on communications between Europe and East Asia down below the threshold of human perception, itself a revolution in global telecommunications. Less ambitious potential developments that have been proposed include construction of large data centers on the Reykjanes peninsula, construction of further fiber optics links to Europe and America, and the establishment of data caches and mediation centers in Iceland for high availability applications. + +(Example routes for a “polar express” cable; also shows autumn arctic ice cover) + +16 + + The Russian Optical Trans-Arctic Submarine Cable System (ROTACS) project aims to do just that. According to an article + +(ROTACS telecommunication project outline; source: http://barentsnova.com/node/1737) + +(ROTACS and Arctic Fibre; source: Laser Focus World7) TODO: http://barentsnova.com/node/1737 +7 + +http://www.laserfocusworld.com/articles/print/volume-48/issue-04/world-news/fiber-cables-to-span-the-arcticocean.html + +17 + + Jurisdiction +Iceland is a parliamentary republic which gained independence from Denmark in 1944. It is a member of the United Nations, the Council of Europe (CoE), the European Economic Area (EEA), the European Free Trade Association (EFTA) and the North Atlantic Treaty Organization (NATO), amongst others. It is party to numerous international agreements including Schengen. Iceland’s membership in the EEA means that outside of a few limited areas, all EU commercial directives take effect in Iceland. In addition, both for conformity and utility, Iceland has adopted various non-EEA relevant directives. This tendency has been increasing as part of the preparations and negotiations for EU membership. As of 12 December, 2011, eight out of 33 chapters have been closed in Iceland’s EU accession negotiations. Of particular interest to this report, the chapter on information society and media is considered to generally already conform to the EU acquis. + +Commercial Issues +After the collapse of the Icelandic banking sector in 2008, the Icelandic Central Bank (Seðlabanki Íslands) was authorized to put limitations on the flow of capital, in particular those with no relevance to goods or services. The Central Bank is also authorized to require domestic companies to deposit and exchange foreign currency. As of November 2009 all restrictions have been lifted on new investments, and in practice trade from Iceland is not hindered substantially by the capital restrictions. VAT in Iceland is generally quite high, with most goods and services falling in the 25.5% VAT category. However, law 163/2010 introduced new exceptions to the VAT law (law 50/ 1988) which makes data processing and information provision, as well as “electronically provided services” exempt from taxed capital flows. Further, this law allowed an exemption from VAT for the importation of servers and related equipment (i.e., equipment which is necessary for the functioning of the servers and is only of direct benefit to the owners of the servers) in cases where the owners have official residence in other member states in the EEA, EFTA, or the Faroe Islands, and do not have fixed operations in Iceland in accordance with Icelandic tax law. This exception puts more specific requirements, for example that the owners of the servers pay VAT in their home country, that the purpose of the operations be of such a nature that it would require commercial registration if it were domestic, that the servers were imported specifically for the purpose of operation in a data center which their owner is in business with, that the servers and other equipment are used only by the owners, but not for other purposes within the data center, and that the servers be used from outside of Iceland. This exception is due for reconsideration in late 2013, but as it stands is exceptionally beneficial for cloud hosting providers. + +Overview of Icelandic Information Regulation + +18 + + Icelandic law conforms broadly to the European acquis regarding a number of different information regulations. Telecommunications are in general governed by law 81/2003 (telecommunications act), which implements EU directive 999/5/EC, regulation 2887/2000/EC, the Telecoms Package (directives 2002/19/EC, 2002/20/EC, 2002/21/EC and 2002/22/EC), and directives 2002/58/ EC and 2002/77/EC. Electronic commerce and other electronic services are generally governed by law 30/ 2002, which implements the e-Commerce directive (2000/31/EC), thereby establishing intermediary liability limitations which are crucial to the functioning of Internet service providers, hosting providers and data centers. The only practical failing of the Icelandic implementation of the e-commerce directive is that allowance is made for injunctions which, for historical reasons, can be issued by a regional sheriff (sýslumaður) without court supervision. This has not caused problems in the context of intermediary liability limitations, but has been used to stifle media on one occasion, and could potentially be abused further. Media is regulated under the media law, 38/2011, which implements Audiovisual Media Services Directive (2007/65/EC). Broadcast media is also regulated by the telecommunications act (81/2003). Personal and private data is protected under law 77/2000, which implements the Data Protection Directive (95/46/EC). Electronic signatures are allowed as a valid form of signature under law 28/2001, and to this end a national authentication card scheme has been developed and is being distributed as a feature of banking cards. Freedom of access to government information is defined in law 50/1996. This law has been under review, and a broad-reaching proposal for a new freedom of information law was submitted to the Parliament during its 139th term (ending in October 2011), but did not pass. A small subset of the changes proposed in that law by the relevant parliamentary committee were adopted into a new version of the bill which was submitted to parliament at the beginning of the 140th term. This new version did not include provisions proposed by the review committee regarding public registration of government documents and public advertisement of confidentiality terms, reasons and durations for secret documents. With regard to intellectual monopoly rights, patents are defined in law 17/1991, biopatents in law 58/2000, descriptions of electronic components are protected under law 78/1993, trademarks under law 45/1997, and in particular corporate logos are protected under law 155/2002. Finally, copyrights are defined in law 73/1972, which implements EU directives 89/552/EEC, 2003/4/EC, 2001/29/EC, 2001/84/EC, 91/250/EEC, 92/100/EEC, 93/83/ EEC, 93/98/EEC, 2004/48/EC (IPRED) and 2006/123/EC. Law 53/2006 defines specific permissions regarding the collection of evidence pertaining to violations of intellectual monopoly rights. + +Compatibility with European Union Directives +As previously stated, Iceland’s laws regarding information technology and media are largely in accordance with European acquis. However, in the European Commission’s Opinion on + +19 + + Iceland's application for membership of the European Union (COM(2010) 62)8, a few minor issues are laid out. The most salient issue is that the EU Data Retention Directive (2006/24/EC) has not been transposed. This is however a trivial issue——the telecommunications act contains provisions for data retention which originate from early drafts of the data retention, and is in all regards equivalent to the Data Retention Directive. Therefore, transposition is a formality. Data retention will be discussed further in the later section on electronic surveillance. Also according to the opinion, while “the legislative and administrative structure is similar to most EU Member States” the appointment procedures for the national regulatory authority (the post and telecoms administration, póst- og fjarskiptastofnun) have to be revisited to ensure transparency, objectivity, and high standards regarding security of tenure. It goes on to say that “in the field of information society services, the main directives have been transposed into the Icelandic legal order, i.e. the Directives on electronic signatures, ecommerce and conditional access.” + +Intermediary Liability Limitations +Law 30/2002 on e-commerce and electronic services implements the e-commerce directive (2000/31/EC), which provides indemnity for "mere conduits", such as telecommunications networks and Internet hosting providers. There are few and mostly well defined exceptions to this indemnity: ● an injunction from a sheriff or court order ● an notice-and-takedown procedure regarding copyright infringement ● knowledge of child pornography The exception for general court orders without further definition is worrying, due to the remnants of an magistrate system mostly abolished in 1991. Prior to this, the district “sheriff” (sýslumaður) also served as magistrate and had the ability to, amongst other things, enact injunctions. When their magisterial rights were revoked with the 1991 law, they retained their ability to enact injunctions. Although this has not caused problems in terms of Internet hosting, a sheriff’s injunction was used in 2009 to prevent the state broadcaster, RÚV, from airing a story pertaining to a leaked large loan book from the bank Kaupþing. As the injunction was revoked when the injunction had failed, it was never taken to court, so its veracity under the constitution was not tested. The exceptions should probably be improved by clarifying which exact circumstances can trigger such exceptions, as well as restricting the injunction measures to actual courts. + +Surveillance +The Telecommunications Act (Law 81/2003) was amended in 2005 to include provisions for data retention. It applies to telecommunication providers and its current implementation mandates the retention of records of all connection data for 6 months. It states that communications companies may only deliver information on telecommunications in criminal +8 + +http://ec.europa.eu/enlargement/pdf/key_documents/2010/is_opinion_analytical-report.pdf + +20 + + cases or on matters of public safety. It also states that such information may not be given to others than police and public prosecution. According to COM(2010) 62, an analytical report accompanying the communication from the Commission to the European Parliament and the Council containing the Commission Opinion on Iceland’s application for membership to the European Union, Iceland has not currently implemented the Data Retention Directive. This directive is currently being discussed (December 2011) in the Icelandic Parliament, however there are complications owing to the fact that the Data Retention Directive, 2006/24/EC, came into effect one year after the Icelandic Data Retention provisions, which have not since been overturned or amended. However, the 2005 law which established data retention in Iceland was made at the request of the Icelandic police chief (Ríkislögreglustjóri), making use of the current discussions that were then ongoing in the European Commission about the issue. Therefore, the implementation of data retention is structurally equivalent to the data retention directive, although formally the EU directive has not been implemented. During discussions in the Icelandic parliament about the (formal) implementation of the data retention directive, some parliamentarians were surprised to find that such a broad surveillance law already existed in the telecommunications act. There have been discussions, both public and within the parliament, about the potential abolition of data retention. However, this would impede the EU membership process and is therefore unlikely to gain traction without any political support from within the EU. There is an ongoing discussion about granting police enhanced surveillance rights, in the form of proactive investigative measures aimed at counteracting organized crime and terrorism. Although these measures have not yet been implemented, there is currently a resolution proposal being processed in the parliament. The interior minister, Ögmundur Jónasson, has independently stated that he is preparing proposals for such a law. The scope of such a law is unknown, but it is clear that proactive investigation measures would necessarily have to include expanded rights for telecommunications surveillance. Wiretapping and other electronic surveillance is regulated under the Telecommunications Act (81/2003) and further defined in Rules no. 837/2006 on Electronic Surveillance9. Both data retention and surveillance support add to operating costs and jurisdictional uncertainty for cloud hosting providers, especially given the complexity of unsettled international cross-jurisdictional issues. A new bill has been proposed in the Parliament, by the Interior Minister, for the establishment of a CERT team. The proposal as it stands contains provisions for allowing the CERT team to perform limited surveillance of a computer network, having been granted permission to do so by the network operator. It also gives the CERT team the right to report illegal activities on the network to the police. This combination could potentially be abused as a gateway to blanket surveillance, as has been noted in a memo issued by the Icelandic + +9 + +http://www.personuvernd.is/information-in-english/greinar//nr/610 + +21 + + Digital Freedoms Society10, but with greater restrictions (such as a ban on deep packet inspection and identification of individual users or network analysis that could compromise a user’s identity), it could serve to improve network security. + +Censorship +No state censorship is currently practiced in Iceland. Corporate censorship has been employed by telecoms providers in a few cases, at request of police and child protection authorities. Most notable was the anonymous forum site Ringulreið, which was accused of being a center for cyber-bullying. After the major telecoms providers, Síminn and Vodafone, voluntarily censored access to the site from its users, the site was shut down by its operators. Some ISPs, most notably Síminn, the largest ISP in Iceland (formerly the state telecoms company) offer parental filtering services to their customers on an opt-in basis. Such blocking software is largely controlled by end-users, although it is somewhat unclear by which criteria websites are added to these filter lists. However, no anti-competitive, political or religious censorship has been noticed in these systems. Over the last year, it can be argued that abuse of libel law has been on the rise. Journalists and commentators have been increasingly found guilty of libel for comments made on online media. In particular, one journalist has been found guilty for directly quoting an interviewee, whose statement was considered to be libelous by the court. In another case, an elderly woman was found guilty of libel for a Facebook comment wherein she made a value judgement on the characters of the claimants. Of course, in each of these cases there are competing interests and some uncertainty left to the courts, but many have commented on the potential chilling effects associated with such lawsuits and have called for reform. + +Data Protection +Data protection is regulated under law 77/2000, which implements EU Directive 95/46/EC (Data Protection Directive) and parts of EU Directive 97/7/EC (Equal Treatment in Social Security Directive). The day-to-day management of compliance is managed by the Data Protection Authority. Various rules and regulations apply with regards to data protection that might have relevance to data centers and information hosting, specifically: ● ● ● ● Rules no. 837/2006 on Electronic Surveillance. Rules no. 698/2004 on The Obligation to Notify and Processing which requires a Permit. Rules no. 299/2001 on security of personal data Regulation no. 322/2001 on Management of Personal Information by the Police + +10 + +Full disclosure: one of the authors of this report, Smári McCarthy, co-signed the memo in question and is a board member of the Icelandic Digital Freedoms Society at the time of writing. +22 + + Human Resources +Iceland is a highly educated country. Out of a workforce of 181,000 people, 33.3% have primary education, 38.2% have vocational education, and 28.1% have university education. After the financial crisis started in 2008, unemployment rose from 1.01% in 2007 to 8.13% in 2010. Recent reports suggest that the unemployment rate is going down, but that has not been confirmed by publicly available statistics. A 2006 OECD report showed that the number of scientific and engineering publications in internationally recognised journals had increased at an average annual growth rate of 5.7% since 1998 and that between 1991 and 2001, the number of publications per million population increased by 50%, from 403 to 610, compared to averages of 416 and 556 in those same years in the EU15. At that time, Iceland ranked eighth in the number of citations per paper (worldwide). The financial crisis caused some reductions in innovation and research & development funding, but this primarily had the effect of shifting researchers further into private sector research operations and startup companies. On the other hand, the Icelandic Innovation Center has started a number of seed labs where startup companies and small proprietors can rent inexpensive office space. + +Bala Kamallakharan has noted11 that 2011 was a record year for insolvencies in Iceland, while the number of new company registrations has dropped significantly. This could perhaps be attributed to unavailability of capital available to startups, or perhaps deflation of the last decade’s bubble. Without suitable employment for its highly skilled labor force to absorb, Icelanders will either resort to leaving for better opportunities abroad or remain idle domestically letting their considerable talent go to waste. +11 http://www.startupiceland.com/2012/01/2011-has-been-record-year-in-iceland.html + +23 + + Either way, the combination of experienced researchers, high unemployment rate, low rate of startup and high insolvency rate suggests that unless Iceland continues to experience an increase in “brain drain”, where well educated people seek employment outside the country, a significant underemployed or unemployed workforce will exist in Iceland. + +Icelandic Modern Media Initiative +On July 16th 2010, the Icelandic Parliament, Alþingi, unanimously adopted a parliamentary resolution to develop in Iceland advanced legislation for the protection of the rights to information and free speech. Since then, the Icelandic Modern Media Initiative, or IMMI, as it was called, has been in development, both inside the government ministries and institutions, and within Icelandic civil society. The originators of the IMMI initiative founded, in 2011, the International Modern Media Institute, a synacronymous civil society organization working towards ensuring that the goals and spirit of IMMI are met in Iceland, and sharing the ideas and developments with the world at large. + +Subject area +Source Protection Freedom of Information Act + +Status +Complete Pending ratification Pending ratification In development + +Notes +Media law + constitution New law replacing older law + constitution Changes to law + constitution + +Communications Protection + +Intermediary Liability Limitations Publishing Liability Limitations Whistleblower Protection Prior Restraint Limitations + +Changes to law + constitution + +In development In development Pending ratification + In Development On hiatus Pending ratification On hiatus + +Changes to law Changes to law + constitution Constitution + regulatory changes + +Judicial Process Protections Network Neutrality + +Constitution + +Virtual Limited Liability Companies Freedom of Expression Prize + +On hiatus + +24 + + Source Protection +The protection of sources refers to measures which forbid journalists from exposing the identity of their sources without the source’s permission. The purpose of such measures is to increase the willingness and security of sources who consider themselves to be at risk, when providing information of criminal wrongdoing, corruption, negligence or other socially unacceptable behavior to journalists. Journalistic source protection was implemented in Icelandic law 38/2011 (the media act). The source protection clause is defined in article 25., which states: +Employees of media organizations which have been licensed or registered with the media committee are forbidden to expose the identity of source for articles, books, retellings, announcements or other material, regardless of whether it has been published, if the source or the author requested anonymity. Employees of the media organization are also forbidden to release data which contain information regarding the source or author in such circumstances. The rule in the 1st paragraph also applies to those who, due to connections to the media organization or the production of the material has gained knowledge of the identity of the source or author, or has attained data to that effect. Source protection under paragraphs 1 and 2 can only be relieved with the permission of the source or the author, or on the basis of article 119 of the law on the prosecution of criminal cases, no. 88/2008. 