Protecting the global digital information ecosystem: a practical initiative

Ingolf Pernice, Walter Hallenstein-Institute for European Constitutional Law, Humboldt-Universität zu Berlin, Germany

PUBLISHED ON: 05 Mar 2019

Introduction

The digitisation of our societies comes along with a number of challenges and opportunities - the dimension of which are far from being assessed, not to say understood. While the internet allowing easy access of everybody to the general political discourse was for some time understood as a great opportunity for strengthening democracy, more recent developments depicted by buzzwords like “fake news”, “disinformation operations” and “psychographically microtargeted advertising” as practiced with the support of Cambridge Analytica are observed with great concern as fundamental threats to the functioning of democracy. 1 Not less than cyber attacks on industries, infrastructures and governments, such practices are difficult to control. In particular, their origine is difficult to localise and there is no technical instrument available for clear attribution. Yet, protecting our democratic systems seems to amount to a serious common concern of the United States, the European Union as well as all democracies around the globe.

While some countries have already taken legislative measures or – at least – drafted action plans aiming at protecting the internet, the public discourse and democracy from criminal and terrorist content as well as from hate speech, fake news and disinformation operations, 2 valid concerns are raised with regard to the respect for freedom of speech as the foundation of democracy. 3 The question, thus, how to adequately protect the deliberative process of building political will and to thereby ensure the legitimacy of the democratic process against all sorts of IT-driven attempts of manipulation remains open. The recent call of a high-level civil servant of the European Commission “for a new culture of incorporating the principles of democracy, rule of law and human rights by design in AI and a three-level technological impact assessment for new technologies like AI as a practical way forward for this purpose“ 4 indicates only one of the directions the political discussion may move to. But it also shows that the problem is not limited to one or the other country or continent but has a global dimension. It is a challenge to constitutionalism at a global level.

This is why all democracies have an interest in finding common approaches for tackling the new challenges to their own survival. Forums like the G7 and the G20 are as important for stimulating the discussion on concrete solutions and measures as is the Internet Governance Forum (IGF) and other multi-stakeholder initiatives. Academic research and conferences can provide material, analysis and ideas to feed this process of discovery.

With the aim to identifying some G7 interest in digital technology and democracy Eileen Donahoe, Fen Hampson, Gordon Smith (all CIGI - Centre for International Governance Innovation, Waterloo, Canada) and myself (HIIG - Humboldt Institute for Internet and Society, Berlin, Germany) back in 2017 decided to submit some thoughts and proposals to those preparing the G7 summit in Charlevoix, Québec, Canada, 8-9 June 2018. On the basis of our discussions my contribution to this collaborative initiative was the following draft statement, and I would like to particularly thank Eileen Donahoe for her substantial input and revision of this work.

While the attempt to introduce the draft statement formally in the preparatory work for the summit at an early stage was unsuccessful, it is interesting to see, nonetheless, that THE CHARLEVOIX G7 SUMMIT COMMUNIQUE in its point 15 raises – as a matter of “building a more peaceful and secure world” - some of the issues addressed by our draft as follows:

  1. We commit to take concerted action in responding to foreign actors who seek to undermine our democratic societies and institutions, our electoral processes, our sovereignty and our security as outlined in the Charlevoix Commitment on Defending Democracy from Foreign Threats. We recognize that such threats, particularly those originating from state actors, are not just threats to G7 nations, but to international peace and security and the rules-based international order. We call on others to join us in addressing these growing threats by increasing the resilience and security of our institutions, economies and societies, and by taking concerted action to identify and hold to account those who would do us harm. 5

The “Charlevoix Commitment on Defending Democracy from Foreign Threats“ referred to in this Communiqué, 6identifies more in detail the steps the leaders of the G7 intend to take. The formulation remains less concrete than our proposal. In particular, it could have been clearer on the global character of the problem and the close relationship of defending democracy against foreign attacks with other issues of cybersecurity and the due diligence obligations of states, industries and the individual. 7 It is to be understood as a challenge of global (internet) governance and international peace.

