Time for Digital Rights
Published: November 18th, 2018
A recent report on the right to privacy in the digital age published by the United Nations High Commissioner for Human Rights warns that the exercise of human rights may be endangered if certain data-driven technological developments are not “managed with great care.”[1] The report concludes that the international human rights framework provides a basis for responding to the risks posed by the digital age for human rights, and for the right to privacy in particular. However, it adds that in order to ensure full respect and protection of the right to privacy, states must establish an appropriate legal framework and policy.[2]
The report does not claim to address all the challenges to human rights that arise in the digital age, instead concentrating solely on the right to privacy. However, its conclusion seems to epitomize the “human rights problem“ of the internet: the basic ethical framework exists, but it needs to be further developed to accommodate the needs that the digital sphere has brought to our lives and achieve the full protection of human rights in the digital arena.
The report is partly based on the UN Expert Workshop on the Right to Privacy in the Digital Age held in Geneva in February 2018 and attended by a variety of stakeholders: NGOs, governments, international organizations, and private companies.[3] Indeed, concern about the protection on human rights online is a growing priority for international and regional bodies. In a series of resolutions adopted in recent years, both the United Nations General Assembly (GA) and the Human Rights Council (HRC) have stated that the same rights people have offline must be protected online as well.[4] These resolutions include an array of online concerns that states are expected to counter, most notably: the collection and interception of data,[5] aggregation of metadata and the sale of personal data,[6] online incitement,[7] online harassment of human rights defenders,[8] deliberate disruption of dissemination of information online,[9] as well as the digital divide and digital literacy and its impact on the right to education.[10] Although neither the Assembly nor the Council’s resolutions are generally binding, they reflect growing recognition of the importance of respecting international human rights in the digital sphere and indicate the willingness of states to address the threats and challenges to human rights in the cyber-space. Furthermore, in 2015, the Human Rights Council for the first time appointed a Special Rapporteur on the right to privacy, who focuses on the application and interpretation of the right to privacy in the digital age.[11] In addition, in recent years the Special Rapporteur on the right to freedom of opinion and expression has concentrated on the application of the rights to freedom of expression in the digital age, with specific emphasis on the role of private sector.[12]
Nevertheless, many questions regarding the application of human rights online remain unresolved. As we suggest in our Digital Rights Research, these questions focus on three main aspects.
The first aspect is the interpretation and adjustment of the international human rights framework to the online sphere. Should the existing balance between conflicting interests or different human rights be modified, and if so – how? For example: how can we balance the right to erasure (the “right to be forgotten”)[13] and the right to seek, receive, and impart information, as recognized in Article 19(2) of the International Covenant on Civil and Political Rights? How should we protect the right to privacy when today, due to the development in the technological abilities of collecting and analyzing information, the scope of protection of privacy is increasingly extended to public places, publicly available information, and meta-data?[14]
The second aspect regards the evolvement of so-called digital rights. We examine to what extent the existing human rights framework is sufficient to encompass the range of protections an individual needs online. In other words, are the “same rights that people enjoy offline“ enough, or is there a need to develop derivative rights designed for the online sphere? Digital rights include, for example, the right to be forgotten, the right to online access, or the right to cyber security.
Over the past three decades, different international and regional initiatives have emerged to promote particular rights, abilities, and influences for users over their online environments and data,[15] usually framed as a “digital bill of rights.” One of the most notable initiatives that have emerged in recent years is the WSIS Declaration. This is a declaration of 67 principles for the information society collated from several international forums held under the auspice of the United Nation between the years 2003-2005. According to the Declaration, there is a need not just to allow access to information and to communicate, but also to enhance institutional and legal environment that would allow a “trust framework,” network security, and privacy protection and create a framework to reduce digital divides.[16] A total of 175 states participated in the WSIS summits.[17] Another notable initiative is the Charter of Human Rights and Principles for the Internet (2014),[18] which is a collaborative initiative of the Internet Rights & Principles Coalition and the Internet Governance Forum (IGF).[19]
Interestingly, in the latest report of the Special Rapporteur on the Right to Privacy, the Rapporteur criticized the equivalent notion of “same rights“ (as in the offline world), arguing that this approach cannot provide adequate protection for the right to privacy in the digital age.[20] In light of the unique features of the internet, it is indeed doubtful whether the offline rights can fully capture the protections individuals need online. However, it remains to be examined whether there are substantive normative grounds for identifying online activity protections as legal rights.
A more “traditional“ approach will assume that new technologies are usually considered to be means and not an end for protecting and promoting human rights. It thus perceives the internet and the way the online arena is operated merely as a component that can provide an indication of the level of compliance with the existing human rights law, but not as a stand-alone right. For example, internet shutdowns are usually conceived as a threat to freedom of expression.[21]
The third part of the research seeks to examine whether there are new legal personalities that require appropriate legal protection online. The digital age has added a digital layer to our personal identity.[22] On the one hand, as the dependency on the internet increases, the line between our “online“ and “offline“ life becomes blurred[23] and it is hard to do a separation between our digital and offline life. On the other, with time it seems that we also lose control over the digital self, and as technology progresses it becomes more independent. This issue has also been raised in connection with so-called “digital assets.”[24] Generally, internet companies refuse to grant relatives full access to deceased persons’ email or social media accounts, due to limitations included in terms of service agreements which are usually justified by the principle of privacy of the deceased. Thus, in recent years legal experts have attempted to define the digital persona and develop models and typologies of digital personhood.[25] Generally, the law requires a physical or legal principal “behind” the entity before it can allot liability for damages. The problem in the cyber context is that it is not always possible to link the operating entity to a principal. One of the suggested solutions is attributing legal personhood to such entities, just as legal personhood was granted to companies, ships, and so forth.[26] Whether the digital person is an extension of the physical person or an independent entity will clearly have significant implications for its legal standing, protections, and perhaps obligations and will impact on the essentiality of the digital rights it may possess.