12 + +In addition to the stipulation in the new media law, the proposed constitution for Iceland contains, in article 16, the statement: +The protection of journalists, their sources of information and whistle-blowers shall be ensured by law. It is not permitted to breach confidentiality without the consent of the person providing the information except in the process of criminal proceedings and pursuant to a court order. + +This provides equivalent protection under the constitution, if ratified, ensuring that the source protection clause would not be removed from law without referendum. Status: Complete. + +Freedom of Information Act +Access to government documents and records is mandated in Iceland by law 50/1996, (the information act). The current Icelandic FOI law does not conform to CoE convention, and it does not match the standards set in the Aarhus convention for environmental information.13 An updated information act was proposed at Alþingi in 2011, however, due to end of term in late September 2011, the bill did not complete the third reading in parliament and was therefore dropped. It has since been reintroduced with many of the changes merged in and multiple improvements made, however, the newly proposed version does not meet the high standard the bill had previously achieved. IMMI submitted an 8 page report and a 84 page change comparison of the two bills to the constitutional and regulatory committee of Alþingi in February 2012#, criticizing the government’s backpedaling against the changes that had previously been proposed in +12 The exception in article 119 of law 88/2008 applies to the case where criminal proceedings for serious offences cannot be + +resolved without the identity of the source or author being exposed. In such cases, it has been recommended although it is not stipulated in statutes, that the identity first be exposed to the judge in camera, so that the judge can appropriately measure the potential risk to the source against the benefit of the source’s exposure. This is generally considered an acceptable limitation to the otherwise absolute source protection clause. 13 The Aarhus convention was ratified by law 131/2011. + +25 + + parliamentary committee. At the moment, the committee work is proceeding. Cautious optimism suggests that the committee will once again restore the bill to its former state and that it will be accepted. If this is the case, the norm for access to information in Iceland will be altered from being a ‘publish on request’ regime to ‘publish by default’ regime.14 Then, any documents which are not published can be at least listed along with information about why it has been held back and FOI requests can be made for those documents specifically. This change is the most important alteration of many. In the meantime, the new proposed constitution of Iceland has guaranteed a substantial improvement of information rights.15 Status: Pending ratification + +Network Neutrality +Network neutrality is a very broad concept, but generally refers to the idea that each node operating on the network should be considered equal to all others in terms of access. Numerous governments and corporations have instantiated various forms of censorship and containerization#. Due to technical limitations of the IPv4 space, almost every end-user of the Internet can be considered in an aberration of the end-to-end principle often from NAT (Network Address Translation), this makes their nodes second class citizens of the Internet. There is a lot to be done in terms of network neutrality. This is going to be a topic for many years, but for now IMMI has decided to take the first steps. Article 14 of the proposed constitution creates an obligation for the government to protect the Internet, with the same constraints as those on free speech in general. Although those limitations should definitely be questioned, this must be considered a substantial victory, as no country currently even mentions the Internet in its constitution, let alone defends it: +The government shall guarantee conditions that are conducive to open and informed public discussion. Access to the Internet and information technology shall not be curtailed except by a decision of a court of law and on the same substantive conditions that apply to restrictions on the freedom of expression. + +Status: Pending Ratification + +Communications Protection and Communications Data Retention +In the interests of protecting privacy and source confidentiality, protection of communications is a vital ingredient to any coherent information regulation strategy. The protection of communications is a wide project that can be roughly split into two tasks. On the one hand, removing existing threats to communications protection from law, and on the other hand establishing new protections for communications. In January 2012, as Alþingi was debating the adoption of the European Union’s Data Retention Directive, IMMI produced a report outlining the dangers of blanket data retention. In committee, IMMI’s views got the support of the Privacy Directorate, and this led to the parliamentary committee requesting that the directive be postponed indefinitely and that the foreign minister inform the European Union that Iceland would not be implementing the +14 meaning that instead of FOI requests having to be made for each document individually in order to obtain a private copy for + +dissemination, which is a slow and complicated process, the rule will become that government publishes all documents publicly by default, for instance in an online database. 15 http://www.stjornlagarad.is/english/ Articile 15 (English PDF available from the website) + +26 + + directive. This however was not enough, as Iceland has in law a data retention clause (paragraph 3, article 42, of the telecommunications act, 81/2003, amended in 2005), which predates the EU’s Data Retention Directive by a year. IMMI has argued against this clause, both in newspapers and in opinions to parliament, and has drafted a bill for the removal of the act. More recently, IMMI was asked to submit proposals for improvement of certain articles of the telecommunications act being added to introduce a Computer Emergency Response Team (CERT) in Icelandic law, so as to better balance against privacy concerns. In these proposals, IMMI included the following proposal: +Paragraph 3 of article 42, requiring the retention of telecommunication data, is dropped. Appended to article 42 is a new paragraph: Parties other than the sender and the receiver of electronic packet-switched communications are forbidden to inspect or electronically process the payload of the packets. Headers and metadata of packet-switched communications shall only be stored for the period needed to resolve the routing of the communications and security measures as per article 47. a. + +This would effectively remove the data retention provisions from law, if adopted, and simultaneously improve the communications protection by making it a criminal offense to intercept and inspect communications, by methods such as Deep Packet Inspection. It is our hope that this provision be adopted in law. In addition to this development, the proposed constitution of Iceland contains a clause in article 11 expressly forbidding the search of communications, except with a valid court order.16 Status: Pending ratification & in further development + +Intermediary Liability Limitations +The original idea for limited liability for telecommunications intermediaries comes from the development of the Communications Decency Act in the United States around 1996. Since then, the European Union has adopted the e-Commerce Directive, which implements similar limitations. The directive is implemented in Iceland as the electronic commerce and other electronic services act (30/2002), and has equivalent measures. Immediately on exploring the intermediary liability limitations (ILLs) in the Icelandic law, a striking flaw presents itself in the form of “general court orders”. This phrasing is very vague and more importantly lends itself to being understood that district sheriffs, who in Iceland have injunctive powers, can issue takedown orders. IMMI has an interest in tightening this language, and intends to make proposals to do so in the coming months. More importantly though, ILLs have been under attack globally in recent years. A great many changes in strategies relating to intellectual monopoly enforcement, protection of official secrets and political attempts at opening doors for corruption have revolved around eroding ILLs. In order to counteract this trend, IMMI has partnered with several organizations to explore what can be done to define a legal and technical defense of both Internet endpoints and intermediaries that can better withstand political attempts at erosion. This work is in early stages, but some results are scheduled for July 2012. Status: In development +16 http://www.stjornlagarad.is/english/ Articile 11 + +27 + + Libel Tourism Protection +Libel tourism is the act of a company or individual choosing to pursue lawsuits against individuals or companies in a country with a low threshold for libel lawsuits. Legal extortion schemes have been perpetuated with companies being tried in countries such as England and Wales even if the defendant resides elsewhere in the world. This is a form of forum shopping. Implementing laws that prevent or diminish the effects of libel tourism in Iceland will protect Icelandic citizens and residents from this kind of forum shopping. It’s fairly important that people can predict with some certainty where, if anywhere, they will be taken to court. This also applies to companies, who base a lot of their operational security on knowing the legal environment. In this way, ending libel tourism will encourage foreign investment and provide financial security for companies operating here already. For now, Iceland has a mechanism. As a signatory of the Lugano treaty, Icelandic courts can decide not to uphold foreign court verdicts which go against the rule of law in Iceland. This means that a libel verdict from a foreign country can be challenged in an Icelandic court on the basis of article 34 of the Lugano treaty if it comes from a country with a substantially different burden of proof for libel than Iceland does. This has not been tested, but is currently our best bet. In the meantime, British libel reform efforts are going well, and coupled with a well written libel law in Iceland, may be sufficient to put an end to libel tourism - at least in Iceland. When that is finished, the bigger issue of International Forum Shopping remains. Status: Complete / Untested solution + +Libel Reform and Publishing Liability Limitations +The media law from 2011 introduced new rules regarding media liability. However, since its adoption, a number of court cases have been heard in Reykjavík which cast a shadow on the reform and point at a deeper structural fault in the current libel regime. Although media liability is defined in the print law and superseded by the media law, the terms of libel itself are defined in chapter XXV of the criminal act, which treats violations of privacy and libel as equal criminal offenses. Under the criminal act, it is illegal to make truthful accusations, to offend somebody publicly or privately, or to make unfavorable comments about deceased persons. As these are criminal offenses, they have assigned imprisonment penalties from 1 to 4 years, as well as fines, although imprisonment is rarely used in practice. The global trend in libel law is to move it away from criminal sanctions and into tort law, making it a civil offense, punishable only by fines. Alongside this, the scope of libel is to be narrowed, making the truth a valid defense and ensuring that people cannot be brought to charge for making value judgements against another’s character. It should be legal to call a person a jerk, although it is questionable whether you can call somebody a murderous jerk without backing it up with evidence. IMMI has completed the basic research needed to implement these changes and drafted a bill which aim to alleviate at least most of the existing concerns. Due to parliamentary scheduling rules, it cannot be introduced until the autumn of 2012. Status: Pending + +28 + + Whistleblower Protection +A whistleblower is a person that tries to disclose or report information on situations affecting the public that may evidence of criminal activity. Protection for individuals reporting institutionalized corruption is paramount. They may be providing relevant information to the public record, such as data or testimony about relevant matters like public health, passed incidents, crime, government biases, democracy undermining practices, violations of constitutional rights, corruption and bribery. Threats to whistleblowers come from corporate interests, governmental interests, criminal activities, biases inherent in legal and judicial officials and systems. Whistleblower protections must include a right to anonymity, physical, financial and social security. As the threat models, institutional settings and personal complexities of whistleblowing vary widely, this is perhaps the most complicated of IMMI’s tasks. While a lot of development work has been put into this issue already, we feel that the adequate protection of whistleblowers cannot be completed without deep investigation. As one core issue, the idea of corporate personhood must be challenged. Disregarding other arguments for doing so, it is very important that it not be decided that companies and other corporate vehicles have a right to privacy, as this would pit whistleblower activities up against privacy and data protection law, the sanctity of which is of equal importance. It’s a fight nobody should have to fight. That said, there has been no such ruling in Iceland and it is not foreseeable that that will change; it’s merely one issue of many that must be monitored and pro-actively taken action on.17 Status: In development + +Prior Restraint Limitations +Prior restraint is banned under article 73 of the Icelandic constitution. A slightly stronger implementation of prior restraint limitations are introduced in the new constitution, which is pending ratification. Outside of constitutional guarantees, IMMI also has an interest in protecting against abuse of injunctions by sheriffs, who still have injunctive authorities as a holdover from their now abolished tribunal role. This fits in with the discussion of Intermediary Liability Limitations stated above, and IMMI expects to be able to address these two concerns jointly. Status: Pending ratification + +Virtual Limited Liability Companies +Icelandic corporate law is currently somewhat hostile to foreign ownership from outside the European Economic Area (EEA). The idea of Virtual Limited Liability Companies is to allow for virtually defined corporate entities, whereby the ownership is somewhat ephemeral, as long as the owners adhere to certain Icelandic transparency requirements. In that way, a virtually operated commpany would have tax obligations and operational safe harbor rights in Iceland like any other company, but gets to operate virtually in exchange for some strict guarantees of transparency and such. + +17 For more detail see:: http://immi.is/Press_Release:_IMMI_Status_Update,_April_2012 + +29 + + This issue has more to do with creating a pleasant investment environment than explicitly improving the information regime in Iceland. For that reason, it has been relegated to the set of the last things we aim to accomplish in this set, and is therefore on hiatus for now. Status: On hiatus. + +Selected Bibliography +● Orkustefna fyrir Ísland; Stýrihópur um mótun heildstæðrar orkustefnu; http:// www.nea.is/media/gagnasofn/Orkustefna-fyrir-Island.pdf Iceland. What a Great Place to Put a Data Center; Verne Global / Martin Hannigan; http://www.uknof.org.uk/uknof12/Hanningan-Undersea.pdf Orkuspá fyrir Ísland 2010-2050; Orkustofnun; http://www.os.is/gogn/Skyrslur/OS2010/OS-2010-07.pdf Benchmarking Study on Iceland as a Location for Data Centre Activity; Invest in Iceland Agency; http://www.invest.is/resources/files/invest.is/BDC%20Report.pdf Mikil arðsemi af raforkusölu til stóriðju; Vísir; http://www.visir.is/mikil-ardsemi-afraforkusolu-til-storidju/article/2011712209851 Policy Mix for Innovation in Iceland; OECD; http://www.oecd.org/dataoecd/15/62/ 36648108.pdf ● + +● + +● + +● + +● + +30 + + \ No newline at end of file diff --git a/report/Greens-IslandsofResilience_ind.html b/report/Greens-IslandsofResilience_ind.html new file mode 100644 index 0000000..9ba354c --- /dev/null +++ b/report/Greens-IslandsofResilience_ind.html @@ -0,0 +1,37 @@ + + + + + +Page 1
+Page 2
+Page 3
+Page 4
+Page 5
+Page 6
+Page 7
+Page 8
+Page 9
+Page 10
+Page 11
+Page 12
+Page 13
+Page 14
+Page 15
+Page 16
+Page 17
+Page 18
+Page 19
+Page 20
+Page 21
+Page 22
+Page 23
+Page 24
+Page 25
+Page 26
+Page 27
+Page 28
+Page 29
+Page 30
+ + diff --git a/report/Greens-IslandsofResiliences.html b/report/Greens-IslandsofResiliences.html new file mode 100644 index 0000000..56b0ac5 --- /dev/null +++ b/report/Greens-IslandsofResiliences.html @@ -0,0 +1,475 @@ + + + + + + + + + +

