What is at stake for human rights in the design of Internet protocols?
BY BEATRICE MARTINI
Over the last decade, political and legislative bodies have started to codify the relationship between the Internet and human rights. In 2012, the Human Rights Council (HRC) of the United Nations adopted a resolution to protect the free speech of individuals on the Internet–the first UN resolution of its kind. In 2014, a UN General Assembly resolution called on states to “respect and protect the right to privacy” in the digital age. These efforts have mostly focused on safeguarding human rights online from a legal and regulatory perspective. However, they did not consider how the development and governance of the Internet infrastructure can affect the rights of Internet users.
A critical component of this infrastructure are Internet protocols, which define the rules and conventions for communication between networks. By enabling and controlling the exchange of information at a global scale, protocols have the potential for far-reaching economic and social consequences.
This article will provide an introduction to Internet protocols, explain how their design can affect the rights of global users, and describe possible paths to a human rights enabling approach for developing and maintaining the Internet infrastructure.
From cultural to networking protocols
The protocols employed in information technology are not unlike cultural protocols used in everyday human interactions. For instance, people have established ways to greet one another in different contexts and cultures. This is an example of a set of conventions that instruct acceptable conduct to be followed in a specific situation. While these protocols for human connection are not necessarily represented in the law, they nonetheless regulate communication.
Similarly, networking protocols are sets of rules and conventions for communication and data transfer between network devices. They outline the procedures that ensure interoperability among the heterogeneous technology products that adhere to them. Just like cultural protocols, they specify the interactions between the communicating entities, in order to make sure that both sides speak the same language and handle information in the same way.
Implications of protocol design on user rights
Because networking protocols are points of control over global information infrastructures, they have significant political and economic implications that affect the rights of global users. In Protocol Politics, Laura DeNardis articulates several ways in which protocols can affect the public interest. These include:
- Their content and material implications can affect fundamental rights such as privacy, security, anonymity, freedom of expression and information.
- They can affect formal and informal systems of political representation, thereby influencing security and transparency of the technologies underlying democratic processes.
- Released in a proprietary format, they can become a barrier to open, interoperable, nondiscriminatory and affordable access to the Internet.
- They can create and allocate the finite resources required for access to information networks, such as the assignment of rights of access to broadband and cellular services.
- Their development and adoption are closely related to questions regarding which stakeholders have greater control over them and the limited resources they create, and how these resources are distributed, ultimately raising significant issues of distributive justice and economic concerns.
Thus although the public policy embedded in protocols can contribute to advancing the protection of human rights online, their properties can also be exploited by actors, such as authoritarian regimes, to restrict access, limit freedom of expression, and impose censorship.
Technical decision-making as a matter of social policy
As the number of global users accessing information and communications online grows constantly, the Internet can increasingly be considered an environment where human rights like freedom of expression, information, association and the right to privacy should be protected. Moreover, it can be argued that the Internet infrastructure should be designed to enable human rights in the digital space.
How a rights-enabling infrastructure should look, what is needed to develop and maintain it, and who could or should advocate for human rights in the spaces designated to shape the Internet, are all questions that are currently objects of research and debate. Imagining possible answers to these questions is not an uncomplicated endeavor, particularly due to the unique complexity of the governance of the Internet infrastructure.
Because of its globally distributed nature, the Internet does not have a central governing body, and its interoperability is managed by a multitude of public and private entities. Although governments can determine national policies that have implications on the work of Internet operators and infrastructure providers operating within their borders, their direct influence on Internet governance bodies is limited. Internet governance transcends traditional government-centric mechanisms like national statutes or intergovernmental treaties. It is collectively enacted by the design of technology, the policies of private companies, the administrative functions of global standard-setting organizations, as well as national laws and international agreements.
The current multistakeholder Internet governance arrangement allows civil society organizations – where human rights advocacy has its strongest representation – to directly participate in the creation of the policies that govern the Internet. However, while established paths of human rights advocacy most often take the form of legal resolutions and the reform of governmental and corporate policies, engaging with Internet protocol development presents very different challenges. Exerting authority to influence the design of the Internet infrastructure requires the capacity to address technical issues that many civil society organizations lack. For instance, technical engineering proficiency is a fundamental skill for effectively identifying and improving the protocol design work impacting human rights, and this skillset is not often found within human rights advocacy teams.
Although driven by very different agendas, private corporations and governments can also steer the development of the Internet. Yet by meeting their commercial and political needs, these entities may ultimately neglect issues affecting user rights. For this reason, strengthening the participation of civil society in the decision-making processes that shape the Internet is fundamental to protecting all users’ ability to exercise their human rights online.
Decision-making about Internet technology design is effectively social policy. So what does this mean to advocate for the protection of human rights via technical systems, instead of legal structures?
An attack to the infrastructure and its users’ rights: Internet censorship
An example of how the design of the Internet infrastructure can be used to restrict the exercise of human rights online can be observed in censorship regimes that have blocked or degraded Internet traffic by exploiting the properties of protocols.
