WCIT WATCH: Analysis of the new ITRs Part II

6:24pm | 14 December 2012 | by Access Policy Team, English

This is a continuation of our initial analysis of the new International Telecommunication Regulations (ITRs) negotiated at the 2012 World Conference on International Telecommunications (WCIT). READ PART I HERE.

The bad

The new term “authorized operating agencies”

The ongoing “recognized operating agency” (ROA) versus “operating agency” (OA) debate was resolved by the use of a different term “authorized operating agencies” (AOA). Unlike ROA and OA, this term is undefined in the ITU Constitution, although the ITRs define it to mean “those operating agencies, recognized by a Member State, to establish, operate and engage in international telecommunications services to the public”. Because AOA is undefined in the ITU Constitution, there is no definitive interpretation of which entities this provision applies to, setting the stage for disputes between member states as to who specifically qualifies as an AOA. Ostensibly, this could lead to difficulties in implementing the ITRs.

Further, the adopted text uses “public” rather than “public correspondence,” as the US had proposed, which is problematic. “Public correspondence” is a term defined in the ITU Constitution and would have usefully further circumscribed the term AOA. “Public,” on the other hand, is not defined in the ITU Constitution, but Article 1.2 of the ITRs notes that it is “used in the sense of the population, including governmental and legal bodies.” Thus, this provision could be read to problematically bring in military networks or other governmental networks that are authorized and are “public,” but are not used for “public correspondence.” More importantly, it could be interpreted to apply to private networks. However, the definition AOA is much more narrowly tailored than OA, which had been proposed by various member states and would have included virtually any actor that operates a server, router, or other telecommunication installation or a device capable of causing interference with these installations. Simply put, while the wording is vague, our analysis is that the definition does not apply to internet companies.

Article 3.6 (on providing international calling line identification (CLI) information)

Article 3.6, which states that “Member States shall endeavour to ensure that international calling line identification (CLI) information is provided taking into account the relevant ITU-T Recommendations,” was adopted without any changes. As calling line identification (CLI) is undefined in this proposal, later ITU-T Recommendations could define the term broadly, raising privacy and online anonymity concerns. Second, the proposal could apply to calls that are routed over the internet, using technologies such as VoIP, which problematically expands the scope of the ITRs to include aspects of the internet, and could problematically include IP addressing information in the definition of CLI.

The new right of access of Member States to international telecommunication services

These ITRs establish a new "right" for member states of access to international communications services. While we tend to support any effort that expands access to telecommunications and internet services, this is an inappropriate use of the ITRs. First, rights such as these apply to individuals, not member states. Each member state has its right of sovereignty, which it partially gives up through becoming party to international agreements like the ITRs. Technical treaties should not add new rights for member states. Second, the ITRs are about promoting the development of telecommunication services and their most efficient operation, not human rights, and the ITU is not a body with expertise on human rights. Access supports the notion that telecommunications infrastructure should be open to all states, and recognizes that member states such as Cuba have limited access to critical infrastructure due to US sanctions. However, other forums such as the World Trade Organization, rather than a treaty in which the US has refused to become a party, are better suited to resolving these conflicts. Accordingly, addition of this provision should have been avoided.

While these proposals are bad, the ones below are worse.

The Ugly

Article 5B (on endeavoring to prevent unsolicited bulk electronic communications)

Article 5B, which now states that “Member States should endeavour to take necessary measures to prevent the propagation of unsolicited bulk electronic communications and minimize its impact on international telecommunication services,” had one significant change from the Chairman’s initial compromise proposal. “Communications” replaced the term “messages.” Like “electronic messages,” “electronic communications” is not defined in the ITU Constitution, and is therefore open to interpretation. Indeed, the provision fails to limit the scope of the mediums over which these bulk communications travel to only traditional telecommunications, which means it could include communications traveling over the internet. As the ITU is government-centric, lacks transparency, excludes key stakeholders, and fails to promote a multi-stakeholder approach to internet governance that was embraced by the world's governments at the 2005 World Summit on Information Society (WSIS), which was convened by the ITU, it is a problematic forum for the development of internet policy.

Second, Article 5B continues to use “bulk” and “unsolicited,” which are both subjective terms that could lead to the blocking of protected expression. For example, member states could classify an unsolicited email sent by a human rights group to a few partners as a “bulk” email, and thus would be legitimizes in taking measures to stop its transmission. However, this message is simultaneously protected under Article 19 of the ICCPR, which protects the “freedom to seek, receive and impart information and ideas of all kinds.” That said, this entire provision is significantly blunted by Art. 1.1, which contains an explicit provision saying “These Regulations do not address content-related aspects of telecommunications.”

Third, “necessary measures” is a broad term that fails to effectively limit the expression that would be restricted to that allowed under Article 19(3) of the ICCPR and fails to include any due process requirements. The language “minimize its impact,” in turn, justifies the blocking of messages that a member state decides are of a bulk and unsolicited nature because it encourages member states to take affirmative actions to ensure a minimum impact on international telecommunications, even if that expression is protected under international law.

Fourth, encouraging member states to cooperate implies that information will be shared among member states. However, this provision fails to include any language limiting the types of information that can be shared or ensuring that user privacy and due process, as protected by Article 17 of the ICCPR, is not violated.