 

+Islands of Resilience
+Comparative Model for Energy, Connectivity and Jurisdiction
+Realizing European ICT possibilities through a case study of Iceland


 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
 
+Smári McCarthy and Eleanor Saitta

 
 
 
 
 
+1
+
+

Prepared at the request of:
+on behalf of Members of the European Parliament 
Christian Engström, Indrek Tarand, Carl Schlyter, Sandrine Bélier, Karima Delli, Eva Lichtenberger, Raül 
Romeva i Rueda, Heide Rühle, Judith Sargentini, Bas Eickhout and Marije Cornelissen
 
 
 
 
Prepared at the request of The Greens / European Free Alliance
 
Authors:

+On behalf of Members of the European Parliament:
+   Smári McCarthy
+    Christian Engström
+   Eleanor Saitta
+    Indrek Tarand
    Carl Schlyter
+Contributing Researchers:
+    Sandrine Bélier
+   Guðjón Idir
+    Karmima Delli
+   Jason Scott
+    Eva Lichtenberger
    Paül Romeva i Rueda
    Heide Rühle
    Judith Sargentini
    Bas Eickhout
    Marije Cornelissen
+Produced by:
 

+ 
      

+    International Modern Media Institute
    Laugavegur 3
    101 Reykjavík
    Iceland

 
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
+2
+
+

 
 
 
+ Distributed under the terms of the 
+Creative Commons Attribution-Sharealike 3.0-unported License
+ 
+3
+
+Abstract
+Locale is rapidly becoming one of the most important competitive differentiators in the 
provision of cloud-based information technology services. Broadly speaking, three 
categories of issues define a locale's fitness for hosting the cloud: energy, connectivity, and 
jurisdiction.
+Energy is the largest cost center for most cloud hosts. Beyond price per kilowatt hour, 
hosting companies must consider redundant network availability, power grid resilience, 
environmental sustainability, climate, and equipment cooling requirements as core parts of 
their energy strategy.
+Connectivity is clearly essential for hosts, and differentiating factors here include total 
installed bandwidth, current utilized bandwidth, hub redundancy, international uplink 
redundancy, round trip latency, traffic shaping and network neutrality.
+Jurisdictional issues are an area of emerging concern and awareness for cloud hosts, where 
the landscape is shifting rapidly.  Hosting companies are deeply affected by intermediary 
liability, hosting liability, state and corporate surveillance, state and corporate censorship, the 
accessibility of and cost of interacting with courts, corruption, and socioeconomic stability.
+This report considers Iceland's relative competitive advantages and drawbacks as a hosting 
locale relating to these issues.
+4
+
+Table of Contents
+Abstract
+Introduction
Energy
+Energy Sources
Energy Utilization and Pricing
Grid Resilience and Redundancy
Climate and Cooling
+Connectivity
+Submarine Cables
Installed and Utilized Capacity
Domestic Network
Round Trip Latency
Network Security
Future Connectivity Developments

+Jurisdiction
+Commercial Issues
Overview of Icelandic Information Regulation
Compatibility with European Union Directives
Intermediary Liability Limitations
Surveillance
Censorship
Data Protection
Human Resources
Icelandic Modern Media Initiative
Source Protection
Freedom of Information Act
Network Neutrality
Communications Protection and Communications Data Retention
Intermediary Liability Limitations
Libel Tourism Protection
Libel Reform and Publishing Liability Limitations
Whistleblower Protection
Prior Restraint Limitations
Virtual Limited Liability Companies

+Selected Bibliography

+5
+
+Introduction
+This preliminary study is intended to give a birds-eye view of the primary factors pertaining 
to energy, connectivity and jurisdiction in Iceland, as applicable to ICT1 growth in general 
and cloud hosting in particular.. It is necessarily narrow in scope and largely based on 
aggregating publicly available information. As a result, some inaccuracies may exist, largely 
due to poor information made available by private actors. A more in-depth follow up study 
will  remedy this by seeking out more detailed expert insights, detailed statistics, and 
comparing against sourced cases.
+Regardless, this report clearly shows the advantages Iceland has in relation to ICTs, as well 
as showing some of its potential weaknesses and possible remedies.
+Iceland’s key strengths are:
+●
+Cheap and abundant energy generated from green, renewable, sustainable and 
resilient energy sources, distributed over a well designed and resilient power grid.
+●
+Increasingly good connectivity to the outside world with reasonable redundancy 
and a large amount of unused capacity available for expansion, and a very highly 
developed internal network with high resiliency.
+●
+An advanced and stable jurisdiction, with clear information rights and regulations, 
well structured administration, and well informed governing bodies.
+Iceland’s main weaknesses are:
+●
+Scale discrepancies both in energy generation and consumption which could 
potentially threaten grid resilience in extreme cases. This can be improved with 
further diversification of energy consumers, such as large-scale ICT deployments.
+●
+Iceland’s data connectivity is provided by a relatively small number of submarine 
cables connecting to the outside world, creating some network precarity.  This is 
currently being improved with the addition of new cables.
+●
+International data transport bandwidth through submarine cables is currently 
expensive. This could be mitigated by further investments, subsidies, or other 
methods to reduce the price for connection, with the intention of increasing the 
overall usage.
+●
+Iceland has similar issues with blanket communications surveillance as in the EU, 
which make it less attractive for hosting than countries where communications are 
not monitored. This is hard to fix without political will in the EU.
+●
+Wildcard properties exist in the implementation of the e-Commerce directive, 
connected to injunctive powers that district sheriffs still have. This can be solved by 
clarifying the instances under which injunctions can be made, and restricting the 
issuing authority to courts.
+Together Iceland’s key strengths form a very sound basis for the expansion of ICT in 
Iceland, especially cloud hosting.  Most of the weaknesses in Iceland’s position are either 
+1 Information and Communication Technologies
+6
+
+structural weaknesses common amongst all EU member states or are relatively trivial issues 
which can be resolved easily.

