By Kayle Giroud
“How concerned are you, if at all, that some of the information you share on the internet – including social media – might be accessed by criminals without your knowledge or permission?”
The European Union Agency for Fundamental Rights conducted a survey to support the launch of the European Commission’s new Security Union Strategy 2020-2024, focusing on people’s personal experiences of everyday crime victimisation. According to their results, 55% of people are concerned about illegal access to data in the EU, and approximately 1 out of 4 people are very worried about unauthorised use of their online bank account or credit card details (FRA, 2020). These concerns and experiences relating to security provides a comprehensive view on opinions concerning fundamental rights on the internet. Indeed, cybersecurity is inexorably linked to human security, which is a fundamental human right.
Cybersecurity as a Human Rights Issue
There is no universal definition of cybersecurity, however, it usually refers to the practice of ensuring the integrity, confidentiality, and availability of information.
Integrity. According to the 2019 Worldwide Threat Assessment report, cyber is the number one global threat. The cyber threat environment is changing as criminals are more likely to manipulate or alter data rather than deleting it. This could be used to target election systems – such as by tampering with voter registration or disrupting the vote tallying process – weakening democratic institutions, and violating the right to take part in the government and the right to equal representation in public and political life.
Confidentiality. There are countless examples of the confidentiality of information being compromised, whether through data breached for financial gain, government surveillance or targeted attacks on human rights defenders or journalists, in violation of their right to privacy among other rights. Cybersecurity is not experienced evenly by everyone. Human rights defenders, journalists, and people in positions of marginalisation or vulnerability can experience particular risk.
Availability. Denial of availability of information, in the form of network shutdowns, restricts access to information and the ability of people to express themselves, assemble and associate, as well as enjoy a range of economic, social, and cultural rights. On June 25, 2020, the Economic Community of West African States (ECOWAS) Community Court issued a pivotal decision for the right of freedom of expression in the ECOWAS region. Access to the internet has to be protected under the law, the court ruled, and by shutting it down during the anti-government protests in 2017, the Togolese government violated human rights.
As more people and devices are connected, the risks that come with cyber insecurity will only increase. However, governments are not often centring cybersecurity discussions on human rights. They use two main sorts of narratives. One is the narrative of national security; a narrative of control. The other is a narrative of shared common good and an enabler of fundamental rights. Under that framing, cybersecurity is about the integrity of the system and the protection of individual users. The general vision, as shared by the Global Cyber Alliance, is to “champion an open, free, and secure internet to enable all members of the society to generate growth and opportunities online.”
The basic idea behind this vision is that “cyber” is a constitutive element of our societies- its physical, economic, social, and political elements – and its security is essential to our fundamental rights. Because of its essential role for our societies, cybersecurity should be managed in the public interest and be provided without profit to everyone, everywhere.
The author, Kayle Giroud, is the Partnership and Business Development Assistant, EU and Africa, at the Global Cyber Alliance. You can follow her on Twitter and connect with her on LinkedIn.