The 3-Line Summary
- The fifth CRO-IGF met on 13 December 2019 at FER in Zagreb with 70 participants, debating 5G network security and the strategic, legal, ethical and linguistic dimensions of artificial intelligence.
- The 5G panel seated Ericsson and Huawei security officers side by side to discuss the EU's coordinated risk assessment and the forthcoming security 'Toolbox', while the AI panel argued for investing in language technologies to carry Croatian into the AI era.
- Its conclusions — absolute security is an illusion, and AI in autonomous weapons needs urgent regulation — capture Europe's late-2019 mood. The pandemic then interrupted the series; the next edition came only in 2023.
Welcome — this is the Japan IGF Support Organization. This in-depth report on CRO-IGF 2019 (Croatian Internet Governance Forum) draws on official outputs, session records and on-site reporting. In a hurry? The three lines above and the diagrams carry the gist.
Conference at a Glance (from official records)
| Item | Detail |
|---|---|
| Official name | CRO-IGF 2019 (Croatian Internet Governance Forum) |
| Edition | 5th edition |
| Dates | 13 December 2019 |
| Venue | Faculty of Electrical Engineering and Computing (FER), University of Zagreb, Zagreb |
| Theme | Regional governance themes |
| Participants | 70 |
| Host | The CRO-IGF Organising Committee (chair: Nataša Glavor of CARNET), with the opening address by HAKOM Council President Tonko Obuljen |
(See the source list at the end of this article.)
Discussion Digest — from the Session Records
Key exchanges extracted from session records and transcripts.
1. 5G Security — Ericsson and Huawei at One Table, Europe's Risk Debate in Miniature
Sessions: Panel 'Security of 5G Networks' (moderated by Tamara Tafra, cyber diplomatic advisor at Croatia's EU Permanent Representation; with the Central State Office for the Development of the Digital Society, FER, Ericsson Nikola Tesla, Huawei and HAKOM)
- The EU-wide coordinated risk assessment and the security 'Toolbox' due in early 2020 — including certification of vendors and networks — framed the debate, with panellists candid about the structural risk: vendors enjoy privileged access to network cores, and equipment stays in place for 10–15 years [1][2][3]
- Huawei's representative described one-time access passwords issued only on the operator's justified request, while others argued that depositing source code would not increase security: trust cannot be tested, leaving standards (3GPP), security by design and disciplined operations as the only path [1][2][3]
- For Croatia, about to hold the EU Council presidency in the first half of 2020, 5G security was also a diplomatic file; domestically, spectrum assignment after the TV transition and legal obstacles to fibre deployment were named as preconditions for rollout [1][2][3]
2. AI Strategy, Regulation and Language — Will Croatian Survive the AI Era?
Sessions: Panel 'Strategic, Legislative, Ethical and Linguistic Aspects of Artificial Intelligence' (moderated by Tanja Ivančić of Večernji list; with the State Secretary of the Ministry of the Economy, PWN Zagreb, and the Faculties of Law, Philosophy and FER)
- The government reported that Croatia's national AI strategy was being drafted for completion by end-2019, while the EU's AI ethics guidelines drew sharp criticism: most of the 52-member high-level expert group came from the IT industry, with civil society and academia barely present — 'the agenda is imposed on us by the industry itself and that is not good' [1][2]
- Some argued the time for ethics-only talk was over and regulation should now come, starting with autonomous vehicles and autonomous weapons; others countered that over-regulation scares off investors [1][2]
- Croatian being the EU's 24th official language became a rallying point: with 50% of customers buying only in their own language, panellists urged that language technologies be written into the national AI strategy — fittingly, FER had just opened its Centre for Artificial Intelligence [1][2]
3. 'Absolute Security Does Not Exist' — Dividing the Burden Between Regulators, Vendors and Users
Sessions: Conclusions across both panels (as recorded in the official final report)
- Two threads ran through both panels: absolute security is an illusion because people build and run the systems, and the heaviest responsibility for 5G security falls on states and regulators, with individual users able to do little [1][2][3][4]
- Distinctively, the forum's written conclusions called for urgent regulation of AI uses that directly threaten human rights, naming autonomous weapons [1][2][3][4]
- Civil society remained under-represented among the 70 participants, but HAKOM — which had stepped back in 2017 — returned in the person of Council President Obuljen for the opening address, and RIPE NCC funding supported what proved to be the last edition before the pandemic pause [1][2][3][4]
Three-Minute Short Talk — Your Questions Answered
Q. What did this meeting decide?
A. Nothing binding — but weeks before the EU published its 5G security Toolbox, it put the regulator, Ericsson, Huawei, academia and government on one stage to talk risks and mitigations, a rare line-up at the time.
Q. What was the most contentious topic?
A. How far 5G vendors can be trusted. Panellists noted vendors hold privileged access to network cores for a decade or more; Huawei described its one-time-password controls; and the sober conclusion was that trust cannot be tested — only standards and security by design help.
Q. Why should I care?
A. The 5G vendor-trust question shaped procurement policy across the world, and the plea to invest in language technology so smaller languages survive the AI era applies to every language community.
What Is Croatia IGF? (for first-time readers)
Croatia IGF is a National or Regional IGF Initiative (NRI), aligning local internet governance discussion with global IGF principles.
Why It Matters to You
What was discussed here becomes the baseline for national digital policy, platform rules and AI regulation worldwide within a few years. The principles confirmed at the 2019 meeting are the foundation of the "next rules" for the phones, social platforms and AI services you use every day.
Sources & References
- Croatian IGF 2019 – Final report (PDF) — CRO-IGF組織委員会(CARNET公式サイト掲載) (accessed 2026-07-11)
- Održan 5. Hrvatski forum o upravljanju internetom (CRO-IGF)(第5回開催報告) — CARNET (accessed 2026-07-11)
- Održan 5. Hrvatski forum o upravljanju internetom(第5回開催報告) — HAKOM(クロアチア・ネットワーク産業規制庁) (accessed 2026-07-11)
- IGF Croatia — DiploFoundation (accessed 2026-07-11)
- Prijavite teme za peti Hrvatski forum o upravljanju internetom (CRO-IGF)(議題公募の告知) — CARNET (accessed 2026-07-11)
- Forum o upravljanju internetom (CRO-IGF)(公式プロジェクトページ・歴代最終報告書一覧) — CARNET (accessed 2026-07-11)
Quotes are translated or condensed from the records listed above. Bracketed numbers [n] refer to the source list.
Related links
- IGF official (NRI list): https://www.intgovforum.org/en/content/national-and-regional-igf-initiatives
- Japan IGF: https://japanigf.jp/
- Yuki Nakazawa's blog: https://nkzw.jp/category/igf/
Revision History
Rev. 1 — published 2 June 2019, 15:00 (Article published)
Rev. 2 — updated 17 July 2026, 12:32 (Fully revised into the in-depth edition: added the 3-line summary, minutes digest, short talk, source list and diagrams (all quotes verified against the listed sources))
— 中澤祐樹

