A pathway forward for digital rights by Brett Solomon

A pathway forward for digital rights

Reflections on 15 years as Access Now’s co-founder and Executive Director 
2009-2024

As I prepare to leave Access Now after serving 15 years as its Executive Director and co-founder, I have taken this moment to reflect on my personal learnings and observations on the evolving fight to defend and extend human rights in the digital age for people and communities most at risk. This fight, shared by so many both within Access Now and across all facets of the human rights movement around the world, has only grown more pressing over the years. 

In my time, I have seen the very earliest days of Facebook and Twitter, the excitement and devastation of the Arab Spring, the explosive disruptions of WikiLeaks and Edward Snowden, the maturation of the internet governance community, the rise of digital authoritarianism, the proliferation of spyware, the litany of new cyber-enabled conflicts from Sudan to Ukraine to Gaza, and the all-consuming emergence of artificial intelligence. These developments have had world-changing consequences and left us with both many seemingly unsolvable problems and a growing, global digital rights movement.

I’m sharing these reflections in the hopes that they will be helpful for people at all levels in the movement — including leaders at NGOs, governments, companies, and funding organizations — as we collectively confront the challenges of the digital revolution. With the future of human rights at stake, it’s crucial that we work together for the benefit of all. 

Feel free to take on what may be useful to you, and discard the rest. While I draw on examples of human rights challenges from various regions and themes worldwide, one thought piece can never fully represent the lived experiences of those impacted. Our movement must strive continuously to center people and communities at risk, and shape our work accordingly. Opinions will differ, strategies will diverge, but with perseverance, the diversity and strength of the digital rights movement will prevail. 

Thank you to the Access Now team for so much over all these years, including most recently with assistance in preparing this memo.


The context we’re facing

The landscape for digital rights has evolved rapidly over the last 15 years, and will only continue to shift and stratify more quickly in the years ahead. I’ll start with some horizon-scanning, though it is far from comprehensive:

This is just the beginning of the digital revolution in all its forms. As we confront today’s realities, we also need to look ahead to see what’s coming, to identify opportunities  to alter the digital revolution’s course for the better. This revolution will speed up as technologies converge and investments deepen, and powerful institutions continue to embrace “digital transformation” as a quick fix for complex social and political problems — often to the detriment of democracy and human rights. We must reject techno-solutionism and stay focused on the impact for people most at risk. Often, the digital rights community’s work is reactive out of necessity. Yet to achieve sustained success, we must craft a proactive agenda that shapes technologies as they emerge, which will require deeper investment in civil society capacity and resources. 

But time is not our friend. What already feels like a breakneck pace for the digital revolution will continue to speed up, and threats to our rights will become more firmly entrenched. We need to move quickly and decisively to protect the digital rights of people and communities, while also working sustainably (more on that below). 

Digital policies will inform the future of our human rights. As our exercise of human rights moves further online, digital policy will increasingly ensure or restrict their enjoyment — impacting our rights online and off. Technology policy, often determined by governments, companies, standard bodies, and courts, should therefore be shaped with an understanding of the consequences for human rights, not siloed off as something purely technical, legal, or bureaucratic. If we do not ground technology policy in human rights, protections we have fought for will be dissolved online. Instead of being seduced by the subjectivity of ethics, policymakers should embrace the international human rights framework — built through decades of advocacy, jurisprudence, and continuous advances toward stronger protections — as the bedrock of tech policy development.

We must collectively fight the continued rise in digital authoritarianism. From as early as 2009, events in Iran, Egypt, Myanmar, and elsewhere showed us that power-hungry governments would not allow technology to be a liberating force, but instead use it as a tool of control. For the first time in more than two decades, the world is seeing more closed autocracies than liberal democracies, and as a result, our digital civic space is shrinking. Instances of democratic backsliding happening all around the world are not isolated events and should not be treated as such. As authoritarians wield technology to control populations, we must understand that this is not just a technical or a policy problem — those seeking to protect human rights must consider and address the root causes of these attacks on our rights: populism, elected autocrats, faltering democracies, and a compliant tech sector.

