Berlin, Germany; 12-13 June 2014
In this plenary we consider the overlaps, and disconnects, between three sorts of aspirations for the internet, and internet policy-making; (state) security, internet governance principles, and human rights and fundamental freedoms. For some these concerns are irreconcilable. For others they must be reconciled for internet-dependent communications to be resilient, accessible for more than a wealthy and educated minority, and to function in democratic rather than oppressive ways.
For others, the trend in rights-based declarations of intent or high-level agreements on broad principles do not deal adequately with the changing circumstances of internet design, access, and use. Nor are these sufficient for ensuring that governments, private service providers, and citizens access and use web-based goods and services in rights-based and principled ways. The devil here is in the details and knowledge of these details is not accessible for all. What everyone does agree on, however, is that decisions that have implications for internet design, access, and use lie at the heart of political, economic, and everyday life whether we like it or not. Recent events underscore the need to ensure that human rights and freedoms can be protected and enjoyed online not only today but also in the future. UN agencies, and high-level meetings have been producing landmark statements recognizing that human rights online matter (e.g. the UNHRC, NETmundial), with signatories undertaking to work together to develop principles for internet governance processes within a rights-based framework. Legal experts, the technical community, and civil society representatives have been mobilizing to see this wave of high-level recognition and non-binding agreements can be put into practice in palpable ways. However, opinions differ markedly on how exactly, on what the priorities are (e.g. state security versus personal privacy), by whom (e.g. governments or multistakeholder institutions). Opinions also sharply differ on who foots the bill, the means by which decisions are made, and for whose benefit.
In this plenary we consider the interrelationship between (state) security priorities, internationally agreed sets of principles for internet governance, and international human rights norms from a range of perspectives. It unpacks different understandings of what these three goals mean for specific situations (e.g. law enforcement, the rights and security of children and young people, people with disabilities) and present their visions for how these goals can be reconciled for the future; particularly as the present has been marked by the Snowden revelations of mass surveillance online and its aftermath for engineers, politicians, businesses, activists, and ordinary people. Plenary participants come from a range of stakeholder groups; rights-holders and technical communities, intergovernmental organizations, advocacy groups, and scholars. In light of the game-changing events of the last year the primary goal of this plenary is for participants to share knowledge, articulate their main priorities, and agree to three action points to take forward.
The format for this session inaugurates a “360°” participatory model; key participants from the podium will be joined by invited participants speaking from the floor. Interventions will be brief to allow more time and opportunity for invited guests to share their knowledge and details from their areas of expertise. Audience input is welcome provided that interventions are also brief. The moderator reserves the prerogative to interrupt long interventions if need be.


Jeannette Hofmann, WZB, Academic/Civil Society
Xianhong Hu, UNESCO, Inter-governmental organization
Jan Malinowski, Council of Europe, Inter-governmental organization
Annie Machon, Former British Intelligence Officer and Whistleblower, civil society
Sir Richard Tilt; Internet Watch Foundation, Civil Society
Leonid Todorov, Technical Community/Civil Society

Podium Participants will be joined from the floor by: 

Olivier Crepin-Leblond, Technical Community
Gry Hasselbalch, Danish Media Council for Children and Young People
Michael Rotert, eco/Private Sector
Moderator: Marianne Franklin (NZ), Academic/Civil Society
Remote Participation/Twitter Wall Moderator: Viktor Szabados (Hungary), Civil Society/Youth
*To reiterate, this plenary is organized in order to ensure depth and breadth of content and 360° participation. Interventions will be brief and in response to the discussion theme. 

Questions for Discussion

Here are some preparatory questions to frame the discussion, based on preliminary discussions and as a guide to our thinking and debate during and after the plenary.