+Energy
+Energy is the largest cost center for most cloud hosting companies. Beyond price per 
kilowatt hour, hosting companies must consider redundant network availability, power grid 
resilience, environmental sustainability, climate, and equipment cooling requirements as 
core parts of their energy strategy. 
+In our analytical model for energy, we asked the following questions:
+How prevalent are renewable energy sources in current electrical production?
+1. Less than 3% of all energy production based on renewable energy sources.
2. Between 4 and 40% of all energy production based on renewable energy sources.
3. Between 40 and 60% of all energy production based on renewable energy sources.
4. Between 60 and 97% of all energy production based on renewable energy sources.
5. More than 97% of all energy production based on renewable energy sources.
+How much can current electrical production be increased without the construction of 
new (not currently planned) power plants?

+1. By less than 5% of current average power use.
2. By less than 25% of current average power use.
3. By less than 50% of current average power use.
4. By more than 75% of current average power use
5. By more than 100% of current average power use.
+What is the annual average price per kiloWatt hour for a commercial customer using 
less than 2 GWh/year, including generation and distribution?

+1. > €0.20/kWh
2. > €0.14/kWh
3. <= €0.14/kWh
4. < €0.09/kWh
5. < €0.07/kWh

+Iceland's national energy plan was last updated in November of 2011.
+Energy Sources
+7
+
+In 2009, Iceland’s total energy utilization was roughly 240 PJ2 of primary energy sources, 
which equates to roughly 67 TWh3. The primary energy sources were, in order of magnitude: 
geothermal, hydroelectric, oil, and coal. Geothermal energy use was greater than all other 
energy sources combined, while coal use was relatively minuscule. Energy use in Iceland 
has risen substantially since the 1940’s with the industrialization of the country, which up 
until roughly 1960 was almost entirely rural.
+A vast amount of geothermal energy is used for house-heating (45%), followed by electricity 
production (39%). In addition, it is used for snow-melting, swimming pools, fish farming, 
greenhouses and for industrial purposes. In 2009 a total of 22.3 PJ of geothermal energy 
was used for electricity production.
+Only 18% of Iceland’s primary energy utilization comes from petrochemicals, of which 
90% is oil and 10% coal. The majority of the coal is used by the iron smelting plant at 
Grundartangi, with other industrial processes consuming the remainder. Almost no natural 
gas is used in Iceland. Roughly 660 thousand tonnes of oil were used in Iceland in 2009, 
of which 41% went to powering cars, 18% for aircraft, and 29% for fishing. Petroleum use 
for cars has increased by 64% since 1990 in Iceland, contributing to the overall increase in 
use. Oil is not used for electricity production except for some emergency backup generators. 
Some towns have backup generators capable of sustaining basic operations throughout the 
town temporarily, but the redundancy of the electricity grid renders this use minimal.
+As a result, the electricity production in Iceland is almost exclusively from geothermal and 
hydroelectric primary energy sources. The theoretical maximum energy production in Iceland 
is 64 TWh per year from hydroelectric sources and between 10 and 30 TWh per year from 
geothermal sources. However, for natural protection purposes substantial regions of Iceland 
have been classified as natural reserves, parks, or other protected areas. In addition, certain 
areas have been classified as energy reserves that will not be used in coming years, in part 
for sustainability reasons. This lowers the effective energy available for production.
+The current installed production capacity is 12.3 TWh per year for hydroelectric power, 
and 4.6 TWh per year for geothermal power. After subtracting the protected and reserve 
production categories, the total available hydroelectric and geothermal energy available for 
future expansion is 11.91 TWh per year.
+Variability of energy pricing and availability is a critical issue for data centers.  As Iceland has 
little or no hydrocarbon-based electricity production, electricity prices are largely unaffected 
by fluctuations in the oil, gas, and coal markets, and will not be affected by supply chain 
interruptions in these markets.  This provides a critical level of energy resilience for the 
Icelandic electrical system at the supply end.  Cheap, reliable, resilience, and predictably 
priced energy sources are, in combination, a significant advantage for potential hosting 
companies.
+2 Petajoules. 1 PJ = 1015 J
3 Terawatt hours. 1 TWh = 1012 W·h
+8
+
+
+(Primary energy sources in Iceland 1940-2009. Inset: Proportional use. Top to bottom: Coal, 
+oil, geothermal and hydroelectric. Source: Orkuáætlun 2011)
+Energy Utilization and Pricing
+In 2009, 74% of produced electricity in Iceland went to the aluminum industry, with roughly 
4.9 TWh/year to Alcoa Fjarðarál, 4.0 TWh/year to Rio Tinto Alcan, and 4.0 TWh/year to 
Norðurál. 6% of produced electricity was used in the services industry, 5% for iron smelting 
plants, 5% for household appliances, 4% for utilities, 4% for general industries, and 1% in 
agriculture.
+9
+
+
+(Electricity use 2009. From top to bottom: Fisheries, agriculture, general industries, district 
+heating, home use, steel mills, services and aluminum industry. Source: Orkuátælun 2011)
+Energy use for household appliances accounted for 627 GWh in 2009, accounting for 7.1 
B ISK (€44.3 million)  in consumer use, including VAT. Average household electricity costs 
in Reykjavík are 11.30 ISK/kWh, or €0.07/kWh. This rate is substantially higher than the 
price for industry.  In the case of the aluminum smelters, these rates are 30% lower than 
the European average4, although the energy prices for aluminum smelting have been 
confidential. Alcoa Fjarðarál reportedly paid between 28-35 USD/MWh in 2006, or roughly 
€0.044/kWh at 2006 exchange rates.
+(Main power lines and power plants. Source: Landsnet. For realtime energy distribution 
+figures, see http://landsnet.is/raforkukerfid/kerfisstjornun/aflflutningurnuna/ )
+Grid Resilience and Redundancy
+Power grid resilience in Iceland is fairly high. The 61 power stations in Iceland are connected 
with a circular grid which goes around the country, providing basic redundancy. In addition, 
most power stations on the southwest corner have further grid redundancy simply due to the 
higher population density and related network effects.
+There are 50 hydroelectric power stations in Iceland, mostly small. There are 7 geothermal 
power plants, and 4 fueled power plants—one that generates power through garbage 
incineration, two diesel powered, and one methane plant.
+4 http://www.mbl.is/greinasafn/grein/1026890/
+10
+
+Some parts of the country, most notably the western fjords, are very poorly connected into 
the grid and frequently get disconnected during the winter months due to poor weather 
conditions. Power availability is maintained primarily with diesel generators when this 
happens. Similarly, Flatey and Grímsey, two populated islands off the Icelandic west 
and north coasts, respectively, are not connected to the main power grid, but are instead 
powered by diesel generators.
+Resilience is quite high on the southwest corner, where most economic activity is situated, 
but the east coast has also improved substantially in recent years due to developments in 
relation to the Kárahnjúkar dam project and the Alcoa Fjarðarál aluminum smelter.
+The overall infrastructural elasticity on the power grid is high enough to handle most types of 
outages due to line failures, power station shutdowns and disasters, but some very extreme 
edge cases exist where grid resilience is threatened, notably sudden outages in production 
units such as Kárahnjúkavirkjun, which could potentially lead to chain reactions of failures, 
similar to the power outage at Itaipu power station in Brazil on 21 January, 2002. In general, 
larger plants require larger transmission lines and inevitably cause more widespread 
damage when they do fail. Similarly, larger consumption units may threaten grid resilience.  
For instance, almost one third of Iceland’s total electricity consumption is used by a single 
aluminum smelter, meaning that the unlikely edge case of an abrupt total disconnect would 
momentarily increase the available electricity substantially. This kind of pathological outage 
may however be mitigated by various means, not least the further diversification of power 
production and consumption.
+Climate and Cooling
+Estimates for data center energy utilization from IBM5 suggest that roughly half of all energy 
is used on cooling, and an additional fourth on heat waste, mostly due to internal electrical 
resistance in system components. Therefore, a priori energy waste in typical data centers 
is roughly 75% before any actual computation occurs. Mitigating this waste is clearly crucial 
to the efficiency, cost-effectiveness and sustainability of any data center. The proportional 
cost of cooling for data centers has risen dramatically over the past few years, relative to the 
cost of hardware.  Reduction in hardware deployments due to virtualization and increases 
in system density have dramatically reduced equipment purchase costs as a proportion 
of operating costs.  As a result of this, component-level heat waste mitigation is a primary 
industry research goal.
+Increasingly, large data center operators have started to look to areas with relatively cold 
climates.  Cooling costs are significantly lower in cold areas, and most energy use in data 
centers in those areas that goes to cooling is attributable to airflow management and de-
humidification rather than direct refrigeration. An example of this is the planned data center 
that Facebook, Inc., is building near Luleå, Sweden6.
+5 https://www-950.ibm.com/events/wwe/grp/grp030.nsf/vLookupPDFs/IBM%20BladeCenter%20 
Product_Tikiri/$file/IBM%20BladeCenter%20Product_Tikiri.pdf
6 http://online.wsj.com/article/BT-CO-20111215-712478.html
+11
+
+In this respect, Iceland's climate is clear benefit for cloud hosting providers even though 
it’s not nearly as cold as some more northerly locales. The oceanic climate contributes to 
relatively stable temperatures over the year. Apart from insolation, there is relatively little 
seasonal variation in the factors that contribute to data center cooling. On the negative 
side, Iceland’s climate is generally rather humid, with an annual average of roughly 70.75%.  
In order for outside air to be used for cooling purposes some dehumidification would be 
needed.
+Variable
+Jan
+Feb
+Mar
+Apr
+May
+Jun
+Jul
+Aug
+Sep
+Oct
+Nov
+Dec
+Average temp. °C
+-2.60
+-2.59
+-1.59
+1.37
+5.24
+8.49
+10.31
+9.58
+6.29
+2.75
+-0.04
+-1.91
+Insolation, kWh/m²/day
+0.11
+0.53
+1.31
+2.77
+4.11
+4.71
+4.16
+3.27
+2.17
+0.97
+0.25
+0.03
+Wind speed, m/s
+10.20
+10.27
+9.63
+8.42
+7.18
+6.51
+6.40
+6.63
+7.62
+8.85
+8.76
+10.41
+Humidity, %
+80
+78
+71
+69
+66
+63
+61
+67
+72
+77
+79.0
+(Reykjavík average temperature, insolation and windspeed, source: Gaisma.com)
+Connectivity
+Iceland’s connectivity to the outside world has improved substantially over the last two 
decades. Since 1994, submarine fiber optics connections have existed to the Europe 
and North America. Since 2004, domestic Internet connectivity has gone up from 81% of 
households to 90%, compared to EU growth from 41% to 65%. Of the 10% of Icelandic 
households not connected to the Internet, 40% (4% of the total) claim not to want an Internet 
connection, whereas 25% (2.5% of the total) say it is due to price of connectivity.
+Submarine Cables
+As of November 2011, there are four fiber optics cable links to Iceland: DanIce, Greenland 
Connect, FarIce, and CANTAT-3, in order of decreasing capacity. Several projects have 
been proposed to increase the number of fiber optics links to Iceland; of them, Emerald 
Express is the furthest towards completion.
+Fiber optic cable
+Owner
+Total capacity
+Installed capacity
+Utilized capacity
+CANTAT-3
+Síminn
+7.5 Gb/s
+None
+Decommissioned
+FarIce
+Farice ehf
+720 Gb/s
+Unknown