Rights are quickly lost, and back-breaking to recover. This has been painfully evident in Tunisia, which was an emblem of the Arab Spring and became a beacon of hope for many in the region. Access Now has long supported and worked alongside Tunisia’s digital rights community, which has shown extraordinary resilience – including in its persistent battles against invasive digital ID systems, strict regulation of civil society organizations, and the criminalization of online speech. Even though civil society achieved remarkable progress following the revolution, today the government is pushing ahead on biometric IDs, targeting activists, and tightening the vise on freedom of expression online, leaving many in fear of what lies ahead. I am alarmed to see the international community abandon valiant people who have fought for change, just as authoritarianism regains its hold. Actors like the International Monetary Fund (IMF) and individual governments are imposing policies that actively undercut the capacity to sustain democracy.


Sustaining the movement

The work of the digital rights community has never been more essential, and we must continue to invest in its growth, strength, and diversity.

That means centering the perspectives, needs, and rights of those most at risk. Access Now’s mission, to defend and extend digital rights of people and communities at risk around the world, remains pertinent. In my experience, by focusing on those who are most vulnerable to digital rights violations, everyone benefits. When we uplift and provide platforms for people and communities to speak directly about their experiences, and share solutions, rather than speaking on their behalf, we can take a grassroots-to-global approach — ensuring that frontline voices are represented in global debates, and in turn that international standards support and help inform national and local advocacy. 

We should also endeavor to build stronger ties across sectors and movements. Every sector is impacted by technology, and no area of human rights advocacy is immune from the digital revolution. Rather than leaving these issues for “digital experts,” all human rights movements should, to the extent possible, prioritize understanding how they intersect with tech and offer what they can toward shaping it. Where LGBTQ+, environmental, feminist and gender, racial, social, and economic justice movements come together to take on causes like protecting net neutrality or banning spyware, it mutually supports everyone’s work and increases collective impact. At the same time, we need to continue supporting the growth and unique contributions of the digital rights movement — and calling it by name. 

Don’t go changing the term “digital rights” now, as many organizations and fights around the world rely upon this concept and the progress that we have already made toward protecting these rights. I have always seen the five key digital rights as privacy, freedom of expression, opinion, association, and access to information, but the pandemic exposed that digitalization has impacted all rights across the spectrum — from civil and political to economic, social, and cultural. That means that the digital rights movement must contend with the right to an education, healthcare, sustainable livelihood, and more. Even the right to life itself has been impacted.

To support intersectional movement building, all must be welcome and included. LGBTQ+ digital rights weren’t always in vogue, and when they weren’t, the digital rights community was as homophobic as any other sector. I was there when few talked about LGBTQ+ digital rights and the silence lasted for many years before funders started to flip and civil society opened its doors. There is still so much work the digital rights community can do to protect LGBTQ+ people from increasing threats, particularly for non-binary, transgender, or gender nonconforming people and communities. Supporting digital safety for LGBTQ+ communities where they are most marginalized — including, for example, in Africa — must be a priority. It is crucial to invest in LGBTQ+ equity and dignity for the long term, as the pendulum is swinging in the wrong direction.

Form unusual alliances to advance digital rights protections. As long as core values aren’t in question, members of our community should set disagreements aside to fight that one bill, law, policy, company, or product together where interests meet. Unusual alliances can be within civil society or among stakeholder groups. I have often said that we are most likely to win when we have civil society, champions within government, and a company or two on our side. Encouraging diversity within the movement, and converging with others outside the movement when there is alignment, is healthy. 