1) Security: How do we understand security in an internet age? Do we need to rethink what we mean by security?
Are these three goals interdependent, or mutually exclusive in practice?
How to balance state security concerns with the legal responsibilities power holders have (governmental and business, public institutions like schools) to protect human rights of citizens, customers, and other constituencies?
– how to do so when citizens’ data and digital footprints and online practices straddle more than one national border?
What other sorts of security are at stake online? For children, people with disabilities, socioeconomically disadvantaged groups?
2) Working Principles: What sorts of present, and past decisions on internet design, access, and use (over-)securitize parts of the internet, or unintentionally enable practices that undermine rights and freedoms (e.g., mass surveillance, data retention, flaming) and so lead to a “chilling effect” for people’s ability to speak, move, and think freely online?
– International/intergovernmental Sets of Internet Principles (e.g. NM, IRPC Charter, CoE Guide, PACE; inter alia): How to balance universality with particular – local – needs and priorities?
–  All sets of principles mention, or articulate human rights as fundamental, integral, and therefore indispensable to the future of the internet. How to identify principles that are human rights compliant?
– If such agreements are embedded in law, or agreed to as non-binding, or self-regulated undertakings, what are the implications for R&D and design decisions in the deeper layers of code and internet’s technical architecture: what should come first, the rights-based principles or the technical solution_


Recognition than human rights online must be protected and internet design, access and use must be able to ensure that people can enjoy human rights and freedoms online is one thing, but implementation is another.
– How to implement these decisions, terms of use, R&D in technical and legal terms?
– Who undertakes to ensure that rights and freedoms are upheld and if they are not where can people go? Is it an either-or between regulation and rule of law, or “self-regulation”?
– What sorts of mechanisms are in place, or are needed to ensure accountability and transparency, and intelligibility for non-experts looking for redress? E.g. privacy violations, takedown requests, misuses of personal data, bullying and online hate speech


In terms of awareness-raising, safe media use, and computer literacy concerns: who needs to be educated about these issues? Children or their parents? Local government officials or politicians? Engineers or Shareholders?
How can we reconsider these three issues, security in particular, for the next generation whose understanding of privacy, propriety, and security are forming online and through social relationships online?
Where do public service commitments and sustenance of public spaces online relate to security (state, personal, commercial) priorities where the internet is central?

Selected Resource Documents (Brazilian Internet Steering Committee), 2009, Resolution CGI.Br/RES/2009/003/P—Principles for the Governance and Use of the Internet,—Regulations, (signed into law by Brazilian President. Dilma Roussf, April 2014)
Council of Europe, 2014, Recommendation CM/Rec(2014)6 of the Committee of Ministers to member States on a Guide to human rights for Internet users, adopted by the Committee of Ministers on 16 April 2014 at the 1197th meeting of the Ministers’ Deputies;
Green Party of Aotearoa New Zealand, 2014, Internet Rights and Freedoms Bill,
Hivos International IG-MENA Project, 2014, Click Rights Campaign;
Internet Rights and Principles Coalition (IRPC), 2014: Charter of Human Rights and Principles for the Internet Booklet, 3rd Edition;
Internet Rights and Principles Coalition (IRPC), 2014, The IRPC Charter of Human Rights and Principles for the Internet, Contribution to the Net Mundial Global Multistakeholder Meeting on the Future of Internet Governance, 23-24 April 2014;
Kleinwaechter, Wolfgang, 2014, “PINGO: NETmundial Adopts Principles on Internet Governance, 10 May 2014,
Netmundial: Global Multistakeholder Meeting on the Future of Internet Governance, 2014, NETmundial Multistakeholder Statement, April, 24th 2014;
OECD, 2011, OECD Council Recommendation on Principles for Internet Policy Making, 13 December 2011, Paris: OECD;
UN General Assembly, 1948, Universal Declaration of Human Rights;
United Nations Human Rights Council, 2012, Resolution A/HRC/RES/20/8: Promotion and protection of all human rights, civil, political, economic, social and cultural rights, including the right to development, UN General Assembly: OHCHR,
United Kingdom House of Commons Home Affairs Committee, 2014, Home Affairs Committee – Seventeenth Report: Counter-terrorism, 30 April 2014,
US White House – Executive Office of the President, 2014, Big Data: Seizing Opportunities, Preserving Values, May 2014; (Chapters 3 & 6)


Participants were asked to send brief summaries of their response to the Plenary theme, provide an example or point of detail and three key points. 