+Danice
+Farice ehf
+5.2 Tb/s
+~20 Gb/s

+Greenland connect
+TELE Greenland
+1.9 Tb/s
+Unknown

+Emerald Express
+Emerald Networks
+58.6 Tb/s (planned)
+N/A
+Under construction

The CANTAT-3 was the first fiber optics cable connection to Iceland, greatly increasing the 
country’s telecommunications capacity. Installed in 1994, it was disrupted in late 2006 and 
was not returned to full capacity until mid-year 2007. The CANTAT-3 cable was retired in 
+12
+
+late 2010, due to age, operational costs, and low capacity.
+Farice ehf operates two fiber-optic submarine systems as of late 2011. It is partially owned 
by the Icelandic state and Arion bank, but a 20% stake is held by Faroese shareholders.
+Their first system, FarIce, lies between Seyðisfjörður, Iceland and Dunnet Bay, Scotland with 
a layover in Funningsfjørður in the Faroe Islands. From these locations it is backhauled to 
Reykjavík, Edinburgh and Tórshavn respectively. It traverses a roughly 1,400 km route using 
Dense Wavelength Division Multiplexing (DWDM) transmission technology. It has been in 
use since 2004 and is currently Iceland’s main communications line. Currently only roughly 
3% of FarIce’s total potential capacity is installed, according to available sources.
+Farice ehf’s second system, Danice, was laid in 2008 and connects Landeyjarsandur in 
Iceland to Blaabjerg, Denmark, with a planned expansion to Eemshaven, Netherlands. 
Despite having significantly greater capacity than FarIce, it is much less utilized and mostly 
used as a redundancy cable for FarIce.
+The most recent fiber optic connection to Iceland is through Greenland Connect, installed 
in 2009 and owned and operated by TELE Greenland. It connects Milton, Trinity Bay, 
Newfoundland and Labrador, Canada, to Nuuk, Greenland, Qaqortoq, Greenland, and 
Landeyjarsandur, Iceland. It contains two fiber pairs specified for 128 wavelengths carrying 
10 Gb/s each. As its landing point in Iceland is co-located with the Danice cable, direct 
bridging between them is possible.
+The Emerald Express is a planned 6x100x100 Gb/s fiber optics cable from the United States 
to Ireland with an offshoot to the Reykjanes peninsula in Iceland. Being constructed by 
Emerald Atlantis, Ltd. and TE SubCom, Ltd., it is scheduled to enter service in late 2012 and 
intends to facilitate ultra-low-latency connections to Europe and North America. Its Iceland 
branch will presumably carry two pairs, one for connection to Ireland, the other to the United 
States; the last pair connecting the US to Ireland directly.
+Installed and Utilized Capacity
+Total capacity of installed fiber optic cables is currently around 7.8 Tb/s, not counting the 
CANTAT-3 cable. However, endpoint equipment has only been installed for a fraction of this 
capacity. The installed capacity is not known, but conservative estimates put it close to 200 
Gb/s, or around 2.5% of the total capacity.
+Current utilized capacity is also unknown, but various estimates can be used to arrive at a 
figure. The combined foreign connectivity of universities and secondary colleges in Iceland is 
currently 16.5 Gb/s through RHNet. As RHNet typically accounts for between 14.2%-14.9% 
of total traffic through the Reykjavík Internet Exchange, it can be estimated that total foreign 
bandwidth consumption is close to 120 Gb/s. This number may turn out to be severely 
understated, but more detailed data is not available. 
+13
+
+
+(Map of proposed Emerald Express cable. Source: Emerald Networks)

Uplink redundancy to Europe is good due to the FarIce and DanIce cables going separate 
routes. However, redundancy to the US is poor, since the only reliable connection is through 
Greenland. Currently, in the case of an outage, rerouting would have to be through Europe—
presumably London. US redundancy will improve substantially when the Emerald Express is 
completed. 
 
Overall uplink redundancy is becoming better, providing more infrastructural elasticity 
and greater resilience. The older emergency satellite redundancy is slowly becoming less 
relevant and is probably not realistically needed.
 
+Domestic Network
+The main domestic telecommunications hub is RIX (Reykjavík Internet Exchange), which is 
operated by ISNIC. This hub connects the main Internet service providers and data centers 
together.
+In general, domestic fiber optics and copper networks are operated by Míla, Fjarski and 
Gagnaveita Reykjavíkur. Míla is a subsidiary of the formerly state-run phone company (since 
privatized, currently known as Síminn). It operates a fiber optics ring around the country 
which were installed by NATO, but has expanded it substantially and introduced additional 
redundancy. It also operates fiber and copper networks in most settlements.
+Fjarki is a subsidiary of Landsvirkjun, the (mostly) state owned power company.
+14
+
+Gagnaveita Reykjavíkur is a subsidiary of Orkuveita Reykjavíkur, the Reykjavík city 
power company. It provides mostly fiber to the home connections but also operates some 
communications backbones within the Reykjavík metropolitan area.
+Round Trip Latency
+Round-trip latency to Europe is generally low, but varies widely depending on destination city 
and provider, origin location and provider, and various other variables. Generally speaking 
the network latency has low stochasticity (“jitter”), averaging around 4ms (milliseconds), 
suggesting natural latency rather than network congestion.
+We did informal testing of multiple origin and endpoints on known locations to arrive at 
some idea of latency trends. Typical round-trip times to London are close to 55ms; 31ms to 
Copenhagen. Connections to Oslo trend around 70ms, Berlin around 71ms, and to Madrid 
74ms. On connections closer to the uplinks, slightly better times were observed, while 
household Internet connections showed slightly worse round-trip times. As such, none of this 
was particularly unexpected.
+The theoretical roundtrip time for a photon traveling over the big circle route from Reykjavík 
to London is 12.64ms; to Copenhagen it is 14.02ms. Therefore the Copenhagen connection 
is as close to reasonable expectations as is possible, while the London connection could 
possibly be improved. The FarIce endpoint is in Edinburgh, so packets bound for London 
must traverse potentially congested and slow UK networks after their initial arrival.
+Network Security
+No major network security incidents have occurred in Iceland. Denial of Service attacks 
happen on a relatively small scale on a fairly regular basis, but are easily mitigated with 
standard techniques. No large scale online attacks have occurred in recent years, although 
in some cases competent attackers have been able to disable individual service providers 
for a number of hours. This is not considered to be more frequent in Iceland than in the EU, 
based on anecdotal evidence.
+Individual servers and home computers are moderately well protected from security threats 
compared to other countries, owing to a fair degree of awareness, a comparatively low 
incidence of pirated operating system software, and generally well configured routers on 
home connections. That said, many computers run outdated operating systems with severe 
security vulnerabilities, and many websites operate outdated web platforms, in particular 
Wordpress and Joomla, which are common staging grounds for attack.
+The Icelandic government is acutely aware of the threats posed to the security of networks, 
and in recently proposed amendments to the telecommunications act, provisions are made 
for the establishment of a CERT (Computer Emergency Response Team). This should 
increase multi-party coordination and responsiveness in the case of online attacks or other 
ICT-related emergency, and thus overall communications resilience.
+Future Connectivity Developments
+A number of proposals have been made for future developments in connectivity in Iceland. 
+15
+
+

One example which has frequently been brought up is that Iceland’s geographical situation 
makes it ideal for connecting the American east coast, Europe, and East Asia, due to 
the receding polar ice cover. Such a connection could land in Longyearbyen in Svalbard, 
and have connections to Murmansk, some settlements along northern Siberia, and either 
connect to Yakutsk via the Lena river or go through the Bering strait and connect to Alaska 
on the one hand and Kamchatka and Japan on the other hand.
 
This would shorten round-trip latency to East Asia substantially, as most current connections 
go through the Mediterranean, down past India, and through the South China Sea. The 
Longyearbyen connection would allow for redundancy to Norway through an existing 
connection.  Connections in Russia would help in Russia’s developing ICTs, as currently it is 
estimated that 70% of Russian communications go through Sweden. However, it would be 
vital to Europe’s communications security interests that such a connection have direct routes 
to East Asia rather than an intermittent landing in Russia. There are numerous ways in 
which such a proposal could be made beneficial to all parties, and it would open possibilities 
for diverse applications from cross-continental high speed trading and currency arbitrage 
to online gaming. For telephony applications, this connection would push the latency on 
communications between Europe and East Asia down below the threshold of human 
perception, itself a revolution in global telecommunications.
 
Less ambitious potential developments that have been proposed include construction of 
large data centers on the Reykjanes peninsula, construction of further fiber optics links to 
Europe and America, and the establishment of data caches and mediation centers in Iceland 
for high availability applications.
 
