Human rights in the context of cybersecurity
Human Rights Council – 43rd Regular Session
24 Feb 2020 09:00h - 20 Mar 2020 19:00h
26 Feb 2020 01:00h
On the margins of the 43rd session of the Human Rights Council (HRC) and the United Nations Group of Governmental Experts (UN GGE) in Geneva, Ghana, the Netherlands, and Estonia organised a side event entitled ‘Human Rights in the context of cybersecurity’. The discussion was moderated by Ms Carmen Gonsalves, Head of International Cyber Policy Department of the Netherlands.
The discussion was opened by Mr Grant Ntrakwa, Minister and Deputy Permanent Representative of the Permanent Mission of the Republic of Ghana to the UN Office in Geneva, who spoke on behalf of the Freedom Online Coalition (FOC). Mr Ntakwa noted that we are at the height of the digital age, where basic fundamental rights such as healthcare and education are increasingly facilitated through the use of the Internet. Accordingly, the Internet is not a convenience, but a right that has yet to be fully implemented. To that end, the FOC strives to promote Internet freedom and provide support to individuals whose rights online are in danger.
On the issue of cybersecurity, Mr Ntakwa noted that human rights are often omitted from the discussion. In order to facilitate a human rights approach to cybersecurity, Mr Ntakwa pointed out that cybersecurity laws and policies should be developed according to human rights frameworks, and that actors from across different sectors should come together to promote the free and safe use of the Internet.
Ms Bahia Tahzib-Lie, Human Rights Ambassador of the Netherlands, also touched upon the connected, interrelated, and reinforcing nature of human rights and cyberspace. She noted that the HRC needs to be better informed about cyber discussions and that the GGE needs to be more aware of policies centered around human rights. Ms Tahzib-Lie noted that Internet freedom is one of the top human rights priorities of the Dutch government, especially at a time when more and more countries are restricting its use and violating privacy in the digital context. In that light, it is essential that governments, the private sector, and civil society promote, defend, and uphold human rights in the digital environment.
Ms Nani Jansen Reventlow, Digital Freedom Fund, provided an overview of a statement published by the FCO on the ‘Human Rights Impact of Cybersecurity Laws, Practices, and Policies’. She noted that the statement provides a clear picture of the relationship between cyber and human rights, and as such provides a solid baseline for a number of principles that apply to cyberspace. That said, Ms Reventlow noted that there is room for improvement and that the statement could be developed further given that it focuses on mostly traditional human rights such as privacy and freedom of expression and assembly. She suggested incorporating an intersectional approach that takes into consideration other less traditional rights; namely, freedom of movement and self-determination.
Moreover, future statements should try to define a clearer role for private tech companies, primarily because digital security is in the hands of corporations and therefore governments need to ensure that companies are protecting the online safety of individuals.
Mr Michel Forst, UN Special Rapporteur on the situation of human rights defenders, noted that cybersecurity goes beyond online security given that it also has an impact on the offline world, citing examples of online harassment that had offline implications.
Similarly, Mr Frost referred to network shutdowns in Iran, India, and Bangladesh that not only restrict access to information, but also hinder the right to assembly and freedom of expression. Online surveillance on the basis of which human rights defenders are attacked is equally problematic, but few efforts have been made to alter these practices. Mr Frost stressed that the pretext of national security is increasingly being used to silence online protests and social mobilisation, and also to target journalists and human rights defenders.
Ms Heli Tiirma-Klaar, Cyber Ambassador at Large for Estonia, touched upon the question of the applicability of legal frameworks in cyberspace. Ms Tiirma-Klaar underscored that the Netherlands and Estonia are of the view that existing international laws apply to cyberspace. However, she pointed out that there are others that discount this and call for new legal instruments at the global level specifically for cybersecurity. Ms Tiirma-Klaar described how new legal instruments could have negative consequences for human rights and freedom online, which could in turn further deteriorate their position given that they are already under pressure due to increasing surveillance.
She noted that at the European level there are already principles on human rights and cybersecurity capacity building and stressed the need to take this action further. In her concluding remarks, Ms Tiirma-Klaar observed that the cyber and human rights communities do not meet very often in terms of diplomatic activity, and highlighted the need to look for ways in which these two communities can work together more frequently.
Speaking from the perspective of the private sector, Ms Kaja Ciglic, Senior Director for Digital Diplomacy at Microsoft, underscored that the private sector has a somewhat different perspective in terms of human rights in the context of cyberspace as they believe technology is central. In their view, technology needs to uphold human rights and be as secure as possible so that people would use it.
To that end, Microsoft has been investing in the secure development of its products and services, but also strives to ensure that their partners uphold similar standards, which in turn allows them to drive good security practices across the community. Ms Ciglic, also highlighted some of the other efforts that Microsoft undertakes with regard to human rights such as the Cybersecurity Tech Accord, which shows a clear indication of the importance for the tech industry to put forward and uphold stronger cybersecurity norms.
At a more practical level, Microsoft has a team that looks at human rights and covenants to ensure that they identify the right ones to support and eventually live up to them, and a more specific team responsible for the interplay between ethics and artificial intelligence.