Olivier Crépin-Leblond: Technical Community

Marco Civil – was a welcome document. Are other countries looking at implementing such a document? Unfortunately, probably not; Rather than looking at a bill of rights of Internet users, there is a strongly desired vision from some States and even sometimes from some agencies and lobbyists of focussing on Security of networks and robustness, mixing the two issues together: filtering of content & stability of Internet operations. These two issues need to be kept absolutely separate.
Internet as a “trusted” network is a network that needs to be robust on the telecommunications level –so as for it to provide reliable communications. As for trusted services on the Internet, this is another layer of trust altogether and today there exist several technical solutions to providing trust in Web sites, transactions etc. There is no need for mass surveillance to enable Internet Robustness. But using the term “Internet Security” can dangerously also mean content filtering and mass surveillance. Those in favour of such pervasive surveillance use strong arguments: child pornography; terrorism etc. Whilst there is a reality behind this, these arguments are based more on emotional decision-making than on real facts – but they manage to convince ministers by painting a picture which is not entirely true to itself. Child Pornography and Terrorism happen regardless of the Internet and should be combated everywhere.
On the technical level, we are seeing a technical arms race between States requiring stronger surveillance and organizations defending privacy & freedom of speech rights – TOR; Public Domain encryption; Stronger Open Source encryption mechanisms; privacy proxies etc. Ultimately, organizations and individuals that have something to hide will use those methods to avoid surveillance. The raising of stakes will continue on to “compromised” hardware on the one hand and stronger open source software encryption on the other, thus having the potential to slow information flow down for everybody – and that’s of course notwithstanding potential instability to the Internet brought by an ever more increasing end to end communication complexity. There is therefore no golden answer to this spiraling technical arms race and therefore progress needs to be made in Courts, Local Jurisdictions and on the International Diplomatic Stage.
Three brief points I would like to make clear:
1. Technology makes it easier to effect pervasive surveillance due to the dropping of storage space costs
2. Technology makes it easier to use stronger encryption due to the rise in processing power. We are therefore faced with an Arms Race on the technical front.
3. Clearly a political solution to pervasive surveillance will need to be found somewhere in the middle ground as Nation States will never give up the right to surveillance and people should never give up the right to freedom of speech

Gry Hasselbalch: Danish Media Council for Children and Young People

Over the past 10 years the “child online protection” debate has evolved. From a narrow focus on limitation of access to a medium (and a tendency to prioritize protection at the expense of youth’s access to knowledge, their FoE and rights to privacy), to a more nuanced perception of what the internet means to young people and to society in general. Today, we’re at a crossroads were education of youth, teachers and parents, and awareness of our role as digital citizens, is finally recognized as one of the most effective types of  “protection”.
However, one of the most fundamental challenges youth are facing today is embedded in the technology and the very infrastructure of their every day lives.  It is a common notion that every individual needs an early moment in life to develop freely. For this reason societies have always had a strong sensitivity towards surveillance of and building archives based on individual young people. Children and youth have a right to a “clear slate/record” when they step into adult life. But presently archives that shape young people’s opportunities are built pervasively everyday. Everything is recorded; likes, dislikes, friendships, habits, ideas, their changing identities. And there is no opt out.
Young people have a right to participate fully in society and societal processes and take full advantage of the technologies offered without having to accept the archives. And it is not up to them to create free spaces for them.
The internet is fundamentally broken.  It needs to be fixed before we start rebuilding trust among young people. We need a different approach to the way in which the very infrastructure of the public sphere is developed. Technical solutions and rights based approaches should therefore never be viewed as opposites. We need to think ethics from the beginning; in legal reforms, in design and business models.  We need models that empower young people to own their own data, to be in control by returning their initial choice to decide what they share with who, when and where.
1. We need to rethink the foundations of the infrastructure of young people’s primary public sphere.
2. Archives built on individual young people are extremely problematic
3. The fundamental challenge to privacy is embedded in the technology, and thus cannot be dealt with on a purely ‘social level’.
We need to discuss digital archives built on individual young people.

