Utilizing the UN Human Rights Mechanisms for the Advancement of Digital Rights, by Sarah McKune

Blog #6 Utilizing the UN Human Rights Mechanisms for the Advancement of Digital Rights, by Sarah McKune


In the sixth installment of the FOC Working Group 1 (WG1) blog series, guest author Sarah McKune from Citizen Lab explores the link between cybersecurity and UN human rights mechanisms, and in particular the role of the UN Special Rapporteur on freedom of opinion and expression (FOE). The piece is complemented by an interview with David Kaye, UN Special Rapporteur on FOE, featuring his reflections on the topic.

The FOC WG 1 blog series aims to explore in depth the existence, relevance, and status of various spaces where cyber security issues are being discussed and share this information with a broader community. To read previous blog posts in this series, follow this link.


It is generally understood that the United Nations (UN) is central to cybersecurity debates and the development of related international norms. Less appreciated, however, is the fact that within the UN are housed a number of distinct mechanisms that engage the issue. A previous entry in this blog series, Tim Maurer’s “Cybersecurity and the United Nations,” explored the efforts of the UN General Assembly to elaborate cyber norms. This post assesses the relevance of the UN human rights mechanisms to international cybersecurity and digital rights, in particular, the role of the UN Special Rapporteur on freedom of opinion and expression (FOE). To this end, the first section of this blog introduces the existing mechanisms. The second section highlights the work of the current UN Special Rapporteur on FOE, David Kaye, based on an interview with Kaye that took place on April 24, 2015.

UN HUMAN RIGHTS MECHANISMS

The UN human rights mechanisms are important fora for exploration of the critical ties between human rights and cybersecurity. They offer the advantage of applying, first and foremost, a human rights framework to assessment of cybersecurity questions. They are also a key source of the international legal principles that must guide the cybersecurity debate, and practical application of human rights law to specific problems implicating cybersecurity. The UN human rights mechanisms include:

  • Human Rights Council (HRC) – Council membership is made up of 47 states elected by the General Assembly. The Council includes as members states with problematic records on human rights, and has been criticized as state captured. However, it plays a key role in overseeing the mandates of the special procedures (see below) and engaging in the Universal Periodic Review of the human rights records of all UN member states. Civil society can provide input to the UPR process with respect to states coming up for review, including input regarding state records on digital rights.
  • Human rights treaty bodies – These are committees of independent experts that monitor states’ implementation of the human rights treaties they have ratified. Civil society may provide input to the treaty bodies for consideration during state reviews. The treaty bodies may also issue General Comments that interpret certain provisions of the human rights treaties, on which civil society may rely for guidance in applying international human rights law to particular problems. The Human Rights Committee has been of particular relevance to digital rights, as it monitors implementation of the International Covenant on Civil and Political Rights (which covers the right to privacy and freedom of opinion and expression).
  • Special procedures – These are mandates established by the HRC (or its predecessor, the Commission on Human Rights) to report and advise on specific thematic or country issues. The independent experts that assume these mandates engage in thematic and regular reporting and country visits, and receive and act on individual complaints. Per resolutions establishing the mandates, the responsibilities of special procedures generally include not only communication and outreach with governments, but also with civil society. Digital rights and issues such as mass surveillance have featured heavily in the work of the Special Rapporteurs on FOE and counter-terrorism, and in March 2015, the HRC created a new mandate on the right to privacy that will focus on these matters.

DIGITAL RIGHTS IN THE MANDATE OF THE UN SPECIAL RAPPORTEUR ON FOE

With respect to human rights in the digital space, the special procedures have generated much forward-thinking and groundbreaking analysis. The FOE mandate in particular has participated significantly in the debate, given the crucial role of the Internet in exercise of freedom of expression. I recently spoke with the Special Rapporteur on FOE, David Kaye – who was appointed as mandate holder in August 2014 – about his work on digital rights. Kaye’s insights are shared below.