Our task is not only to interrogate who we work with, but how. Coalitions work, but it takes more than joint letters to build power. With every action, it’s better to align strategies to achieve the desired outcomes than to scratch an activist itch to make noise. To that end, understanding the difference between an output and outcome is paramount. For example, an output is the production of a beautiful report, while an outcome is a decision maker changing their mind on the basis of that report. Similarly, providing digital security support is an output, while making a client safer is an outcome. Closing the gap between output and outcome is where all the hard work lies. Taking the time to ensure an output becomes an outcome — like getting the report into the hands and minds of your target — is essential. 

Finding and honing the right tactics for the moment takes patience, diligence, and boldness. I couldn’t count how many times I’ve got this wrong. Why do we continue to draft new policy on an issue that’s already been analyzed from every direction, when what we really need is a campaign to target a particular legislator using existing policy? Why do we tweet at a regulator calling for change when she is no longer on X? Why do we draft joint letters, when we’ve been told that most companies put them in the bin upon arrival? Our limited resources are limited.

In shifting away from traditional tactics and making bold decisions to sharpen our advocacy, we need to resist the pull to self-censor, within the bounds of what keeps ourselves and our communities safe. Failing to be brave and say what needs to be said is a way of doing the bidding of our adversaries.

Perfect is the enemy of great, but so is good. As you implement your strategy, recognize what needs to be perfect, great, and good enough

Enabling this work means that funders must support and protect civil society by all means possible. Civil society is under attack, online and off. For those who want to defend democracy and pluralist political participation, investing here is essential. Don’t take it for granted that digital civil society will continue to exist given the localized cyber, legal, reputational, and financial threats we are facing, which impact our communities in diverse ways. Invest in civil society resilience, fund our core activities, and partner with us for the long term. That includes:

  • Investing in civil society’s digital security: There are no human rights without safety, and no democracy when civil society is digitally vulnerable. For governments and the private sector, cybersecurity is a top priority being met with the resources to match. Civil society is facing those same digital threats — sometimes first and more intensely — yet governments invest more in the surveillance technology and cyber-weaponry that are being used against human rights defenders, than they do in protecting them. Civil society needs holistic support, including through the resourcing of civil society-run help desks like the Access Now Digital Security Helpline and other CiviCERT members that work on the front lines keeping people safe — and governments, companies, and donors need to step up. Our helpline has worked on almost 20,000 tickets since 2013, helping civil society fend off DDoS attacks, malware, spyware, doxxing, phishing, and other attacks. Read our report on the first 10,000 cases. It’s not enough to fund ad hoc digital security trainings. It is paramount to understand that this is a crisis, whether those targeted for digital attacks work on climate change, democracy protection, human rights defense, or indigenous sovereignty.
  • Uplifting civil society-owned spaces: RightsCon is a unique global civil society convening that attracts hundreds of companies and significant participation of governments from around the world. It is also part of an ecosystem of civil society events like the Global Gathering, Bread&Net, the Digital Rights and Inclusion Forum, FIFAfrica, the Tech and Society Summit, among many others, as well as government-hosted events like the Stockholm Internet Forum that invest deeply in civil society participation. These convenings connect our communities and strengthen our work, and they should all be prioritized.
  • Streamlining access to funding: Funders should stop writing strategies and prioritize releasing funds! I don’t know how to say it more plainly. The rights-infringing political, legal, technical, and regulatory decisions that are being made, and the norms and standards that are forming now, will shape human rights for generations to come. There should be no delay in getting money to the civil society organizations that need it. That is why our team at Access Now Grants has given more than 9.7 million USD to at least 180 groups across 66 countries since 2015.
  • Protecting the rights of human rights defenders: We must secure the rights to protest, to speak out, to assemble, and to access and share information, and keep the people who are advocating for these rights safe while they exercise them, as set out in the Declaration on Human Rights Defenders. When human rights defenders are not safe, we all suffer as a result. 
  • Preserving safe havens for human rights defenders in exile: Civil society across the world is being forced into self-exile, at risk of life and liberty. We need to think purposefully about what happens when the countries  they have fled to are no longer safe, such as Ukraine for people who fled Belarus. We need to ensure that places like Berlin, Taiwan, and other countries can continue to serve as harbors for displaced human rights defenders, to enable the human rights diaspora to live freely and continue their fight.