Xianhong Hu: Division for Freedom of Expression and Media Development Communication and Information Sector UNESCO

I may start by quoting the recent remarks by UN Secretary General on the Internet Security: “I am disturbed by how States abuse laws on Internet access. I am concerned that surveillance programmes are becoming too aggressive. I understand that national security and criminal activity may justify some exceptional and narrowly tailored use of surveillance. But that is all the more reason to safeguard human rights and fundamental freedoms. Some argue that they need to curtail freedoms to preserve order. I say they need to protect freedom or they will undermine order. The United Nations is closely engaged on all the issues on your agenda: Internet freedom, cybersecurity and the digital divide. We want to ensure that the Internet is an affordable, reliable, secure and trustworthy global public resource that can help empower people to improve our world”.
In specific to UNESCO’s discussion on these issues, I like to share in the last General Conference of UNESCO, our member States also observed that digital revolution is impacting on all spheres of public and private life. More and more personal and public information is collected, stored, processed and shared via the Internet. All this brings with it unparalleled opportunities as well as challenges.  Cyberspace is especially complex and sensitive, because of its transnational and multidimensional character. This calls for a holistic approach to address the broad range of issues relating to its access, participation and use. UNESCO is therefore mandated to conduct a comprehensive study on Internet related issues including access to information and knowledge, freedom of expression, privacy and ethics as well as options for the future. The process is ongoing.
From those documents already adopted by UNESCO governing bodies, four principles are especially important in guiding the approach of the Organization to the Internet. They point to the importance of an Internet for UNESCO that is human rights-based, open, accessible and multi-stakeholder participative (summarized in the acronym R.O.A.M.). As befits UNESCO as a universal organization, these principles are also the underpinnings for the universality of the Internet, which in turn is a sine qua non for reaching Knowledge Societies.
– Rights: For UNESCO, the right to freedom of expression applies, as do other rights, to cyberspace, and all persons should be safe to use this right. Accordingly, as the UN Human Rights Committee Comment states, any limitation of freedom of expression online should be the exception rather than norm. Further, the international standard requires that any restrictions must be provided by law, may only be imposed for legitimate grounds as set out in the UDHR, and must also conform to tests of necessity and proportionality. Restriction that exceeds these standards in any one locality has a direct global significance for users on the Internet elsewhere. UNESCO works worldwide to promote freedom of expression online and offline.
UNESCO follows the UDHR that human rights are indivisible, recognizing thereby that particular actions concerning the right to privacy can impact on other rights, such as the right to freedom of expression, and vice versa. As noted in 37 C/Resolution 52, “privacy is essential to protect journalistic sources, which enable a society to benefit from investigative journalism, to strengthen good governance and the rule of law, and that such privacy should not be subject to arbitrary or unlawful interference”. At the same time, as noted in the Discussion Paper prepared for the 37th General Conference, privacy may also not be used to shield violations of individual rights or to block the media from exposing these. Public interest must enter any calculation of reconciling rights, and Article 29 of the Universal Declaration of Human Rights sets out this test for the purpose and method required in this regard: “In the exercise of his rights and freedoms, everyone shall be subject only to such limitations as are determined by law solely for the purpose of securing due recognition and respect for the rights and freedoms of others and of meeting the just requirements of morality, public order and the general welfare in a democratic society.”
– Openness:  Freedom of expression online is linked to the principle of openness, particularly in regard to the international standards that advocate transparency in relation to restrictions on the right to expression. Open opportunities to share ideas and information on the Internet are integral to UNESCO’s positions on freedom of expression, media pluralism and inter-cultural dialogue.
– Accessibility: For UNESCO, freedom of expression online is also a question of how people use their access to express themselves on the Internet.  Media and Information Literacy is relevant to this question, particularly in regard to expression dealing with hatred and gender issues.
– Multi-stakeholder participation: UNESCO sees freedom of expression as a matter in which each individual has a stake. The Organization has long promoted bottom-up self-regulation as the optimum mechanism for promoting ethical and professional journalism; in regard to cyberspace it is also evident that online media independence entails self-regulatory systems and ethical principles which in turn need participative involvement to secure legitimacy and be effective. However, reliance on self-regulation should not be a mechanism for self-censorship or privatized censorship and thus undermining the enjoyment of human rights online.