More work is to be done, therefore, and besides of many upcoming conferences and projects the IGF in Berlin (25-29 November 2019) presents an excellent multistakeholder forum where the issues could further be discussed with the aim of finding a consensus among all stakeholders on a declaration on the protection of the global digital information ecosystem along the lines of the following draft.

Draft G7 Charlevoix statement on the protection of the global digital information ecosystem

  1. Threat of misuse of digital technology and information: We, the Leaders of the G7, note with concern increased misuse of the internet and digital information both, by states and private actors, aimed at disturbing political processes in our democracies and in political systems throughout the world. We strongly condemn any malicious cyber activities like the manipulation of national elections, digital disinformation campaigns and psychographic targeting in election campaigns, and commit ourselves fully to abstain from such practices.
  2. Protection of the global digital information ecosystem: The effective protection of the digital information ecosystem is a condition for the full exercise of political freedoms and self-determination of peoples in modern democracies. We will take all necessary measures and call upon all stakeholders, to defend our globalised digital society against any threat or attempt to hamper further development of the benefits offered by digitisation of societies.
  3. Cyber threats against other states equivalent to violation of international law: We understand malicious cyber-activities against other states and their infrastructures, including digital offences by governments against the integrity of political processes and the public sphere of political discourse in foreign countries, as equivalent to an intervention into their internal affairs contrary to the principle of equal sovereignty embodied in Article 2 (1) of the Charter of the United Nations. Those activities constitute a breach of international law giving rise to countermeasures.
  4. Global cyber-security compact: With a view to avoiding distrust among states and a risk of escalation and conflict worldwide, we commit ourselves and strive to bring all countries together to agree upon a ‘global cyber-security compact’ compelling all governments to abstain from cyber-offences against other states or private parties and, in particular, from information operations and other intentional intervention into the democratic processes of other countries.
  5. Due diligence against cyber attacks: The international law principle of due diligence requiring each country to make every effort possible to prevent attacks by private actors from their territory against foreign countries, industries or people, equally applies to malicious cyber activities. This includes the prohibition of private parties to conduct such action. We commit ourselves and call all other governments to fully respect this principle and to agree upon concrete terms of its application in cyber space as part of the ‘global cyber-security compact’.
  6. Private sector responsibilities to develop resilient technology: We call upon IT companies such as communication service providers and platforms to develop resilient IT systems and share technologies to combat malicious activities in the cyber-sphere. Social media and search platforms should also apply algorithms and be prepared to detect and take down illegal hate speech and content that supports extremist, racist and terrorist propaganda. Illegal expression that can be identified as originating from unlawful bots or other automatic devices that distort the free and independent formation of political views, should also be restricted in full compliance with the human right to freedom of expression and international human rights law.
  7. Private sector global governance responsibilities: Corporate Social Responsibility (CSR) and the United Nations Guiding Principles on Business and Human Rights applicable to private sector companies are important elements of the global governance framework for business relations in the cyber realm and function as a corollary to state regulation and international law. It includes the duty to be responsive to concerns of individuals who feel offended in their rights by illegal conduct of IT companies or illegal content made publicly available through social media and platforms. We urge companies to establish easily available, rapid and efficient procedures to fairly answer private complaints against such acting and content, with due regard to the freedom of expression, and accordingly to take complaints against any unjustified take-down of lawful content.
  8. Multi-stakeholder collaboration to protect the global digital ecosystem: The protection of the digital information ecosystem can only be accomplished through common and coordinated efforts of states, businesses, the civil society and individual users. We commit to new and additional investment in education systems including universities to develop curricula, train teachers and media, and to undertake further research to ensure highest degrees of digital literacy, critical thinking, awareness for cyber-risks and diligence in the production and use of IT products throughout our societies. We consider these new efforts as being essential for ensuring a safe digital infrastructure and sustainable democratic resilience.
  9. Global information culture consistent with international human rights: We call for the establishment of a new global information culture, based upon the protection of international human rights standards and in particular, the fundamental freedom of expression, free access to information, to education and to culture, full respect of privacy and the protection of personal data. We understand these as guiding principles of our policies related to digitisation and security and as a condition for a prosperous development of our democracies. We commit ourselves to support civil society initiatives and other stakeholders in their endeavor to give effect to these principles, rights and values as part of the ongoing process of internet governance.