* This blog post was written in my personal capacity. It does not necessarily reflect the views of Israel’s Ministry of Justice and/or the Israeli government
[1] A/HRC/39/29 Report of the United Nations High Commissioner for Human Rights (August 2018), p.2 para 1.
[2] Ibid., p. 15.
[3] https://csrcl.huji.ac.il/book/conference-summery-cybersecurity-breaches-and-private-law-%E2%80%93-taking-stock-and-looking
[4] The promotion, protection and enjoyment of human rights on the Internet, human Rights Council, 29.6.2012 (A/HRC/20/8). Council resolutions 26/13 and 32/13; General Assembly resolution 68/167; GA Resolution 71/199 (2016) and A/HRC/32/38.
[5] A/RES/69/166, p. 2.
[6] GA 71/199, p.3.
[7] A/HRC/RES/26/13, p.2 para 6.
[8] A/RES/71/199, p.4; HRC 28/16.
[9] A/HRC/RES/32/13, p. 2.
[10] See for example: A/HRC/RES/32/13, p.3, para 4.
[11] Human Rights Council Resolution 28/16 (2015).
[12] A/HRC/35/8, Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, 6 April 2018. (para.64-72). (hereinafter: Special Rapporteur Report on Freedom of Expression).
[13] Article 17 of the GDPR (https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679) https://www.theguardian.com/technology/2018/sep/09/right-to-be-forgotten-could-threaten-global-free-speech-say-ngos ; Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression (11.5.2016), p.11
[14] Report of the High Commissioner pp. 3-5. Seibert-Fohr, Anja, Digital Surveillance, Meta Data and Foreign Intelligence Cooperation: Unpacking the International Right to Privacy (April 25, 2018) (hereinafter: Seibert-Fohr), p.3.
[15] Davies, Todd. “Digital rights and freedoms: A framework for surveying users and analyzing policies.” International Conference on Social Informatics. Springer, Cham, 2014.(hereinafter: Davis). Gill, Lex and Redeker, Dennis and Gasser, Urs, Towards Digital Constitutionalism? Mapping Attempts to Craft an Internet Bill of Rights (November 9, 2015). Berkman Center Research Publication No. 2015-15. (hereinafter: Gill). Mathiesen, K., 2014. Human rights for the digital age. Journal of Mass Media Ethics, 29(1), pp.2-18. (hereinafter: Mathiesen).
NETmundial Global Multi Stakeholder Meeting on the Future of Internet Governance, 2014; Senges, Max and Horner, Lisa, 2009, “Values, principles and rights in internet Governance”, Paper for the Freedom of Expression Project, August 2009: http://www.freedomofexpression.org.uk; A Bill of Privacy Rights for Social Network Users,” Electronic Frontier Foundation, last modified May 19,2010, https://www.eff.org/deeplinks/2010/05/bill-privacy-rights-social-network.... “Internet Rights Charter,” Association for Progressive Communications, last modified November 2006, https://www.apc.org/node/5677; “Joint Declaration concerning the Internet,” United Nations, Organization of American States, Organization for Security and Co-operation in Europe, African Commission on Human and Peoples' Rights, 2001, at 6(e).
https://www.oas.org/en/iachr/expression/showarticle.asp?artID=848&lID=1.
https://theconversation.com/should-cybersecurity-be-a-human-right-72342
[16] WSIS Plan of Action, para 1,4.
[18] https://www.ohchr.org/Documents/Issues/Opinion/Communications/InternetPrinciplesAndRights
Coalition.pdf
[19] The IGF is a forum for multi-stakeholder dialogue on public policy issues related to key elements of Internet governance issues, such as the Internet's sustainability, robustness, security, stability and development. The United Nations Secretary-General formally announced the establishment of the IGF in July 2006 and the first meeting was convened in October/November 2006. In: https://www.intgovforum.org/multilingual/
[20] A/HRC/37/62 Report of the Special Rapporteur on the Right to Privacy (February 2018): “When dealing with technologies such as the Internet it is simplistic and naïve to be content with a statement that ‘whatever is protected off-line is protected on-line.’ That is a hopelessly inadequate approach to the protection of privacy in 2018.”
[21] A/HRC/35/22 Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression (2017), p. 4-6. Fidler, David P., “Research Handbook on International Law and Cyberspace (edited by Nicholas Tsagourias)” (2015).
[22] “identity has been extended as a ‘digital persona’ (Clark 1994), to which corresponds a ‘digital unconscious’ (de Kerckhove 2012) structuring a ‘digitally divided self’ (Quartiroli 2011). 278
[23] Fidler, p.99; also see: Joyce, Daniel “Privacy in the digital era: human rights online?” Melbourne Journal of International Law, vol. 16, p.270, p.3 (2015) “Recently Eric Schmidt, the Chief Executive Officer of search and digital media giant Google, remarked that the internet is becoming so ubiquitous that it will soon 'disappear' from our lives. It is in that sense that the online and offline aspects of life will lose any clear or perceived sense of boundary or difference”.
[24] Noam Kutler, Protecting Your Online You: A New Approach to Handling Your Online Persona After Death , 26 Berkeley Tech. L.J. (2011).
[25] de Kerckhove, D. and de Almeida, C. M. (2013), ‘What is a digital persona?’Technoetic Arts: A Journal of Speculative Research 11: 3, pp. 277–287
[26] Koops, B.J., Hildebrandt, M. and Jaquet-Chiffelle, D.O., 2010. Bridging the accountability gap: Rights for new entities in the information society? 500-502