Finally, we must do better to take care of one another. Let’s direct our criticism toward people and institutions causing the deepest harm, not potential allies who have differing perspectives on or approaches to our movement’s collective work.


Pressing threats

With so much in play — and so much at stake — it’s impossible to name every issue that belongs on the global digital rights agenda. But some of the battles  we face are so fundamental for the future that human rights networks around the world should come together to take them on. 

To start, in a world where data is being generated, collected, and harvested at every possible opportunity, data protection is the holy grail. It is a central issue when we look at systems for digital identity, secure communication, AI, mass and targeted surveillance, and more. Its centrality is why data minimization is so vital. Protection of our personal data is a human right — get this right, and so much more will follow. And as we advocate for data protection regimes, we must be wary of bad actors seeking to abuse or exploit them — creating busy work for lawyers, safe havens for large companies, or excuses for unscrupulous regulators to attack their opponents.

The current predominant approach to digital identity could be the harbinger of the end of a rights-respecting digital ecosystem. Systems that force the datafication of people’s identities, maximize data collection and profile building, and centralize information about a person’s choices and behaviors must be seen for what they risk becoming – a pathway for deepening state and corporate control. And while public infrastructure is important for society, what is now marketed as “digital public infrastructure” is often built on the same  flawed principles as digital identity systems, and it should be called out as such. 

Technologies alone do not solve societal problems, nor do they  alone create them. However, there are some tools that are so susceptible to abuse that they are fundamentally incompatible with human rights. It’s imperative to ban biometric surveillance in public spaces and outlaw the sale, distribution, and use of commercial spyware. The power of these technologies to target human rights defenders, journalists, people on the move, and other marginalized and vulnerable communities cannot be effectively mitigated. The current window to rein them in will shut, and we should act now to stop this digital poison from destroying democracy.

Building and upholding an open, secure, universal, and accessible internet for all remains vital as the underpinning of human rights in the digital age. We must not allow the “splinternet” to become a global reality. Calls for sovereignty from democratic and autocratic states alike put the universality of the network at risk — threatening people’s freedom of expression and access to information, and making networks less resilient to attack. We should continue to call out China, Russia, Iran, Myanmar, and other states that take a unilateralist approach to internet governance. It must remain inclusive, robust, and open to all stakeholders, not a tool of private equity or closed government-only bodies

The public and private sector alike should focus on closing digital divides and ensuring connectivity for all. For many, the internet and access to digital technologies are necessary enablers of all other human rights, yet the international community has consistently fallen short of its targets to bring the 2.6 billion people who remain disconnected online — largely women and marginalized communities. This policy failure is not a natural consequence of poverty, rural or geographic barriers, or a lack of technical interest or acumen. New tools like satellite internet provide the scale and reach, but governments ultimately control and must implement net neutrality and pro-competition regulations (to prevent power consolidation) and “dig once” policies that fund internet connectivity alongside electrification and social support programs. All of these efforts should be undertaken with serious regard for the right to disconnect, and the desire of people and communities to remain securely offline without losing access to essential services, honoring those who are opposed to being chained to the grid.

Disturbingly, we continue to see authorities around the world deliberately block access to the internet and online platforms to control the free flow of information — but no matter the issue, intentional disruptions of the internet are never a solution, and they are always an attack on human rights. The #KeepItOn coalition has recorded at least 1,500 internet shutdowns since 2016, and the cost to people’s basic rights, safety, lives and livelihoods has been incalculable. Repeat offenders like India, Ethiopia, and Pakistan have entrenched the tactic — disrupting everything from education and work to healthcare and access to public services — while new offenders like Kenya and France are dangerously entering the fray. 