Footnotes

1. With some proposals for solution: Yochai Benkler, Robert Faris, and Hal Roberts, Network Propaganda. Manipulation, Disinformation, and Radicalization in American Politics (Oxford University Press, 2018). For operations in Europe and with regard to the Brexit-referendum see in particular the alarming account of Carole Cadwalladr, The great British Brexit robbery: how our democracy was hijacked, The Guardian, 7 May 2017, at: https://www.theguardian.com/technology/2017/may/07/the-great-british-brexit-robbery-hijacked-democracy (accessed 10 December 2018).

2. See the German Network Enforcement Law (“Gesetz zur Verbesserung der Rechtsdruchsetzung in sozialen Netzwerken, Netzwerkdurchsetzungsgesetz - NetzDG“) of 1 September 2017, available at: https://www.gesetze-im-internet.de/netzdg/BJNR335210017.html (accessed 8 December 2018), English translation: https://www.bmjv.de/SharedDocs/Gesetzgebungsverfahren/Dokumente/NetzDG_engl.pdf?__blob=publicationFile&v=2. For the initiatives of the European Union see, in particular the “Code of Practice against Disinformation“, where for the first time worldwide industry agreed, on a voluntary basis, to self-regulatory standards to fight disinformation, at: https://ec.europa.eu/digital-single-market/en/news/code-practice-disinformation (accessed 28 February 2019). See also the revised EU Cybersecurity Strategy: European Commission/High Representative of the Union For Foreign Affairs and Security Policy, Joint Communication to the European Parliament, the European Council, the Council, the European Economic and Social Committee and the Committee of the Regions “Action Plan Against Disinformation“, 5.12.2018, JOIN(2018) 36 final, p. 1, (Introduction) and pp. 5-11, mentioning four pillars and 10 actions, at: https://eeas.europa.eu/headquarters/headquarters-homepage_en/54866/Action%20Plan%20against%20Disinformation (accessed 13 February 2019). See also the Introduction to: European Commission, Joint Communication of the European Parliament and the Council, Resilience, Deterrence and Defence: Building strong cybersecurity for the EU, JOIN(2017) 450 final of 13 September 2017, at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52017JC0450&from=en (accessed 10 February 2019). For the United States see, in particular, The White House, National Cyber Strategy of the United States of America, September 2018, Introduction, pp. 1-2, and p. 9: “Protect our democracy”, at: https://www.whitehouse.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf, (accessed 10 February 2019).

3. Eileen Donahoe, Don’t Undermine Democratic Values in the Name of Democracy. How not to regulate social media, in The American Interest, 2017, at: https://www.the-american-interest.com/2017/12/12/179079/ (accessed 8 December 2018); see also: idem: Protecting Democracy from Online Disinformation Requires Better Algorithms, Not Censorship. In: Council on Foreign Relations, 21 August 2017, at: https://www.cfr.org/blog/protecting-democracy-online-disinformation-requires-better-algorithms-not-censorship (accessed 8 December 2018); for other critical comments see Mathias Hong, The German Network Entforcement Act and the Presumption in Favour of Freedom of Speech, in: Verfassungsblog 22 January 2018, at: https://verfassungsblog.de/the-german-network-enforcement-act-and-the-presumption-in-favour-of-freedom-of-speech/ (accessed 8 December 2018).

4. Paul Nemitz, Constitutional democracy and technology in the age of artificial intelligence, in: Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 15 October 2018, at: https://royalsocietypublishing.org/doi/full/10.1098/rsta.2018.0089 (accessed 10 December 2018).

5. See: https://g7.gc.ca/wp-content/uploads/2018/06/G7SummitCommunique.pdf (accessed 28 February 2019).

6. Available at: https://g7.gc.ca/wp-content/uploads/2018/06/DefendingDemocracyFromForeignThreats.pdf (accessed 28 February 2019).

7. More details: Ingolf Pernice, Global Cybersecurity Governance. A Constitutional Analysis, in: 7 Global Constitutionalism (2018), pp. 112-141.

Add new comment