+(Example routes for a “polar express” cable; also shows autumn arctic ice cover)

+16
+
+
+The Russian Optical Trans-Arctic Submarine Cable System (ROTACS) project aims to do 
just that. According to an article 
+(ROTACS telecommunication project outline; source: http://barentsnova.com/node/1737)

+(ROTACS and Arctic Fibre; source: Laser Focus World7)
+TODO: http://barentsnova.com/node/1737
+7 http://www.laserfocusworld.com/articles/print/volume-48/issue-04/world-news/fiber-cables-to-span-the-arctic-
ocean.html

+17
+
+Jurisdiction
+Iceland is a parliamentary republic which gained independence from Denmark in 1944. It 
is a member of the United Nations, the Council of Europe (CoE), the European Economic 
Area (EEA), the European Free Trade Association (EFTA) and the North Atlantic Treaty 
Organization (NATO), amongst others. It is party to numerous international agreements 
including Schengen.
+Iceland’s membership in the EEA means that outside of a few limited areas, all EU 
commercial directives take effect in Iceland. In addition, both for conformity and utility, 
Iceland has adopted various non-EEA relevant directives. This tendency has been 
increasing as part of the preparations and negotiations for EU membership. As of 12 
December, 2011, eight out of 33 chapters have been closed in Iceland’s EU accession 
negotiations. Of particular interest to this report, the chapter on information society and 
media is considered to generally already conform to the EU acquis.
+Commercial Issues
+After the collapse of the Icelandic banking sector in 2008, the Icelandic Central Bank 
(Seðlabanki Íslands) was authorized to put limitations on the flow of capital, in particular 
those with no relevance to goods or services. The Central Bank is also authorized to require 
domestic companies to deposit and exchange foreign currency. As of November 2009 all 
restrictions have been lifted on new investments, and in practice trade from Iceland is not 
hindered substantially by the capital restrictions.
+VAT in Iceland is generally quite high, with most goods and services falling in the 25.5% 
VAT category. However, law 163/2010 introduced new exceptions to the VAT law (law 50/
1988) which makes data processing and information provision, as well as “electronically 
provided services” exempt from taxed capital flows.
+Further, this law allowed an exemption from VAT for the importation of servers and related 
equipment (i.e., equipment which is necessary for the functioning of the servers and is 
only of direct benefit to the owners of the servers) in cases where the owners have official 
residence in other member states in the EEA, EFTA, or the Faroe Islands, and do not 
have fixed operations in Iceland in accordance with Icelandic tax law. This exception puts 
more specific requirements, for example that the owners of the servers pay VAT in their 
home country, that the purpose of the operations be of such a nature that it would require 
commercial registration if it were domestic, that the servers were imported specifically for 
the purpose of operation in a data center which their owner is in business with, that the 
servers and other equipment are used only by the owners, but not for other purposes within 
the data center, and that the servers be used from outside of Iceland. This exception is due 
for reconsideration in late 2013, but as it stands is exceptionally beneficial for cloud hosting 
providers.
+Overview of Icelandic Information Regulation
+18
+
+Icelandic law conforms broadly to the European acquis regarding a number of different 
information regulations.
 
Telecommunications are in general governed by law 81/2003 (telecommunications act), 
which implements EU directive 999/5/EC, regulation 2887/2000/EC, the Telecoms Package 
(directives 2002/19/EC, 2002/20/EC, 2002/21/EC and 2002/22/EC), and directives 2002/58/
EC and 2002/77/EC.
 
Electronic commerce and other electronic services are generally governed by law 30/
2002, which implements the e-Commerce directive (2000/31/EC), thereby establishing 
intermediary liability limitations which are crucial to the functioning of Internet service 
providers, hosting providers and data centers. The only practical failing of the Icelandic 
implementation of the e-commerce directive is that allowance is made for injunctions 
which, for historical reasons, can be issued by a regional sheriff (sýslumaður) without court 
supervision. This has not caused problems in the context of intermediary liability limitations, 
but has been used to stifle media on one occasion, and could potentially be abused further.
+Media is regulated under the media law, 38/2011, which implements Audiovisual 
Media Services Directive (2007/65/EC). Broadcast media is also regulated by the 
telecommunications act (81/2003).
 
Personal and private data is protected under law 77/2000, which implements the Data 
Protection Directive (95/46/EC). Electronic signatures are allowed as a valid form of 
signature under law 28/2001, and to this end a national authentication card scheme has 
been developed and is being distributed as a feature of banking cards.
 
Freedom of access to government information is defined in law 50/1996. This law has been 
under review, and a broad-reaching proposal for a new freedom of information law was 
submitted to the Parliament during its 139th term (ending in October 2011), but did not 
pass. A small subset of the changes proposed in that law by the relevant parliamentary 
committee were adopted into a new version of the bill which was submitted to parliament 
at the beginning of the 140th term. This new version did not include provisions proposed 
by the review committee regarding public registration of government documents and public 
advertisement of confidentiality terms, reasons and durations for secret documents.
 
With regard to intellectual monopoly rights, patents are defined in law 17/1991, biopatents 
in law 58/2000, descriptions of electronic components are protected under law 78/1993, 
trademarks under law 45/1997, and in particular corporate logos are protected under law 
155/2002. Finally, copyrights are defined in law 73/1972, which implements EU directives 
89/552/EEC,  2003/4/EC, 2001/29/EC, 2001/84/EC, 91/250/EEC, 92/100/EEC, 93/83/
EEC, 93/98/EEC, 2004/48/EC (IPRED) and 2006/123/EC. Law 53/2006 defines specific 
permissions regarding the collection of evidence pertaining to violations of intellectual 
monopoly rights.
 
+Compatibility with European Union Directives
+As previously stated, Iceland’s laws regarding information technology and media are largely 
in accordance with European acquis. However, in the European Commission’s Opinion on 
+19
+
+Iceland's application for membership of the European Union (COM(2010) 62)8, a few minor 
issues are laid out.
+The most salient issue is that the EU Data Retention Directive (2006/24/EC) has not 
been transposed. This is however a trivial issue——the telecommunications act contains 
provisions for data retention which originate from early drafts of the data retention, and is in 
all regards equivalent to the Data Retention Directive. Therefore, transposition is a formality. 
Data retention will be discussed further in the later section on electronic surveillance.
+Also according to the opinion, while “the legislative and administrative structure is similar to 
most EU Member States” the appointment procedures for the national regulatory authority 
(the post and telecoms administration, póst- og fjarskiptastofnun) have to be revisited to 
ensure  transparency, objectivity, and high standards regarding security of tenure.
+It goes on to say that “in the field of information society services, the main directives have 
been transposed into the Icelandic legal order, i.e. the Directives on electronic signatures, e-
commerce and conditional access.” 
+Intermediary Liability Limitations
+Law 30/2002 on e-commerce and electronic services implements the e-commerce directive 
(2000/31/EC), which provides indemnity for "mere conduits", such as telecommunications 
networks and Internet hosting providers.
+There are few and mostly well defined exceptions to this indemnity: 
+●
+an injunction from a sheriff or court order
+●
+an notice-and-takedown procedure regarding copyright infringement
+●
+knowledge of child pornography

The exception for general court orders without further definition is worrying, due to the 
remnants of an magistrate system mostly abolished in 1991. Prior to this, the district “sheriff” 
(sýslumaður) also served as magistrate and had the ability to, amongst other things, enact 
injunctions. When their magisterial rights were revoked with the 1991 law, they retained 
their ability to enact injunctions. Although this has not caused problems in terms of Internet 
hosting, a sheriff’s injunction was used in 2009 to prevent the state broadcaster, RÚV, 
from airing a story pertaining to a leaked large loan book from the bank Kaupþing. As the 
injunction was revoked when the injunction had failed, it was never taken to court, so its 
veracity under the constitution was not tested.
 
The exceptions should probably be improved by clarifying which exact circumstances can 
trigger such exceptions, as well as restricting the injunction measures to actual courts.
+Surveillance
+The Telecommunications Act (Law 81/2003) was amended in 2005 to include provisions 
for data retention. It applies to telecommunication providers and its current implementation 
mandates the retention of records of all connection data for 6 months. It states that 
communications companies may only deliver information on telecommunications in criminal 
+8 http://ec.europa.eu/enlargement/pdf/key_documents/2010/is_opinion_analytical-report.pdf
+20
+
+cases or on matters of public safety. It also states that such information may not be given to 
others than police and public prosecution.
+According to COM(2010) 62, an analytical report accompanying the communication from 
the Commission to the European Parliament and the Council containing the Commission 
Opinion on Iceland’s application for membership to the European Union, Iceland has 
not currently implemented the Data Retention Directive. This directive is currently being 
discussed (December 2011) in the Icelandic Parliament, however there are complications 
owing to the fact that the Data Retention Directive, 2006/24/EC, came into effect one year 
after the Icelandic Data Retention provisions, which have not since been overturned or 
amended. However, the 2005 law which established data retention in Iceland was made 
at the request of the Icelandic police chief (Ríkislögreglustjóri), making use of the current 
discussions that were then ongoing in the European Commission about the issue. Therefore, 
the implementation of data retention is structurally equivalent to the data retention directive, 
although formally the EU directive has not been implemented. 
 
During discussions in the Icelandic parliament about the (formal) implementation of 
the data retention directive, some parliamentarians were surprised to find that such a 
broad surveillance law already existed in the telecommunications act. There have been 
discussions, both public and within the parliament, about the potential abolition of data 
retention.  However, this would impede the EU membership process and is therefore unlikely 
to gain traction without any political support from within the EU.
 
There is an ongoing discussion about granting police enhanced surveillance rights, in 
the form of proactive investigative measures aimed at counteracting organized crime and 
terrorism. Although these measures have not yet been implemented, there is currently a 
resolution proposal being processed in the parliament.  The interior minister, Ögmundur 
Jónasson, has independently stated that he is preparing proposals for such a law. The 
scope of such a law is unknown, but it is clear that proactive investigation measures would 
necessarily have to include expanded rights for telecommunications surveillance.
 
Wiretapping and other electronic surveillance is regulated under the Telecommunications  
Act (81/2003) and further defined in Rules no. 837/2006 on Electronic Surveillance9.
 
Both data retention and surveillance support add to operating costs and jurisdictional 
uncertainty for cloud hosting providers, especially given the complexity of unsettled 
international cross-jurisdictional issues.
 
A new bill has been proposed in the Parliament, by the Interior Minister, for the 
establishment of a CERT team. The proposal as it stands contains provisions for allowing 
the CERT team to perform limited surveillance of a computer network, having been granted 
permission to do so by the network operator. It also gives the CERT team the right to report 
illegal activities on the network to the police. This combination could potentially be abused 
as a gateway to blanket surveillance, as has been noted in a memo issued by the Icelandic 
+9 http://www.personuvernd.is/information-in-english/greinar//nr/610
+21
+
+Digital Freedoms Society10, but with greater restrictions (such as a ban on deep packet 
inspection and identification of individual users or network analysis that could compromise a 
user’s identity), it could serve to improve network security.
+Censorship
+No state censorship is currently practiced in Iceland. 
+Corporate censorship has been employed by telecoms providers in a few cases, at request 
of police and child protection authorities. Most notable was the anonymous forum site 
Ringulreið, which was accused of being a center for cyber-bullying. After the major telecoms 
providers, Síminn and Vodafone, voluntarily censored access to the site from its users, the 
site was shut down by its operators. 
+Some ISPs, most notably Síminn, the largest ISP in Iceland (formerly the state telecoms 
company) offer parental filtering services to their customers on an opt-in basis. Such 
blocking software is largely controlled by end-users, although it is somewhat unclear by 
which criteria websites are added to these filter lists. However, no anti-competitive, political 
or religious censorship has been noticed in these systems.
+Over the last year, it can be argued that abuse of libel law has been on the rise. Journalists 
and commentators have been increasingly found guilty of libel for comments made on online 
media. In particular, one journalist has been found guilty for directly quoting an interviewee, 
whose statement was considered to be libelous by the court. In another case, an elderly 
woman was found guilty of libel for a Facebook comment wherein she made a value 
judgement on the characters of the claimants. Of course, in each of these cases there are 
competing interests and some uncertainty left to the courts, but many have commented on 
the potential chilling effects associated with such lawsuits and have called for reform.
+Data Protection
+Data protection is regulated under law 77/2000, which implements EU Directive 95/46/EC 
(Data Protection Directive) and parts of EU Directive 97/7/EC (Equal Treatment in Social 
Security Directive). The day-to-day management of compliance is managed by the Data 
Protection Authority.
+Various rules and regulations apply with regards to data protection that might have 
relevance to data centers and information hosting, specifically:
+●
+Rules no. 837/2006 on Electronic Surveillance.
+●
+Rules no. 698/2004 on The Obligation to Notify and Processing which requires a 
Permit.