Shutdowns imposed in conflict zones — including Gaza, Ukraine, Sudan, and Myanmar, among others — are intersecting with attacks on civilians, putting people’s lives further at risk. We must draw a hard line against the use of shutdowns in any context. Governments should promote and support safe, equitable access to technologies that enable circumvention and keep human rights defenders connected. That means, for example, standing against criminalization of VPNs and other online safety tools, and avoiding provider lock-in for important equipment like LEO satellites. We can’t leave the decision over who stays online in the hands of Starlink and Elon Musk.

Maximizing access to information and promoting the enjoyment of free expression online should always be our starting place. Governments and the tech sector have important roles to play in ensuring that communications networks and platforms are not weaponized to harm or silence people. We’ve seen how the unchecked spread of incitement to violence online and lack of adequate response by private actors causes serious harm, the impact of which is most often borne by the most marginalized among us. Any restrictions that governments place on speech must be done lawfully,  in compliance with the international human rights framework. Likewise, tech companies must step up now to ensure their content governance policies and their implementation are aligned with human rights, adequately resourced across all geographies and languages, and responsive to the needs of people most at risk.

Across all of these areas, the rapidly emerging application of artificial intelligence could prove to be as transformative as the internet itself. AI will soon affect every profession, much like PCs did in the 1980s and 1990s. It is just a question of by how much. This permeation of AI into the workplace and education system will bring with it new challenges; quality challenges as AI replaces human-generated content and human- managed processes, and security challenges as AI systems are trained with, retain, and regurgitate data. As people use AI for more purposes, we will need ways to identify AI-generated content. While some technical approaches exist, we are far from a silver bullet solution — and this is only one of many challenges AI entails. As it stands, we are only now scratching the surface of its implications for society, and looking at “ethics” is not enough. We must constrain and control AI via the human rights framework.

At its core, the nature of AI models’ insatiable demand for new data to improve their quality encourages a maximalist approach to data collection and processing, which is fundamentally at odds with human rights and strong data protection principles. AI algorithms have also been repeatedly shown to replicate and reinforce discriminatory biases and harmful assumptions, exacerbating harms while reducing accountability and creating the illusion of “neutral” decision-making. Among the most egregious examples of harm have been in the exploitation of biometric data — including, for example, AI-powered facial recognition systems built upon assumptions of binary gender and voice recognition systems that make assumptions about gender, age, and emotional state. Attempts to offload nuanced decision-making from humans to automated AI tools have proven to be catastrophic, from social media platforms’ attempts to automate content moderation, to governments automating decisions about access to public spaces, to employers evaluating candidates for hire, to schools monitoring student activities, to law enforcement use of predictive policing, to border control conducting surveillance of migrants and other at-risk communities, and more. Meanwhile, generative AI is raising questions about trust, authorship, and the spread of disinformation and other harmful content online, with policymakers struggling to get their hands around which interventions, like digital watermarking, are feasible or effective.

And as if that weren’t enough, quantum computing is coming. It will be on our doorstep before we know it, and civil society must get ahead of the issue. The heightened processing power of quantum paired with AI — which by design will first belong to those with immense resources and computational infrastructure — will supercharge all of these harmful use cases and make it even more difficult to get the necessary guardrails in place. Further, quantum computing stands to undermine our existing security frameworks, leaving current biometric data, encrypted communications, and other sensitive information exposed to hacking in the future. That means, among other things, we need to double down on strong, end-to-end encryption and urge platforms to invest in quantum-resistant cryptography to shield our data. Those working to build backdoors to encrypted systems, rather than hardening those systems for what’s to come, are leading us down a dangerous path of insecurity, and human rights defenders are among those most at risk. Governments must cease designing misinformed and counterproductive policies that undermine encryption in the name of enabling online safety. This will be a perennial battle and will require continuous advocacy to advance it.