Annie Machon: Former British Intelligence Officer and Whistleblower

The free internet is under mortal threat from two key directions. Firstly the global surveillance infrastructure that has been built by the NSA and its cohorts in other Anglophone and European countries aims to take all our communications and store them for an unspecified time. This has been facilitated by the access they have acquired via the global media companies such as Google, Facebook, Microsoft, Twitter, Skype et al (Operation Prism). This means that we can no longer freely and privately communicate information.
Secondly, the international conglomerates have been waging a war to protect copyright and patents, lobbying our governments and drafting international trade agreements such as TTIP to use ever more invasive technologies to protect their broken business model.  Often governments are co-opted to enforce the demands of this interest group, as we saw with the illegal takedown of Kim Dotcom’s Megaupload site three years ago with the accompanying FBI raid in NZ. This means we can no longer freely choose what information we can share over the internet.
As a former British intelligence officer in MI5, I was very aware of the failure of politicians to hold spies to account. Even if our governments have meaningful oversight laws and the political will to apply them rigorously, it is all too easy for the spies to lie to them. Faced with the global lobbying of international corporations, the concept of national oversight becomes even more meaningless.
The European parliament recognized this threat in its report into the Echelon alliance, published in July 2001.  If these recommendations had been implemented 13 years ago, Europe and its citizens would have a cyber infrastructure independent of the US intelligence hegemony and using open source standards rather than the closed, proprietary and compromised US corporate giants. It is the duty of our governments to uphold our basic human rights enshrined in the 1948 universal declaration and the European declaration. This includes our lives online
Key points of detail:

  • UK Foreign Secretary has stated he is satisfied that GCHQ has not broken any laws and he has full oversight of and gives authorization for its work. Firstly, the warrants he is signing off were designed in the 20th century to investigate specified individuals or groups, not to mainline into transatlantic fibre optic cables and intercept whole countries’ data (TEMPORA) nor whole international telephone networks (Vodaphone). Secondly, even if he were correct that GCHQ is operating legally under UK law, why on earth does the British Foreign Secretary think his authorization is sufficient oversight of the privacy of the other 440 million Europeans? They didn’t elect him (and actually nor did a majority of the British people).
  • By curtailing the powers of the spy agencies, we could restore the internet to its original functionality and openness while maintaining the right to privacy and free speech — but maintaining a 20th century copyright/IP model at the same time is impossible. Or we could give up our privacy and other civil rights to allow specific protected industries to carry on coining it in. A last option would be to switch off the internet. But that is not realistic: modern countries could not survive a day without the internet, any more than they could function without electricity. As a society we’re going through the painful realization that we can only have two out of the three options. Different corporatist interest groups would no doubt make different choices but, along with the vast majority of the people, I opt for the internet and privacy as both a free channel for communication and the free transfer of useful information. The choice is simple: internet, privacy, security/copyright. We can only choose two, and I know which I choose.
  • Whistleblowers emerging from intelligence, central government and the military are the people most likely to have witnessed the most heinous crimes. Yet they are also the people who will be exempt from normal whistleblower protection laws, where they exist. They need an appropriate and effective channel to be able to report their concerns without risking a life in prison.

Jan Malinowski: Council of Europe

Over the years, many extraordinary threats to the Internet have been put forward. First there was spam, then phishing and fraud, Trojans, child pornography and grooming, and rampant cybercrime. These threats have been compounded by the development of cyber-war capabilities, cyber-drones, backdoors and exploits. National security was vaguely advanced to justify everything, or almost. But security and control without freedom, transparency and a participatory environment are tantamount to despotism.
There are fundamental rules and human rights principles that apply to the Internet. The vast majority of countries have accepted them – 167 states are party to the International Covenant on Civil and Political Rights (ICCPR). Human rights are enforceable against state institutions in many of those countries and scores of them can be held to account before international bodies. 820 million people have a right to bring cases to the European Court of Human Rights. The 47 Council of Europe member states have formally committed themselves to preserving the integrity, universality and openness of the Internet, and have agreed on Internet governance principles and the concrete meaning of human rights on the Internet.
This will not resolve all of the problems. As in any sizeable community, there will continue to be mavericks, rule-breakers and antisocial conduct. In the international community there are also those who abuse the means at hand, and despots, without the conventional / cyber distinction. This should not deter us from the objective of protecting and promoting human rights and the rule of law also on the Internet, alongside its universality, integrity and openness. Window dressing and paying lip service to Internet freedom will not do. We need to fight to preserve our imperfect democracy, which remains the best form of government we can have.
And the key questions I would raise are:
– have we struck bottom on internet governance and there is a need to change?
– can someone guarantee that other arrangements will be better?
– what are the baselines that all willing stakeholders should be able to agree (and would allow to advance with those unwilling to commit remain spectators likely to join in later)?

