Between a rock and a hard place? Identifying encryption policies that are human rights respecting

Event report

[Read more session reports and live updates from the 12th Internet Governance Forum]

The session, moderated by Ms Sheetal Kumar, Programme Leader at Global Partners Digital, featured discussions on encryption policies and their compatibility with human rights. As highlighted recently by the FBI vs. Apple case, encryption policy has broad implications for security and human rights.

The first part of the session gave the opportunity to two experts to provide their perspectives on the interplay between encryption and human rights, and on how encryption policies can be in line with human rights standards.

Mr Nicolas Seidler, Senior Policy Advisor at Internet Society (ISOC), presented ISOC’s general position on encryption, and the questions that are raised by encryption policies worldwide in terms of human rights. ISOC advocates for a secure Internet, and as a result, supports that strong encryption should be the norm for all Internet traffic and data. But this technology can be used to support criminal activities, thus justifying the concerns of law enforcement agencies. In general, encryption policies have therefore two compelling objectives, securing communications and enabling law enforcement agencies to be able to circumvent protection. If in the past the debates revolved around the possibility of introducing backdoors to encryption systems, the conversations have now shifted to asking private companies to limit or implement reasonable levels of encryption. This shift reflects changes in the encryption market, with more and more devices encrypted by default and the widespread use of end-to-end encryption communication services.

Mr Gbenga Sesan, Executive Director of the Paradigm Initiative in Nigeria, then presented his views from a civil society perspective. Sesan argued that governments’ will to regulate encryption can be motivated by two reasons. First, they can have a genuine and legitimate interest in addressing criminal activities, but they may also use encryption policies in preventing dissenting voices from communicating safely. Sesan also insisted that there is a need for all levels of governments to respect the legal processes in place to deal with encryption. 

The second part of the session led to a lively discussion between the audience. All participants were asked to break out into groups and analyse a piece of legislation or policy related to encryption and provide recommendations on how to improve it. Then each group presented their analysis to the audience, which led to a lively discussion aiming at critically evaluating encryption policies against human rights standards.

By Clément Perarnaud