The fight for digital rights will continue to be most pressing in contexts where people’s full suite of human rights are most threatened. Digital disruptions to electoral processes — whether in the form of internet shutdowns, disinformation campaigns, or attacks on election infrastructure — threaten the integrity of democracy globally. We cannot allow digitalization of the voting process to be used as a mechanism for increasing surveillance, and governments must put protections in place to prevent populations from being unduly influenced by actors outside national borders.

People fighting for their survival in conflict-affected areas are experiencing some of the most extreme forms of tech-enabled abuse, and war zones are being used as the testing ground for the development of increasingly invasive and dangerous technologies. Going forward, kinetic war will be impossible to de-couple from cyber war, and digital rights will become even more critical to protect. No future conflict will be waged or understood in the absence of new technology, and all relevant sectors and humanitarian actors will need to rapidly accommodate this new reality. The current models for de-escalation and peace-building are inadequate to respond to the contemporary threats of warfare, including cyberattacks, internet shutdowns, destruction of communication infrastructure, autonomous AI-enabled weapons and target selection, and more. Digital ceasefires must be established if we want peace in the digital age. My op-ed in Reuters explains the concept in more depth.

It is important to call out the transnational movement of technology and policy. That includes recognizing China’s Digital Silk Road for what it is. Countries ensnared in China’s tech infrastructure and capacity-building pipeline risk being locked into a generational alignment with Beijing’s cyber authoritarian model — bringing network control, suppression of speech, and the arbitrary denial of privacy. The spread of this framework makes everyone less safe.

Last but certainly not least, the digital rights community must rally to address the climate crisis. This is the existential challenge of our generation, and everyone in the community should allocate dedicated resources to mitigate the tech sector’s outsized impact as polluters, energy consumers, and extractors of natural resources; ensure the digital safety of environmental defenders; and protect vulnerable communities displaced by climate disaster from surveillance, online harassment, and other abuses — often at the hands of businesses. While we cannot reach the Sustainable Development Goals without open and secure internet access, any proposal to save the environment through a new digital technology should be met with scrutiny, and only deployed if it has been designed and developed in a rights-respecting manner.


Engaging across stakeholder groups

Engagement and consultation with multiple stakeholders is still the most surefire way to shape norms and ensure accountability. Governments and companies will increasingly engage bilaterally or unilaterally, and we should stand up at every occasion where that’s the case because the sands will shift underneath us. Concentration of power is not the answer. At the same time, multistakeholderism should be the pathway but not the goal, and civil society participation in itself is not an outcome. Governments, companies, and multilateral bodies inviting civil society participation should do everything in their power to enable meaningful, constructive dialogue and co-designed, consultative processes that are intended to integrate and respond to what civil society has to say. Meanwhile, civil society should stop coming to the table with demands for access without also bringing substantive recommendations for change.

Across the public, private, and multilateral sectors, we’ve made real headway in developing stronger channels for collaboration and in moving digital rights issues further up the agenda. Yet we’ve also seen the erosion of some of that progress as political and economic interests take precedence. The Access Now team has developed countless resources addressing each of these groups over the years and provided targeted recommendations for upholding human rights, and I will not attempt to capture them all here. But the following are my high-level thoughts on where civil society can find the most traction, and where various stakeholders should focus their efforts to protect digital rights. There are of course other approaches, some more focused on direct action and outside activism, and others more on policy entrepreneurship and discussions within the beltway. 

The global political landscape has been in upheaval and shows no signs of settling anytime soon, forcing civil society to navigate shifting allegiances with fewer reliable partners to turn to. Digital authoritarianism is on the rise, and not only in authoritarian states.

Whichever state is furthering a policy that is consistent with human rights, grab it. There will only be limited opportunities and we should seize them wholeheartedly.

That also means searching out allies and finding dissenters within governments that are undermining human rights — from the communications authorities challenging internet shutdown orders to the jurists seeking to hold the line against overreaching requests for personal data or content takedowns — and those willing to lead on moving governments forward, like diplomats sounding the alarm over harmful surveillance technology exports. Work with these individuals and help empower them to make change from the inside.