Michael Rotert: eco- German Internet Industry Association

If you don’t mind I would like to touch the deep web or dark web (as it is the 25th anniversary of the start of the web project) with the following arguments: Whatever goes on governmental lists for blocking will appear in the deep web. So it doesn’t disturb the public anymore. So the more blocking the deeper the web would be my sarcastic comment. Additionally all surveillance from US, UK, China and others is really fertilizer for the dark side of the web. This means, the dark web is a mirror of what governments believe isn’t good for the public. This unfortunately includes criminal sites as well as gambling (for some countries) or Nazi stuff or anything the overacting Americans believe comes close to terrorism. This is the government side of the coin.
For the internet industry it isn’t that easy. You have search engines and other apps collecting data wherever they can. This moves people directly to anonymizers and to TOR in particular. So even if they only want to escape increasing data collectors, they end up in the dark and puts them in the neighborhood of criminals and drugs. I don’t think that this was the intention of those economic data collectors but it is one result. ISP industry is therefore in a very bad position. They only can try to avoid by direct blocking which would boost the run into the dark web or do nothing. I think a very bad idea is to make everything public and thereby make people curious to detect and explore the deep web. So it is definitely not a liability for ISPs to prevent people going into the darkness as what ever they do it increases the problem and who will trust a provider running an anonymizer for its customers (and delivering data to NSA and others)!
The only solution I can see is a “digital disarmament“ on a global scale. But that isn’t realistic as long as you have national firewalls (like in China etc.) the dark web will exist and you can’t get hold of it. Imagine the next IP protocol family IPv6 with its capabilities of real end-to-end communication without a server in between and you get a new setting of the dark web. Take the example of churches when they arguing against devil and hell – did this prevent crime? I bet not and the fight against the deep web is like the fight of churches against hell!

Sir Richard Tilt: Internet Watch Foundation (UK)

The internet is a great tool and valuable resource for people around the world and its positive impact on individual lives as well as whole societies should not be underestimated. Fundamental principles related to people’s right to information, to people’s right to express themselves, and many more key fundamental online rights are therefore of the utmost importance to ensure the internet keeps delivering its positive contribution to humanity. However, as in the offline world, there might be a measure of control necessary to ensure people’s rights are not violated.
The two basic questions that confront us here are 1) What kind of control is needed/wanted and 2) How can we organize these control mechanisms in a democratic, transparent and effective manner. While overarching internet principles provide strong guidance on the general direction of the internet, it is worthwhile to consider the boundaries of these principles and to discuss how an effective and proportionate measure of control can be organized, obviously within the context of the broader internet principles.  To organize this level of control, the internet provides us with a different set of challenges compared to those of the pre-internet era. The scale, speed and cross-border nature of the internet can be problematic for governments, law enforcers, judicial bodies as well as ordinary citizens and internet users in their efforts to ensure or enforce their own or other people’s rights. And how can we ensure that the level of control remains proportionate and doesn’t, in itself, become a violation of people’s rights?  Whether it is to fight online fraud, prevent the distribution of child sexual abuse material or to combat terrorism it is important to discuss these areas as to determine whether or not these constitute legitimate reasons to introduce any sort of limitations on, for instance, freedom of expression and if so, how these can be addressed in a proportionate and effective manner.
The IWF is fully aware that is occupies a very specific and unique place in the internet ecosystem and that its work raises a number of legitimate concerns regarding internet governance and people’s online rights. As such, the IWF requested an independent Human Rights Audit of its role, remit and procedures. This Human Rights Audit was conducted by Lord Ken MacDonald and provided a number of interesting outcomes for the IWF. Sir Richard Tilt will be able to elaborate on the Human Rights Audit and the additional safeguards the IWF has built into its procedures and processes to ensure it does not violate internet user’s rights.
I realize this is only one example, but I think it is key to the debate we want to stimulate. This debate is basically whether a system, which has a legitimate aim but (at its most basic level) impacts people’s rights can be acceptable if the necessary safeguards are in place (and if so, what safeguards are needed).
1. Internet cannot be completely free because that would impact on individual rights in the way that crime does in the non internet world.
2. An alliance between law enforcement, industry and government operated by an independent organization works well in the UK.
3.  The rights of children need the kind of protection the IWF provides.

Scroll to top