Digital issues

Many of the core substantive areas of the FOE mandate are “traditionally thought of in offline terms,” for example, the protection of expression of vulnerable groups including ethnic minorities and LGBTI communities. In Kaye’s view, however, “so much of our expression is now online . . . [that] five years from now we’ll look back at this [distinction between offline and online] and think of it as somewhat quaint. . . . When so much is moving from offline to the online virtual space, it’s just kind of a background premise.”

The work of the prior mandate holder, Frank La Rue, set the stage for in-depth treatment by the special procedures of freedom of expression in digital mediums. Kaye describes La Rue’s work as “foundational,” particularly his 2011 report on the Internet and his 2013 report on surveillance. Kaye has picked up the mandate where La Rue left off with a strong emphasis on digital issues, choosing to assess the state of encryption and anonymity in digital communications in his first report to the Human Rights Council. The report will consider, in Kaye’s words, the “kind of security that individuals need online to exercise their right to freedom of opinion and expression.” He stresses that “Individual security online is something we will need to continue to focus on. We will continue to look at ways to advance the principles [highlighted] in that report over the next few years.”

The link between human rights and cybersecurity

Kaye views cybersecurity as involving “both hard security, like [securing] infrastructure, as well as human rights.” He positively assesses the FOC Working Group 1 definition of cybersecurity “because it emphasizes cybersecurity is about individual security online, and forces you to conclude that freedom of expression should be on the same level as infrastructure security, financial security . . . . Individual security is what allows individuals to exercise FOE. To the extent they think they are being surveilled or will suffer repercussions for what they say or believe, they will be less likely to express themselves, [there will be] chilling effects. That perspective needs to be integrated into cybersecurity, not just dominated by counter-terrorism or law enforcement [considerations].”

In Kaye’s opinion, the lack of consistent integration between the two concepts may be due in part to the fact that, within the UN, the security and human rights “communities don’t really talk to one another. Part of that might be that the focus of the human rights community and mechanisms is in Geneva, and the security side tends to be focused in New York. It would be useful to think about bringing the communities – infrastructure, counter-terrorism, law enforcement, human rights – together more regularly, maybe even in a [specific] forum for this [purpose].” Kaye highlighted international humanitarian law as an area in which such interaction takes place to positive effect.

Challenges for FOE in the digital space

Three matters stood out to Kaye as presenting vexing concerns for FOE and digital rights, as well as for human rights more broadly:

  • Internet sovereignty and its implications for Internet governance

Kaye sees “finding common ground on issues of human rights law and questions of Internet sovereignty” as a major challenge for digital rights today. A significant gap exists between the two ends of the spectrum represented by state notions of ‘Internet freedom’ and ‘Internet sovereignty’: “It’s hard to see how to find middle ground at a broad level. I’d like to be wrong. [But] there is no substitute for trying to engage with countries that have real concerns about the free flow of information.” Kaye is hopeful that, on specific issues such as corporate social responsibility or the rights of vulnerable groups, “we might be able to have conversations with governments that believe in [Internet] sovereignty that are more technical and not so politicized about these norms.”

According to Kaye, going back to the core, fundamental principles and norms of international human rights law, and moving away from politicization of digital rights, may be a crucial step in bridging ideological divides. “When you look at different countries and their treatment of journalists and dissent, we have a responsibility to continue to say ‘this is the law, these are the norms.’ Whether [states] want to frame their resistance to those norms [as ‘sovereignty’] or not, these are the norms – we can’t compromise on these principles.”

In the international community’s discussions of the future of the Internet, it remains to be seen whether it is possible to move away from state conceptualizations of FOE, toward more neutral, law-based iterations – focusing on the actual protection of individual rights rather than the messenger and its political agenda. Kaye sees the issue as a question of “enabling individuals to enjoy the rights they have under human rights law. . . . FOE applies textually to anyone regardless of frontiers. That’s language that exists in every major instrument related to FOE. It’s a right that applies across boundaries, [and] we will keep making that point in the face of efforts to restrict information across borders.”