Wherever possible, use the power of the courts to advance our cause, as this is at times the only path for holding governments to account. A strong, independent judiciary is a cornerstone of democracy. Enemies of human rights leverage legal systems for harm at every turn, and we must not cede the venue. Invest in strategic litigation, documenting abuses, and increasing overall legal capacity, and do so in coalition to hold each other up through this long, resource-intensive, risk-laden work. And as national independent judiciaries are falling victim to the democratic backsliding around the world, take advantage of the regional and international courts as well as quasi-judicial bodies to strengthen norms and obtain remedy. 

On every front, governments must do more to defend digital rights both within their borders and around the world. 

  • First and foremost, governments must advance digital rights at home first before proselytizing abroad. We see when you advocate for one thing abroad and not at home, and so does the international community that you are seeking to set standards for.
  • To do that effectively, policymakers must understand the technologies they aim to regulate. Ill-informed legislators relying on political headwinds or the whispers of corporate lobbyists are making matters worse, and it’s time for our lawmakers to meet their responsibility to legislate responsibly.
  • From this footing, rights-respecting states must work together to thwart the geopolitical alignment of digital authoritarianism. In particular, the Freedom Online Coalition should revamp as a driver of digital democracy, holding its members accountable when they fail to uphold digital rights and setting a clear course for rights-respecting implementations of technology going forward.

On the whole, the United Nations (UN) needs to refocus on implementation and limit proposing new initiatives that absorb people’s time, operate behind closed doors, and often go unheeded. With the Summit for the Future upcoming, the UN needs to be more explicit and transparent about where the Global Digital Compact will go from here, acknowledging that truly upholding human rights in the digital age will require continuous, deep work that centers perspectives of people operating at the grassroots in international processes.

For over a decade now, the UN Office of the High Commissioner for Human Rights (OHCHR) has played a central role in examining the intersection of digital technologies and human rights, releasing timely reports from the OHCHR itself, as well as through the initiative of individual UN Special Procedures mandate holders — David Kaye, E. Tendayi Achiume, Clément Voule, and Fionnuala D. Ní Aoláin to name a few — who all undertook extensive research, centered on those most at risk, to produce instrumental reports on topics including internet shutdowns, surveillance and spyware, encryption, and artificial intelligence worldwide. Now the UN must leverage this extensive work and continue to build on it, rather than duplicate and weaken such work from its essential human rights perspective. 

The UN Security Council should own its cyber responsibilities for ensuring international peace and security. War is now cyberwar, so peace-building must address cyber conflict. The UN’s top body needs to renew its understanding of the UN Charter for the digital age, ensure resources are allocated accordingly, and invite inputs from digital, humanitarian, and human rights experts closest to affected communities. The Council needs:

  • To build on, not supplant, the Human Rights Council and General Assembly’s work advancing human rights in the digital age;
  • A consistent focus on cybersecurity and its role in the protection of civilians;
  • Regular reporting by the Office of the High Commissioner for Human Rights on digital technologies and their multiple impacts on international peace, security, and human rights; and 
  • Briefings by digital rights groups, including on women, peace, and security, counter-terrorism, and unlawful surveillance, among other topics. 

Absent these voices and our constant monitoring, the Council will not have what it needs to fulfill its mandate in the digital age.

While the large international policy bodies that come to mind first are essential — such as the UN Human Rights Council, UN General Assembly, and the like — the work happening in spaces further from the spotlight can often impact our rights most quickly. Standard-setting bodies like the International Telecommunication Union (ITU), International Organization for Standardization (ISO), Internet Engineering Task Force (IETF), Internet Corporation for Assigned Names and Numbers (ICANN), and others can serve either as the backdoor to undermining our rights or the inside track for ensuring more rights-respecting development and implementation of digital technologies. Civil society should do more to engage these entities, and likewise they should do more to create pathways for people most at risk to bring their perspectives to the table.