To understand how this works, it is important to explain the Internet Protocol suite, which represents a fundamental portion of the standards required for end-to-end operability over the Internet. The Internet Protocol suite is the conceptual model and set of communications protocols used in the Internet and other similar networks. It is commonly known as TCP/IP because the foundational protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
The TCP/IP may be imagined as a set of four layers: the Link Layer, the Internet Layer, the Transport Layer and the Application Layer. The Link Layer refers to protocols defining the interfaces between a computing device and a transmission medium. Above it is the Internet Layer, which has the responsibility of transferring data between the source and the correct destination. The Transport Layer refers to protocols responsible for ensuring that information has successfully been exchanged between two network nodes. Finally, Application Layer protocols are used by most applications for providing user services or exchanging application data over the network connections established by the lower level protocols.
Today’s censors can identify content for filtering through points-of-control at different layers of the Internet Protocol stack. Broadly speaking, the censor starts by detecting transmitting packets and identifying undesired content, and then uses a blocking or shaping mechanism to prevent or impair access to specific traffic.
Yet this process for interceding in communications and preventing access to censored materials can take different forms. The following is a brief summary of different types of technical interferences that affect the network, also described in further detail in the resource “A Survey of Worldwide Censorship Techniques”.
For example, at the application layer, a censor can impede or filter access to content by altering responses from the Domain Name System (DNS) by blocking the response, replying with an error message, or responding with an incorrect address.
At the transport layer, the censor can degrade the performance of the relevant network connection; choose to not properly forward any packets which are deemed associated with undesirable traffic; or interfere with the network through packet injection, using a machine-in-the-middle technique that spoofs packets in an established traffic stream.
Other ways to interfere with Internet traffic include Distributed Denial of Service (DDoS) and network disconnection. Distributed Denial of Service (DDoS) attacks are characterized by an explicit attempt to prevent the legitimate use of a service, most commonly by flooding or crashing it. The network can be cut off in a region by withdrawing all the Border Gateway Protocol (BGP) prefixes routing through the censor’s country.
Several engineering efforts are underway to address various of the aforementioned concerns. For example, the DDoS Open Threat Signaling (DOTS) working group at the Internet Engineering Task Force (IETF) is currently developing a standards-based approach for the realtime signaling of DDoS related telemetry (a technology that allows measurements to be taken from far away) and threat handling requests and data between elements concerned with DDoS attack detection, classification, traceback (detecting a node on the attack path), and mitigation.
Technical competence is a fundamental prerequisite for developing protocols, and as such it falls under the purview of engineers. But because the design of protocols can involve decisions that affect users’ rights online, it can be argued that the participation of other stakeholders, such as human rights advocates, should be required for their development.
Envisioning a rights-enabling Internet infrastructure
Additional investigation and prototyping is still needed to identify what would constitute a rights-enabling Internet infrastructure, and which practices and processes could be employed to work towards its development. In the meantime, critical efforts that can lay the foundation for human rights advocacy that protects user rights online include:
- Produce research that demonstrates how properties of the design of the Internet protocols can be used for purposes that can endanger user rights, such as freedom of expression and information, and the rights to privacy, anonymity, security. This research would be critical to providing common ground for discussions on the human rights implications of protocol design, particularly in environments where the rights-focused approach may be countered with an argument that protocols are a “neutral” technology.
- Prototype pathways to strengthen the inclusion of human rights-focused perspectives in Internet protocol design processes. Because envisioning a rights-enabling infrastructure is a matter that requires knowledge of coding, advocacy, policymaking, and the law, it is essential for this effort to be conducted through a multidisciplinary approach. At the same time, the outputs of such effort should be expressed in a format that demonstrates understanding of the technical implications of protocol development and implementation.
- Experiment with different approaches for engaging with protocol development. To date, human rights technologists and advocates have already started to consider a variety of l approaches, ranging from analyzing existing protocols and their potential impact on human rights, to proposing guidelines to protect the Internet as a human-rights-enabling environment in future protocol development.
- Create accessible resources designed for different technical and non-technical stakeholders – including human rights technologists, advocates, policy makers, users – to inform them about how the inner workings of the Internet infrastructure can have an impact on human rights. It is critical to build technical capacity across sectors, so that more technologists, practitioners and policymakers can participate in advocating for human rights on the Internet.
How to delve deeper
Because the design of Internet protocols can contribute to, advance, or hinder the protection of user rights online, it is fundamental for human rights advocates to increase and strengthen their participation in the decision-making processes that shape them.
Becoming familiar with the inner workings of the Internet infrastructure, the multiplicity of stakeholders involved in its governance, and the technical decisions about protocol design that shape our Internet infrastructure and thus our societies, is critical to protecting human rights on the Internet.
If you would like to delve deeper into this topic, below are a few resources for learning more about the relationship between Internet technologies, protocol design, user rights, and global powers:
- Inventing the Internet, Janet Abbate
- Laying the Path: Governance in Early Internet Design, Sandra Braman
- Protocol Politics: The Globalization of Internet Governance, Laura DeNardis
Beatrice Martini (@beatricemartini) is a Research Fellow at the digital HKS program at the Harvard Kennedy School. She has a profound passion for the Internet and its workings, professional experience in the field of human rights and technology, and insight into contributing to advocacy efforts at international levels. Her current research focuses on the implications of Internet infrastructure design on human rights. Further information about her work is available at beatricemartini.it.