Access is celebrating International Human Rights Day by bringing you a series of blog posts about our work and its intersection with the right to privacy. Privacy is a fundamental human right codified in Article 12 of the Universal Declaration of Human Rights, which was signed 65 years ago today.
Human rights are universal, interrelated, interdependent, and indivisible: we must protect each one to enjoy them all. The right to privacy ensures the protection of our rights to freedom of expression, association, and conscience, and is the foundation of democratic governance. With privacy under attack all around the world, Access is taking today to recognize its importance.
News broke last week that the US government is surveilling the location and movements of international cell phones, collecting 5 billion daily records of cellphone location data. An official confirmed the bulk collection of data through fiber optic cables in the US, saying intelligence agencies do not intentionally target cellphones in the United States.
The response is a typical one, but stands out on UN Human Rights Day. Throughout the surveillance revelations, the NSA has given little to no protection or concern for the human rights of foreign users in their mass surveillance programs.
Those users, in turn, have few remedies, and may not even know their calls and mobile phone usage is surveilled by the NSA. Exposure can occur simply because their provider’s parent company made a deal to route calls through US networks, for instance. In fact, users don’t even need to make calls to fall prey to the NSA, as cell phones routinely ping local towers, creating records of the user’s location. Even with your phone off, with the right malware installed, a cell phone tower can still ping your device and get its location.
Yet even as we gain on an almost daily basis new understandings of the astonishing scope and scale of state surveillance, which is being fed by data collected by the private sector, the human rights discourse in the ICT sector has remained troublingly underdeveloped.
Ironically, the private sector was barely an afterthought in the first international human rights instruments.
Human rights and business
The preamble to the Universal Declaration of Human Rights (UDHR), the founding document of the United Nations signed in 1948, calls on “every individual and every organ of society” to promote and respect human rights. The UDHR responded to the Second World War, where government-led armies tore each other and societies apart. Though there were corporate abuses in that era and before, from the transatlantic slave trade up to corporate collusion with the Nazi regime, the focus was on limiting government power.
Only relatively recently have we concentrated on the meaning of the UDHR’s “every organ of society.” According to late international law scholar Louis Henkin1, we now understand that “every individual and every organ of society excludes no one, no company, no market, no cyberspace. The Universal Declaration applies to them all.”
Though decades have passed since the UDHR was signed, the discourse on business and human rights is still in infancy, especially in the information and communications technology (ICT) sector. Disastrous impacts on human rights by various industries, like mining, oil, and apparel production, galvanized the public, and led to voluntary frameworks and mechanisms in those sectors. None have been more successful than the two foundational documents that delineate the interdependent roles of businesses and governments: the Ruggie “Protect, Respect, and Remedy” Framework and UN Guiding Principles on Business and Human Rights. These documents make clear that companies have a responsibility to respect human rights and, along with governments, remedy abuses when they occur. Showing enthusiasm for this work, some 1,700 participants recently flooded Geneva for the 2nd annual UN Forum on Business and Human Rights.
Remedy and telco users everywhere
The rights abuses often seen in the telco sector, from unlawful collection and sharing of user data, to infringement on free expression through network disruptions, often occur at the behest of states, which makes non-judicial remedy so important. Indeed, where governments and courts cannot — or will not — provide those affected with access to remedy, the UN Guiding Principles still oblige companies to counteract the abuse.
For example, when the NSA scoops up cell records from fiber optic cables in the US, foreign users cannot access US courts to find adequate redress for these privacy violations. In these cases, those telcos whose users are affected by the bulk surveillance could notify their users, set up grievance mechanisms, and hear complaints. Taking this a step further, telcos could work with civil society and other stakeholders to present analyses of these complaints, in a suitably anonymized fashion of course, to lawmakers to advocate for change. To assist telcos in realizing the “Third Pillar” of the Ruggie Framework, the Access Telco Remedy Plan outlines pragmatic procedural and substantive steps telcos can take to provide effective access to remedy, which is critically needed in the face of sweeping government surveillance.
On Human Rights Day, we call on all telcos to create and implement policies on remedy, whether for privacy violations or other human rights abuses, and continue striving to meet their human rights responsibilities, particularly in the face of wrongdoing by states.