THE HAGUE – Proposals regarding Internet governance are bound to generate serious friction. The online world, after all, has provided enormous opportunities to billions of denizens, largely because it has never been governed.
And yet, as the Internet grows in importance, so do the risks inherent in the lack of regulation. There is a growing danger that the open platform we all cherish will increasingly be colonized by corporate greed, criminal activity, and conflict between states – with ordinary citizens the ultimate victims. It is essential that safeguards be put in place, and that countries and companies alike are bound by principles that encourage them to act in the common interest.
The utopian view that governments and other institutions should stay out of the way ignores the role that countries are already playing on the Internet, often secretly. Nor does it account for the fact that giant companies are exploiting this largely unregulated environment to set themselves up as the new sovereigns.
When a country censors online content on a massive scale or uses digital backdoors to monitor its citizens, the entire Internet feels the impact. Similarly, when companies with billions of users scattered around the world suffer data breaches or choose to pursue profits at the expense of universal human rights, it is not currently clear who can hold them to account.
Human rights cannot be “balanced” with the interests of states or commercial companies. Upholding core principles requires a system of checks and balances – mechanisms that can ensure that human rights, including privacy, are safeguarded, even as legitimate security concerns are taken into account. Doing this will require the key players responsible for the Internet’s openness to enter into a mix of voluntary and binding agreements that establish something akin to the rule of law.
Until now, discussions about Internet governance have aimed at establishing voluntary norms. These are important first steps, but if the process does not eventually lead to binding agreements, it is unlikely to succeed in keeping the Internet functioning and safe. Revelations of pervasive online surveillance have already eroded trust in the Internet and its suitability for communicating, accessing information, and doing business.
It is crucial that the Internet’s central protocols be declared a neutral zone, free from interference by any party, as per a recommendation by the scientific council that is advising the Dutch government. This measure, which will work only if it is binding, is in the interest of all countries and companies, because the trust that users have in the services built on top of these protocols depends on it. Among the protected elements would be TCP/IP protocol suites, various standards, the domain name system (DNS), and routing protocols.
The Global Commission on Internet Governance (of which I am a member) has put forward a proposal for “a new social compact” among citizens, their elected representatives, law-enforcement and intelligence agencies, businesses, civil-society groups, and programmers and developers. Among the provisions would be the recognition of privacy and personal data protection as a fundamental human right, and a call for clear, precise, and transparently created regulations that set limits on government surveillance and companies’ use of consumer data.
Under this framework, governance would strengthen the technology upon which the Internet depends. Governments would not seek to create backdoors to access data if doing so would make the Internet less secure. Companies that store or transmit consumer data would assume greater responsibility for illegal intrusion, damage, or destruction. And efforts by the Internet’s technical custodians to incorporate human-rights-enhancing solutions in standards and protocols, including end-to-end data encryption, would be encouraged.
Such a social compact and multi-stakeholder process would not replace judicial oversight and international human-rights law. Existing governance institutions should be brought to bear on Internet regulation wherever possible. But, given the enormous challenges that this entails, it is also necessary to encourage all actors to behave in the best interest of the Internet ecosystem as a whole. The dangers of doing otherwise are simply too great.