1 governments and citizens. It then asks careful and important - - PDF document

1

Talking Points GNI presentation to the UN Counter-Terrorism Committee Executive Directorate September 14, 2015

• 1. Introduction to GNI

The Global Network Initiative welcomes the opportunity to address CTED on this, the 10th anniversary of the adoption of Security Council Resolution 1624. Incitement to commit terrorist acts has existed since terrorism itself has existed. However the exponential uptake of Internet and communication technologies and platforms, and their use by terrorist groups presents particular challenges to governments, law enforcement, citizens and companies. The Global Network Initiative is uniquely positioned to discuss these challenges. We are a global multi-stakeholder organization with the mission of forging a common approach to protecting and advancing freedom of expression and privacy. We are not an industry association. Rather, we bring together in the same forum a diverse group

• f stakeholders: leading information technology and communication companies, civil

society organizations including press freedom and human rights groups, investors, and academics. Together, GNI members have developed a set of principles and implementation guidelines to inform responsible company, government and civil society action when facing government requests that could adversely impact the freedom of expression or privacy rights of users. These GNI principles are based on internationally recognized laws and standards for human rights set down in the Universal Declaration of Human Rights (“UDHR”), the International Covenant on Civil and Political Rights (“ICCPR”) and the International Covenant on Economic, Social and Cultural Rights (“ICESCR”). Currently, GNI has six company members: Microsoft, Facebook, Google, Yahoo!, LinkedIn, and Procera Networks. In addition, during that last two years we have been working in a formal dialogue with nine major telecommunications and vendor companies – Alcatel Lucent, AT&T, Millicom Nokia, Orange, Telefonica, Telenor, TeliaSonera and Vodafone. Being a multi-stakeholder organization means that GNI does not and cannot speak

• n behalf of member companies individually or the private sector generally.

However, what GNI is uniquely positioned to do is to articulate how a human rights- based approach to extremist content online can work in practice.

• 2. What is a human rights-based approach to extremist content?

The UN Guiding Principles on Business and Human Rights define the respective roles

• f the public and private sector as the state duty to protect, and the corporate

responsibility to respect human rights. Companies should engage in human rights due diligence – to “know and show” that they are actively addressing the potential human rights impacts of their processes, products and services. A human rights-based approach to extremist content and terror incitement starts by acknowledging the legitimate national security and public safety interests of

2

governments and citizens. It then asks careful and important questions about the effectiveness and consequences of laws and policies that increase the obligations of ICT companies to monitor their users and restrict what they can say. International human rights law requires that States acting to restrict freedom of expression must do so lawfully in pursuit of a legitimate aim. Any measures adopted must also be proportionate to the perceived harm, necessary to countering it and there must be procedural safeguards that go hand in hand with government efforts to restrict freedom of expression, including review by an independent authority and the availability of remedy.

• 3. How does a human rights-based approach to extremist content in the

private sector work in practice? In practice, companies wanting to hold to human rights standards face complex legal and political issues. There continues to be no internationally agreed upon definition

• f “terrorism” and national laws differ significantly as to what content is deemed

“extremist” “criminal” or “unlawful”, and in what contexts. Across the world, laws designed as “anti-terror” have been used to monitor, intimidate and imprison journalists, political opponents, dissidents and human rights defenders. Processes to identify, restrict or remove illegal content vary greatly among

• jurisdictions. Some countries have legislated to criminalize certain extremist content

and assign responsibility for assessing legality to an independent and publicly accountable body. Other countries empower law enforcement officers to assess content and notify companies individually of suspect content. Some governments have aimed to influence the content policies of ICT companies and to use these policies to secure the monitoring or removal of content through informal mechanisms, wholly outside the legal process. Despite these complex legal and jurisdictional challenges, there is a growing consensus amongst civil society on the principles that should underlie the regulation

• f online content, and the due process, public access and transparency required

when monitoring, restricting or removing it. An example of this is the Tshwane Principles adopted in 2013, which provide best practice guidance to policymakers on the limits in the use of censorship and surveillance for the purposes of national or public security. In May of this year, the Manila Principles on Intermediary Liability were issued after a collaborative consultation process between global civil society groups. These principles - including liability shields, due process and transparency requirements - were developed to guide government, industry and civil society best practice on the regulation and restriction of online content through intermediaries – including Internet Service Providers, web hosting companies, social media platforms, cloud service providers and others.

3

• 4. How can a multi-stakeholder approach assist companies to uphold

privacy and freedom of expression? Multi-stakeholder initiatives such as GNI demonstrate that even fierce commercial competitors can work together continuously to improve their collective human rights policies and practices. A prime example of this is how companies the world over can use GNI’s principles, guidelines and tools to assess human rights risks when entering or leaving a market,

• r when designing or introducing new technologies, products or services. This allows

company decision makers to bring human rights concerns to bear in their research & development, policy and commercial practices not as an afterthought, but from the early concept stage. Another example of this multi-stakeholder approach is company transparency

• reports. These reports, which have now become common in the industry, detail when

law enforcement agencies have requested user data, or content removal. This ensures that companies are accountable to users and the wider public for requests to monitor and restrict user data. A human rights-based approach extremist content can also be seen in how GNI encourages governments to consult widely when enacting legislation and developing their policy responses to ensure that user privacy and freedom of expression rights are protected. GNI directly engages with governments, law enforcement authorities and international institutions to raise the level of informed debate. GNI members – both companies and the wider civil society membership - have worked together to develop submissions to the United Nations, including our submission to the High Commissioner for Human Rights 2014 report on Privacy in the Digital Age, and to the UN Special Rapporteur for Freedom of Expression report on encryption standards.

• 5. Mutual Legal Assistance

Finally, I want to draw attention to a very urgent emerging issue of mutual legal assistance reform. The MLA regime is the dominant and widely accepted method for managing lawful government-to-government requests for data across jurisdictions. But the MLA regime has not been updated to keep pace with globalized data and struggles to manage the massively increased volume of requests. A report, commissioned by GNI earlier this year, concluded that the current process is inefficient, largely opaque and incomplete. In the United States, for example, the jurisdiction that gets the most requests, it is estimated that the average time to process a law enforcement request is ten months. When the MLA process does not function swiftly and fairly, law enforcement officials sometimes resort to drastic measures. The response from some governments has been to take unilateral action outside this system to obtain information about private

• citizens. These MLA regime alternatives are potentially harmful to an open, robust and

free Internet, and could be rendered unnecessary by appropriate MLA reforms.

4

MLA reform will not be easy. Because these legal information-sharing mechanisms are essentially bilateral, the central challenge to reform is strong leadership and political

• will. Some issues will take time to resolve but there are least two important

improvements that can be done in the short term to make these processes more

• effective. First, governments must create a secure electronic system for managing and

processing MLA requests. Secondly, one of the simplest reforms to implement would be to develop and encourage widespread use of a standardized MLA request form. Critically, all reform options, regardless of their size or scope, should be built on five important principles. Those principles are: justified and proportional access, human rights protections, transparency, efficiency and scalability. GNI calls upon governments to commit to this goal and take swift and meaningful steps to begin this vital work.