8 Dec 2016 17:30 to 19:00
Session ID: Human Rights Online
[Read more session reports and live updates from the 11th Internet Governance Forum]
The session Direct access & the next billion: policy, problems & proposals, was structured around a Question-and-Answer format, and addressed the issue of government surveillance. Participants included Mr Adnan Chaudhri (Digital Rights Foundation, Pakistan), Ms Carolina Botero (Fundación Karisma, Colombia), Mr Edin Omanovic (Privacy International), Ms Judith Lichtenberg (Global Network Initiative), Patrick Hiselius (Telia Company) and Mr Collin Anderson, an Independent Expert.
Direct access is at the intersection between government surveillance, the role of telecommunication companies and Internet users. More specifically, the issue is related to the possibility for agencies and authorities to have direct, unimpeded access to data for intelligence gathering and law enforcement purposes without an operational role for telecommunications service providers. Agencies and governments may request telecommunication companies to grant access to their networks. Under certain circumstances, operators are allowed by law to refuse. However, as outlined by the panel, after granting access, it is not possible to know which specific data was taken. As emerged during the discussion, this situation raises concerns about the Human Rights implications and undermines legal safeguards.
From a technical level, censorship appears as a difficult issue to scrutinise. The panel addressed this and outlined the differences between censorship and direct access. Specifically, censorship is normally the denial of information, while direct access and surveillance, are not. The latter are based in the use of equipment that was not necessarily structured to support surveillance. As such, the equipment is not based on technical measurement, therefore affecting the capability to identify and confirm the surveillance.
The panel addressed a few international cases of direct access, focusing on Mexico, Colombia and Pakistan. On each of those, the regulatory framework was described as lacking precision on what kind of collaboration a company has to give authorities when requested. Furthermore, the absence of transparency reports in Colombia, creates difficulties for civil society organisations to monitor the situation. Pakistan presents certain differences as in the possibility to use encryption as a mechanism against direct access. There, encryption is legal pending application to the Pakistan Telecommunications Authority (PTA). Additionally, from a regulatory perspective, the electronic crimes act passed in August and as described by Mr Chaudhri, it allows monitoring traffic.
The role of civil society was addressed during the session. In this area, the Global Network Initiative has advocated for more transparency from governments, also working closely with other organisations. As described, direct access poses additional difficulties for telecommunication companies that on one side, are obliged to respect human rights, while on the other, also have to comply with national laws. Companies are no longer in control of what is happening in their networks; therefore they are no longer in a position to be accountable in front of users. On the other side and from a user's perspective, Telecoms competition is based on customers' trust.
While considering future solutions, several issues emerged. The first related to transparency. Stakeholders need to urge operators to publish transparency reports. Companies that do not publish transparency reports should be requested to. Secondly, it appears necessary to provide context, gather information of the laws available and map up the situation across different countries. Finally, connecting the next billion also requires a suitable, safe and secure online environment.
by Alessia Zucchetti, Internet Society Uruguay