Mapping power and jurisdiction on the internet through the lens of government-led surveillance

    Activiteit: Academic presentationAcademic

    Description

    On June 6 2020, seven years have passed since Edward Snowden started his revelations on governmental misuse of surveillance capabilities. The impact and meaning of his actions are still subject to vivid discussion. Snowden has recently refuelled this discourse with the publication of a memoir entitled ‘Permanent Record’, but despite considerable echo in the press and civil society campaigns not much seems to have changed. At first glance this is surprising since actors such as the United Nations and the Council of Europe have undertaken several efforts to support human rights, democracy and the rule of law in the digital age. Furthermore, the United Kingdom (UK) and South Africa admitted bulk surveillance in court. Observing more closely however, Snowden’s activities might unintentionally have catalysed a process which leads to more fragmentation of digital space.

    In a section entitled ‘The dark side of hope’ in his 2018 book on the culture of surveillance, David Lyon describes the ex-employee of a contractor of the United States National Security Agency as a thoughtful technical expert, who believes in the potential for democratic and human development through the internet. In addition, Lyon points out that Snowden revealed some of the secret mechanisms contributing to creating a world in which the majority of humans remain poor and dependent. First and foremost, the fact underlying Snowden’s revelations is that ‘today’s surveillance undoubtedly contributes to and facilitates this world’. From this perspective, it is not surprising that many societies and states choose to reduce exposure of ‘their’ data to a multilateral setting with complex and hard to control implications. Rather, they shift the focus on immediate political and economic interests. This is probably not the reaction that Snowden and his supporters might have hoped for, since it will most likely not result in more protection for human rights in the short term. However, it is the easiest answer to a myriad of complex questions.

    The motives of states vary as they engage in this process of reassurance. Some focus on strengthening internal security and stability, which typically takes the form of creating legal frameworks with the objective to facilitate access to personal data for law enforcement agencies. Concrete examples are the e-Evidence package of the European Union (EU), or the United States with the Clarifying Lawful Overseas Use of Data Act (CLOUD Act). Whereas e-Evidence tries to make investigations across member states of the EU easier by removing the requirement for review by local national authorities as ‘middlemen’, the CLOUD Act enables the US administration to sign agreements with states like the UK and Australia to make cross-border data access quicker and easier. Both of these legal frameworks aim at circumventing the complex and time consuming mutual legal assistance procedures enshrined in traditional international agreements (MLAT).

    Other countries have started to focus increasingly on maintaining external security and national sovereignty. For example, the Russian Federation has enacted regulation to strengthen the autonomy of the Russian part of the internet, which follows up on an earlier law requiring that servers containing personal data of Russian citizens have to be located on state territory. If one reacts sceptically to this type of decisions, one should take into account that discussions on ‘digital sovereignty’ are not only taking place in seemingly ‘inward looking’ countries, but also seemingly open-minded ones such as Germany. At the same time, the People’s Republic of China seems not to distinguish between political and economic power and pursue regulation that also limits international exchange of economic data flows.

    These observations create the impression that the interest to invest in further development of a multi-stakeholder mechanism for Internet Governance is limited. This mechanism gathers states/governments, the private sector, civil society, intergovernmental organisations, international private organisations, as well as the academic and technical community to shape the global internet through interactive discourse. Organisations such as the Internet Corporation for Assigned Names and Numbers (ICANN), the Internet Governance Forum (IGF), or the International Telecommunication Union (ITU) take prominent roles in this process. They differ considerably when it comes to democratic anchorage, legitimacy, representation, as well as regulatory authority, which results in undeniable tension with institutions of traditional governance. While some national administrations fear loss of sovereignty, several groups of civil society feel under- or non-represented. Hence, the decentralised and universal nature of the internet, which are both paradigms that the multi-stakeholder mechanism traditionally supports, has become subject to sceptic scrutiny. Scholars such as O’Hara and Hall argue that there are already four internets: A heavily regulated European ‘bourgeois’ version that prides itself with its dedication to human rights and ethics, the US version with its strong focus on monetisation and economic activity, the authoritarian internet of China where social cohesion and surveillance mean the same, and the internet of misinformation and hacking associated with the Russian Federation, North Korea and other ‘rogue states’.

    If anything, this makes clear that the nature of the internet is still developing. Since John Perry Barlow published the ‘Declaration of the Independence of Cyberspace’ the digital sphere has evolved considerably. The internet has become an important layer of social interaction which also means it has become more than a mere passage of data flows. While the idea to regulate it similarly to what Hugo Grotius suggested for the High Seas in 1608 seems appealing - particularly to those primarily concerned about the free passage of data packages - the technical infrastructure that constitutes the internet cannot be qualified as ‘res nullius’. In contrast to the High Sea, the internet does not lend itself neutrally to any kind of activity. In this context, Melvin Kranzberg’s first law is not the only thing that comes to mind (‘technology is neither good nor bad; nor is it neutral’). As inhabitants of industrialised and more developed countries face the looming threat of being replaced by ‘superintelligent’ autonomous machines, the rushed and under-reflected adoption of ‘digital identities’ might further widen the gap of inequality with less-developed areas of the world. Hence, as the rapid mass-adoption of information technology and autonomous systems continues, this urgent question emerges: Is it possible to create a trustworthy and universal digital space, based on human rights principles and values, which might be able to prevent a dystopian future with limited opportunities for information exchange and undignified data-driven economies whose purpose is to fuel fantasies of political hegemony?

    The objective of this paper is to identify potentially useful regulatory strategies that at least mitigate or avoid (further) balkanisation/fragmentation of the digital space. This process of fragmentation has also been described as movement towards a ‘splinternet’. Once it is completed, the remaining digital information networks will have turned away from the three central principles of openness in terms of universal cross-border data transfer, trust in terms of faith in other users, and decentralisation which supports resilience and freedom. The lens through which the regulatory strategies will be identified is government-led surveillance as defined in the methodology section of the paper. After analysis of two proposals for the regulation of government-led surveillance with a universal perspective, available strategies to manage power and jurisdiction on the internet will be discussed. At the end of this exercise it will be concluded whether regulatory frameworks that respect, protect and promote the internet as one global space are feasible under current circumstances.
    Periode2-sep-2020
    EvenementstitelBorders, Bordering, and Sovereignty in Digital Space
    EvenementstypeConference
    Mate van erkenningInternational