Technology, Private Companies and Human Rights: Why The Current International Legal Framework Isn’t Enough

Today’s new and emerging digital technologies pose unique and unprecedented challenges to human rights. At the turn of the century, it would have been difficult to imagine the invasive capacity of information technology which would be so widely employed to censor, manipulate and monitor our behaviour. This capacity has been brought to light by the Edward Snowden revelations and, more recently, reinforced by the Cambridge Analytica scandal.

Importantly, such emerging technologies tend primarily to be owned and coordinated by private actors such as for-profit corporations and quasi-governmental bodies. Unlike public actors, their activities have not generally been bound by human rights law. The extent to which private actors should be required to promote and protect fundamental human rights, particularly in relation to their development and maintenance of advanced digital technologies, has been a hotly debated issue. It has become clear that their human rights obligations are unclear at best. Thus, in the digital age we live in a paradoxical situation: while private actors exercise unprecedented influence over our social, political and economic lives through information technologies, the fuzziness of their human rights obligations creates a human rights void.

Within this void, many private actors have attempted to impose upon themselves voluntary ethical and corporate social responsibilities that involve commitments to respect human rights in relation to digital technologies. Think, for example, of how recently Microsoft announced it will voluntarily implement data privacy standards required by the European GDPR worldwide. Similarly, other ‘tech giants’, such as Google, provide voluntary and regular transparency reports about some of their activities and in other ways impose certain commitments on themselves.

However, as we could infer from the continued breaking of scandals about fake news, voting interferences and Cambridge Analytica-type events, economic incentives seem to counter these efforts to prioritise human rights. What we have therefore seen with such initiatives is a rather lacklustre, if not illusory, protection of human rights and ethical principles which have generally been moulded around the business models of the companies promoting them. Ultimately, then, voluntary approaches cannot be the answer because economic incentives seem inevitably to result in the watering down of voluntary commitments.

These ideas are illustrated by the operation of the Internet Corporation for Assigned Names and Numbers (ICANN), which I analyse in more detail in my recent paper on this issue. ICANN represents one of the few centralised points of control over the Internet. Crucially, it is responsible for managing the Domain Name System (DNS), which matches IP addresses to human-friendly domain names (e.g. when you type in www.icann.org into your browser, the DNS converts this name into its IP address 97.74.104.218 which can be used by the Internet infrastructure to guide your request to its intended destination). DNS is integral to the way in which the Internet is navigated, so decisions surrounding the DNS have human rights implications on a global scale. ICANN is a non-profit corporation, and therefore a private actor. Although it had previously been overseen by the US Government, this supervision ceased in 2016. ICANN operates under a ‘multi-stakeholder’ model of Internet Governance which relies on public participation and the engagement of groups such as governments, business and civil society.

Since the DNS is a global system, ICANN’s management of this system is an exercise of public functions with global effect. However, despite its quasi-governmental nature and the global reach of its policy-making role, it is unclear whether any local or international law, and in particular international human rights law, imposes any limits on ICANN’s activities. While it has voluntarily imposed upon itself ethical responsibilities to guide its operation, it is not clear whether such principles will have any real effect given the uncertainty of ICANN’s legal obligations to respect human rights law.

For example, ICANN’s Bylaws have since 2016 included what it calls a ‘Core Value’ stipulating that ICANN will ‘[respect] internationally recognised human rights as required by applicable law’. Yet, if there are no internationally recognised human rights that are clearly ‘applicable’ to ICANN, this Core Value seems to carry little weight. This is complicated further by the caveat in ICANN’s Bylaws to the effect that this Core Value ‘does not obligate ICANN to enforce its human rights obligations, or the human rights obligations of other parties, against other parties’. This flexible language—together with a lack of enforcement of ICANN’s self-imposed voluntary obligations—exemplifies the human rights vacuum created as a result of significant power over digital technologies being vested in private actors with no clear human rights obligations.

In my forthcoming paper referred to above, I argue that the imposition of binding obligations upon private actors under the international human rights framework is essential to ensuring the protection of fundamental rights in the digital age. This would have a number of important benefits. In the first place, it would rectify the imbalance between ‘hard’ legal commercial obligations (in the form of international economic law and contractual obligations) and human rights ‘soft’ law that is difficult, if not impossible, to enforce. Fixing this imbalance would further provide individuals whose human rights have been affected with access to an effective remedy. I further argue that because these private actors are increasingly engaging in a balancing exercise of fundamental rights—as illustrated by Google’s implementation of the EU ‘right to be forgotten’ ruling - such a development of international human rights law is crucial for the promotion of access to justice in the digital age.

Monika Zalnieriute is Research Fellow and Lead of the Technologies and Rule of Law Research Stream at the Allens Hub for Technology, Law & Innovation, Faculty of Law, UNSW Sydney, Australia.