+●
+Rules no. 299/2001 on security of personal data
+●
+Regulation no. 322/2001 on Management of Personal Information by the Police
+10 Full disclosure: one of the authors of this report, Smári McCarthy, co-signed the memo 
in question and is a board member of the Icelandic Digital Freedoms Society at the time of 
writing.
+22
+
+
+Human Resources
+Iceland is a highly educated country. Out of a workforce of 181,000 people, 33.3% have 
primary education, 38.2% have vocational education, and 28.1% have university education.
+After the financial crisis started in 2008, unemployment rose from 1.01% in 2007 to 8.13% 
in 2010. Recent reports suggest that the unemployment rate is going down, but that has not 
been confirmed by publicly available statistics.
+A 2006 OECD report showed that the number of scientific and engineering publications 
in internationally recognised journals had increased at an average annual growth rate of 
5.7% since 1998 and that between 1991 and 2001, the number of publications per million 
population increased by 50%, from 403 to 610, compared to averages of 416 and 556 in 
those same years in the EU15. At that time, Iceland ranked eighth in the number of 
citations per paper (worldwide). The financial crisis caused some reductions in innovation 
and research & development funding, but this primarily had the effect of shifting researchers 
further into private sector research operations and startup companies. On the other hand, 
the Icelandic Innovation Center has started a number of seed labs where startup companies 
and small proprietors can rent inexpensive office space.
 
+Bala Kamallakharan has noted11 that 2011 was a record year for insolvencies in Iceland, 
while the number of new company registrations has dropped significantly. This could 
perhaps be attributed to unavailability of capital available to startups, or perhaps deflation 
of the last decade’s bubble. Without suitable employment for its highly skilled labor force to 
absorb, Icelanders will either resort to leaving for better opportunities abroad or remain idle 
domestically letting their considerable talent go to waste.  
+11 http://www.startupiceland.com/2012/01/2011-has-been-record-year-in-iceland.html
+23
+
+ 
Either way, the combination of experienced researchers, high unemployment rate, low rate 
of startup and high insolvency rate suggests that unless Iceland continues to experience an 
increase in “brain drain”, where well educated people seek employment outside the country, 
a significant underemployed or unemployed workforce will exist in Iceland.
 
+Icelandic Modern Media Initiative
On July 16th 2010, the Icelandic Parliament, Alþingi, unanimously adopted a parliamentary 
resolution  to  develop  in  Iceland  advanced  legislation  for  the  protection  of  the  rights  to 
information and free speech. Since then, the Icelandic Modern Media Initiative, or IMMI, as it 
was called, has been in development, both inside the government ministries and institutions, 
and within Icelandic civil society. The originators of the IMMI initiative founded, in 2011, the 
International  Modern  Media  Institute,  a  synacronymous  civil  society  organization  working 
towards ensuring that the goals and spirit of IMMI are met in Iceland, and sharing the ideas 
and developments with the world at large.
 
 
 
 
+Subject area
+Status
+Notes
+Source Protection
+Complete
+Media law + constitution
+Freedom of Information Act
+Pending 
+New law replacing older law + 
+ratification
+constitution
+Communications Protection
+Pending 
+Changes to law + constitution
+ratification
+Intermediary Liability 
+In development
+Changes to law + constitution
+Limitations
+Publishing Liability Limitations
+In development
+Changes to law
+Whistleblower Protection
+In development
+Changes to law + constitution
+Prior Restraint Limitations
+Pending 
+Constitution + regulatory changes
+ratification +
In Development

+Judicial Process Protections
+On hiatus

+Network Neutrality
+Pending 
+Constitution
+ratification
+Virtual Limited Liability 
+On hiatus

+Companies
+Freedom of Expression Prize
+On hiatus

+24
+
+Source Protection
The  protection  of  sources  refers  to  measures  which  forbid  journalists  from  exposing  the 
identity of their sources without the source’s permission. The purpose of such measures is 
to  increase  the  willingness  and  security  of  sources  who  consider  themselves  to  be  at  risk, 
when  providing  information  of  criminal  wrongdoing,  corruption,  negligence  or  other  socially 
unacceptable behavior to journalists.
 
Journalistic  source  protection  was  implemented  in  Icelandic  law  38/2011  (the  media  act). 
The source protection clause is defined in article 25., which states:
 
+Employees  of  media  organizations  which  have  been  licensed  or  registered  with  the  media  committee 
are  forbidden  to  expose  the  identity  of  source  for  articles,  books,  retellings,  announcements  or  other 
material, regardless of whether it has been published, if the source or the author requested anonymity. 
Employees  of  the  media  organization  are  also  forbidden  to  release  data  which  contain  information 
regarding the source or author in such circumstances.
The rule in the 1st paragraph also applies to those who, due to connections to the media organization 
or  the  production  of  the  material  has  gained  knowledge  of  the  identity  of  the  source  or  author,  or  has 
attained data to that effect.
Source protection under paragraphs 1 and 2 can only be relieved with the permission of the source or 
the author, or on the basis of article 119 of the law on the prosecution of criminal cases, no. 88/2008.12

 
In  addition  to  the  stipulation  in  the  new  media  law,  the  proposed  constitution  for  Iceland 
contains, in article 16, the statement:
 
+The protection of journalists, their sources of information and whistle-blowers shall be ensured by law. 
It  is  not  permitted  to  breach  confidentiality  without  the  consent  of  the  person  providing  the  information 
except in the process of criminal proceedings and pursuant to a court order.

This provides equivalent protection under the constitution, if ratified, ensuring that the source 
protection clause would not be removed from law without referendum.
 
Status: Complete.
 

+Freedom of Information Act
Access to government documents and records is mandated in Iceland by law 50/1996, (the 
information act). The current Icelandic FOI law does not conform to CoE convention, and it 
does not match the standards set in the Aarhus convention for environmental information.13
 
An updated information act was proposed at Alþingi in 2011, however, due to end of term 
in late September 2011, the bill did not complete the third reading in parliament and was 
therefore dropped. It has since been reintroduced with many of the changes merged in and 
multiple improvements made, however, the newly proposed version does not meet the high 
standard the bill had previously achieved.
 
IMMI submitted an 8 page report and a 84 page change comparison of the two bills to 
the constitutional and regulatory committee of Alþingi in February 2012#, criticizing the 
government’s backpedaling against the changes that had previously been proposed in 
+12 The exception in article 119 of law 88/2008 applies to the case where criminal proceedings for serious offences cannot be 
resolved without the identity of the source or author being exposed. In such cases, it has been recommended although it is not 
stipulated in statutes, that the identity first be exposed to the judge in camera, so that the judge can appropriately measure the 
potential risk to the source against the benefit of the source’s exposure. This is generally considered an acceptable limitation to 
the otherwise absolute source protection clause.
13 The Aarhus convention was ratified by law 131/2011.
+25
+
+parliamentary committee. At the moment, the committee work is proceeding.
 
Cautious optimism suggests that the committee will once again restore the bill to its former 
state and that it will be accepted. If this is the case, the norm for access to information 
in Iceland will be altered from being a ‘publish on request’ regime to ‘publish by default’ 
regime.14 Then, any documents which are not published can be at least listed along with 
information about why it has been held back and FOI requests can be made for those 
documents specifically. This change is the most important alteration of many.
 
In the meantime, the new proposed constitution of Iceland has guaranteed a substantial 
improvement of information rights.15
 
Status: Pending ratification
+Network Neutrality
Network  neutrality  is  a  very  broad  concept,  but  generally  refers  to  the  idea  that  each  node 
operating  on  the  network  should  be  considered  equal  to  all  others  in  terms  of  access. 
Numerous governments and corporations have instantiated various forms of censorship and 
containerization#.  Due  to  technical  limitations  of  the  IPv4  space,  almost  every  end-user  of 
the  Internet  can  be  considered  in  an  aberration  of  the  end-to-end  principle  often  from  NAT 
(Network Address Translation), this makes their nodes second class citizens of the Internet. 
There is a lot to be done in terms of network neutrality.
 
This  is  going  to  be  a  topic  for  many  years,  but  for  now  IMMI  has  decided  to  take  the  first 
steps.  Article  14  of  the  proposed  constitution  creates  an  obligation  for  the  government  to 
protect the Internet, with the same constraints as those on free speech in general. Although 
those  limitations  should  definitely  be  questioned,  this  must  be  considered  a  substantial 
victory,  as  no  country  currently  even  mentions  the  Internet  in  its  constitution,  let  alone 
defends it:
 
+The government shall guarantee conditions that are conducive to open and informed public  discussion. 
Access to the Internet and information technology shall not be curtailed except by a decision of a court 
of law and on the same substantive conditions that apply to restrictions on the freedom of expression.

Status: Pending Ratification
+Communications Protection and Communications Data Retention
In the interests of protecting privacy and source confidentiality, protection of communications 
is a vital ingredient to any coherent information regulation strategy.
 
The protection of communications is a wide project that can be roughly split into two tasks. 
On the one hand, removing existing threats to communications protection from law, and on 
the other hand establishing new protections for communications.
 
In  January  2012,  as  Alþingi  was  debating  the  adoption  of  the  European  Union’s  Data 
Retention Directive, IMMI produced a report outlining the dangers of blanket data retention. 
In  committee,  IMMI’s  views  got  the  support  of  the  Privacy  Directorate,  and  this  led  to  the 
parliamentary  committee  requesting  that  the  directive  be  postponed  indefinitely  and  that 
the foreign minister inform the European Union that Iceland would not be implementing the 
+14 meaning that instead of FOI requests having to be made for each document individually in order to obtain a private copy for 
dissemination, which is a slow and complicated process, the rule will become that government publishes all documents publicly 
by default, for instance in an online database.
15 http://www.stjornlagarad.is/english/ Articile 15 (English PDF available from the website)
+26
+
+directive.
 
This  however  was  not  enough,  as  Iceland  has  in  law  a  data  retention  clause  (paragraph 
3,  article  42,  of  the  telecommunications  act,  81/2003,  amended  in  2005),  which  predates 
the  EU’s  Data  Retention  Directive  by  a  year.  IMMI  has  argued  against  this  clause,  both  in 
newspapers and in opinions to parliament, and has drafted a bill for the removal of the act.
 
More  recently,  IMMI  was  asked  to  submit  proposals  for  improvement  of  certain  articles  of 
the  telecommunications  act  being  added  to  introduce  a  Computer  Emergency  Response 
Team  (CERT)  in  Icelandic  law,  so  as  to  better  balance  against  privacy  concerns.  In  these 
proposals, IMMI included the following proposal:
 
+Paragraph 3 of article 42, requiring the retention of telecommunication data, is dropped.
+Appended to article 42 is a new paragraph:
Parties  other  than  the  sender  and  the  receiver  of  electronic  packet-switched  communications  are 
forbidden  to  inspect  or  electronically  process  the  payload  of  the  packets.  Headers  and  metadata  of 
packet-switched communications shall only be stored for the period needed to resolve the routing of the 
communications and security measures as per article 47. a.
 
+This  would  effectively  remove  the  data  retention  provisions  from  law,  if  adopted,  and 
simultaneously  improve  the  communications  protection  by  making  it  a  criminal  offense  to 
intercept and inspect communications, by methods such as Deep Packet Inspection. It is our 
hope that this provision be adopted in law.
 
