Embedding Human Rights in Internet Governance

In Resolution 56/183 (2001), the UN General Assembly welcomed the creation of an inter-governmental World Summit on the Information Society (‘WSIS’) to address the digital revolution and the increasing digital divide between the global North and South. During the Summit’s two phases (Geneva, 2003 and Tunis, 2005) a common desire and commitment to build a people-centred, inclusive and development-orientated Information Societyemerged. A key objective was therefore to harness the power of information and communications technology (ICT) to secure the realisation of the Millennium Development Goals (MDGs).

A decade on, and against the backdrop of the recent transition from the MDGs to the Sustainable Development Goals (SDGs), a review of the implementation of the WSIS outcomes is underway. Delegations met last week for the Second Preparatory Meeting of the UN General Assembly’s Overall Review of the Implementation of the Outcomes of the WSIS (‘WSIS+10 Review’). The aim of this meeting was to engage member States and other stakeholders to reach a consensus on critical issues, such as the goals of Internet governance, the relationship between WSIS and development and how to address human rights related to ICT. Oral statements and written submissions served as the basis for developing the current Zero Draft into a Second Draft. The WSIS+10 Review will culminate in a High-Level Meeting on 15-16 December, at which an Outcome Document will be adopted.

Treatment of human rights in the Zero Draft is inadequate. A sub-section on human rights is included within Internet governance and there are other brief references scattered throughout the Draft. However, human rights are not presented as a foundational principle of Internet governance, but are rather narrowly confined to issues of freedom of expression and the right to privacy. In this post and in our response to the Zero Draft as part of an ESRC Funded Large Grant on Human Rights and Information Technology in an Era of Big Data, we argue ]for a more systematic approach to human rights in this process, in order to reflect the full scope of the human rights issues raised by the use of ICT and big data.

Opportunities and Challenges Presented by the Use of ICT and Big Data

Technology has the potential to produce an impact on all aspects of society. The use of ICT is becoming essential to the conduct of government operations, to business, and to individuals’ day-to-day lives. ICT and human rights have become inextricably intertwined, and this is set to continue in line with progress towards the Information Society. This interconnectivity means that ICT has concrete human rights implications, which can be both positive and negative. Significantly, however, the full extent of ICT’s human rights implications are not yet known.

The transformative potential of ICT and big data for the protection and promotion of human rights is becoming increasingly apparent. For example, digital platforms have facilitated local and global dialogue between human rights defenders, minorities and other democratic voices, giving rise to the phrase ‘liberation technology’. Analytics and the use of big data can assist in the identification of otherwise invisible forms of vulnerability and discrimination. This information can be utilised to target interventions and to facilitate efficient resource allocation and can therefore be employed to facilitate the achievement of the SDGs. For example, in relation to ‘good health and well-being’ (Goal 3), the adoption of e-health and m-health (where health services are delivered electronically or via mobile devices) can lead to cost-effective access to health care. Equally, the analysis of data drawn from a significant number of electronic health records (big data-based analytics) can be used to identify appropriate treatments and facilitate early intervention, reducing future health care costs. Technological assistance in the identification of vulnerability and discrimination also facilitates ‘reduced inequalities’ (Goal 10), and can assist in tackling the ‘digital divide’.

However, the inappropriate use of ICT and big data has the potential to interfere with the enjoyment of human rights and thereby undermine the opportunities for realising human rights and attaining the SDGs. There are three main areas in which ICT and big data can enable violations of human rights if adequate safeguards do not exist.

First, as already acknowledged in the Zero Draft (para. 43), the collection, storage, sharing, and re-purposing of personal data may infringe the right to privacy; re-purposing of data involves the use of data for a purpose different to that for which it was initially collected, potentially without the user’s consent or knowledge. Second, issues of consent and re-purposing arise when data is used for a purpose for which the individual that disclosed it did not originally consent. These two forms of infringement of rights can arise in the context of state surveillance or near ubiquitous non-state ‘soft surveillance’, whereby monitoring of social media, consumer activity and smartphone location occurs on a routine, daily basis. Third, decisions made on the basis of data analysis can have significant human rights implications. For example, predictive analytics may be utilised to identify ‘high risk’ and therefore high cost individuals, affecting their access to health care or the affordability of health insurance, while decisions made on the basis of data analysis may equally affect individuals’ access to employment or credit. This may result in direct discrimination. Discrimination may also be indirect. For instance, predictive analytics may be used to determine the suitability of an individual for a particular health care intervention. However, an ostensibly neutral algorithm may disproportionately affect individuals from a particular socio-economic background, thereby further disadvantaging the disadvantaged.

These examples illustrate how the use of ICT and big data may result in a wide range of human rights violations beyond privacy, which is often how negative human rights implications of ICT and big data are narrowly framed. Potentially affected human rights include the rights to freedom of expression, to liberty, to health, to work, to the highest attainable standard of living, and to equality and non-discrimination.

Foundational Principles of Internet Governance

ICT and big data can therefore be seen as both potentially transformative and a serious threat to the enjoyment of human rights. This tension requires that the opportunities and challenges are not considered in isolation. For example, an individual could gain access to the Internet to seek medical advice with consent to their data being used for this purpose. This contributes to reducing the digital divide and highlights the Internet’s transformative potential. However, this data may then be re-purposed without the individual’s knowledge, invalidating their original consent and posing a real risk to the enjoyment of a range of rights. This is why we argue that a holistic approach to Internet governance that overcomes the digital divide through greater, informed, and consensual participation, while simultaneously protecting against risk, is required. By Internet governance, we refer to both the regulation of the evolution of technology and the collection, storage, sharing, use and re-purposing of data, as per the working definition set out in the Tunis Agenda (para. 34) and reaffirmed in the Zero Draft (para. 32). In our view, Internet governance has to integrate international human rights law and take a human rights based approach.

At the time of Tunis, the three pillars of the Information Society – ‘people-centred, inclusive and development-orientated’ – did not obviously encompass human rights. However, the concept of inclusive and people-centred development is today articulated by the UN to include a clear human rights commitment, often expressed as a human rights based approach to development. For example, the importance and relevance of human rights for development is recognised in the 2030 Agenda for Sustainable Development, grounding itself in, inter alia, the Universal Declaration of Human Rights and international human rights treaties, and emphasising the responsibilities of States to ‘respect, protect and promote human rights’ (paras. 10, 19). The connection with the SDGs is seen as central to the WSIS+10 process and to Internet governance more generally. It is therefore critical that the language of a people-centred, inclusive and development-orientated approach explicitly recognises the connection with human rights.

While the precise meaning of ‘human rights based approach’ is debated, in our view it should mean applying human rights norms and principles, with specific reference to international human rights standards, to policy and programmes. A human rights based approach should ensure:

• Equality and non-discrimination;
• True participation and inclusion;
• Indivisibility and interdependence of all human rights, and;
• The tripartite obligation to respect, protect and fulfil human rights.

In our submission to the WSIS+10 Review, we therefore recommended that the participating states consider explicitly including human rights as a foundational principle and key goal of Internet governance in order to highlight the links between development, ICT, big data, and human rights. In our view, the development and utilisation of ICT and big data should be guided and regulated by international human rights law in order to facilitate the realisation of human rights, while avoiding negative human rights consequences, whether intentional or unintentional. Internet governance should be framed around fundamental human rights principles, in particular transparency, openness, inclusivity, non-discrimination and equality, and should incorporate the right to an effective remedy. We therefore consider it critical that the Zero Draft move beyond narrow and fragmented approaches to human rights and integrate them holistically within the governance of the Internet.