Cybersecurity and UN human rights mechanisms

In a blog post for the Freedom Online Coalition Working Group on “An Internet Free and Secure” (WG1), Citizen Lab Senior Legal Researcher Sarah McKune explores the link between cybersecurity and the United Nations’ human rights mechanisms. The blog series of WG1 seeks to explore various non-conventional spaces in which cybersecurity issues are discussed. Citizen Lab Director Ron Deibert is the co-chair of the Working Group.

McKune opens her piece by pointing out that the United Nations (UN) has a number of distinct mechanisms that potentially engage cybersecurity issues. The most prominent of which are the Human Rights Council (HRC), Office of the High Commissioner for Human Rights (OHCHR), human rights treaty bodies, and Special Procedures.

The Human Rights Council has 47 member states elected by the General Assembly, and it plays an important role in engaging in the Universal Periodic Review, which is an assessment of all member states’ human rights records. The OHCHR is the foremost UN office concerned with human rights initiatives. Notably, the OHCHR published a report in 2014 called “the right to privacy in the digital age.” OHCHR also supports the work of its treaty bodies, which consist of committees of independent experts that monitor state implementation of the human rights guidelines they have adopted. Special Procedures involve thematic or country specific issues, and are given a mandate by the Commission on Human Rights.

McKune interviewed UN Special Rapporteur on freedom of opinion and expression (FOE) David Kaye, who was appointed in August 2014. Regarding digital rights, Kaye began by explaining that his mandate cannot be understood as having two distinct parts, namely online and offline expression. He said: “so much of our expression is now online . . . [that] five years from now we’ll look back at this [distinction between offline and online] and think of it as somewhat quaint. . . . When so much is moving from offline to the online virtual space, it’s just kind of a background premise.”

Kaye highlighted three broad challenges to harmonizing human rights and cybersecurity work. The first issue he said, is finding common ground issues between them, and Kaye told McKune that he sees a gap between notions such as “Internet freedom” and Internet “sovereignty.” In other words, states often contend that their resistance to human rights norms are a matter of national sovereignty. He added that despite this, the UN cannot compromise on human rights standards, and must uphold them regardless of the appeal to sovereignty.

A second issue Kaye points out is ensuring that corporate actors act in accordance with human rights obligations. He told McKune that further inquiry is needed to determine how they apply these principles in practice. He also emphasized that further work was needed on the liability of corporations for user-generated content on their websites, such as posts on forums, in order to create effective restrictions. Kaye said: “What is the acceptable scope of those requests, what is the appropriate response of corporate actors? This is an important issue that needs to be resolved quickly . . . to develop consensus around what principles apply.”

Finally, Kaye told McKune that the workload of mandate holders seems always to be increasing, while state contributions do not seem adequate to sustain them.

Kaye plans to release a number of thematic reports concerning whistleblower protection, Internet governance, issues concerning the media, including concentration of media ownership (online and offline), and access to information in the UN system. He will also look to engage civil society, as well as working with other UN departments for cross-mandate issues. Examples include collaboration with the Special Rapporteur on extreme poverty for its links to FOE. McKune concludes that “The UN Special Rapporteurs on FOE and right to privacy will feature significantly in ongoing international debates regarding cybersecurity and government initiatives that impact digital rights.”

Read the full post.