  • The role of the private sector

While much work is underway to assist corporate actors in fulfilling their obligation to respect human rights – including efforts for implementation of the UN Guiding Principles on Business and Human Rights, the Global Network Initiative (GNI), and the Telecommunications Industry Dialogue – Kaye notes that more inquiry is necessary into how corporations apply human rights-based principles in practice, and how states deal with corporate actors generally.

Kaye also emphasized the importance of further work on intermediary liability, which concerns the liability of corporate actors for user-generated content on their sites. Rules governing intermediary liability “can directly shape what corporate actors allow on their platforms, and also the kinds of restrictions individuals feel and experience. These rules need to be crafted carefully, and we should pay attention over the near term.” Kaye noted the Manila Principles on Intermediary Liability provide a good foundation.

Kaye raises the question as well of what protections corporate actors owe their users in the context of government requests for user data. “What is the acceptable scope of those requests, what is the appropriate response of corporate actors? This is an important issue that needs to be resolved quickly . . . to develop consensus around what principles apply.”

  • Capacity

An underlying challenge to the work of all the UN special procedures is simply the matter of capacity. The workload of the mandate holders is ever-increasing (encompassing the individual complaint process as well as thematic reports, country visits, and digital presence), while the OHCHR lacks the resources to comprehensively support the over 50 special procedures working on human rights issues within the UN. For Kaye in particular, “There is so much going on that is fundamentally about FOE.” At the same time, “states don’t provide [sufficient] contributions to ensure that OHCHR and the special procedures can really work. . . . There needs to be more support for mandates.”

Plans for mandate going forward

Kaye has an ambitious agenda ahead of him after delivering his encryption and anonymity report to the Human Rights Council in June. His future thematic reports will concern whistleblower protection; Internet governance; issues concerning the media, including concentration of media ownership (online and offline); and access to information in the UN system. This last issue of access to information is “typically thought of in terms of information one is entitled to from one’s government, but we rarely talk about it in terms of the UN system” – a gap Kaye plans to address.

Kaye also plans to work collaboratively with other UN special procedures on issues of cross-mandate concern. He works regularly with the Special Rapporteurs on freedom of association, human rights defenders, and freedom of religion to issue joint appeals to governments; he also hopes to work with the Special Rapporteur on extreme poverty on issues related to Internet access and its link to FOE.

Engagement with civil society

Engagement with civil society is an essential feature for Kaye in carrying out his mandate. For example, to prepare his first thematic report on encryption and anonymity, he issued a call for comments from both governments and civil society; about 15 governments responded, while over 30 civil society entities made submissions. He followed up with an experts group meeting with civil society to further explore the critical issues, including those raised in submissions. Kaye felt “the kind of response that we got was just incredibly important to the work that we did.”

Kaye also encourages the public to make use of the individual complaint process available through his mandate. “It’s important for people to get in touch with us – we try to be responsive, we can add value, and a little bit of volume to activists’ or NGOs’ voices.” Kaye cautions, however, that “if you have concerns about your security, reach out directly to me using my public key. The OHCHR website is unencrypted, and emails to the OHCHR freedex [account] are themselves not secure. So people just need to be aware of that.”

Kaye finds the efforts of the civil society actors with whom he interacts a positive sign for the future. He states: “This has been an amazing mandate and experience. Particularly people in the Internet space are dynamic, totally engaged, and creative. . . . There’s a dynamism around FOE issues these days that makes it completely energizing. It’s a really committed set of communities across borders, from international NGOs to local grassroots groups.”

Kaye’s mandate on FOE stands out as a UN mechanism with which civil society actors can actively and productively engage on digital rights. The UN Special Rapporteurs on FOE and right to privacy will feature significantly in ongoing international debates regarding cybersecurity and government initiatives that impact digital rights.

Many thanks to David Kaye for taking time to discuss these issues for the FOC Working Group 1 blog series.

 


The views expressed in this blog represent the views of individual authors, and do not represent the views of the Freedom Online Coalition or its members.

If you are interested in contributing to this blog series as a guest author, please contact the FOC Support Unit at info (at) freedomonlinecoalition.com indicating which forum relevant for cybersecurity debates you are interested in writing about.