The corporate tech sector cannot be relied upon to lead a human rights agenda – and perhaps it was naive to think they could be. We have seen the ways in which tech companies show up, and sometimes even go beyond expectations, but they can be fair-weather friends that are hard to find when needed most. Imprisoned Egyptian human rights defender Alaa Abd El Fattah called this out as early as 2011, speaking directly to tech companies at the first iteration of RightsCon. But that doesn’t mean we should stop engaging with those companies. Sometimes we have real wins that only happen when corporate and civil society priorities align. But as the digital sphere is largely a private one, if we want the private sector to put people over profit or market share, we must take the lead in pushing for corporate accountability through every available channel.

Follow the money, and you will often find who holds the power. Big Tech investors have the power to make companies listen when civil society can’t. Use their influence and leverage to hold these companies to account. Private-equity investors are often behind spyware and other companies that operate in the shadows to perpetrate human rights abuses. Bring their names to light and don’t let them get away with investment in this type of tech.

Too often, we’ve seen cases where the rule of law is weak, regulation is slow, or governments act to limit people’s freedoms. Companies can exploit these situations as a testing ground for rights-abusing tech before regulatory frameworks catch up, or at a minimum use these conditions as a shield to ignore their duty to prevent human rights harms imposed through their products and services. In these cases, we must push the  tech companies that make public claims about their commitment to human rights to provide the same level of human rights protections to people who rely on their services regardless of region. Though it is not the private sector’s role to regulate, it is their role to respect human rights.

Where possible, lead companies to the intersection of their interests and our values. For example, customer privacy is a product value-add and a new profit margin for companies. Don’t be shy in demanding privacy and demonstrating its value. Think Apple, think privacy. This can also mean encouraging companies to hold each other accountable across the sector. For example, tech companies have aligned with civil society to counter the proliferation of spyware through legal action, digital threat research and reporting, security improvements, and participation in policymaking spaces.

Though they’re not alone, the telecom sector in particular has a lot to answer for, from Vodafone in Egypt to Telenor in Myanmar and A1 in Belarus. Many of these companies have come a long way over the years, but they have also  been spared from the persistent calls for public accountability their online platform peers receive. The growing Infrastructure as a Service sector (IaaS) also largely flies under the radar. Yet infrastructure is just as important as software and code. The digital rights community should include the entire infrastructure industry on its agenda, including submarine cable owners and others that have thus far been less involved in human rights spaces.

Finally, we need to go beyond the usual suspects when working with companies. In addition to the human rights and policy teams, we must seek out the engineers and tool builders who are too often far removed from the impacts of the tools they create. By bridging the gap between technologists, policymakers, human rights experts, and end users, we can get closer to a tech sector that builds digital technologies for and with at-risk communities and places human rights at the heart of its business model.


Conclusion

So many of the decisions we make as digital rights activists come down to the nuances of a specific moment and context, and general themes won’t always apply. But for many of us who have been active for years, learnings abound. And to the new generation of activists, I look forward to seeing you blow past and beyond the progress we’ve made so far.

I acknowledge that I come to this work from a specific perspective, and I do not aim to speak on behalf of the many people in our community bravely conducting this work on the frontlines and facing immense hardship. As I said at the outset, take what is useful to you from these reflections and set the rest aside. 

To everyone who I have had the privilege to work alongside over these past 15 years, especially the Access Now team but also the digital rights community writ large, I am grateful to you for your role in advancing the fight to make the world a more rights-respecting place. And to Alejandro Mayoral Baños who is taking the reins as Executive Director at Access Now, I wish you and the entire team all the very best, and all the power needed in the fights and the victories ahead.

Brett Solomon

You can find me at brettsolomon.info where you can subscribe to my newsletter, and reach me via my new email address: [email protected].

You can listen to a discussion of this blog by tuning into this week’s edition of my podcast This Week in Cyberspace: 15 years in the making on Spotify or Apple. This memo forms the basis of the edition.