In  addition  to  this  development,  the  proposed  constitution  of  Iceland  contains  a  clause  in 
article  11  expressly  forbidding  the  search  of  communications,  except  with  a  valid  court 
order.16
 
 
Status: Pending ratification & in further development
+Intermediary Liability Limitations
The  original  idea  for  limited  liability  for  telecommunications  intermediaries  comes  from  the 
development of the Communications Decency Act in the United States around 1996. Since 
then, the European Union has adopted the e-Commerce Directive, which implements similar 
limitations.  The  directive  is  implemented  in  Iceland  as  the  electronic  commerce  and  other 
electronic services act (30/2002), and has equivalent measures.
 
Immediately  on  exploring  the  intermediary  liability  limitations  (ILLs)  in  the  Icelandic  law,  a 
striking flaw presents itself in the form of “general court orders”. This phrasing is very vague 
and  more  importantly  lends  itself  to  being  understood  that  district  sheriffs,  who  in  Iceland 
have  injunctive  powers,  can  issue  takedown  orders.  IMMI  has  an  interest  in  tightening  this 
language, and intends to make proposals to do so in the coming months.
 
More importantly though, ILLs have been under attack globally in recent years. A great many 
changes  in  strategies  relating  to  intellectual  monopoly  enforcement,  protection  of  official 
secrets and political attempts at opening doors for corruption have revolved around eroding 
ILLs.  In  order  to  counteract  this  trend,  IMMI  has  partnered  with  several  organizations  to 
explore what can be done to define a legal and technical defense of both Internet endpoints 
and  intermediaries  that  can  better  withstand  political  attempts  at  erosion.  This  work  is  in 
early stages, but some results are scheduled for July 2012.
 
Status: In development
+16 http://www.stjornlagarad.is/english/ Articile 11
+27
+
+Libel Tourism Protection
Libel tourism is the act of a company or individual choosing to pursue lawsuits against 
individuals or companies in a country with a low threshold for libel lawsuits. Legal extortion 
schemes have been perpetuated with companies being tried in countries such as England 
and Wales even if the defendant resides elsewhere in the world. This is a form of forum 
shopping. Implementing laws that prevent or diminish the effects of libel tourism in Iceland 
will protect Icelandic citizens and residents from this kind of forum shopping. It’s fairly 
important that people can predict with some certainty where, if anywhere, they will be 
taken to court. This also applies to companies, who base a lot of their operational security 
on knowing the legal environment. In this way, ending libel tourism will encourage foreign 
investment and provide financial security for companies operating here already.
 
For now, Iceland has a mechanism. As a signatory of the Lugano treaty, Icelandic courts 
can decide not to uphold foreign court verdicts which go against the rule of law in Iceland. 
This means that a libel verdict from a foreign country can be challenged in an Icelandic court 
on the basis of article 34 of the Lugano treaty if it comes from a country with a substantially 
different burden of proof for libel than Iceland does. This has not been tested, but is currently 
our best bet.
 
In the meantime, British libel reform efforts are going well, and coupled with a well written 
libel law in Iceland, may be sufficient to put an end to libel tourism - at least in Iceland. When 
that is finished, the bigger issue of International Forum Shopping remains.
 
Status: Complete / Untested solution
+Libel Reform and Publishing Liability Limitations
The media law from 2011 introduced new rules regarding media liability. However, since its 
adoption,  a  number  of  court  cases  have  been  heard  in  Reykjavík  which  cast  a  shadow  on 
the reform and point at a deeper structural fault in the current libel regime.
 
Although  media  liability  is  defined  in  the  print  law  and  superseded  by  the  media  law,  the 
terms  of  libel  itself  are  defined  in  chapter  XXV  of  the  criminal  act,  which  treats  violations 
of  privacy  and  libel  as  equal  criminal  offenses.  Under  the  criminal  act,  it  is  illegal  to  make 
truthful  accusations,  to  offend  somebody  publicly  or  privately,  or  to  make  unfavorable 
comments  about  deceased  persons.  As  these  are  criminal  offenses,  they  have  assigned 
imprisonment penalties from 1 to 4 years, as well as fines, although imprisonment is rarely 
used in practice.
 
The  global  trend  in  libel  law  is  to  move  it  away  from  criminal  sanctions  and  into  tort  law, 
making it a civil offense, punishable only by fines. Alongside this, the scope of libel is to be 
narrowed,  making  the  truth  a  valid  defense  and  ensuring  that  people  cannot  be  brought  to 
charge for making value judgements against another’s character. It should be legal to call a 
person a jerk, although it is questionable whether you can call somebody a murderous jerk 
without backing it up with evidence.
 
IMMI  has  completed  the  basic  research  needed  to  implement  these  changes  and  drafted 
a  bill  which  aim  to  alleviate  at  least  most  of  the  existing  concerns.  Due  to  parliamentary 
scheduling rules, it cannot be introduced until the autumn of 2012.
 
Status: Pending
+28
+
+Whistleblower Protection
A whistleblower is a person that tries to disclose or report information on situations affecting 
the  public  that  may  evidence  of  criminal  activity.  Protection  for  individuals  reporting 
institutionalized    corruption  is  paramount.  They  may  be  providing  relevant  information 
to  the  public  record,  such  as  data  or  testimony  about  relevant  matters  like  public  health, 
passed incidents, crime, government biases, democracy undermining practices, violations of 
constitutional rights, corruption and bribery.
 
Threats to whistleblowers come from corporate interests, governmental interests, criminal 
activities, biases inherent in legal and judicial officials and systems. Whistleblower 
protections must include a right to anonymity, physical, financial and social security.
 
As the threat models, institutional settings and personal complexities of whistleblowing vary 
widely,  this  is  perhaps  the  most  complicated  of  IMMI’s  tasks.  While  a  lot  of  development 
work  has  been  put  into  this  issue  already,  we  feel  that  the  adequate  protection  of 
whistleblowers cannot be completed without deep investigation.
 
As  one  core  issue,  the  idea  of  corporate  personhood  must  be  challenged.  Disregarding 
other arguments for doing so, it is very important that it not be decided that companies and 
other corporate vehicles have a right to privacy, as this would pit whistleblower activities up 
against  privacy  and  data  protection  law,  the  sanctity  of  which  is  of  equal  importance.  It’s  a 
fight nobody should have to fight. That said, there has been no such ruling in Iceland and it 
is not foreseeable that that will change; it’s merely one issue of many that must be monitored 
and pro-actively taken action on.17
 
Status: In development
+Prior Restraint Limitations
Prior  restraint  is  banned  under  article  73  of  the  Icelandic  constitution.  A  slightly  stronger 
implementation  of  prior  restraint  limitations  are  introduced  in  the  new  constitution,  which  is 
pending ratification.
 
Outside of constitutional guarantees, IMMI also has an interest in protecting against abuse 
of  injunctions  by  sheriffs,  who  still  have  injunctive  authorities  as  a  holdover  from  their  now 
abolished  tribunal  role.  This  fits  in  with  the  discussion  of  Intermediary  Liability  Limitations 
stated above, and IMMI expects to be able to address these two concerns jointly.
 
Status: Pending ratification
 

+Virtual Limited Liability Companies
Icelandic corporate law is currently somewhat hostile to foreign ownership from outside the 
European Economic Area (EEA). The idea of Virtual Limited Liability Companies is to allow 
for  virtually  defined  corporate  entities,  whereby  the  ownership  is  somewhat  ephemeral,  as 
long  as  the  owners  adhere  to  certain  Icelandic  transparency  requirements.  In  that  way,  a 
virtually operated commpany would have tax obligations and operational safe harbor rights 
in  Iceland  like  any  other  company,  but  gets  to  operate  virtually  in  exchange  for  some  strict 
guarantees of transparency and such.
 
+17 For more detail see:: http://immi.is/Press_Release:_IMMI_Status_Update,_April_2012 
+29
+
+This  issue  has  more  to  do  with  creating  a  pleasant  investment  environment  than  explicitly 
improving the information regime in Iceland. For that reason, it has been relegated to the set 
of the last things we aim to accomplish in this set, and is therefore on hiatus for now.
 
Status: On hiatus.
 
 
+Selected Bibliography
+●
+Orkustefna fyrir Ísland; Stýrihópur um mótun heildstæðrar orkustefnu; http://
www.nea.is/media/gagnasofn/Orkustefna-fyrir-Island.pdf
 
+●
+Iceland. What a Great Place to Put a Data Center; Verne Global / Martin Hannigan; 
http://www.uknof.org.uk/uknof12/Hanningan-Undersea.pdf

+●
+Orkuspá fyrir Ísland 2010-2050; Orkustofnun; http://www.os.is/gogn/Skyrslur/OS-
2010/OS-2010-07.pdf
 
+●
+Benchmarking Study on Iceland as a Location for Data Centre Activity; Invest in 
Iceland Agency; http://www.invest.is/resources/files/invest.is/BDC%20Report.pdf
 
+●
+Mikil arðsemi af raforkusölu til stóriðju; Vísir; http://www.visir.is/mikil-ardsemi-af-
raforkusolu-til-storidju/article/2011712209851
 
+●
+Policy Mix for Innovation in Iceland; OECD; http://www.oecd.org/dataoecd/15/62/
36648108.pdf

+30
+
+ + + + + + + + diff --git a/report/index.html b/report/index.html new file mode 100644 index 0000000..2b46671 --- /dev/null +++ b/report/index.html @@ -0,0 +1,52 @@ + + + + +Index of /report/ + + + +

Index of /report/

+
+ + + + + + + + + + + + + + + + + + + + + + + + +
NameLast ModifiedSizeType
Parent Directory/ -  Directory
1.html2012-Jul-30 11:08:0994.1Ktext/html
2.html~2012-Jul-30 11:09:1491.5Kapplication/octet-stream
Greens-IslandsofResilience-1.orig.png2012-Jul-30 10:52:25407.4Kimage/png
Greens-IslandsofResilience-1.png2012-Jul-30 11:18:53220.3Kimage/png
Greens-IslandsofResilience-10.png2012-Jul-30 10:52:32307.0Kimage/png
Greens-IslandsofResilience-14.png2012-Jul-30 10:52:33262.3Kimage/png
Greens-IslandsofResilience-16.png2012-Jul-30 10:52:36735.5Kimage/png
Greens-IslandsofResilience-17.png2012-Jul-30 10:52:37247.6Kimage/png
Greens-IslandsofResilience-2.png2012-Jul-30 10:52:26103.8Kimage/png
Greens-IslandsofResilience-23.png2012-Jul-30 10:52:387.2Kimage/png
Greens-IslandsofResilience-3.png2012-Jul-30 10:52:2815.0Kimage/png
Greens-IslandsofResilience-9.png2012-Jul-30 10:52:30115.4Kimage/png
Greens-IslandsofResilience.html2012-Jul-30 10:59:230.5Ktext/html
Greens-IslandsofResilience.html~2012-Jul-30 10:52:020.5Kapplication/octet-stream
Greens-IslandsofResilience.pdf2012-Jul-30 10:48:343.0Mapplication/pdf
Greens-IslandsofResilience.txt2012-Jul-30 10:54:3264.1Ktext/plain
Greens-IslandsofResilience_ind.html2012-Jul-30 10:52:382.4Ktext/html
Greens-IslandsofResiliences.html2012-Jul-30 11:38:5991.1Ktext/html
Greens-IslandsofResiliences.html~2012-Jul-30 11:09:4491.0Kapplication/octet-stream
+
+
lighttpd/1.4.28
+ + -- cgit v1.2.3