Finally, while the human rights-protecting language included in the preamble does serve to limit the ability of member states to violate the human rights of its citizens to an extent, it is not completely effective. The preamble’s language on member states “respect[ing] and uphold[ing] their human rights obligations” is high-level and fails to address the specific substantive provisions, such as 5B, that raise human rights concerns. Doing so would have drawn attention to the human rights concerns of each specific threatening proposal, and put member states on greater notice that human rights may not be violated in implementing those provisions. Neither does it specify the specific human rights concerns - namely, freedom of expression, the right to privacy and due process - that are threatened by the ITRs.

Article 5A (on endeavouring to ensure the security and robustness of international telecommunication networks)

No substantial changes from the Chairman’s compromise proposal were made to Article 5A, which requires member states to “individually and collectively endeavour to ensure the security and robustness of international telecommunication networks,” and it continues to raise human rights concerns. Working collectively to ensure security necessarily implies that information will be shared among member states. Absent due process requirements, this is worrying. Specifically, this provision fails to include any language limiting the types of information that can be shared, with whom it can be shared, or ensuring that user privacy, as protected by Article 17 of the ICCPR, is not violated.

Moreover, “security” is an ambiguous and oft-used excuse of authoritarian regimes to legitimize censorship. To that end, it’s important to note here the UN Human Rights Committee’s General Comment 34 which provides official interpretive guidance of Article of 19 of the ICCPR, including nuanced discussion of when free expression may be restricted for the purposes of national security or public order.

Resolution to foster the greater growth of the internet

In the late hours Wednesday night, a new resolution “to foster the greater growth of the internet” was passed in a procedurally flawed manner. The Chairman of the Conference stated that he “wanted to have the feel of the room on who will accept the draft resolution. If you can use the big board, please. To have the resolution included.” Plates were raised. He then took another “feel of the room” and asked “who is against this resolution.” An ostensibly different set of plates were raised. He then declared that “[t]he majority is with having the resolution in.”

The Chair then began to move to the next topic, the preamble and the proposed addition of text on human rights obligations, but first recognized Spain. Spain proceeded to ask: “[a]s a point of order, I would like you to clarify whether the temperature you were taking was simply a taking of the temperature. Has it now been interpreted as a vote and had we known that it was a vote, we might very well have acted differently.” “No,” the chair replied, “it was not a vote, and I was clear about it.”

Yet, the above text demonstrates he was not clear. Determining the existence of a majority necessarily entails a determination as to the percentage of a group that supports a proposal - that is a vote. It certainly cannot be considered a consensus. Moreover, the Chair did not give an opportunity for member states to abstain, nor did he announce the results of “the vote.” As our friends at CDT have noted, “[t]here is no governance body in which this type of informal “temperature-taking” would constitute legitimate final decision-making.”

As a result of this muddled process, there is now a resolution “resolving to instruct the Secretary-General to continue to take the necessary steps for ITU to play an active and constructive role” in internet governance. While it is our understanding that the resolutions made at the WCIT are non-binding, the Secretary-General might treat them as binding, which effectively creates a dangerous mandate for the ITU to continue to hold discussions and shape norms about internet policy in similarly closed fora into the future.

This resolution was a way of putting the issue of internet governance at the ITU - as had been proposed by Russia and others - aside for now in the interest of a "successful conference" in order to reserve a role for the ITU in this space later. Indeed, the language in the resolution itself read narrowly out of context is not as problematic as it is in context, where it's a real cause for concern and feels like a power grab.

As we’ve learned since our post on the “internet resolution,” the plenary debate on this resolution was in many ways also a proxy vote on the infamous Document 47, the proposal by Russia, UAE, China, Algeria, Saudi Arabia, Iraq, Sudan, and Bahrain, which would have extended the ITRs to include internet governance and contained numerous provisions that threatened human rights online.

After the US proposed to delete the resolution in its entirety -- showing no willingness to wordsmith the paragraphs they took issue with -- the Secretary-General warned that he “made sure in negotiating another Article that was to be put in the body of the resolution, of the ITRs. Concerning the Internet. This resolution is a basis of that compromise....So if we were to eliminate this, that was a compromise that will come on the table.” In other words, a suppression of the resolution would lead to a reopening of the whole debate, which obviously no one wanted.

Closing thoughts

While there’s a lot not to like about the new ITRs, ultimately several major disasters were averted. Indeed, from what we can tell, the internet as we know and love it, is going to stay largely the same for now.

However, given that red lines were crossed for several states, we’re already seeing delegations from the developed and developing world alike indicate that they won’t sign the new ITRs. The open internet and the free exercise of human rights benefits all users and states, not just those in the developing world. While many are painting the push to reject the ITRs as a US-led, developed countries walkout, it’s worth noting that only about half of the countries rejecting the treaty are members of the OECD.

Finally, the ITRs do not come into effect until January 2015. A lot can and will likely happen between then and now. In particular, the ITU is hosting the World Telecommunications Policy Forum (WTPF) in May in Geneva, which the ITU website describes as a “high-level international event to exchange views on the key policy issues arising from today's fast changing information and communication technology (ICT) environment.” This is likely to be the next time governments will come together to debate these issues. Worryingly, WTPF is a forum that is explicitly about the internet and ICTs, and so many of the most contentious issues that were suppressed during the WCIT may pop up there. We’re planning to be there, defending and extending the digital rights of users at risk around the world.

We’ll issue a final WCIT WATCH report on our blog soon. For further information on the WCIT, please see our ITU Resource Center.

Jochai Ben-Avie and Matt Friedman contributed significantly to this post.